last executing test programs: 10.912928266s ago: executing program 2 (id=1135): prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r3 = syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_PORT_GET(0xffffffffffffffff, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0x64, r3, 0x1, 0x70bd2b, 0x25dfdbfc, {0x35}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x73, 0x2}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}}]}, 0x64}}, 0x0) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x1, [], 0x0, [0x1, 0x2, 0xfffe, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x8000, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}]}, 0x88}, 0x1, 0x0, 0x0, 0x44}, 0x20000000) r5 = socket$kcm(0x10, 0x2, 0x0) write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[@ANYBLOB="364000002600913e"], 0xfe33) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0185879, &(0x7f0000000000)={@desc={0x1, 0x0, @desc2}}) r6 = open(&(0x7f0000000040)='./bus\x00', 0x80242, 0x0) ftruncate(r6, 0x2007ffc) sendfile(r6, r6, 0x0, 0x2000000000006) 7.494395256s ago: executing program 2 (id=1138): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$wireguard(0x0, r0) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f00000000c0)={'wg2\x00', 0x0}) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001640)=ANY=[@ANYBLOB='D\n\x00\x00', @ANYRES16=r1, @ANYBLOB="05002abd7000fddbdf2501000000060006004e240000fc0908802804008024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0004098070000080060001000a00000014000200fe80000000000000000000000000000a0500030000000000060001000a00000014000200fe8000000000000000000000000000aa0500030001000000060001000a00000014000200fe8000000000000000000000000000aa0500030003000000a0000080060001000a0000001400020000000000000000000000ffff640101010500030000000000060001000a00000014000200fe8000000000000000000000000000bb0500030002000000060001000200000008000200ac1414aa0500030002000000060001000a00000014000200fc00000000000000000000000000000105000300020000000600010002000000080002000a010102050003000103000000000080060001000200000008000200ac1e01010500030000000000060001000a00000014000200000000000000000000000000000000000500030000000000060001000200000008000200ac1414bb0500030006000000060001000a00000014000200fe8000000000000000000000000000420500030001000000060001000a00000014000280fc02000000000000000000000000000105000300020000000600010002000000080002007f0000010500030002000000060001000200000008000200000000000500030002000000ac000080060001000200000008000200ac1414aa0500030001000000060001000a00000014000200fc00000000000000000000000000000005000300020000000600010002000000080002000a01010105000300000000000600010002000000080002007f0000010500030001000000060001000200000008000200e00000010500030001000000060001000a0000001400020020010000000000000000000000000001050003000200000064000080060001000a00000014000200fe8000000000000000000000000000bb0500030001000000060001000a00000014000200ff0100000000000000000000000000010500030002000000060001000200000008000200ac1414aa05000300000000000c010080060001000200000008000200000000000500030001000000060001000a00000014000200fe8000000000000000000000000000410500030003000000060001000a00000014000200ff0100000000000000000000000000010500030000000000060001000a00000014000200fc0100000000000000000000000000010500030000000000060001000a00000014000200fc0200000000000000000000000000000500030003000000060001000200000008000200ac1414aa0500030003000000060001000a00000014000200fc0200000000000000000000000000010500030001000000060001000a00000014000200fe80000000000000000000000000002b050003000200000040000080080003000000000008000a000100000024000100f44db767a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b392208000300030000008c00008024000100975c9d81c983c8209ee781254b899f8ed925ae9f0923c23c62f53c57cdbf691c24000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b392208000a000100000024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b1400040002004e22000000000000000000000000040500807002098094000080060001000a00000014000200000000000000000000000000000000000500030002000000060001000200000008000200ffffffff0500030000000000060001000200000008000200e000000105000300020000000600010002000000080002007f0000010500030002000000060001000a000000140002000000000000000000000000000000000105000300010000004c000080060001000200000008000200ac1414bb0500030002000000060001000200000008000200640100fe0500030001000000060001000200000008000200ac1414bb0500030002000000e8000080060001000a00000014000200200100000000000000000000000000010500030000000000060001000200000008000200e000000205000300020000000600010002000000080002006401010005000300020000000600010002000000080002007f00000105000300010000000600010002000000080002007f0000010500030001000000060001000a00000014000200fe8000000000000000000000000000bb0500030002000000060001000200000008000200e00000010500030003000000060001000a00000014000200200100000000000000000000000000020500030001000000880000800600010002000000080002000000000005000300000000000600010002000000080002006401010205000300000000000600010002000000080002007f0000010500030003000000060001000a00000014000200200100000000000000000000000000000500030001000000060001000200000008000200ac14142d05000300010000001c000080060001000200000008000200ffffffff0500030003000000080003000200000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b39221c02098058000080060001000200000008000200000000000500030003000000060001000200000008000200ac1414aa0500030001000000060001000a00000014000200fe880000000000000000000000000101050003000100000040000080060001000200000008000200ac1e00010500030001000000060001000a0000001400020000000000000000000000ffff0a010102050003000300000000010080060001000200000008000200ac1e00010500030000000000060001000a00000014000200fe8800000000000000000000000000010500030003000000060001000200000008000200000000000500030002000000060001000200000008000200ffffffff0500030000000000060001000a00000014000200ff0200000000000000000000000000010500030000000000060001000a00000014000200200100000000000000000000000000010500030003000000060001000200000008000200e000000105000300000000000600010002000000080002007f00000105000300020000000600010002000000080002000a010100050003000000000064000080060001000200000008000200ac1414aa0500030000000000060001000a00000014000200fe8000000000000000000000000000aa0500030000000000060001000a000000140002002001000000000000000000000000000205000300010000001c000080060001000200000008000200ac141416050003000100000024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b240002000f1b8b82264208ab1a2dce776c03b9f348f500ef8e7606466943f5ba2ae2881e08000100", @ANYRES32=r2, @ANYBLOB="240003"], 0xa44}, 0x1, 0x0, 0x0, 0x4000}, 0x40) 6.601770921s ago: executing program 0 (id=1142): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="12000000440000000400000002"], 0x50) socketpair(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000600), &(0x7f0000000480)=@tcp=r1}, 0x20) socket$inet6_udp(0xa, 0x2, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r0, &(0x7f0000000080)="cc", &(0x7f0000000000)=@tcp6=r1, 0x1}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000380)={r0, &(0x7f0000000140), 0x0, 0x1}, 0x20) 6.558870823s ago: executing program 1 (id=1143): r0 = socket(0x2, 0x80805, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @private1, 0x9}]}, &(0x7f00000002c0)=0x10) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f00000004c0)=0x8) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000080)={r2, 0x8001}, 0x8) getsockopt$bt_hci(r0, 0x84, 0x7f, &(0x7f0000000080)=""/4050, 0x0) 6.327453384s ago: executing program 0 (id=1144): syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x200000, &(0x7f0000000040)={[{@grpquota}]}, 0x1, 0xbac, &(0x7f0000002380)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtKxk5nGdGaOSX8/eHPe97wn8zxPTmfOe2BOA3hqTWc/0ohDEXE2iZis708jYqjaG4nYrB13/+7l+awlUam8/VsSSUTcu3t5vvFaSX07Xh+MRMTN15L490etcVfXN5bnyuXSSn18dO38paOr6xuvLJ2fO1c6V7pwYvbVE7MnZ2e7WOvtS+998cwPbzx/9frHM29+fuC7JE7HRH2uuY5umY7prb9Js0JEzHU7WE4G6vU015kUckwIAICO0qY13H9jMgbi4eJtMr79MdfkAAAAgK6oDERUAAAAgH0ucf8PAAAA+1zjewD37l6eb7R8v5HQX3fORMRUrf7G8821mUJsVrcjMRgRY78n0fxYa1L7tSc2nUX6+vtS1qJHzyF3snklIv6/3flPqvVPVZ/ibq0/jYiZLsSffmS8l+o/3YX4edcPwNPpxpnahaz1+pdurX9im+tfYZtr127kff1rrP/ut6z/HtY/0Gb999YOYxx+8NLNdnPN6793P/l5IYufbZ+oqL/hzpWIw4Xt6k+26k/a1H92hzHG529fazeX1Z/V22j9rr9yPeJIdTXXWn9D0un/Jzq6uFQuzdR+bvP66yc7x28+/1nL4jfuBfohO/9jsbvzf2mHMab+9+uhdnOPrz/9ZSh5p9obqu/5cG5tbeVYxFDyeuv+451zaRzTeI2s/hef6/z+367+7DNhs/53yP71XKlvs/HVR2KOHzn+1e7r762s/oVdnv9Pdxjjy2+uvd9uLu/6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgb0oiYiCQtbvXTtFiMGI+I/8RYWr64uvby4sUPLixkcxFTMZguLpVLMxExWRsn2fhYtf9wfPyR8WxEHIyIzyZHq+Pi/MXyQt7FAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsGU8IiYiSYsRkUbEH5NpWizmnRUAAADQdVN5JwAAAAD0nPt/AAAA2P9a7v8LfxmN9DMXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9qWDz964lUTE5qnRassM1ecGc80M6LV0Z4eN9ToPoP8G8k4AyE2hqV+pVCo5pgL0mXt8IHnM/EjbmeGu5wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAP9cLh27cSiJi89RotWWG6nODuWYG9FqadwJAbgY6TSaP3QHsYYW8EwBy4x4fqK3sH1RqWudH2v7m8BNHBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDvmKi2JC1GRFrtp2mxGPGviJiKwWRxqVyaiYgDEfHT5OBwNj6Wd9IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB03er6xvJcuVxa0dHR6WJnNPoWa7T+Zm5zzHD7qQ6dnD+YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADIxer6xvJcuVxaWc07EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACBvq+sby3Plcmmlh528awQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID9/BgAA///GyAmy") mkdir(&(0x7f0000000480)='./bus\x00', 0x0) setxattr$system_posix_acl(&(0x7f0000000000)='./bus\x00', 0x0, &(0x7f00000000c0)={{}, {}, [], {}, [], {0x10, 0x6}, {0x20, 0x1}}, 0x24, 0x0) rmdir(&(0x7f0000000040)='./bus\x00') 6.184165962s ago: executing program 2 (id=1146): prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003b40)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f640d967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c8348100"/4195, @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES64], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN") r3 = syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_PORT_GET(0xffffffffffffffff, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0x64, r3, 0x1, 0x70bd2b, 0x25dfdbfc, {0x35}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x73, 0x2}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}}]}, 0x64}}, 0x0) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x1, [], 0x0, [0x1, 0x2, 0xfffe, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x8000, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}]}, 0x88}, 0x1, 0x0, 0x0, 0x44}, 0x20000000) r5 = socket$kcm(0x10, 0x2, 0x0) write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[@ANYBLOB="364000002600913e"], 0xfe33) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0185879, &(0x7f0000000000)={@desc={0x1, 0x0, @desc2}}) r6 = open(&(0x7f0000000040)='./bus\x00', 0x80242, 0x0) ftruncate(r6, 0x2007ffc) sendfile(r6, r6, 0x0, 0x2000000000006) 5.858738988s ago: executing program 0 (id=1148): shmget$private(0x0, 0x4000, 0x1a81, &(0x7f0000ffa000/0x4000)=nil) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r2 = socket$unix(0x1, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000000)={'vxcan0\x00', 0x0}) r4 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r4, &(0x7f0000000200)={0x1d, r3}, 0x10) sendmsg$can_bcm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="01000000d7fe68ca7e4d5d5bdbe70000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r3, @ANYRES64=r2, @ANYBLOB="3bf81bb9e9"], 0x20000600}}, 0x0) sendmsg$sock(r4, &(0x7f0000001940)={&(0x7f00000002c0)=@sco={0x1f, @none}, 0x80, &(0x7f0000000000), 0x5, &(0x7f00000008c0)=[@timestamping={{0x14}}], 0x18}, 0x0) 4.676029917s ago: executing program 1 (id=1149): sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)=ANY=[@ANYBLOB="14000000000000002900000000000014000000000000002900000034000000fd"], 0x188}}], 0x1, 0x810) ioctl$NILFS_IOCTL_GET_VINFO(0xffffffffffffffff, 0xc0186e86, &(0x7f0000000580)={&(0x7f0000000540)=[{0x7d0d, 0xffffffff, 0x1, 0x2}], 0x1, 0x20, 0xd6ae, 0x2}) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) getsockopt$bt_hci(r1, 0x84, 0x81, &(0x7f0000001280)=""/4107, &(0x7f00000000c0)=0x100b) sendmsg(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000640)="3013f93f6a23826aeaa571d88a1fc628ec108a", 0x13}], 0x1, &(0x7f0000000340)=ANY=[@ANYBLOB="10000000001d83000744d63c000100000008"], 0x10}, 0x40000) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r3 = accept4(r2, 0x0, 0x0, 0x800) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB], 0x6f4}}, 0x0) 4.506194955s ago: executing program 1 (id=1151): add_key$user(0x0, 0x0, &(0x7f0000000080)="a1", 0x1, 0xffffffffffffffff) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="440000001000010029bd7000ffdbdf2500000000", @ANYRES32=r2, @ANYBLOB="100804002010000024001280110001006272696467655f736c618c65000000000c0005800500"], 0x44}, 0x1, 0x0, 0x0, 0x404c1}, 0x40040d4) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x20044040) 4.40396528s ago: executing program 2 (id=1152): r0 = epoll_create1(0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000100)={0x20000014}) unshare(0x2c020400) pselect6(0x40, &(0x7f0000000000)={0xa, 0x80000001, 0x2, 0x10000000000006, 0x12, 0x8, 0x80000000, 0x8}, 0x0, 0x0, 0x0, 0x0) 3.59808185s ago: executing program 1 (id=1153): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r0 = socket(0x400000000010, 0x3, 0x0) r1 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}, 0x1, 0x0, 0x0, 0x50}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newtfilter={0x30, 0x2c, 0xd27, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x7}, {}, {0x7, 0xe}}, [@filter_kind_options=@f_fw={{0x7}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x84}, 0x8000) r3 = socket(0x400000000010, 0x3, 0x0) r4 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@gettfilter={0x24, 0x2e, 0x205, 0x70bd2c, 0x25dfdafd, {0x0, 0x0, 0x0, r5, {0xc, 0xc}, {0x0, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x24000820}, 0x4041080) 3.355640123s ago: executing program 3 (id=1155): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0) r3 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0) prlimit64(r0, 0xc, &(0x7f0000000180)={0x8, 0x6}, &(0x7f0000000f80)) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r3, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)=ANY=[@ANYBLOB="240000000408010200000000000000000a00000705000300110000000600026000080000"], 0x24}}, 0x4) socket$nl_netfilter(0x10, 0x3, 0xc) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000100)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x9}}, './file0\x00'}) syz_emit_ethernet(0x4e, &(0x7f0000000000)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dd708", 0x18, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@window={0x3, 0x3, 0x96}]}}}}}}}}, 0x0) sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000800)=@newlink={0x7c, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, [@IFLA_LINKINFO={0x5c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4c, 0x2, 0x0, 0x1, [@IFLA_MACSEC_SCI={0xc, 0x1, 0x2000000040000}, @IFLA_MACSEC_ICV_LEN={0x5, 0x3, 0x8}, @IFLA_MACSEC_INC_SCI={0x5, 0x9, 0x5}, @IFLA_MACSEC_ENCODING_SA={0x5, 0x6, 0x8}, @IFLA_MACSEC_REPLAY_PROTECT={0x5, 0xc, 0x8}, @IFLA_MACSEC_ICV_LEN={0x5, 0x3, 0xf7}, @IFLA_MACSEC_ES={0x5, 0xa, 0x91}, @IFLA_MACSEC_SCI={0xc, 0x1, 0xffffffffffffffff}]}}}]}, 0x7c}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./file0\x00', 0x180c8, &(0x7f00000006c0)=ANY=[@ANYBLOB="6e66732c646f74732c636865636b3d7374726963742c646f74732c6572726f72733d72656d6f756e742d726f2c00fc403bb14281bbfb9b8213bd6284536d64789a24dd73b98b3e33cb47fed8a736464bb62e9e891aa832722dfc28bfa4489b3a127a503e72326b737d0f67c97be6f37ef46154dec39ef8718946ffc8cd4d735a0b101c1722477bbe2f923577ea51f7116f17c3ddf5c497fba2d0bb3272d123b31e9461d4e2d65a42e1174fa269de92e463fc1ca202650fe2628e15341e45dce6c0de2367bdb50cc5b2b462e1d45fc3265f1a88561ab6afb1b73a3b340b5c73055fc6e601843a59f3cdeb36991cfa985453287d4c9d2d6e21adddc57a607369c682e821b20dc0efd51d12f386f3f8e53c05e696e50c7c3f79b1b0bd7e5cfaf3f63d8949c8dd2fd94aa0f259a4cb9412c30c45f9d4d63d267d2a43f03a47fa56b3"], 0x1, 0x242, &(0x7f0000000300)="$eJzs3bFqFFEUBuBjskmWNKYWiwEbq0WtbBeJIA4IK1No5UC0SUSYNKPVPIbP4CP5GKnSjZhZsklcbczm7s58Hyz3wM/Cuc3eLc6d+fDw8/HRl9NP7c/vMR5nMYpo2jbiILZiOzr35uvWRb0bVzUBAGya2aycpu6B1aqqabkTEXt/JMWPJA0BAAAAAAAAAADw35bN/8e5+X8A6DPz//1XVdNyf/7/7Trz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEA65217v/3HJ3V/AMDtc/4DwPA4/wFgeJz/ADA8b9+9fz3N88NZlo0jzpq6qItu7fKXr/LDJ9mFg8W3zuq62L7Mn3Z5dj3fif15/mxpvhuPH3X57+zFm/xGvhdHq98+AAAAAAAAAAAAAAAAAAAArIVJdmnp/f7J5G95V115PsCN+/ujeDC6s20AAAAAAAAAAAAAAAAAAADARjv9+u24PDn5WCl6U8TztWjjrouItWijL0XqXyYAAAAAAAAAAAAAAAAAABiexaXf1J0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQDqL9/+vroiIpu2k3i4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQY78CAAD//139ms4=") syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff) syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2901401, 0x0, 0x0, 0x0, &(0x7f000009de00)) rename(&(0x7f0000000180)='./file0\x00', &(0x7f0000000a00)='./bus/file0\x00') sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000003c0)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x24000805}, 0x90) socket$nl_xfrm(0x10, 0x3, 0x6) socket$kcm(0x2, 0x3, 0x2) socket$kcm(0x10, 0x2, 0x4) 3.109390555s ago: executing program 0 (id=1156): syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x200000, &(0x7f0000000040)={[{@grpquota}]}, 0x1, 0xbac, &(0x7f0000002380)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtKxk5nGdGaOSX8/eHPe97wn8zxPTmfOe2BOA3hqTWc/0ohDEXE2iZis708jYqjaG4nYrB13/+7l+awlUam8/VsSSUTcu3t5vvFaSX07Xh+MRMTN15L490etcVfXN5bnyuXSSn18dO38paOr6xuvLJ2fO1c6V7pwYvbVE7MnZ2e7WOvtS+998cwPbzx/9frHM29+fuC7JE7HRH2uuY5umY7prb9Js0JEzHU7WE4G6vU015kUckwIAICO0qY13H9jMgbi4eJtMr79MdfkAAAAgK6oDERUAAAAgH0ucf8PAAAA+1zjewD37l6eb7R8v5HQX3fORMRUrf7G8821mUJsVrcjMRgRY78n0fxYa1L7tSc2nUX6+vtS1qJHzyF3snklIv6/3flPqvVPVZ/ibq0/jYiZLsSffmS8l+o/3YX4edcPwNPpxpnahaz1+pdurX9im+tfYZtr127kff1rrP/ut6z/HtY/0Gb999YOYxx+8NLNdnPN6793P/l5IYufbZ+oqL/hzpWIw4Xt6k+26k/a1H92hzHG529fazeX1Z/V22j9rr9yPeJIdTXXWn9D0un/Jzq6uFQuzdR+bvP66yc7x28+/1nL4jfuBfohO/9jsbvzf2mHMab+9+uhdnOPrz/9ZSh5p9obqu/5cG5tbeVYxFDyeuv+451zaRzTeI2s/hef6/z+367+7DNhs/53yP71XKlvs/HVR2KOHzn+1e7r762s/oVdnv9Pdxjjy2+uvd9uLu/6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgb0oiYiCQtbvXTtFiMGI+I/8RYWr64uvby4sUPLixkcxFTMZguLpVLMxExWRsn2fhYtf9wfPyR8WxEHIyIzyZHq+Pi/MXyQt7FAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsGU8IiYiSYsRkUbEH5NpWizmnRUAAADQdVN5JwAAAAD0nPt/AAAA2P9a7v8LfxmN9DMXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9qWDz964lUTE5qnRassM1ecGc80M6LV0Z4eN9ToPoP8G8k4AyE2hqV+pVCo5pgL0mXt8IHnM/EjbmeGu5wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAP9cLh27cSiJi89RotWWG6nODuWYG9FqadwJAbgY6TSaP3QHsYYW8EwBy4x4fqK3sH1RqWudH2v7m8BNHBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDvmKi2JC1GRFrtp2mxGPGviJiKwWRxqVyaiYgDEfHT5OBwNj6Wd9IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB03er6xvJcuVxa0dHR6WJnNPoWa7T+Zm5zzHD7qQ6dnD+YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADIxer6xvJcuVxaWc07EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACBvq+sby3Plcmmlh528awQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID9/BgAA///GyAmy") mkdir(&(0x7f0000000480)='./bus\x00', 0x0) setxattr$system_posix_acl(&(0x7f0000000000)='./bus\x00', 0x0, &(0x7f00000000c0)={{}, {}, [], {}, [], {0x10, 0x6}, {0x20, 0x1}}, 0x24, 0x0) rmdir(&(0x7f0000000040)='./bus\x00') 2.153122262s ago: executing program 1 (id=1157): timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)) fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5}) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000140)={[0x9]}, 0x8, 0x80800) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff6000/0x3000)=nil, &(0x7f0000ff2000/0x1000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r2 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc724, 0xc000, 0xa, 0x3c}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x0, 0xfff0}, {0xe, 0xffff}}}, 0x24}}, 0x0) setsockopt$sock_int(r0, 0x1, 0x21, &(0x7f0000000000)=0x6, 0x4) r3 = socket$inet_sctp(0x2, 0x1, 0x84) timerfd_gettime(r1, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000180)=0xb4) io_uring_enter(r2, 0x2219, 0x7721, 0x16, 0x0, 0x0) r4 = mq_open(&(0x7f0000000480)='!sel\x00\x00\x00\x10\x00\x00\x00\x00\xd7\\P\xc1\xde.O\xcb]0y\x00\x00\x00\x00\x00\x00\x00\x00', 0x6e93ebbbcc0884f2, 0x196, &(0x7f0000000440)={0x2000000000002000, 0x1, 0x56, 0x3}) mq_timedsend(r4, 0x0, 0x0, 0x0, 0x0) mq_timedsend(r4, 0x0, 0x0, 0x9, 0x0) 2.00067718s ago: executing program 0 (id=1158): r0 = socket(0x2, 0x80805, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @private1, 0x9}]}, &(0x7f00000002c0)=0x10) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f00000004c0)=0x8) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000080)={r2, 0x8001}, 0x8) getsockopt$bt_hci(r0, 0x84, 0x7f, &(0x7f0000000080)=""/4050, 0x0) 1.766105042s ago: executing program 3 (id=1159): sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)=ANY=[@ANYBLOB="14000000000000002900000000000014000000000000002900000034000000fd"], 0x188}}], 0x1, 0x810) ioctl$NILFS_IOCTL_GET_VINFO(0xffffffffffffffff, 0xc0186e86, &(0x7f0000000580)={&(0x7f0000000540)=[{0x7d0d, 0xffffffff, 0x1, 0x2}], 0x1, 0x20, 0xd6ae, 0x2}) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) getsockopt$bt_hci(r1, 0x84, 0x81, &(0x7f0000001280)=""/4107, &(0x7f00000000c0)=0x100b) sendmsg(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000640)="3013f93f6a23826aeaa571d88a1fc628ec108a", 0x13}], 0x1, &(0x7f0000000340)=ANY=[@ANYBLOB="10000000001d83000744d63c000100000008"], 0x10}, 0x40000) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r3 = accept4(r2, 0x0, 0x0, 0x800) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB], 0x6f4}}, 0x0) 1.364266781s ago: executing program 3 (id=1160): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x8, 0x2, 0x0, 0x1}, 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x1b, 0x3, 0x0, 0x0, 0x4}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{r1}, &(0x7f0000000400), &(0x7f0000000440)=r0}, 0x20) 1.256050007s ago: executing program 3 (id=1161): add_key$user(0x0, 0x0, &(0x7f0000000080)="a1", 0x1, 0xffffffffffffffff) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="440000001000010029bd7000ffdbdf2500000000", @ANYRES32=r2, @ANYBLOB="100804002010000024001280110001006272696467655f736c618c65000000000c0005800500"], 0x44}, 0x1, 0x0, 0x0, 0x404c1}, 0x40040d4) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x20044040) 1.094730725s ago: executing program 3 (id=1162): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() getrlimit(0x2, &(0x7f0000000040)) sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prlimit64(0x0, 0xd, 0x0, 0x0) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, 0x0, 0x0) sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000002d80)={0x0, 0x0, &(0x7f0000002d40)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0x30}}, 0x0) sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x3c, 0x2, 0x3, 0x5, 0x0, 0x0, {0x2}, [@NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x3ff}, @NFQA_CFG_PARAMS={0x9, 0x2, {0x400}}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x909}, @NFQA_CFG_PARAMS={0x9, 0x2, {0x34, 0x2}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40049d1}, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=@newnexthop={0x30, 0x68, 0x1, 0x100003, 0x7ffffffd, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x15}]}, @NHA_RES_GROUP={0x4}, @NHA_GROUP_TYPE={0x6, 0x3, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x4008018}, 0x4000080) 937.665903ms ago: executing program 2 (id=1163): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000100), r0) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, 0x0) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001640)=ANY=[@ANYBLOB='D\n\x00\x00', @ANYRES16=r1, @ANYBLOB="05002abd7000fddbdf2501000000060006004e240000fc0908802804008024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0004098070000080060001000a00000014000200fe80000000000000000000000000000a0500030000000000060001000a00000014000200fe8000000000000000000000000000aa0500030001000000060001000a00000014000200fe8000000000000000000000000000aa0500030003000000a0000080060001000a0000001400020000000000000000000000ffff640101010500030000000000060001000a00000014000200fe8000000000000000000000000000bb0500030002000000060001000200000008000200ac1414aa0500030002000000060001000a00000014000200fc00000000000000000000000000000105000300020000000600010002000000080002000a010102050003000103000000000080060001000200000008000200ac1e01010500030000000000060001000a00000014000200000000000000000000000000000000000500030000000000060001000200000008000200ac1414bb0500030006000000060001000a00000014000200fe8000000000000000000000000000420500030001000000060001000a00000014000280fc02000000000000000000000000000105000300020000000600010002000000080002007f0000010500030002000000060001000200000008000200000000000500030002000000ac000080060001000200000008000200ac1414aa0500030001000000060001000a00000014000200fc00000000000000000000000000000005000300020000000600010002000000080002000a01010105000300000000000600010002000000080002007f0000010500030001000000060001000200000008000200e00000010500030001000000060001000a0000001400020020010000000000000000000000000001050003000200000064000080060001000a00000014000200fe8000000000000000000000000000bb0500030001000000060001000a00000014000200ff0100000000000000000000000000010500030002000000060001000200000008000200ac1414aa05000300000000000c010080060001000200000008000200000000000500030001000000060001000a00000014000200fe8000000000000000000000000000410500030003000000060001000a00000014000200ff0100000000000000000000000000010500030000000000060001000a00000014000200fc0100000000000000000000000000010500030000000000060001000a00000014000200fc0200000000000000000000000000000500030003000000060001000200000008000200ac1414aa0500030003000000060001000a00000014000200fc0200000000000000000000000000010500030001000000060001000a00000014000200fe80000000000000000000000000002b050003000200000040000080080003000000000008000a000100000024000100f44db767a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b392208000300030000008c00008024000100975c9d81c983c8209ee781254b899f8ed925ae9f0923c23c62f53c57cdbf691c24000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b392208000a000100000024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b1400040002004e22000000000000000000000000040500807002098094000080060001000a00000014000200000000000000000000000000000000000500030002000000060001000200000008000200ffffffff0500030000000000060001000200000008000200e000000105000300020000000600010002000000080002007f0000010500030002000000060001000a000000140002000000000000000000000000000000000105000300010000004c000080060001000200000008000200ac1414bb0500030002000000060001000200000008000200640100fe0500030001000000060001000200000008000200ac1414bb0500030002000000e8000080060001000a00000014000200200100000000000000000000000000010500030000000000060001000200000008000200e000000205000300020000000600010002000000080002006401010005000300020000000600010002000000080002007f00000105000300010000000600010002000000080002007f0000010500030001000000060001000a00000014000200fe8000000000000000000000000000bb0500030002000000060001000200000008000200e00000010500030003000000060001000a00000014000200200100000000000000000000000000020500030001000000880000800600010002000000080002000000000005000300000000000600010002000000080002006401010205000300000000000600010002000000080002007f0000010500030003000000060001000a00000014000200200100000000000000000000000000000500030001000000060001000200000008000200ac14142d05000300010000001c000080060001000200000008000200ffffffff0500030003000000080003000200000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b39221c02098058000080060001000200000008000200000000000500030003000000060001000200000008000200ac1414aa0500030001000000060001000a00000014000200fe880000000000000000000000000101050003000100000040000080060001000200000008000200ac1e00010500030001000000060001000a0000001400020000000000000000000000ffff0a010102050003000300000000010080060001000200000008000200ac1e00010500030000000000060001000a00000014000200fe8800000000000000000000000000010500030003000000060001000200000008000200000000000500030002000000060001000200000008000200ffffffff0500030000000000060001000a00000014000200ff0200000000000000000000000000010500030000000000060001000a00000014000200200100000000000000000000000000010500030003000000060001000200000008000200e000000105000300000000000600010002000000080002007f00000105000300020000000600010002000000080002000a010100050003000000000064000080060001000200000008000200ac1414aa0500030000000000060001000a00000014000200fe8000000000000000000000000000aa0500030000000000060001000a000000140002002001000000000000000000000000000205000300010000001c000080060001000200000008000200ac141416050003000100000024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b240002000f1b8b82264208ab1a2dce776c03b9f348f500ef8e7606466943f5ba2ae2881e08000100", @ANYRES32, @ANYBLOB="240003"], 0xa44}, 0x1, 0x0, 0x0, 0x4000}, 0x40) 635.294208ms ago: executing program 1 (id=1164): openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x1, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000001c0)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x7ffe}, 0x50) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000200)={[{@nombcache}, {@journal_dev={'journal_dev', 0x3d, 0xff}}, {@nombcache}, {@nobarrier}, {@init_itable}, {@errors_remount}]}, 0x1, 0x569, &(0x7f00000002c0)="$eJzs3U1rXFUfAPD/nWT6/jxNoRQVkYALK7WTJvGlgou61mJB93VIbkPJpFMyk9LEgu3CrqW4EQviXly7LH4BF36GghaKlKALN5E7uTOdJDPJtJ0mU+f3g1vOuS8598y5/9NzcmYyAQyt8eyfQsTLEfF1EnE0IpL82GjkB8fXz1t9dGMm25JYW/v0z6RxXpZv/qzmdYfzzEsR8ctXEacKW8utLa/MlyuVdDHPT9QXrk7UlldOX14oz6Vz6ZWp6emz70xPvf/eu32r65sX/v72k3sjee7YnSTOxZE8116PZ3CzPTMe4/lrUoxzm06c7ENhgyTpuPenXb8PnsxIHufFyPqAozGSRz3w3/dlRKwBQyp54vj/rfh87gTYXc1xQHNu36d58Avj4YfrE6Ct9R9d/91IHGjMjQ6tJhtmRtl8d6wP5Wdl/PzH3TvZFv37PQTAjm7eiogzo6Nb+78k7/+e3pkeztlchv4Pds+9bPzzVqfxT6E1/okO45/DHWL3aewc/4UHfSimq2z890HH8W9r0WpsJM/9rzHmKyaXLlfSrG/7f0ScjOL+LL/des7Z1ftr3Y61j/+yLSu/ORbM7+PB6P6N18yW6+VnqXO7h7ciXuk4/k1a7Z90aP/s9bjQYxkn0ruvdTu2c/2fr7UfIt7o2P6PV7SS7dcnJxrPw0Tzqdjqr9snfu1W/l7XP2v/Q9vXfyxpX6+ttV890lMZ3x/4J43WevJGG+ofvT//+5LPGul9+b7r5Xp9cTJiX/Jxa3+huX/q8bXNfPP8rP4nX9++/+v0/B+MiM97qn3E7eM/vtrt2CC0/2zH9m/Nbje1/5Mn7n/0xXfdyu+t/3u7kTqZ7+ml/+v1Bp/ltQMAAAAAAIBBU4iII5EUSq10oVAqrb+/43gcKlSqtfqpS9WlK7PR+KzsWBQLzZXuo23vh5jMVwyb+alN+emIOBYR34wcbORLM9XK7F5XHgAAAAAAAAAAAAAAAAAAAAbE4S6f/8/8vvXPux/Y/TsEnitf+Q3Da8f478c3PQEDyf//MLzEPwwv8Q/DS/zD8BL/MLzEPwwv8Q/DS/wDAAAAAAAAAAAAAAAAAAAAAAAAAABAX104fz7b1lYf3ZjJ8rPXlpfmq9dOz6a1+dLC0kxpprp4tTRXrc5V0tJMdWGnn1epVq9OTsXS9Yl6WqtP1JZXLi5Ul67UL15eKM+lF9PirtQKAAAAAAAAAAAAAAAAAAAAXiy15ZX5cqWSLkpIPFVidDBuQ6LPib3umQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgsX8DAAD//welMww=") syz_open_procfs(0x0, 0x0) lsetxattr$trusted_overlay_upper(&(0x7f0000000080)='./file1\x00', &(0x7f0000000840), &(0x7f0000000940)=ANY=[], 0x361, 0x0) setxattr$security_ima(&(0x7f0000000100)='./file1\x00', &(0x7f0000000140), &(0x7f00000013c0)=ANY=[], 0x700, 0x0) keyctl$KEYCTL_CAPABILITIES(0x1f, 0xffffffffffffffff, 0x97) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) r2 = socket$igmp(0x2, 0x3, 0x2) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'bond0\x00', 0x0}) r4 = syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) tgkill(r4, r4, 0x4) sendmsg$nl_xfrm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000f40)=ANY=[@ANYRES32=r3], 0x15c}, 0x1, 0x0, 0x0, 0x880}, 0x2094) lsetxattr$trusted_overlay_upper(&(0x7f0000000280)='./file1\x00', &(0x7f00000000c0), &(0x7f00000001c0)=ANY=[], 0xfe37, 0x0) 21.720508ms ago: executing program 3 (id=1165): r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}, 0x1, 0x0, 0x0, 0x50}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newtfilter={0x30, 0x2c, 0xd27, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x7}, {}, {0x7, 0xe}}, [@filter_kind_options=@f_fw={{0x7}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x84}, 0x8000) r4 = socket(0x400000000010, 0x3, 0x0) r5 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@gettfilter={0x24, 0x2e, 0x205, 0x70bd2c, 0x25dfdafd, {0x0, 0x0, 0x0, r6, {0xc, 0xc}, {0x0, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x24000820}, 0x4041080) 707.91µs ago: executing program 0 (id=1166): syz_io_uring_setup(0x6a29, &(0x7f0000000200)={0x0, 0x3, 0x800, 0x1, 0x171}, 0x0, 0x0) r0 = socket(0x10, 0x3, 0x0) set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)=@newqdisc={0x3c, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0x2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_ATM={0x8, 0x4, 0x2}]}}]}, 0x3c}}, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x101801, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000080)={'rose0\x00', 0x1003}) ioctl$TUNSETDEBUG(r3, 0x400454c9, 0xffffffffffffffff) ioctl$TUNGETSNDBUF(r3, 0x800454d3, &(0x7f0000002840)) ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000040)={0x6, &(0x7f0000000000)=[{0x2, 0x0, 0x0, 0x2}, {0x20}, {0x2, 0x0, 0xe}, {}, {0x5, 0x0, 0x4, 0x8}, {0x0, 0x0, 0x3, 0x420008}]}) socket$nl_xfrm(0x10, 0x3, 0x6) fsmount(0xffffffffffffffff, 0x0, 0x64) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000008c0)='./file1\x00', 0x1008490, &(0x7f0000000a40)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000001500)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=") r4 = open(&(0x7f00000000c0)='./file1\x00', 0x14927e, 0x6) fallocate(r4, 0x0, 0x2000000, 0x1001f3) fallocate(r4, 0x8, 0x0, 0x10000) accept4$x25(0xffffffffffffffff, 0x0, &(0x7f0000000540), 0x80000) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000580), 0x701800, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001740)=@bpf_tracing={0x1a, 0x9, &(0x7f00000005c0)=ANY=[@ANYBLOB="c3254000efffffff9170000104000000186400000800000000000000000000004358feff0800000018180000", @ANYRES32, @ANYBLOB="000000000000000018130000", @ANYRES32=0x1, @ANYBLOB='\x00\x00\f\x00\x00\x00\x00\x00'], &(0x7f0000000640)='syzkaller\x00', 0x6, 0x1000, &(0x7f0000000680)=""/4096, 0x41100, 0x21, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, &(0x7f0000001680)={0x5, 0x2}, 0x8, 0x10, &(0x7f00000016c0)={0x0, 0xd, 0x5, 0x9}, 0x10, 0x13de8, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000001700)=[{0x0, 0x3, 0x9, 0x8}], 0x10, 0x9}, 0x94) fsopen(&(0x7f0000001800)='9p\x00', 0x0) memfd_secret(0x80000) creat(&(0x7f0000000040)='./bus\x00', 0x0) 0s ago: executing program 2 (id=1167): syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x200000, &(0x7f0000000040)={[{@grpquota}]}, 0x1, 0xbac, &(0x7f0000002380)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtKxk5nGdGaOSX8/eHPe97wn8zxPTmfOe2BOA3hqTWc/0ohDEXE2iZis708jYqjaG4nYrB13/+7l+awlUam8/VsSSUTcu3t5vvFaSX07Xh+MRMTN15L490etcVfXN5bnyuXSSn18dO38paOr6xuvLJ2fO1c6V7pwYvbVE7MnZ2e7WOvtS+998cwPbzx/9frHM29+fuC7JE7HRH2uuY5umY7prb9Js0JEzHU7WE4G6vU015kUckwIAICO0qY13H9jMgbi4eJtMr79MdfkAAAAgK6oDERUAAAAgH0ucf8PAAAA+1zjewD37l6eb7R8v5HQX3fORMRUrf7G8821mUJsVrcjMRgRY78n0fxYa1L7tSc2nUX6+vtS1qJHzyF3snklIv6/3flPqvVPVZ/ibq0/jYiZLsSffmS8l+o/3YX4edcPwNPpxpnahaz1+pdurX9im+tfYZtr127kff1rrP/ut6z/HtY/0Gb999YOYxx+8NLNdnPN6793P/l5IYufbZ+oqL/hzpWIw4Xt6k+26k/a1H92hzHG529fazeX1Z/V22j9rr9yPeJIdTXXWn9D0un/Jzq6uFQuzdR+bvP66yc7x28+/1nL4jfuBfohO/9jsbvzf2mHMab+9+uhdnOPrz/9ZSh5p9obqu/5cG5tbeVYxFDyeuv+451zaRzTeI2s/hef6/z+367+7DNhs/53yP71XKlvs/HVR2KOHzn+1e7r762s/oVdnv9Pdxjjy2+uvd9uLu/6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgb0oiYiCQtbvXTtFiMGI+I/8RYWr64uvby4sUPLixkcxFTMZguLpVLMxExWRsn2fhYtf9wfPyR8WxEHIyIzyZHq+Pi/MXyQt7FAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsGU8IiYiSYsRkUbEH5NpWizmnRUAAADQdVN5JwAAAAD0nPt/AAAA2P9a7v8LfxmN9DMXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9qWDz964lUTE5qnRassM1ecGc80M6LV0Z4eN9ToPoP8G8k4AyE2hqV+pVCo5pgL0mXt8IHnM/EjbmeGu5wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAP9cLh27cSiJi89RotWWG6nODuWYG9FqadwJAbgY6TSaP3QHsYYW8EwBy4x4fqK3sH1RqWudH2v7m8BNHBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDvmKi2JC1GRFrtp2mxGPGviJiKwWRxqVyaiYgDEfHT5OBwNj6Wd9IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB03er6xvJcuVxa0dHR6WJnNPoWa7T+Zm5zzHD7qQ6dnD+YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADIxer6xvJcuVxaWc07EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACBvq+sby3Plcmmlh528awQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID9/BgAA///GyAmy") mkdir(&(0x7f0000000480)='./bus\x00', 0x0) setxattr$system_posix_acl(&(0x7f0000000000)='./bus\x00', &(0x7f0000000080)='system.posix_acl_default\x00', 0x0, 0x0, 0x0) rmdir(&(0x7f0000000040)='./bus\x00') kernel console output (not intermixed with test programs): 4967295 subj=unconfined pid=6259 comm="syz.0.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7ee6f9c799 code=0x7ffc0000 [ 152.641576][ C0] vkms_vblank_simulate: vblank timer overrun [ 153.003217][ T9] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 153.018880][ T9] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 153.030679][ T9] usb 2-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 153.047159][ T9] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 153.057139][ T28] audit: type=1326 audit(1773863389.803:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6259 comm="syz.0.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ee6f9c799 code=0x7ffc0000 [ 153.090951][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 153.099309][ T9] usb 2-1: Product: syz [ 153.104413][ T9] usb 2-1: Manufacturer: syz [ 153.109200][ T9] usb 2-1: SerialNumber: syz [ 153.250704][ T28] audit: type=1326 audit(1773863389.803:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6259 comm="syz.0.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ee6f9c799 code=0x7ffc0000 [ 153.273333][ C0] vkms_vblank_simulate: vblank timer overrun [ 153.477278][ T28] audit: type=1326 audit(1773863389.813:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6259 comm="syz.0.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f7ee6f5cfce code=0x7ffc0000 [ 153.524440][ T9] usb 2-1: can't set config #1, error -71 [ 153.551180][ T9] usb 2-1: USB disconnect, device number 3 [ 153.580374][ T28] audit: type=1326 audit(1773863389.813:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6259 comm="syz.0.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f7ee6f5cfce code=0x7ffc0000 [ 153.770168][ T5788] udevd[5788]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory [ 153.800223][ T5783] udevd[5783]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory [ 154.234993][ T6307] overlay: Unknown parameter '/' [ 154.275142][ T6309] netlink: 'syz.2.131': attribute type 6 has an invalid length. [ 154.649552][ T23] libceph: connect (1)[c::]:6789 error -101 [ 154.657039][ T23] libceph: mon0 (1)[c::]:6789 connect error [ 154.786516][ T6312] ceph: No mds server is up or the cluster is laggy [ 154.863392][ T6317] netlink: 40 bytes leftover after parsing attributes in process `syz.3.132'. [ 155.021555][ T6317] netlink: 'syz.3.132': attribute type 6 has an invalid length. [ 155.800802][ T28] kauditd_printk_skb: 13 callbacks suppressed [ 155.800820][ T28] audit: type=1326 audit(1773863396.483:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6316 comm="syz.3.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e1039c799 code=0x7ffc0000 [ 155.889927][ T28] audit: type=1326 audit(1773863396.483:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6316 comm="syz.3.132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e1039c799 code=0x7ffc0000 [ 157.680828][ T5773] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 157.886010][ T5773] usb 4-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 157.912318][ T5773] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 157.931222][ T5773] usb 4-1: Product: syz [ 157.935488][ T5773] usb 4-1: Manufacturer: syz [ 157.940121][ T5773] usb 4-1: SerialNumber: syz [ 157.980894][ T8] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 158.188796][ T8] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 158.205393][ T8] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 158.231125][ T5773] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32 [ 158.258582][ T8] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 158.298960][ T8] usb 1-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 158.348307][ T8] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 158.358264][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 158.390994][ T8] usb 1-1: Product: syz [ 158.398884][ T8] usb 1-1: Manufacturer: syz [ 158.410925][ T8] usb 1-1: SerialNumber: syz [ 158.427579][ T8] cdc_mbim 1-1:1.0: skipping garbage [ 158.466928][ T5773] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -32 [ 158.492975][ T5773] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 158.504012][ T5773] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 158.515836][ T5773] lan78xx: probe of 4-1:1.0 failed with error -32 [ 158.630217][ T6332] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 158.877595][ T51] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201' [ 158.888165][ T51] CPU: 1 PID: 51 Comm: kworker/u5:0 Not tainted syzkaller #0 [ 158.895624][ T51] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 158.905737][ T51] Workqueue: hci0 hci_rx_work [ 158.910535][ T51] Call Trace: [ 158.913865][ T51] [ 158.916849][ T51] dump_stack_lvl+0x18c/0x250 [ 158.921602][ T51] ? show_regs_print_info+0x20/0x20 [ 158.926885][ T51] ? load_image+0x400/0x400 [ 158.931554][ T51] sysfs_create_dir_ns+0x26e/0x2a0 [ 158.936826][ T51] ? sysfs_warn_dup+0xa0/0xa0 [ 158.941577][ T51] ? do_raw_spin_unlock+0x121/0x230 [ 158.947019][ T51] kobject_add_internal+0x61c/0xcc0 [ 158.952292][ T51] kobject_add+0x164/0x240 [ 158.956779][ T51] ? asm_sysvec_reschedule_ipi+0x1a/0x20 [ 158.962473][ T51] ? kobject_init+0x1e0/0x1e0 [ 158.967235][ T51] device_add+0x408/0xc20 [ 158.971692][ T51] hci_conn_add_sysfs+0xd5/0x1e0 [ 158.976880][ T51] le_conn_complete_evt+0xf5d/0x1540 [ 158.982425][ T51] ? hci_event_packet+0x4cb/0x1270 [ 158.987614][ T51] ? hci_le_big_info_adv_report_evt+0x910/0x910 [ 158.994013][ T51] ? __mutex_unlock_slowpath+0x1b4/0x6c0 [ 158.999902][ T51] ? skb_pull_data+0xfb/0x200 [ 159.004652][ T51] hci_le_conn_complete_evt+0x187/0x440 [ 159.010302][ T51] ? hci_remote_host_features_evt+0x150/0x150 [ 159.016489][ T51] hci_event_packet+0x7ba/0x1270 [ 159.021509][ T51] ? bis_list+0x290/0x290 [ 159.025901][ T51] ? lockdep_hardirqs_on+0x98/0x150 [ 159.031158][ T51] ? hci_send_to_monitor+0xd7/0x4f0 [ 159.036522][ T51] hci_rx_work+0x43a/0xd60 [ 159.041220][ T51] ? process_scheduled_works+0x96f/0x15d0 [ 159.047195][ T51] process_scheduled_works+0xa5d/0x15d0 [ 159.052851][ T51] ? worker_attach_to_pool+0x380/0x380 [ 159.058430][ T51] ? assign_work+0x3d2/0x5d0 [ 159.063195][ T51] worker_thread+0xa55/0xfc0 [ 159.067991][ T51] kthread+0x2fa/0x390 [ 159.072219][ T51] ? pr_cont_work+0x560/0x560 [ 159.076964][ T51] ? kthread_blkcg+0xd0/0xd0 [ 159.081733][ T51] ret_from_fork+0x48/0x80 [ 159.086232][ T51] ? kthread_blkcg+0xd0/0xd0 [ 159.090898][ T51] ret_from_fork_asm+0x11/0x20 [ 159.095887][ T51] [ 159.118634][ T51] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 159.134469][ T51] Bluetooth: hci0: failed to register connection device [ 159.149332][ T6342] netlink: 4 bytes leftover after parsing attributes in process `syz.1.139'. [ 159.237562][ T6344] overlay: Unknown parameter '/' [ 159.268141][ T6342] nbd: socks must be embedded in a SOCK_ITEM attr [ 159.567499][ T6332] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 159.999743][ T8] cdc_mbim 1-1:1.0: bind() failure [ 161.305572][ T23] usb 4-1: USB disconnect, device number 5 [ 162.758516][ T8] cdc_ncm: probe of 1-1:1.1 failed with error -71 [ 162.766156][ T8] cdc_mbim: probe of 1-1:1.1 failed with error -71 [ 162.774547][ T8] usbtest: probe of 1-1:1.1 failed with error -71 [ 162.784699][ T8] usb 1-1: USB disconnect, device number 5 [ 164.803196][ T5783] udevd[5783]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory [ 164.870725][ T6373] overlay: Unknown parameter '/' [ 165.191096][ T5836] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 165.222409][ T51] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 165.490681][ T5836] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 165.585791][ T5836] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 165.671560][ T5836] usb 3-1: Product: syz [ 165.714113][ T5836] usb 3-1: Manufacturer: syz [ 165.767917][ T5836] usb 3-1: SerialNumber: syz [ 166.440035][ T5836] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32 [ 166.810037][ T5836] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -32 [ 166.935111][ T5836] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 167.062761][ T5836] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 167.217983][ T5836] lan78xx: probe of 3-1:1.0 failed with error -32 [ 168.308738][ T5874] usb 3-1: USB disconnect, device number 4 [ 168.381159][ T5785] Bluetooth: hci0: command 0x0406 tx timeout [ 169.760615][ C0] sched: RT throttling activated [ 169.792496][ T6410] overlay: Unknown parameter '/' [ 170.835649][ T51] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 170.922466][ T23] libceph: connect (1)[c::]:6789 error -101 [ 171.122399][ T6425] ceph: No mds server is up or the cluster is laggy [ 171.140813][ T23] libceph: mon0 (1)[c::]:6789 connect error [ 171.350751][ T9] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 174.633039][ T9] usb 2-1: device not accepting address 4, error -71 [ 174.772973][ T6448] overlay: Unknown parameter '/' [ 177.364189][ T5773] libceph: connect (1)[c::]:6789 error -101 [ 177.499814][ T5773] libceph: mon0 (1)[c::]:6789 connect error [ 177.757842][ T6469] ceph: No mds server is up or the cluster is laggy [ 178.400984][ T51] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 179.371497][ T5874] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 180.469836][ T6489] overlay: Unknown parameter '/' [ 183.280392][ T6516] overlay: Unknown parameter '/' [ 183.323240][ T23] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 183.511059][ T23] usb 1-1: Using ep0 maxpacket: 8 [ 183.634252][ T23] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 183.803547][ T23] usb 1-1: config 179 has no interface number 0 [ 184.060823][ T23] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 184.114348][ T23] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 184.212738][ T23] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 184.230167][ T6522] netlink: 'syz.3.194': attribute type 6 has an invalid length. [ 184.278805][ T23] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 184.303137][ T23] usb 1-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 184.358616][ T23] usb 1-1: config 179 interface 65 has no altsetting 0 [ 184.449602][ T23] usb 1-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 184.480806][ T23] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 184.536556][ T23] usb 1-1: can't set config #179, error -71 [ 184.560532][ T23] usb 1-1: USB disconnect, device number 6 [ 185.211078][ T5874] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 186.331449][ T6548] overlay: Unknown parameter '/' [ 186.423155][ T5874] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 186.438435][ T5874] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 186.451344][ T5874] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 186.494916][ T5874] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 186.504771][ T5874] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 186.513302][ T5874] usb 2-1: Product: syz [ 186.517686][ T5874] usb 2-1: Manufacturer: syz [ 186.525513][ T5874] usb 2-1: SerialNumber: syz [ 186.885724][ T5874] cdc_mbim 2-1:1.0: skipping garbage [ 187.121685][ T6527] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 187.375493][ T6562] netlink: 'syz.3.206': attribute type 6 has an invalid length. [ 187.730996][ T5815] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 187.888067][ T6527] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 187.930853][ T5815] usb 1-1: Using ep0 maxpacket: 8 [ 187.949464][ T5815] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 187.959992][ T5815] usb 1-1: config 179 has no interface number 0 [ 187.966988][ T5815] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 187.980102][ T5815] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 187.993871][ T5815] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 188.006573][ T5815] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 188.018199][ T5815] usb 1-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 188.038290][ T5815] usb 1-1: config 179 interface 65 has no altsetting 0 [ 188.045583][ T5815] usb 1-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 188.055787][ T5815] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 188.105861][ T5815] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input9 [ 188.202516][ T5874] cdc_mbim 2-1:1.0: bind() failure [ 188.253812][ T5874] cdc_ncm: probe of 2-1:1.1 failed with error -71 [ 188.315536][ T5874] cdc_mbim: probe of 2-1:1.1 failed with error -71 [ 188.343200][ T5874] usbtest: probe of 2-1:1.1 failed with error -71 [ 188.376061][ T5874] usb 2-1: USB disconnect, device number 6 [ 189.885612][ T6592] overlay: Unknown parameter '/' [ 190.715213][ T8] usb 1-1: USB disconnect, device number 7 [ 190.756150][ T8] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 190.904196][ T5815] libceph: connect (1)[c::]:6789 error -101 [ 190.910814][ T5815] libceph: mon0 (1)[c::]:6789 connect error [ 191.060155][ T6601] ceph: No mds server is up or the cluster is laggy [ 191.067188][ T6608] netlink: 'syz.0.216': attribute type 6 has an invalid length. [ 191.171381][ T5815] libceph: connect (1)[c::]:6789 error -101 [ 191.189052][ T5815] libceph: mon0 (1)[c::]:6789 connect error [ 192.260970][ T5815] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 192.481582][ T5815] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 192.702959][ T5815] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 192.850364][ T5815] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 192.905189][ T5815] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 192.935111][ T5815] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 192.966261][ T5815] usb 3-1: Product: syz [ 192.985558][ T5815] usb 3-1: Manufacturer: syz [ 193.006070][ T5815] usb 3-1: SerialNumber: syz [ 193.063144][ T5815] cdc_mbim 3-1:1.0: skipping garbage [ 193.148855][ T6632] netlink: 40 bytes leftover after parsing attributes in process `syz.1.224'. [ 193.178588][ T6634] overlay: Unknown parameter '/' [ 193.202327][ T6634] overlayfs: missing 'lowerdir' [ 193.233148][ T6632] netlink: 'syz.1.224': attribute type 6 has an invalid length. [ 193.269605][ T6617] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 193.454468][ T28] audit: type=1326 audit(1773863434.163:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6631 comm="syz.1.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6965d9c799 code=0x7ffc0000 [ 193.680403][ T28] audit: type=1326 audit(1773863434.163:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6631 comm="syz.1.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6965d9c799 code=0x7ffc0000 [ 193.800239][ T28] audit: type=1326 audit(1773863434.173:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6631 comm="syz.1.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f6965d9c799 code=0x7ffc0000 [ 193.869604][ T28] audit: type=1326 audit(1773863434.213:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6631 comm="syz.1.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6965d9c799 code=0x7ffc0000 [ 193.893329][ T28] audit: type=1326 audit(1773863434.223:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6631 comm="syz.1.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6965d9c799 code=0x7ffc0000 [ 193.947921][ T6617] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 193.975483][ T28] audit: type=1326 audit(1773863434.223:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6631 comm="syz.1.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6965d9c799 code=0x7ffc0000 [ 194.015532][ T28] audit: type=1326 audit(1773863434.223:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6631 comm="syz.1.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6965d9c799 code=0x7ffc0000 [ 194.144589][ T28] audit: type=1326 audit(1773863434.233:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6631 comm="syz.1.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6965d9c799 code=0x7ffc0000 [ 194.178093][ T28] audit: type=1326 audit(1773863434.233:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6631 comm="syz.1.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6965d9c799 code=0x7ffc0000 [ 194.894618][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.902990][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.921138][ T5815] cdc_mbim 3-1:1.0: bind() failure [ 194.967749][ T5815] cdc_ncm: probe of 3-1:1.1 failed with error -71 [ 194.979798][ T5815] cdc_mbim: probe of 3-1:1.1 failed with error -71 [ 194.995722][ T5815] usbtest: probe of 3-1:1.1 failed with error -71 [ 195.022892][ T5815] usb 3-1: USB disconnect, device number 5 [ 195.030996][ T28] audit: type=1326 audit(1773863434.243:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6631 comm="syz.1.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f6965d5cfce code=0x7ffc0000 [ 195.447344][ T6651] netlink: 'syz.3.231': attribute type 6 has an invalid length. [ 195.535818][ T5874] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 195.885852][ T5874] usb 1-1: Using ep0 maxpacket: 8 [ 195.974343][ T5874] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 196.051948][ T5874] usb 1-1: config 179 has no interface number 0 [ 196.085354][ T5874] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 196.112578][ T5874] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 196.200747][ T5874] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 196.234281][ T5874] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 196.269062][ T6659] overlay: Unknown parameter '/' [ 196.284654][ T5874] usb 1-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 196.298761][ T6659] overlayfs: missing 'lowerdir' [ 196.539526][ T5874] usb 1-1: config 179 interface 65 has no altsetting 0 [ 196.547077][ T5874] usb 1-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 196.556264][ T5874] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 197.637077][ T5874] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input10 [ 197.804037][ T6670] netlink: 40 bytes leftover after parsing attributes in process `syz.2.238'. [ 197.927187][ T6671] netlink: 'syz.2.238': attribute type 6 has an invalid length. [ 198.623648][ T28] kauditd_printk_skb: 51 callbacks suppressed [ 198.623665][ T28] audit: type=1326 audit(1773863439.343:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6669 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe83179c799 code=0x7ffc0000 [ 198.670765][ T28] audit: type=1326 audit(1773863439.343:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6669 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe83179c799 code=0x7ffc0000 [ 198.956200][ T9] usb 1-1: USB disconnect, device number 8 [ 199.029811][ T5785] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 199.104309][ T9] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 201.334233][ T6686] netlink: 'syz.3.244': attribute type 6 has an invalid length. [ 201.989945][ T6691] overlay: Unknown parameter '/' [ 202.002541][ T6691] overlayfs: missing 'lowerdir' [ 204.530189][ T6713] netlink: 40 bytes leftover after parsing attributes in process `syz.1.252'. [ 204.561315][ T6713] netlink: 'syz.1.252': attribute type 6 has an invalid length. [ 204.863739][ T9] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 205.218312][ T9] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 205.237597][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 205.270863][ T9] usb 3-1: Product: syz [ 205.275210][ T9] usb 3-1: Manufacturer: syz [ 205.281224][ T28] audit: type=1326 audit(1773863445.993:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6710 comm="syz.1.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6965d9c799 code=0x7ffc0000 [ 205.321000][ T9] usb 3-1: SerialNumber: syz [ 205.345303][ T28] audit: type=1326 audit(1773863445.993:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6710 comm="syz.1.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6965d9c799 code=0x7ffc0000 [ 205.421641][ T6723] overlay: Unknown parameter '/' [ 205.451739][ T28] audit: type=1326 audit(1773863445.993:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6710 comm="syz.1.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f6965d9c799 code=0x7ffc0000 [ 205.491383][ T6723] overlayfs: missing 'lowerdir' [ 205.518291][ T28] audit: type=1326 audit(1773863445.993:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6710 comm="syz.1.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6965d9c799 code=0x7ffc0000 [ 205.543903][ T28] audit: type=1326 audit(1773863445.993:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6710 comm="syz.1.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6965d9c799 code=0x7ffc0000 [ 205.569001][ T6725] netlink: 'syz.3.257': attribute type 6 has an invalid length. [ 205.582591][ T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32 [ 205.602635][ T28] audit: type=1326 audit(1773863445.993:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6710 comm="syz.1.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6965d9c799 code=0x7ffc0000 [ 205.736046][ T28] audit: type=1326 audit(1773863445.993:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6710 comm="syz.1.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6965d9c799 code=0x7ffc0000 [ 205.759920][ T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32 [ 205.996217][ T1204] libceph: connect (1)[c::]:6789 error -101 [ 206.004034][ T1204] libceph: mon0 (1)[c::]:6789 connect error [ 206.120861][ T28] audit: type=1326 audit(1773863445.993:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6710 comm="syz.1.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6965d9c799 code=0x7ffc0000 [ 206.145433][ T28] audit: type=1326 audit(1773863445.993:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6710 comm="syz.1.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6965d9c799 code=0x7ffc0000 [ 206.221201][ T28] audit: type=1326 audit(1773863445.993:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6710 comm="syz.1.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6965d9c799 code=0x7ffc0000 [ 206.264932][ T1204] libceph: connect (1)[c::]:6789 error -101 [ 206.298194][ T1204] libceph: mon0 (1)[c::]:6789 connect error [ 206.435947][ T6727] ceph: No mds server is up or the cluster is laggy [ 207.804306][ T5781] Bluetooth: hci1: command 0x0406 tx timeout [ 207.810802][ T5781] Bluetooth: hci0: command 0x0406 tx timeout [ 207.818898][ T5781] Bluetooth: hci2: command 0x0406 tx timeout [ 207.825416][ T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000118. ret = -71 [ 207.831002][ T5083] Bluetooth: hci3: command 0x0406 tx timeout [ 207.837824][ T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 207.856722][ T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 208.325412][ T9] lan78xx: probe of 3-1:1.0 failed with error -71 [ 208.360527][ T9] usb 3-1: USB disconnect, device number 6 [ 208.364698][ T5083] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 209.138083][ T6745] overlayfs: workdir and upperdir must reside under the same mount [ 210.392606][ T6758] netlink: 40 bytes leftover after parsing attributes in process `syz.0.266'. [ 210.439088][ T6762] overlay: Unknown parameter '/' [ 210.451788][ T6758] netlink: 'syz.0.266': attribute type 6 has an invalid length. [ 210.492689][ T6764] overlayfs: missing 'lowerdir' [ 210.852575][ T6767] netlink: 'syz.3.269': attribute type 6 has an invalid length. [ 211.039286][ T28] kauditd_printk_skb: 3 callbacks suppressed [ 211.055980][ T28] audit: type=1326 audit(1773863451.753:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6756 comm="syz.0.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ee6f9c799 code=0x7ffc0000 [ 211.697259][ T28] audit: type=1326 audit(1773863451.773:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6756 comm="syz.0.266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ee6f9c799 code=0x7ffc0000 [ 212.898486][ T6782] overlayfs: workdir and upperdir must reside under the same mount [ 212.960960][ T5815] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 213.188286][ T5815] usb 1-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 214.361551][ T5785] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 214.724348][ T6797] netlink: 20 bytes leftover after parsing attributes in process `syz.3.279'. [ 215.120809][ T5815] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 215.129231][ T5815] usb 1-1: Product: syz [ 216.165948][ T5815] usb 1-1: Manufacturer: syz [ 216.171190][ T5815] usb 1-1: SerialNumber: syz [ 216.255081][ T5815] usb 1-1: can't set config #1, error -71 [ 216.271676][ T5815] usb 1-1: USB disconnect, device number 9 [ 216.348317][ T6804] netlink: 'syz.3.281': attribute type 6 has an invalid length. [ 216.616772][ T9] libceph: connect (1)[c::]:6789 error -101 [ 216.685402][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 217.229412][ T6806] ceph: No mds server is up or the cluster is laggy [ 217.239648][ T8] libceph: connect (1)[c::]:6789 error -101 [ 217.246486][ T8] libceph: mon0 (1)[c::]:6789 connect error [ 218.436242][ T6826] overlayfs: workdir and upperdir must reside under the same mount [ 219.839381][ T6837] netlink: 20 bytes leftover after parsing attributes in process `syz.3.289'. [ 221.530647][ T8] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 222.158992][ T6854] netlink: 'syz.3.296': attribute type 6 has an invalid length. [ 222.179948][ T8] usb 2-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 222.232950][ T5773] libceph: connect (1)[c::]:6789 error -101 [ 222.237828][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 222.250520][ T5773] libceph: mon0 (1)[c::]:6789 connect error [ 222.262692][ T8] usb 2-1: Product: syz [ 222.297787][ T8] usb 2-1: Manufacturer: syz [ 222.439001][ T8] usb 2-1: SerialNumber: syz [ 222.451935][ T6855] ceph: No mds server is up or the cluster is laggy [ 222.966499][ T8] usb 2-1: can't set config #1, error -71 [ 223.167458][ T8] usb 2-1: USB disconnect, device number 7 [ 224.076541][ T6875] netlink: 20 bytes leftover after parsing attributes in process `syz.1.303'. [ 224.140767][ T5773] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 225.195788][ T5773] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 225.227622][ T5773] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 225.265622][ T5773] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 225.288533][ T5773] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0 [ 225.330161][ T5773] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 225.340966][ T5773] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 225.352377][ T5773] usb 4-1: Product: syz [ 225.357348][ T5773] usb 4-1: Manufacturer: syz [ 225.362563][ T5773] usb 4-1: SerialNumber: syz [ 225.624685][ T5773] cdc_mbim 4-1:1.0: skipping garbage [ 226.009026][ T6872] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 226.051423][ T5815] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 226.280830][ T6890] ceph: No mds server is up or the cluster is laggy [ 226.352602][ T6289] libceph: connect (1)[c::]:6789 error -101 [ 226.369342][ T6289] libceph: mon0 (1)[c::]:6789 connect error [ 226.655800][ T5815] usb 2-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 226.676699][ T5815] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 226.700643][ T5815] usb 2-1: Product: syz [ 226.710388][ T5815] usb 2-1: Manufacturer: syz [ 226.724706][ T5815] usb 2-1: SerialNumber: syz [ 226.762185][ T6872] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 226.946533][ T5815] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32 [ 226.973973][ T5815] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32 [ 227.001206][ T5773] cdc_mbim 4-1:1.0: bind() failure [ 227.020803][ T5773] cdc_ncm: probe of 4-1:1.1 failed with error -71 [ 227.029986][ T5773] cdc_mbim: probe of 4-1:1.1 failed with error -71 [ 227.041306][ T5773] usbtest: probe of 4-1:1.1 failed with error -71 [ 227.057087][ T5773] usb 4-1: USB disconnect, device number 7 [ 227.543432][ T5083] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 229.788415][ T5815] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x0000011c. ret = -71 [ 229.838029][ T5815] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 229.882623][ T5815] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 229.944788][ T5815] lan78xx: probe of 2-1:1.0 failed with error -71 [ 230.143255][ T5815] usb 2-1: USB disconnect, device number 8 [ 230.152411][ T6917] netlink: 20 bytes leftover after parsing attributes in process `syz.3.316'. [ 231.732968][ T5815] libceph: connect (1)[c::]:6789 error -101 [ 231.739379][ T5815] libceph: mon0 (1)[c::]:6789 connect error [ 232.016641][ T5815] libceph: connect (1)[c::]:6789 error -101 [ 232.085205][ T6923] ceph: No mds server is up or the cluster is laggy [ 232.310938][ T5815] libceph: mon0 (1)[c::]:6789 connect error [ 232.826777][ T6933] tipc: Started in network mode [ 232.855359][ T6933] tipc: Node identity 7ee377e3a973, cluster identity 4711 [ 232.875759][ T6933] tipc: Enabled bearer , priority 0 [ 232.893385][ T6938] syzkaller0: entered promiscuous mode [ 232.900254][ T6938] syzkaller0: entered allmulticast mode [ 232.961946][ T6933] tipc: Resetting bearer [ 232.994268][ T6931] tipc: Resetting bearer [ 233.052016][ T6931] tipc: Disabling bearer [ 233.222631][ T6947] netlink: 20 bytes leftover after parsing attributes in process `syz.0.326'. [ 233.486817][ T5773] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 233.494934][ T5815] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 233.825148][ T5773] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 234.271475][ T5815] usb 4-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 234.289415][ T5773] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 234.321869][ T5815] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 234.363166][ T5785] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 234.386540][ T5773] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 234.406334][ T5815] usb 4-1: Product: syz [ 234.440497][ T5815] usb 4-1: Manufacturer: syz [ 234.486309][ T5773] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 234.503630][ T5815] usb 4-1: SerialNumber: syz [ 234.572489][ T5773] usb 3-1: Product: syz [ 234.634572][ T5773] usb 3-1: Manufacturer: syz [ 234.714197][ T5773] usb 3-1: SerialNumber: syz [ 234.993916][ T5773] cdc_mbim 3-1:1.0: skipping garbage [ 235.226289][ T5815] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32 [ 235.283730][ T6943] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 235.458930][ T5815] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32 [ 235.824684][ T5773] cdc_mbim 3-1:1.0: failed GET_NTB_PARAMETERS [ 235.870088][ T5773] cdc_mbim 3-1:1.0: bind() failure [ 236.077657][ T5773] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found [ 236.158650][ T5773] cdc_ncm 3-1:1.1: bind() failure [ 236.662773][ T5815] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000118. ret = -71 [ 236.691506][ T5815] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 236.718618][ T5815] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 236.750001][ T5815] lan78xx: probe of 4-1:1.0 failed with error -71 [ 236.866281][ T5815] usb 4-1: USB disconnect, device number 8 [ 236.933092][ T9] libceph: connect (1)[c::]:6789 error -101 [ 236.947436][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 237.211094][ T9] libceph: connect (1)[c::]:6789 error -101 [ 237.219314][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 237.285091][ T5773] usb 3-1: USB disconnect, device number 7 [ 237.454381][ T6966] ceph: No mds server is up or the cluster is laggy [ 238.610362][ T6980] loop2: detected capacity change from 0 to 512 [ 238.635782][ T6978] loop3: detected capacity change from 0 to 2048 [ 238.693112][ T6980] EXT4-fs: Ignoring removed oldalloc option [ 238.737709][ T6980] EXT4-fs (loop2): 1 truncate cleaned up [ 238.774639][ T6986] netlink: 20 bytes leftover after parsing attributes in process `syz.1.335'. [ 238.786442][ T6978] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 238.810980][ T6980] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 238.912160][ T6978] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 238.963636][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 239.129783][ T6988] overlay: Unknown parameter '/' [ 239.183566][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 239.194475][ T6988] overlayfs: missing 'lowerdir' [ 239.389401][ T5083] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 242.054591][ T5773] libceph: connect (1)[c::]:6789 error -101 [ 242.061487][ T5773] libceph: mon0 (1)[c::]:6789 connect error [ 242.332993][ T5773] libceph: connect (1)[c::]:6789 error -101 [ 242.348589][ T5773] libceph: mon0 (1)[c::]:6789 connect error [ 242.639403][ T7000] ceph: No mds server is up or the cluster is laggy [ 243.733242][ T7016] netlink: 20 bytes leftover after parsing attributes in process `syz.0.345'. [ 243.776367][ T7015] tipc: Enabled bearer , priority 0 [ 243.812455][ T7015] syzkaller0: entered promiscuous mode [ 243.837924][ T7015] syzkaller0: entered allmulticast mode [ 243.886379][ T7020] overlay: Unknown parameter '/' [ 243.913643][ T7015] netlink: 44 bytes leftover after parsing attributes in process `syz.1.344'. [ 243.927410][ T7020] overlayfs: missing 'lowerdir' [ 243.951486][ T7015] tipc: Resetting bearer [ 243.995703][ T7013] tipc: Resetting bearer [ 244.064792][ T7013] tipc: Disabling bearer [ 245.513806][ T5773] libceph: connect (1)[c::]:6789 error -101 [ 245.660333][ T5773] libceph: mon0 (1)[c::]:6789 connect error [ 245.849082][ T7040] ceph: No mds server is up or the cluster is laggy [ 246.342250][ T7056] overlay: Unknown parameter '/' [ 246.362988][ T7056] overlayfs: missing 'workdir' [ 246.518803][ T5785] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection [ 246.623139][ T7059] netlink: 20 bytes leftover after parsing attributes in process `syz.0.357'. [ 246.788326][ T7064] overlayfs: failed to resolve './file0': -2 [ 248.474407][ T8] libceph: connect (1)[c::]:6789 error -101 [ 248.498370][ T8] libceph: mon0 (1)[c::]:6789 connect error [ 248.574866][ T7071] ceph: No mds server is up or the cluster is laggy [ 249.925878][ T7089] overlay: Unknown parameter '/' [ 249.949463][ T7091] netlink: 'syz.2.368': attribute type 4 has an invalid length. [ 249.950905][ T23] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 249.970951][ T7089] overlayfs: missing 'workdir' [ 250.136468][ T7096] netlink: 20 bytes leftover after parsing attributes in process `syz.2.370'. [ 250.155462][ T23] usb 2-1: Using ep0 maxpacket: 8 [ 250.169247][ T23] usb 2-1: config 179 has an invalid interface number: 65 but max is 0 [ 250.195329][ T23] usb 2-1: config 179 has no interface number 0 [ 250.220671][ T23] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 250.239549][ T23] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 250.265042][ T23] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 250.292446][ T23] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 250.332274][ T23] usb 2-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 250.371711][ T23] usb 2-1: config 179 interface 65 has no altsetting 0 [ 250.378823][ T23] usb 2-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 250.448027][ T23] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 250.558245][ T7107] overlayfs: failed to resolve './file0': -2 [ 250.801595][ T23] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:179.65/input/input11 [ 250.828236][ T8] libceph: connect (1)[c::]:6789 error -101 [ 250.835346][ T23] usb 2-1: USB disconnect, device number 9 [ 251.282917][ T23] xpad 2-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 251.404497][ T7108] ceph: No mds server is up or the cluster is laggy [ 251.617752][ T8] libceph: mon0 (1)[c::]:6789 connect error [ 251.934547][ T7125] overlay: Unknown parameter '/' [ 251.984081][ T7125] overlayfs: missing 'workdir' [ 252.330732][ T9] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 253.281197][ T7140] netlink: 40 bytes leftover after parsing attributes in process `syz.1.381'. [ 253.303465][ T7140] netlink: 'syz.1.381': attribute type 6 has an invalid length. [ 253.460409][ T9] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 253.881930][ T9] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 253.905728][ T9] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 253.927852][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 253.975718][ T9] usb 3-1: Product: syz [ 253.990666][ T9] usb 3-1: Manufacturer: syz [ 254.014463][ T9] usb 3-1: SerialNumber: syz [ 256.226405][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.340693][ T5083] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 256.358496][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.457327][ T9] usb 3-1: can't set config #1, error -71 [ 256.465953][ T9] usb 3-1: USB disconnect, device number 8 [ 256.520443][ T7149] overlayfs: failed to resolve './file0': -2 [ 256.668137][ T7151] netlink: 'syz.2.384': attribute type 6 has an invalid length. [ 257.451222][ T9] libceph: connect (1)[c::]:6789 error -101 [ 257.457527][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 257.732225][ T5836] libceph: connect (1)[c::]:6789 error -101 [ 257.789540][ T5836] libceph: mon0 (1)[c::]:6789 connect error [ 257.852299][ T7154] ceph: No mds server is up or the cluster is laggy [ 259.009815][ T7168] overlay: Unknown parameter '/' [ 259.018917][ T7170] netlink: 40 bytes leftover after parsing attributes in process `syz.2.390'. [ 259.067268][ T7170] netlink: 'syz.2.390': attribute type 6 has an invalid length. [ 260.824260][ T7188] netlink: 'syz.0.394': attribute type 4 has an invalid length. [ 260.833893][ T7187] loop2: detected capacity change from 0 to 512 [ 260.848825][ T7187] EXT4-fs: Ignoring removed oldalloc option [ 260.876688][ T7187] EXT4-fs (loop2): 1 truncate cleaned up [ 260.894182][ T7187] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 260.940947][ T5836] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 261.007050][ T7194] tipc: Enabled bearer , priority 0 [ 261.015447][ T7194] syzkaller0: entered promiscuous mode [ 261.021558][ T7194] syzkaller0: entered allmulticast mode [ 261.033530][ T7194] netlink: 44 bytes leftover after parsing attributes in process `syz.1.396'. [ 261.054109][ T7194] tipc: Resetting bearer [ 261.074060][ T7192] tipc: Resetting bearer [ 261.097251][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 261.129284][ T7192] tipc: Disabling bearer [ 261.145764][ T5836] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 261.173693][ T5836] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 261.211493][ T5836] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 261.230690][ T5836] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 261.246838][ T5836] usb 4-1: Product: syz [ 261.256024][ T5836] usb 4-1: Manufacturer: syz [ 261.266723][ T5836] usb 4-1: SerialNumber: syz [ 261.302480][ T5836] cdc_mbim 4-1:1.0: skipping garbage [ 261.560203][ T7201] overlay: Unknown parameter '/' [ 261.603370][ T7182] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 262.177131][ T5836] cdc_mbim 4-1:1.0: failed GET_NTB_PARAMETERS [ 262.237595][ T5836] cdc_mbim 4-1:1.0: bind() failure [ 262.396454][ T5836] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found [ 262.425651][ T5836] cdc_ncm 4-1:1.1: bind() failure [ 262.872523][ T7220] loop2: detected capacity change from 0 to 512 [ 262.880955][ T7220] EXT4-fs: Ignoring removed oldalloc option [ 262.908636][ T7220] EXT4-fs (loop2): 1 truncate cleaned up [ 262.917063][ T7220] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 263.004065][ T7223] loop0: detected capacity change from 0 to 2048 [ 263.034580][ T7223] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 263.055281][ T7223] EXT4-fs error (device loop0): ext4_iget_extra_inode:4732: inode #12: comm syz.0.407: corrupted in-inode xattr: e_name out of bounds [ 263.072694][ T7223] EXT4-fs (loop0): Remounting filesystem read-only [ 263.084042][ T7223] ext4: Unknown parameter '@LqE: 艞t}0$' [ 263.087589][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 263.135461][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 263.277041][ T7229] overlay: Unknown parameter '/' [ 263.298845][ T7228] tipc: Started in network mode [ 263.305784][ T7228] tipc: Node identity ca9a8c5eb8b4, cluster identity 4711 [ 263.316305][ T7228] tipc: Enabled bearer , priority 0 [ 263.327992][ T7228] syzkaller0: entered promiscuous mode [ 263.336557][ T7228] syzkaller0: entered allmulticast mode [ 263.359316][ T7228] netlink: 44 bytes leftover after parsing attributes in process `syz.2.408'. [ 263.379751][ T7228] tipc: Resetting bearer [ 263.398411][ T7226] tipc: Resetting bearer [ 263.439508][ T7226] tipc: Disabling bearer [ 263.454368][ T7231] netlink: 'syz.0.410': attribute type 4 has an invalid length. [ 263.600773][ T5836] usb 4-1: USB disconnect, device number 9 [ 264.813481][ T7246] loop3: detected capacity change from 0 to 512 [ 264.841469][ T7246] EXT4-fs: Ignoring removed oldalloc option [ 264.887359][ T7246] EXT4-fs (loop3): 1 truncate cleaned up [ 264.898288][ T7252] overlay: Unknown parameter '/' [ 264.908770][ T7246] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 264.958128][ T7249] loop1: detected capacity change from 0 to 2048 [ 265.020009][ T7249] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 265.037580][ T7256] netlink: 'syz.0.419': attribute type 4 has an invalid length. [ 265.083521][ T7249] EXT4-fs error (device loop1): ext4_iget_extra_inode:4732: inode #12: comm syz.1.417: corrupted in-inode xattr: e_name out of bounds [ 265.154674][ T7249] EXT4-fs (loop1): Remounting filesystem read-only [ 265.165600][ T7249] ext4: Unknown parameter '@LqE: 艞t}0$' [ 265.200014][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 265.242701][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 265.884933][ T5815] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 265.915165][ T7278] netlink: 'syz.3.428': attribute type 6 has an invalid length. [ 266.215404][ T5815] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 266.238864][ T5815] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 266.298838][ T5815] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 266.308086][ T5815] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 266.381165][ T5815] usb 1-1: Product: syz [ 266.410745][ T5815] usb 1-1: Manufacturer: syz [ 266.421228][ T5815] usb 1-1: SerialNumber: syz [ 266.518031][ T5815] cdc_mbim 1-1:1.0: skipping garbage [ 266.734114][ T7282] overlay: Unknown parameter '/' [ 266.747549][ T7271] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 266.809570][ T7284] loop3: detected capacity change from 0 to 512 [ 266.848469][ T7284] EXT4-fs: Ignoring removed oldalloc option [ 266.937726][ T7284] EXT4-fs (loop3): 1 truncate cleaned up [ 266.975781][ T7284] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 267.146939][ T7288] netlink: 'syz.2.431': attribute type 4 has an invalid length. [ 267.176232][ T5815] cdc_mbim 1-1:1.0: failed GET_NTB_PARAMETERS [ 267.226717][ T5815] cdc_mbim 1-1:1.0: bind() failure [ 267.242639][ T5815] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found [ 267.249825][ T5815] cdc_ncm 1-1:1.1: bind() failure [ 267.425099][ T7292] loop2: detected capacity change from 0 to 2048 [ 267.505354][ T7292] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 267.554013][ T7292] EXT4-fs error (device loop2): ext4_iget_extra_inode:4732: inode #12: comm syz.2.432: corrupted in-inode xattr: e_name out of bounds [ 267.667146][ T7296] ext4: Unknown parameter '@LqE: 艞t}0$' [ 267.684712][ T7292] EXT4-fs (loop2): Remounting filesystem read-only [ 267.761529][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 268.111416][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 268.559342][ T7308] netlink: 'syz.2.438': attribute type 6 has an invalid length. [ 268.603449][ T6289] usb 1-1: USB disconnect, device number 10 [ 269.352382][ T7314] overlay: Unknown parameter '/' [ 269.511384][ T7317] netlink: 'syz.2.440': attribute type 4 has an invalid length. [ 269.550492][ T7318] loop3: detected capacity change from 0 to 2048 [ 269.722099][ T7318] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 269.808839][ T7326] loop0: detected capacity change from 0 to 512 [ 269.856887][ T7318] EXT4-fs error (device loop3): ext4_iget_extra_inode:4732: inode #12: comm syz.3.441: corrupted in-inode xattr: e_name out of bounds [ 269.872073][ T7326] EXT4-fs: Ignoring removed oldalloc option [ 269.915680][ T7318] EXT4-fs (loop3): Remounting filesystem read-only [ 270.592072][ T7318] ext4: Unknown parameter '@LqE: 艞t}0$' [ 270.615227][ T7326] EXT4-fs (loop0): 1 truncate cleaned up [ 270.652151][ T7326] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 270.769122][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 271.027175][ T7338] netlink: 'syz.1.448': attribute type 6 has an invalid length. [ 272.223911][ T7345] overlay: Unknown parameter '/' [ 274.219307][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 274.275312][ T7369] loop2: detected capacity change from 0 to 2048 [ 274.385161][ T7369] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 274.465307][ T7369] EXT4-fs error (device loop2): ext4_iget_extra_inode:4732: inode #12: comm syz.2.455: corrupted in-inode xattr: e_name out of bounds [ 274.526022][ T7369] EXT4-fs (loop2): Remounting filesystem read-only [ 274.528153][ T7377] ext4: Unknown parameter '@LqE: 艞t}0$' [ 274.640851][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 274.807813][ T7349] tipc: Started in network mode [ 274.824344][ T7349] tipc: Node identity 4a81edb1ae66, cluster identity 4711 [ 274.841005][ T7349] tipc: Enabled bearer , priority 0 [ 274.869009][ T7363] netlink: 44 bytes leftover after parsing attributes in process `syz.3.451'. [ 274.883305][ T7353] syzkaller0: entered promiscuous mode [ 274.907261][ T7353] syzkaller0: entered allmulticast mode [ 275.014541][ T7353] tipc: Resetting bearer [ 275.138614][ T7353] tipc: Disabling bearer [ 275.186647][ T7389] overlay: Unknown parameter '/' [ 275.589668][ T7395] loop3: detected capacity change from 0 to 128 [ 277.728670][ T7397] syz.0.462: attempt to access beyond end of device [ 277.728670][ T7397] loop1: rw=0, sector=0, nr_sectors = 1 limit=0 [ 277.751341][ T7398] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.461'. [ 277.762227][ T7395] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.461'. [ 277.855624][ T7397] FAT-fs (loop1): unable to read boot sector [ 279.862550][ T7402] netlink: 'syz.0.465': attribute type 6 has an invalid length. [ 281.738088][ T7411] loop1: detected capacity change from 0 to 2048 [ 281.789267][ T7411] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 281.845558][ T7411] EXT4-fs error (device loop1): ext4_iget_extra_inode:4732: inode #12: comm syz.1.467: corrupted in-inode xattr: e_name out of bounds [ 281.875719][ T7420] overlay: Unknown parameter '/' [ 281.906313][ T7419] tipc: Enabled bearer , priority 0 [ 281.921119][ T7411] EXT4-fs (loop1): Remounting filesystem read-only [ 281.928976][ T7419] syzkaller0: entered promiscuous mode [ 281.935499][ T7419] syzkaller0: entered allmulticast mode [ 281.970733][ T7411] ext4: Unknown parameter '@LqE: 艞t}0$' [ 281.995991][ T7419] netlink: 44 bytes leftover after parsing attributes in process `syz.0.469'. [ 282.064768][ T7419] tipc: Resetting bearer [ 282.078869][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 282.114533][ T7417] tipc: Resetting bearer [ 282.180273][ T7417] tipc: Disabling bearer [ 282.382030][ T7427] loop1: detected capacity change from 0 to 1024 [ 282.427100][ T7427] EXT4-fs: Ignoring removed oldalloc option [ 282.458408][ T7427] EXT4-fs: Ignoring removed bh option [ 282.486287][ T7427] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 282.523012][ T7427] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 282.598228][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 282.661089][ T5773] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 283.067724][ T5773] usb 1-1: Using ep0 maxpacket: 8 [ 283.077991][ T5773] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 283.087350][ T5773] usb 1-1: config 179 has no interface number 0 [ 283.094471][ T5773] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 283.106709][ T5773] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 283.118405][ T5773] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 283.129955][ T5773] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 283.221446][ T5773] usb 1-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 283.432929][ T5773] usb 1-1: config 179 interface 65 has no altsetting 0 [ 283.562815][ T5773] usb 1-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 283.930609][ T5773] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 284.016252][ T5773] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input12 [ 284.220441][ T5773] usb 1-1: USB disconnect, device number 11 [ 284.242841][ T5773] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 284.591794][ T7450] syzkaller0: entered promiscuous mode [ 284.612342][ T7450] syzkaller0: entered allmulticast mode [ 284.715020][ T7452] overlay: Unknown parameter '/' [ 285.077370][ T7456] tipc: Enabled bearer , priority 0 [ 285.106152][ T7456] syzkaller0: entered promiscuous mode [ 285.118881][ T7456] syzkaller0: entered allmulticast mode [ 285.149564][ T7456] netlink: 44 bytes leftover after parsing attributes in process `syz.3.483'. [ 285.187850][ T7456] tipc: Resetting bearer [ 285.213583][ T7455] tipc: Resetting bearer [ 285.270427][ T7455] tipc: Disabling bearer [ 288.381162][ T6289] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 288.570821][ T6289] usb 3-1: Using ep0 maxpacket: 8 [ 288.666214][ T6289] usb 3-1: config 179 has an invalid interface number: 65 but max is 0 [ 288.943677][ T6289] usb 3-1: config 179 has no interface number 0 [ 288.950272][ T6289] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 289.040162][ T6289] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 289.071614][ T7487] overlay: Unknown parameter '/' [ 289.095291][ T6289] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 289.158937][ T6289] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 289.205432][ T6289] usb 3-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 289.235938][ T6289] usb 3-1: config 179 interface 65 has no altsetting 0 [ 289.259355][ T6289] usb 3-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 289.282166][ T6289] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 289.323931][ T6289] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input13 [ 289.357306][ T7490] autofs4:pid:7490:autofs_fill_super: called with bogus options [ 289.525544][ T6289] usb 3-1: USB disconnect, device number 9 [ 289.562931][ T6289] xpad 3-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 289.949996][ T7498] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.499'. [ 289.987480][ T7497] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.499'. [ 290.567064][ T7510] loop2: detected capacity change from 0 to 128 [ 291.352476][ T7511] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.502'. [ 291.364215][ T7510] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.502'. [ 293.671858][ T7515] overlay: Unknown parameter '/' [ 294.393840][ T7521] syz.1.506: attempt to access beyond end of device [ 294.393840][ T7521] loop3: rw=0, sector=0, nr_sectors = 1 limit=0 [ 294.480476][ T7521] FAT-fs (loop3): unable to read boot sector [ 294.686719][ T12] kworker/u4:1: attempt to access beyond end of device [ 294.686719][ T12] loop2: rw=1, sector=145, nr_sectors = 896 limit=128 [ 295.421585][ T7537] loop2: detected capacity change from 0 to 128 [ 298.006547][ T9] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 299.815032][ T7550] overlay: Unknown parameter '/' [ 300.012107][ T7552] loop0: detected capacity change from 0 to 512 [ 300.045209][ T7552] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 300.122559][ T7552] EXT4-fs (loop0): 1 orphan inode deleted [ 300.165411][ T7552] EXT4-fs (loop0): 1 truncate cleaned up [ 300.182187][ T7552] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 300.277974][ T7552] EXT4-fs (loop0): shut down requested (1) [ 300.482583][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 300.704851][ T7566] loop3: detected capacity change from 0 to 128 [ 302.141791][ T7567] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.522'. [ 302.151506][ T7566] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.522'. [ 305.140709][ T6289] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 305.294308][ T7577] overlay: Unknown parameter '/' [ 305.699345][ T6289] usb 1-1: Using ep0 maxpacket: 8 [ 305.716947][ T6289] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 305.808720][ T7583] loop3: detected capacity change from 0 to 128 [ 310.524078][ T7585] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.526'. [ 310.540816][ T7584] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.526'. [ 311.249480][ T6289] usb 1-1: config 179 has no interface number 0 [ 311.374268][ T7588] overlayfs: missing 'lowerdir' [ 311.393462][ T6289] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 311.406156][ T6289] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 311.426779][ T6289] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 311.440974][ T6289] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 311.451244][ T6289] usb 1-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 311.464643][ T6289] usb 1-1: config 179 interface 65 has no altsetting 0 [ 311.472083][ T6289] usb 1-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 311.481267][ T6289] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 311.523820][ T6289] usb 1-1: can't set config #179, error -71 [ 311.534223][ T6289] usb 1-1: USB disconnect, device number 12 [ 311.959593][ T7594] loop1: detected capacity change from 0 to 128 [ 313.177437][ T7600] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.530'. [ 313.997014][ T42] kworker/u4:2: attempt to access beyond end of device [ 313.997014][ T42] loop1: rw=1, sector=145, nr_sectors = 896 limit=128 [ 314.178887][ T7612] overlay: Unknown parameter '/' [ 314.647104][ T7623] loop1: detected capacity change from 0 to 128 [ 318.667632][ T7626] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.534'. [ 318.677947][ T7625] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.534'. [ 318.700564][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 318.707063][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 319.544887][ T7632] overlayfs: missing 'lowerdir' [ 319.657839][ T7634] loop2: detected capacity change from 0 to 764 [ 320.144167][ T7642] loop3: detected capacity change from 0 to 128 [ 320.419509][ T7644] loop0: detected capacity change from 0 to 145 [ 322.389613][ T7651] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.544'. [ 322.471365][ T7654] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.543'. [ 322.556609][ T42] kworker/u4:2: attempt to access beyond end of device [ 322.556609][ T42] loop0: rw=1, sector=145, nr_sectors = 896 limit=145 [ 322.872297][ T7664] overlay: Unknown parameter '/' [ 322.970880][ T7666] loop0: detected capacity change from 0 to 128 [ 323.194601][ T7672] overlayfs: missing 'lowerdir' [ 323.567286][ T5815] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 323.688017][ T7686] loop0: detected capacity change from 0 to 128 [ 323.831115][ T5815] usb 3-1: Using ep0 maxpacket: 8 [ 323.871083][ T5815] usb 3-1: config 179 has an invalid interface number: 65 but max is 0 [ 324.298874][ T7687] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.555'. [ 324.311493][ T7686] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.555'. [ 324.537908][ T5815] usb 3-1: config 179 has no interface number 0 [ 324.667360][ T5815] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 324.928265][ T5815] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 325.017370][ T5815] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 325.185689][ T5815] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 325.520799][ T5815] usb 3-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 325.579116][ T5815] usb 3-1: config 179 interface 65 has no altsetting 0 [ 325.603417][ T7685] loop1: detected capacity change from 0 to 8192 [ 325.624332][ T5815] usb 3-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 325.688380][ T5815] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 325.747837][ T28] audit: type=1800 audit(1773863566.473:172): pid=7685 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.557" name="file1" dev="loop1" ino=1048599 res=0 errno=0 [ 325.821225][ T5815] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input14 [ 325.836642][ T7689] overlay: Unknown parameter '/' [ 326.035217][ T5815] usb 3-1: USB disconnect, device number 10 [ 326.075150][ T5815] xpad 3-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 326.344570][ T7692] syzkaller0: entered promiscuous mode [ 326.390153][ T7692] syzkaller0: entered allmulticast mode [ 326.684418][ T7696] batadv0: entered promiscuous mode [ 326.741640][ T7698] overlayfs: missing 'lowerdir' [ 326.753911][ T7696] bond0: entered promiscuous mode [ 326.759126][ T7696] bond_slave_0: entered promiscuous mode [ 326.777860][ T7696] bond_slave_1: entered promiscuous mode [ 326.798598][ T7696] hsr1: entered allmulticast mode [ 326.814114][ T7696] batadv0: entered allmulticast mode [ 326.819668][ T7696] bond0: entered allmulticast mode [ 326.829883][ T7696] bond_slave_0: entered allmulticast mode [ 326.847886][ T7696] bond_slave_1: entered allmulticast mode [ 326.861285][ T7696] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 326.903485][ T7696] batadv0: left promiscuous mode [ 326.935082][ T7696] bond0: left promiscuous mode [ 326.940075][ T7696] bond_slave_0: left promiscuous mode [ 326.960997][ T7696] bond_slave_1: left promiscuous mode [ 327.030138][ T7709] loop1: detected capacity change from 0 to 512 [ 327.045817][ T7709] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 327.099821][ T7709] EXT4-fs (loop1): 1 orphan inode deleted [ 327.106268][ T7709] EXT4-fs (loop1): 1 truncate cleaned up [ 327.114509][ T7709] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 327.184283][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 327.262116][ T7713] overlay: Unknown parameter '/' [ 327.288136][ T7715] loop3: detected capacity change from 0 to 256 [ 327.376644][ T7715] FAT-fs (loop3): Directory bread(block 64) failed [ 327.392354][ T7715] FAT-fs (loop3): Directory bread(block 65) failed [ 327.407249][ T7715] FAT-fs (loop3): Directory bread(block 66) failed [ 327.426717][ T7715] FAT-fs (loop3): Directory bread(block 67) failed [ 327.451000][ T7715] FAT-fs (loop3): Directory bread(block 68) failed [ 327.471979][ T7715] FAT-fs (loop3): Directory bread(block 69) failed [ 327.483956][ T7715] FAT-fs (loop3): Directory bread(block 70) failed [ 327.491070][ T7715] FAT-fs (loop3): Directory bread(block 71) failed [ 327.497938][ T7715] FAT-fs (loop3): Directory bread(block 72) failed [ 327.505643][ T7715] FAT-fs (loop3): Directory bread(block 73) failed [ 327.782438][ T7719] loop1: detected capacity change from 0 to 128 [ 330.350599][ T7728] loop2: detected capacity change from 0 to 1024 [ 330.358227][ T7728] EXT4-fs: Ignoring removed orlov option [ 330.439379][ T7728] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 330.468450][ T7725] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.570'. [ 330.512867][ T28] audit: type=1800 audit(1773863571.233:173): pid=7728 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.571" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 330.663131][ T7735] overlayfs: missing 'lowerdir' [ 330.699583][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 330.740740][ T5815] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 331.115698][ T5815] usb 1-1: Using ep0 maxpacket: 8 [ 331.123419][ T5815] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 331.134490][ T5815] usb 1-1: config 179 has no interface number 0 [ 331.141248][ T5815] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 331.432072][ T7746] overlay: Unknown parameter '/' [ 331.574977][ T7743] loop2: detected capacity change from 0 to 2048 [ 331.799028][ T7743] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 331.863739][ T5815] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 331.876035][ T5815] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 331.893000][ T5815] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 331.918454][ T5815] usb 1-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 331.978724][ T5815] usb 1-1: config 179 interface 65 has no altsetting 0 [ 332.016077][ T5815] usb 1-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 332.035602][ T5815] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 332.038084][ T7752] loop1: detected capacity change from 0 to 512 [ 332.061947][ T7752] EXT4-fs: Ignoring removed oldalloc option [ 332.079526][ T7752] EXT4-fs (loop1): 1 truncate cleaned up [ 332.103551][ T7752] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 332.120331][ T5815] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input15 [ 332.144801][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 332.246041][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 332.315083][ T5815] usb 1-1: USB disconnect, device number 13 [ 332.343503][ T5815] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 332.973633][ T7766] loop2: detected capacity change from 0 to 128 [ 333.153300][ T7769] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.583'. [ 333.163276][ T7766] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.583'. [ 335.383898][ T7768] overlayfs: missing 'lowerdir' [ 336.451126][ T7775] overlay: Unknown parameter '/' [ 337.083139][ T7781] syzkaller0: entered promiscuous mode [ 337.088717][ T7781] syzkaller0: entered allmulticast mode [ 337.403600][ T7801] loop2: detected capacity change from 0 to 256 [ 337.418152][ T7801] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 337.458058][ T7801] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 337.633277][ T7805] syz.0.597: attempt to access beyond end of device [ 337.633277][ T7805] loop1: rw=0, sector=0, nr_sectors = 1 limit=0 [ 337.661793][ T7805] FAT-fs (loop1): unable to read boot sector [ 337.706098][ T7807] overlay: Unknown parameter '/' [ 338.503735][ T7825] loop3: detected capacity change from 0 to 128 [ 338.546438][ T7824] syzkaller0: entered promiscuous mode [ 339.209172][ T7824] syzkaller0: entered allmulticast mode [ 339.578777][ T7831] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.603'. [ 340.033467][ T7841] overlay: Unknown parameter '/' [ 340.207691][ T7842] tipc: Enabled bearer , priority 0 [ 340.238416][ T7842] syzkaller0: entered promiscuous mode [ 340.273758][ T7842] syzkaller0: entered allmulticast mode [ 340.430854][ T7845] netlink: 44 bytes leftover after parsing attributes in process `syz.0.608'. [ 340.500013][ T7842] tipc: Resetting bearer [ 340.532165][ T7840] tipc: Resetting bearer [ 340.703613][ T7840] tipc: Disabling bearer [ 341.747875][ T7870] overlay: Unknown parameter '/' [ 341.851708][ T7871] loop0: detected capacity change from 0 to 128 [ 341.947703][ T7873] syzkaller0: entered promiscuous mode [ 341.967561][ T7873] syzkaller0: entered allmulticast mode [ 342.324185][ T7884] loop1: detected capacity change from 0 to 128 [ 343.333830][ T7890] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.621'. [ 343.623871][ T7896] netlink: 200 bytes leftover after parsing attributes in process `syz.3.624'. [ 344.215469][ T7899] loop2: detected capacity change from 0 to 164 [ 344.273090][ T7899] rock: directory entry would overflow storage [ 344.289126][ T7899] rock: sig=0x4f50, size=4, remaining=3 [ 344.296731][ T7899] iso9660: Corrupted directory entry in block 5 of inode 1792 [ 344.400009][ T6233] kworker/u4:12: attempt to access beyond end of device [ 344.400009][ T6233] loop1: rw=1, sector=145, nr_sectors = 632 limit=128 [ 344.719025][ T7907] overlay: Unknown parameter '/' [ 344.743192][ T7909] loop1: detected capacity change from 0 to 128 [ 344.786416][ T7909] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 344.799544][ T7909] ext4 filesystem being mounted at /164/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 345.396376][ T5769] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 345.543824][ T7923] syz.3.634: attempt to access beyond end of device [ 345.543824][ T7923] loop7: rw=0, sector=0, nr_sectors = 1 limit=0 [ 345.601932][ T7923] FAT-fs (loop7): unable to read boot sector [ 345.794070][ T7927] netlink: 200 bytes leftover after parsing attributes in process `syz.0.636'. [ 345.946565][ T7935] loop1: detected capacity change from 0 to 128 [ 346.797207][ T7936] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.635'. [ 346.808915][ T7935] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.635'. [ 347.017948][ T7934] loop3: detected capacity change from 0 to 1024 [ 348.001518][ T7934] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 349.186316][ T7934] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR [ 349.190399][ T7938] overlay: Unknown parameter '/' [ 349.208453][ T7934] EXT4-fs: failed to create workqueue [ 349.220082][ T7934] EXT4-fs (loop3): mount failed [ 349.453476][ T157] kworker/u4:6: attempt to access beyond end of device [ 349.453476][ T157] loop1: rw=1, sector=145, nr_sectors = 896 limit=128 [ 349.953440][ T7953] loop0: detected capacity change from 0 to 128 [ 350.131268][ T7953] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.643'. [ 352.178480][ T7969] overlay: Unknown parameter '/' [ 352.215044][ T7967] loop1: detected capacity change from 0 to 2048 [ 352.287333][ T7967] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 352.642988][ T7978] netlink: 200 bytes leftover after parsing attributes in process `syz.2.651'. [ 352.676873][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 353.245201][ T7987] loop1: detected capacity change from 0 to 512 [ 353.310812][ T7988] loop0: detected capacity change from 0 to 128 [ 355.030668][ T7987] EXT4-fs: Ignoring removed oldalloc option [ 356.679033][ T7987] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR [ 356.679403][ T7987] EXT4-fs: failed to create workqueue [ 356.857476][ T7987] EXT4-fs (loop1): mount failed [ 357.145180][ T7995] overlay: Unknown parameter '/' [ 357.166495][ T7991] sctp: [Deprecated]: syz.2.658 (pid 7991) Use of struct sctp_assoc_value in delayed_ack socket option. [ 357.166495][ T7991] Use struct sctp_sack_info instead [ 357.952082][ T8008] loop2: detected capacity change from 0 to 128 [ 358.331937][ T8008] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.662'. [ 361.002799][ T8016] loop1: detected capacity change from 0 to 128 [ 363.527437][ T8019] loop3: detected capacity change from 0 to 512 [ 363.601882][ T8019] EXT4-fs: Ignoring removed oldalloc option [ 363.707407][ T8019] EXT4-fs (loop3): 1 truncate cleaned up [ 363.714474][ T8023] loop0: detected capacity change from 0 to 512 [ 363.750451][ T8019] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 363.792137][ T8023] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 363.895594][ T8023] EXT4-fs (loop0): 1 truncate cleaned up [ 363.966409][ T8023] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 364.194941][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 364.257648][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 364.439216][ T8031] loop2: detected capacity change from 0 to 128 [ 364.923365][ T8032] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.670'. [ 364.935588][ T8031] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.670'. [ 366.682744][ T8039] syz.0.673: attempt to access beyond end of device [ 366.682744][ T8039] loop1: rw=0, sector=0, nr_sectors = 1 limit=0 [ 366.761171][ T8039] FAT-fs (loop1): unable to read boot sector [ 367.429232][ T8051] loop0: detected capacity change from 0 to 512 [ 367.437282][ T8051] EXT4-fs: Ignoring removed oldalloc option [ 367.456937][ T8051] EXT4-fs (loop0): 1 truncate cleaned up [ 367.482258][ T8051] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 367.593476][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 367.831274][ T8058] loop2: detected capacity change from 0 to 128 [ 368.171047][ T8059] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.681'. [ 368.370456][ T8061] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.679'. [ 368.410716][ T8058] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.679'. [ 370.757593][ T8067] loop1: detected capacity change from 0 to 512 [ 370.983544][ T8067] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 371.040835][ T8067] ext4 filesystem being mounted at /178/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 371.200824][ T12] kworker/u4:1: attempt to access beyond end of device [ 371.200824][ T12] loop2: rw=1, sector=145, nr_sectors = 896 limit=128 [ 371.392036][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 371.595129][ T8083] loop0: detected capacity change from 0 to 128 [ 372.154345][ T8084] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.687'. [ 372.165514][ T8083] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.687'. [ 373.031156][ T8088] loop3: detected capacity change from 0 to 128 [ 374.103068][ T8088] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.691'. [ 375.264468][ T8117] loop3: detected capacity change from 0 to 128 [ 377.552039][ T8120] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.699'. [ 377.563043][ T8119] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.699'. [ 379.112779][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.119215][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.583159][ T12] kworker/u4:1: attempt to access beyond end of device [ 379.583159][ T12] loop3: rw=1, sector=145, nr_sectors = 896 limit=128 [ 379.948084][ T8139] syz.1.703: attempt to access beyond end of device [ 379.948084][ T8139] loop3: rw=0, sector=0, nr_sectors = 1 limit=0 [ 379.980609][ T8139] FAT-fs (loop3): unable to read boot sector [ 380.120786][ T8139] netlink: 'syz.1.703': attribute type 10 has an invalid length. [ 380.256357][ T8139] team0: Device wg1 is of different type [ 380.597262][ T8149] loop3: detected capacity change from 0 to 128 [ 382.165787][ T8150] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.705'. [ 382.175876][ T8149] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.705'. [ 384.999210][ T48] kworker/u4:3: attempt to access beyond end of device [ 384.999210][ T48] loop3: rw=1, sector=145, nr_sectors = 896 limit=128 [ 385.416918][ T8167] loop3: detected capacity change from 0 to 512 [ 385.431900][ T8167] EXT4-fs: Ignoring removed oldalloc option [ 385.464524][ T8167] EXT4-fs (loop3): 1 truncate cleaned up [ 385.482225][ T8167] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 385.636205][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 385.685437][ T8173] loop1: detected capacity change from 0 to 1024 [ 385.701888][ T8173] EXT4-fs: Ignoring removed oldalloc option [ 385.708080][ T8173] EXT4-fs: Ignoring removed bh option [ 385.727031][ T8173] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 385.807950][ T8173] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 385.877628][ T28] audit: type=1800 audit(1773863626.593:174): pid=8173 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.713" name="bus" dev="loop1" ino=18 res=0 errno=0 [ 386.009018][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 386.614485][ T8201] loop3: detected capacity change from 0 to 128 [ 386.804707][ T8202] loop2: detected capacity change from 0 to 512 [ 387.532566][ T8202] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 388.328814][ T8202] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 389.991625][ T8202] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 390.039208][ T8202] System zones: 0-2, 18-18, 34-35 [ 390.052634][ T8202] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 390.100746][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 390.530107][ T8209] loop2: detected capacity change from 0 to 512 [ 390.551668][ T8209] EXT4-fs: Ignoring removed oldalloc option [ 390.596211][ T8209] EXT4-fs (loop2): 1 truncate cleaned up [ 390.616863][ T8211] loop1: detected capacity change from 0 to 1024 [ 390.655074][ T8209] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 390.701499][ T8211] EXT4-fs: Ignoring removed oldalloc option [ 390.707461][ T8211] EXT4-fs: Ignoring removed bh option [ 390.888431][ T8211] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 391.252411][ T8211] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 391.319791][ T28] audit: type=1800 audit(1773863632.043:175): pid=8211 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.726" name="bus" dev="loop1" ino=18 res=0 errno=0 [ 391.385232][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 391.432193][ T8221] netlink: 32 bytes leftover after parsing attributes in process `syz.3.727'. [ 391.494628][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 391.779125][ T8228] netlink: 28 bytes leftover after parsing attributes in process `syz.0.730'. [ 391.863181][ T8230] loop2: detected capacity change from 0 to 2048 [ 391.901466][ T8230] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 391.965271][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 392.307116][ T8239] loop2: detected capacity change from 0 to 128 [ 394.406452][ T8244] loop0: detected capacity change from 0 to 512 [ 394.925117][ T8244] EXT4-fs: Ignoring removed oldalloc option [ 395.090070][ T8244] EXT4-fs (loop0): 1 truncate cleaned up [ 395.153012][ T8244] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 395.167732][ T8249] loop3: detected capacity change from 0 to 1024 [ 395.212834][ T8249] EXT4-fs: Ignoring removed oldalloc option [ 395.219659][ T8249] EXT4-fs: Ignoring removed bh option [ 395.317299][ T8249] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 395.462183][ T8249] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 395.544843][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 395.595639][ T28] audit: type=1800 audit(1773863636.323:176): pid=8249 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.737" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 395.690740][ T5815] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 395.822733][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 395.886262][ T5815] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 395.898418][ T5815] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 395.931979][ T5815] usb 3-1: Product: syz [ 395.953641][ T5815] usb 3-1: Manufacturer: syz [ 395.968708][ T5815] usb 3-1: SerialNumber: syz [ 396.205980][ T8262] loop3: detected capacity change from 0 to 2048 [ 396.229548][ T8265] netlink: 20 bytes leftover after parsing attributes in process `syz.0.742'. [ 396.255834][ T5815] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32 [ 396.298077][ T8262] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 396.366224][ T5815] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32 [ 396.495381][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 397.235265][ T5815] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x0000011c. ret = -32 [ 397.301096][ T5815] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 397.335648][ T5815] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 397.364381][ T5815] lan78xx: probe of 3-1:1.0 failed with error -32 [ 397.802189][ T5815] usb 3-1: USB disconnect, device number 11 [ 397.874708][ T8279] loop3: detected capacity change from 0 to 512 [ 397.894067][ T8279] EXT4-fs: Ignoring removed oldalloc option [ 398.107423][ T8279] EXT4-fs (loop3): 1 truncate cleaned up [ 398.121645][ T8279] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 398.189949][ T8285] loop0: detected capacity change from 0 to 128 [ 400.817772][ T8288] loop2: detected capacity change from 0 to 1024 [ 401.221774][ T8288] EXT4-fs: Ignoring removed oldalloc option [ 401.228065][ T8288] EXT4-fs: Ignoring removed bh option [ 401.311734][ T8288] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 401.368356][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 401.429217][ T8288] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 401.563006][ T28] audit: type=1800 audit(1773863642.283:177): pid=8288 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.749" name="bus" dev="loop2" ino=18 res=0 errno=0 [ 401.713913][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 401.724949][ T8297] loop0: detected capacity change from 0 to 128 [ 401.833939][ T8299] syzkaller0: entered promiscuous mode [ 401.839527][ T8299] syzkaller0: entered allmulticast mode [ 401.915514][ T8299] netlink: 44 bytes leftover after parsing attributes in process `syz.1.753'. [ 402.009688][ T8302] loop2: detected capacity change from 0 to 128 [ 402.053612][ T8302] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 402.135639][ T8302] ext4 filesystem being mounted at /184/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 402.404835][ T5771] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 402.962939][ T8318] loop0: detected capacity change from 0 to 128 [ 406.085748][ T8334] netlink: 44 bytes leftover after parsing attributes in process `syz.1.765'. [ 406.197104][ T8337] loop2: detected capacity change from 0 to 128 [ 406.253354][ T8337] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 406.269135][ T8337] ext4 filesystem being mounted at /187/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 406.664857][ T5771] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 406.901554][ T8347] netlink: 'syz.1.769': attribute type 4 has an invalid length. [ 407.590399][ T8359] loop0: detected capacity change from 0 to 1024 [ 407.661616][ T8360] loop2: detected capacity change from 0 to 128 [ 409.910083][ T8359] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 411.207939][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 411.625126][ T8370] loop2: detected capacity change from 0 to 128 [ 411.766567][ T8370] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 411.841174][ T8370] ext4 filesystem being mounted at /190/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 412.041421][ T8380] netlink: 'syz.0.779': attribute type 4 has an invalid length. [ 412.296754][ T8386] loop3: detected capacity change from 0 to 512 [ 412.307834][ T8386] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 412.352832][ T8386] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 412.613533][ T8390] loop0: detected capacity change from 0 to 128 [ 413.113542][ T8390] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.782'. [ 413.124708][ T8391] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.782'. [ 413.411944][ T5771] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 413.741095][ T8386] EXT4-fs error (device loop3): ext4_empty_dir:3139: inode #12: comm syz.3.783: Directory block failed checksum [ 415.414180][ T8397] loop1: detected capacity change from 0 to 128 [ 415.983345][ T8397] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.784'. [ 416.585553][ T7603] kworker/u4:14: attempt to access beyond end of device [ 416.585553][ T7603] loop0: rw=1, sector=145, nr_sectors = 896 limit=128 [ 417.398859][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 418.179672][ T1321] kworker/u4:8: attempt to access beyond end of device [ 418.179672][ T1321] loop1: rw=1, sector=145, nr_sectors = 896 limit=128 [ 418.842547][ T8416] xt_hashlimit: max too large, truncated to 1048576 [ 418.959072][ T8430] loop0: detected capacity change from 0 to 128 [ 419.213801][ T8430] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.796'. [ 420.864021][ T8443] loop2: detected capacity change from 0 to 128 [ 421.457278][ T8443] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.801'. [ 423.408475][ T8449] capability: warning: `syz.1.804' uses deprecated v2 capabilities in a way that may be insecure [ 423.624844][ T8452] loop3: detected capacity change from 0 to 1024 [ 423.692184][ T8452] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869) [ 423.766256][ T8452] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 423.840839][ T8452] EXT4-fs error (device loop3): ext4_get_journal_inode:5816: comm syz.3.805: inode #4294967295: comm syz.3.805: iget: illegal inode # [ 423.917976][ T8452] EXT4-fs (loop3): no journal found [ 423.929335][ T6220] kworker/u4:11: attempt to access beyond end of device [ 423.929335][ T6220] loop2: rw=1, sector=145, nr_sectors = 896 limit=128 [ 423.950688][ T8452] EXT4-fs (loop3): can't get journal size [ 423.971399][ T8452] EXT4-fs (loop3): failed to initialize system zone (-22) [ 424.025533][ T8452] EXT4-fs (loop3): mount failed [ 424.189273][ T8465] loop0: detected capacity change from 0 to 164 [ 424.321803][ T8465] netlink: 4 bytes leftover after parsing attributes in process `syz.0.811'. [ 424.348940][ T8465] dummy0: entered promiscuous mode [ 424.359269][ T8465] macvtap1: entered promiscuous mode [ 424.379007][ T8465] macvtap1: entered allmulticast mode [ 424.518662][ T8465] dummy0: entered allmulticast mode [ 424.604639][ T8468] netlink: 4 bytes leftover after parsing attributes in process `syz.0.811'. [ 424.710819][ T8468] dummy0: left allmulticast mode [ 425.006562][ T8468] dummy0: left promiscuous mode [ 425.392295][ T8468] macvtap1: left promiscuous mode [ 425.398037][ T8468] macvtap1: left allmulticast mode [ 425.672648][ T8480] xt_hashlimit: max too large, truncated to 1048576 [ 426.147164][ T8492] loop1: detected capacity change from 0 to 128 [ 426.648007][ T8492] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.818'. [ 428.929700][ T8500] tipc: Enabled bearer , priority 0 [ 428.987181][ T8498] netlink: 44 bytes leftover after parsing attributes in process `syz.0.823'. [ 429.053574][ T8500] tipc: Resetting bearer [ 429.190956][ T8496] tipc: Disabling bearer [ 429.317738][ T1321] kworker/u4:8: attempt to access beyond end of device [ 429.317738][ T1321] loop1: rw=1, sector=145, nr_sectors = 896 limit=128 [ 429.803247][ T8521] netlink: 'syz.3.834': attribute type 1 has an invalid length. [ 429.830607][ T8521] netlink: 'syz.3.834': attribute type 2 has an invalid length. [ 429.960637][ T8525] loop1: detected capacity change from 0 to 128 [ 430.153476][ T8525] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.828'. [ 432.108004][ T8531] netlink: 8 bytes leftover after parsing attributes in process `syz.0.836'. [ 432.665846][ T8534] loop3: detected capacity change from 0 to 128 [ 437.623504][ T8557] loop3: detected capacity change from 0 to 512 [ 437.642161][ T8557] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 437.735046][ T8557] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 437.870324][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 438.237931][ T8572] netlink: 8 bytes leftover after parsing attributes in process `syz.1.855'. [ 438.519065][ T8582] loop1: detected capacity change from 0 to 512 [ 438.544471][ T8582] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 438.607677][ T8584] loop2: detected capacity change from 0 to 128 [ 440.327755][ T8582] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 440.553749][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.560247][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 441.136626][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 441.479796][ T1321] kworker/u4:8: attempt to access beyond end of device [ 441.479796][ T1321] loop2: rw=1, sector=145, nr_sectors = 896 limit=128 [ 442.059671][ T8612] loop2: detected capacity change from 0 to 512 [ 442.074965][ T8612] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 442.146180][ T8612] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 442.228772][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 443.037380][ T8630] loop1: detected capacity change from 0 to 128 [ 445.217318][ T8] libceph: connect (1)[c::]:6789 error -101 [ 445.278546][ T8636] ceph: No mds server is up or the cluster is laggy [ 445.395587][ T8] libceph: mon0 (1)[c::]:6789 connect error [ 446.388592][ T8644] loop0: detected capacity change from 0 to 2048 [ 446.555448][ T8647] loop3: detected capacity change from 0 to 128 [ 447.340730][ T8644] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 448.348593][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 448.608286][ T8653] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.877'. [ 448.842652][ T61] kworker/u4:4: attempt to access beyond end of device [ 448.842652][ T61] loop1: rw=1, sector=145, nr_sectors = 896 limit=128 [ 449.029299][ T8668] loop2: detected capacity change from 0 to 128 [ 449.239475][ T8668] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.882'. [ 450.853919][ T23] libceph: connect (1)[c::]:6789 error -101 [ 450.872732][ T23] libceph: mon0 (1)[c::]:6789 connect error [ 451.140009][ T8686] netlink: 48 bytes leftover after parsing attributes in process `syz.0.888'. [ 451.150742][ T23] libceph: connect (1)[c::]:6789 error -101 [ 451.177314][ T23] libceph: mon0 (1)[c::]:6789 connect error [ 451.222022][ T8688] loop2: detected capacity change from 0 to 1024 [ 451.244816][ T8688] EXT4-fs: inline encryption not supported [ 451.259456][ T8688] EXT4-fs: Ignoring removed bh option [ 451.280257][ T8688] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 451.338203][ T8688] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 451.352939][ T8681] ceph: No mds server is up or the cluster is laggy [ 451.538347][ T8688] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4045: comm syz.2.889: Allocating blocks 449-513 which overlap fs metadata [ 451.637853][ T8688] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4045: comm syz.2.889: Allocating blocks 497-513 which overlap fs metadata [ 452.019889][ T8687] EXT4-fs error (device loop2): mb_free_blocks:1952: group 0, inode 18: block 449:freeing already freed block (bit 28); block bitmap corrupt. [ 452.176935][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 452.320115][ T8704] loop3: detected capacity change from 0 to 128 [ 452.537243][ T8705] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.892'. [ 452.548601][ T8704] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.892'. [ 453.362058][ T8709] loop2: detected capacity change from 0 to 1024 [ 454.074079][ T8715] loop1: detected capacity change from 0 to 128 [ 454.636844][ T8715] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.898'. [ 454.887771][ T8709] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 455.040145][ T8709] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4045: comm syz.2.895: Allocating blocks 449-513 which overlap fs metadata [ 455.374324][ T23] libceph: connect (1)[c::]:6789 error -101 [ 455.407428][ T23] libceph: mon0 (1)[c::]:6789 connect error [ 455.507531][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 455.681554][ T23] libceph: connect (1)[c::]:6789 error -101 [ 455.842416][ T8722] ceph: No mds server is up or the cluster is laggy [ 456.214962][ T5785] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 456.644929][ T23] libceph: mon0 (1)[c::]:6789 connect error [ 458.591005][ T5815] libceph: connect (1)[c::]:6789 error -101 [ 458.598251][ T5815] libceph: mon0 (1)[c::]:6789 connect error [ 459.273031][ T8746] loop3: detected capacity change from 0 to 128 [ 459.501234][ T8748] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.904'. [ 461.281390][ T8755] loop0: detected capacity change from 0 to 128 [ 461.497367][ T8756] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.907'. [ 461.508842][ T8755] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.907'. [ 463.429290][ T8767] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 463.669439][ T8767] batadv_slave_0: entered promiscuous mode [ 464.492347][ T5083] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 466.150206][ T23] libceph: connect (1)[c::]:6789 error -101 [ 466.243959][ T8785] ceph: No mds server is up or the cluster is laggy [ 466.308692][ T23] libceph: mon0 (1)[c::]:6789 connect error [ 468.830048][ T8806] loop2: detected capacity change from 0 to 2048 [ 468.951797][ T8806] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 469.213496][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 469.653789][ T8820] loop0: detected capacity change from 0 to 128 [ 470.153433][ T8825] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.921'. [ 470.164654][ T8820] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.921'. [ 470.266290][ T8821] ceph: No mds server is up or the cluster is laggy [ 470.445428][ T9] libceph: connect (1)[c::]:6789 error -101 [ 470.555212][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 472.310335][ T8] libceph: connect (1)[c::]:6789 error -101 [ 472.317703][ T8] libceph: mon0 (1)[c::]:6789 connect error [ 472.789438][ T8842] loop0: detected capacity change from 0 to 128 [ 473.323482][ T8849] loop1: detected capacity change from 0 to 2048 [ 473.413940][ T28] audit: type=1804 audit(1773863714.133:178): pid=8847 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.930" name="/newroot/224/bus/bus" dev="loop0" ino=1048614 res=1 errno=0 [ 473.902556][ T8849] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 474.297018][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 474.437603][ T8859] loop0: detected capacity change from 0 to 1024 [ 474.529072][ T8863] loop2: detected capacity change from 0 to 128 [ 474.630271][ T8859] EXT4-fs: inline encryption not supported [ 475.159330][ T8859] EXT4-fs: Ignoring removed bh option [ 475.192620][ T8864] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.933'. [ 475.204571][ T8863] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.933'. [ 475.604982][ T8859] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 476.395131][ T8859] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 476.653131][ T8859] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4045: comm syz.0.934: Allocating blocks 449-513 which overlap fs metadata [ 477.027784][ T23] libceph: connect (1)[c::]:6789 error -101 [ 477.077393][ T23] libceph: mon0 (1)[c::]:6789 connect error [ 477.237657][ T8872] EXT4-fs (loop0): pa ffff888073b1e9f8: logic 0, phys. 449, len 2 [ 477.246005][ T8872] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5386: group 0, free 0, pa_free 1 [ 477.347608][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 477.399590][ T6289] libceph: connect (1)[c::]:6789 error -101 [ 477.429727][ T6289] libceph: mon0 (1)[c::]:6789 connect error [ 477.518132][ T8873] ceph: No mds server is up or the cluster is laggy [ 477.854493][ T8890] loop1: detected capacity change from 0 to 1024 [ 477.882719][ T8890] EXT4-fs: inline encryption not supported [ 477.961811][ T8890] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 477.995298][ T8890] ext4 filesystem being mounted at /232/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 478.224159][ T61] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm kworker/u4:4: bg 0: block 112: padding at end of block bitmap is not set [ 478.278164][ T61] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 131075 with max blocks 1 with error 28 [ 478.425476][ T61] EXT4-fs (loop1): This should not happen!! Data will be lost [ 478.425476][ T61] [ 478.520802][ T61] EXT4-fs (loop1): Total free blocks count 0 [ 478.542576][ T61] EXT4-fs (loop1): Free/Dirty block details [ 478.548980][ T61] EXT4-fs (loop1): free_blocks=0 [ 478.560266][ T61] EXT4-fs (loop1): dirty_blocks=16 [ 478.575951][ T61] EXT4-fs (loop1): Block reservation details [ 478.590607][ T61] EXT4-fs (loop1): i_reserved_data_blocks=1 [ 478.622342][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 478.692139][ T8897] loop3: detected capacity change from 0 to 2048 [ 478.791811][ T8897] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 479.069710][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 479.085337][ T8901] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -107 0 [ 479.541051][ T8909] loop0: detected capacity change from 0 to 1024 [ 479.599803][ T8909] EXT4-fs: inline encryption not supported [ 479.725463][ T8909] EXT4-fs: Ignoring removed bh option [ 479.770977][ T8909] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 479.815566][ T8909] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 480.214584][ T8909] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4045: comm syz.0.947: Allocating blocks 449-513 which overlap fs metadata [ 480.293031][ T8909] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4045: comm syz.0.947: Allocating blocks 497-513 which overlap fs metadata [ 480.425931][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 480.813399][ T8921] loop1: detected capacity change from 0 to 128 [ 481.541314][ T8925] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.949'. [ 481.552472][ T8921] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.949'. [ 484.830380][ T8944] loop0: detected capacity change from 0 to 1024 [ 484.863014][ T8944] EXT4-fs: inline encryption not supported [ 484.890940][ T8942] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.953'. [ 484.906146][ T8944] EXT4-fs: Ignoring removed bh option [ 484.933163][ T8944] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 484.994259][ T8944] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 485.087289][ T8944] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4045: comm syz.0.958: Allocating blocks 449-513 which overlap fs metadata [ 485.152830][ T8944] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4045: comm syz.0.958: Allocating blocks 497-513 which overlap fs metadata [ 485.405069][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 486.681675][ T8962] loop0: detected capacity change from 0 to 2048 [ 486.741576][ T8962] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 486.990799][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 488.043498][ T8984] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 488.067696][ T8984] batadv_slave_0: entered promiscuous mode [ 489.033322][ T8988] loop2: detected capacity change from 0 to 2048 [ 489.256346][ T8988] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 489.275017][ T8992] syz_tun: entered allmulticast mode [ 489.286819][ T8991] syz_tun: left allmulticast mode [ 489.502332][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 491.690860][ T9024] loop3: detected capacity change from 0 to 2048 [ 491.763940][ T9024] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 491.888990][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 492.249756][ T9038] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 492.885037][ T9039] loop0: detected capacity change from 0 to 128 [ 497.281383][ T9038] batadv_slave_0: entered promiscuous mode [ 497.377366][ T9044] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.988'. [ 498.332173][ T9071] loop2: detected capacity change from 0 to 2048 [ 498.389833][ T9078] loop1: detected capacity change from 0 to 128 [ 499.253453][ T9080] loop3: detected capacity change from 0 to 128 [ 502.814905][ T9084] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.993'. [ 502.851585][ T9083] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.993'. [ 504.391742][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 504.399214][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 504.413646][ T9071] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 504.797376][ T9090] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 504.859147][ T9090] batadv_slave_0: entered promiscuous mode [ 505.517465][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 505.916963][ T9100] loop1: detected capacity change from 0 to 128 [ 506.206032][ T9101] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.999'. [ 506.217256][ T9100] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.999'. [ 507.271225][ T9108] syz.3.1000: attempt to access beyond end of device [ 507.271225][ T9108] loop7: rw=0, sector=0, nr_sectors = 1 limit=0 [ 507.546594][ T9108] FAT-fs (loop7): unable to read boot sector [ 507.844039][ T9113] loop2: detected capacity change from 0 to 128 [ 508.352767][ T9114] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1004'. [ 508.363830][ T9113] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1004'. [ 508.428983][ T7603] kworker/u4:14: attempt to access beyond end of device [ 508.428983][ T7603] loop1: rw=1, sector=145, nr_sectors = 896 limit=128 [ 510.758476][ T9127] loop0: detected capacity change from 0 to 2048 [ 510.855808][ T9127] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 511.021181][ T9136] loop2: detected capacity change from 0 to 128 [ 511.279344][ T9137] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1008'. [ 511.290736][ T9136] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1008'. [ 512.038464][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 512.300713][ T8] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 512.540713][ T8] usb 2-1: Using ep0 maxpacket: 8 [ 512.557878][ T8] usb 2-1: config 179 has an invalid interface number: 65 but max is 0 [ 512.568917][ T9144] loop0: detected capacity change from 0 to 1024 [ 512.580652][ T8] usb 2-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config [ 512.639501][ T8] usb 2-1: config 179 has no interface number 0 [ 512.672656][ T9144] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 512.692792][ T8] usb 2-1: config 179 interface 65 altsetting 12 has 0 endpoint descriptors, different from the interface descriptor's value: 23 [ 512.767880][ T8] usb 2-1: config 179 interface 65 has no altsetting 0 [ 512.804970][ T8] usb 2-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 512.832237][ T9144] EXT4-fs error (device loop0): ext4_empty_dir:3166: inode #11: block 623: comm syz.0.1013: Attempting to read directory block (623) that is past i_size (638464) [ 512.875069][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 512.935415][ T9144] EXT4-fs (loop0): Remounting filesystem read-only [ 513.132318][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 513.187670][ T8] usb 2-1: USB disconnect, device number 11 [ 513.283083][ T11] kworker/u4:0: attempt to access beyond end of device [ 513.283083][ T11] loop2: rw=1, sector=145, nr_sectors = 896 limit=128 [ 514.034149][ T9157] loop2: detected capacity change from 0 to 128 [ 514.283339][ T9157] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1015'. [ 514.300586][ T9159] loop0: detected capacity change from 0 to 128 [ 522.847485][ T9163] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1016'. [ 523.171433][ T9168] loop1: detected capacity change from 0 to 128 [ 523.518178][ T9178] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1021'. [ 523.819979][ T9184] loop2: detected capacity change from 0 to 1024 [ 523.884852][ T9184] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 524.030273][ T9192] netlink: 'syz.1.1025': attribute type 10 has an invalid length. [ 524.039166][ T9184] EXT4-fs error (device loop2): ext4_empty_dir:3166: inode #11: block 623: comm syz.2.1023: Attempting to read directory block (623) that is past i_size (638464) [ 524.085130][ T9184] EXT4-fs (loop2): Remounting filesystem read-only [ 524.115689][ T9192] team0: Device vxcan1 is of different type [ 524.152192][ T9194] loop0: detected capacity change from 0 to 128 [ 524.238048][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 524.321952][ T9195] syz.0.1026: attempt to access beyond end of device [ 524.321952][ T9195] loop0: rw=2049, sector=145, nr_sectors = 264 limit=128 [ 525.000068][ T9204] loop3: detected capacity change from 0 to 128 [ 525.036077][ T9205] loop2: detected capacity change from 0 to 128 [ 530.103778][ T9206] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1028'. [ 536.166849][ T9209] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1027'. [ 536.179682][ T9208] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1027'. [ 536.672026][ T5788] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 536.707514][ T9216] loop2: detected capacity change from 0 to 128 [ 537.211377][ T9229] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1036'. [ 537.402913][ T9238] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1035'. [ 537.815211][ T9246] loop1: detected capacity change from 0 to 128 [ 541.402066][ T9255] loop2: detected capacity change from 0 to 128 [ 545.202925][ T9258] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1041'. [ 545.218706][ T9257] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1041'. [ 545.820822][ T9262] loop3: detected capacity change from 0 to 128 [ 546.665082][ T9278] loop3: detected capacity change from 0 to 512 [ 546.687137][ T9278] EXT4-fs: Ignoring removed nomblk_io_submit option [ 546.725046][ T9281] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1051'. [ 546.801198][ T9278] EXT4-fs error (device loop3): ext4_orphan_get:1398: inode #11: comm syz.3.1052: iget: bad extended attribute block 3153 [ 546.820258][ T9278] EXT4-fs error (device loop3): ext4_orphan_get:1403: comm syz.3.1052: couldn't read orphan inode 11 (err -117) [ 546.846463][ T9278] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 546.897010][ T9286] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1049'. [ 546.973144][ T9278] EXT4-fs error (device loop3): ext4_readdir:263: inode #2: block 13: comm syz.3.1052: path /270/file0: bad entry in directory: directory entry too close to block end - offset=76, inode=16, rec_len=940, size=1024 fake=0 [ 547.215282][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 547.350540][ T9291] loop0: detected capacity change from 0 to 128 [ 548.750360][ T9291] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1053'. [ 550.695866][ T9296] loop1: detected capacity change from 0 to 128 [ 551.548784][ T9309] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1061'. [ 551.745791][ T9312] loop3: detected capacity change from 0 to 128 [ 553.704475][ T9322] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1064'. [ 554.570099][ T9324] loop1: detected capacity change from 0 to 128 [ 559.233978][ T164] kworker/u4:7: attempt to access beyond end of device [ 559.233978][ T164] loop1: rw=1, sector=145, nr_sectors = 896 limit=128 [ 559.414785][ T9341] loop0: detected capacity change from 0 to 128 [ 559.594527][ T9340] syz.2.1067 uses obsolete (PF_INET,SOCK_PACKET) [ 560.072098][ T9343] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1068'. [ 560.323760][ T9350] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1070'. [ 561.446297][ T9360] loop2: detected capacity change from 0 to 128 [ 561.880840][ T9361] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1074'. [ 561.892409][ T9360] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1074'. [ 563.192918][ T9363] A link change request failed with some changes committed already. Interface wg0 may have been left with an inconsistent configuration, please check. [ 563.451357][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.457996][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.489253][ T9365] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 564.056677][ T9373] loop3: detected capacity change from 0 to 128 [ 565.295323][ T9365] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 565.559983][ T9365] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 565.609347][ T9384] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1081'. [ 565.874767][ T9365] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 565.897350][ T9386] loop2: detected capacity change from 0 to 512 [ 565.939266][ T9386] EXT4-fs (loop2): invalid inodes per group: 0 [ 565.939266][ T9386] [ 566.263254][ T9365] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 566.325401][ T9365] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 566.357624][ T9365] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 566.362692][ T6220] kworker/u4:11: attempt to access beyond end of device [ 566.362692][ T6220] loop3: rw=1, sector=145, nr_sectors = 896 limit=128 [ 566.388501][ T9365] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 566.921320][ T9395] loop0: detected capacity change from 0 to 128 [ 567.202602][ T9395] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1084'. [ 568.359363][ T9402] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 569.561428][ T9423] loop0: detected capacity change from 0 to 128 [ 572.294971][ T48] kworker/u4:3: attempt to access beyond end of device [ 572.294971][ T48] loop0: rw=1, sector=145, nr_sectors = 896 limit=128 [ 572.523515][ T9446] loop2: detected capacity change from 0 to 128 [ 573.581079][ T9449] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1097'. [ 573.913872][ T9458] loop3: detected capacity change from 0 to 128 [ 574.683674][ T9458] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1100'. [ 578.238470][ T157] kworker/u4:6: attempt to access beyond end of device [ 578.238470][ T157] loop3: rw=1, sector=145, nr_sectors = 896 limit=128 [ 579.233739][ T9492] loop0: detected capacity change from 0 to 128 [ 580.714195][ T9499] loop2: detected capacity change from 0 to 128 [ 581.703815][ T6220] kworker/u4:11: attempt to access beyond end of device [ 581.703815][ T6220] loop0: rw=1, sector=145, nr_sectors = 896 limit=128 [ 581.771762][ T9502] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1109'. [ 581.782923][ T9501] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1109'. [ 583.358801][ T9507] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1111'. [ 586.812680][ T9519] loop0: detected capacity change from 0 to 8192 [ 587.887387][ T9544] loop0: detected capacity change from 0 to 128 [ 589.012519][ T9546] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1122'. [ 595.725153][ T9550] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1120'. [ 598.177095][ T9585] loop3: detected capacity change from 0 to 4096 [ 598.313710][ T9585] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 598.499811][ T9594] loop1: detected capacity change from 0 to 128 [ 599.035432][ T9595] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1134'. [ 599.046934][ T9594] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1134'. [ 600.694092][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 601.502298][ T9600] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1135'. [ 604.871706][ T9611] netlink: 1752 bytes leftover after parsing attributes in process `syz.3.1139'. [ 605.543220][ T9630] loop0: detected capacity change from 0 to 4096 [ 605.591796][ T9630] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 605.835858][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 605.878572][ T9638] loop2: detected capacity change from 0 to 128 [ 605.916698][ T9638] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1146'. [ 607.080056][ T9646] netlink: 1752 bytes leftover after parsing attributes in process `syz.1.1149'. [ 608.141624][ T7603] kworker/u4:14: attempt to access beyond end of device [ 608.141624][ T7603] loop2: rw=1, sector=145, nr_sectors = 896 limit=128 [ 608.740667][ T9672] loop0: detected capacity change from 0 to 4096 [ 608.846989][ T9673] lo speed is unknown, defaulting to 1000 [ 608.855719][ T9673] lo speed is unknown, defaulting to 1000 [ 608.880769][ T9673] lo speed is unknown, defaulting to 1000 [ 608.924618][ T9673] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 608.997006][ T9673] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 609.173245][ T9674] TCP: tcp_parse_options: Illegal window scaling value 150 > 14 received [ 609.339205][ T9675] loop3: detected capacity change from 0 to 512 [ 609.543381][ T9672] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 609.754498][ T9673] lo speed is unknown, defaulting to 1000 [ 609.763136][ T9673] lo speed is unknown, defaulting to 1000 [ 609.770596][ T9673] lo speed is unknown, defaulting to 1000 [ 609.778130][ T9673] lo speed is unknown, defaulting to 1000 [ 609.831467][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 610.169729][ T9688] netlink: 1752 bytes leftover after parsing attributes in process `syz.3.1159'. [ 611.783943][ T9702] loop1: detected capacity change from 0 to 1024 [ 611.837557][ T9702] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 611.918154][ T9702] ================================================================== [ 611.926316][ T9702] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x94b/0x1e90 [ 611.934139][ T9702] Read of size 18446744073709551588 at addr ffff88807b411840 by task syz.1.1164/9702 [ 611.943732][ T9702] [ 611.946149][ T9702] CPU: 0 PID: 9702 Comm: syz.1.1164 Not tainted syzkaller #0 [ 611.953574][ T9702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 611.960847][ T9706] loop2: detected capacity change from 0 to 4096 [ 611.963671][ T9702] Call Trace: [ 611.973388][ T9702] [ 611.976366][ T9702] dump_stack_lvl+0x18c/0x250 [ 611.981118][ T9702] ? read_lock_is_recursive+0x20/0x20 [ 611.986568][ T9702] ? show_regs_print_info+0x20/0x20 [ 611.991872][ T9702] ? load_image+0x400/0x400 [ 611.996530][ T9702] ? _raw_spin_lock_irqsave+0xc0/0x100 [ 612.002062][ T9702] ? __virt_addr_valid+0x18c/0x540 [ 612.007305][ T9702] ? __virt_addr_valid+0x469/0x540 [ 612.012726][ T9702] print_report+0xa8/0x210 [ 612.017322][ T9702] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 612.023124][ T9702] kasan_report+0x117/0x150 [ 612.027773][ T9702] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 612.033297][ T9702] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 612.039021][ T9702] kasan_check_range+0x241/0x290 [ 612.044012][ T9702] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 612.049617][ T9702] __asan_memmove+0x29/0x70 [ 612.054329][ T9702] ext4_xattr_set_entry+0x94b/0x1e90 [ 612.059666][ T9702] ext4_xattr_block_set+0xae8/0x32b0 [ 612.065050][ T9702] ? ext4_destroy_inode+0x200/0x200 [ 612.070747][ T9702] ? proc_nr_inodes+0x230/0x230 [ 612.076078][ T9702] ? do_raw_spin_unlock+0x121/0x230 [ 612.081310][ T9702] ? _raw_spin_unlock+0x28/0x40 [ 612.086194][ T9702] ? ext4_xattr_block_find+0x350/0x350 [ 612.092040][ T9702] ? ext4_xattr_ibody_set+0x50d/0x6a0 [ 612.097543][ T9702] ext4_xattr_set_handle+0xe2e/0x14c0 [ 612.103010][ T9702] ? ext4_xattr_inode_free_quota+0x1b0/0x1b0 [ 612.109064][ T9702] ? __ext4_journal_start_sb+0x259/0x560 [ 612.114765][ T9702] ext4_xattr_set+0x252/0x340 [ 612.119674][ T9702] ? ext4_xattr_set_credits+0x2f0/0x2f0 [ 612.125268][ T9702] ? evm_protected_xattr_common+0x170/0x190 [ 612.131284][ T9702] ? ext4_xattr_security_get+0x40/0x40 [ 612.136799][ T9702] __vfs_setxattr+0x431/0x470 [ 612.141747][ T9702] __vfs_setxattr_noperm+0x12d/0x5e0 [ 612.147080][ T9702] vfs_setxattr+0x16b/0x2f0 [ 612.151625][ T9702] ? xattr_permission+0x470/0x470 [ 612.156853][ T9702] ? __mnt_want_write+0x223/0x2a0 [ 612.162007][ T9702] ? path_setxattr+0x3a1/0x5d0 [ 612.166812][ T9702] path_setxattr+0x3f3/0x5d0 [ 612.171618][ T9702] ? simple_xattrs_free+0x150/0x150 [ 612.176863][ T9702] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 612.183120][ T9702] ? lock_chain_count+0x20/0x20 [ 612.188108][ T9702] __x64_sys_setxattr+0xbb/0xd0 [ 612.193118][ T9702] do_syscall_64+0x55/0xa0 [ 612.197775][ T9702] ? clear_bhb_loop+0x40/0x90 [ 612.202501][ T9702] ? clear_bhb_loop+0x40/0x90 [ 612.207303][ T9702] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 612.213319][ T9702] RIP: 0033:0x7f6965d9c799 [ 612.217778][ T9702] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 612.238392][ T9702] RSP: 002b:00007f6966be1028 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 612.247044][ T9702] RAX: ffffffffffffffda RBX: 00007f6966015fa0 RCX: 00007f6965d9c799 [ 612.255060][ T9702] RDX: 00002000000013c0 RSI: 0000200000000140 RDI: 0000200000000100 [ 612.263061][ T9702] RBP: 00007f6965e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 612.271062][ T9702] R10: 0000000000000700 R11: 0000000000000246 R12: 0000000000000000 [ 612.279080][ T9702] R13: 00007f6966016038 R14: 00007f6966015fa0 R15: 00007fff6c355698 [ 612.287097][ T9702] [ 612.290315][ T9702] [ 612.292662][ T9702] Allocated by task 9702: [ 612.297028][ T9702] kasan_set_track+0x4e/0x70 [ 612.301981][ T9702] __kasan_kmalloc+0x8f/0xa0 [ 612.306716][ T9702] __kmalloc_node_track_caller+0xb2/0x230 [ 612.312592][ T9702] kmemdup+0x2b/0x70 [ 612.316536][ T9702] ext4_xattr_block_set+0x9ea/0x32b0 [ 612.322044][ T9702] ext4_xattr_set_handle+0xe2e/0x14c0 [ 612.327472][ T9702] ext4_xattr_set+0x252/0x340 [ 612.332208][ T9702] __vfs_setxattr+0x431/0x470 [ 612.337033][ T9702] __vfs_setxattr_noperm+0x12d/0x5e0 [ 612.342481][ T9702] vfs_setxattr+0x16b/0x2f0 [ 612.347012][ T9702] path_setxattr+0x3f3/0x5d0 [ 612.351639][ T9702] __x64_sys_setxattr+0xbb/0xd0 [ 612.356518][ T9702] do_syscall_64+0x55/0xa0 [ 612.361061][ T9702] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 612.366984][ T9702] [ 612.369324][ T9702] The buggy address belongs to the object at ffff88807b411800 [ 612.369324][ T9702] which belongs to the cache kmalloc-1k of size 1024 [ 612.383434][ T9702] The buggy address is located 64 bytes inside of [ 612.383434][ T9702] 1024-byte region [ffff88807b411800, ffff88807b411c00) [ 612.396827][ T9702] [ 612.399185][ T9702] The buggy address belongs to the physical page: [ 612.405708][ T9702] page:ffffea0001ed0400 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7b410 [ 612.415993][ T9702] head:ffffea0001ed0400 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 612.425141][ T9702] anon flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 612.433620][ T9702] page_type: 0xffffffff() [ 612.438212][ T9702] raw: 00fff00000000840 ffff888017c41dc0 0000000000000000 dead000000000001 [ 612.446875][ T9702] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 612.455573][ T9702] page dumped because: kasan: bad access detected [ 612.462018][ T9702] page_owner tracks the page as allocated [ 612.467752][ T9702] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 5817, tgid 5817 (kworker/0:5), ts 319428126221, free_ts 319199538978 [ 612.490096][ T9702] post_alloc_hook+0x1c1/0x200 [ 612.494909][ T9702] get_page_from_freelist+0x1951/0x19e0 [ 612.500484][ T9702] __alloc_pages+0x1f0/0x460 [ 612.505265][ T9702] alloc_slab_page+0x5d/0x160 [ 612.509961][ T9702] new_slab+0x87/0x2d0 [ 612.514067][ T9702] ___slab_alloc+0xc5d/0x12f0 [ 612.518787][ T9702] __kmem_cache_alloc_node+0x19e/0x250 [ 612.524277][ T9702] __kmalloc_node_track_caller+0xa2/0x230 [ 612.530053][ T9702] kmalloc_reserve+0x116/0x240 [ 612.534862][ T9702] pskb_expand_head+0x185/0x1230 [ 612.539921][ T9702] skb_expand_head+0x1ad/0x380 [ 612.544706][ T9702] ip6_finish_output2+0x12dd/0x1630 [ 612.549928][ T9702] udp_tunnel6_xmit_skb+0x53e/0x970 [ 612.555157][ T9702] send6+0x5ea/0x920 [ 612.559158][ T9702] wg_socket_send_skb_to_peer+0x111/0x1c0 [ 612.564945][ T9702] wg_packet_tx_worker+0x1c8/0x7c0 [ 612.570141][ T9702] page last free stack trace: [ 612.575097][ T9702] free_unref_page_prepare+0x7b2/0x8c0 [ 612.580630][ T9702] free_unref_page+0x32/0x2e0 [ 612.585376][ T9702] __unfreeze_partials+0x1cf/0x210 [ 612.590530][ T9702] put_cpu_partial+0x17c/0x250 [ 612.595424][ T9702] __slab_free+0x319/0x400 [ 612.600063][ T9702] qlist_free_all+0x75/0xd0 [ 612.604608][ T9702] kasan_quarantine_reduce+0x143/0x160 [ 612.610108][ T9702] __kasan_slab_alloc+0x22/0x80 [ 612.615032][ T9702] slab_post_alloc_hook+0x6e/0x4b0 [ 612.620192][ T9702] kmem_cache_alloc+0x11a/0x2d0 [ 612.625170][ T9702] getname_flags+0xbb/0x500 [ 612.629727][ T9702] user_path_at_empty+0x2c/0x60 [ 612.634651][ T9702] do_faccessat+0x5b4/0xd00 [ 612.639407][ T9702] do_syscall_64+0x55/0xa0 [ 612.644160][ T9702] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 612.650270][ T9702] [ 612.652636][ T9702] Memory state around the buggy address: [ 612.658390][ T9702] ffff88807b411700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 612.666580][ T9702] ffff88807b411780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 612.674771][ T9702] >ffff88807b411800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 612.682870][ T9702] ^ [ 612.689050][ T9702] ffff88807b411880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 612.697263][ T9702] ffff88807b411900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 612.705620][ T9702] ================================================================== [ 612.741594][ T9704] rose0: tun_chr_ioctl cmd 2147767507 [ 612.771640][ T9704] loop0: detected capacity change from 0 to 512 [ 612.839332][ T9706] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 612.853040][ T9704] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 612.886647][ T9702] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 612.893930][ T9702] CPU: 0 PID: 9702 Comm: syz.1.1164 Not tainted syzkaller #0 [ 612.897747][ T9704] ext4 filesystem being mounted at /282/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 612.912079][ T9702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 612.922182][ T9702] Call Trace: [ 612.925508][ T9702] [ 612.928565][ T9702] dump_stack_lvl+0x18c/0x250 [ 612.933400][ T9702] ? show_regs_print_info+0x20/0x20 [ 612.938669][ T9702] ? load_image+0x400/0x400 [ 612.943337][ T9702] panic+0x2dc/0x730 [ 612.947294][ T9702] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 612.953684][ T9702] ? bpf_jit_dump+0xd0/0xd0 [ 612.958255][ T9702] ? _raw_spin_unlock_irqrestore+0x111/0x120 [ 612.964308][ T9702] ? _raw_spin_unlock+0x40/0x40 [ 612.969221][ T9702] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 612.974751][ T9702] check_panic_on_warn+0x84/0xa0 [ 612.979845][ T9702] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 612.985368][ T9702] end_report+0x6f/0x130 [ 612.989665][ T9702] kasan_report+0x128/0x150 [ 612.994231][ T9702] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 612.999751][ T9702] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 613.005366][ T9702] kasan_check_range+0x241/0x290 [ 613.010632][ T9702] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 613.016257][ T9702] __asan_memmove+0x29/0x70 [ 613.020857][ T9702] ext4_xattr_set_entry+0x94b/0x1e90 [ 613.026231][ T9702] ext4_xattr_block_set+0xae8/0x32b0 [ 613.031606][ T9702] ? ext4_destroy_inode+0x200/0x200 [ 613.037325][ T9702] ? proc_nr_inodes+0x230/0x230 [ 613.042330][ T9702] ? do_raw_spin_unlock+0x121/0x230 [ 613.047597][ T9702] ? _raw_spin_unlock+0x28/0x40 [ 613.052596][ T9702] ? ext4_xattr_block_find+0x350/0x350 [ 613.058129][ T9702] ? ext4_xattr_ibody_set+0x50d/0x6a0 [ 613.063673][ T9702] ext4_xattr_set_handle+0xe2e/0x14c0 [ 613.069308][ T9702] ? ext4_xattr_inode_free_quota+0x1b0/0x1b0 [ 613.075353][ T9702] ? __ext4_journal_start_sb+0x259/0x560 [ 613.081135][ T9702] ext4_xattr_set+0x252/0x340 [ 613.085889][ T9702] ? ext4_xattr_set_credits+0x2f0/0x2f0 [ 613.091593][ T9702] ? evm_protected_xattr_common+0x170/0x190 [ 613.097749][ T9702] ? ext4_xattr_security_get+0x40/0x40 [ 613.103452][ T9702] __vfs_setxattr+0x431/0x470 [ 613.108192][ T9702] __vfs_setxattr_noperm+0x12d/0x5e0 [ 613.113552][ T9702] vfs_setxattr+0x16b/0x2f0 [ 613.118118][ T9702] ? xattr_permission+0x470/0x470 [ 613.123200][ T9702] ? __mnt_want_write+0x223/0x2a0 [ 613.128283][ T9702] ? path_setxattr+0x3a1/0x5d0 [ 613.133487][ T9702] path_setxattr+0x3f3/0x5d0 [ 613.138170][ T9702] ? simple_xattrs_free+0x150/0x150 [ 613.143476][ T9702] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 613.149703][ T9702] ? lock_chain_count+0x20/0x20 [ 613.154783][ T9702] __x64_sys_setxattr+0xbb/0xd0 [ 613.159803][ T9702] do_syscall_64+0x55/0xa0 [ 613.164310][ T9702] ? clear_bhb_loop+0x40/0x90 [ 613.169135][ T9702] ? clear_bhb_loop+0x40/0x90 [ 613.173898][ T9702] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 613.180206][ T9702] RIP: 0033:0x7f6965d9c799 [ 613.184863][ T9702] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 613.204787][ T9702] RSP: 002b:00007f6966be1028 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 613.213482][ T9702] RAX: ffffffffffffffda RBX: 00007f6966015fa0 RCX: 00007f6965d9c799 [ 613.221684][ T9702] RDX: 00002000000013c0 RSI: 0000200000000140 RDI: 0000200000000100 [ 613.229712][ T9702] RBP: 00007f6965e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 613.237834][ T9702] R10: 0000000000000700 R11: 0000000000000246 R12: 0000000000000000 [ 613.246296][ T9702] R13: 00007f6966016038 R14: 00007f6966015fa0 R15: 00007fff6c355698 [ 613.254339][ T9702] [ 613.258006][ T9702] Kernel Offset: disabled [ 613.262359][ T9702] Rebooting in 86400 seconds..