last executing test programs: 15m50.832151705s ago: executing program 32 (id=95): r0 = socket$nl_generic(0x11, 0x3, 0x10) r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) write$P9_RVERSION(r1, 0x0, 0x13) syz_emit_ethernet(0x2a, &(0x7f0000000000)={@link_local, @random="0000fc00", @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x16, 0x7c, 0x0, @dev={0xac, 0x14, 0x14, 0x30}}}}}}, 0x0) sendmsg(r0, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x36}], 0x2, 0x0, 0x0, 0x11000000}, 0x0) 15m48.120762266s ago: executing program 33 (id=52): mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0) r0 = open$dir(&(0x7f0000000140)='./file0\x00', 0x2, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)={0x30000009}) close(r1) 14m58.660395438s ago: executing program 34 (id=212): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2d}}, 0x7}, 0x1c) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c) sendmmsg$inet(r0, &(0x7f00000038c0)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)="8b", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000004c0)="cce6", 0x2}], 0x1}}], 0x2, 0x4001) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ff2000/0xd000)=nil, 0xd000, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0}, &(0x7f0000000240)=0x3b) 11m58.563704092s ago: executing program 35 (id=751): mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x80001) r1 = epoll_create(0x5) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000340)={0x80002015}) epoll_pwait(r1, &(0x7f0000000000), 0x4, 0x405, 0x0, 0x8498096d303683b) 10m14.713437796s ago: executing program 36 (id=1105): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000bd02c440560831ac1e93010203010902120081000000000904"], 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000500)={0x24, &(0x7f0000000240)={0x0, 0xb, 0x2, "e251"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 9m0.59837662s ago: executing program 4 (id=1380): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)=@newqdisc={0x5c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, {0x0, 0xb}, {0xffff, 0xffff}, {0x1}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x2c, 0x2, {{0x3, 0x3, 0x6361, 0x7, 0xffffffff, 0x3}, [@TCA_NETEM_CORR={0x10, 0x1, {0x4, 0x9, 0x100}}]}}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) sendto$packet(r2, &(0x7f00000005c0)="bad330fbc9b55400040000ea0756", 0xe, 0x40, &(0x7f00000001c0)={0x11, 0x8100, r1, 0x1, 0xd8, 0x6, @random="2abcd265829d"}, 0x14) 8m59.798705241s ago: executing program 4 (id=1383): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x22051, r0, 0x0) mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) mremap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f0000001000/0x4000)=nil) 8m59.027026389s ago: executing program 4 (id=1387): socket$kcm(0x11, 0xa, 0x300) r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000040)=0x2, 0x4) bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c) syz_emit_ethernet(0x47, &(0x7f0000000100)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1b}, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, '\x00', 0x11, 0x11, 0x0, @empty, @mcast2, {[], {0x4000, 0xe22, 0x11, 0x0, @gue={{0x2, 0x1, 0x1, 0x9}, '\t'}}}}}}}, 0x0) 8m58.276831179s ago: executing program 4 (id=1391): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140)) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) mount$bind(&(0x7f0000000200)='.\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x2125099, 0x0) umount2(&(0x7f00000002c0)='./file0\x00', 0x9) 8m57.365783201s ago: executing program 4 (id=1395): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x10000, &(0x7f0000000680)={[{@errors_continue}, {@delalloc}, {@data_err_ignore}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@data_err_ignore}, {@nojournal_checksum}]}, 0x1, 0x4ef, &(0x7f0000000180)="$eJzs3M9vFdUeAPDv3PbSAo9HH49HAg+1gMbGxBYKCgs3mJi40MSIC1k2bSGVCxjahZBGLonBNYl7w9K408StLo0r/wBcuDAxJETZAG68Zu6dub29P3p7S2nT3s8nGThn5sycc2bmzD0zpzMB9K3R9J8k4l8RcS8i9taiyxOM1v57/HBx+snDxekoVyrn/kiq6R6l8Uy+3u4sMlaIKHyWNG7wbh6Yv37j0lSpNHstytX4xMLljyfmr994de7y1MXZi7NXJs+cOXXyxOnXJ19rLvJw10olrbPSej069OnVwwffPn/n3enB5o011qOjfK0/y12TRr5vO3ipcXvbwJ6GcNJar5sbWhhWbTg7DYtp+18sHT1fm520a0PA9lKpVCpDnReXK81utcwBtqwkNrsEwObIf+jT+998qs0pbkT3Y9M9OFu7AXr0cLFyM2L6cb3+g1HI0hSb7m9TK/SZejIaER+W//oynWKl5xC/rlOGAEDf++Fs1g1Moqn/V4gDDen+nY2hjETEfyJiX0T8NyL2R8T/IpalXSaJqKyQ//7mGfX8v81GEQr311q31Uj7f29kY1v5lOWbJxkZyGJ7IvIO8+zxbJ+MRXHowlxp9kSH7e/okn9j/y+d0vzzvmBWjvuDTZ3NmamFqbXVttWDWxGHBpvrnwymBy4fxkki4mBEHOphuyMN4blXvjpcjzTdVnSvf1Wl7XDEOoyfVe5GvFw7/uVYdvyXckwaxycLLeOTE8NRmj0+kZ4Fx9vm8dPPt9/rlH/X+n/3W/Mqb53+/tzTVrsuPf67Gs7/yMdvl+o/kkQk9fHa+YjKQG953P7l8+p2R4+1Llvr+b8j+aAaztvXJ1MLC9dOROxI3mmdP7m0bh7P06f1HzvWvv3vy9ZJ98T/IyI9iZ+LiOcjBvKyH4mIoxHRpmp1P7754kedlq3y/H9m0vrPtL3+LTv+S+P1qwzkK6dzBi4dufekw8Ujq//elY//qWpoLOLv6Hj9S5ZdIlZb0qfegQAAALAFFKL6t/+F8Xq4UBgfrz0D2h+7CqWr8wsvRMSVmdo7AiNRLFyYK83mD+RGopjkzz9HGuKTTfGT2XPjLwZ2VuPj01dLM5tdeehzu6ttPmlp/6nfe3zOC2xB2+g9NKBH3dr/gTsbVBBgw/n9h/7V0P47fdmi7C9lYHvy+w/9q137vxlfr/jugmsGbH0VbRn62srtv/v3NoGtazDer4errz37+Cf0Df1/6Eu9vtffW6Ay1H7RcLT5YsDwsynGzjZ5bUog7Vmt4waLEbG6xDvXkkXeBez8hYdCbxscitZFA7HSWkn77zhERLnjWule6VqeiwfW/eTPv4my3qfNN0vttLjKw/20Aff7AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAtvJPAAAA//8tL8+m") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8080c65) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x107842, 0x0) sendfile(r1, r1, 0x0, 0x80000000) 8m56.032321578s ago: executing program 4 (id=1399): r0 = open(&(0x7f0000000280)='.\x00', 0xc8180, 0x0) fcntl$notify(r0, 0x402, 0x8000003d) r1 = open(&(0x7f0000000280)='.\x00', 0x80, 0x122) fcntl$notify(r1, 0x402, 0x8000003d) fcntl$notify(r0, 0x402, 0x9) 8m53.589670764s ago: executing program 37 (id=1399): r0 = open(&(0x7f0000000280)='.\x00', 0xc8180, 0x0) fcntl$notify(r0, 0x402, 0x8000003d) r1 = open(&(0x7f0000000280)='.\x00', 0x80, 0x122) fcntl$notify(r1, 0x402, 0x8000003d) fcntl$notify(r0, 0x402, 0x9) 8m15.673833259s ago: executing program 3 (id=1401): setuid(0xee01) r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = socket(0x2, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000800)=[{{0x0, 0x0, 0x0}, 0x44e}], 0x1, 0x2, 0x0) migrate_pages(r0, 0x4, 0x0, 0x0) 8m14.000900058s ago: executing program 3 (id=1521): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15) pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xc00) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) ftruncate(r0, 0x100) 8m12.957487721s ago: executing program 3 (id=1526): r0 = socket$kcm(0x2, 0x3, 0x106) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)={{0x14}, [@NFT_MSG_NEWRULE={0x70, 0x6, 0xa, 0x160b, 0x0, 0x0, {0x2, 0x0, 0x8}, [@NFTA_RULE_EXPRESSIONS={0x44, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @osf={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_OSF_DREG={0x8, 0x1, 0x1, 0x0, 0x4}]}}}, {0x28, 0x1, 0x0, 0x1, @nat={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_NAT_TYPE={0x8}, @NFTA_NAT_REG_ADDR_MIN={0x8, 0x3, 0x1, 0x0, 0x14}, @NFTA_NAT_FAMILY={0x8, 0x2, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x98}, 0x1, 0x0, 0x0, 0x850}, 0x4040080) sendmsg$inet(r0, &(0x7f0000000040)={&(0x7f0000000140)={0x2, 0x4e21, @remote}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000080)="b9ed29d8e7ffffffffffffffd090fc6889ae6b84", 0x14}], 0x1}, 0x40) 8m11.971370905s ago: executing program 3 (id=1531): mount$9p_fd(0x0, &(0x7f0000000980)='.\x00', 0x0, 0x104000, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000240)='./file0\x00', 0x130800b, 0x0, 0x0, 0x0, 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 8m11.158170699s ago: executing program 3 (id=1535): openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0) r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x800, 0xffffffff, 0xbfe00000}, &(0x7f0000000000)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r0, 0x47f6, 0x0, 0x2, 0x0, 0x300) 8m10.343032876s ago: executing program 3 (id=1537): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x80c80, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8) 8m7.164773092s ago: executing program 38 (id=1537): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x80c80, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8) 7m30.360475314s ago: executing program 8 (id=1658): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000002080)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000180)='cdg', 0x3) sendto$inet(r0, 0x0, 0x0, 0x2000c7fd, &(0x7f0000002340)={0x2, 0x4e23, @empty}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='scalable', 0x8) 7m29.211967815s ago: executing program 8 (id=1662): mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000060000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x4a, 0x0, 0x84, 0xfffffffe}) syz_fuse_handle_req(r0, &(0x7f00000021c0), 0x2000, &(0x7f00000041c0)={&(0x7f0000000140)={0x50, 0x0, 0x4, {0x7, 0x2b, 0x0, 0xffffffff80050200, 0x0, 0xfc, 0x8, 0x0, 0x0, 0x0, 0x10, 0x100}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 7m27.896549194s ago: executing program 8 (id=1665): ioctl$PIO_UNISCRNMAP(0xffffffffffffffff, 0x4b6a, 0x0) sendmsg$nl_crypto(0xffffffffffffffff, 0x0, 0x4040) sendmsg$rds(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=[@mask_fadd={0x58, 0x114, 0x8, {{0xf, 0x1}, 0x0, 0x0, 0x5, 0xfffffffffffffffe, 0x7, 0x3, 0x28, 0x5}}], 0x58}, 0x0) r0 = socket$netlink(0x10, 0x3, 0x4) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b34, &(0x7f0000000000)={'wlan0\x00'}) 7m27.102856783s ago: executing program 8 (id=1669): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./bus\x00', 0x8, &(0x7f0000000040), 0x21, 0x505, &(0x7f0000000bc0)="$eJzs3c9vVMcdAPDvW3uxMQZDy6Gt2kIpLa0Q6x+AhbgULq0qhFQV5ZQDOPZiWd5lLa9RsMPBHHNHClJOyZ+QWw6ROOWQW27JLRdyiEQSlAhHymGj93axF/8m/rHY+/lIz+/NzLLfGS8zs29gdwJoWycjYj4iDkTErYjoa+QnjSOu1I/0cc+f3R9deHZ/NIla7cZ3SVae5kXTn0kdajxnd0T8/z8RbyUr41Zn5yZHSqXidCPdP1Oe6q/Ozp2byDVyhoYHhwcunb84tG1tPVH+6Om/J6698cnHf3ry+fw/30mr1fvu4aysuR3bqd70fPQ25XVGxLWdCNYinY2/P+w9aW/7TUScyvp/X3RkryYAsJ/Van1R62tOAwD7XXr/3xtJrtBYC+iNXK5QqK/hHY+eXKlSnTnbV7l7ZyyyNayjkc/dnigVBxprhUcjn6Tpwex6KT30Uvph8XxEHIuIh10Hs/LCaKU01so3PgDQxg4tm/9/7KrP/wDAPtfd6goAALvO/A8A7cf8DwDt5xXmf58OBIB9wv0/ALQf8z8AtJ8N5/8Hu1MPAGBX/O/69fSoLdS///rFN3WfGytWJwvlu6OF0cr0VGG8UhkvFQujtdpGz1eqVKYGLywmq7NzN8uVu3dmbk6UR8aLN4v5nWwMALApx048/jKd9OcvH8yOaNrLwVwN+1uu1RUAWqaj1RUAWsbneaB9beIe3zIA7HOrbNH7kjX/i9Ajm7/CXnXm99b/oV1tZf3f2gHsbb9u/f9fG98wAK89czi0r1otsec/ALQZa/zAlv79HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANpUb3YkuUK2F/h8+jNXKEQcjoijkU9uT5SKAxFxJCK+6Mp3penBVlcaANii3DdJY/+vM32ne5eXHkh+6srOEfH2+zfeuzcyMzM9mOZ/v5g/86iRP3SgFQ0AAJpdWZlVn6cb56Yb+efP7o++OHazik+v1jcXTeMuNI56SWd0ZufuyEdEzw9JI12Xvl/p2Ib48w8i4ndL7b/XFKE3WwOp73y6PH4a+/AOxF/6/S+Pn3spfi4rS8/57Hfx222oC7Sbx1fr42Sj76VdrNH/cnEyO6/e/7uzEWrr0vEvHUsWVox/ucXxr2NF/CTr8ycX0+vX5OmFT/+7IrPWVy97EPGHztXiJ4vxk9XH3/zpTbbxqz/++dRaZbUPIs6s2v4XO1KXs2G2f6Y81V+dnTs3UR4ZL44X7wwNDQ8OD1w6f3GoP1ujrv/8bLUY314+e2St+Gn7e9aI371+++Nvm2z/hz/fevMv68T/x19Xf/2PrxM/nRP/vsn4Iz1X1ty+O40/tkb7N3j94+wm4z/5em5skw8FAHZBdXZucqRUKk5vcJG+19zoMS725kXMR2z9edK3+KVStiiRXr0G7XKxlYtWj0zATlvq9K2uCQAAAAAAAAAAAAAAsJbq7Nxk16t8WquWvPIHAVvdRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPavXwIAAP//LZDG/A==") syz_mount_image$fuse(0x0, &(0x7f0000000580)='./bus\x00', 0x283016, 0x0, 0x14, 0x0, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000300)='./file0/file1\x00', 0x84010, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000a80)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) setxattr$security_capability(&(0x7f0000000240)='./file0/file1\x00', &(0x7f0000000280), 0x0, 0x0, 0x0) 7m25.07545864s ago: executing program 8 (id=1673): syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000080)='./file4\x00', 0xa18c14, &(0x7f0000000640)=ANY=[@ANYBLOB="757466383d312c696f636861727365743d69736f383835392d322c73686f72746e616d653d6d697865642c73686f72746e616d653d6d697865642c757466383d302c636f6465706167653d3737352c73686f72746e616d653d77696e39352c73686f72746e616d653d6d697865642c73686f72746e616d653d6c6f7765722c636865636b3d72656c617865642c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e6e742c73686f72746e616d653d77696e39352c0060240e5f46e02d8935bc81eae505c144131eb1e835ff198c20067987f963d6aa1face6e1f0ff1c74ae1fee1ceaeeb596804b54e8ef54af46870d9f4895a62cc8704ad46164c33a6f2fc51cac21cea84605407ee30c18a4153c20ba85cd3fc2dde144e1d536bae4b2a2b587d7948656d6ef3d633af5ce72474444b9f5b747863cfbb6f58095ebb15ca5e8a8345b0fe7231c2990a5cef37e4674546dc54fc865"], 0x89, 0x2ca, &(0x7f0000000b00)="$eJzs3c1qY1UcAPD/TZM0USFZuBLBC7pwVWbmCaZIhcGu1LvQjRanA5KUgRYCfmCclXvBle/gO/gAbnwDFy4Fd85CvHK/kjQfkwl0Wqm/3yL559zzv+fjnvaGQE4+ff1s9PDxxaMnX/8WvV4SrftxP54mMYxWNL4tHz8MAOB2eJrn8Wde2Va3Hd2IyAf1q9Y1dA8AeAHK+39S3Na33/8BgNvhg48+fu/w+Pjo/TTtRZx9N8mKNwPFc3X88FF8HuM4jTsxiL/LtwmzTwuKx1ceHB9FO02bDwMm/cgizj75pX59+EdEmX83BjFczu/WtdJSvHU2nWS9ov3pJOvES0nEYZ5UVe7FIF6NyDtRn6R6evfB8dG9Kr1Tn6xofxpZN95+88e6//+cxkEM4tfP4nGM42F5inn+N3fT9J38h7++qkaQRSTTSbZf1pvL9174xQAAAAAAAAAAAAAAAAAAAAAA4H/jIJ0ZVvvvTMr9c5rdAA8O1h/fuD9QvcPPdGF/nTtpmjbb+EyyTr2/Tztea0f75kYOAAAAAAAAAAAAAAAAAAAA/x0XX3w5OhmPT88vBT/nRdB/Zp3loL1Q0nytf3vW+mD0U8TuWc8TxF7dtXGy0kTSHLqcVWTs3Nb+LpX7q42OTqK1aQ7b46g6//3uk/DGmgHuHjQrY1OdZnWNTpJtU9dbv0gWVl3T2PlFssOCzMup686uexHsbczqXtEa67486i+WDJ47vb92oooRd2aTeTmrV1zJhZLOFf+lLEmu9P8OAAAAAAAAAAAAAAAAAACwav6l3/h95eCTG+kSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFy7+e//z4IYLpcsB9M6uSxpPbvy/vnFmmaH1zxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbrl/AwAA//8b6EgO") bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x12, 0x4, &(0x7f00000005c0)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) 7m21.913947488s ago: executing program 8 (id=1683): r0 = memfd_create(&(0x7f0000000500)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x1c\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\x83\x11\v}k+\xeb\xc3\xc0O\xae\xd2\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xac\xbe\xe1}knh#\xcf)\x0f\xc8\xc0\"\x9cc\x10d\xee\xa9\x8b\x06\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\xcf~\xb901nEy\x82\x83\x80\xd3O\x00|hP\x00\x00\x00\x00\x00\x00\x00\x05\x86\xfe\xd9\xa5\xc6\nSy\xa3N\xba-]\'q\xc6\xfb\x02\x9a\xa9Z\xa8\x80Bx\xbd74\xcf\"\xa5\xea$\x95\xfd\x06T\xef\x89\xe4j\x06\xdc\x15\xe7\xc3\xb5H\xf7\xdc\xee\x182\xab\xe2?\"\xbewm\x9d\xd8x\xd92\xeeS/\xd2\xcd[\x9dcO1\xcb\x12lZ$\xa7\x9d\xf8b\xf6}\xc5``\xfe0\x8a\'v-\x99`?\x97\x8c\xdd\xd6\xfa\xa2\x06>\xf3\xe2uI\xe65C\xdb\x84\xe6eU\xe8RK\xd6=s\xcd\x9d\x1f#3\xc5\x16\xd0\xbbD\xc5\xde\xc8/\v\xa5W\xbep\x87\x15\x10\xcdm\xa7\x93\x01\x1c,9V8\xdc\xfd\xb7\xc0\xfc\x04\x00p\xad\x12\xb2\xbf\xfbFZ\x1a\f\x99\x05\xe4\x1eP\xed\x87\x89\xbeo\xfbv\xb6\x8a\xee\xf6Oc8\xaf\x11[\xc3\x98w-\xf0\xb2z\xc7\xaf;\x92\xad4\x1b\x92L\x97<\xbdh\x80\xf2\xc0\xd0n)K\xf2#Ncp\xe4\xb4\xfb\x94\x18\xc2-TWA\x13\xfe\xea\xad\v\xc4\xa5\x02\xf9\xed]\xf4\\\x01\xab\xdc\xb6\xcdP\x93\xf2\xc3\x96\xf2\xc0\xd6-x\xd5\xd6\xc7\x9d\xa5\x1f\xd2t\xd7\x8f}b\x9749\xd4a7\x18\xe0\x91KV7[\xb8\x8dL\xc8\xc8\x8f>sbE\xf5\xa7\xdb|\xb0m\x16c\x84\r\"\xf2\x92s\xeb\xaf\x1c\x00\xf4\x8dL\xa5\x10\x89FB\xfb8\xf9\x9d\xcbm\x1c\x91\xe9fd$5\xdc\xad\xec\xef\x90\xd9\xefX\xd2m\x9e\xec\x94w\xb3\xf9\xd9\x0eu-z\x81\xbb\xa6\xc0\x00\xa1\xd9\xcbI\xda\xa3\b\x9e@\xb8\xc8k\xdeQ/\xb8X\x9c\xff4Np~\xc4\xc1_\x1c#zX\a\xd41\x1c\x7fH\x91\xd9k\x05\x1f\n\b\b\x88\xd6\xcf4i\xa0B\xe7\x9c\x9c\xe6\xcax\xca\xa1E#6\xe9\xf31W\xd0\x1bY3/\x00I#\xfa\xb0\f\xd5!\x9fR[\x0e\xdb`\xdb\x82M\'k\x16(\xfa\xc2\xec\x96e\\Q\xe9\x19\xe1u\x86\xcb\xc3\xb0\xb8\x19\xb9l\x1fk!R\xb1P\x8b\xda\xffE\x89\x97\n\x17m\xd10\x1a\xe7Qz\xd8\bi\x8dRw+\xa1^N\xaf\x1b\x1dg\x8f$\xbe\x93\x8d\x8b\xfd\r\xee<\x84\x95\x82)TH\xcac9\x98\x13WW@;\xb4\xd5\x0f\xa1\xb3xX(\x80\xe8\x89\xed e.\xe04\xba\x9c=\xc6\x04\f\xbf\x06\xce5\xf99GD8@\xd2\r\xd0\xdf@\xe3\xbe\"qq#]\x86W\tA\xa7\x91\x85\xae\x9c\x8dO\xa6\xa3\xf9i\x83\xc5\xa8C\x164\xef\xa4\\\a\xaa%\x94!3k]\xd5\xbe\'U\xf17', 0x1) r1 = dup(r0) r2 = dup(r1) write$binfmt_elf64(r2, &(0x7f00000001c0)=ANY=[@ANYBLOB="7f454c4606ff78a33e0200000010000002003e00cd000000c9030000000000004000000000000000ea0200000000000000000100050038000f"], 0x178) execveat(r2, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) 7m19.184391324s ago: executing program 39 (id=1683): r0 = memfd_create(&(0x7f0000000500)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x1c\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\x83\x11\v}k+\xeb\xc3\xc0O\xae\xd2\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xac\xbe\xe1}knh#\xcf)\x0f\xc8\xc0\"\x9cc\x10d\xee\xa9\x8b\x06\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\xcf~\xb901nEy\x82\x83\x80\xd3O\x00|hP\x00\x00\x00\x00\x00\x00\x00\x05\x86\xfe\xd9\xa5\xc6\nSy\xa3N\xba-]\'q\xc6\xfb\x02\x9a\xa9Z\xa8\x80Bx\xbd74\xcf\"\xa5\xea$\x95\xfd\x06T\xef\x89\xe4j\x06\xdc\x15\xe7\xc3\xb5H\xf7\xdc\xee\x182\xab\xe2?\"\xbewm\x9d\xd8x\xd92\xeeS/\xd2\xcd[\x9dcO1\xcb\x12lZ$\xa7\x9d\xf8b\xf6}\xc5``\xfe0\x8a\'v-\x99`?\x97\x8c\xdd\xd6\xfa\xa2\x06>\xf3\xe2uI\xe65C\xdb\x84\xe6eU\xe8RK\xd6=s\xcd\x9d\x1f#3\xc5\x16\xd0\xbbD\xc5\xde\xc8/\v\xa5W\xbep\x87\x15\x10\xcdm\xa7\x93\x01\x1c,9V8\xdc\xfd\xb7\xc0\xfc\x04\x00p\xad\x12\xb2\xbf\xfbFZ\x1a\f\x99\x05\xe4\x1eP\xed\x87\x89\xbeo\xfbv\xb6\x8a\xee\xf6Oc8\xaf\x11[\xc3\x98w-\xf0\xb2z\xc7\xaf;\x92\xad4\x1b\x92L\x97<\xbdh\x80\xf2\xc0\xd0n)K\xf2#Ncp\xe4\xb4\xfb\x94\x18\xc2-TWA\x13\xfe\xea\xad\v\xc4\xa5\x02\xf9\xed]\xf4\\\x01\xab\xdc\xb6\xcdP\x93\xf2\xc3\x96\xf2\xc0\xd6-x\xd5\xd6\xc7\x9d\xa5\x1f\xd2t\xd7\x8f}b\x9749\xd4a7\x18\xe0\x91KV7[\xb8\x8dL\xc8\xc8\x8f>sbE\xf5\xa7\xdb|\xb0m\x16c\x84\r\"\xf2\x92s\xeb\xaf\x1c\x00\xf4\x8dL\xa5\x10\x89FB\xfb8\xf9\x9d\xcbm\x1c\x91\xe9fd$5\xdc\xad\xec\xef\x90\xd9\xefX\xd2m\x9e\xec\x94w\xb3\xf9\xd9\x0eu-z\x81\xbb\xa6\xc0\x00\xa1\xd9\xcbI\xda\xa3\b\x9e@\xb8\xc8k\xdeQ/\xb8X\x9c\xff4Np~\xc4\xc1_\x1c#zX\a\xd41\x1c\x7fH\x91\xd9k\x05\x1f\n\b\b\x88\xd6\xcf4i\xa0B\xe7\x9c\x9c\xe6\xcax\xca\xa1E#6\xe9\xf31W\xd0\x1bY3/\x00I#\xfa\xb0\f\xd5!\x9fR[\x0e\xdb`\xdb\x82M\'k\x16(\xfa\xc2\xec\x96e\\Q\xe9\x19\xe1u\x86\xcb\xc3\xb0\xb8\x19\xb9l\x1fk!R\xb1P\x8b\xda\xffE\x89\x97\n\x17m\xd10\x1a\xe7Qz\xd8\bi\x8dRw+\xa1^N\xaf\x1b\x1dg\x8f$\xbe\x93\x8d\x8b\xfd\r\xee<\x84\x95\x82)TH\xcac9\x98\x13WW@;\xb4\xd5\x0f\xa1\xb3xX(\x80\xe8\x89\xed e.\xe04\xba\x9c=\xc6\x04\f\xbf\x06\xce5\xf99GD8@\xd2\r\xd0\xdf@\xe3\xbe\"qq#]\x86W\tA\xa7\x91\x85\xae\x9c\x8dO\xa6\xa3\xf9i\x83\xc5\xa8C\x164\xef\xa4\\\a\xaa%\x94!3k]\xd5\xbe\'U\xf17', 0x1) r1 = dup(r0) r2 = dup(r1) write$binfmt_elf64(r2, &(0x7f00000001c0)=ANY=[@ANYBLOB="7f454c4606ff78a33e0200000010000002003e00cd000000c9030000000000004000000000000000ea0200000000000000000100050038000f"], 0x178) execveat(r2, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) 2m25.463682612s ago: executing program 0 (id=2821): r0 = syz_open_dev$vim2m(&(0x7f0000000180), 0x3fc, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x80000001, 0x1, 0x4}) ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000240)=0x1) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000018c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r1, 0xffffffffffffffff, 0x0) 2m24.479472902s ago: executing program 0 (id=2823): sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0xffffffff00000003, 0x0, 0x4000001}, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x4e24, @empty}, 0x10) syz_emit_ethernet(0xbe, &(0x7f0000000300)={@local, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x68, 0x0, 0x0, 0x88, 0x0, @remote, @local}, {0xfffe, 0x4e24, 0x4d, 0x0, @wg=@initiation={0x1, 0x4, "497a1d08fd3d0ee007022798bb6374ed840b4f36f41fc4d035e9ebe414aa958d", "4bbef5e4007898221aa606d083cd59745493938f1e2de8fdadd3823fedd2c01b2aff03050a4ca5d10fd1b6b06f47ea42", "ef7c9d6a98e3943f6892078bb952854743fe4dddd2e7c0ce70a4ac7d", {"a851525b16af17fe87acbae2ab0b233d", "01422d01cd53c3abe94331d0b7918724"}}}}}}}, 0x0) poll(&(0x7f0000000000), 0x20000000000000b5, 0x9) 2m23.324590166s ago: executing program 0 (id=2828): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000030900010073797a30000000002c000000030a01010000000000000000010000000900010073797a30000000000900030073797a3200000000a0000000060a010400000000000000000100000808000b400000000078000480340001800b000100657874686472000024000280080001400000000c08000340000000020800044000000022050002"], 0x114}, 0x1, 0x0, 0x0, 0x1}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'macvlan0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=r1, @ANYBLOB="00000000000000001c003700"], 0x3c}}, 0x0) 2m22.291520367s ago: executing program 0 (id=2832): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) r1 = socket$unix(0x1, 0x1, 0x0) bind$unix(r1, &(0x7f00000002c0)=@abs={0x1, 0x0, 0x4e20}, 0x6e) bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) 2m21.231884704s ago: executing program 0 (id=2836): socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000003c0)={0xffffffffffffffff}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_STATION(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000500)={0x54, r2, 0xb97534d5fe9704cf, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_STA_TX_POWER={0x6, 0x114, 0x4}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x3}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x531}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}]}, 0x54}, 0x1, 0x0, 0x0, 0xc0}, 0x0) 2m19.911937205s ago: executing program 0 (id=2842): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) utimes(0x0, 0x0) finit_module(0xffffffffffffffff, 0x0, 0x2) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x2000c004) ioctl$sock_netdev_private(r0, 0x8947, &(0x7f00000000c0)="f36edaf73a") 2m16.364308758s ago: executing program 40 (id=2842): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) utimes(0x0, 0x0) finit_module(0xffffffffffffffff, 0x0, 0x2) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x2000c004) ioctl$sock_netdev_private(r0, 0x8947, &(0x7f00000000c0)="f36edaf73a") 1m37.179928828s ago: executing program 9 (id=2944): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) connect$inet6(r0, &(0x7f0000000100)={0xa, 0xfffe, 0x10000, @local, 0x7}, 0x1c) sendto$inet6(r0, &(0x7f00000001c0)='O', 0x1, 0x80, &(0x7f0000000280)={0xa, 0x0, 0x0, @private2}, 0x1c) shutdown(r0, 0x1) setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000240), 0x4) 1m35.355440036s ago: executing program 9 (id=2951): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0xa0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@local}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e, 0xfffffffffffffff7}) 1m34.419986207s ago: executing program 9 (id=2954): r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1}) ioctl$UFFDIO_CONTINUE(r0, 0xc020aa08, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}}) mremap(&(0x7f0000ae9000/0x2000)=nil, 0x2000, 0x3000, 0x3, &(0x7f0000ffc000/0x3000)=nil) 1m33.228531976s ago: executing program 9 (id=2961): mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x0) 1m32.307659421s ago: executing program 9 (id=2964): r0 = socket(0xa, 0x3, 0xff) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850) sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a64000000030a0fdb00000000000000000a0000050900030073797a30000000000900010073797a31000000001400048008000240a04b3d02080001400000000308000540000000001c0008800c00014000000000000000090c000240000000000018ab6e14000000110001"], 0x8c}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840) sendmsg$inet6(r0, &(0x7f0000001c00)={&(0x7f0000000140)={0xa, 0xa, 0x7, @mcast2}, 0x1c, &(0x7f0000000000)=[{&(0x7f0000000100)="671723d7c6012c", 0x20}, {&(0x7f0000000280)="9e91d91a92dc7c8fff658bb539e2ffb332c99223a7dfe52c1f51218206f5abfd2a", 0x21}], 0x2}, 0x20008b88) 1m31.008200834s ago: executing program 9 (id=2970): ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) syz_emit_vhci(&(0x7f0000001500)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0xe, 0x0, 0x419}}}, 0x7) sendmsg$nl_route(r0, 0x0, 0x0) sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, 0x0, 0x300, 0x70bd25, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x40800}, 0x20044855) 1m27.991358898s ago: executing program 41 (id=2970): ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) syz_emit_vhci(&(0x7f0000001500)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0xe, 0x0, 0x419}}}, 0x7) sendmsg$nl_route(r0, 0x0, 0x0) sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, 0x0, 0x300, 0x70bd25, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x40800}, 0x20044855) 11.459848507s ago: executing program 5 (id=3227): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000012c0)={0xffffffffffffffff, 0xffffffffffffffff}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = io_uring_setup(0x516, &(0x7f0000000540)={0x0, 0x7dc6, 0x1, 0x503fa, 0x8100014a}) close_range(r1, 0xffffffffffffffff, 0x0) recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x40002002) 10.054882786s ago: executing program 2 (id=3233): setxattr$incfs_metadata(0x0, &(0x7f00000000c0), 0x0, 0x0, 0x6) setregid(0x0, 0x0) r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000000000040de28021100000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000001c0)={0x2c, &(0x7f00000000c0)=ANY=[@ANYBLOB="00008500000085"], 0x0, 0x0, 0x0, 0x0}, 0x0) 9.733032165s ago: executing program 5 (id=3235): r0 = userfaultfd(0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x270}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000ffb000/0x3000)=nil, 0x3000}, 0x1}) mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000ffe000/0x1000)=nil) ioctl$UFFDIO_CONTINUE(r0, 0xc020aa07, &(0x7f0000000080)={{&(0x7f0000ffe000/0x2000)=nil, 0x2000}}) 7.895422867s ago: executing program 5 (id=3241): socket$packet(0x11, 0x2, 0x300) r0 = socket$netlink(0x10, 0x3, 0x4) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000200)={0x0, 0x7, 0x0, 0x0, 0x0, 0x1}) write(r0, &(0x7f0000000040)="2700000014000707030e0000120f0a0011000100f5fe009d2fb112ff000000008a151f75080039", 0x27) syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), r0) 7.137181161s ago: executing program 6 (id=3243): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0) r1 = dup(r0) read$FUSE(r1, &(0x7f0000005380)={0x2020}, 0x2020) syz_usb_connect(0x0, 0x24, &(0x7f0000000680)=ANY=[@ANYBLOB="12010000cf8bed20d90f21004029000000010902"], 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) 6.927335189s ago: executing program 5 (id=3244): write$tun(0xffffffffffffffff, &(0x7f0000000240)=ANY=[@ANYBLOB="3a2f080000030300010000000000450a00280068000005069078ac1e0301ffffffff4e", @ANYRES32=0x41424344], 0xfce) syz_usb_connect(0x3, 0x2d, &(0x7f0000000240)=ANY=[@ANYBLOB="120100000c9768405e0483020b9901e4020109021b000100000000090400fb0160291d000905"], 0x0) r0 = syz_open_dev$audion(&(0x7f0000000000), 0x3, 0x1) write$P9_RVERSION(r0, 0x0, 0xfffffcd9) write$P9_RVERSION(r0, 0x0, 0x15) 6.845890931s ago: executing program 2 (id=3245): r0 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1}, 0x18) connect$can_j1939(r0, &(0x7f0000000140)={0x1d, r1}, 0x18) sendmmsg(r0, &(0x7f0000000740)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000440)=@isdn={0x22, 0xef, 0x80, 0x4, 0x4}, 0x80, 0x0}}], 0x2, 0x0) 6.765491576s ago: executing program 1 (id=3246): syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f00000000c0)) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) chdir(&(0x7f00000003c0)='./bus\x00') unlinkat(r0, &(0x7f0000000040)='./bus\x00', 0x200) syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 6.315898854s ago: executing program 7 (id=3247): r0 = syz_open_procfs(0x0, &(0x7f0000000100)='map_files\x00') fchdir(r0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0xf, &(0x7f0000000200)=ANY=[@ANYRESDEC], 0x0, 0x9, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) 6.135600118s ago: executing program 1 (id=3248): capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffffb}) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000006c0), 0x48200, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x1b) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x40940, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000003c0)=0x2) 5.973630306s ago: executing program 2 (id=3249): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000200)={0x0, 0x4, 0x2, 0x9, 0x0, 0x0, 0x0, 0xfd, 0x5}, 0xe) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000002300)=[@in={0x2, 0x4e22, @remote}]}, &(0x7f0000000440)=0x10) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000080)={r1, 0xff}, &(0x7f00000000c0)=0x8) 5.446935656s ago: executing program 6 (id=3250): r0 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) unshare(0x400) r1 = fsmount(r0, 0x1, 0x80) landlock_restrict_self(r1, 0x8) 5.24560223s ago: executing program 7 (id=3251): syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) 5.177153586s ago: executing program 1 (id=3252): r0 = fsopen(&(0x7f0000000140)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0xf) fsconfig$FSCONFIG_SET_FLAG(r0, 0x0, &(0x7f0000000040)='ro\x00', 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) 5.107662205s ago: executing program 2 (id=3253): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000080)='./file1\x00', 0x800, &(0x7f0000000100)=ANY=[@ANYBLOB='iocharset=iso8859-9,utf8,dmask=00000000000000000000011,utf8,errors=remount-ro,utf8,fmask=00000000000000000000001,errors=remount-ro,iocharset=iso8859-5,gid=', @ANYRESHEX=0x0, @ANYBLOB="0002"], 0x1, 0x1548, &(0x7f0000000380)="$eJzs3AuYTdX7OPD3XWvtMSSdJrkMa613c5LLMkmSS5JckiRJktwSkib5SkJiyC1pSEJyGZLLEJLLxKRxv98vCU2SJklCckvW/1H8fftVv++lvl/P85v38zz7sd6z9rv22vOeM2fvdZz5psvQmo1rVWtIRPCn4C//JAFALAAMBIBrACAAgHJx5eIu9OeUmPTnDsL+Wg+lXukZsCuJ65+9cf2zN65/9sb1z964/tkb1z974/pnb1x/xrKzzdMLXstb9t14/T874/f//0OySo/9Ym3p67sCxPyzKVz/7I3r/39W8M/sxPXP3rj+2VXslZ4A+yvN/vfS+PWfHeT4wx6uf/bG9WcsO/t5HTgnXPF16Cu1QSR7fwZypZ9/jDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcayh9P+MgUAl9pXel6MMcYYY4wxxhj76/gcV3oGjDHGGGOMMcYY+89DECBBQQAxkANiISfkAgEAV0MeuAYicC3EwXWQF66HfJAfCkBBiIdCUBg0GLBAEEIRKApRuAGKwY1QHEpASSgFDkpDAtwEZeBmKAu3QDm4FcrDbVABKkIlqAy3QxW4A6rCnVAN7oLqUANqQi24G2rDPVAH7oW6cB/Ug/uhPjwADeBBaAgPQSN4GBrDI9AEHoWm0AyaQwto+W/lvwA94EXoCb0gCXpDH3gJ+kI/6A8DYCC8DIPgFRgMr0IyDIGh8BoMg9dhOLwBI2AkjII3YTS8BWNgLIyD8ZACE2AivA2T4B2YDFNgKkyDVJgOM+BdmAmzYDa8B3PgfZgL82A+LIA0+AAWwiJIhw9hMXwEGbAElsIyWA4rYCWsgtWwBtbCuh/7wgbYCJtgM2yBrbANtsMO2Akfwy74BHbDntfnAUAmfPZH+bD+d/NPXcqHvfApZEJXBAQUKFChwhiMwViMxVyYC3NjbsyDeTCCEYzDOMyLeTEf5sMCWADjMR4LY2E0aJCQsAgWwShGsRgWw+JYHEtiSXToMAETsAzejGWxLJbDclgey2MFrIgVsTJWxipYBatiVayG1bA6VseaWBPvxruxN9bBOlgX62I9rHdpeQobYkNshI2wMTbGJtgEm2JTbI7NsSW2xFbYCltja2yLbbEdtsP22B4TMRE7YAfsiB2xE3bCztgZu2AX7IrdsFvWCzkAX8QXsRdWF72xD/bBvpicoz8OwAH4Mg7CV/AVfBWTcQgOxdfwNXwdh+NJHIEjcRSOwiriLRyDY5HEeEzBFJyIE3ESTsLJOAWn4DRMxek4A2fgTJyFs/A9nIPv4/s4D+fhAkzDNFyIizAd03ExnsIMXIJLcRkuxxW4HFfhalyFa3EdrsUNuAE34SbcgltwG27DHbgDP0YFgJ/gHtyDyZiJmbgP9+F+3I8H8ABmYRYexIN4CA/hYTyMR/AIHsVjeByP4Qk8gSfxFJ7G03gWz+I5fC7+q0Yfl1iTDOICJZSIETEiVsSKXCKXyC1yizwij4iIiIgTcSKvyCvyiXyigCgg4kW8KCwKCyOMIBHGAICIiqgoJoqJ4qK4KClKCiecSBAJoowoI8qKsqKcuFWUF7eJCqKiaOMqi8qiimjrqoo7RTVRTVQXNURNUUvUErVFbVFH1BF1RV1RT9QT9cUDooHojf3xIXGhMo3FEGwihmJT0UzIi7/BWonh2Fq0EW3FE2IkjsD2opVLFE+LDmIMdhR/E2PxWdFZjMcu4nnRVXQT3cULoodo7XqKXmIy9hZ9xDTsK/qJ/mKAmIk1xHs4J2dN8apIFkPEUPGaWICvi+HiDTFCjBSjxJtitHhLjBFjxTgxXqSICWKieFtMEu+IyWKKmCqmiVQxXcwQ74qZYpaYLd4Tc8T7Yq6YJ+aLBSJNfCAWikUiXXwoFouPRIZYIpaKZWK5WCFWilVitVgj1op1Yr3YIDaKTWKz2CK2im1iu9ghdoqPxS7xidgt9oi94lORKT4T+8TnYr/4QhwQX4os8ZU4KL4Wh8Q34rD4VhwR34mj4pg4Lr4XJ8QP4qQ4JU6LM+Ks+FGcEz+J88ILkCiFlFLJQMbIHDJW5pS55FUytwwu/nSvlXHyOplXXi/zyfyygCwo42UhWVhqaaSVJENZRBaVUXmDLCZvlMVlCVlSlpJOlpYJ8iZZRt4sy8pbZDl5qywvb5MVZEVZSVaWt8sq8g4JkV+OUV3WkDVlLXm3TIJ7ZB15r6wr75P15P2yvnxANpAPyobyIdlIPiwby0dkE/mobCqbyeayhWwpH5Ot5OOytWwj28onZDv5pGwvn5KJ8mnZQfqLT5FnZWf5nOwin5ddZTfZXf4kz0sve8peEnqD7CNfkn1lP9lfDpAD5ctykHxFDpavymQ5RA6Vr8lh8nU5XL4hR8iRcpR8U46Wb8kxcqwcJ8fLFDlBTpRvy0nyHTlZTpFT5TSZKqfL/hdHmi3lP8x/+3fyB/989E1ys9wit8ptcrvcIXfKj+UuuUvulrvlXrlXZspMuU/uk/vlfnlAHpBZMkselAflIXlIHpaH5RF5RB6Vx+QZ+b08IX+QJ+UpeUqekWflWXnu4s8AFCqhpFIqUDEqh4pVOVUudZXKra5WedQ1KqKuVXHqOpVXXa/yqfyqgCqo4lUhVVhpZZRVpEJVRBVVUXUDXnzCqJKqlHKqtEpQN/0r+aqYulEVVyV+lX9pfkl/ML+WqqVqpVqp1qq1aqvaqnaqnWqv2qtElag6qA6qo+qoOqlOqrPqrLqoLqqr6qq6q+6qh+qheqqeKkklqT7qJdVX9VP91QA1UL2sBqlBarAarJJVshqqhqphapgaroarEWqEGqVGqdFqtBqjxqhxapxKUSlqopqoJqlJarKarKaqqSpVpaoZaoaaqWaq2Wq2mqPmqLlqrpqv5qs0laYWqoUqXaWrxWqxylBL1BK1TC1TK9QKtUqtUmvUGrVOrVMb1AaVoTarzWqr2qq2q+1qp9qpdqldarfarfaqvSpTZap9ap/ar/arA+qAylJZ6qA6qA6pQ+qwOqyOqCPqqDqqjqvj6oQ6oU6qk+q0Oq3OqrPqnDqnzqvzFy77AhGIQAUqiAligtggNsgV5ApyB7mDPEGeIBJEgrggLsgbXB/kC/IHBYKCQXxQKCgc6MAENhAXix4NbgiKBTcGxYMSQcmgVOCC0kFCzMXO4JagXHBrUD64LagQVAwqBZWD24MqwR1B1eDOoFpwV1A9qBHUDGoFdwe1g3uCOsG9Qd3gvqBecH9QP3ggaBA8GDQMHgoaBQ8HjYNHgibBo0HToFnQPGgRtAxuDsr+ZeN7fzL/466n7qWTdG/dR7+k++p+ur8eoAfql/Ug/YoerF/VyXqIHqpf08P063q4fkOP0CP1KP2mHq3f0mP0WD1Oj9cpeoKeqN/Wk/Q7erKeoqfqaTpVT9cz9Lt6pp6lZ+v39Bz9vp6r5+n5eoFO0x/ohXqRTtcf6sX6I52hl+ileplerlfolXqVXq3X6LV6nV6vN+iNepPerLforXqb3q536J36Y71Lf6J36z16r/5UZ+rP9D79ud6vv9AH9Jc6S3+lD+qv9SH9jT6sv9VH9Hf6qD6mj+vv9Qn9gz6pT+nT+ow+q3/U5/RP+rz2Fy7uL7y9G2WUiTExJtbEmlwml8ltcps8Jo+JmIiJM3Emr8lr8pl8poApYOJNvClsCpsLyJApYoqYqImaYqaYKW6Km5KmpHHGmQSTYMqYMqasKWvKmXKmvClvKpgKppKpZG43t5s7zB3mTnOnucvcZWqYGqaWqWVqm9qmjqlj6pq6pp6pZ+qb+qaBaWAamoamkWlkGpvGpolpYpqapqa5aW5ampamlWllWpvWpq1pa9qZdqa9aW8STaLpYDqYjqaj6WQ6mc6ms+liupiupqvpbrqbHqaH6Wl6miSTZPqYPqav6Wv6m/5moBloBplBZrAZbJJNshlqhpphZpgZboabEWakGXXhQtW8ZcaYsWacGW9STIqZaCaaSWaSmWwmm6lmqkk1qWaGmWFmmplmtplt5pg5Zq6Za+ab+SbNpJmFZqFJN+lmsVlsMkyGWWqWmuVmuVlpVprVZrVZa9aa9bDebDQbzWaz2Ww1W812s93sNDvNLrPL7Da7zV6z12SaTLPP7DP7zX5zwBwwWSbLHDQHzSFzyBw2h80Rc8QcNUfNcXPcnDAnzElz0pw2p81Zk//i+6U3sTanzWWvsrnt1TaPvcb+z7iALWjjbSFb2Gqbz+b/VWystcVtCVvSlrLOlrYJ9qbfxBVsRVvJVra32yr2Dlv1N3Fte4+tY++1de19tpa9+1dxPXu/rW8fsQ0QAWwz28i2sI3tI7aJfdQ2tc1sc9vCtrNP2vb2KZton7Yd7DO/iRfaRXa1XWPX2nV2t91jT9sz9pD9xp61P9qetpcdaF+2g+wrdrB91SbbIb+JR9k37Wj7lh1jx9pxdvxv4ql2mk210+0M+66daWf9Jk6zH9g5Nt3OtfPsfLvg5/jCnNLth3ax/chm2ACW2mV2uV1hV9pV/3+uy+wGu9FusrvsJ3ar3Wa32x1256ULYbvH7rWf2kz7mT1ov7b77Rf2gD1ss+xXP8cXzu+w/dYesd/Zo/aYPW6/tyfsD+pS9oVz/97+ZM9bb4GQgCQpCiiGclAs5aRcdBXlpqspD11DEbqW4ug6ykvXUz7KTwWoIMVTISpMmgxZIgqpCBWlKN1Al6ZXkkqRo9KUQDdRGbqZytItVI5upfJ0G1WgilSJKtPtVIXuoKp0J1Wju6g61aCaVIvuptp0D9Whe6ku3Uf16H6qTw9QA3qQGtJD1Igepsb0CDWhR6kpNaPm1IJa0mPUih6n1tSG2tIT1I6epPb0FCXS09SBnqGO9DfqRM9SZ3qOutDz1JW6UXd6gXrQi9STelES9aY+9BL1pX7UnwbQQHqZBtErNJhepWQaQkPpNRpGr9NweoNG0EgaRW/SaHqLxtBYGkfjKYUm0ER6mybROzSZptBUmkapNJ1m0Ls0k2bRbHqP5tD7NJfm0XxaQGn0AS2kRZROH9Ji+ogyaAktpWW0nFbQSlpFq2kNraV1tJ420EbaRJtpC22lbbSddtBO+ph20Se0m/bQXvqUMukz2kef0376gg7Ql5RFX9FB+poO0Td0mL71veg7OkrH6Dh9TyfoBzpJp+g0naGz9COdo5/oPHmCEEMRylCFQRgT5ghjw5xhrvCqMHd4dZgnvCaMhNeGceF1Yd7w+jBfmD8sEBYM48NCYeFQhya0IYVhWCQsGkbDG8Ji4Y1h8bBEWDIsFbqwdJgQ3hSWCW8Oy4a3hOXCW8Py4W1hhbBi+Mh9lcPbwyrhHWHV8M6wWnhXWD2sEdYMa4V3h7XDe8I64b1h3fC+sGx4f1g/fCBsED4YNgwfChuFD4eNw0fCJuGjYdOwWdg8bBG2DB8LW4WPh63DNmHb8ImwXfhk2D58KkwMnw47hM/83H//oj/uTwp7h33Cl8KXQu/vlfOjC6Jp0Q+iC6OLounRD6OLox9FM6JLokujy6LLoyuiK6Oroquja6Jro+ui66Mbohujm6Le18oBDp1w0ikXuBiXw8W6nC6Xu8rldle7PO4aF3HXujh3ncvrrnf5XH5XwBV08a6QK+y0M846cqEr4oq6qLvBFXM3uuKuhCvpSjnnSrsE18K1dC1dK/e4a+3auLbuCfeEe9I96Z5yT7mnXQf3jOvo/uY6uWddZ/ece84977q6bq67e8H1cBPy/PKaTHJ9XB/X1/V1/V1/N9ANdIPcIDfYDXbJLtkNdUPdMDfMDXfD3Qg3wo1yo9xoN9qNcWPcODfOpbgUN9FNdJPcJDfZTXZT3VSX6lLdDDfDzXQzXZVZvxxlrpvr5rv5Ls2luYXuwjVjulvsFrsMl+GWuqVuuVvuVrqVbrVb7da6tW69W+82uo1us9vstrqtbrvb7na6nW6X2+V2+2t+GdRlun1un9vv9rsD7kuX5b5yB93X7pD7xh1237oj7jt31B1zx9337oT7wZ10p9xpd8addT+6c+4nd955lxKZEJkYeTsyKfJOZHJkSmRqZFokNTI9MiPybmRmZFZkduS9yJzI+5G5kXmR+ZEFkbTIB5GFkUWR9MiHkcWRjyIZkSWRpZFlkeWRFRHvC20NfRFf1Ef9Db6Yv9EX9yV8SV/KO1/aJ/ibfBl/sy/rb/Hl/K2+vL/NV/AVfSX/qG/qm/nmvoVv6R/zrfzjvrVv49v6J3w7/6Rv75/yif5p38E/4zv6v/lO/lnf2T/nu/jnfVffzXf3L/ge/kXf0/fySb637+Nf8n19P9/fD/AD/ct+kH/FD/av+mQ/xA/1r/lh/nU/3L/hR/iRflTMm370pVtkGO9T/AQ/0b/tJ/l3/GQ/xU/103yqn+5n+Hf9TD/Lz/bv+Tn+fT/Xz/Pz/QKf5j/wC/0in+4/9Iv9Rz7DL7m0qOxX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+m1+u9/hd/qP/S7/id/t9/i9/lOf6T/z+/znfr//wh/wX/os/5U/6L/2h/w3/rD/1h/x3/mj/pg/7r/3J/wP/qQ/5U/7M/6s/9Gf8z/58/ydNcYYY4yxf8qEy03x655flvN7/06O+Lud+wDA1dsKZv19/4UryvX5fmn3E/HtIgDwdK8uD13aqldPSkq6uG+GhKDoPIBLnwRd8POy8cV4CbSFJyER2kCZ351/P9HtLP2D8aO3AuT6u5xYuBxfHv9zAEz6nfEfe2LUwvLh6bj/Zfx5AMWLXs7JCZfjJdD25/WVNlD2D+afv9U/mH/OL1IAWv9dTm64HF+efwI8Ds9A4q/2ZIwxxhhjjDHGftFPVOp06f7z0v/4/L3783h1OScHXI7/0f05Y4wxxhhjjDHGrrxnu3V/6rFL39x7LDGxTaefH/lnGlX/lZ3/9UYT+E+NzI3fbXgPcOkRBQB/ckCACw353zyLLf+VYyVffLX8z67lZ3wA3Ytd/NLjX3fQ2D9fi3+ncaV+IzHGGGOMMcb+Uy5f9P/6cXWlJsQYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjGVD/40/J3alz5ExxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhi70v5fAAAA//8XnvpB") r0 = open$dir(&(0x7f0000000080)='.\x00', 0x480, 0x10) fcntl$notify(r0, 0x402, 0x80000023) r1 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff) ioctl$FAT_IOCTL_SET_ATTRIBUTES(r1, 0x40047211, &(0x7f0000000080)=0x10) 4.537737486s ago: executing program 6 (id=3254): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x51) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000040)='./file5\x00', 0x6000, 0x1) r0 = landlock_create_ruleset(&(0x7f0000000940)={0x840c, 0x3}, 0x18, 0x0) landlock_restrict_self(r0, 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000100)='./file5\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file0\x00', 0x2) 4.118430946s ago: executing program 7 (id=3255): syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000140)='./bus\x00', 0x808808, &(0x7f00000000c0)=ANY=[@ANYBLOB="636f6465706167653d757466382c66696c655f756d61736b3d30303030303030303030303030303030303030303030332c696f636861727365743d63703737352c71756965742c008f7881d185c35a6a28ef06c5b85628f12a02248de249c2a338d049166371583781680d171f47"], 0x1, 0x2f2, &(0x7f0000000400)="$eJzs3c1u00oYxvFnnKRNP9ST0/boSGdzUKESbCoKLBCbSChb9qwQ0KRSRVREWyRgQ0EsEReA2HILXAQbEDfADjZcQFcYzXicOKntJBA3/fj/pFrOeGb8DrbjeY1aC8CZdbPx9f3Vb/bHSCWVJN2QAklVqSzpH/1bfby9t7XXbjXzOiq5FvbHKGppog0z3Tob2620prada+HV7Key5pNlKEb4MwxDKXRLnFnu6k8RSNP+OnTbq0ccV1H2pf8nHcNYfR9cJXmAzYEO9EQLRYYEADj+/P0/8LeJeVdkFATSqr/tn6r7/8GkAxiva+1DRfnz+cT9383uQmOP719uUzffcymc3R7EWeIwwVT6Pk8pOrN6JphmUFbpYglmNrfKWtt4oWagl6p7iWrLbtmMTt3YgGhX4tx0ONm9VXRrNhqNm1H2i0Pa3Gq3pu1KSvxLo+3xz5mP5rO5Y2p6q2Zn/lcOjab0Lq7Tc6SCio3/cnaPc3ZRs7Xk0/56vR70VPnb7eQ/fy54A0ZZTc9Ikn3GDwj2OxHkxen2vajexwrR6NYHtFpKa1XrfMpotdzTquTPhLWNh+3cRynFiIdo3pjbZkU/9EGNxPw/sPGtKnFl5n3VG1fTnxnReKbSa3b+bfq6614u5/prTo80LnijPS17rfu6roXdp88elNrt1o5duZey8mh+x/iSyisptU7xKyXl1NF+tyS0nofhsD2HRQZ/aawd2u+PTom9fNIq26usUxIc9WHyK/E5Npm9j3MlYxSNT8o7IU/OShhKGZsK+IbCsbNr4oPuC2YmHBCOmp13mSj/czN5P6tzKZJd1HLm6QP/0yjR43ong+udCi665exIGdxcdgaX2OOVjJzR5VznL0oXEoVGuXus+ThPCdPQF93l+T8AAAAAAAAAAAAAAAAAAMBJM8ZfJ4h/k/HQpgkPEQAAAAAAAAAAAAAAAAAAAACAE++33v+b9jfi3ft/aynv/00Y3/t/898MBGAovwIAAP//n7F2ZA==") mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000146000/0x4000)=nil) r0 = open(&(0x7f0000000080)='./file1\x00', 0xe6442, 0x1e) pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x1600, 0x0, 0x3) creat(&(0x7f0000000000)='./file1\x00', 0x96) 4.059173575s ago: executing program 1 (id=3256): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000280), r1) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f00000002c0)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000440)={0x40, r2, 0x1, 0x70bd29, 0x25dfdbff, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_SEC_LEVEL={0x24, 0x2d, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x1}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x3}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5, 0x4, 0x1}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0xfffffffffffffc86, 0x3, 0x2}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x40}, 0x20000000) 3.819247599s ago: executing program 5 (id=3257): r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x13}, 'gre0\x00'}}, 0x1e) sendmmsg(r0, &(0x7f00000008c0)=[{{0x0, 0x0, 0x0}}], 0x34000, 0x0) r1 = dup(r0) ioctl$PPPIOCSMRU(r1, 0x40047452, 0x0) 3.465216147s ago: executing program 6 (id=3258): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = syz_io_uring_setup(0x117, &(0x7f0000000100)={0x0, 0x58ee, 0x800, 0x200, 0x13c, 0x0, r1}, &(0x7f00000003c0)=0x0, &(0x7f0000000200)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000000c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="180000"], 0x18}, 0x0, 0x20040000}) io_uring_enter(r2, 0x47f6, 0x80ffff, 0x0, 0x0, 0x0) 3.464865641s ago: executing program 2 (id=3259): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000b80)={[{@errors_remount}, {@nobh}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}, {@dioread_lock}]}, 0x3, 0x439, &(0x7f0000002380)="$eJzs3MtvG0UYAPBv105LXyRU5dEHECiIikfSpKX0wAUEEgeQkOBQjiFJq1K3QU2QaFVBQKgcUSXuiCMSfwEnuCDghMQV7qhShXJp4WS09m5iO3aauE5c8O8nrTuzO9bM592xZ3a6CWBgjWYvScTuiPg9Iobr2eYCo/V/bi1dmf576cp0EtXqW38ltXI3l65MF0WL9+0qMuWI9LMkDrapd/7S5XNTlcrsxTw/vnD+/fH5S5efO3t+6szsmdkLkydPHj828cKJyed7EmcW180DH80d2v/aO9femD517d2fv02K+Fvi6JHRtQ4+Wa32uLr+2tOQTsp9bAgbUqp30xiq9f/hKMXKyRuOVz/ta+OATVWtVqsPdD68WAX+x5LodwuA/ih+6LP5b7Ft0dDjrnDjpfoEKIv7Vr7Vj5QjzcsMtcxve2k0Ik4t/vNVtsXm3IcAAGjyfTb+ebbd+C+NxvtC9+ZrKCMRcV9E7I2IExGxLyLuj6iVfTAiHtpg/a2LJKvHP+n1rgJbp2z892K+ttU8/itGfzFSynN7avEPJafPVmaP5p/JkRjanuUn1qjjh1d++6LTscbxX7Zl9Rdjwbwd18vbm98zM7UwdScxN7rxScSBcrv4k+WVgCQi9kfEgS7rOPv0N4c6Hbt9/GvowTpT9euIp+rnfzFa4i8ka69Pjt8Tldmj48VVsdovv159s1P9dxR/D2Tnf2fb6385/pGkcb12fuN1XP3j845zmm6v/23J2037PpxaWLg4EbEteb3e6JX9pYuTLeUmV8pn8R853L7/742VT+JgRGQX8cMR8UhEPJq3/bGIeDwiDq8R/08vP/Fe9/Fvriz+mQ2d/5XEtmjd0z5ROvfjd02Vjmwk/uz8H6+ljuR71vP9t552dXc1AwAAwH9PGhG7I0nHltNpOjZW/z/8+2JnWpmbX3jm9NwHF2bqzwiMxFBa3OkabrgfOpFP64v8ZEv+WH7f+MvSjlp+bHquMtPv4GHA7erQ/zN/lvrdOmDTdbeOlva8HcDW87wmDC79HwaX/g+Dq03/39GPdgBbr93v/8d9aAew9coNr/nfBAMGhPk/DC79HwaX/g8DaX5H3P4heQmJVYlI74pmSGxSot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL3xbwAAAP//1Xjmag==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0x49e401, 0x79) r1 = openat(0xffffffffffffff9c, &(0x7f0000000480)='.\x00', 0x10000, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r1, 0x8004587d, &(0x7f0000000080)={@id={0x2, 0x0, @a}}) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x40086610, &(0x7f00000004c0)={@desc={0x1, 0x0, @auto="ad62eb2726393cd0"}}) 2.357225146s ago: executing program 7 (id=3260): syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000140)='./bus\x00', 0x20a0c94, &(0x7f00000005c0)=ANY=[@ANYRES8, @ANYRESOCT, @ANYRES64, @ANYRESOCT, @ANYRESHEX, @ANYBLOB="0ea1a3ed758749a35b0cf19e7301710a8a7c5e7fe9b7c49589266bd5045f15f1817fcc4ea04eeac3f0df37b8beaeafc22a5a08a1a70024"], 0x5, 0x2c3, &(0x7f0000000180)="$eJzs3cFqE1EUxvFjU5s0pU0EERTUg250M7TxATRIC2JAqY2oC2FqJxoyJmUmVCJisxG3Pkdx6U5QX6AbcePeXREEN12II52ZtJM2bdM2TWL7/0GZO3Pux71N0nISSLLy4N3zUsE1CmZVBhIqAyJ1WRVJr41CJ8LjgD8ekqi6XB35/f38vYePbmdzuclp1anszLWMqo5d/PTi1ftLX6oj9z+MfYzLcvrxyq/Mj+Wh5bMrf2eeFV0tulquVNXU2Uqlas7als4V3ZKhete2TNfSYtm1nKZ6wa7Mz9fULM+NJucdy3XVLNe0ZNW0WtGqU1PzqVksq2EYOpqU422wjTn5pelpM7tt2Yt1dEc4dMOtLjpOtt66mF/qwp4AAECf2bn/D3r97fr/je5wL/3/md37f5Fo/58IF6H/74B609ku/T+OBMfJmsnw77cZ/T8AAAAAAAAAAAAAAAAAAAAAAP+DVc9LeZ6XWjuGl/zzuIgkgreA++c93iYOSfT+9yI/6/d/eL4pdr1H20WHRd64lxCx3y7kF/LBMahnC1IUWywZl5T88R8PoWA8dSs3Oa6+tHy2F8P84kI+JvFGviHdKn/h1ESQ1+b8SUlG189ISk63Xj/TMj8kVy5H8oak5OsTqYgtc/7jeiP/ekL15p3cpvywPw8AAAAAgKPA0HVbnr/7dX9CQrbWg3zk9QHP8xZ3en1g0/PrQTnXzkdUAgAAAACAA3NrL0umbVvOPgZxETlAvPMDzxPp/TZi0h+3RvPghoj0wTa6NUiISHBF9xP/uR5vK+W1MWcw/AaO/rh9dh/0+j8TAAAAgE7baPr3EPr25hB3BAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA8dPu54E15m8pNQo7xCPLxbr+CwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB95F8AAAD//6loFW8=") syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000040)='./file0\x00', 0x100c405, &(0x7f00000003c0)=ANY=[@ANYBLOB='dots,fmask=00000000000000000006675,nodots,uid=', @ANYRESHEX=0xee00, @ANYBLOB=',dots,nodots,gid=', @ANYRESHEX=0xee00, @ANYBLOB="2c6e6f646f74732c6e6f646f74732c646f74732c6e6f646f74732c6e6f646f74732c6e6f646f74732c636865636b3d72656c617865642c6e6f646f74732c6e6f646f74732c636865636b3d72656c617865642c73686f77657865632c6e6f646f74732c74696d655f6f66667365743d3078303030303030303030303030303131312c6e6f646f74732c646f74732c00fb298227e882bf345354297c737aa0d01f11809b19ba8949352bd13bb4c792980f6a9902d492889ea4ac4b12a09f703a90a9a1995197865ec7"], 0x1, 0x1fa, &(0x7f0000000c00)="$eJzs3c9qE10UAPCTfGn+fLjoThCEERe6KuoTRKSCGBAqWehO0JVZtZvUTfsYvoLv5QNIV9nIlTiTTkziVAKZqfX32/TMnHt775khk2xykiL39fbn6Pdb0R7GMGat2I92LJwHAHCTzFKKbynX9F4AgHpc+f7fju+1bwoA2KnXb96+fDoaHR5lWT/i4nw6no7zv3n++YvR4aPsp/1y1sV0Ov7vMv84W/3sMM/vxf9F/kk+P7tMdyNi3I2H9/P8PPfs1Sj7dX4v3u+4dgAAAAAAAAAAAAAAAAAAAAAAaMrdyBY29vc5OFjND4p8frTUH2ilf08n7nSKw7I9UDqroygAAAAAAAAAAAAAAAAAAAD4y5ycfvr4bjL5cFwGvYhYPtNZHjNcGbwWtIp/XDXmGgXt2G76oChzi0VbxSXabYGDzTf3T4LoXJe7s22Q1bDWoPLypjQPNr8KFm0xfju9GxHVqz842nbzs5TS5Mu945PTSJWDy2dEr9YnEgAAAAAAAAAAAAAAAAAA/LuWvvW9pt/EhgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgAeXv/8+D9TOVwVlE3IorBy/W2ot+o7UCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwc/0IAAD///5UIg8=") mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0) mount$tmpfs(0x0, 0x0, 0x0, 0x800, 0x0) 2.050585177s ago: executing program 1 (id=3261): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r0, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0xe) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x20441, 0x0) ioctl$BLKDISCARD(r1, 0x125f, 0x0) 1.822479845s ago: executing program 6 (id=3262): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='devtmpfs\x00', 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r0 = openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080), 0x18) getdents64(r0, &(0x7f0000000200)=""/4096, 0x1000) 1.353886338s ago: executing program 2 (id=3263): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x4, 0x8001, 0x0, 0x7, 0x200000000002, 0x7, 0x8, 0x3}, 0x0) ioprio_set$pid(0x1, 0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x20000023896) 964.587434ms ago: executing program 7 (id=3264): r0 = socket(0x2, 0x80805, 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r1, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000100)=@assoc_value={r2, 0xffff140c}, &(0x7f0000000180)=0x8) 700.497886ms ago: executing program 6 (id=3265): syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000600)='./file0\x00', 0x10000, &(0x7f0000000640), 0x1, 0x5c5, &(0x7f0000001a00)="$eJzs3VuIXHcdB/Dfmd1Jc9mai63aGpvVUFso3dlsNiERHyzxUmtSK4oPoRCW7HQ3ZHZnzW6gOxVM8UUURPBFBKFiH6yIBvJSKbV9aPFFQakXKhoDKohQtFIQQZ3yn8t22pw0pXs5JOfzgTP7P/9zZv7/2eE755w5twBKazQ9ZBEjEXEhIrZ3R18/w2j3T2v/+dk0ZNFuf/YfWWe+6f3nZ/uz9p+3LT0MR2yOiF1HsthbvbzdxeXW6alGo36mN15bmluoLS637j41NzVTn6nPHzg0eXji4OShybV7r+O/2HrzX2+//9Ljz/37v9/53cEfpf6O9KYNvo+1Mhqjvf9JNXYO1A9nEfetdWMFGep+1HH7QF02XGCHeMva7V0/TJ/fOyNibyf/22Mouh/ei089+K/t8Zt7i+4jsH7affmTX24Pqg4+AbjWVTrrwFllLCK65UplbKy7Dn9TbK00motLdz3UPDs/3V1X3hHVykOnGvXx3rbCjqhmaXxfp/za+MQbxvdHdNaBvzK0pTM+drLZmN7oLzugYyTi4oUvnNy07Q35/9tQN//A9Svl/9fPP/lMKr8yVHRvgI2U8v+DV+Y+FfIPpSP/UF7yD+Ul/1Be8g/lJf9QXvIP5SX/UF7yD+Ul/1Be/fw/cOxYPHDsWLvVO/99vjlz6vTswuGJ8bG5syfHTjbPLIzNNJsznTN25q7+uo1mc2HfRJx9uLZUX1yqLS63Tsw1z84vneic13+innMpAKAAxy9tvm/nnmdfzCLi3Ie2dIZkU2+6rML1rd3OnNIPJWXTH8rLpdqgvGzjA9lVpm++0oTG2vcF2BiVojsAFOaOW+z/g7Ly+z+Ul9//obze7jp+FnFujbsCFMTv/1A+fv+H8hq5wv2/bhy4d9d4RLwjIn4+VL2hf68v4Jryuk39kYiLF7/3+drKfbgVFBQUVgrFfVEBG+O10BfdE6Ao0/vPz/aHjWrz6ZmNagnI89I93YOAUu5bvaE7ZXhl30B1nY4T2nlbevzJHx+7c3YoDdH7HlqHpoAc5x6NiPfkLf+zzr6BHb35dnVni5si4uaIeFdEvHuVbX/rMxGj8Xx9sE7+YeO81fzfEhFpcX1rRLw3InZHxPtW2favLqT8/3bLYJ38Qzl88bmiewAU5ZNPFt0DoCjHHWMApfX9R4ruAVCUp35cdA+Aonz9haJ7AOX27D0RMZ63/6/S2d/fV+1dF/CG3rUAtkTE1ojY1juH8MbeOYLbB/YZXs2JT0eMxm0/Hayz/w82Tv/4v9Zlx/9VVo7/G4qIPato4+kPj3wtr35qd8r/44/0j/9LQ2q/fywgsL5eejTi1tz8ZyvH/GaRchrx/rfZxuiXLj2RV//C/el1q7+UfyhG+7sRH4z8/PelUm1pbqG2uNy6u3Mf75n6/IFDk4cnDk4emqx1LhFS618oJMfRf758V179HyZS/r99QP6hGGn5v/UK+R9c///AKto48s2vHs+rH/lzyv/uZ948/5W/b8o+1xnv35fg4amlpTP7IjZlRy+vn1hFR+E6189IP0Mp/3fuzd/+39V7Tlr+H4mIj6b1hYj4X0T8PyI+FhEfj4hPRMS9b9LmN+6YuZRX/6cnUv4fO235D8VI+Z++yvI//f3PKtrYHD/7cl79R/ak/I/9/i9HHxxOg/wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArL3F5dbpqUajfmYdC0W/RwAAAAAAACiLVwMAAP//Oacv4Q==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x10) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000002780)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) read$FUSE(r1, &(0x7f0000000480)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) fchown(r0, r2, r3) 343.786652ms ago: executing program 1 (id=3266): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'dummy0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0xffffffffffffff77, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001300)=@newqdisc={0x30, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r2, {0x3}, {}, {0x2, 0xfff1}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x20008091}, 0x4000000) 141.683209ms ago: executing program 5 (id=3267): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000b00), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000540)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000180)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010800000000000000000c00000008000300", @ANYRES32=r3, @ANYBLOB="0a00060008021100000100003000508011000a"], 0x58}}, 0x800) 0s ago: executing program 7 (id=3268): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x5}, {0xfff1, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=@deltfilter={0x34, 0x2d, 0x1, 0x78bd2f, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0x10, 0xc}, {0x7, 0xffff}, {0x4, 0x5}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4c014}, 0x20044000) kernel console output (not intermixed with test programs): th error 117 [ 835.971911][T12051] EXT4-fs (loop1): This should not happen!! Data will be lost [ 835.971911][T12051] [ 836.021596][T12057] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 112: padding at end of block bitmap is not set [ 836.021721][T11111] usb 10-1: Using ep0 maxpacket: 8 [ 836.123259][T11111] usb 10-1: New USB device found, idVendor=0c45, idProduct=614a, bcdDevice=c4.6d [ 836.179507][T11111] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 836.264830][T11111] usb 10-1: Product: syz [ 836.269323][T11111] usb 10-1: Manufacturer: syz [ 836.348786][T11111] usb 10-1: SerialNumber: syz [ 836.389306][T11111] usb 10-1: config 0 descriptor?? [ 836.496448][T11111] gspca_main: sonixj-2.14.0 probing 0c45:614a [ 836.508426][ T1127] EXT4-fs error (device loop1): ext4_map_blocks:818: inode #15: block 8: comm kworker/u8:7: lblock 8 mapped to illegal pblock 8 (length 8) [ 836.576425][ T1127] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 836.621436][ T1127] EXT4-fs (loop1): This should not happen!! Data will be lost [ 836.621436][ T1127] [ 836.724327][T10766] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 836.951727][T12073] loop2: detected capacity change from 0 to 2048 [ 837.092853][T12073] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 837.212459][T12073] UDF-fs: Scanning with blocksize 512 failed [ 837.357760][T12073] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found! [ 837.540599][T12073] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 837.623918][ T9411] usb 10-1: USB disconnect, device number 8 [ 838.782206][ T9411] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 839.023016][T12099] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 839.031497][ T9411] usb 2-1: Using ep0 maxpacket: 32 [ 839.066799][ T9411] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 839.094743][T12099] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 839.143986][T12099] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 839.152587][ T9411] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 839.160652][T12100] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 839.233825][T12100] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 839.251775][ T9411] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 839.261142][ T9411] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 839.263051][T12098] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 839.354153][ T9411] usb 2-1: config 0 descriptor?? [ 839.540366][ T9411] hub 2-1:0.0: USB hub found [ 839.664810][ T9411] hub 2-1:0.0: config failed, hub doesn't have any ports! (err -19) [ 839.737954][T12107] loop6: detected capacity change from 0 to 64 [ 840.204053][ T9411] hid-generic 0003:046D:C31C.0017: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.1-1/input0 [ 840.514236][ T9411] usb 2-1: USB disconnect, device number 11 [ 841.081448][ T5771] Bluetooth: hci3: command 0x0406 tx timeout [ 841.753934][T12117] fido_id[12117]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 841.795398][T12129] netlink: 'syz.1.1962': attribute type 4 has an invalid length. [ 842.260412][T12134] loop9: detected capacity change from 0 to 1024 [ 842.498360][T12134] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 842.987787][T12144] netlink: 9286 bytes leftover after parsing attributes in process `syz.6.1967'. [ 843.379323][ T9406] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 845.873759][T12181] netlink: 276 bytes leftover after parsing attributes in process `syz.6.1980'. [ 845.952492][T12181] netlink: 276 bytes leftover after parsing attributes in process `syz.6.1980'. [ 847.335469][T12203] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 849.101632][T11548] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 849.165559][T12224] input: syz1 as /devices/virtual/input/input21 [ 849.302719][T11548] usb 2-1: Using ep0 maxpacket: 8 [ 849.344191][T11548] usb 2-1: config 0 interface 0 altsetting 144 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 849.387108][T11548] usb 2-1: config 0 interface 0 altsetting 144 endpoint 0x81 has invalid wMaxPacketSize 0 [ 849.419761][T11548] usb 2-1: config 0 interface 0 has no altsetting 0 [ 849.454985][T11548] usb 2-1: New USB device found, idVendor=6666, idProduct=8804, bcdDevice= 0.00 [ 849.486151][T11548] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 849.614023][T11548] usb 2-1: config 0 descriptor?? [ 850.156187][T11548] smartjoyplus 0003:6666:8804.0018: unknown main item tag 0x2 [ 850.223728][T11548] smartjoyplus 0003:6666:8804.0018: hidraw0: USB HID v0.00 Device [HID 6666:8804] on usb-dummy_hcd.1-1/input0 [ 850.260328][T11548] smartjoyplus 0003:6666:8804.0018: no output reports found [ 850.371557][T11548] usb 2-1: USB disconnect, device number 12 [ 851.168105][T12236] fido_id[12236]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 851.776700][T12252] sock: sock_set_timeout: `syz.9.2005' (pid 12252) tries to set negative timeout [ 854.345021][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 854.460087][T12286] netlink: 'syz.0.2015': attribute type 6 has an invalid length. [ 858.101166][T12321] loop9: detected capacity change from 0 to 4096 [ 858.133695][T12320] loop1: detected capacity change from 0 to 4096 [ 858.181928][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 859.151541][T12320] ntfs3(loop1): ino=21, "file1" failed to extend initialized size to 2007ffc. [ 860.832979][T12350] loop1: detected capacity change from 0 to 764 [ 861.117664][T12357] netlink: 'syz.2.2040': attribute type 4 has an invalid length. [ 861.931800][T12360] loop9: detected capacity change from 0 to 2048 [ 862.003911][T12360] UDF-fs: error (device loop9): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 862.071822][T12360] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 862.215385][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 862.215463][ T29] audit: type=1800 audit(1773751577.932:116): pid=12360 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.2042" name="file1" dev="loop9" ino=1367 res=0 errno=0 [ 864.600020][T12398] loop9: detected capacity change from 0 to 64 [ 864.938627][T12400] netlink: 'syz.1.2056': attribute type 4 has an invalid length. [ 866.087646][T12418] overlayfs: failed to clone upperpath [ 866.107085][T12419] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2061'. [ 866.901747][ T9411] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 867.085090][ T9411] usb 2-1: Using ep0 maxpacket: 32 [ 867.144358][ T9411] usb 2-1: config 76 has an invalid descriptor of length 0, skipping remainder of the config [ 867.242216][ T9411] usb 2-1: New USB device found, idVendor=069a, idProduct=0001, bcdDevice=51.c5 [ 867.293059][ T9411] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 867.361990][ T9411] usb 2-1: Product: syz [ 867.374712][ T9411] usb 2-1: Manufacturer: syz [ 867.421984][ T9411] usb 2-1: SerialNumber: syz [ 867.516340][ T9411] pwc: Askey VC010 type 1 USB webcam detected. [ 867.762262][ T9411] pwc: send_video_command error -71 [ 867.770961][ T9411] pwc: Failed to set video mode CIF@30 fps; return code = -71 [ 867.836392][ T9411] Philips webcam 2-1:76.0: probe with driver Philips webcam failed with error -71 [ 867.954121][ T9411] usb 2-1: USB disconnect, device number 13 [ 870.357436][T12472] input: syz0 as /devices/virtual/input/input22 [ 871.271626][ T9411] usb 10-1: new high-speed USB device number 9 using dummy_hcd [ 871.438419][ T9411] usb 10-1: Using ep0 maxpacket: 32 [ 871.472358][ T9411] usb 10-1: config 76 has an invalid descriptor of length 0, skipping remainder of the config [ 871.562660][ T9411] usb 10-1: New USB device found, idVendor=069a, idProduct=0001, bcdDevice=51.c5 [ 871.601705][ T9411] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 871.641069][ T9411] usb 10-1: Product: syz [ 871.661889][ T9411] usb 10-1: Manufacturer: syz [ 871.677731][ T9411] usb 10-1: SerialNumber: syz [ 871.796295][ T9411] pwc: Askey VC010 type 1 USB webcam detected. [ 871.996230][ T9411] pwc: send_video_command error -71 [ 872.037622][ T9411] pwc: Failed to set video mode CIF@30 fps; return code = -71 [ 872.122701][ T9411] Philips webcam 10-1:76.0: probe with driver Philips webcam failed with error -71 [ 872.244551][ T9411] usb 10-1: USB disconnect, device number 9 [ 873.748399][T12515] loop2: detected capacity change from 0 to 256 [ 873.896070][T12515] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 874.017033][T12515] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 877.155691][ T9411] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 877.364932][ T9411] usb 3-1: Using ep0 maxpacket: 32 [ 877.404264][ T9411] usb 3-1: config 76 has an invalid descriptor of length 0, skipping remainder of the config [ 877.471667][ T9411] usb 3-1: New USB device found, idVendor=069a, idProduct=0001, bcdDevice=51.c5 [ 877.511906][ T9411] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 877.520266][ T9411] usb 3-1: Product: syz [ 877.556358][ T9411] usb 3-1: Manufacturer: syz [ 877.591485][ T9411] usb 3-1: SerialNumber: syz [ 877.672487][ T9411] pwc: Askey VC010 type 1 USB webcam detected. [ 877.926811][ T9411] pwc: send_video_command error -71 [ 877.970152][ T9411] pwc: Failed to set video mode CIF@30 fps; return code = -71 [ 878.032112][ T9411] Philips webcam 3-1:76.0: probe with driver Philips webcam failed with error -71 [ 878.103565][ T9411] usb 3-1: USB disconnect, device number 4 [ 879.001863][T11111] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 879.236320][T11111] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 879.279914][T11111] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 879.333505][T11111] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 879.370663][T11111] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 879.415099][T11111] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0 [ 879.507324][T11111] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 879.540477][T11111] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 879.551436][T12570] netlink: 56 bytes leftover after parsing attributes in process `syz.9.2111'. [ 879.578172][T11111] usb 2-1: Product: syz [ 879.584321][T11111] usb 2-1: Manufacturer: syz [ 879.594114][T11111] usb 2-1: SerialNumber: syz [ 880.794719][T11111] cdc_ncm 2-1:1.0: bind() failure [ 880.857612][T12579] loop9: detected capacity change from 0 to 2048 [ 880.909030][T11111] cdc_ncm 2-1:1.1: probe with driver cdc_ncm failed with error -71 [ 880.936475][T12579] udf: Bad value for 'anchor' [ 880.984507][T11111] cdc_mbim 2-1:1.1: probe with driver cdc_mbim failed with error -71 [ 881.071597][T11111] usbtest 2-1:1.1: probe with driver usbtest failed with error -71 [ 881.202057][T11111] usb 2-1: USB disconnect, device number 14 [ 882.166097][T12595] overlayfs: failed to clone upperpath [ 882.437302][T12600] loop1: detected capacity change from 0 to 1024 [ 884.262416][T12622] loop2: detected capacity change from 0 to 512 [ 884.483475][T12622] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 884.581950][T12622] ext4 filesystem being mounted at /69/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 884.918502][T11269] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 885.289910][T12632] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2130'. [ 885.367903][T12632] erspan0: entered promiscuous mode [ 885.477568][T12632] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2130'. [ 885.578647][T12637] loop2: detected capacity change from 0 to 1024 [ 885.720992][T12637] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 886.230456][T11269] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 886.486322][T12646] loop1: detected capacity change from 0 to 512 [ 886.583702][T12646] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 886.797070][T12646] EXT4-fs (loop1): 1 truncate cleaned up [ 886.831072][T12646] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 887.109026][T12650] loop2: detected capacity change from 0 to 1024 [ 887.641166][T10766] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 889.292546][T12664] loop2: detected capacity change from 0 to 4096 [ 889.660091][T12664] ntfs3(loop2): ino=b, mi_enum_attr [ 889.712672][T12664] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 889.769705][T12664] ntfs3(loop2): Failed to load $Extend (-22). [ 889.792361][T12664] ntfs3(loop2): Failed to initialize $Extend. [ 890.283342][T12687] overlayfs: failed to clone upperpath [ 891.043024][T12695] netlink: 35284 bytes leftover after parsing attributes in process `syz.0.2161'. [ 891.139061][T12700] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2162'. [ 891.170106][T12700] netlink: 'syz.1.2162': attribute type 7 has an invalid length. [ 891.198271][T12700] netlink: 'syz.1.2162': attribute type 8 has an invalid length. [ 891.251726][T12700] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2162'. [ 891.310044][T12692] loop2: detected capacity change from 0 to 4096 [ 892.933820][T12713] loop1: detected capacity change from 0 to 2048 [ 893.278425][T12720] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 893.394634][T12713] NILFS (loop1): vblocknr = 12 has abnormal lifetime: start cno (= 150994946) > current cno (= 3) [ 893.450328][T12723] NILFS error (device loop1): nilfs_lookup: deleted inode referenced: 12 [ 893.501516][T12713] NILFS error (device loop1): nilfs_bmap_truncate: broken bmap (inode number=16) [ 893.617019][T12723] Remounting filesystem read-only [ 893.644404][T12713] Remounting filesystem read-only [ 893.649664][T12713] NILFS (loop1): error -5 truncating bmap (ino=16) [ 894.856439][T12734] loop9: detected capacity change from 0 to 4096 [ 895.168476][T12734] ntfs3(loop9): ino=b, mi_enum_attr [ 895.211385][T12734] ntfs3(loop9): Mark volume as dirty due to NTFS errors [ 895.231511][T12734] ntfs3(loop9): Failed to load $Extend (-22). [ 895.237867][T12734] ntfs3(loop9): Failed to initialize $Extend. [ 895.929958][T10766] NILFS (loop1): disposed unprocessed dirty file(s) when detaching log writer [ 896.972840][T12755] loop9: detected capacity change from 0 to 512 [ 897.031451][T12755] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode [ 897.217778][T12755] EXT4-fs (loop9): 1 truncate cleaned up [ 897.294003][T12755] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 897.887418][ T9406] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 900.908724][T12798] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2183'. [ 901.710709][T12807] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2188'. [ 902.698369][T12815] 9p: Bad value for 'rfdno' [ 903.462417][T12822] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2204'. [ 903.492987][T12822] tipc: New replicast peer: 255.255.255.255 [ 903.510498][T12822] tipc: Enabled bearer , priority 10 [ 904.676464][T12832] loop1: detected capacity change from 0 to 256 [ 904.892127][T12832] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d) [ 905.300736][ T29] audit: type=1326 audit(1773751621.002:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12839 comm="syz.6.2202" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44f6c code=0x7ffc0000 [ 905.470707][ T29] audit: type=1326 audit(1773751621.002:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12839 comm="syz.6.2202" exe="/root/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf7f44f6c code=0x7ffc0000 [ 905.578765][ T29] audit: type=1326 audit(1773751621.002:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12839 comm="syz.6.2202" exe="/root/syz-executor" sig=0 arch=40000003 syscall=125 compat=1 ip=0xf7f44f6c code=0x7ffc0000 [ 905.750405][ T29] audit: type=1326 audit(1773751621.012:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12839 comm="syz.6.2202" exe="/root/syz-executor" sig=0 arch=40000003 syscall=175 compat=1 ip=0xf7f44f6c code=0x7ffc0000 [ 905.815375][T12837] loop2: detected capacity change from 0 to 4096 [ 905.911899][T12844] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 905.916360][ T29] audit: type=1326 audit(1773751621.012:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12839 comm="syz.6.2202" exe="/root/syz-executor" sig=0 arch=40000003 syscall=435 compat=1 ip=0xf7179010 code=0x7ffc0000 [ 906.058921][T12850] loop1: detected capacity change from 0 to 256 [ 906.126447][T12850] exfat: Deprecated parameter 'utf8' [ 906.189038][ T29] audit: type=1326 audit(1773751621.052:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12839 comm="syz.6.2202" exe="/root/syz-executor" sig=0 arch=40000003 syscall=311 compat=1 ip=0xf7f44f6c code=0x7ffc0000 [ 906.353367][ T29] audit: type=1326 audit(1773751621.052:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12839 comm="syz.6.2202" exe="/root/syz-executor" sig=0 arch=40000003 syscall=175 compat=1 ip=0xf7f44f6c code=0x7ffc0000 [ 906.392198][T12850] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d) [ 906.463960][T12837] ntfs3(loop2): Failed to initialize $Extend/$ObjId. [ 906.519890][ T29] audit: type=1326 audit(1773751621.052:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12839 comm="syz.6.2202" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44f6c code=0x7ffc0000 [ 906.671484][ T29] audit: type=1326 audit(1773751621.052:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12839 comm="syz.6.2202" exe="/root/syz-executor" sig=0 arch=40000003 syscall=175 compat=1 ip=0xf7f44f6c code=0x7ffc0000 [ 906.795866][ T29] audit: type=1326 audit(1773751621.052:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12839 comm="syz.6.2202" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44f6c code=0x7ffc0000 [ 908.301003][T12870] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2208'. [ 908.412624][T12870] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2208'. [ 908.439400][T12873] overlayfs: failed to clone upperpath [ 908.473980][T12870] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 908.780555][T12876] loop1: detected capacity change from 0 to 256 [ 908.835330][T12876] exfat: Deprecated parameter 'utf8' [ 909.023655][T12876] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xfadbc78a, utbl_chksum : 0xe619d30d) [ 910.126780][T12893] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2220'. [ 910.872600][T12896] loop2: detected capacity change from 0 to 4096 [ 911.046455][T12896] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 911.366891][T12896] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 911.749119][T11269] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 915.460672][T12970] overlayfs: failed to clone lowerpath [ 915.536388][T12963] loop9: detected capacity change from 0 to 4096 [ 915.581945][T12963] ntfs3(loop9): Different NTFS sector size (1024) and media sector size (512). [ 915.646179][T12963] ntfs3(loop9): ino=3, mi_enum_attr [ 915.890400][T12963] ntfs3(loop9): Failed to initialize $Extend/$ObjId. [ 916.049540][T12963] ntfs3(loop9): ino=1f, "file2" failed to open parent directory r=5 to update [ 916.764268][T12979] loop1: detected capacity change from 0 to 2048 [ 916.813522][T12979] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 916.947967][T12985] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 917.022749][ T29] kauditd_printk_skb: 50 callbacks suppressed [ 917.022825][ T29] audit: type=1800 audit(1773751632.732:177): pid=12979 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2251" name="file2" dev="loop1" ino=16 res=0 errno=0 [ 917.317061][ T6904] ntfs3(loop9): ino=1f, failed to open parent directory r=5 to update [ 917.990506][T12991] loop2: detected capacity change from 0 to 128 [ 918.123269][T12994] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2257'. [ 918.279143][T12999] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2252'. [ 919.572381][T13013] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2262'. [ 919.591639][T13013] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2262'. [ 919.729374][T13013] gretap0: entered promiscuous mode [ 919.748654][T13015] netlink: 64 bytes leftover after parsing attributes in process `syz.9.2263'. [ 919.777946][T13013] hsr1: Slave A (erspan0) is not up; please bring it up to get a fully working HSR network [ 919.899422][T13014] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 920.337222][T13022] loop1: detected capacity change from 0 to 64 [ 920.538954][ T29] audit: type=1800 audit(1773751636.252:178): pid=13022 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2266" name="file1" dev="loop1" ino=22 res=0 errno=0 [ 920.901983][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 921.771982][T13035] loop1: detected capacity change from 0 to 512 [ 921.912392][T13035] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.2270: bg 0: block 5: invalid block bitmap [ 922.104480][T13035] loop1: lost filesystem error report for type 5 error -117 [ 922.111338][ C1] EXT4-fs (loop1): error count since last fsck: 1 [ 922.125732][ C1] EXT4-fs (loop1): initial error at time 1773751637: ext4_validate_block_bitmap:432 [ 922.135749][ C1] EXT4-fs (loop1): last error at time 1773751637: ext4_validate_block_bitmap:432 [ 922.148792][T13035] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6685: Corrupt filesystem [ 922.171585][T13035] loop1: lost filesystem error report for type 5 error -117 [ 922.214711][T13035] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.2270: invalid indirect mapped block 3 (level 2) [ 922.312126][T13035] loop1: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 922.344139][T13035] EXT4-fs (loop1): 1 orphan inode deleted [ 922.395029][T13035] EXT4-fs (loop1): 1 truncate cleaned up [ 922.424804][T13035] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 922.472428][T13044] tipc: Started in network mode [ 922.477618][T13044] tipc: Node identity ac14142f, cluster identity 4711 [ 922.562329][T13044] tipc: New replicast peer: 0.0.0.0 [ 922.602624][T13044] tipc: Enabled bearer , priority 10 [ 922.622245][T13046] tipc: New replicast peer: 255.255.255.255 [ 922.963228][T10766] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 923.721936][ T9411] tipc: Node number set to 2886997039 [ 924.621784][T11111] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 924.821738][T11111] usb 2-1: Using ep0 maxpacket: 8 [ 924.887609][T11111] usb 2-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=62.cb [ 924.921353][T11111] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 924.969574][T11111] usb 2-1: Product: syz [ 924.981369][T11111] usb 2-1: Manufacturer: syz [ 925.000297][T11111] usb 2-1: SerialNumber: syz [ 925.433695][T13082] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2285'. [ 925.545978][T11111] mxuport 2-1:254.0: mxuport_recv_ctrl_urb - short read (0 / 4) [ 925.564817][T11111] mxuport 2-1:254.0: probe with driver mxuport failed with error -5 [ 925.808034][ T9411] usb 2-1: USB disconnect, device number 15 [ 926.856479][T13099] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2292'. [ 926.931579][T13099] netlink: 'syz.6.2292': attribute type 30 has an invalid length. [ 926.945578][T13100] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2292'. [ 927.001909][T13100] netlink: 'syz.6.2292': attribute type 30 has an invalid length. [ 927.261439][ T57] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 927.330311][ T57] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 927.382832][ T57] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 927.447084][ T57] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 927.532059][T11111] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 927.771474][T11111] usb 2-1: Using ep0 maxpacket: 8 [ 927.856816][T11111] usb 2-1: unable to get BOS descriptor or descriptor too short [ 927.892896][T11111] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 927.951713][T11111] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 927.991717][T11111] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 928.032102][T11111] usb 2-1: New USB device found, idVendor=041e, idProduct=0005, bcdDevice= 0.40 [ 928.069216][T11111] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 928.111412][T11111] usb 2-1: Product: syz [ 928.133145][T11111] usb 2-1: Manufacturer: syz [ 928.138100][T11111] usb 2-1: SerialNumber: syz [ 928.332201][ T9411] usb 10-1: new high-speed USB device number 10 using dummy_hcd [ 928.555382][ T9411] usb 10-1: Using ep0 maxpacket: 8 [ 928.643944][ T9411] usb 10-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 928.698596][ T9411] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 928.751108][ T9411] usb 10-1: Product: syz [ 928.768702][ T9411] usb 10-1: Manufacturer: syz [ 928.797459][ T9411] usb 10-1: SerialNumber: syz [ 928.847857][ T9411] usb 10-1: config 0 descriptor?? [ 929.170344][ T9411] usb 10-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 929.379501][T11111] usb 2-1: USB disconnect, device number 16 [ 929.827114][ T9411] dvb_usb_rtl28xxu 10-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 929.917750][ T9411] usb 10-1: USB disconnect, device number 10 [ 933.679186][T13182] batadv_slave_1: entered promiscuous mode [ 933.743080][T13180] batadv_slave_1: left promiscuous mode [ 934.288798][T13191] loop2: detected capacity change from 0 to 7 [ 934.332612][T13191] Dev loop2: unable to read RDB block 7 [ 934.386255][T13191] loop2: unable to read partition table [ 934.432962][T13191] loop2: partition table beyond EOD, truncated [ 934.439524][T13191] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑච) failed (rc=-5) [ 934.529696][T13192] Dev loop2: unable to read RDB block 7 [ 934.556963][T13192] loop2: unable to read partition table [ 934.597632][T13192] loop2: partition table beyond EOD, truncated [ 936.202799][T13219] loop2: detected capacity change from 0 to 512 [ 936.464688][T13219] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 936.583850][T13219] ext4 filesystem being mounted at /107/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 937.194720][T11269] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 938.258177][T13244] loop1: detected capacity change from 0 to 128 [ 938.289841][T13244] EXT4-fs: Ignoring removed i_version option [ 938.409944][T13242] loop9: detected capacity change from 0 to 2048 [ 938.479734][T13244] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a842c018, mo2=0003] [ 938.522855][T13244] System zones: 1-3, 19-19, 35-36 [ 938.586941][T13244] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 938.676144][T13242] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 938.700834][T13244] ext4 filesystem being mounted at /128/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 938.746567][T13242] ext4 filesystem being mounted at /217/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 939.219771][ T9406] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 940.023953][T13268] loop9: detected capacity change from 0 to 512 [ 940.253148][T13268] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 940.372780][T13268] ext4 filesystem being mounted at /218/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 940.492458][T13268] EXT4-fs error (device loop9): ext4_do_update_inode:5569: inode #2: comm syz.9.2351: corrupted inode contents [ 940.530256][T13268] EXT4-fs error (device loop9): ext4_dirty_inode:6450: inode #2: comm syz.9.2351: mark_inode_dirty error [ 940.616880][T13276] EXT4-fs (loop9): shut down requested (2) [ 941.054502][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 941.065192][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 941.127651][ T9406] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 941.154964][T11273] Quota error (device loop9): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync! [ 941.192523][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 941.256933][T10766] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 941.789548][T13286] loop9: detected capacity change from 0 to 256 [ 941.903093][T13286] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 942.293471][T11111] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 942.495643][T11111] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 942.536332][T11111] usb 2-1: New USB device found, idVendor=046d, idProduct=c71f, bcdDevice= 0.00 [ 942.588815][T11111] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 942.697019][T11111] usb 2-1: config 0 descriptor?? [ 942.776472][T11111] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 943.590664][ T9411] usb 2-1: USB disconnect, device number 17 [ 949.926571][T13392] loop9: detected capacity change from 0 to 1024 [ 950.509417][T13400] loop2: detected capacity change from 0 to 2048 [ 950.707431][T13400] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 950.972763][T13400] EXT4-fs error (device loop2): ext4_readdir:265: inode #2: block 16: comm syz.2.2400: path /121/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=15, rec_len=8, size=2048 fake=0 [ 951.589580][T11269] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 952.649523][T13435] vcan0: tx drop: invalid da for name 0x0000000000000001 [ 953.802368][T13451] netlink: 36 bytes leftover after parsing attributes in process `syz.9.2416'. [ 955.205948][T13463] loop1: detected capacity change from 0 to 512 [ 955.512442][T13463] EXT4-fs (loop1): 1 truncate cleaned up [ 955.520569][T13463] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 956.248293][T10766] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 959.318637][T13506] loop9: detected capacity change from 0 to 256 [ 959.509749][T13510] loop2: detected capacity change from 0 to 64 [ 960.742495][T13522] vcan0: tx drop: invalid da for name 0x0000000000000001 [ 962.308130][T13536] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 962.669246][T13550] loop2: detected capacity change from 0 to 2048 [ 962.855129][T13550] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 962.991909][T13550] ext4 filesystem being mounted at /127/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 963.795360][ T264] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:6: bg 0: block 345: padding at end of block bitmap is not set [ 963.897150][ T264] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 209 with error 117 [ 963.986039][ T264] EXT4-fs (loop2): This should not happen!! Data will be lost [ 963.986039][ T264] [ 964.204667][T11269] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 964.570353][T13572] overlayfs: failed to clone lowerpath [ 967.577350][T13608] netlink: 'syz.9.2467': attribute type 29 has an invalid length. [ 967.613166][T13609] netlink: 'syz.9.2467': attribute type 29 has an invalid length. [ 967.663272][T13608] netlink: 600 bytes leftover after parsing attributes in process `syz.9.2467'. [ 967.730798][T13608] unsupported nla_type 58 [ 969.575389][T13635] input: syz1 as /devices/virtual/input/input23 [ 970.315057][T13642] loop2: detected capacity change from 0 to 128 [ 970.477359][T13642] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 970.542835][T13642] hpfs: filesystem error: improperly stopped [ 970.549110][T13642] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 970.606553][T13642] hpfs: You really don't want any checks? You are crazy... [ 970.646537][T13642] hpfs: hpfs_map_sector(): read error [ 970.689644][T13642] hpfs: code page support is disabled [ 970.729473][T13642] hpfs: hpfs_map_4sectors(): unaligned read [ 970.780849][T13642] hpfs: hpfs_map_4sectors(): unaligned read [ 970.808339][T13642] hpfs: filesystem error: unable to find root dir [ 971.657723][T13659] loop9: detected capacity change from 0 to 64 [ 971.749953][T13659] BFS-fs: bfs_fill_super(): loop9 is unclean, continuing [ 976.309144][T13723] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2507'. [ 978.538480][T13742] loop2: detected capacity change from 0 to 1024 [ 978.566992][T13742] EXT4-fs: Ignoring removed orlov option [ 978.695006][T13742] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 979.810560][T13760] loop1: detected capacity change from 0 to 128 [ 980.040653][T13760] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 980.056809][T13760] ext4 filesystem being mounted at /167/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 980.090295][T11269] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 980.516035][T13763] netlink: 36 bytes leftover after parsing attributes in process `syz.9.2520'. [ 980.600858][T10766] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 981.685251][T13775] loop9: detected capacity change from 0 to 1024 [ 981.767591][T13775] EXT4-fs: Ignoring removed oldalloc option [ 981.844466][T13775] EXT4-fs: Ignoring removed bh option [ 982.057704][T13775] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 982.314107][ T29] audit: type=1804 audit(1773751698.032:179): pid=13775 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.9.2524" name="/newroot/248/file1/bus" dev="loop9" ino=18 res=1 errno=0 [ 982.831976][T13792] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2529'. [ 982.890122][T13792] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 982.897765][T13792] IPv6: NLM_F_CREATE should be set when creating new route [ 982.939174][ T9406] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 984.087675][T13804] loop1: detected capacity change from 0 to 2048 [ 984.283907][T13804] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 984.390930][T13804] ext4 filesystem being mounted at /170/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 984.647220][T13813] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 345: padding at end of block bitmap is not set [ 985.158462][ T6900] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 144 with error 28 [ 985.246319][ T6900] EXT4-fs (loop1): This should not happen!! Data will be lost [ 985.246319][ T6900] [ 985.301878][ T6900] EXT4-fs (loop1): Total free blocks count 0 [ 985.330967][ T6900] EXT4-fs (loop1): Free/Dirty block details [ 985.378268][ T6900] EXT4-fs (loop1): free_blocks=0 [ 985.421835][ T6900] EXT4-fs (loop1): dirty_blocks=144 [ 985.427361][ T6900] EXT4-fs (loop1): Block reservation details [ 985.455200][ T6900] EXT4-fs (loop1): i_reserved_data_blocks=9 [ 985.564373][T13827] overlayfs: failed to clone upperpath [ 985.598969][T10766] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 987.640588][T13842] loop9: detected capacity change from 0 to 8192 [ 987.722562][T13842] FAT-fs (loop9): bogus logical sector size 516 [ 987.779656][T13842] FAT-fs (loop9): Can't find a valid FAT filesystem [ 987.979676][T13854] loop1: detected capacity change from 0 to 4096 [ 988.062536][T13854] EXT4-fs: Ignoring removed nomblk_io_submit option [ 988.177562][T13854] EXT4-fs (loop1): stripe (97) is not aligned with cluster size (16), stripe is disabled [ 988.329616][T13854] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842e018, mo2=0002] [ 988.444826][T13854] System zones: 0-5 [ 988.505709][T13854] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 989.114615][T10766] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 990.101937][T13885] TCP: tcp_parse_options: Illegal window scaling value 86 > 14 received [ 991.144790][ T2141] usb 3-1: new full-speed USB device number 5 using dummy_hcd [ 991.349821][ T2141] usb 3-1: config 0 has an invalid interface number: 214 but max is 0 [ 991.384595][T13900] netlink: 6 bytes leftover after parsing attributes in process `syz.1.2561'. [ 991.409496][ T2141] usb 3-1: config 0 has no interface number 0 [ 991.439881][T13900] netlink: 43 bytes leftover after parsing attributes in process `syz.1.2561'. [ 991.442396][ T2141] usb 3-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 991.529128][ T2141] usb 3-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5 [ 991.564781][ T2141] usb 3-1: New USB device strings: Mfr=1, Product=0, SerialNumber=3 [ 991.588361][ T2141] usb 3-1: Manufacturer: syz [ 991.627887][ T2141] usb 3-1: SerialNumber: syz [ 991.681515][ T2141] usb 3-1: config 0 descriptor?? [ 992.372138][ T2141] input: syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.214/input/input24 [ 992.426923][ T2141] input: failed to attach handler mousedev to device input24, error: -5 [ 992.605718][ T2141] usb 3-1: USB disconnect, device number 5 [ 994.213595][ T29] audit: type=1326 audit(1773751709.922:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13929 comm="syz.2.2572" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709ef6c code=0x7ffc0000 [ 994.291721][ T29] audit: type=1326 audit(1773751709.952:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13929 comm="syz.2.2572" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709ef6c code=0x7ffc0000 [ 994.372819][ T29] audit: type=1326 audit(1773751709.992:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13929 comm="syz.2.2572" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709ef6c code=0x7ffc0000 [ 994.409544][T13921] loop1: detected capacity change from 0 to 8192 [ 994.492111][ T29] audit: type=1326 audit(1773751709.992:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13929 comm="syz.2.2572" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709ef6c code=0x7ffc0000 [ 994.621827][ T29] audit: type=1326 audit(1773751709.992:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13929 comm="syz.2.2572" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf709ef6c code=0x7ffc0000 [ 994.771446][ T29] audit: type=1326 audit(1773751709.992:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13929 comm="syz.2.2572" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709ef6c code=0x7ffc0000 [ 994.882094][ T29] audit: type=1326 audit(1773751709.992:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13929 comm="syz.2.2572" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709ef6c code=0x7ffc0000 [ 995.041571][ T29] audit: type=1326 audit(1773751710.022:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13929 comm="syz.2.2572" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709ef6c code=0x7ffc0000 [ 995.142251][ T29] audit: type=1326 audit(1773751710.022:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13929 comm="syz.2.2572" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709ef6c code=0x7ffc0000 [ 995.221646][ T29] audit: type=1326 audit(1773751710.042:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13929 comm="syz.2.2572" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf709ef6c code=0x7ffc0000 [ 995.552685][T13947] fuse: Bad value for 'fd' [ 995.616384][T13947] overlayfs: failed to clone upperpath [ 995.684547][T13941] loop2: detected capacity change from 0 to 2048 [ 995.771971][T13941] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 996.945728][T13955] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2583'. [ 997.006585][T13955] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2583'. [ 997.282421][T13960] (syz.9.2587,13960,0):dlmfs_mkdir:421 ERROR: invalid domain name for directory. [ 997.478898][T13964] loop2: detected capacity change from 0 to 256 [ 997.741895][T13964] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x32e3664b, utbl_chksum : 0xe619d30d) [ 998.827216][ T2141] kernel write not supported for file [eventfd] (pid: 2141 comm: kworker/1:2) [ 1000.382793][T14003] loop2: detected capacity change from 0 to 256 [ 1000.782975][T14003] FAT-fs (loop2): Directory bread(block 64) failed [ 1000.812912][T14003] FAT-fs (loop2): Directory bread(block 65) failed [ 1000.819904][T14003] FAT-fs (loop2): Directory bread(block 66) failed [ 1000.911618][T14003] FAT-fs (loop2): Directory bread(block 67) failed [ 1000.918606][T14003] FAT-fs (loop2): Directory bread(block 68) failed [ 1000.952625][T14003] FAT-fs (loop2): Directory bread(block 69) failed [ 1000.959659][T14003] FAT-fs (loop2): Directory bread(block 70) failed [ 1000.998181][T14003] FAT-fs (loop2): Directory bread(block 71) failed [ 1001.062481][T14003] FAT-fs (loop2): Directory bread(block 72) failed [ 1001.069277][T14003] FAT-fs (loop2): Directory bread(block 73) failed [ 1004.154109][T14050] Bluetooth: MGMT ver 1.23 [ 1004.970351][T14064] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2623'. [ 1005.032861][T14062] erspan0: entered promiscuous mode [ 1005.060621][T14062] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2621'. [ 1005.077985][T14066] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2623'. [ 1005.142917][T14064] netlink: 104 bytes leftover after parsing attributes in process `syz.2.2623'. [ 1005.219612][T14064] netlink: 104 bytes leftover after parsing attributes in process `syz.2.2623'. [ 1006.714679][T14087] netlink: 64 bytes leftover after parsing attributes in process `syz.1.2630'. [ 1007.142572][ T10] usb 10-1: new high-speed USB device number 11 using dummy_hcd [ 1007.343727][ T10] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1007.426873][ T10] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1007.468194][T14097] loop1: detected capacity change from 0 to 64 [ 1007.481901][ T10] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1007.571510][T14097] hfs: unable to locate alternate MDB [ 1007.580284][ T10] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1007.608195][T14097] hfs: continuing without an alternate MDB [ 1007.619288][ T10] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1007.725629][ T10] usb 10-1: config 0 descriptor?? [ 1008.415825][ T10] plantronics 0003:047F:FFFF.0019: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.9-1/input0 [ 1009.331936][ T10] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 1009.589727][ T10] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1009.631043][ T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 1009.707606][ T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 1009.712505][ T5842] usb 10-1: reset high-speed USB device number 11 using dummy_hcd [ 1009.789317][ T10] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1009.884842][ T10] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1009.962649][ T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1010.090568][ T10] usb 2-1: config 0 descriptor?? [ 1010.138867][T14111] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22 [ 1010.636764][T11111] usb 10-1: USB disconnect, device number 11 [ 1010.807269][ T10] plantronics 0003:047F:FFFF.001A: reserved main item tag 0xd [ 1011.114330][ T10] plantronics 0003:047F:FFFF.001A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 1011.328949][ T10] usb 2-1: USB disconnect, device number 18 [ 1011.804771][T14132] netlink: 'syz.6.2645': attribute type 1 has an invalid length. [ 1011.851375][T14132] netlink: 'syz.6.2645': attribute type 2 has an invalid length. [ 1012.247062][T14130] fido_id[14130]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 1013.569247][T14150] loop2: detected capacity change from 0 to 4096 [ 1013.606035][ T5836] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 1013.790269][T14150] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1013.838446][ T5836] usb 2-1: Using ep0 maxpacket: 32 [ 1013.932114][ T5836] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1013.992983][ T5836] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1014.076117][ T5836] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1014.144191][ T5836] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1014.205082][ T5836] usb 2-1: config 0 descriptor?? [ 1014.582592][T11269] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1014.810037][ T5836] savu 0003:1E7D:2D5A.001B: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0 [ 1014.813848][T14172] vcan0: tx drop: invalid sa for name 0x0000000000000002 [ 1014.988181][ T5836] usb 2-1: USB disconnect, device number 19 [ 1015.925463][T14181] overlayfs: failed to clone upperpath [ 1015.932620][T14174] fido_id[14174]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 1015.966482][T14180] loop9: detected capacity change from 0 to 1024 [ 1015.984508][T14184] overlayfs: failed to clone upperpath [ 1016.195508][T14180] EXT4-fs (loop9): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 1016.209035][T14180] ext4 filesystem being mounted at /276/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1016.239307][T14188] loop2: detected capacity change from 0 to 512 [ 1016.249254][T14180] EXT4-fs (loop9): shut down requested (2) [ 1016.388352][ T9406] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 1016.472660][T14188] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1016.853276][ T8655] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 1017.063016][ T8655] usb 2-1: Using ep0 maxpacket: 32 [ 1017.113290][ T8655] usb 2-1: config index 0 descriptor too short (expected 35577, got 27) [ 1017.162060][ T8655] usb 2-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 1017.210291][ T8655] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 1017.235155][T11269] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1017.267211][ T8655] usb 2-1: config 1 has no interface number 0 [ 1017.341068][ T8655] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1017.393169][ T8655] usb 2-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 1017.491795][ T8655] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 1017.540723][ T8655] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1017.690314][ T8655] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found [ 1017.953187][ T8655] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now attached [ 1018.507024][ T5842] usb 2-1: USB disconnect, device number 20 [ 1018.562489][ T5842] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected [ 1020.056358][T14222] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue [ 1020.112117][T14230] loop9: detected capacity change from 0 to 512 [ 1020.240384][T14230] EXT4-fs error (device loop9): ext4_orphan_get:1391: inode #15: comm syz.9.2677: iget: bad i_size value: 38620345925642 [ 1020.305091][T14230] loop9: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 1020.311303][ C0] EXT4-fs (loop9): error count since last fsck: 1 [ 1020.321701][T14230] EXT4-fs error (device loop9): ext4_orphan_get:1396: comm syz.9.2677: couldn't read orphan inode 15 (err -117) [ 1020.327239][ C0] EXT4-fs (loop9): initial error at time 1773751736: ext4_orphan_get:1391: inode 15 [ 1020.327416][ C0] EXT4-fs (loop9): last error at time 1773751736: ext4_orphan_get:1391: inode 15 [ 1020.411411][T14230] loop9: lost filesystem error report for type 5 error -117 [ 1020.445495][T14230] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1020.552412][T14230] EXT4-fs (loop9): shut down requested (1) [ 1020.939475][ T9406] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1021.976584][T14250] loop2: detected capacity change from 0 to 2048 [ 1022.165994][T14250] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1022.627323][ T8655] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 1022.869834][ T8655] usb 2-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 1022.912940][ T8655] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1022.967363][ T8655] usb 2-1: config 0 descriptor?? [ 1023.038607][ T8655] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 1023.486881][ T8655] cpia1 2-1:0.0: unexpected state after lo power cmd: 00 [ 1023.941815][ T8655] gspca_cpia1: usb_control_msg 02, error -32 [ 1023.959596][ C0] raw-gadget.1 gadget.1: ignoring, device is not running [ 1023.968445][ T8655] gspca_cpia1: usb_control_msg 02, error -32 [ 1023.977843][ C0] raw-gadget.1 gadget.1: ignoring, device is not running [ 1023.986069][ T8655] gspca_cpia1: usb_control_msg 02, error -32 [ 1023.993026][ C0] raw-gadget.1 gadget.1: ignoring, device is not running [ 1024.009887][ T8655] gspca_cpia1: usb_control_msg 02, error -32 [ 1024.037952][ T8655] cpia1 2-1:0.0: only firmware version 1 is supported (got: 0) [ 1024.155955][ T8655] usb 2-1: USB disconnect, device number 21 [ 1026.391589][ T5842] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 1026.543950][T14301] loop1: detected capacity change from 0 to 128 [ 1026.644705][ T5842] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 1026.719429][ T5842] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1026.795986][ T5842] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1026.847542][ T5842] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 1026.926789][ T5842] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 1026.978252][ T5842] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 1027.021624][ T5842] usb 3-1: Manufacturer: syz [ 1027.064249][ T5842] usb 3-1: config 0 descriptor?? [ 1027.642174][ T5842] appleir 0003:05AC:8243.001C: unknown main item tag 0x0 [ 1027.772403][ T5842] appleir 0003:05AC:8243.001C: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0 [ 1027.836335][T14315] loop1: detected capacity change from 0 to 512 [ 1027.926646][ T5842] usb 3-1: USB disconnect, device number 6 [ 1027.959932][T14315] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 1028.147814][T14315] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.2709: inode has both inline data and extents flags [ 1028.165684][T14322] loop9: detected capacity change from 0 to 64 [ 1028.264688][T14315] loop1: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 1028.266337][T14315] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.2709: couldn't read orphan inode 15 (err -117) [ 1028.275964][ C1] EXT4-fs (loop1): error count since last fsck: 1 [ 1028.276072][ C1] EXT4-fs (loop1): initial error at time 1773751743: ext4_orphan_get:1391: inode 15 [ 1028.276244][ C1] EXT4-fs (loop1): last error at time 1773751743: ext4_orphan_get:1391: inode 15 [ 1028.571691][T14315] loop1: lost filesystem error report for type 5 error -117 [ 1028.603880][T14315] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1029.542644][T10766] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1029.847715][T14334] netlink: 512 bytes leftover after parsing attributes in process `syz.2.2715'. [ 1029.876588][T14325] fido_id[14325]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 1031.521845][ T5842] usb 2-1: new high-speed USB device number 22 using dummy_hcd [ 1031.761425][ T5842] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1031.803911][ T5842] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1031.833711][ T5842] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1031.848684][ T5842] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1031.866552][ T5842] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1031.966142][ T5842] usb 2-1: config 0 descriptor?? [ 1032.634382][ T5842] plantronics 0003:047F:FFFF.001D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 1034.344822][T14383] loop2: detected capacity change from 0 to 512 [ 1034.405120][T14383] EXT4-fs: Ignoring removed mblk_io_submit option [ 1034.451666][T14383] EXT4-fs: Ignoring removed mblk_io_submit option [ 1034.505992][T14383] EXT4-fs: Ignoring removed mblk_io_submit option [ 1034.570089][T13780] usb 2-1: USB disconnect, device number 22 [ 1034.579112][T14383] EXT4-fs (loop2): Test dummy encryption mode enabled [ 1034.602235][T14383] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 1034.798804][T14383] EXT4-fs (loop2): 1 truncate cleaned up [ 1034.874064][T14383] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1035.460890][T11269] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1038.875456][ T29] kauditd_printk_skb: 15 callbacks suppressed [ 1038.875536][ T29] audit: type=1326 audit(1773751754.572:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14434 comm="syz.0.2750" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704ef6c code=0x7ffc0000 [ 1039.073060][ T29] audit: type=1326 audit(1773751754.582:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14434 comm="syz.0.2750" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704ef6c code=0x7ffc0000 [ 1039.179676][ T29] audit: type=1326 audit(1773751754.592:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14434 comm="syz.0.2750" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704ef6c code=0x7ffc0000 [ 1039.351581][ T29] audit: type=1326 audit(1773751754.632:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14434 comm="syz.0.2750" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704ef6c code=0x7ffc0000 [ 1039.500472][ T29] audit: type=1326 audit(1773751754.632:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14434 comm="syz.0.2750" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704ef6c code=0x7ffc0000 [ 1039.626093][ T29] audit: type=1326 audit(1773751754.642:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14434 comm="syz.0.2750" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704ef6c code=0x7ffc0000 [ 1039.758563][ T29] audit: type=1326 audit(1773751754.652:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14434 comm="syz.0.2750" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704ef6c code=0x7ffc0000 [ 1039.899127][ T29] audit: type=1326 audit(1773751754.652:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14434 comm="syz.0.2750" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704ef6c code=0x7ffc0000 [ 1039.993440][T14447] 9p: Bad value for 'rfdno' [ 1040.021083][ T29] audit: type=1326 audit(1773751754.652:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14434 comm="syz.0.2750" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf704ef6c code=0x7ffc0000 [ 1040.149384][ T29] audit: type=1326 audit(1773751754.672:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14434 comm="syz.0.2750" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704ef6c code=0x7ffc0000 [ 1040.224326][T14450] sctp: [Deprecated]: syz.9.2756 (pid 14450) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1040.224326][T14450] Use struct sctp_sack_info instead [ 1040.722658][T14455] capability: warning: `syz.0.2757' uses 32-bit capabilities (legacy support in use) [ 1041.103470][ T5842] usb 2-1: new high-speed USB device number 23 using dummy_hcd [ 1041.311662][T14465] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2759'. [ 1041.321867][ T5842] usb 2-1: Using ep0 maxpacket: 16 [ 1041.338917][T14466] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2760'. [ 1041.370489][ T5842] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 1041.421525][ T5842] usb 2-1: config 0 has no interface number 0 [ 1041.459585][ T5842] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1041.531040][ T5842] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1041.578036][ T5842] usb 2-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00 [ 1041.630977][ T5842] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1041.683315][ T5842] usb 2-1: config 0 descriptor?? [ 1042.434237][T14473] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 1042.506180][ T5842] uclogic 0003:28BD:0071.001E: pen parameters not found [ 1042.551513][ T5842] uclogic 0003:28BD:0071.001E: interface is invalid, ignoring [ 1042.714296][ T5836] usb 2-1: USB disconnect, device number 23 [ 1043.782109][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 1045.488744][T14510] loop9: detected capacity change from 0 to 2048 [ 1045.636416][T14515] loop2: detected capacity change from 0 to 128 [ 1045.743424][T14515] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 1045.831420][T14515] hpfs: filesystem error: improperly stopped [ 1045.858533][T14515] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 1045.923450][T14515] hpfs: You really don't want any checks? You are crazy... [ 1045.998509][T14515] hpfs: hpfs_map_sector(): read error [ 1046.027197][T14515] hpfs: code page support is disabled [ 1046.111846][T14515] hpfs: hpfs_map_4sectors(): unaligned read [ 1046.118234][T14515] hpfs: hpfs_map_4sectors(): unaligned read [ 1046.202483][T14515] hpfs: filesystem error: unable to find root dir [ 1046.370157][T14522] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2781'. [ 1046.389877][T14515] hpfs: hpfs_map_4sectors(): unaligned read [ 1046.799599][T14528] bond1: option resend_igmp: invalid value (2878) [ 1046.806432][T14528] bond1: option resend_igmp: allowed values 0 - 255 [ 1046.837579][T14528] bond1 (unregistering): Released all slaves [ 1048.519575][T14549] loop2: detected capacity change from 0 to 512 [ 1048.582383][T14549] EXT4-fs: Ignoring removed i_version option [ 1048.588665][T14549] EXT4-fs: Ignoring removed oldalloc option [ 1048.841702][T14549] EXT4-fs (loop2): 1 truncate cleaned up [ 1048.881575][T14549] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1049.497120][T11269] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1049.891483][ T5842] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 1050.081953][ T5842] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1050.161795][ T5842] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1050.193357][ T5842] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1050.220879][ T5842] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1050.249588][ T5842] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1050.320879][ T5842] usb 2-1: config 0 descriptor?? [ 1050.936362][ T5842] plantronics 0003:047F:FFFF.001F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 1051.176195][T13780] usb 2-1: USB disconnect, device number 24 [ 1052.000373][T14583] fido_id[14583]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 1054.274861][T14614] loop2: detected capacity change from 0 to 1024 [ 1054.326367][T14614] EXT4-fs: Ignoring removed orlov option [ 1054.402014][T14614] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 1054.577246][T14614] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1054.747906][T14624] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2815'. [ 1054.799711][T14624] netlink: 44 bytes leftover after parsing attributes in process `syz.9.2815'. [ 1054.993513][T14626] overlayfs: failed index dir cleanup (-512) [ 1055.035723][T14626] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 1055.540806][T14634] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2818'. [ 1055.661513][ T5842] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 1055.765121][T11269] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1055.861458][ T5842] usb 2-1: Using ep0 maxpacket: 16 [ 1055.904705][ T5842] usb 2-1: config 1 has an invalid interface number: 105 but max is 0 [ 1055.955198][ T5842] usb 2-1: config 1 has no interface number 0 [ 1055.983977][ T5842] usb 2-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 1056.042688][ T5842] usb 2-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 1056.091477][ T5842] usb 2-1: config 1 interface 105 has no altsetting 0 [ 1056.117260][ T5842] usb 2-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 1056.155123][ T5842] usb 2-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 1056.202793][ T5842] usb 2-1: Product: syz [ 1056.227666][ T5842] usb 2-1: Manufacturer: syz [ 1056.246715][ T5842] usb 2-1: SerialNumber: syz [ 1056.289683][T14632] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 1056.382457][T14632] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 1056.931065][T14632] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 1056.985216][T14632] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 1057.386943][T14648] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 1057.670417][ T5842] aqc111 2-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71 [ 1057.737636][ T5842] aqc111 2-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71 [ 1057.877148][ T5842] aqc111 2-1:1.105 eth9: register 'aqc111' at usb-dummy_hcd.1-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, 2e:70:d2:39:a0:e9 [ 1058.020723][ T5842] usb 2-1: USB disconnect, device number 25 [ 1058.079572][ T5842] aqc111 2-1:1.105 eth9: unregister 'aqc111' usb-dummy_hcd.1-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter [ 1058.181878][ T5842] aqc111 2-1:1.105 eth9 (unregistered): Failed to write(0x1) reg index 0x0002: -19 [ 1058.213690][ T5842] aqc111 2-1:1.105 eth9 (unregistered): Failed to write(0x1) reg index 0x0002: -19 [ 1058.272386][ T5842] aqc111 2-1:1.105 eth9 (unregistered): Failed to write(0x61) reg index 0x0000: -19 [ 1058.706079][T14664] netlink: 'syz.0.2828': attribute type 2 has an invalid length. [ 1059.157588][T14668] loop9: detected capacity change from 0 to 512 [ 1059.292283][T14668] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode [ 1059.408079][T14668] EXT4-fs (loop9): 1 truncate cleaned up [ 1059.459283][T14668] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1059.729169][ T29] kauditd_printk_skb: 12 callbacks suppressed [ 1059.729253][ T29] audit: type=1800 audit(1773751775.442:227): pid=14668 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.2830" name="file1" dev="loop9" ino=15 res=0 errno=0 [ 1059.998809][ T29] audit: type=1800 audit(1773751775.712:228): pid=14681 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.2830" name="file1" dev="loop9" ino=15 res=0 errno=0 [ 1060.456923][ T9406] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1062.254634][T14707] loop9: detected capacity change from 0 to 256 [ 1062.937096][ T6897] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1063.216145][ T6897] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1063.376749][ T6897] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1063.496637][ T6897] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1064.153275][ T6897] bridge_slave_1: left allmulticast mode [ 1064.159159][ T6897] bridge_slave_1: left promiscuous mode [ 1064.224838][ T6897] bridge0: port 2(bridge_slave_1) entered disabled state [ 1064.312965][ T6897] bridge_slave_0: left allmulticast mode [ 1064.320754][ T6897] bridge_slave_0: left promiscuous mode [ 1064.362803][ T6897] bridge0: port 1(bridge_slave_0) entered disabled state [ 1065.188960][ T6897] batman_adv: batadv0: Removing interface: macvlan2 [ 1065.336045][ T6897] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1065.411844][ T6897] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1065.457318][ T6897] bond0 (unregistering): Released all slaves [ 1065.491848][ T5836] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 1065.698241][ T5836] usb 3-1: config index 0 descriptor too short (expected 23569, got 27) [ 1065.721813][ T5836] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1065.781483][ T5836] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 1065.809244][ T5836] usb 3-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 1065.833136][ T6897] tipc: Disabling bearer [ 1065.849505][ T6897] tipc: Left network mode [ 1065.879255][ T5836] usb 3-1: Manufacturer: syz [ 1065.920071][ T5836] usb 3-1: config 0 descriptor?? [ 1066.199341][T14737] loop9: detected capacity change from 0 to 256 [ 1066.341693][T14720] Bluetooth: hci0: command 0x0406 tx timeout [ 1066.565124][ T5836] rc_core: IR keymap rc-hauppauge not found [ 1066.628514][ T5836] Registered IR keymap rc-empty [ 1066.657044][ T5836] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0 [ 1066.746326][ T5836] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input27 [ 1066.904034][ C0] igorplugusb 3-1:0.0: receive overflow, at least 2 lost [ 1066.912344][T14744] rc rc0: two consecutive events of type space [ 1067.127868][ T5842] usb 3-1: USB disconnect, device number 7 [ 1067.132927][T14720] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1067.150900][T14720] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1067.163046][T14720] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1067.198063][T14720] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1067.226888][T14720] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1067.674754][ T6897] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1067.725081][ T6897] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1067.784601][ T6897] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1067.821583][ T6897] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1068.020268][ T6897] veth1_macvtap: left promiscuous mode [ 1068.070328][ T6897] veth0_macvtap: left promiscuous mode [ 1068.138358][ T6897] veth1_vlan: left promiscuous mode [ 1068.152907][ T6897] veth0_vlan: left promiscuous mode [ 1069.231407][ T5842] usb 2-1: new high-speed USB device number 26 using dummy_hcd [ 1069.310135][T14720] Bluetooth: hci1: command tx timeout [ 1069.402137][ T5842] usb 2-1: Using ep0 maxpacket: 16 [ 1069.429782][ T5842] usb 2-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1069.497806][ T5842] usb 2-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1069.557876][ T5842] usb 2-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 28 [ 1069.591860][ T5842] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1069.611907][ T5842] usb 2-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 1069.671507][ T5842] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1069.704780][ T5842] usb 2-1: config 0 descriptor?? [ 1070.113071][ T6897] team0 (unregistering): Port device team_slave_1 removed [ 1070.210256][ T6897] team0 (unregistering): Port device team_slave_0 removed [ 1070.237187][ T5842] hid (null): nested delimiters [ 1070.525942][ T5842] usb 2-1: USB disconnect, device number 26 [ 1071.376246][T14780] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 1071.382249][T14720] Bluetooth: hci1: command tx timeout [ 1072.041501][ T6897] IPVS: stop unused estimator thread 0... [ 1073.440464][T14745] chnl_net:caif_netlink_parms(): no params data found [ 1073.462035][T14720] Bluetooth: hci1: command tx timeout [ 1073.843667][ T5842] usb 2-1: new high-speed USB device number 27 using dummy_hcd [ 1074.065933][ T5842] usb 2-1: Using ep0 maxpacket: 8 [ 1074.131406][ T5842] usb 2-1: config index 0 descriptor too short (expected 74, got 45) [ 1074.139799][ T5842] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 1074.244415][ T5842] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 1074.359048][ T5842] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024 [ 1074.420694][ T5842] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 1074.468712][ T5842] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1074.515462][ T5842] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 1074.546227][ T5842] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1074.941756][ T5842] usb 2-1: usb_control_msg returned -32 [ 1074.947728][ T5842] usbtmc 2-1:16.0: can't read capabilities [ 1075.541377][T14720] Bluetooth: hci1: command tx timeout [ 1076.099461][T14745] bridge0: port 1(bridge_slave_0) entered blocking state [ 1076.141012][T14745] bridge0: port 1(bridge_slave_0) entered disabled state [ 1076.149061][T14745] bridge_slave_0: entered allmulticast mode [ 1076.213568][T14745] bridge_slave_0: entered promiscuous mode [ 1076.239561][T14843] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 1076.282177][T14745] bridge0: port 2(bridge_slave_1) entered blocking state [ 1076.319087][T14745] bridge0: port 2(bridge_slave_1) entered disabled state [ 1076.332612][T14745] bridge_slave_1: entered allmulticast mode [ 1076.366273][T14745] bridge_slave_1: entered promiscuous mode [ 1076.739538][T14745] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1076.845307][T14745] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1076.977087][ T5836] usb 2-1: USB disconnect, device number 27 [ 1077.049536][T14854] loop9: detected capacity change from 0 to 512 [ 1077.108845][T14854] EXT4-fs: Ignoring removed nobh option [ 1077.248713][T14858] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1077.394360][T14854] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1077.492914][T14854] ext4 filesystem being mounted at /323/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1077.588537][T14745] team0: Port device team_slave_0 added [ 1077.655924][T14745] team0: Port device team_slave_1 added [ 1078.127159][T14745] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1078.148307][T14745] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1078.188296][ T9406] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1078.258888][T14745] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1078.386985][T14745] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1078.484278][T14745] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1078.582297][T14745] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1079.218356][T14745] hsr_slave_0: entered promiscuous mode [ 1079.280183][T14745] hsr_slave_1: entered promiscuous mode [ 1079.331574][T14745] debugfs: 'hsr0' already exists in 'hsr' [ 1079.337608][T14745] Cannot create hsr debugfs directory [ 1083.446993][T14745] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 1083.563318][T14745] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 1083.658710][T14745] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 1083.771971][T14745] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 1084.527540][T14933] loop2: detected capacity change from 0 to 2048 [ 1084.623229][T14933] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 1084.664654][T14933] UDF-fs: Scanning with blocksize 512 failed [ 1084.756689][T14933] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1085.321067][T14745] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1085.459791][T14745] 8021q: adding VLAN 0 to HW filter on device team0 [ 1085.536302][ T1127] bridge0: port 1(bridge_slave_0) entered blocking state [ 1085.544056][ T1127] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1085.597844][T11273] bridge0: port 2(bridge_slave_1) entered blocking state [ 1085.605509][T11273] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1086.650035][T14745] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1087.736527][T14745] veth0_vlan: entered promiscuous mode [ 1087.807257][T14745] veth1_vlan: entered promiscuous mode [ 1087.967690][T14745] veth0_macvtap: entered promiscuous mode [ 1088.020801][T14745] veth1_macvtap: entered promiscuous mode [ 1088.138724][T14745] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1088.219837][T14745] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1088.302401][ T6897] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1088.316114][ T6897] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1088.339332][ T6897] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1088.360782][ T6897] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1091.666794][ T264] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1091.694919][ T264] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1091.830545][T11273] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1091.839137][T11273] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1092.615268][T11548] usb 10-1: new high-speed USB device number 12 using dummy_hcd [ 1092.651553][T13780] usb 2-1: new high-speed USB device number 28 using dummy_hcd [ 1092.816583][T11548] usb 10-1: Using ep0 maxpacket: 8 [ 1092.881933][T11548] usb 10-1: config 0 has an invalid interface number: 31 but max is 0 [ 1092.911285][T11548] usb 10-1: config 0 has no interface number 0 [ 1092.917938][ T5836] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 1092.926850][T13780] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD4, changing to 0x84 [ 1092.980567][T13780] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 51544, setting to 1024 [ 1093.009918][T11548] usb 10-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16 [ 1093.039105][T13780] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x84 has invalid maxpacket 1024 [ 1093.049571][T11548] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1093.049714][T11548] usb 10-1: Product: syz [ 1093.049817][T11548] usb 10-1: Manufacturer: syz [ 1093.095251][T11548] usb 10-1: SerialNumber: syz [ 1093.130783][T11548] usb 10-1: config 0 descriptor?? [ 1093.160286][ T5836] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 1093.185282][T13780] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 1093.210441][ T5836] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1093.229275][T13780] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1093.251954][T13780] usb 2-1: Product: syz [ 1093.256371][T13780] usb 2-1: Manufacturer: syz [ 1093.263126][ T5836] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1093.290848][T13780] usb 2-1: SerialNumber: syz [ 1093.296830][ T5836] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 1093.335925][T13780] usb 2-1: config 0 descriptor?? [ 1093.358994][T15015] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22 [ 1093.379096][ T5836] usb 8-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 1093.425993][T11548] uvcvideo 10-1:0.31: probe with driver uvcvideo failed with error -22 [ 1093.451661][ T5836] usb 8-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 1093.460334][ T5836] usb 8-1: Manufacturer: syz [ 1093.510845][T11548] usb 10-1: USB disconnect, device number 12 [ 1093.586995][ T5836] usb 8-1: config 0 descriptor?? [ 1093.727363][T15015] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22 [ 1094.157994][ T5836] appleir 0003:05AC:8243.0021: unknown main item tag 0x0 [ 1094.227479][T13780] usb 2-1: USB disconnect, device number 28 [ 1094.266130][ T5836] appleir 0003:05AC:8243.0021: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.7-1/input0 [ 1094.459754][ T5836] usb 8-1: USB disconnect, device number 8 [ 1094.710294][T15030] udevd[15030]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1095.187772][T15032] fido_id[15032]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.7/usb8/report_descriptor': No such file or directory [ 1095.811561][ T5836] usb 2-1: new high-speed USB device number 29 using dummy_hcd [ 1096.012446][ T5836] usb 2-1: Using ep0 maxpacket: 8 [ 1096.067176][ T5836] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1096.129046][ T5836] usb 2-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 1096.192371][ T5836] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1096.296440][ T5836] usb 2-1: config 0 descriptor?? [ 1096.391921][ T5836] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 1096.392041][T14720] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201' [ 1096.411425][T14720] CPU: 1 UID: 0 PID: 14720 Comm: kworker/u9:1 Tainted: G W L syzkaller #0 PREEMPT(full) [ 1096.411663][T14720] Tainted: [W]=WARN, [L]=SOFTLOCKUP [ 1096.411722][T14720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1096.411860][T14720] Workqueue: hci0 hci_rx_work [ 1096.412047][T14720] Call Trace: [ 1096.412100][T14720] [ 1096.412157][T14720] __dump_stack+0x26/0x30 [ 1096.412334][T14720] dump_stack_lvl+0x14c/0x1c0 [ 1096.412518][T14720] dump_stack+0x1e/0x25 [ 1096.412687][T14720] sysfs_create_dir_ns+0x46c/0x540 [ 1096.412925][T14720] kobject_add_internal+0x1084/0x19b0 [ 1096.413165][T14720] kobject_add+0x2c1/0x410 [ 1096.413385][T14720] ? kmsan_get_metadata+0xf1/0x160 [ 1096.413626][T14720] device_add+0xa70/0x1c00 [ 1096.413846][T14720] hci_conn_add_sysfs+0x159/0x2e0 [ 1096.414014][T14720] le_conn_complete_evt+0x1d0a/0x2250 [ 1096.414263][T14720] hci_le_conn_complete_evt+0x157/0x260 [ 1096.414484][T14720] hci_le_meta_evt+0x6eb/0x960 [ 1096.414681][T14720] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 1096.414903][T14720] hci_event_packet+0xce2/0x1e40 [ 1096.415072][T14720] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 1096.415312][T14720] hci_rx_work+0x8c3/0xfc0 [ 1096.415489][T14720] ? kmsan_get_metadata+0xf1/0x160 [ 1096.415713][T14720] ? __pfx_hci_rx_work+0x10/0x10 [ 1096.415891][T14720] process_scheduled_works+0xb82/0x1e80 [ 1096.416138][T14720] worker_thread+0xee4/0x1590 [ 1096.416344][T14720] kthread+0x53f/0x600 [ 1096.416532][T14720] ? __pfx_worker_thread+0x10/0x10 [ 1096.416721][T14720] ? __pfx_kthread+0x10/0x10 [ 1096.416902][T14720] ret_from_fork+0x20f/0x910 [ 1096.417064][T14720] ? __switch_to+0x51c/0x750 [ 1096.417259][T14720] ? __pfx_kthread+0x10/0x10 [ 1096.417449][T14720] ret_from_fork_asm+0x1a/0x30 [ 1096.417677][T14720] [ 1096.418089][T14720] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 1096.618846][T14720] Bluetooth: hci0: failed to register connection device [ 1097.232430][T13780] usb 10-1: new high-speed USB device number 13 using dummy_hcd [ 1097.452206][T13780] usb 10-1: Using ep0 maxpacket: 8 [ 1097.511287][T13780] usb 10-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1097.602966][ T5836] gspca_vc032x: reg_r err -71 [ 1097.608124][ T5836] vc032x 2-1:0.0: probe with driver vc032x failed with error -71 [ 1097.620520][T13780] usb 10-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1097.664680][T13780] usb 10-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1097.722427][ T5836] usb 2-1: USB disconnect, device number 29 [ 1097.749730][T13780] usb 10-1: config 0 interface 0 has no altsetting 0 [ 1097.814848][T13780] usb 10-1: New USB device found, idVendor=17ef, idProduct=60fe, bcdDevice= 0.00 [ 1097.863644][T13780] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1097.904371][T13780] usb 10-1: config 0 descriptor?? [ 1098.471760][T13780] lenovo 0003:17EF:60FE.0022: unknown main item tag 0x0 [ 1098.479064][T13780] lenovo 0003:17EF:60FE.0022: unknown main item tag 0x0 [ 1098.570397][T13780] lenovo 0003:17EF:60FE.0022: unknown main item tag 0x0 [ 1098.591558][T13780] lenovo 0003:17EF:60FE.0022: unknown main item tag 0x0 [ 1098.598857][T13780] lenovo 0003:17EF:60FE.0022: unknown main item tag 0x0 [ 1098.693957][T13780] lenovo 0003:17EF:60FE.0022: unknown main item tag 0x0 [ 1098.742725][T13780] lenovo 0003:17EF:60FE.0022: unexpected long global item [ 1098.778726][T13780] lenovo 0003:17EF:60FE.0022: hid_parse failed [ 1098.811834][T13780] lenovo 0003:17EF:60FE.0022: probe with driver lenovo failed with error -22 [ 1098.901049][T13780] usb 10-1: USB disconnect, device number 13 [ 1099.168668][T15075] loop1: detected capacity change from 0 to 256 [ 1099.420602][T15075] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d) [ 1099.543564][ T29] audit: type=1800 audit(1773751815.262:229): pid=15075 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2927" name="file1" dev="loop1" ino=1048742 res=0 errno=0 [ 1100.079650][T15085] netlink: 'syz.2.2930': attribute type 10 has an invalid length. [ 1100.500982][T15086] bridge_slave_0: left allmulticast mode [ 1100.564732][T15086] bridge_slave_0: left promiscuous mode [ 1100.624002][T15086] bridge0: port 1(bridge_slave_0) entered disabled state [ 1100.824761][T15092] loop1: detected capacity change from 0 to 2048 [ 1100.824927][T15086] bridge_slave_1: left allmulticast mode [ 1100.886452][T15086] bridge_slave_1: left promiscuous mode [ 1100.930133][T15086] bridge0: port 2(bridge_slave_1) entered disabled state [ 1101.022650][T15092] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1101.109151][T15086] bond0: (slave bond_slave_0): Releasing backup interface [ 1101.128847][ T29] audit: type=1800 audit(1773751816.842:230): pid=15092 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2932" name="file2" dev="loop1" ino=1347 res=0 errno=0 [ 1101.256511][T15086] bond0: (slave bond_slave_1): Releasing backup interface [ 1101.523764][T15086] team0: Port device team_slave_0 removed [ 1101.761657][T15086] team0: Port device team_slave_1 removed [ 1101.820497][T15086] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1101.879140][T15086] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1101.974355][T15086] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1101.987193][T15086] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1102.129165][T15086] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 1102.423301][T15085] bond0: (slave netdevsim3): Enslaving as an active interface with an up link [ 1102.652100][T15106] loop9: detected capacity change from 0 to 16 [ 1102.695697][T15106] erofs (device loop9): mounted with root inode @ nid 36. [ 1102.741519][T14720] Bluetooth: hci0: command 0x0406 tx timeout [ 1102.803881][ T29] audit: type=1800 audit(1773751818.522:231): pid=15106 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.2937" name="file1" dev="loop9" ino=86 res=0 errno=0 [ 1102.886557][T15105] syz.9.2937: attempt to access beyond end of device [ 1102.886557][T15105] loop9: rw=524288, sector=1342177272, nr_sectors = 256 limit=16 [ 1102.912633][ T29] audit: type=1800 audit(1773751818.562:232): pid=15106 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.2937" name="file1" dev="loop9" ino=86 res=0 errno=0 [ 1102.995029][T15105] syz.9.2937: attempt to access beyond end of device [ 1102.995029][T15105] loop9: rw=8388608, sector=1342177272, nr_sectors = 8 limit=16 [ 1103.092924][T15105] syz.9.2937: attempt to access beyond end of device [ 1103.092924][T15105] loop9: rw=8388608, sector=1342177272, nr_sectors = 8 limit=16 [ 1103.139573][T15106] syz.9.2937: attempt to access beyond end of device [ 1103.139573][T15106] loop9: rw=8388608, sector=1342177272, nr_sectors = 8 limit=16 [ 1103.216915][T15109] overlay: Unexpected value for 'default_permissions' [ 1103.224931][T15106] syz.9.2937: attempt to access beyond end of device [ 1103.224931][T15106] loop9: rw=8388608, sector=1342177272, nr_sectors = 8 limit=16 [ 1103.349691][T15106] syz.9.2937: attempt to access beyond end of device [ 1103.349691][T15106] loop9: rw=8388608, sector=1342177272, nr_sectors = 8 limit=16 [ 1103.456054][T15106] syz.9.2937: attempt to access beyond end of device [ 1103.456054][T15106] loop9: rw=8388608, sector=1342177272, nr_sectors = 8 limit=16 [ 1103.543150][T15105] syz.9.2937: attempt to access beyond end of device [ 1103.543150][T15105] loop9: rw=8388608, sector=1342177272, nr_sectors = 8 limit=16 [ 1103.592984][T15105] syz.9.2937: attempt to access beyond end of device [ 1103.592984][T15105] loop9: rw=8388608, sector=1342177272, nr_sectors = 8 limit=16 [ 1103.700765][T15105] syz.9.2937: attempt to access beyond end of device [ 1103.700765][T15105] loop9: rw=8388608, sector=1342177272, nr_sectors = 8 limit=16 [ 1104.378227][T15122] loop7: detected capacity change from 0 to 512 [ 1104.667224][T15122] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #11: comm syz.7.2942: invalid indirect mapped block 256 (level 2) [ 1104.771414][T15122] loop7: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 1104.781239][ C1] EXT4-fs (loop7): error count since last fsck: 1 [ 1104.797342][ C1] EXT4-fs (loop7): initial error at time 1773751820: ext4_free_branches:1023: inode 11 [ 1104.807493][ C1] EXT4-fs (loop7): last error at time 1773751820: ext4_free_branches:1023: inode 11 [ 1104.831742][T15122] EXT4-fs (loop7): 2 truncates cleaned up [ 1104.881953][T15122] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1105.028940][T15122] EXT4-fs error (device loop7): ext4_inlinedir_to_tree:1324: inode #12: block 7: comm syz.7.2942: path /7/file0/file0: bad entry in directory: directory entry overrun - offset=196864, inode=4278190093, rec_len=196860, size=60 fake=0 [ 1105.172873][T15138] EXT4-fs error (device loop7): ext4_inlinedir_to_tree:1324: inode #12: block 7: comm syz.7.2942: path /7/file0/file0: bad entry in directory: directory entry overrun - offset=196864, inode=4278190093, rec_len=196860, size=60 fake=0 [ 1105.443229][T15140] netlink: 128 bytes leftover after parsing attributes in process `syz.6.2947'. [ 1105.507416][T15140] netlink: 128 bytes leftover after parsing attributes in process `syz.6.2947'. [ 1105.715790][T14745] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1110.767947][ T1145] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1111.007885][ T1145] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1111.393611][ T1145] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1111.698979][ T1145] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1112.228124][ T1145] bridge_slave_1: left allmulticast mode [ 1112.234508][ T1145] bridge_slave_1: left promiscuous mode [ 1112.241299][ T1145] bridge0: port 2(bridge_slave_1) entered disabled state [ 1112.312411][ T1145] bridge_slave_0: left allmulticast mode [ 1112.318321][ T1145] bridge_slave_0: left promiscuous mode [ 1112.343156][ T1145] bridge0: port 1(bridge_slave_0) entered disabled state [ 1113.105524][ T1145] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1113.143424][ T1145] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1113.174398][ T1145] bond0 (unregistering): Released all slaves [ 1113.761716][T15227] loop7: detected capacity change from 0 to 16 [ 1113.823509][T15227] erofs (device loop7): mounted with root inode @ nid 36. [ 1113.929190][ T29] audit: type=1800 audit(1773751829.632:233): pid=15227 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.2973" name="file1" dev="loop7" ino=86 res=0 errno=0 [ 1113.983947][T15222] bio_check_eod: 3 callbacks suppressed [ 1113.984031][T15222] syz.7.2973: attempt to access beyond end of device [ 1113.984031][T15222] loop7: rw=524288, sector=1342177272, nr_sectors = 256 limit=16 [ 1114.088113][ T29] audit: type=1800 audit(1773751829.642:234): pid=15227 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.2973" name="file1" dev="loop7" ino=86 res=0 errno=0 [ 1114.134957][T15222] syz.7.2973: attempt to access beyond end of device [ 1114.134957][T15222] loop7: rw=8388608, sector=1342177272, nr_sectors = 8 limit=16 [ 1114.252311][T15222] syz.7.2973: attempt to access beyond end of device [ 1114.252311][T15222] loop7: rw=8388608, sector=1342177272, nr_sectors = 8 limit=16 [ 1114.372969][T15227] syz.7.2973: attempt to access beyond end of device [ 1114.372969][T15227] loop7: rw=8388608, sector=1342177272, nr_sectors = 8 limit=16 [ 1114.444334][T15227] syz.7.2973: attempt to access beyond end of device [ 1114.444334][T15227] loop7: rw=8388608, sector=1342177272, nr_sectors = 8 limit=16 [ 1114.550452][T15227] syz.7.2973: attempt to access beyond end of device [ 1114.550452][T15227] loop7: rw=8388608, sector=1342177272, nr_sectors = 8 limit=16 [ 1114.629227][T15232] loop2: detected capacity change from 0 to 512 [ 1114.640171][T15222] syz.7.2973: attempt to access beyond end of device [ 1114.640171][T15222] loop7: rw=8388608, sector=1342177272, nr_sectors = 8 limit=16 [ 1114.640764][T15222] syz.7.2973: attempt to access beyond end of device [ 1114.640764][T15222] loop7: rw=8388608, sector=1342177272, nr_sectors = 8 limit=16 [ 1114.641773][T15222] syz.7.2973: attempt to access beyond end of device [ 1114.641773][T15222] loop7: rw=8388608, sector=1342177272, nr_sectors = 8 limit=16 [ 1114.711921][ T1145] hsr_slave_0: left promiscuous mode [ 1114.770858][ T1145] hsr_slave_1: left promiscuous mode [ 1114.811743][ T1145] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1114.846791][T15227] syz.7.2973: attempt to access beyond end of device [ 1114.846791][T15227] loop7: rw=8388608, sector=1342177272, nr_sectors = 8 limit=16 [ 1114.881876][ T1145] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1114.963810][ T1145] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1115.024484][ T1145] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1115.198746][ T1145] veth1_macvtap: left promiscuous mode [ 1115.260549][ T1145] veth0_macvtap: left promiscuous mode [ 1115.268638][ T49] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1115.282237][ T49] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1115.292993][ T49] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1115.334859][ T49] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1115.352123][ T1145] veth1_vlan: left promiscuous mode [ 1115.358457][ T49] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1115.421755][ T1145] veth0_vlan: left promiscuous mode [ 1116.202754][T15248] loop2: detected capacity change from 0 to 512 [ 1116.420945][T15248] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.2982: invalid indirect mapped block 256 (level 2) [ 1116.611833][T15248] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 1116.621299][ C0] EXT4-fs (loop2): error count since last fsck: 1 [ 1116.637381][ C0] EXT4-fs (loop2): initial error at time 1773751832: ext4_free_branches:1023: inode 11 [ 1116.647481][ C0] EXT4-fs (loop2): last error at time 1773751832: ext4_free_branches:1023: inode 11 [ 1116.677077][T15248] EXT4-fs (loop2): 2 truncates cleaned up [ 1116.715710][T15248] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1117.395054][ T49] Bluetooth: hci2: command tx timeout [ 1117.502631][T11269] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1118.096772][T15267] loop2: detected capacity change from 0 to 128 [ 1118.555674][T15273] loop1: detected capacity change from 0 to 16 [ 1118.636966][T15273] erofs (device loop1): mounted with root inode @ nid 36. [ 1118.784072][ T29] audit: type=1800 audit(1773751834.502:235): pid=15273 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2989" name="file1" dev="loop1" ino=86 res=0 errno=0 [ 1118.919272][ T29] audit: type=1800 audit(1773751834.562:236): pid=15273 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2989" name="file1" dev="loop1" ino=86 res=0 errno=0 [ 1119.224170][ T1145] team0 (unregistering): Port device team_slave_1 removed [ 1119.400097][T15278] netlink: 'syz.2.2991': attribute type 11 has an invalid length. [ 1119.438692][ T1145] team0 (unregistering): Port device team_slave_0 removed [ 1119.464052][ T49] Bluetooth: hci2: command tx timeout [ 1119.697397][T15280] loop1: detected capacity change from 0 to 1024 [ 1119.906433][T15280] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1120.125650][T15280] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4222: comm syz.1.2992: Allocating blocks 385-513 which overlap fs metadata [ 1120.180705][T15287] EXT4-fs (loop1): pa ffff888114b99690: logic 16, phys. 129, len 24 [ 1120.189624][T15287] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5465: group 0, free 0, pa_free 8 [ 1120.556981][T10766] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1121.543975][ T49] Bluetooth: hci2: command tx timeout [ 1121.996167][ T1145] IPVS: stop unused estimator thread 0... [ 1123.623596][ T49] Bluetooth: hci2: command tx timeout [ 1123.746963][ T30] usb 2-1: new high-speed USB device number 30 using dummy_hcd [ 1123.972567][T15240] chnl_net:caif_netlink_parms(): no params data found [ 1123.982984][ T30] usb 2-1: Using ep0 maxpacket: 32 [ 1124.026015][ T30] usb 2-1: config index 0 descriptor too short (expected 35577, got 27) [ 1124.061494][ T30] usb 2-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 1124.070376][ T30] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 1124.141565][ T30] usb 2-1: config 1 has no interface number 0 [ 1124.147929][ T30] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1124.223588][ T30] usb 2-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 1124.284095][ T30] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 1124.322818][ T30] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1124.458338][ T30] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found [ 1124.654057][ T30] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now attached [ 1125.181931][ T5836] usb 2-1: USB disconnect, device number 30 [ 1125.222992][ T5836] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected [ 1125.433424][T15332] loop7: detected capacity change from 0 to 1024 [ 1125.488841][T15332] EXT4-fs: Ignoring removed bh option [ 1125.754048][T15332] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1125.993219][T15332] EXT4-fs error (device loop7): mb_free_blocks:2047: group 0, inode 15: block 129:freeing already freed block (bit 8); block bitmap corrupt. [ 1126.496773][T14745] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1126.803468][T15240] bridge0: port 1(bridge_slave_0) entered blocking state [ 1126.851774][T15240] bridge0: port 1(bridge_slave_0) entered disabled state [ 1126.890765][T15240] bridge_slave_0: entered allmulticast mode [ 1126.924829][T15240] bridge_slave_0: entered promiscuous mode [ 1127.019399][T15240] bridge0: port 2(bridge_slave_1) entered blocking state [ 1127.101979][T15240] bridge0: port 2(bridge_slave_1) entered disabled state [ 1127.162485][T15240] bridge_slave_1: entered allmulticast mode [ 1127.232665][T15240] bridge_slave_1: entered promiscuous mode [ 1127.835418][T15240] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1127.938057][T15240] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1128.457113][T15240] team0: Port device team_slave_0 added [ 1128.593796][T15240] team0: Port device team_slave_1 added [ 1128.745420][T15365] loop2: detected capacity change from 0 to 4096 [ 1129.043147][T15240] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1129.080800][T15240] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1129.218723][T15240] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1129.258079][T15365] ntfs3(loop2): ino=5, "/" mi_enum_attr [ 1129.289488][T15365] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 1129.330321][T15365] ntfs3(loop2): ino=5, "/" mi_enum_attr [ 1129.350500][T15240] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1129.362015][T15365] ntfs3(loop2): ino=5, "/" mi_enum_attr [ 1129.367865][T15365] ntfs3(loop2): ino=5, "/" mi_enum_attr [ 1129.386673][T15240] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1129.448116][T15365] ntfs3(loop2): ino=5, "/" mi_enum_attr [ 1129.471556][T15365] ntfs3(loop2): ino=5, "/" attr_set_size_ex [ 1129.527554][T15240] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1130.412852][T15240] hsr_slave_0: entered promiscuous mode [ 1130.476046][T15240] hsr_slave_1: entered promiscuous mode [ 1130.514463][T15240] debugfs: 'hsr0' already exists in 'hsr' [ 1130.570728][T15240] Cannot create hsr debugfs directory [ 1134.708415][T15240] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 1134.824088][T15240] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 1134.957518][T15240] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 1135.144973][T15240] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 1136.712505][T15447] iou-wrk-15446 (15447): drop_caches: 2 [ 1137.496107][T15240] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1137.850625][T15240] 8021q: adding VLAN 0 to HW filter on device team0 [ 1137.995098][T15445] syz.2.3041 (15445): drop_caches: 2 [ 1138.091361][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 1138.098968][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1138.297792][ T6904] bridge0: port 2(bridge_slave_1) entered blocking state [ 1138.305667][ T6904] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1139.632002][ T5843] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 1139.881671][ T5843] usb 8-1: config 0 has no interfaces? [ 1139.926403][ T5843] usb 8-1: New USB device found, idVendor=05ac, idProduct=0238, bcdDevice= 0.40 [ 1139.972775][ T5843] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1140.021030][ T5843] usb 8-1: Product: syz [ 1140.025728][ T5843] usb 8-1: Manufacturer: syz [ 1140.030532][ T5843] usb 8-1: SerialNumber: syz [ 1140.137014][ T5843] usb 8-1: config 0 descriptor?? [ 1140.827759][ T30] usb 8-1: USB disconnect, device number 9 [ 1141.572586][T15499] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3054'. [ 1141.614810][T15240] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1142.492165][T15506] loop7: detected capacity change from 0 to 2048 [ 1142.614210][T15511] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1142.936206][ T29] audit: type=1800 audit(1773751858.642:237): pid=15506 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3057" name="file1" dev="loop7" ino=15 res=0 errno=0 [ 1145.780418][T15240] veth0_vlan: entered promiscuous mode [ 1145.984349][T15240] veth1_vlan: entered promiscuous mode [ 1146.470900][T15240] veth0_macvtap: entered promiscuous mode [ 1146.630002][T15240] veth1_macvtap: entered promiscuous mode [ 1146.909131][T15240] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1147.139835][T15240] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1147.362327][ T6904] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1147.414558][ T6904] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1147.435377][T15556] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3074'. [ 1147.485026][ T57] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1147.556364][ T57] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1150.071950][T15583] binder: 15582:15583 ioctl c0306201 800003c0 returned -22 [ 1150.513450][T15586] virtiofs: Unknown parameter 'always 1 V3 [ 1150.513450][T15586] 010000E0 1 0:00000000 0 [ 1150.513450][T15586] 18 nlmon0 : 1 V3 [ 1150.513450][T15586] 010000E0 1 0:00000000 0 [ 1150.513450][T15586] 20 batadv0 : 1 V3 [ 1150.513450][T15586] 010000E0 1 0:00000000 0 [ 1150.513450][T15586] 21 vxcan0 : 1 V3 [ 1150.513450][T15586] 010000E0 1 0:00000000 0 [ 1150.513450][T15586] 22 vxcan1 : 1 V3 [ 1150.513450][T15586] 010000E0 1 0:00000000 0 [ 1150.513450][T15586] 23 veth0 : 1 V3 [ 1150.513450][T15586] 010000E0 1 0:00000000 0 [ 1150.513450][T15586] 24 veth1 : 1 V3 [ 1150.513450][T15586] 010000E0 1 0:00000000 0 [ 1150.513450][T15586] 25 veth0_to_bridge: 1 V3 [ 1150.513450][T15586] 010000E0 1 0:00000000 0 [ 1150.513450][T15586] 26 bridge_slave_0: 1 V3 [ 1150.513450][T15586] 010000E0 1 0:00000000 0 [ 1150.513450][T15586] 27 veth1_to_bridge: 1 V3 [ 1150.513450][T15586] 010000E0 1 0:00000000 0 [ 1150.513450][T15586] 28 bridge_slave_1: 1 V3 [ 1150.513450][T15586] 010000E0 1 0:00000000 0 [ 1150.513450][T15586] 29 veth0_to_bond: 1 V3 [ 1150.513450][T15586] 010000E0 1 0:00000000 0 [ 1150.513450][T15586] 30 bond_sla' [ 1154.591386][ T5843] libceph: connect (1)[c::]:6789 error -22 [ 1154.632186][ T5843] libceph: mon0 (1)[c::]:6789 connect error [ 1154.772378][T15626] ceph: No mds server is up or the cluster is laggy [ 1155.224462][T15638] loop2: detected capacity change from 0 to 256 [ 1155.368808][T15638] exFAT-fs (loop2): failed to test first cluster bit of root dir(5) [ 1156.679966][T15649] loop7: detected capacity change from 0 to 2048 [ 1156.917350][T15659] debugfs: Invalid gid '0x00000000ffffffff' [ 1156.935484][T15649] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1157.143967][T15649] EXT4-fs (loop7): shut down requested (2) [ 1157.360983][ T57] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1157.369252][ T57] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1157.580867][T14745] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1157.891551][ T264] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1157.933744][ T264] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1158.502003][ T5843] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 1158.783343][ T5843] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1158.841534][ T5843] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1158.890718][ T5843] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1158.961378][ T5843] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1159.020398][ T5843] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1159.089301][ T5843] usb 8-1: config 0 descriptor?? [ 1159.139098][T15678] netlink: 63 bytes leftover after parsing attributes in process `syz.2.3111'. [ 1159.772651][ T5843] plantronics 0003:047F:FFFF.0023: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0 [ 1159.942903][ T5843] usb 8-1: USB disconnect, device number 10 [ 1160.190191][T15688] loop2: detected capacity change from 0 to 128 [ 1160.382003][T15688] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1160.480153][T15688] ext4 filesystem being mounted at /268/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 1160.692464][ T5843] usb 2-1: new high-speed USB device number 31 using dummy_hcd [ 1160.941016][T15693] fido_id[15693]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.7/usb8/report_descriptor': No such file or directory [ 1160.956971][ T5843] usb 2-1: Using ep0 maxpacket: 8 [ 1161.041554][ T5843] usb 2-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d [ 1161.111255][ T5843] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1161.191320][ T5843] usb 2-1: Product: syz [ 1161.220856][ T5843] usb 2-1: Manufacturer: syz [ 1161.264796][ T5843] usb 2-1: SerialNumber: syz [ 1161.355398][T11269] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1161.379208][ T5843] usb 2-1: config 0 descriptor?? [ 1161.510341][ T5843] gspca_main: sonixj-2.14.0 probing 0c45:613a [ 1162.578497][ T5843] gspca_sonixj: reg_w1 err -71 [ 1162.671907][ T5843] sonixj 2-1:0.0: probe with driver sonixj failed with error -71 [ 1162.764897][ T5843] usb 2-1: USB disconnect, device number 31 [ 1164.269436][T15733] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3128'. [ 1164.502546][T15733] erspan0: entered promiscuous mode [ 1164.771470][T15733] erspan0: left promiscuous mode [ 1165.189705][T15738] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3130'. [ 1165.274044][T15739] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3130'. [ 1167.193074][T15764] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3137'. [ 1167.706236][T15767] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3140'. [ 1168.826097][T15774] loop5: detected capacity change from 0 to 512 [ 1168.991698][T15774] EXT4-fs (loop5): 1 truncate cleaned up [ 1169.092187][T15774] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1169.250810][T15781] loop7: detected capacity change from 0 to 1024 [ 1169.724446][T15240] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1169.762362][T15780] loop2: detected capacity change from 0 to 4096 [ 1169.821277][T15780] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512). [ 1169.928725][T15780] ntfs3(loop2): ino=3, mi_enum_attr [ 1170.299464][T15780] ntfs3(loop2): Failed to initialize $Extend/$ObjId. [ 1170.576658][T15780] ntfs3(loop2): ino=1f, "file2" failed to open parent directory r=5 to update [ 1170.901796][ T49] Bluetooth: hci5: Opcode 0x206a failed: -110 [ 1170.908209][ T49] Bluetooth: hci5: command 0x0406 tx timeout [ 1171.075803][ T1127] ntfs3(loop2): ino=1f, failed to open parent directory r=5 to update [ 1173.610907][ T29] audit: type=1326 audit(1773751889.322:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15826 comm="syz.2.3161" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709ef6c code=0x50000 [ 1173.745619][ T29] audit: type=1326 audit(1773751889.372:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15826 comm="syz.2.3161" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709ef6c code=0x50000 [ 1173.938282][ T29] audit: type=1326 audit(1773751889.372:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15826 comm="syz.2.3161" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709ef6c code=0x50000 [ 1174.103552][ T29] audit: type=1326 audit(1773751889.372:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15826 comm="syz.2.3161" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709ef6c code=0x50000 [ 1174.237265][ T29] audit: type=1326 audit(1773751889.382:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15826 comm="syz.2.3161" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709ef6c code=0x50000 [ 1174.378441][ T29] audit: type=1326 audit(1773751889.382:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15826 comm="syz.2.3161" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709ef6c code=0x50000 [ 1174.545336][ T29] audit: type=1326 audit(1773751889.382:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15826 comm="syz.2.3161" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709ef6c code=0x50000 [ 1174.668075][ T29] audit: type=1326 audit(1773751889.382:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15826 comm="syz.2.3161" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709ef6c code=0x50000 [ 1174.785817][ T29] audit: type=1326 audit(1773751889.382:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15826 comm="syz.2.3161" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709ef6c code=0x50000 [ 1174.921691][ T29] audit: type=1326 audit(1773751889.382:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15826 comm="syz.2.3161" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709ef6c code=0x50000 [ 1175.336115][T15849] loop2: detected capacity change from 0 to 1024 [ 1175.632444][T15849] hfsplus: b-tree write err: -5, ino 2 [ 1175.900156][T15856] loop5: detected capacity change from 0 to 256 [ 1176.071563][ T6904] hfsplus: b-tree write err: -5, ino 25 [ 1176.077647][ T6904] hfsplus: b-tree write err: -5, ino 4 [ 1176.576626][T15862] Invalid argument reading file caps for ./file0 [ 1177.659399][T15875] macvlan2: entered promiscuous mode [ 1177.942367][T15877] macvlan3: entered promiscuous mode [ 1179.259975][T15894] loop5: detected capacity change from 0 to 256 [ 1179.536439][T15894] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 1181.347593][T15928] netlink: 16 bytes leftover after parsing attributes in process `syz.7.3193'. [ 1181.398502][T15928] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3193'. [ 1184.164602][T15963] batman_adv: batadv0: Adding interface: gretap1 [ 1184.205809][T15963] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1184.341287][T15963] batman_adv: batadv0: Interface activated: gretap1 [ 1184.781833][ T10] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 1184.990024][ T10] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1185.031871][ T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1185.147137][ T10] usb 6-1: config 0 descriptor?? [ 1185.262323][ T10] cp210x 6-1:0.0: cp210x converter detected [ 1185.658570][T15980] loop1: detected capacity change from 0 to 4 [ 1185.708938][T15980] Dev loop1: unable to read RDB block 4 [ 1185.743490][ T10] cp210x 6-1:0.0: failed to get vendor val 0x0010 size 3: -32 [ 1185.748257][T15980] loop1: unable to read partition table [ 1185.777202][T15980] loop1: partition table beyond EOD, truncated [ 1185.834448][T15980] loop_reread_partitions: partition scan of loop1 (þ被xü—ŸÑà– ) failed (rc=-5) [ 1185.881604][ T10] usb 6-1: cp210x converter now attached to ttyUSB0 [ 1186.018661][T11548] usb 6-1: USB disconnect, device number 8 [ 1186.122590][T11548] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1186.219634][T11548] cp210x 6-1:0.0: device disconnected [ 1186.261503][ T29] kauditd_printk_skb: 23 callbacks suppressed [ 1186.261580][ T29] audit: type=1326 audit(1773751901.962:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15983 comm="syz.6.3213" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44f6c code=0x7ffc0000 [ 1186.467043][ T29] audit: type=1326 audit(1773751901.962:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15983 comm="syz.6.3213" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44f6c code=0x7ffc0000 [ 1186.601412][ T29] audit: type=1326 audit(1773751902.012:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15983 comm="syz.6.3213" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44f6c code=0x7ffc0000 [ 1186.759085][ T29] audit: type=1326 audit(1773751902.012:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15983 comm="syz.6.3213" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44f6c code=0x7ffc0000 [ 1186.881551][ T29] audit: type=1326 audit(1773751902.012:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15983 comm="syz.6.3213" exe="/root/syz-executor" sig=0 arch=40000003 syscall=432 compat=1 ip=0xf7f44f6c code=0x7ffc0000 [ 1187.093609][ T29] audit: type=1326 audit(1773751902.012:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15983 comm="syz.6.3213" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44f6c code=0x7ffc0000 [ 1187.245126][ T29] audit: type=1326 audit(1773751902.012:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15983 comm="syz.6.3213" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44f6c code=0x7ffc0000 [ 1187.330950][ T29] audit: type=1326 audit(1773751902.032:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15983 comm="syz.6.3213" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44f6c code=0x7ffc0000 [ 1187.421421][ T29] audit: type=1326 audit(1773751902.032:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15983 comm="syz.6.3213" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44f6c code=0x7ffc0000 [ 1187.587463][ T29] audit: type=1326 audit(1773751902.032:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15983 comm="syz.6.3213" exe="/root/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf7f44f6c code=0x7ffc0000 [ 1188.898474][T16016] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3222'. [ 1189.492462][T16020] loop7: detected capacity change from 0 to 2048 [ 1189.611373][T16020] UDF-fs: error (device loop7): udf_process_sequence: Primary Volume Descriptor not found! [ 1189.701301][T16020] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1190.775962][T16033] loop2: detected capacity change from 0 to 64 [ 1191.890198][T16042] loop1: detected capacity change from 0 to 16 [ 1192.018263][T16042] erofs (device loop1): mounted with root inode @ nid 36. [ 1192.296422][T11548] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 1192.494735][T11548] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1192.552902][T11548] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1192.619572][T11548] usb 3-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00 [ 1192.658035][T11548] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1192.716820][T11548] usb 3-1: config 0 descriptor?? [ 1193.348463][T11548] hid-steam 0003:28DE:1102.0024: hidraw0: USB HID v0.00 Device [HID 28de:1102] on usb-dummy_hcd.2-1/input0 [ 1193.486900][T11548] usb 3-1: USB disconnect, device number 8 [ 1194.341943][T14720] Bluetooth: hci1: command 0x0406 tx timeout [ 1194.684591][T16061] fido_id[16061]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 1195.052427][ T5836] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 1195.351916][ T5836] usb 6-1: config 0 interface 0 altsetting 251 has an endpoint descriptor with address 0x41, changing to 0x1 [ 1195.401740][ T5836] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x1 has invalid wMaxPacketSize 0 [ 1195.469146][ T5836] usb 6-1: config 0 interface 0 has no altsetting 0 [ 1195.538243][ T5836] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 1195.585083][ T5836] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 1195.642201][ T5836] usb 6-1: Product: syz [ 1195.646617][ T5836] usb 6-1: Manufacturer: syz [ 1195.685829][ T5836] usb 6-1: SerialNumber: syz [ 1195.752296][ T5836] usb 6-1: config 0 descriptor?? [ 1195.875939][ T5836] usb 6-1: selecting invalid altsetting 0 [ 1196.697535][ T5836] usb 6-1: USB disconnect, device number 9 [ 1196.771306][ T29] kauditd_printk_skb: 9 callbacks suppressed [ 1196.771384][ T29] audit: type=1800 audit(1773751912.482:290): pid=16094 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3251" name="controlC#" dev="devtmpfs" ino=4211 res=0 errno=0 [ 1196.983192][T16097] loop2: detected capacity change from 0 to 256 [ 1197.070094][T16097] exfat: Deprecated parameter 'utf8' [ 1197.101477][T16097] exfat: Deprecated parameter 'utf8' [ 1197.107261][T16097] exfat: Deprecated parameter 'utf8' [ 1197.274901][T15031] udevd[15031]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1197.384775][T16097] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d) [ 1197.592118][ T29] audit: type=1800 audit(1773751913.312:291): pid=16097 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3253" name="file1" dev="loop2" ino=1048761 res=0 errno=0 [ 1198.090216][T16107] loop7: detected capacity change from 0 to 64 [ 1198.406479][ T29] audit: type=1800 audit(1773751914.122:292): pid=16107 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3255" name="file1" dev="loop7" ino=22 res=0 errno=0 [ 1198.647605][T16115] loop2: detected capacity change from 0 to 512 [ 1198.782674][T16115] EXT4-fs: Ignoring removed nobh option [ 1198.856594][T16115] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 1199.091606][T16115] EXT4-fs (loop2): 1 truncate cleaned up [ 1199.168259][T16115] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1199.431623][T16115] EXT4-fs (loop2): shut down requested (2) [ 1199.478536][T16115] EXT4-fs (loop2): resizing filesystem from 256 to 1 blocks [ 1199.521460][T16115] EXT4-fs warning (device loop2): ext4_resize_fs:2041: can't shrink FS - resize aborted [ 1199.718706][T16123] loop7: detected capacity change from 0 to 128 [ 1200.012904][T11269] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1200.170584][T16128] overlayfs: failed to clone lowerpath [ 1200.882032][T16133] sctp: [Deprecated]: syz.7.3264 (pid 16133) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1200.882032][T16133] Use struct sctp_sack_info instead [ 1201.539648][ T76] ===================================================== [ 1201.547612][ T76] BUG: KMSAN: uninit-value in n_tty_receive_buf_standard+0xe7b/0xc820 [ 1201.556256][ T76] n_tty_receive_buf_standard+0xe7b/0xc820 [ 1201.562622][ T76] n_tty_receive_buf_common+0x1a59/0x2610 [ 1201.568568][ T76] n_tty_receive_buf2+0x4c/0x60 [ 1201.573873][ T76] tty_ldisc_receive_buf+0xc6/0x2c0 [ 1201.579314][ T76] tty_port_default_receive_buf+0xd7/0x1a0 [ 1201.585596][ T76] flush_to_ldisc+0x43e/0xe40 [ 1201.590547][ T76] process_scheduled_works+0xb82/0x1e80 [ 1201.596469][ T76] worker_thread+0xee4/0x1590 [ 1201.602546][ T76] kthread+0x53f/0x600 [ 1201.606836][ T76] ret_from_fork+0x20f/0x910 [ 1201.612442][ T76] ret_from_fork_asm+0x1a/0x30 [ 1201.617443][ T76] [ 1201.619863][ T76] Uninit was stored to memory at: [ 1201.625392][ T76] n_tty_receive_buf_standard+0xe74/0xc820 [ 1201.632545][ T76] n_tty_receive_buf_common+0x1a59/0x2610 [ 1201.642332][ T76] n_tty_receive_buf2+0x4c/0x60 [ 1201.647405][ T76] tty_ldisc_receive_buf+0xc6/0x2c0 [ 1201.654008][ T76] tty_port_default_receive_buf+0xd7/0x1a0 [ 1201.660079][ T76] flush_to_ldisc+0x43e/0xe40 [ 1201.665191][ T76] process_scheduled_works+0xb82/0x1e80 [ 1201.671261][ T76] worker_thread+0xee4/0x1590 [ 1201.676169][ T76] kthread+0x53f/0x600 [ 1201.680483][ T76] ret_from_fork+0x20f/0x910 [ 1201.685393][ T76] ret_from_fork_asm+0x1a/0x30 [ 1201.690379][ T76] [ 1201.692962][ T76] Uninit was created at: [ 1201.697449][ T76] __kmalloc_noprof+0x486/0x1680 [ 1201.704777][ T76] __tty_buffer_request_room+0x3d4/0x7a0 [ 1201.710928][ T76] __tty_insert_flip_string_flags+0x157/0x6e0 [ 1201.717808][ T76] uart_insert_char+0x368/0x930 [ 1201.723620][ T76] serial8250_read_char+0x1ba/0x670 [ 1201.729315][ T76] serial8250_handle_irq+0x930/0x1110 [ 1201.735100][ T76] serial8250_default_handle_irq+0x116/0x370 [ 1201.745030][ T76] serial8250_interrupt+0xcb/0x420 [ 1201.750520][ T76] __handle_irq_event_percpu+0x13c/0xf90 [ 1201.757579][ T76] handle_irq_event+0xe0/0x2a0 [ 1201.762788][ T76] handle_edge_irq+0x2a9/0xb30 [ 1201.767808][ T76] __common_interrupt+0x9d/0x180 [ 1201.773118][ T76] common_interrupt+0x4c/0xb0 [ 1201.778031][ T76] asm_common_interrupt+0x2b/0x40 [ 1201.783386][ T76] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1201.785861][ T76] CPU: 0 UID: 0 PID: 76 Comm: kworker/u8:5 Tainted: G W L syzkaller #0 PREEMPT(full) [ 1201.797211][ T76] Tainted: [W]=WARN, [L]=SOFTLOCKUP [ 1201.802654][ T76] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1201.813232][ T76] Workqueue: events_unbound flush_to_ldisc [ 1201.819308][ T76] ===================================================== [ 1201.826559][ T76] Disabling lock debugging due to kernel taint [ 1202.037612][ T76] Kernel panic - not syncing: kmsan.panic set ... [ 1202.044242][ T76] CPU: 0 UID: 0 PID: 76 Comm: kworker/u8:5 Tainted: G B W L syzkaller #0 PREEMPT(full) [ 1202.055436][ T76] Tainted: [B]=BAD_PAGE, [W]=WARN, [L]=SOFTLOCKUP [ 1202.062013][ T76] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1202.072330][ T76] Workqueue: events_unbound flush_to_ldisc [ 1202.078451][ T76] Call Trace: [ 1202.081852][ T76] [ 1202.084893][ T76] __dump_stack+0x26/0x30 [ 1202.089431][ T76] dump_stack_lvl+0x50/0x1c0 [ 1202.094232][ T76] ? dump_stack+0x12/0x25 [ 1202.099201][ T76] dump_stack+0x1e/0x25 [ 1202.103646][ T76] vpanic+0x7b4/0x1430 [ 1202.107953][ T76] panic+0x15d/0x160 [ 1202.112115][ T76] kmsan_report+0x31a/0x320 [ 1202.116867][ T76] ? __msan_warning+0x1b/0x30 [ 1202.121768][ T76] ? n_tty_receive_buf_standard+0xe7b/0xc820 [ 1202.127996][ T76] ? n_tty_receive_buf_common+0x1a59/0x2610 [ 1202.134114][ T76] ? n_tty_receive_buf2+0x4c/0x60 [ 1202.139339][ T76] ? tty_ldisc_receive_buf+0xc6/0x2c0 [ 1202.144963][ T76] ? tty_port_default_receive_buf+0xd7/0x1a0 [ 1202.151208][ T76] ? flush_to_ldisc+0x43e/0xe40 [ 1202.156296][ T76] ? process_scheduled_works+0xb82/0x1e80 [ 1202.162230][ T76] ? worker_thread+0xee4/0x1590 [ 1202.167288][ T76] ? kthread+0x53f/0x600 [ 1202.171759][ T76] ? ret_from_fork+0x20f/0x910 [ 1202.176721][ T76] ? ret_from_fork_asm+0x1a/0x30 [ 1202.181887][ T76] ? ret_from_fork_asm+0x1a/0x30 [ 1202.187050][ T76] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1202.193194][ T76] ? kmsan_get_metadata+0xf1/0x160 [ 1202.198615][ T76] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1202.204652][ T76] ? kmsan_get_metadata+0x146/0x160 [ 1202.210195][ T76] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 1202.216786][ T76] ? kmsan_get_metadata+0x146/0x160 [ 1202.222204][ T76] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1202.228248][ T76] ? n_tty_receive_char+0x1223/0x14f0 [ 1202.233806][ T76] ? __wake_up+0x29d/0x2f0 [ 1202.238407][ T76] ? kmsan_get_metadata+0xf1/0x160 [ 1202.243930][ T76] __msan_warning+0x1b/0x30 [ 1202.248639][ T76] n_tty_receive_buf_standard+0xe7b/0xc820 [ 1202.254794][ T76] ? __rb_insert_augmented+0x80/0x11b0 [ 1202.260468][ T76] ? kmsan_get_metadata+0xf1/0x160 [ 1202.265816][ T76] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1202.271868][ T76] ? kmsan_get_metadata+0xf1/0x160 [ 1202.277217][ T76] ? __pfx_kmsan_internal_task_create+0x10/0x10 [ 1202.283699][ T76] n_tty_receive_buf_common+0x1a59/0x2610 [ 1202.289716][ T76] n_tty_receive_buf2+0x4c/0x60 [ 1202.294746][ T76] ? __pfx_n_tty_receive_buf2+0x10/0x10 [ 1202.300478][ T76] tty_ldisc_receive_buf+0xc6/0x2c0 [ 1202.305917][ T76] tty_port_default_receive_buf+0xd7/0x1a0 [ 1202.311966][ T76] flush_to_ldisc+0x43e/0xe40 [ 1202.316873][ T76] ? __pfx_tty_port_default_receive_buf+0x10/0x10 [ 1202.323614][ T76] ? __pfx_flush_to_ldisc+0x10/0x10 [ 1202.329036][ T76] process_scheduled_works+0xb82/0x1e80 [ 1202.334860][ T76] worker_thread+0xee4/0x1590 [ 1202.339781][ T76] kthread+0x53f/0x600 [ 1202.344144][ T76] ? __pfx_worker_thread+0x10/0x10 [ 1202.349491][ T76] ? __pfx_kthread+0x10/0x10 [ 1202.354278][ T76] ret_from_fork+0x20f/0x910 [ 1202.359065][ T76] ? __switch_to+0x51c/0x750 [ 1202.363867][ T76] ? __pfx_kthread+0x10/0x10 [ 1202.368669][ T76] ret_from_fork_asm+0x1a/0x30 [ 1202.373671][ T76] [ 1202.377412][ T76] Kernel Offset: disabled [ 1202.381813][ T76] Rebooting in 86400 seconds..