last executing test programs: 20m15.856970403s ago: executing program 2 (id=372): syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x31, &(0x7f0000000040)=0x105) prlimit64(r0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008a}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) mount$bpf(0x0, &(0x7f0000000440)='.\x00', 0x0, 0x0, 0x0) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000080)=0x80) sendfile(0xffffffffffffffff, r4, 0x0, 0x1) 20m4.131200847s ago: executing program 2 (id=390): sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, 0x0, 0x800) openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)}, {0x0}], 0x2) syz_open_procfs(0x0, 0x0) r2 = socket$alg(0x26, 0x5, 0x0) prctl$PR_SET_SECUREBITS(0x1c, 0x15) setuid(0xee00) syz_open_procfs(0x0, &(0x7f0000000700)='mounts\x00') read$FUSE(r0, &(0x7f00000047c0)={0x2020}, 0x2020) bind$alg(r2, 0x0, 0x0) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000001280), 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0x3) ioctl$TIOCVHANGUP(r3, 0x5437, 0x0) 19m58.251665775s ago: executing program 2 (id=401): syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000000)='./file1\x00', 0x10000, &(0x7f0000000040)=ANY=[], 0x0, 0x295, &(0x7f0000000140)="$eJzs3E1rK1UYAOB3mtx7a0HShVAUwRE3rkJbceGuRSqIAUUJoriw2BQlUwsNFJJFPzb6JxT/gS7dCi7EjQv/gAhSBTd2JyJE8mmaTpJaSYPe59nM4cx5z/vORztlmJ53nzyo7x029i8vk7OIJIpJbMUfEauxFIUAAP6Pfm+347d2z6JrAQDuxuTn/yOLKgkAmLP8539xfNhrvc3pXZYGAMzJv3v/7x0BAPwXvfHW269sVyo7r6fpcsTBx8fV42p3O3i078cHkUUt1qMUf0a0h3rtl16u7KynHT+vRvXgtB9/elztfT24PYjfiFKs5sUnOxtpz9X4e7HSj/9hJWqxGaV4LD//Zm78/Xj2mZH85SjF9+/FYWSxF53Yv+NPNtL0xVcraRRjJP5Bd1xX/p85vpcAAAAAAAAAAAAAAAAAAAAAAODWyulQ7vo95fKk/b347cnrAy1fXR9ofH2eYjxxbZlhAAAAAAAAAAAAAAAAAAAAeDg1mq36bpbVjqY1Pvz2868jpo9pXnx39uaMeZqtetLPOzvpvBuPPv3TJ5PHnCezz08yI0WhP8c/LOyrp8Z63inkz7M02pOc3SDFcv/szy6jMKPUby7ef/y5xtrz13cNcnR7ho2x8AdzuKb3pt1av5YicqPOb5Er7VyMYc8XncbgqO/8Nh4c9cjPV/7gtU+3dr88+fGXm8489189AAAAAAAAAAAAAAAAAADAmO6/kd/IRy/MuxYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWJRGs1XfzbLa/Wi2Possqx0NeqY1kogY9Cz1Z5octeBDBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA+CsAAP//3Pl/Vg==") sendmmsg$inet(0xffffffffffffffff, &(0x7f0000002240)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)}}], 0x1, 0x0) socket$packet(0x11, 0x2, 0x300) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x3) syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = socket$inet6(0xa, 0x80003, 0xff) setsockopt$inet6_int(r2, 0x29, 0x16, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000080)={0x0, "4fcb813dd28b42bee2b094a3de6dbfd30a74457bcd1cfd5feffe5c019f45d57f", 0xffffffffffffffff}) ioctl$SYNC_IOC_MERGE(r3, 0xc0303e03, &(0x7f00000000c0)={"000000149c0286e08ffad43c40fc0a000000ab65a29e23546aad0281b3aff5eb", r3}) 19m57.4571545s ago: executing program 2 (id=402): syz_mount_image$nilfs2(&(0x7f0000000180), &(0x7f0000000300)='./file3\x00', 0x0, &(0x7f0000001040)=ANY=[], 0x1, 0xadc, &(0x7f0000001900)="$eJzs3V2IXFcBAOBzd3c2u2lrpjW1axrbpNW2/nTTbNb4EzQpCYKhKeJLofgS0rQGYwQrqKXQJE++2VJS8MkffOpLqSJYEAl98qVgA0XoUxX0oSFiwYcaTUayc87MnZOZzMxmd+7O7vfB3TPnnnPnnDt75879O+cEYMOaWPq7uDhXhHDujZcPvf/AP2avzdnfylFf+jtVitVCCEWMT2Xv995kM7zywfPHuoVFWFj6m+Lh8UutZW8JIZwOO8L5UA/bzl146a2Fx46cOXx259uv7ru4OmsPAAAbyzfO71u8869/vvv2y6/dcyBsas1Px+f1NGOmedx/IB74p+P/idAZL0pT2XSWbypOE7Od+Sa75CuXU8vyTfUofzorv9Yj36Zw4/InS/O6rTeMs7Qd10MxMR9C2NyKT0zMzzfPycPSef10MX/qxMmnn62oosCK+/e9IYQdpeng2c74Wpv2r4E6LHNqrIE6jOV0YHRlXW40Vb7OI5oaW6reAwE05fcLr3M6v7Jwc1rvNjVY+Zcenei+PKyAUW//Q5U/XXH5Qfm/PmOPw8pZr1tTWq/0Pbo1xvP7CPnzS6/8oXO5tvxOR+fc/H5EbcB69rqPMC73F3rVc3LE9ViuXvXPt4v16isxTJ/DVztS7+34/uT/03H5HwPdfZhf/zeZTGt7Ch3x2s28V6Pi/Q+wduXPzTXS/dEof64vT9/UJ32mT/psn/TNfdJv6ZMOG9lvf/DT8GLRvt6Vn9MPez08XWe7LYYfGbI++fXIYcvPn/sd1s2Wnz9PDGvZ748+cfyLTz15ofn8f9Ha/q/G7T2dbtTjd+t8zJCuF+bX1VvP/tc7y5noke+OrD63dcm/9HprZ75ia/t9Qmk/c1095jqX29Ir3/bOfPUs32ycZrL65scnm7Pl0vFH2q+mz2sqW99ath7TWT3SfuX2GOb1gOVI22N6/r/dHqD5/H/aPudCrXj6xMnjj8R42k7/NFnbdG3+7hHXG1g5vb7/6fdrLnS2/7m1Nb82Ud4vbGnPL5r7hdfj+3XOX2iVU5pf+lFLv3Pfnpxdyj9/7Hsnn1qF9YaN7NkfP/edoydPHv++F8t+8bW1UY1hXqTTlrVSHy+GfbFjtYuoeMcErLpdLzQPAh4+8d2jzxx/5vipPXv37llY2PulPYu7lo7rd5WP7stOV1BbYCW1f/SrrgkAAAAAAAAAAAAwqB8ePnThnTe/8G6z/X+7/V9q/5+e/E3t/3+Stf/P28mndvCpHeDtXdKX8mQdrE5n+Wpx+mhW39QNQPFCM7wzW+5jMWyN4xfb/6fi8n5dU33uyubXekSz7gSu6y9lOuuDJB8v8L4Yno3hrwJUqJjtPjuGN+jfuviwtK2n/ilKTXgb+gceH+n/lvdflNp/d+3XqUt7bcbLKFosVr2OQHf/3FD9f/+rveKV18XUe5oabXk/27jbRKPnUfqgI9gArIyqx//8e2iWm65/nvrj12euTSnbpUc795d5/6UwjL+80xlf6+NPrnb5+bh9oy6/6vUf9fifrfHv4v4v7fd67/+yEfPqyyv3Pz+/+G6p2LBt0PLz9U/9QG8drvzLsfy0Ng+Gwcpv/DIrP78hNKD/ZuVvHrD869Z/+/LK/18sP31sD90/aPnNGhcTnfWYzdYj3f/LrxsnV7L1T3173qD8bz7Xbf2XOVDj1Vg+bGTjMs7ssLLjiNZBe7/xf4f9/b/Z8X9blc12a/lzGJ+P8bQjTs855OOdDFv/9HxF+h24M3v/os/vm/F/x9uXY9jv+5DG/03bYz3+5JfiS59lite6fLbrdV8D4+q9DXX/b1TTxeZp0PKWn6m+/qYhpsbkMpZrPWdVcf0bjcbqXtDqo9LCqfzzr/ruc9XnKfdVXH4/+fi/+TF8Pv5vnp6P/5un5+P/5umz8T/0fo/0fPzffHvOx//N0+/K3jcfH3iuT/rHu6QXoZ2+rfvyrdP2u/u8//Y+6Z/ok76zlb6/I0dKv+eGy7fz9Xr/O/qk398n/ZN90j/VJ/2BPukPldLLY0Cn9E9nyxdZ+nqX9j+9Pj9g/crb5/n+w8aR7v/0+v5vbadPl7OMtpbAanjltd0Hn/zNt+rN9v/Tresh6T7egRivxXOjH8V4ft87lOLX0t6M8b9l6VVfbwLa8v4z8t//B/ukA+MrPefl+w0bUDHTfXYM+/Vb1es4n/HymRh+Noafi+HDMZyP4a4Y7o7hwojqx+o4+Prv9r1YtM/3t2Tpgz5PnrcH6ugnKoSwZ8D65NcHhn2ePe/Hb1g3W/4ym4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABUZmLp7+LiXBHCuTdePvTEkRO7rs3Z38pRX/o7VYrVWsuF8EgMJ2P4i/jiygfPHyuHV2NYhIVQhKI1Pzx+qVXSLSGE02FHOB/qYdu5Cy+9tfDYkTOHz+58+9V9F1fvEwAAAID17/8BAAD//092Bzk=") syz_mount_image$fuse(0x0, &(0x7f0000000140)='./bus\x00', 0x100688d, 0x0, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) 19m56.102899673s ago: executing program 2 (id=405): socket$nl_generic(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x1, 0x0, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000c40)}, 0x4) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x2a, &(0x7f0000000100), 0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mmap(&(0x7f000000d000/0x1000)=nil, 0x1000, 0x0, 0x48010, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x1000007, 0x2172, 0xffffffffffffffff, 0x0) r2 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc) r3 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x8, 0x0, &(0x7f0000000040)="2b0d52ac82e71eed", 0x0, 0xb20c, 0x0, 0x0, 0x90, 0x0, &(0x7f0000001200)="4c4228369f88e91870041ef4c8baa41449dc6ad5553764e898ddee1dfbb587ef4e6854a6bea12aecd99ac5dd4e39745d195df155a8628b7483b791d4de8609a893ccfbe9dc5c2ed555df193d92968b81da97fe3f0f220dd48b29c98152d9ecb2bb68cbf0bfe454a10e0adf453bd021ba3b502665c757d209f1fa9daa8979aa1fc22684d52bba1cd3c5946a6ea16b40f3", 0x1}, 0x50) syz_clone(0x4029000, 0x0, 0x0, 0x0, 0x0, 0x0) write$sysctl(r3, &(0x7f00000000c0)='2\x00', 0x2) 19m48.649821121s ago: executing program 2 (id=417): prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x8) gettid() r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) process_vm_readv(r2, &(0x7f0000000400), 0x0, &(0x7f0000000580), 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f00000002c0)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r4, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r4, &(0x7f0000000080)={0x50, 0x0, r5, {0x7, 0x29, 0x9, 0xffffffff9080edc4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x2}}, 0x50) openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x2c) syz_fuse_handle_req(r4, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006380)={0x20, 0x0, 0x0, {0x0, 0x1c}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r6 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/comedi4\x00', 0xe2100, 0x0) ioctl$COMEDI_BUFCONFIG(r6, 0x8020640d, &(0x7f0000000040)={0x1, 0x89, 0x6, 0x3}) 19m48.255872043s ago: executing program 32 (id=417): prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x8) gettid() r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) process_vm_readv(r2, &(0x7f0000000400), 0x0, &(0x7f0000000580), 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f00000002c0)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r4, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r4, &(0x7f0000000080)={0x50, 0x0, r5, {0x7, 0x29, 0x9, 0xffffffff9080edc4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x2}}, 0x50) openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x2c) syz_fuse_handle_req(r4, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006380)={0x20, 0x0, 0x0, {0x0, 0x1c}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r6 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/comedi4\x00', 0xe2100, 0x0) ioctl$COMEDI_BUFCONFIG(r6, 0x8020640d, &(0x7f0000000040)={0x1, 0x89, 0x6, 0x3}) 2.741938112s ago: executing program 1 (id=4650): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$TIPC_NL_SOCK_GET(0xffffffffffffffff, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000000}, 0x44001) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) r2 = open(&(0x7f00000000c0)='./cgroup/pids.max\x00', 0x2a0000, 0x1d6) syz_clone3(&(0x7f0000000340)={0x3a0000080, 0x0, 0x0, 0x0, {0xb}, 0x0, 0x0, 0x0, 0x0, 0x0, {r2}}, 0x58) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) 2.420388553s ago: executing program 0 (id=4654): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'xcbc(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10) r1 = accept4(r0, 0x0, 0x0, 0x80800) sendmmsg$inet6(r1, &(0x7f000000a440)=[{{0x0, 0x0, &(0x7f00000086c0)=[{&(0x7f0000006240)="c1346f2d260685eb57d897465edd4823", 0x10}, {&(0x7f00000062c0)="2977c9c80000000000", 0x9}, {&(0x7f0000006300)="5c711d9c51a0c1a7", 0x8}], 0x3}}, {{0x0, 0x0, &(0x7f000000a3c0)=[{&(0x7f00000090c0)="9a4037055e1d2207e96d56db2b87dc0f58811431433ec0e2435dab2ea838935a599486af8d13ab2df30ff8d0a89465852ec7abbeffae9462a84e0967d932a92cccb35fdc84", 0x45}, {&(0x7f0000009140)="14b48e5b08fd6c6c9c03031067a0f6194cf12963721ad167aa845aa732510bdfc2795ea40719d18c35e44298992aafa50921ae2de7ce25d85f96044894250e8a684d06c37ca05fddbafd651f2f0ab91dadf0ed44f422cf", 0x57}, {&(0x7f0000000080)="59058e8bf0cc944add2bc5e92c2a324f8f63fd70006d7d", 0xffffffaa}], 0x3}}], 0x2, 0x44051) 2.351734305s ago: executing program 4 (id=4656): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) ioctl$VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2a042, 0x113) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) 2.289355947s ago: executing program 4 (id=4657): syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000740)='./file1\x00', 0xa00004, &(0x7f0000000180)={[{@iocharset={'iocharset', 0x3d, 'cp860'}}, {@gid_ignore}, {@anchor={'anchor', 0x3d, 0xa}}, {@shortad}, {@nostrict}, {@utf8}, {}, {}, {@longad}, {@iocharset={'iocharset', 0x3d, 'macromanian'}}, {@rootdir={'rootdir', 0x3d, 0xd}}, {@nostrict}, {@nostrict}]}, 0x5, 0xc6d, &(0x7f0000000bc0)="$eJzs3U9sHNd9B/DfG5LiSm4rJk4VJ42DTVuksmK5+hdTtgp3VdNsA8iyEIq5BeBKpNSFKZIgqUY23JbppYceAhRFDzkRaIUCKRoYTRH0yLQukFx8KHLqiWhhIyh6YIsAAVq4G8zsW3FFkZYsiiIlfz429d2deW/mvZnVDEXwzQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOJ3Xjl77HjaZEXfLjQGAHgozo999diJze7/AMBj6+JW//4HAAAAAAAAAAAAAAD2ihRFPBkp5s6vpYnqfUftXGvg+o3xkdHNq+1PVc2+qnz5VTt+4uSpLz8/fLqb51ozH1L/QftsvDZ28Wz95dlrc/NTCwtTk/Xxmdbl2cmpe97CdutvdKQ6APVrr1+fvHJloX7iuZO3rb4x9P7gE4eGzgw/c/TpbtnxkdHRsfUitd7y/ffdkI6tRnjsiyKORopnv/uT1IyIIrZ/LGoP99xvtL/qxJGqE+Mjo1VHplvNmcVy5YXugSgi6j2VGt1jtPm5iP6Bh9qHrTUilsrmlw0+UnZvbK4537w0PVW/0JxfbC22ZmcupE5ry/7Uo4jTKWI5IlYH79zcQBTRHym+fXAtXcpP/aiOw5eqgcFbt6PYwT7eg7Kd9YGI5eIROGd72GAU8Wqk+Ok7h+Nyvs5U15ovRrxa5vcjbpb5UkQqPxinIt7b5HPEo6k/iviz8vyfWUuT1fWge10597X6V2auzPaU7V5XPuL94Y4rxS7dH/ZvyIdjj1+balFEs7rir6X7/2YHAAAAAAAAAAAAAAAAgAdtfxTxmUjxyr/+QTWuOKpx6QfPDP/u0C/2jhl/6i7bKcs+FxFLxb2Nyd2XBwZeSBdS2uWxxB9ntSjiD/P4v2/udmMAAAAAAAAAAAAAAAAAAAA+1or4caR48d3DaTl65xRvzVytX2xemu7MCtud+7c7Z3q73W7XUycbOSdyLuVczrmSczVnFLl+zkbOiZxLOZdzruRczRl9uX7ORs6JnEs5l3Ou5FzNGf25fs5GzomcSzmXc67kXM0Ze2TuXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAx0kRRXwQKb71jbUUKSIaERPRyZXB3W4dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFAaTEV8L1LUf69xa1l/RKTq/47D5R+norGvzE9GY7jMl6JxNmezyv7GN3eh/WzPQCriR5FisPb2rROez/9A592tj0HcfGv93Wf7O9nXXTn0/uAThw6eGR79/FNbvU6bNeDIudbM9Rv18ZHR0bGexf1575/sWTaU91s8mK4TEQtvvPl6c3p6av7+X5Qfgfus3j2T29j7w3yR+ne5qf+/Bw7Cx+lF9O/e3nf778Xt14naLlyb2Hnl/f+9SPGb7/5b94bfuf/X4hc6727d4eNnf7R+/39x44bu8f7fv7Fevv+Xd4LN7v9P9ix7MX83MtAfUVu8NjdwKKK28MabR1vXmlenrk7NnDp27IXh4RdOHhvYF1G70pqe6nn1QA4XAAAAAAAAAAAAAAAAwMOTivjtSNH80VqqR8SNarzW0JnhZ44+3Rd91Xir28ZtvzZ28Wz95dlrc/NTCwtTk/Xxmdbl2cmpe91drRruNT4yuiOduav9O9z+/bWXZ+femG9d/f3FTdcfqJ29tLA437y8+erYH0VEo3fJkarB4yOjVaOnW82ZquqFTQfTf3QDqYh/jxSXT9XTF/KyPP5/4wj/uPnWC7c+C0sbN/QAx/9//sD6+L9P9BQt95lSET+LFL/x50/FF6p2Hog7jlku99eR4sjpz+Vysa8s121D57kCnZGBZdn/jhR//8HtZbvjIZ9cL3v8Ix3cR0B5/g9Giu/96XfiV/Oy25//0Hv+14/fgY0b2qHnP3yqZ9mB255XsO2uk8//0Ujx0pNvx69VS/73Q5//0X1iw+FO4fXnc+zQ+f/lnmVDeb+//qA6DwAAAAAAAAAA8AgbSEX8TaT4wWh/ej4vu5ff/5vcuKEd+v2vT/csm3ww8xXd9cW2DyoAAAAA7BEDqYgfR4qri2/fGkN9+/jvnvGfv7U+/nMkbVhb/Zzvl6rnBjzIn//1Gsr7ndh+twEAAAAAAAAAAAAAAAAAAGBPSamI5/N86hPVeP7JLedTX4kUr/zns7lcOlSW684DP1T9WTs/O3P07PT0bC0Wm5emp+pjc83LU2XdT0WKtb/6XK5bVPOrd+eb78zxvj4X+3ykGP3bbtnOXOzduck784HX2u2I42XZT0SK//i728vmqanz3NHVdk+UZf8yUnz9Hzcve2i97Mmy7HcixQ+/Xu+WPVCW7T4f9dPrZZ+7PFvswFkBAAAAAAAAAAAAAAAAAADg42YgFfEnkeK/ri3fGsuf5/8f6HlbuflWz3z/G9yo5vkfqub/3+r1/cz/Xz1XYGmrvQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOMpRRFvRoq582tpZbB831E715q5fmN8ZHTzavtTVbOvKl9+1Y6fOHnqy88Pn+7mh9d/0D4Tr41dPFt/efba3PzUwsLUZH18pnV5dnLqnrew3fobHakOQP3a69cnr1xZqJ947uRtq28MvT/4xKGhM8PPHH26W3Z8ZHR0rKdM/8B97/0OaYvl+6KIv4gUz373J+kHgxFFbP9Y3OWzs9P2V504UnVifGS06sh0qzmzWK680D0QRUS9p1Kje4zuei7+r91uP6yubKIRsVQ2v2zwkbJ7Y3PN+eal6an6heb8YmuxNTtzIXVaW/anHkWcThHLEbE6eOfmBqKI1yPFtw+upX8ajOjrHocvnR/76rETW7ej2ME+3oOynfWBiOXiXs4ZWxmMIv4hUvz0ncPxz4MR/dH5ii9GvFrm9yNuRud8p/KDcSrivU0+Rzya+qOI/ynP/5m19M5geT3oXlfOfa3+lZkrsz1lu9eVbd4f2u32H5e5e/eHh2mPX5tqUcQPqyv+WvoXf68BAAAAAAAAAAAAAAAA9pAifiVSvPju4VSND741prg1c7V+sXlpujOsrzv2rztmut1ut+upk42cEzmXci7nXMm5mjOKXD9no8xauz2R3y/lXM65knM1Z/Tl+n3VcMV2I7+fyLmUcznnSs7VnNGf6+ds5JzIuZRzOedKztWcsUfG7gEAAAAAAAAAAAAAAAAAAI+Xovovxbe+sZbag535pSeikyvmA33s/TwAAP//9xz3UA==") openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x68042, 0x20) 2.159195901s ago: executing program 4 (id=4658): ioprio_get$pid(0x2, 0x0) ioctl$IOC_WATCH_QUEUE_SET_FILTER(0xffffffffffffffff, 0x5761, 0x0) syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0) syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='nodots,dmask=00000000000000000000003,usefree,nodots,flush,dots,dots,gid=', @ANYRESHEX=0x0, @ANYBLOB], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x58) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x14bb42, 0x8c) pwritev2(r1, &(0x7f0000000100)=[{&(0x7f0000000080)}], 0x1, 0x5410, 0x0, 0x0) fallocate(r0, 0x0, 0x9, 0x1c0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB], 0x28}}, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x143841, 0x114) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f00000003c0)={0x0, 0x2, 0x7fff, 0xffff}) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) r4 = getpid() r5 = syz_pidfd_open(r4, 0x0) setns(r5, 0x24020000) umount2(&(0x7f0000000040)='.\x00', 0x2) close_range(r3, 0xffffffffffffffff, 0x0) 1.934280588s ago: executing program 0 (id=4659): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x101600, 0x0) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x8, &(0x7f0000000080)={[{@nodioread_nolock}, {@sb={'sb', 0x3d, 0x2}}]}, 0x4, 0x529, &(0x7f0000000540)="$eJzs3cFvG1kZAPBvnLhJs+mmC3sABGxZFgqq6iTubrTaC90LCK1WQqw4ceiGxI2i2HUUu6IJPaRH7pWoxAn4D7hxQOqJAzducONSDkgFKlCDxMFoxpPUTezE3TpxE/9+0mTmvZn6ey/ue8/zIs8LYGRdiojtiDgXEZ9GxEyen+RbXG9v6XVPn9xd2nlydymJVuuTfybZ+TQvOv5N6rX8NScj4offi/hJcjBuY3NrbbFarWzk6dlmbX22sbl1dbWQ55QX5hfm3r/2XnlgdX2r9tvH31396Ee//91XHv1p+9s/S4s1/fML2bnOegxSu+rFmO7IG4+Ij44j2JCM5/9/OH3S1va5iHg7a/8zMZa9mwDAWdZqzURrpjMNAJx16f3/dCSFUj4XMB2FQqnUnsN7M6YK1XqjeWWmfvvWcmRzWBejWLi5Wq3M5XOFF6OYpOn57PhZuvxc+n7lWkS8ERH3J85n50tL9eryMD/4AMAIe609/k/tjv//mWiP/52KwyocAHB8JoddAADgxBn/AWD0GP8BYPS8wPjv24EAcEa4/weA0WP8B4DRc+T4f+9kygEAnIgffPxxurV22s+/3n1S99XlSmOtVLu9VFqqb6yXVur1lWqltNRqHfV61Xp9ff7dvWRjc+tGrX77VvPGam1xpXKj4lkCADB8b7z18C/poL/9wflsi461HIzVcLYVhl0AYGjGhl0AYGh8nwdGVx/3+KYB4IzrskRvWz5BkPS64IHFX+G0uvxF8/8wql5m/t/cAZxun23+/zsDLwdw8ozhMLparcSa/wAwYszxAz3//p/r+YiQB4MvCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJwW09mWFErZWuDb6c9CqRRxISIuRjG5uVqtzEXE6xHx54niRJqeH3ahAYCXVPh7kq//dXnmnen9Z88l/53I9hHx019+8os7i83mxnya/6+9/OaDNP98c6N8bhgVAAA6XT+YlY3f5XzfcSP/9Mndpd3tJIv4+MP24qJp3J18a58Zj/FsPxnFiJj6d5Kn29LPK2MDiL99LyK+sFv/ybjTEWE6mwNpr3y6P34a+8LA43f+/vfHLzxX30J2Lt0Xs9/F52Nf4YAjPfyw3U/mbS9t4nn7K8SlbN+9/U9mPdTLS/u/tLnuHOj/Cnv939iB+EnW5i/tpQ8vyeN3//D9A5mtmfa5exFfGu8WP9mLn3Tvf4vv9FnHv375q2/3Otf6VcTlrvXfXZG6lnWzs83a+mxjc+vqam1xpbJSuVUuL8wvzL1/7b3ybDZH3f75x24x/vHBldd7xU/rP9Uj/uTh9Y9v9Fn/X//v0x9/7ZD43/p69/f/zUPip2PiN/uMvzh1vefy3Wn85R71P+L9jyt9xn/0t63lPi8FAE5AY3NrbbFarWwccZB+1jzqGgf9H6T39q9AMbKD2I4Y1AtmkxKZLtekn6hfjSq/+MFkXxcnQyvhbwb9gsPtl4Dj96zRD7skAAAAAAAAAAAAAABAL43NrbWJON7vJw27jgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJxd/w8AAP//jmDDAw==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) sched_setaffinity(r1, 0x8, &(0x7f00000000c0)=0x94e) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = fsopen(0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) fsmount(r4, 0x0, 0x80) unlink(&(0x7f0000000040)='./file2\x00') write$cgroup_pid(0xffffffffffffffff, &(0x7f0000001c00), 0x12) bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x5, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="85000000ad00000066dffffffff8000016000000000000009500000000000000"], &(0x7f0000000140)='GPL\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x41000}, 0x94) r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_pwait(0xffffffffffffffff, 0x0, 0x0, 0x3, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x14000, 0x1}) pipe(0x0) socket$inet6_tcp(0xa, 0x1, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) shmget$private(0x0, 0x1000, 0x100, &(0x7f0000009000/0x1000)=nil) 1.795849062s ago: executing program 1 (id=4660): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000500), r1) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f0000000580)=0x0) sendmsg$NFC_CMD_SE_IO(r1, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a00)={0x2c, r2, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r3}, @NFC_ATTR_SE_INDEX={0x8, 0x15, 0x1}, @NFC_ATTR_SE_APDU={0x5, 0x19, "d8"}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) sendmsg$nl_route_sched(r5, 0x0, 0x44080) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000100), r4) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x24028044) socket$inet6_sctp(0xa, 0x5, 0x84) r6 = socket$rxrpc(0x21, 0x2, 0xa) ioctl$int_in(r6, 0x5452, 0x0) setsockopt$sock_int(r6, 0x1, 0x7, &(0x7f0000000240), 0x4) ioctl$XFS_IOC_START_COMMIT(r6, 0x80585882, &(0x7f0000000380)={0xffffffffffffffff}) sendmsg$nl_route_sched(r7, &(0x7f0000000d80)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000d40)={&(0x7f0000000e80)=@gettclass={0x24, 0x2a, 0x200, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xfff2, 0xffe6}, {0x10, 0xb}, {0x8, 0x6}}, ["", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4090}, 0x4014) r8 = socket$inet_sctp(0x2, 0x1, 0x84) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001300)=@newtfilter={0x24, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, 0x0, {0x5, 0x4}, {}, {0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r8, 0x84, 0xd, 0x0, 0x0) r9 = socket(0x10, 0x3, 0x0) r10 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'veth0\x00'}) sendmsg$nl_route_sched(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00'}) sendmsg$nl_route_sched(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x40022}, 0x2000400c) getsockopt$CAN_RAW_RECV_OWN_MSGS(r9, 0x65, 0x4, 0x0, &(0x7f0000000180)) 1.704608265s ago: executing program 1 (id=4662): sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc000000190001000000000000000000200100000000000000000000000000006401010200000000000000000000000000000005000000030a00200000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0800000000000000ac00000000000000ff0f000000000000ffffffffffffffff0000000000000000ffffffffffffffffffffff7f0000000000000100000000000200000000000000040a00000000000000000000008040000000000000000008000000000000000001000003000000004400050000000000000000000000000000000000000004d23c"], 0xfc}}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a44, 0x1700) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc000000190001002dbd70000000000064010100000000000000000000000000fc01000000000000000000000000000000000000000000000a0000"], 0xfc}, 0x1, 0x0, 0x0, 0x40}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000380)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) sendto$inet6(r2, 0x0, 0x0, 0x2409c8c1, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) 1.640057547s ago: executing program 3 (id=4663): r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x0, 0x0) creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000000c0)={'pcl816\x00', [0x100, 0x3, 0x0, 0x8, 0xe, 0x5, 0x79, 0x3, 0x8000a, 0x2, 0x5, 0x1, 0x7, 0x1, 0x2, 0x200000fc, 0xfffffffb, 0x9, 0x3, 0x7fffffff, 0x88, 0xca9f, 0x0, 0x20401e58, 0xffffffff, 0xf39e, 0x3, 0x8, 0x5ab7c328, 0x1, 0xffffffff]}) ioctl$COMEDI_SETRSUBD(r0, 0x6410) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 1.217253801s ago: executing program 4 (id=4664): timerfd_settime(0xffffffffffffffff, 0x1, &(0x7f0000000000)={{0x0, 0x989680}}, 0x0) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040e0b080510"], 0xe) 1.123976554s ago: executing program 4 (id=4665): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000140), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) userfaultfd(0x80001) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f00000001c0)={0x9, 0x102001d, 0xfffffffb, 0xffffffff}, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x543ddcb2c1ce9a4c) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x4c, 0x0}, 0xe07e872420dfefca) socket$packet(0x11, 0x2, 0x300) r1 = socket$l2tp6(0xa, 0x2, 0x73) recvfrom$l2tp6(r1, 0x0, 0x0, 0x61, 0x0, 0x0) r2 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r2, &(0x7f0000000140)={0x18, 0x2, {0xffff, @dev={0xac, 0x14, 0x14, 0x1c}}}, 0x1e) r3 = socket$rxrpc(0x21, 0x2, 0x2) setsockopt$RXRPC_SECURITY_KEYRING(r3, 0x110, 0x2, 0x0, 0x0) ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000180)) connect$pptp(r2, 0x0, 0x0) r4 = openat$ppp(0xffffffffffffff9c, 0x0, 0x202, 0x0) ioctl$PPPIOCSMRRU(r4, 0x4004743b, &(0x7f0000000300)=0xc7) write(r4, &(0x7f00000003c0)="0000f289c3848dfe23eb3eca82d185b6ac515d6fd43b7d44c66176d761a646d62ef34e39ed0fe777918c9f05d7fcaa922ffdeabfe81001911c95c213f6a8543cea2d7e5acbf69022931a1ad0153f9944b2f07696f3da8c436c128bea55b4f21bbdbe71ad56821155ed518c677d48766be5eab0a72d567433febcfa86ffbf0f8b776b", 0x82) poll(&(0x7f0000000440), 0x0, 0x101) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7ffffcb9}]}) pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x8, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x6, 0xf, 0x80000006}, 0x0, 0x0) 983.944248ms ago: executing program 0 (id=4666): r0 = socket$inet6_udp(0xa, 0x2, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$pppoe(0x18, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) socket(0x10, 0x3, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000001800010000000000000000000a000000000000000000000008000400", @ANYBLOB="06001500070000000c00168008000100", @ANYRES64=r1], 0x38}}, 0x10) ioctl$EXT4_IOC_MIGRATE(0xffffffffffffffff, 0x6609) 966.031839ms ago: executing program 0 (id=4667): gettid() timer_settime(0x0, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) recvmmsg(r0, &(0x7f0000000400)=[{{0x0, 0xf5ffffff, 0x0, 0x0, 0x0, 0x4000000, 0xfff5}}], 0xf00, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f000000e0c0)=""/102400, 0x19000) shutdown(r0, 0x0) 723.525096ms ago: executing program 0 (id=4668): socket(0x1d, 0x2, 0x6) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi4\x00', 0x9730514a12869b60, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x4008094) r0 = userfaultfd(0x800) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x108}) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x34}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000) r1 = syz_usb_connect(0x0, 0x2d, &(0x7f00000005c0)=ANY=[@ANYBLOB="12010000413f5f201d0650c16fce0102030109021b00010000100009043300011870fd00090582020002"], 0x0) syz_usb_control_io$hid(r1, 0x0, 0x0) syz_usb_ep_write$ath9k_ep1(r1, 0x82, 0xa8, &(0x7f0000000000)=ANY=[@ANYBLOB="1b1b", @ANYRES16=r1]) 664.042988ms ago: executing program 4 (id=4669): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008200122010009058103"], 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, &(0x7f00000002c0)=ANY=[@ANYBLOB="00000c000000070001"], 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000180)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB=' '], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$rtl8150(r0, 0x0, &(0x7f0000000840)={0x2c, &(0x7f0000000680)={0x20, 0x0, 0x4, "0c8ac451"}, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, 0x0) 663.729468ms ago: executing program 1 (id=4670): syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000001c0)='./file0\x00', 0x48c5, &(0x7f0000000400)={[{@shortname_lower}, {@shortname_winnt}, {@fat=@nfs}, {@fat=@discard}, {@uni_xlate}, {@shortname_lower}, {@fat=@sys_immutable}, {@fat=@dos1xfloppy}, {@fat=@dmask={'dmask', 0x3d, 0x4007}}, {@rodir}, {@utf8no}, {@rodir}, {@rodir}]}, 0x0, 0x2b2, &(0x7f0000000840)="$eJzs3E9rE08YwPGnSf+kKW1yKD/4HcQHvehlaeMrCNKCGFBqI+pBmNqNhqzZko2RiJjevPo6ikdPCuob6MWbd/VSBMFLD2Kkm127bRf7x9aN5vuBstOZeXZnMpvw7MLuxo1n92sVz6qYpqQyKimRVdkUyW+VAkPBNuWXRyVqVc5PfH1/6trNW5eLpdLcgup8cfFCQVWnTr9++Pj5mbfNiesvpl6NyXr+9saXwof1/9b/3/i+GO7dFTG65LpNs+TYulz1apbqVcc2nq3Vumc3mhpprzjuykpbTX15MrvSsD1PTb2tNbutTVebjbaau6ZaV8uydDIrgyZ96Ijy2sKCKZ7IYJCE8bjKRqNo0rGN5bU/MSgAANBfksr/71U9rXpad3fk93vz/5QcIv8XGdD8Pzbt28/HQ+b/Y0c5CJK3lf9ng+/vTuT/AAAAAAAAAAAAAAAAAAAAAAD8DTa73Vy3282F2/BvTEQyIhL+n/Q4cTJY/8EWeXAvI+I8bZVb5d62116sSFUcsWVmROSbfz4EeuX5S6W5GfXl5Y3TCeI7rXLaf2DMjw/l4+Nne/Eaje/IiGSjxy9ITqbj4wsx8a3yqJw72w2fWbPFkpy8uyOuOLLsn9fb8U9mVS9eKe2KH/f7AQAAAADwL7D0pz3X7367peFrQ3a19yq37w9Ibp/7A7uur4dlaDi5eQMAAAAAMEi89qOacRy70TeFcGTHv+fx49xz8h9dpmacTjClX3YeFpGg5mW/rPJBCqmtiR0xPP17q/xZRHbUTCe+3MdR+PQgOF0O0DmBHyMAAAAAJypM+oeSHggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPsoC8PC/sf5d1jkcOlk5klAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0B9+BAAA//8INhII") r0 = syz_open_procfs(0x0, &(0x7f0000000540)='mounts\x00') read$FUSE(r0, &(0x7f0000002c00)={0x2020}, 0x2020) 663.509148ms ago: executing program 3 (id=4671): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x410c0}, 0x4000020) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000100)) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0) r4 = openat$vimc1(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) ioctl$VIDIOC_TRY_FMT(r4, 0xc0d05640, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) timer_create(0x3, 0x0, &(0x7f0000000540)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) timer_create(0xfffffffffffffffd, 0x0, &(0x7f0000001400)=0x0) timer_settime(r5, 0x0, &(0x7f0000000000)={{0x77359400}, {0x77359400}}, 0x0) r6 = dup3(r3, r1, 0x0) r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r7, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1}) ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000bc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000, 0x0, &(0x7f0000000200)={0x30, 0x30, 0x30}}}], 0x0, 0x0, 0x0}) r8 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0) sendfile(r8, r0, &(0x7f0000002080)=0x64, 0x23b) 595.590731ms ago: executing program 1 (id=4672): socket$nl_netfilter(0x10, 0x3, 0xc) socket$netlink(0x10, 0x3, 0x4) syz_io_uring_setup(0x132a, &(0x7f0000000000)={0x0, 0x6b7a, 0x80, 0x1, 0x3df}, 0x0, 0x0, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x1}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x4, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@call={0x85, 0x0, 0x0, 0x2a}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$packet(0x11, 0x3, 0x300) socket$packet(0x11, 0x2, 0x300) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f0000000640)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) socket$inet6_tcp(0xa, 0x1, 0x0) openat$vcs(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0xa, 0xb, 0x42, 0x3e, 0x42}, 0x50) r0 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x88) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)=ANY=[@ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r1], 0x20) 594.245051ms ago: executing program 3 (id=4673): keyctl$dh_compute(0x17, 0x0, 0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) bind$inet6(r0, &(0x7f0000000300)={0xa, 0x4e23, 0x0, @loopback, 0x3}, 0x7e) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000040)={0x1, 0x8, 0x2, 0x8, 0x7, 0x5, 0x3, 0x0, 0x2, 0x5, 0x36, 0x2, 0x5}, 0xe) close_range(r1, 0xffffffffffffffff, 0x0) 506.149364ms ago: executing program 1 (id=4674): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) getpid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff}) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000500)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) 451.946665ms ago: executing program 3 (id=4675): sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x7, 0x1c, &(0x7f00000009c0)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x5, 0x9, 0x0, 0x2, 0x300}, {0x6e}}, [@snprintf={{0x7, 0x0, 0xb, 0x9}, {0x3, 0x2, 0x3, 0xa, 0x9, 0xfff0}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x2}, {0x3, 0x0, 0x6, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x2, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x82) 412.474196ms ago: executing program 3 (id=4676): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) ioctl$VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4012011, 0xffffffffffffffff, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) 348.925259ms ago: executing program 3 (id=4677): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000140), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) userfaultfd(0x80001) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f00000001c0)={0x9, 0x102001d, 0xfffffffb, 0xffffffff}, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x543ddcb2c1ce9a4c) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x4c, 0x0}, 0xe07e872420dfefca) socket$packet(0x11, 0x2, 0x300) r1 = socket$l2tp6(0xa, 0x2, 0x73) recvfrom$l2tp6(r1, 0x0, 0x0, 0x61, 0x0, 0x0) r2 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r2, &(0x7f0000000140)={0x18, 0x2, {0xffff, @dev={0xac, 0x14, 0x14, 0x1c}}}, 0x1e) r3 = socket$rxrpc(0x21, 0x2, 0x2) setsockopt$RXRPC_SECURITY_KEYRING(r3, 0x110, 0x2, 0x0, 0x0) ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000180)) connect$pptp(r2, 0x0, 0x0) r4 = openat$ppp(0xffffffffffffff9c, 0x0, 0x202, 0x0) ioctl$PPPIOCSMRRU(r4, 0x4004743b, &(0x7f0000000300)=0xc7) write(r4, &(0x7f00000003c0)="0000f289c3848dfe23eb3eca82d185b6ac515d6fd43b7d44c66176d761a646d62ef34e39ed0fe777918c9f05d7fcaa922ffdeabfe81001911c95c213f6a8543cea2d7e5acbf69022931a1ad0153f9944b2f07696f3da8c436c128bea55b4f21bbdbe71ad56821155ed518c677d48766be5eab0a72d567433febcfa86ffbf0f8b776b", 0x82) poll(&(0x7f0000000440), 0x0, 0x101) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7ffffcb9}]}) pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x8, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x6, 0xf, 0x80000006}, 0x0, 0x0) 0s ago: executing program 0 (id=4678): r0 = socket$inet6(0xa, 0x2, 0x0) sendmmsg$inet6(r0, &(0x7f0000002900)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c, 0x0}}], 0x1, 0x20008050) kernel console output (not intermixed with test programs): T9] usb 4-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 1194.236147][ T9] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 1194.246955][ T9] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 1194.256995][ T9] usb 4-1: media controller created [ 1194.276565][ T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1194.450808][ T1769] hso 2-1:0.0: Failed to find INT IN ep [ 1194.689936][ T8381] usb 2-1: USB disconnect, device number 7 [ 1194.852872][T12714] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1194.867979][T12714] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1194.879499][T12714] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1194.888055][T12714] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1194.900329][T12714] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 1194.910554][T12714] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1195.438664][ T9] usb 4-1: dvb_usb_ce6230: usb_control_msg() failed=-110 [ 1195.554022][ T9] zl10353_read_register: readreg error (reg=127, ret==-110) [ 1195.602731][T16039] usb 4-1: dvb_usb_ce6230: usb_control_msg() failed=-32 [ 1196.070833][T16047] chnl_net:caif_netlink_parms(): no params data found [ 1196.979114][T12714] Bluetooth: hci2: command tx timeout [ 1197.186575][ T9] usb 4-1: USB disconnect, device number 7 [ 1197.388185][T16058] loop1: detected capacity change from 0 to 512 [ 1197.406291][T14447] udevd[14447]: setting owner of /dev/bus/usb/004/007 to uid=0, gid=0 failed: No such file or directory [ 1197.529473][T16058] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1197.660229][T16058] EXT4-fs: Ignoring removed bh option [ 1197.879624][T16058] EXT4-fs error (device loop1): mb_free_blocks:1970: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 1198.121873][T16058] EXT4-fs error (device loop1): ext4_do_update_inode:5255: inode #11: comm syz.1.2807: corrupted inode contents [ 1198.159284][T16058] EXT4-fs error (device loop1): ext4_dirty_inode:6143: inode #11: comm syz.1.2807: mark_inode_dirty error [ 1198.187921][T16058] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.2807: invalid indirect mapped block 1 (level 1) [ 1198.222527][T16058] EXT4-fs error (device loop1): ext4_do_update_inode:5255: inode #11: comm syz.1.2807: corrupted inode contents [ 1198.265778][T16047] bridge0: port 1(bridge_slave_0) entered blocking state [ 1198.285355][T16047] bridge0: port 1(bridge_slave_0) entered disabled state [ 1198.294236][T16058] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem [ 1199.506245][T14802] Bluetooth: hci2: command tx timeout [ 1199.509505][T16047] bridge_slave_0: entered allmulticast mode [ 1199.530433][T16047] bridge_slave_0: entered promiscuous mode [ 1199.539506][T16058] EXT4-fs error (device loop1): ext4_do_update_inode:5255: inode #11: comm syz.1.2807: corrupted inode contents [ 1199.539693][T16047] bridge0: port 2(bridge_slave_1) entered blocking state [ 1199.553531][T16058] EXT4-fs error (device loop1): ext4_truncate:4301: inode #11: comm syz.1.2807: mark_inode_dirty error [ 1199.574064][T16058] EXT4-fs error (device loop1) in ext4_process_orphan:345: Corrupt filesystem [ 1199.614698][T16058] EXT4-fs (loop1): 1 truncate cleaned up [ 1199.621706][T16047] bridge0: port 2(bridge_slave_1) entered disabled state [ 1199.628952][T16047] bridge_slave_1: entered allmulticast mode [ 1199.650614][T16058] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1199.667517][T16047] bridge_slave_1: entered promiscuous mode [ 1199.750033][T16047] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1199.782227][T16047] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1200.099382][T14802] Bluetooth: hci3: command 0x0406 tx timeout [ 1200.137402][T16069] syzkaller0: entered promiscuous mode [ 1200.143204][T16069] syzkaller0: entered allmulticast mode [ 1200.277812][ T7381] syz_tun (unregistering): left allmulticast mode [ 1200.345378][T16047] team0: Port device team_slave_0 added [ 1200.453565][T14307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1201.540807][T12714] Bluetooth: hci2: command tx timeout [ 1202.498593][T16047] team0: Port device team_slave_1 added [ 1202.547034][T16047] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1202.554219][T16047] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1202.625548][T16047] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1202.736472][T16047] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1202.749191][T16047] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1202.791434][T16047] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1202.954578][T16096] loop1: detected capacity change from 0 to 1024 [ 1203.629067][T12714] Bluetooth: hci2: command tx timeout [ 1204.612988][T16096] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 1205.824021][T16096] ext4 filesystem being mounted at /125/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1205.940929][T16047] hsr_slave_0: entered promiscuous mode [ 1206.019426][T16047] hsr_slave_1: entered promiscuous mode [ 1206.050009][T16047] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1206.063625][T14307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 1206.069078][T16047] Cannot create hsr debugfs directory [ 1206.328263][T16114] syzkaller0: entered promiscuous mode [ 1206.338476][T16114] syzkaller0: entered allmulticast mode [ 1206.390198][T16117] loop1: detected capacity change from 0 to 1764 [ 1206.457772][T14447] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1211.258779][T16047] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1211.296373][T16047] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1211.323152][T16047] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1211.341138][T16047] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1212.578722][T16185] syzkaller0: entered promiscuous mode [ 1212.601758][T16185] syzkaller0: entered allmulticast mode [ 1212.627242][ T4530] hsr_slave_0: left promiscuous mode [ 1212.633909][ T4530] hsr_slave_1: left promiscuous mode [ 1212.642766][ T4530] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1212.651348][ T4530] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1212.660884][ T4530] team0: left allmulticast mode [ 1212.665848][ T4530] team_slave_0: left allmulticast mode [ 1212.671599][ T4530] team_slave_1: left allmulticast mode [ 1212.677659][ T4530] team0: left promiscuous mode [ 1212.682768][ T4530] team_slave_0: left promiscuous mode [ 1212.688383][ T4530] team_slave_1: left promiscuous mode [ 1212.694481][ T4530] bridge0: port 3(team0) entered disabled state [ 1212.704582][ T4530] bridge_slave_1: left allmulticast mode [ 1212.710419][ T4530] bridge_slave_1: left promiscuous mode [ 1212.716310][ T4530] bridge0: port 2(bridge_slave_1) entered disabled state [ 1212.725434][ T4530] bridge_slave_0: left allmulticast mode [ 1212.731567][ T4530] bridge_slave_0: left promiscuous mode [ 1212.737352][ T4530] bridge0: port 1(bridge_slave_0) entered disabled state [ 1212.772140][ T4530] bond3 (unregistering): (slave macvlan5): Releasing backup interface [ 1212.993228][ T4530] bond3 (unregistering): Released all slaves [ 1213.177421][ T4530] bond2 (unregistering): Released all slaves [ 1213.308720][ T4530] bond1 (unregistering): Released all slaves [ 1213.793785][ T4530] team0 (unregistering): Port device team_slave_1 removed [ 1213.840665][ T4530] team0 (unregistering): Port device team_slave_0 removed [ 1213.890275][ T4530] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1213.938917][ T4530] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1214.282172][ T4530] bond0 (unregistering): Released all slaves [ 1216.426649][T16047] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1216.528863][T16047] 8021q: adding VLAN 0 to HW filter on device team0 [ 1216.567309][T12212] bridge0: port 1(bridge_slave_0) entered blocking state [ 1216.574542][T12212] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1216.621060][T12212] bridge0: port 2(bridge_slave_1) entered blocking state [ 1216.628280][T12212] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1216.837893][ T4530] IPVS: stop unused estimator thread 0... [ 1217.201903][T16047] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1217.350036][T16246] sch_tbf: burst 0 is lower than device syzkaller0 mtu (1500) ! [ 1217.437939][T16246] syzkaller0: entered promiscuous mode [ 1217.445307][T16246] syzkaller0: entered allmulticast mode [ 1218.429440][ T9] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 1218.619165][ T9] usb 4-1: Using ep0 maxpacket: 32 [ 1218.631799][ T9] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 1218.641522][ T9] usb 4-1: config 0 has no interface number 0 [ 1218.651521][ T9] usb 4-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=93.d8 [ 1218.660842][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1218.669501][ T9] usb 4-1: Product: syz [ 1218.673774][ T9] usb 4-1: Manufacturer: syz [ 1218.678393][ T9] usb 4-1: SerialNumber: syz [ 1218.698705][ T9] usb 4-1: config 0 descriptor?? [ 1218.728214][ T9] usb 4-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 1218.737289][ T9] usb 4-1: selecting invalid altsetting 1 [ 1218.743964][ T9] usb 4-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 1218.757656][ T9] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 1218.768714][ T9] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 1218.777232][ T9] usb 4-1: media controller created [ 1218.811838][ T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1218.966188][ T9] usb 4-1: dvb_usb_ce6230: usb_control_msg() failed=-71 [ 1218.977580][ T9] zl10353_read_register: readreg error (reg=127, ret==-71) [ 1219.001942][ T9] usb 4-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 1219.061400][ T9] usb 4-1: USB disconnect, device number 8 [ 1220.133378][T16047] veth0_vlan: entered promiscuous mode [ 1220.182301][T16047] veth1_vlan: entered promiscuous mode [ 1220.227037][T16047] veth0_macvtap: entered promiscuous mode [ 1220.256226][T16047] veth1_macvtap: entered promiscuous mode [ 1220.333174][T16047] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1220.368416][T16047] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1220.402117][T16047] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1220.419796][T16047] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1220.452415][T16047] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1220.469284][T16047] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1220.589277][ T28] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 1220.647189][ T4369] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1220.659406][ T4369] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1220.711220][ T4369] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1220.721645][ T4369] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1220.803589][ T28] usb 2-1: Using ep0 maxpacket: 8 [ 1220.839471][T14079] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 1220.847005][ T28] usb 2-1: unable to get BOS descriptor or descriptor too short [ 1220.848030][ T28] usb 2-1: config 4 interface 0 has no altsetting 0 [ 1220.864054][T16301] sch_tbf: burst 0 is lower than device syzkaller0 mtu (1500) ! [ 1220.877308][ T28] usb 2-1: string descriptor 0 read error: -22 [ 1220.888467][ T28] usb 2-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05 [ 1220.919137][ T28] usb 2-1: New USB device strings: Mfr=2, Product=0, SerialNumber=3 [ 1220.951263][ T28] usb 2-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state [ 1220.988279][ T28] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 1220.995233][T16301] syzkaller0: entered promiscuous mode [ 1221.009829][ T28] dvbdev: DVB: registering new adapter (Sigmatek DVB-110) [ 1221.013315][T16301] syzkaller0: entered allmulticast mode [ 1221.017008][ T28] usb 2-1: media controller created [ 1221.064683][ T28] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1221.070058][T14079] usb 1-1: Using ep0 maxpacket: 32 [ 1221.092327][T14079] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 1221.101269][T14079] usb 1-1: config 0 has no interface number 0 [ 1221.111427][T14079] usb 1-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=93.d8 [ 1221.135742][T14079] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1221.154386][T14079] usb 1-1: Product: syz [ 1221.169291][T14079] usb 1-1: Manufacturer: syz [ 1221.180109][T14079] usb 1-1: SerialNumber: syz [ 1221.189186][ T1769] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 1221.199794][T14079] usb 1-1: config 0 descriptor?? [ 1221.228175][T14079] usb 1-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 1221.245917][T14079] usb 1-1: selecting invalid altsetting 1 [ 1221.256486][T14079] usb 1-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 1221.268658][T14079] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 1221.280135][T14079] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 1221.288486][T14079] usb 1-1: media controller created [ 1221.325352][T14079] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1221.400356][ T1769] usb 5-1: Using ep0 maxpacket: 16 [ 1221.418106][ T1769] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 1221.430360][T14079] usb 1-1: dvb_usb_ce6230: usb_control_msg() failed=-71 [ 1221.444627][ T1769] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 1221.454525][T14079] zl10353_read_register: readreg error (reg=127, ret==-71) [ 1221.461933][ T1769] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1221.477579][ T1769] usb 5-1: Product: syz [ 1221.482449][T14079] usb 1-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 1221.489696][ T1769] usb 5-1: Manufacturer: syz [ 1221.494527][ T1769] usb 5-1: SerialNumber: syz [ 1221.507736][ T1769] usb 5-1: config 0 descriptor?? [ 1221.529704][ T1769] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 1221.555220][ T1769] em28xx 5-1:0.0: DVB interface 0 found: bulk [ 1221.592940][T14079] usb 1-1: USB disconnect, device number 6 [ 1222.151493][ T1769] em28xx 5-1:0.0: unknown em28xx chip ID (0) [ 1222.180446][ T28] zl10353_read_register: readreg error (reg=127, ret==0) [ 1222.189028][T16281] usb 2-1: dvb_usb_au6610: wlen=0, aborting [ 1222.294892][ T28] usb 2-1: USB disconnect, device number 8 [ 1222.822446][ T1769] em28xx 5-1:0.0: failed to get i2c transfer status from bridge register (error=-5) [ 1222.835792][ T1769] em28xx 5-1:0.0: board has no eeprom [ 1222.909947][ T1769] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 1222.929373][ T1769] em28xx 5-1:0.0: dvb set to bulk mode. [ 1222.954946][T14079] em28xx 5-1:0.0: Binding DVB extension [ 1222.995365][ T1769] usb 5-1: USB disconnect, device number 3 [ 1223.010240][ T1769] em28xx 5-1:0.0: Disconnecting em28xx [ 1223.077679][T14079] em28xx 5-1:0.0: Registering input extension [ 1223.096891][ T1769] em28xx 5-1:0.0: Closing input extension [ 1223.314917][ T1769] em28xx 5-1:0.0: Freeing device [ 1224.569368][T16350] netlink: 'syz.4.2870': attribute type 2 has an invalid length. [ 1224.589373][T16349] syzkaller0: entered promiscuous mode [ 1224.594908][T16349] syzkaller0: entered allmulticast mode [ 1224.946048][T16356] sch_tbf: burst 0 is lower than device syzkaller0 mtu (1500) ! [ 1225.064383][T16356] syzkaller0: entered promiscuous mode [ 1225.071357][T16356] syzkaller0: entered allmulticast mode [ 1225.390512][T16374] overlayfs: missing 'lowerdir' [ 1227.406784][T16384] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2879'. [ 1227.698813][T16407] overlayfs: missing 'lowerdir' [ 1228.683836][T16423] sch_tbf: peakrate 11 is lower than or equals to rate 996173156578218475 ! [ 1228.744730][T16423] syzkaller0: entered promiscuous mode [ 1228.779040][T16423] syzkaller0: entered allmulticast mode [ 1230.115388][T16438] overlayfs: missing 'lowerdir' [ 1233.202224][T16474] overlayfs: missing 'lowerdir' [ 1235.569249][T16491] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 1235.605640][T14079] hid-generic 0006:0008:0001.0005: unknown main item tag 0x0 [ 1235.625046][T14079] hid-generic 0006:0008:0001.0005: unknown main item tag 0x0 [ 1235.821495][T14079] hid-generic 0006:0008:0001.0005: unknown main item tag 0x0 [ 1235.829072][T14079] hid-generic 0006:0008:0001.0005: unknown main item tag 0x0 [ 1235.837078][T14079] hid-generic 0006:0008:0001.0005: unknown main item tag 0x0 [ 1235.844558][T14079] hid-generic 0006:0008:0001.0005: unknown main item tag 0x0 [ 1235.852016][T14079] hid-generic 0006:0008:0001.0005: unknown main item tag 0x0 [ 1235.859597][T14079] hid-generic 0006:0008:0001.0005: unknown main item tag 0x0 [ 1235.867014][T14079] hid-generic 0006:0008:0001.0005: unknown main item tag 0x0 [ 1235.874532][T14079] hid-generic 0006:0008:0001.0005: unknown main item tag 0x0 [ 1236.283280][T16505] overlayfs: missing 'lowerdir' [ 1236.561886][T14079] hid-generic 0006:0008:0001.0005: unknown main item tag 0x0 [ 1236.569483][T14079] hid-generic 0006:0008:0001.0005: unknown main item tag 0x0 [ 1236.576903][T14079] hid-generic 0006:0008:0001.0005: unknown main item tag 0x0 [ 1236.585607][T14079] hid-generic 0006:0008:0001.0005: unknown main item tag 0x0 [ 1236.593705][T14079] hid-generic 0006:0008:0001.0005: unknown main item tag 0x0 [ 1236.605381][T14079] hid-generic 0006:0008:0001.0005: unknown main item tag 0x0 [ 1236.630711][T14079] hid-generic 0006:0008:0001.0005: unknown main item tag 0x0 [ 1236.660725][T14079] hid-generic 0006:0008:0001.0005: hidraw0: VIRTUAL HID v0.04 Device [syz1] on syz0 [ 1237.414425][T16513] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1237.422741][T16513] 8021q: adding VLAN 0 to HW filter on device team0 [ 1237.435261][T16513] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 1238.222430][T16515] fido_id[16515]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 1238.652280][T16541] Bluetooth: MGMT ver 1.22 [ 1238.983908][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 1239.016580][T16552] overlayfs: missing 'lowerdir' [ 1239.060367][T16518] bridge0: port 2(bridge_slave_1) entered disabled state [ 1239.068057][T16518] bridge0: port 1(bridge_slave_0) entered disabled state [ 1240.415266][T16518] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1240.456634][T16518] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1240.513232][ T9] hid-generic 0006:0008:0001.0006: unknown main item tag 0x0 [ 1240.525786][ T9] hid-generic 0006:0008:0001.0006: unknown main item tag 0x0 [ 1240.534698][ T9] hid-generic 0006:0008:0001.0006: unknown main item tag 0x0 [ 1240.547298][ T9] hid-generic 0006:0008:0001.0006: unknown main item tag 0x0 [ 1240.555262][ T9] hid-generic 0006:0008:0001.0006: unknown main item tag 0x0 [ 1240.564046][ T9] hid-generic 0006:0008:0001.0006: unknown main item tag 0x0 [ 1240.571944][ T9] hid-generic 0006:0008:0001.0006: unknown main item tag 0x0 [ 1240.580274][ T9] hid-generic 0006:0008:0001.0006: unknown main item tag 0x0 [ 1240.587864][ T9] hid-generic 0006:0008:0001.0006: unknown main item tag 0x0 [ 1240.595936][ T9] hid-generic 0006:0008:0001.0006: unknown main item tag 0x0 [ 1240.603976][ T9] hid-generic 0006:0008:0001.0006: unknown main item tag 0x0 [ 1240.611890][ T9] hid-generic 0006:0008:0001.0006: unknown main item tag 0x0 [ 1240.620139][ T9] hid-generic 0006:0008:0001.0006: unknown main item tag 0x0 [ 1240.627553][ T9] hid-generic 0006:0008:0001.0006: unknown main item tag 0x0 [ 1240.636150][ T9] hid-generic 0006:0008:0001.0006: unknown main item tag 0x0 [ 1240.643937][ T9] hid-generic 0006:0008:0001.0006: unknown main item tag 0x0 [ 1240.651898][ T9] hid-generic 0006:0008:0001.0006: unknown main item tag 0x0 [ 1240.669851][ T9] hid-generic 0006:0008:0001.0006: hidraw0: VIRTUAL HID v0.04 Device [syz1] on syz0 [ 1240.739067][T12714] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 1240.743655][T16581] fido_id[16581]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 1240.746089][T12714] Bluetooth: hci0: command 0x0406 tx timeout [ 1240.900231][T16518] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1240.909385][T16518] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1240.918245][T16518] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1240.927794][T16518] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1241.109267][T16568] syzkaller0: entered promiscuous mode [ 1241.114800][T16568] syzkaller0: entered allmulticast mode [ 1244.345964][T16585] workqueue: Failed to create a rescuer kthread for wq "bond3": -EINTR [ 1244.516677][T14036] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 1244.769040][T14036] usb 4-1: Using ep0 maxpacket: 32 [ 1244.793209][T14036] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1244.823358][T14036] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1244.839036][T14036] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 1244.848124][T14036] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1244.874709][ T28] hid-generic 0006:0008:0001.0007: unknown main item tag 0x0 [ 1244.882271][ T28] hid-generic 0006:0008:0001.0007: unknown main item tag 0x0 [ 1244.892463][T14036] usb 4-1: config 0 descriptor?? [ 1244.897688][ T28] hid-generic 0006:0008:0001.0007: unknown main item tag 0x0 [ 1244.907794][T14036] hub 4-1:0.0: USB hub found [ 1244.912543][ T28] hid-generic 0006:0008:0001.0007: unknown main item tag 0x0 [ 1244.921117][ T28] hid-generic 0006:0008:0001.0007: unknown main item tag 0x0 [ 1244.928622][ T28] hid-generic 0006:0008:0001.0007: unknown main item tag 0x0 [ 1244.936492][ T28] hid-generic 0006:0008:0001.0007: unknown main item tag 0x0 [ 1244.942721][ T1769] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 1244.944907][ T28] hid-generic 0006:0008:0001.0007: unknown main item tag 0x0 [ 1244.959094][ T28] hid-generic 0006:0008:0001.0007: unknown main item tag 0x0 [ 1244.966520][ T28] hid-generic 0006:0008:0001.0007: unknown main item tag 0x0 [ 1244.994832][ T28] hid-generic 0006:0008:0001.0007: unknown main item tag 0x0 [ 1245.015977][ T28] hid-generic 0006:0008:0001.0007: unknown main item tag 0x0 [ 1245.036808][ T28] hid-generic 0006:0008:0001.0007: unknown main item tag 0x0 [ 1245.063043][ T28] hid-generic 0006:0008:0001.0007: unknown main item tag 0x0 [ 1245.081728][ T28] hid-generic 0006:0008:0001.0007: unknown main item tag 0x0 [ 1245.104662][ T28] hid-generic 0006:0008:0001.0007: unknown main item tag 0x0 [ 1245.112476][T14036] hub 4-1:0.0: 1 port detected [ 1245.129532][ T28] hid-generic 0006:0008:0001.0007: unknown main item tag 0x0 [ 1245.139911][ T28] hid-generic 0006:0008:0001.0007: hidraw0: VIRTUAL HID v0.04 Device [syz1] on syz0 [ 1245.140359][ T1769] usb 5-1: Using ep0 maxpacket: 16 [ 1245.176533][ T1769] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1245.200146][ T1769] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 1245.212830][ T1769] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1245.230016][ T1769] usb 5-1: config 0 descriptor?? [ 1245.274441][T16635] fido_id[16635]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 1245.674875][ T1769] mcp2221 0003:04D8:00DD.0008: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.4-1/input0 [ 1245.733107][T14036] hub 4-1:0.0: activate --> -90 [ 1245.940999][ T28] usb 4-1: USB disconnect, device number 9 [ 1245.946968][T14036] hub 4-1:0.0: hub_ext_port_status failed (err = -71) [ 1246.869830][ T1769] usb 5-1: USB disconnect, device number 4 [ 1247.937549][T16647] 8021q: adding VLAN 0 to HW filter on device bond1 [ 1248.185218][T16658] syzkaller0: entered promiscuous mode [ 1248.209058][T16658] syzkaller0: entered allmulticast mode [ 1248.669062][T14079] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 1248.849026][T14079] usb 4-1: Using ep0 maxpacket: 16 [ 1248.856222][T14079] usb 4-1: config index 0 descriptor too short (expected 52, got 36) [ 1248.870508][T14079] usb 4-1: config 0 has an invalid interface number: 251 but max is 0 [ 1248.879543][T14079] usb 4-1: config 0 has no interface number 0 [ 1248.887053][T14079] usb 4-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 1248.897719][T14079] usb 4-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 1248.956039][T14079] usb 4-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 1249.010254][T14079] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1249.084293][T14079] usb 4-1: Product: syz [ 1249.122779][T14079] usb 4-1: Manufacturer: syz [ 1249.166176][T14079] usb 4-1: SerialNumber: syz [ 1249.275420][T14079] usb 4-1: config 0 descriptor?? [ 1249.331363][T16663] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1249.444468][T16663] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1250.055023][T16663] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1250.173822][T16663] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1250.419315][T14802] Bluetooth: hci2: command tx timeout [ 1250.639952][T16663] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1250.674997][T16663] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1250.727708][T16663] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1250.758662][T16663] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1251.430694][T14036] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 1251.649248][T14036] usb 5-1: Using ep0 maxpacket: 32 [ 1251.739373][T14036] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1251.784525][T14036] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1251.830699][T14036] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 1251.869215][T14036] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1251.914758][T14036] usb 5-1: config 0 descriptor?? [ 1251.966462][T14036] hub 5-1:0.0: USB hub found [ 1251.973001][T16686] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR [ 1252.112232][ T27] audit: type=1326 audit(1779579596.225:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16692 comm="syz.0.2963" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd65b9ce59 code=0x7ffc0000 [ 1252.174086][T14036] hub 5-1:0.0: 1 port detected [ 1252.200580][ T27] audit: type=1326 audit(1779579596.225:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16692 comm="syz.0.2963" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd65b9ce59 code=0x7ffc0000 [ 1252.259066][ T27] audit: type=1326 audit(1779579596.225:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16692 comm="syz.0.2963" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=424 compat=0 ip=0x7fbd65b9ce59 code=0x7ffc0000 [ 1252.309059][ T27] audit: type=1326 audit(1779579596.225:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16692 comm="syz.0.2963" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd65b9ce59 code=0x7ffc0000 [ 1252.359758][ T27] audit: type=1326 audit(1779579596.225:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16692 comm="syz.0.2963" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=23 compat=0 ip=0x7fbd65b9ce59 code=0x7ffc0000 [ 1252.652996][T16695] syzkaller0: entered promiscuous mode [ 1252.658560][T16695] syzkaller0: entered allmulticast mode [ 1252.795210][ T28] hub 5-1:0.0: activate --> -90 [ 1252.928446][T14079] asix 4-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 1252.965608][T14079] asix 4-1:0.251 (unnamed net_device) (uninitialized): Failed to read software interface selection register: -71 [ 1253.002098][ T1769] usb 5-1: USB disconnect, device number 5 [ 1253.021983][T14036] hub 5-1:0.0: hub_ext_port_status failed (err = -71) [ 1253.050986][T14079] asix: probe of 4-1:0.251 failed with error -71 [ 1253.084900][T14079] usb 4-1: USB disconnect, device number 10 [ 1253.875806][T14079] hid-generic 0006:0008:0001.0009: unknown main item tag 0x0 [ 1253.883354][T14079] hid-generic 0006:0008:0001.0009: unknown main item tag 0x0 [ 1253.902998][T14079] hid-generic 0006:0008:0001.0009: unknown main item tag 0x0 [ 1253.912417][T14079] hid-generic 0006:0008:0001.0009: unknown main item tag 0x0 [ 1253.923356][T14079] hid-generic 0006:0008:0001.0009: unknown main item tag 0x0 [ 1253.930855][T14079] hid-generic 0006:0008:0001.0009: unknown main item tag 0x0 [ 1253.938395][T14079] hid-generic 0006:0008:0001.0009: unknown main item tag 0x0 [ 1253.951301][T14079] hid-generic 0006:0008:0001.0009: unknown main item tag 0x0 [ 1253.958737][T14079] hid-generic 0006:0008:0001.0009: unknown main item tag 0x0 [ 1253.977147][T14079] hid-generic 0006:0008:0001.0009: unknown main item tag 0x0 [ 1253.990144][T14079] hid-generic 0006:0008:0001.0009: unknown main item tag 0x0 [ 1253.997957][T14079] hid-generic 0006:0008:0001.0009: unknown main item tag 0x0 [ 1254.006047][T14079] hid-generic 0006:0008:0001.0009: unknown main item tag 0x0 [ 1254.013796][T14079] hid-generic 0006:0008:0001.0009: unknown main item tag 0x0 [ 1254.023164][T14079] hid-generic 0006:0008:0001.0009: unknown main item tag 0x0 [ 1254.031207][T14079] hid-generic 0006:0008:0001.0009: unknown main item tag 0x0 [ 1254.038624][T14079] hid-generic 0006:0008:0001.0009: unknown main item tag 0x0 [ 1254.048282][T14079] hid-generic 0006:0008:0001.0009: hidraw0: VIRTUAL HID v0.04 Device [syz1] on syz0 [ 1254.169404][ T28] usb 4-1: new low-speed USB device number 11 using dummy_hcd [ 1254.361247][ T28] usb 4-1: unable to get BOS descriptor or descriptor too short [ 1254.373860][ T28] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1254.384217][ T28] usb 4-1: config 1 interface 0 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 1254.397360][ T28] usb 4-1: config 1 interface 0 has no altsetting 0 [ 1254.406721][ T28] usb 4-1: string descriptor 0 read error: -22 [ 1254.413327][ T28] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1254.422900][ T28] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1254.440450][ T28] usb 4-1: bad CDC descriptors [ 1254.577242][T16727] syzkaller0: entered promiscuous mode [ 1254.582926][T16727] syzkaller0: entered allmulticast mode [ 1254.660566][T14036] usb 4-1: USB disconnect, device number 11 [ 1256.095986][T16743] overlayfs: missing 'lowerdir' [ 1257.783783][T14036] hid-generic 0006:0008:0001.000A: unknown main item tag 0x0 [ 1257.809097][T14036] hid-generic 0006:0008:0001.000A: unknown main item tag 0x0 [ 1257.816563][T14036] hid-generic 0006:0008:0001.000A: unknown main item tag 0x0 [ 1257.817882][T16760] loop4: detected capacity change from 0 to 128 [ 1257.844254][T14036] hid-generic 0006:0008:0001.000A: unknown main item tag 0x0 [ 1257.855596][T14036] hid-generic 0006:0008:0001.000A: unknown main item tag 0x0 [ 1257.864134][T16760] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 1257.882290][T14036] hid-generic 0006:0008:0001.000A: unknown main item tag 0x0 [ 1257.886879][T16763] Trying to write to read-only block-device nullb0 [ 1257.892985][T14036] hid-generic 0006:0008:0001.000A: unknown main item tag 0x0 [ 1257.907991][T14036] hid-generic 0006:0008:0001.000A: unknown main item tag 0x0 [ 1257.920959][T14036] hid-generic 0006:0008:0001.000A: unknown main item tag 0x0 [ 1257.928388][T14036] hid-generic 0006:0008:0001.000A: unknown main item tag 0x0 [ 1257.938155][T14036] hid-generic 0006:0008:0001.000A: unknown main item tag 0x0 [ 1257.961703][T14036] hid-generic 0006:0008:0001.000A: unknown main item tag 0x0 [ 1257.970447][T14036] hid-generic 0006:0008:0001.000A: unknown main item tag 0x0 [ 1257.977860][T14036] hid-generic 0006:0008:0001.000A: unknown main item tag 0x0 [ 1257.993859][T16760] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1258.040392][T14036] hid-generic 0006:0008:0001.000A: unknown main item tag 0x0 [ 1258.077014][ T27] audit: type=1800 audit(1779579602.185:35): pid=16760 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2984" name="file1" dev="loop4" ino=104 res=0 errno=0 [ 1258.117488][T14036] hid-generic 0006:0008:0001.000A: unknown main item tag 0x0 [ 1258.137371][T14036] hid-generic 0006:0008:0001.000A: unknown main item tag 0x0 [ 1258.306824][T14036] hid-generic 0006:0008:0001.000A: hidraw0: VIRTUAL HID v0.04 Device [syz1] on syz0 [ 1258.905084][T16775] can0: slcan on pty26. [ 1258.938837][T16769] fido_id[16769]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 1259.129877][T16774] can0 (unregistered): slcan off pty26. [ 1259.241394][T16783] syzkaller0: entered promiscuous mode [ 1259.253588][T16783] syzkaller0: entered allmulticast mode [ 1260.845666][ T27] audit: type=1326 audit(1779579604.945:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16814 comm="syz.4.2995" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31ff19ce59 code=0x7fc00000 [ 1260.908665][T16827] Driver unsupported XDP return value 0 on prog (id 66) dev N/A, expect packet loss! [ 1261.063913][T14036] hid-generic 0006:0008:0001.000B: unknown main item tag 0x0 [ 1261.079206][T14036] hid-generic 0006:0008:0001.000B: unknown main item tag 0x0 [ 1261.091747][T14036] hid-generic 0006:0008:0001.000B: unknown main item tag 0x0 [ 1261.100605][T14036] hid-generic 0006:0008:0001.000B: unknown main item tag 0x0 [ 1261.108027][T14036] hid-generic 0006:0008:0001.000B: unknown main item tag 0x0 [ 1261.117923][T14036] hid-generic 0006:0008:0001.000B: unknown main item tag 0x0 [ 1261.125468][T14036] hid-generic 0006:0008:0001.000B: unknown main item tag 0x0 [ 1261.136148][T14036] hid-generic 0006:0008:0001.000B: unknown main item tag 0x0 [ 1261.148035][T14036] hid-generic 0006:0008:0001.000B: unknown main item tag 0x0 [ 1261.158749][T14036] hid-generic 0006:0008:0001.000B: unknown main item tag 0x0 [ 1261.166289][T14036] hid-generic 0006:0008:0001.000B: unknown main item tag 0x0 [ 1261.177947][T14036] hid-generic 0006:0008:0001.000B: unknown main item tag 0x0 [ 1261.185479][T14036] hid-generic 0006:0008:0001.000B: unknown main item tag 0x0 [ 1261.193267][T14036] hid-generic 0006:0008:0001.000B: unknown main item tag 0x0 [ 1261.200770][T14036] hid-generic 0006:0008:0001.000B: unknown main item tag 0x0 [ 1261.208185][T14036] hid-generic 0006:0008:0001.000B: unknown main item tag 0x0 [ 1261.215802][T14036] hid-generic 0006:0008:0001.000B: unknown main item tag 0x0 [ 1261.227482][T14036] hid-generic 0006:0008:0001.000B: hidraw0: VIRTUAL HID v0.04 Device [syz1] on syz0 [ 1263.157765][T16854] loop3: detected capacity change from 0 to 512 [ 1263.339145][T14036] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 1263.353834][T16856] kvm: user requested TSC rate below hardware speed [ 1263.443440][T16859] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3008'. [ 1263.508650][T16860] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3008'. [ 1263.559985][T14036] usb 2-1: Using ep0 maxpacket: 8 [ 1263.566813][T14036] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1263.583654][T14036] usb 2-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 1263.594857][T14036] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1263.607911][T14036] usb 2-1: config 0 descriptor?? [ 1263.626292][T14036] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 1263.660068][T16862] syzkaller0: entered promiscuous mode [ 1263.665615][T16862] syzkaller0: entered allmulticast mode [ 1263.836613][ T1769] hid-generic 0006:0008:0001.000C: unknown main item tag 0x0 [ 1263.844253][ T1769] hid-generic 0006:0008:0001.000C: unknown main item tag 0x0 [ 1263.851924][ T1769] hid-generic 0006:0008:0001.000C: unknown main item tag 0x0 [ 1263.859406][ T1769] hid-generic 0006:0008:0001.000C: unknown main item tag 0x0 [ 1263.866851][ T1769] hid-generic 0006:0008:0001.000C: unknown main item tag 0x0 [ 1263.875740][ T1769] hid-generic 0006:0008:0001.000C: unknown main item tag 0x0 [ 1263.890077][ T1769] hid-generic 0006:0008:0001.000C: unknown main item tag 0x0 [ 1263.897560][ T1769] hid-generic 0006:0008:0001.000C: unknown main item tag 0x0 [ 1263.905161][ T1769] hid-generic 0006:0008:0001.000C: unknown main item tag 0x0 [ 1263.920931][ T1769] hid-generic 0006:0008:0001.000C: unknown main item tag 0x0 [ 1263.928453][ T1769] hid-generic 0006:0008:0001.000C: unknown main item tag 0x0 [ 1263.938094][ T1769] hid-generic 0006:0008:0001.000C: unknown main item tag 0x0 [ 1263.946931][ T1769] hid-generic 0006:0008:0001.000C: unknown main item tag 0x0 [ 1263.954450][ T1769] hid-generic 0006:0008:0001.000C: unknown main item tag 0x0 [ 1263.962257][ T1769] hid-generic 0006:0008:0001.000C: unknown main item tag 0x0 [ 1263.969842][ T1769] hid-generic 0006:0008:0001.000C: unknown main item tag 0x0 [ 1263.977343][ T1769] hid-generic 0006:0008:0001.000C: unknown main item tag 0x0 [ 1263.988430][ T1769] hid-generic 0006:0008:0001.000C: hidraw0: VIRTUAL HID v0.04 Device [syz1] on syz0 [ 1265.067699][ T1769] usb 2-1: USB disconnect, device number 9 [ 1265.080213][ T8381] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 1265.270513][ T8381] usb 1-1: Using ep0 maxpacket: 32 [ 1265.277656][ T8381] usb 1-1: config 0 has an invalid descriptor of length 100, skipping remainder of the config [ 1265.291548][ T8381] usb 1-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 1265.309134][ T8381] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1265.317217][ T8381] usb 1-1: Product: syz [ 1265.329076][ T8381] usb 1-1: Manufacturer: syz [ 1265.333738][ T8381] usb 1-1: SerialNumber: syz [ 1265.344754][ T8381] usb 1-1: config 0 descriptor?? [ 1265.622901][ T8381] usb 1-1: USB disconnect, device number 7 [ 1266.793448][T16893] loop1: detected capacity change from 0 to 8 [ 1268.401744][T14036] hid-generic 0006:0008:0001.000D: unknown main item tag 0x0 [ 1268.405755][T16900] syzkaller0: entered promiscuous mode [ 1268.422312][T16900] syzkaller0: entered allmulticast mode [ 1268.429102][T14036] hid-generic 0006:0008:0001.000D: unknown main item tag 0x0 [ 1268.436532][T14036] hid-generic 0006:0008:0001.000D: unknown main item tag 0x0 [ 1268.460983][T14036] hid-generic 0006:0008:0001.000D: unknown main item tag 0x0 [ 1268.468653][T14036] hid-generic 0006:0008:0001.000D: unknown main item tag 0x0 [ 1268.485772][T14036] hid-generic 0006:0008:0001.000D: unknown main item tag 0x0 [ 1268.499446][T14036] hid-generic 0006:0008:0001.000D: unknown main item tag 0x0 [ 1268.519081][T14036] hid-generic 0006:0008:0001.000D: unknown main item tag 0x0 [ 1268.526531][T14036] hid-generic 0006:0008:0001.000D: unknown main item tag 0x0 [ 1268.545724][T14036] hid-generic 0006:0008:0001.000D: unknown main item tag 0x0 [ 1268.564052][T14036] hid-generic 0006:0008:0001.000D: unknown main item tag 0x0 [ 1268.579058][T14036] hid-generic 0006:0008:0001.000D: unknown main item tag 0x0 [ 1268.586546][T14036] hid-generic 0006:0008:0001.000D: unknown main item tag 0x0 [ 1268.594384][T14036] hid-generic 0006:0008:0001.000D: unknown main item tag 0x0 [ 1268.601897][T14036] hid-generic 0006:0008:0001.000D: unknown main item tag 0x0 [ 1268.633325][T14036] hid-generic 0006:0008:0001.000D: unknown main item tag 0x0 [ 1268.650849][T14036] hid-generic 0006:0008:0001.000D: unknown main item tag 0x0 [ 1268.674979][T14036] hid-generic 0006:0008:0001.000D: hidraw0: VIRTUAL HID v0.04 Device [syz1] on syz0 [ 1268.938853][T16914] fuse: Bad value for 'fd' [ 1272.321376][T16937] syzkaller0: entered promiscuous mode [ 1272.326947][T16937] syzkaller0: entered allmulticast mode [ 1272.480068][ T8381] hid-generic 0006:0008:0001.000E: unknown main item tag 0x0 [ 1272.497749][ T8381] hid-generic 0006:0008:0001.000E: unknown main item tag 0x0 [ 1272.510191][ T8381] hid-generic 0006:0008:0001.000E: unknown main item tag 0x0 [ 1272.517667][ T8381] hid-generic 0006:0008:0001.000E: unknown main item tag 0x0 [ 1272.525207][ T8381] hid-generic 0006:0008:0001.000E: unknown main item tag 0x0 [ 1272.562689][ T8381] hid-generic 0006:0008:0001.000E: unknown main item tag 0x0 [ 1272.585746][ T8381] hid-generic 0006:0008:0001.000E: unknown main item tag 0x0 [ 1272.606694][ T8381] hid-generic 0006:0008:0001.000E: unknown main item tag 0x0 [ 1272.642888][ T8381] hid-generic 0006:0008:0001.000E: unknown main item tag 0x0 [ 1272.660569][ T8381] hid-generic 0006:0008:0001.000E: unknown main item tag 0x0 [ 1272.682323][ T8381] hid-generic 0006:0008:0001.000E: unknown main item tag 0x0 [ 1272.709222][ T8381] hid-generic 0006:0008:0001.000E: unknown main item tag 0x0 [ 1272.735965][ T8381] hid-generic 0006:0008:0001.000E: unknown main item tag 0x0 [ 1272.763156][ T8381] hid-generic 0006:0008:0001.000E: unknown main item tag 0x0 [ 1272.777992][ T8381] hid-generic 0006:0008:0001.000E: unknown main item tag 0x0 [ 1272.809137][ T8381] hid-generic 0006:0008:0001.000E: unknown main item tag 0x0 [ 1272.816588][ T8381] hid-generic 0006:0008:0001.000E: unknown main item tag 0x0 [ 1272.852818][ T8381] hid-generic 0006:0008:0001.000E: hidraw0: VIRTUAL HID v0.04 Device [syz1] on syz0 [ 1273.432766][T16972] xt_l2tp: v2 doesn't support IP mode [ 1275.523098][T14036] hid-generic 0006:0008:0001.000F: unknown main item tag 0x0 [ 1275.539744][T14079] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 1275.540221][T14036] hid-generic 0006:0008:0001.000F: unknown main item tag 0x0 [ 1275.579254][T14036] hid-generic 0006:0008:0001.000F: unknown main item tag 0x0 [ 1275.589293][T14036] hid-generic 0006:0008:0001.000F: unknown main item tag 0x0 [ 1275.596813][T14036] hid-generic 0006:0008:0001.000F: unknown main item tag 0x0 [ 1275.605265][T14036] hid-generic 0006:0008:0001.000F: unknown main item tag 0x0 [ 1275.613129][T14036] hid-generic 0006:0008:0001.000F: unknown main item tag 0x0 [ 1275.621358][T14036] hid-generic 0006:0008:0001.000F: unknown main item tag 0x0 [ 1275.628852][T14036] hid-generic 0006:0008:0001.000F: unknown main item tag 0x0 [ 1275.636735][T14036] hid-generic 0006:0008:0001.000F: unknown main item tag 0x0 [ 1275.644511][T14036] hid-generic 0006:0008:0001.000F: unknown main item tag 0x0 [ 1275.652248][T14036] hid-generic 0006:0008:0001.000F: unknown main item tag 0x0 [ 1275.660293][T14036] hid-generic 0006:0008:0001.000F: unknown main item tag 0x0 [ 1275.667793][T14036] hid-generic 0006:0008:0001.000F: unknown main item tag 0x0 [ 1275.675726][T14036] hid-generic 0006:0008:0001.000F: unknown main item tag 0x0 [ 1275.685086][T14036] hid-generic 0006:0008:0001.000F: unknown main item tag 0x0 [ 1275.693243][T14036] hid-generic 0006:0008:0001.000F: unknown main item tag 0x0 [ 1275.712210][T14036] hid-generic 0006:0008:0001.000F: hidraw0: VIRTUAL HID v0.04 Device [syz1] on syz0 [ 1275.742248][T14079] usb 1-1: Using ep0 maxpacket: 32 [ 1275.749123][ T8381] usb 2-1: new full-speed USB device number 10 using dummy_hcd [ 1275.751256][T14079] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1275.776540][T14079] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1275.786990][T14079] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 1275.800661][T14079] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1275.834284][T14079] usb 1-1: config 0 descriptor?? [ 1275.855168][T14079] hub 1-1:0.0: USB hub found [ 1275.941167][ T8381] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 95, setting to 64 [ 1275.956830][ T8381] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 1275.974863][ T8381] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1276.002857][ T8381] usb 2-1: config 0 descriptor?? [ 1276.008592][T16993] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 1276.050847][T14079] hub 1-1:0.0: 1 port detected [ 1276.060711][T17001] 8021q: adding VLAN 0 to HW filter on device bond1 [ 1276.158738][T17005] loop4: detected capacity change from 0 to 256 [ 1276.167221][T17005] FAT-fs (loop4): bogus logical sector size 128 [ 1276.179244][T17005] FAT-fs (loop4): Can't find a valid FAT filesystem [ 1276.252616][ T8381] ath6kl: Failed to submit usb control message: -71 [ 1276.268123][ T8381] ath6kl: unable to send the bmi data to the device: -71 [ 1276.299826][ T8381] ath6kl: Unable to send get target info: -71 [ 1276.395565][ T8381] ath6kl: Failed to init ath6kl core: -71 [ 1276.627871][ T8381] ath6kl_usb: probe of 2-1:0.0 failed with error -71 [ 1276.850709][ T8381] usb 2-1: USB disconnect, device number 10 [ 1277.869169][T17016] xt_l2tp: v2 doesn't support IP mode [ 1281.409038][ T9] hub 1-1:0.0: hub_ext_port_status failed (err = -71) [ 1281.417423][T14079] usb 1-1: USB disconnect, device number 8 [ 1281.823652][T14036] hid-generic 0006:0008:0001.0010: unknown main item tag 0x0 [ 1281.839836][T14036] hid-generic 0006:0008:0001.0010: unknown main item tag 0x0 [ 1281.862786][T14036] hid-generic 0006:0008:0001.0010: unknown main item tag 0x0 [ 1281.896245][T14036] hid-generic 0006:0008:0001.0010: unknown main item tag 0x0 [ 1281.910166][T14036] hid-generic 0006:0008:0001.0010: unknown main item tag 0x0 [ 1281.917964][T14036] hid-generic 0006:0008:0001.0010: unknown main item tag 0x0 [ 1281.935226][T14036] hid-generic 0006:0008:0001.0010: unknown main item tag 0x0 [ 1281.946834][T14036] hid-generic 0006:0008:0001.0010: unknown main item tag 0x0 [ 1281.960208][T14036] hid-generic 0006:0008:0001.0010: unknown main item tag 0x0 [ 1281.967951][T14036] hid-generic 0006:0008:0001.0010: unknown main item tag 0x0 [ 1282.169528][T14036] hid-generic 0006:0008:0001.0010: unknown main item tag 0x0 [ 1282.177625][T14036] hid-generic 0006:0008:0001.0010: unknown main item tag 0x0 [ 1282.185226][T14036] hid-generic 0006:0008:0001.0010: unknown main item tag 0x0 [ 1282.193344][T14036] hid-generic 0006:0008:0001.0010: unknown main item tag 0x0 [ 1282.200859][T14036] hid-generic 0006:0008:0001.0010: unknown main item tag 0x0 [ 1282.208272][T14036] hid-generic 0006:0008:0001.0010: unknown main item tag 0x0 [ 1282.215772][T14036] hid-generic 0006:0008:0001.0010: unknown main item tag 0x0 [ 1282.229646][T14036] hid-generic 0006:0008:0001.0010: hidraw0: VIRTUAL HID v0.04 Device [syz1] on syz0 [ 1282.239271][ T28] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 1282.301102][T17049] xt_l2tp: v2 doesn't support IP mode [ 1282.541124][ T28] usb 2-1: Using ep0 maxpacket: 16 [ 1282.913016][T14802] Bluetooth: hci4: unexpected subevent 0x03 length: 244 > 9 [ 1282.945328][ T28] usb 2-1: unable to get BOS descriptor or descriptor too short [ 1282.961211][ T28] usb 2-1: no configurations [ 1282.965860][ T28] usb 2-1: can't read configurations, error -22 [ 1283.008027][ T27] audit: type=1800 audit(1779579627.115:37): pid=17029 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3054" name="bus" dev="ramfs" ino=38816 res=0 errno=0 [ 1283.052757][T17052] loop3: detected capacity change from 0 to 256 [ 1283.070194][T17052] FAT-fs (loop3): Directory bread(block 1285) failed [ 1283.077258][T17052] FAT-fs (loop3): Directory bread(block 1286) failed [ 1283.102719][T17052] FAT-fs (loop3): Directory bread(block 1287) failed [ 1283.114008][T17052] FAT-fs (loop3): Directory bread(block 1288) failed [ 1283.123152][T17052] FAT-fs (loop3): Directory bread(block 1289) failed [ 1283.152378][T17052] FAT-fs (loop3): Directory bread(block 1290) failed [ 1283.179080][T17052] FAT-fs (loop3): Directory bread(block 1291) failed [ 1283.195317][T17052] FAT-fs (loop3): Directory bread(block 1292) failed [ 1283.202596][T17052] FAT-fs (loop3): Directory bread(block 1293) failed [ 1283.209857][T17052] FAT-fs (loop3): Directory bread(block 1294) failed [ 1283.527597][T17059] loop0: detected capacity change from 0 to 128 [ 1284.183412][T17061] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 1284.308286][T17061] FAT-fs (loop0): Filesystem has been set read-only [ 1285.502531][T17073] overlay: filesystem on ./file0 not supported as upperdir [ 1286.613777][ T9] hid-generic 0006:0008:0001.0011: unknown main item tag 0x0 [ 1286.624207][ T9] hid-generic 0006:0008:0001.0011: unknown main item tag 0x0 [ 1286.638991][ T9] hid-generic 0006:0008:0001.0011: unknown main item tag 0x0 [ 1286.656607][ T9] hid-generic 0006:0008:0001.0011: unknown main item tag 0x0 [ 1286.666619][ T9] hid-generic 0006:0008:0001.0011: unknown main item tag 0x0 [ 1286.684161][ T9] hid-generic 0006:0008:0001.0011: unknown main item tag 0x0 [ 1286.699025][ T9] hid-generic 0006:0008:0001.0011: unknown main item tag 0x0 [ 1286.706470][ T9] hid-generic 0006:0008:0001.0011: unknown main item tag 0x0 [ 1286.730502][ T9] hid-generic 0006:0008:0001.0011: unknown main item tag 0x0 [ 1286.737997][ T9] hid-generic 0006:0008:0001.0011: unknown main item tag 0x0 [ 1286.747039][ T9] hid-generic 0006:0008:0001.0011: unknown main item tag 0x0 [ 1286.768772][ T9] hid-generic 0006:0008:0001.0011: unknown main item tag 0x0 [ 1286.780886][ T9] hid-generic 0006:0008:0001.0011: unknown main item tag 0x0 [ 1286.788330][ T9] hid-generic 0006:0008:0001.0011: unknown main item tag 0x0 [ 1286.798309][ T9] hid-generic 0006:0008:0001.0011: unknown main item tag 0x0 [ 1286.808205][ T9] hid-generic 0006:0008:0001.0011: unknown main item tag 0x0 [ 1286.817955][ T9] hid-generic 0006:0008:0001.0011: unknown main item tag 0x0 [ 1286.827290][T17093] loop0: detected capacity change from 0 to 2048 [ 1286.838394][ T9] hid-generic 0006:0008:0001.0011: hidraw0: VIRTUAL HID v0.04 Device [syz1] on syz0 [ 1286.901998][T17093] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1286.944310][ T27] audit: type=1800 audit(1779579631.055:38): pid=17093 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3076" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 1287.007439][T14455] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1287.090186][T17104] loop0: detected capacity change from 0 to 256 [ 1287.106274][T17104] FAT-fs (loop0): Directory bread(block 1285) failed [ 1287.113870][T17104] FAT-fs (loop0): Directory bread(block 1286) failed [ 1287.123417][T17104] FAT-fs (loop0): Directory bread(block 1287) failed [ 1287.131885][T17104] FAT-fs (loop0): Directory bread(block 1288) failed [ 1287.138743][T17104] FAT-fs (loop0): Directory bread(block 1289) failed [ 1287.145996][T17104] FAT-fs (loop0): Directory bread(block 1290) failed [ 1287.153258][T17104] FAT-fs (loop0): Directory bread(block 1291) failed [ 1287.161207][T17104] FAT-fs (loop0): Directory bread(block 1292) failed [ 1287.172671][T17104] FAT-fs (loop0): Directory bread(block 1293) failed [ 1287.179602][T17104] FAT-fs (loop0): Directory bread(block 1294) failed [ 1287.350828][T17109] overlay: filesystem on ./file0 not supported as upperdir [ 1287.584553][T17116] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3082'. [ 1287.670785][T17112] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1287.678293][T17112] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1287.719265][T17112] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1287.728859][T17112] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 1287.761256][T17112] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1287.769579][T17112] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1287.785203][T17112] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1287.793823][T17112] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 1287.805655][T17112] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 1287.825379][T17125] loop3: detected capacity change from 0 to 4096 [ 1287.867924][T17125] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 1287.950022][T17127] loop1: detected capacity change from 0 to 2048 [ 1287.997191][T17127] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1288.066464][T14307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1288.184958][T17134] loop1: detected capacity change from 0 to 256 [ 1288.194350][T17134] FAT-fs (loop1): Directory bread(block 1285) failed [ 1288.201873][T17134] FAT-fs (loop1): Directory bread(block 1286) failed [ 1288.214836][T17134] FAT-fs (loop1): Directory bread(block 1287) failed [ 1288.222519][T17134] FAT-fs (loop1): Directory bread(block 1288) failed [ 1288.231102][T17134] FAT-fs (loop1): Directory bread(block 1289) failed [ 1288.237896][T17134] FAT-fs (loop1): Directory bread(block 1290) failed [ 1288.246650][T17134] FAT-fs (loop1): Directory bread(block 1291) failed [ 1288.253543][T17134] FAT-fs (loop1): Directory bread(block 1292) failed [ 1288.260413][T17134] FAT-fs (loop1): Directory bread(block 1293) failed [ 1288.267116][T17134] FAT-fs (loop1): Directory bread(block 1294) failed [ 1288.507506][T17137] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3091'. [ 1289.507374][T14079] hid-generic 0006:0008:0001.0012: unknown main item tag 0x0 [ 1289.516443][T14079] hid-generic 0006:0008:0001.0012: unknown main item tag 0x0 [ 1289.523965][T14079] hid-generic 0006:0008:0001.0012: unknown main item tag 0x0 [ 1289.531557][T14079] hid-generic 0006:0008:0001.0012: unknown main item tag 0x0 [ 1289.540366][T14079] hid-generic 0006:0008:0001.0012: unknown main item tag 0x0 [ 1289.553238][T14079] hid-generic 0006:0008:0001.0012: unknown main item tag 0x0 [ 1289.560706][T14079] hid-generic 0006:0008:0001.0012: unknown main item tag 0x0 [ 1289.568134][T14079] hid-generic 0006:0008:0001.0012: unknown main item tag 0x0 [ 1289.578369][T14079] hid-generic 0006:0008:0001.0012: unknown main item tag 0x0 [ 1289.586941][T14079] hid-generic 0006:0008:0001.0012: unknown main item tag 0x0 [ 1289.594554][T14079] hid-generic 0006:0008:0001.0012: unknown main item tag 0x0 [ 1289.602386][T14079] hid-generic 0006:0008:0001.0012: unknown main item tag 0x0 [ 1289.610126][T14079] hid-generic 0006:0008:0001.0012: unknown main item tag 0x0 [ 1289.617542][T14079] hid-generic 0006:0008:0001.0012: unknown main item tag 0x0 [ 1289.625066][T14079] hid-generic 0006:0008:0001.0012: unknown main item tag 0x0 [ 1289.632515][T14079] hid-generic 0006:0008:0001.0012: unknown main item tag 0x0 [ 1289.639952][T14079] hid-generic 0006:0008:0001.0012: unknown main item tag 0x0 [ 1289.648498][T14079] hid-generic 0006:0008:0001.0012: hidraw0: VIRTUAL HID v0.04 Device [syz1] on syz0 [ 1289.699978][T14802] Bluetooth: hci4: command 0x0406 tx timeout [ 1289.780242][T12714] Bluetooth: hci0: command 0x0406 tx timeout [ 1289.788696][T14802] Bluetooth: hci3: command 0x0406 tx timeout [ 1289.796359][T17111] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 1289.859029][T14802] Bluetooth: hci2: command 0x0c1a tx timeout [ 1290.112923][T17160] loop4: detected capacity change from 0 to 256 [ 1290.141532][T17160] FAT-fs (loop4): Directory bread(block 1285) failed [ 1290.160292][T17160] FAT-fs (loop4): Directory bread(block 1286) failed [ 1290.180596][T17160] FAT-fs (loop4): Directory bread(block 1287) failed [ 1290.187553][T17160] FAT-fs (loop4): Directory bread(block 1288) failed [ 1290.202913][T17160] FAT-fs (loop4): Directory bread(block 1289) failed [ 1290.211181][T17160] FAT-fs (loop4): Directory bread(block 1290) failed [ 1290.217991][T17160] FAT-fs (loop4): Directory bread(block 1291) failed [ 1290.225007][T17160] FAT-fs (loop4): Directory bread(block 1292) failed [ 1290.234223][T17160] FAT-fs (loop4): Directory bread(block 1293) failed [ 1290.256324][T17160] FAT-fs (loop4): Directory bread(block 1294) failed [ 1291.354738][T17171] loop1: detected capacity change from 0 to 128 [ 1291.474187][T17176] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3104'. [ 1291.859277][T12714] Bluetooth: hci0: command 0x0406 tx timeout [ 1291.865531][T14802] Bluetooth: hci3: command 0x0406 tx timeout [ 1291.949065][T14802] Bluetooth: hci2: command 0x0c1a tx timeout [ 1292.231502][T17175] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1292.237657][T17175] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1292.245020][T17175] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1292.251452][T17175] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1292.406621][ T28] hid-generic 0006:0008:0001.0013: unknown main item tag 0x0 [ 1292.414752][ T28] hid-generic 0006:0008:0001.0013: unknown main item tag 0x0 [ 1292.423599][ T28] hid-generic 0006:0008:0001.0013: unknown main item tag 0x0 [ 1292.431188][ T28] hid-generic 0006:0008:0001.0013: unknown main item tag 0x0 [ 1292.438595][ T28] hid-generic 0006:0008:0001.0013: unknown main item tag 0x0 [ 1292.446139][ T28] hid-generic 0006:0008:0001.0013: unknown main item tag 0x0 [ 1292.453588][ T28] hid-generic 0006:0008:0001.0013: unknown main item tag 0x0 [ 1292.461078][ T28] hid-generic 0006:0008:0001.0013: unknown main item tag 0x0 [ 1292.468729][ T28] hid-generic 0006:0008:0001.0013: unknown main item tag 0x0 [ 1292.477501][ T28] hid-generic 0006:0008:0001.0013: unknown main item tag 0x0 [ 1292.484969][ T28] hid-generic 0006:0008:0001.0013: unknown main item tag 0x0 [ 1292.492509][ T28] hid-generic 0006:0008:0001.0013: unknown main item tag 0x0 [ 1292.501976][ T28] hid-generic 0006:0008:0001.0013: unknown main item tag 0x0 [ 1292.509514][ T28] hid-generic 0006:0008:0001.0013: unknown main item tag 0x0 [ 1292.516914][ T28] hid-generic 0006:0008:0001.0013: unknown main item tag 0x0 [ 1292.524351][ T28] hid-generic 0006:0008:0001.0013: unknown main item tag 0x0 [ 1292.531773][ T28] hid-generic 0006:0008:0001.0013: unknown main item tag 0x0 [ 1292.541917][ T28] hid-generic 0006:0008:0001.0013: hidraw0: VIRTUAL HID v0.04 Device [syz1] on syz0 [ 1292.659145][ T9] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 1292.839059][ T9] usb 4-1: Using ep0 maxpacket: 32 [ 1292.845691][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1292.856663][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1292.866539][ T9] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 1292.878980][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1292.893692][ T9] usb 4-1: config 0 descriptor?? [ 1292.902958][ T9] hub 4-1:0.0: USB hub found [ 1293.539019][T14802] Bluetooth: hci4: command 0x0406 tx timeout [ 1293.875012][ T9] hub 4-1:0.0: 1 port detected [ 1293.930090][T17210] loop1: detected capacity change from 0 to 2048 [ 1293.969015][T17210] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1294.061731][T17217] loop4: detected capacity change from 0 to 512 [ 1294.090125][T17217] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1294.099708][T14307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1294.109794][T17217] EXT4-fs: Ignoring removed bh option [ 1294.162538][T17217] EXT4-fs error (device loop4): mb_free_blocks:1970: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 1294.200279][T17217] EXT4-fs error (device loop4): ext4_do_update_inode:5255: inode #11: comm syz.4.3116: corrupted inode contents [ 1294.215709][T17217] EXT4-fs error (device loop4): ext4_dirty_inode:6143: inode #11: comm syz.4.3116: mark_inode_dirty error [ 1294.228895][T17217] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.3116: invalid indirect mapped block 1 (level 1) [ 1294.246821][T17217] EXT4-fs error (device loop4): ext4_do_update_inode:5255: inode #11: comm syz.4.3116: corrupted inode contents [ 1294.269179][T14802] Bluetooth: hci2: command 0x0c1a tx timeout [ 1294.275324][T12714] Bluetooth: hci3: command 0x0406 tx timeout [ 1294.281686][ T5769] Bluetooth: hci0: command 0x0406 tx timeout [ 1294.287789][T17175] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 1294.290629][T17217] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem [ 1294.296582][ T28] usb 4-1: USB disconnect, device number 12 [ 1294.314048][T17217] EXT4-fs error (device loop4): ext4_do_update_inode:5255: inode #11: comm syz.4.3116: corrupted inode contents [ 1294.326730][T17217] EXT4-fs error (device loop4): ext4_truncate:4301: inode #11: comm syz.4.3116: mark_inode_dirty error [ 1294.350589][T17217] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem [ 1294.383473][T17217] EXT4-fs (loop4): 1 truncate cleaned up [ 1294.391947][T17217] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1295.063820][T16047] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1295.121773][T14079] hid-generic 0006:0008:0001.0014: unknown main item tag 0x0 [ 1295.129406][T14079] hid-generic 0006:0008:0001.0014: unknown main item tag 0x0 [ 1295.136950][T14079] hid-generic 0006:0008:0001.0014: unknown main item tag 0x0 [ 1295.144849][T14079] hid-generic 0006:0008:0001.0014: unknown main item tag 0x0 [ 1295.152709][T14079] hid-generic 0006:0008:0001.0014: unknown main item tag 0x0 [ 1295.161360][T14079] hid-generic 0006:0008:0001.0014: unknown main item tag 0x0 [ 1295.168896][T14079] hid-generic 0006:0008:0001.0014: unknown main item tag 0x0 [ 1295.177741][T14079] hid-generic 0006:0008:0001.0014: unknown main item tag 0x0 [ 1295.185462][T14079] hid-generic 0006:0008:0001.0014: unknown main item tag 0x0 [ 1295.193019][T14079] hid-generic 0006:0008:0001.0014: unknown main item tag 0x0 [ 1295.200750][T14079] hid-generic 0006:0008:0001.0014: unknown main item tag 0x0 [ 1295.210479][T14079] hid-generic 0006:0008:0001.0014: unknown main item tag 0x0 [ 1295.218173][T14079] hid-generic 0006:0008:0001.0014: unknown main item tag 0x0 [ 1295.225867][T14079] hid-generic 0006:0008:0001.0014: unknown main item tag 0x0 [ 1295.233470][T14079] hid-generic 0006:0008:0001.0014: unknown main item tag 0x0 [ 1295.241070][T14079] hid-generic 0006:0008:0001.0014: unknown main item tag 0x0 [ 1295.248542][T14079] hid-generic 0006:0008:0001.0014: unknown main item tag 0x0 [ 1295.257287][T14079] hid-generic 0006:0008:0001.0014: hidraw0: VIRTUAL HID v0.04 Device [syz1] on syz0 [ 1295.509476][ T28] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 1296.139157][ T28] usb 5-1: device descriptor read/64, error -71 [ 1296.339066][T12714] Bluetooth: hci0: command 0x0406 tx timeout [ 1296.449217][ T28] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 1296.462878][T17252] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3127'. [ 1296.619126][ T28] usb 5-1: device descriptor read/64, error -71 [ 1296.739506][ T28] usb usb5-port1: attempt power cycle [ 1297.159169][ T28] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 1297.199693][ T28] usb 5-1: device descriptor read/8, error -71 [ 1297.233138][T17249] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1297.239522][T17249] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1297.245587][T17249] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1297.251858][T17249] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1297.346604][T17257] loop3: detected capacity change from 0 to 512 [ 1297.377950][T17257] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1297.399011][T17257] EXT4-fs: Ignoring removed bh option [ 1297.424746][T17257] EXT4-fs error (device loop3): mb_free_blocks:1970: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 1297.433179][T17259] loop1: detected capacity change from 0 to 512 [ 1297.439692][T17257] EXT4-fs error (device loop3): ext4_do_update_inode:5255: inode #11: comm syz.3.3129: corrupted inode contents [ 1297.458681][T17259] EXT4-fs: Ignoring removed i_version option [ 1297.464847][T17257] EXT4-fs error (device loop3): ext4_dirty_inode:6143: inode #11: comm syz.3.3129: mark_inode_dirty error [ 1297.476832][T17257] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.3129: invalid indirect mapped block 1 (level 1) [ 1297.493759][ T28] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 1297.502748][T17257] EXT4-fs error (device loop3): ext4_do_update_inode:5255: inode #11: comm syz.3.3129: corrupted inode contents [ 1297.515624][T17257] EXT4-fs error (device loop3) in ext4_orphan_del:303: Corrupt filesystem [ 1297.517872][T17259] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1297.536438][T17257] EXT4-fs error (device loop3): ext4_do_update_inode:5255: inode #11: comm syz.3.3129: corrupted inode contents [ 1297.540143][T17259] ext4 filesystem being mounted at /230/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1297.549837][ T28] usb 5-1: device descriptor read/8, error -71 [ 1297.569430][T17257] EXT4-fs error (device loop3): ext4_truncate:4301: inode #11: comm syz.3.3129: mark_inode_dirty error [ 1297.591958][T17257] EXT4-fs error (device loop3) in ext4_process_orphan:345: Corrupt filesystem [ 1297.605553][T17257] EXT4-fs (loop3): 1 truncate cleaned up [ 1297.613052][T17257] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1297.763407][T14307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1297.803180][ T28] usb usb5-port1: unable to enumerate USB device [ 1297.855205][ C1] sd 0:0:1:0: [sda] tag#1217 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 1297.865868][ C1] sd 0:0:1:0: [sda] tag#1217 CDB: Read(6) 08 00 00 fc 01 80 00 00 00 00 00 00 [ 1298.476659][T14733] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1298.495738][ T28] hid-generic 0006:0008:0001.0015: unknown main item tag 0x0 [ 1298.502752][ T5769] Bluetooth: hci4: command 0x0406 tx timeout [ 1298.504362][ T28] hid-generic 0006:0008:0001.0015: unknown main item tag 0x0 [ 1298.526317][ T28] hid-generic 0006:0008:0001.0015: unknown main item tag 0x0 [ 1298.533898][ T28] hid-generic 0006:0008:0001.0015: unknown main item tag 0x0 [ 1298.535564][T17275] fuse: Unknown parameter 'grou00000000000000000000' [ 1298.542660][ T28] hid-generic 0006:0008:0001.0015: unknown main item tag 0x0 [ 1298.558545][ T28] hid-generic 0006:0008:0001.0015: unknown main item tag 0x0 [ 1298.566342][ T28] hid-generic 0006:0008:0001.0015: unknown main item tag 0x0 [ 1298.574042][ T28] hid-generic 0006:0008:0001.0015: unknown main item tag 0x0 [ 1298.581559][ T28] hid-generic 0006:0008:0001.0015: unknown main item tag 0x0 [ 1298.589158][ T28] hid-generic 0006:0008:0001.0015: unknown main item tag 0x0 [ 1298.596625][ T28] hid-generic 0006:0008:0001.0015: unknown main item tag 0x0 [ 1298.604468][ T28] hid-generic 0006:0008:0001.0015: unknown main item tag 0x0 [ 1298.619003][ T28] hid-generic 0006:0008:0001.0015: unknown main item tag 0x0 [ 1298.639061][ T28] hid-generic 0006:0008:0001.0015: unknown main item tag 0x0 [ 1298.656263][ T28] hid-generic 0006:0008:0001.0015: unknown main item tag 0x0 [ 1298.665417][ T28] hid-generic 0006:0008:0001.0015: unknown main item tag 0x0 [ 1298.677117][ T28] hid-generic 0006:0008:0001.0015: unknown main item tag 0x0 [ 1298.704989][ T28] hid-generic 0006:0008:0001.0015: hidraw0: VIRTUAL HID v0.04 Device [syz1] on syz0 [ 1298.882110][T17287] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3139'. [ 1298.894860][T17287] erspan1: entered promiscuous mode [ 1298.901066][T17287] erspan1: entered allmulticast mode [ 1299.299139][T17249] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 1299.299348][T12714] Bluetooth: hci2: command 0x0c1a tx timeout [ 1299.311423][ T5769] Bluetooth: hci3: command 0x0406 tx timeout [ 1299.317421][ T5769] Bluetooth: hci0: command 0x0406 tx timeout [ 1299.755327][T17287] syz.3.3139 (17287): drop_caches: 2 [ 1299.799309][ T5874] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 1299.856007][T17298] loop1: detected capacity change from 0 to 512 [ 1299.871272][T17298] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1299.904414][T17298] EXT4-fs: Ignoring removed bh option [ 1299.936215][T17298] EXT4-fs error (device loop1): mb_free_blocks:1970: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 1299.961959][T17298] EXT4-fs error (device loop1): ext4_do_update_inode:5255: inode #11: comm syz.1.3143: corrupted inode contents [ 1299.977669][T17303] fuse: Unknown parameter 'group_i00000000000000000000' [ 1299.979078][ T5874] usb 1-1: device descriptor read/64, error -71 [ 1299.984799][T17298] EXT4-fs error (device loop1): ext4_dirty_inode:6143: inode #11: comm syz.1.3143: mark_inode_dirty error [ 1300.002893][T17298] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.3143: invalid indirect mapped block 1 (level 1) [ 1300.056408][T17298] EXT4-fs error (device loop1): ext4_do_update_inode:5255: inode #11: comm syz.1.3143: corrupted inode contents [ 1300.077631][T17298] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem [ 1300.087027][T17298] EXT4-fs error (device loop1): ext4_do_update_inode:5255: inode #11: comm syz.1.3143: corrupted inode contents [ 1300.101856][T17298] EXT4-fs error (device loop1): ext4_truncate:4301: inode #11: comm syz.1.3143: mark_inode_dirty error [ 1300.113429][T17298] EXT4-fs error (device loop1) in ext4_process_orphan:345: Corrupt filesystem [ 1300.123401][T17298] EXT4-fs (loop1): 1 truncate cleaned up [ 1300.131020][T17298] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1300.338864][ T5874] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 1300.786135][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 1300.791640][T17313] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3148'. [ 1300.859143][ T5874] usb 1-1: device descriptor read/64, error -71 [ 1300.980537][ T5874] usb usb1-port1: attempt power cycle [ 1301.202224][T17310] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1301.208688][T17310] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1301.214977][T17310] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1301.221969][T17310] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1301.301661][T14307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1301.409160][ T5874] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 1301.451098][ T5874] usb 1-1: device descriptor read/8, error -71 [ 1301.729127][ T5874] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 1301.761940][ T5874] usb 1-1: device descriptor read/8, error -71 [ 1301.879801][ T5874] usb usb1-port1: unable to enumerate USB device [ 1301.912586][ T28] hid-generic 0006:0008:0001.0016: unknown main item tag 0x0 [ 1301.920919][ T28] hid-generic 0006:0008:0001.0016: unknown main item tag 0x0 [ 1301.928309][ T28] hid-generic 0006:0008:0001.0016: unknown main item tag 0x0 [ 1301.936147][ T28] hid-generic 0006:0008:0001.0016: unknown main item tag 0x0 [ 1301.943642][ T28] hid-generic 0006:0008:0001.0016: unknown main item tag 0x0 [ 1301.951101][ T28] hid-generic 0006:0008:0001.0016: unknown main item tag 0x0 [ 1301.958496][ T28] hid-generic 0006:0008:0001.0016: unknown main item tag 0x0 [ 1301.966286][ T28] hid-generic 0006:0008:0001.0016: unknown main item tag 0x0 [ 1301.973750][ T28] hid-generic 0006:0008:0001.0016: unknown main item tag 0x0 [ 1301.982227][ T28] hid-generic 0006:0008:0001.0016: unknown main item tag 0x0 [ 1301.989687][ T28] hid-generic 0006:0008:0001.0016: unknown main item tag 0x0 [ 1301.997072][ T28] hid-generic 0006:0008:0001.0016: unknown main item tag 0x0 [ 1302.004635][ T28] hid-generic 0006:0008:0001.0016: unknown main item tag 0x0 [ 1302.012164][ T28] hid-generic 0006:0008:0001.0016: unknown main item tag 0x0 [ 1302.019675][ T28] hid-generic 0006:0008:0001.0016: unknown main item tag 0x0 [ 1302.027059][ T28] hid-generic 0006:0008:0001.0016: unknown main item tag 0x0 [ 1302.034564][ T28] hid-generic 0006:0008:0001.0016: unknown main item tag 0x0 [ 1302.043114][ T28] hid-generic 0006:0008:0001.0016: hidraw0: VIRTUAL HID v0.04 Device [syz1] on syz0 [ 1302.425107][T17328] fuse: Unknown parameter 'group_i00000000000000000000' [ 1302.612525][T17334] loop0: detected capacity change from 0 to 512 [ 1302.620832][T17334] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1302.627467][T17334] EXT4-fs: Ignoring removed bh option [ 1302.645803][T17334] EXT4-fs error (device loop0): mb_free_blocks:1970: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 1302.680861][T17334] EXT4-fs error (device loop0): ext4_do_update_inode:5255: inode #11: comm syz.0.3157: corrupted inode contents [ 1302.704418][T17334] EXT4-fs error (device loop0): ext4_dirty_inode:6143: inode #11: comm syz.0.3157: mark_inode_dirty error [ 1302.725197][T17334] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.3157: invalid indirect mapped block 1 (level 1) [ 1302.766548][T17334] EXT4-fs error (device loop0): ext4_do_update_inode:5255: inode #11: comm syz.0.3157: corrupted inode contents [ 1302.784541][T17334] EXT4-fs error (device loop0) in ext4_orphan_del:303: Corrupt filesystem [ 1302.796321][T17334] EXT4-fs error (device loop0): ext4_do_update_inode:5255: inode #11: comm syz.0.3157: corrupted inode contents [ 1302.823742][T12714] Bluetooth: hci4: command 0x0406 tx timeout [ 1302.836054][T17334] EXT4-fs error (device loop0): ext4_truncate:4301: inode #11: comm syz.0.3157: mark_inode_dirty error [ 1302.851486][T17334] EXT4-fs error (device loop0) in ext4_process_orphan:345: Corrupt filesystem [ 1302.861202][T17334] EXT4-fs (loop0): 1 truncate cleaned up [ 1302.868360][T17334] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1302.874224][T17340] loop4: detected capacity change from 0 to 2048 [ 1303.047925][T17340] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1303.048152][T16309] udevd[16309]: incorrect nilfs2 checksum on /dev/loop4 [ 1303.057767][T17340] NILFS (loop4): mounting unchecked fs [ 1303.085729][T17340] NILFS (loop4): recovery complete [ 1303.219091][T12714] Bluetooth: hci3: command 0x0406 tx timeout [ 1303.225438][T12714] Bluetooth: hci0: command 0x0406 tx timeout [ 1303.235162][T17310] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 1303.299016][T12714] Bluetooth: hci2: command 0x0c1a tx timeout [ 1303.595038][T14455] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1303.596458][T16261] udevd[16261]: incorrect nilfs2 checksum on /dev/loop4 [ 1303.615092][T17346] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1303.933487][T17357] fuse: Unknown parameter 'group_i00000000000000000000' [ 1304.025408][T17360] fuse: Bad value for 'group_id' [ 1304.065148][ T28] hid-generic 0006:0008:0001.0017: unknown main item tag 0x0 [ 1304.087576][ T28] hid-generic 0006:0008:0001.0017: unknown main item tag 0x0 [ 1304.103604][ T28] hid-generic 0006:0008:0001.0017: unknown main item tag 0x0 [ 1304.113105][ T28] hid-generic 0006:0008:0001.0017: unknown main item tag 0x0 [ 1304.120863][ T28] hid-generic 0006:0008:0001.0017: unknown main item tag 0x0 [ 1304.131925][ T28] hid-generic 0006:0008:0001.0017: unknown main item tag 0x0 [ 1304.139497][ T28] hid-generic 0006:0008:0001.0017: unknown main item tag 0x0 [ 1304.146954][ T28] hid-generic 0006:0008:0001.0017: unknown main item tag 0x0 [ 1304.154457][ T28] hid-generic 0006:0008:0001.0017: unknown main item tag 0x0 [ 1304.162269][ T28] hid-generic 0006:0008:0001.0017: unknown main item tag 0x0 [ 1304.169742][ T28] hid-generic 0006:0008:0001.0017: unknown main item tag 0x0 [ 1304.177169][ T28] hid-generic 0006:0008:0001.0017: unknown main item tag 0x0 [ 1304.185330][ T28] hid-generic 0006:0008:0001.0017: unknown main item tag 0x0 [ 1304.193570][ T28] hid-generic 0006:0008:0001.0017: unknown main item tag 0x0 [ 1304.201155][ T28] hid-generic 0006:0008:0001.0017: unknown main item tag 0x0 [ 1304.208593][ T28] hid-generic 0006:0008:0001.0017: unknown main item tag 0x0 [ 1304.209215][ T9] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 1304.216086][ T28] hid-generic 0006:0008:0001.0017: unknown main item tag 0x0 [ 1304.233149][ T28] hid-generic 0006:0008:0001.0017: hidraw0: VIRTUAL HID v0.04 Device [syz1] on syz0 [ 1304.369502][ T9] usb 4-1: device descriptor read/64, error -71 [ 1304.649052][ T9] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 1304.819239][ T9] usb 4-1: device descriptor read/64, error -71 [ 1304.919912][T17368] loop0: detected capacity change from 0 to 512 [ 1304.927176][T17368] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1304.934051][T17368] EXT4-fs: Ignoring removed bh option [ 1304.945247][T17363] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1304.952312][ T9] usb usb4-port1: attempt power cycle [ 1304.952391][T17363] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1304.966903][T17363] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1304.978104][T17368] EXT4-fs error (device loop0): mb_free_blocks:1970: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 1304.988569][T17363] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1305.003326][T17368] EXT4-fs error (device loop0): ext4_do_update_inode:5255: inode #11: comm syz.0.3169: corrupted inode contents [ 1305.019620][T17368] EXT4-fs error (device loop0): ext4_dirty_inode:6143: inode #11: comm syz.0.3169: mark_inode_dirty error [ 1305.032628][T17368] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.3169: invalid indirect mapped block 1 (level 1) [ 1305.046929][T17368] EXT4-fs error (device loop0): ext4_do_update_inode:5255: inode #11: comm syz.0.3169: corrupted inode contents [ 1305.062398][T17368] EXT4-fs error (device loop0) in ext4_orphan_del:303: Corrupt filesystem [ 1305.072568][T17368] EXT4-fs error (device loop0): ext4_do_update_inode:5255: inode #11: comm syz.0.3169: corrupted inode contents [ 1305.086714][T17368] EXT4-fs error (device loop0): ext4_truncate:4301: inode #11: comm syz.0.3169: mark_inode_dirty error [ 1305.098295][T17368] EXT4-fs error (device loop0) in ext4_process_orphan:345: Corrupt filesystem [ 1305.107822][T17368] EXT4-fs (loop0): 1 truncate cleaned up [ 1305.114400][T17368] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1305.564274][ T9] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 1305.861901][ T9] usb 4-1: device descriptor read/8, error -71 [ 1305.873590][T14455] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1306.149394][ T9] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 1306.169688][T17381] fuse: Unknown parameter 'group_id00000000000000000000' [ 1306.179501][ T5769] Bluetooth: hci4: command 0x0406 tx timeout [ 1306.199885][ T9] usb 4-1: device descriptor read/8, error -71 [ 1306.329341][ T9] usb usb4-port1: unable to enumerate USB device [ 1306.381851][T17385] fuse: Bad value for 'group_id' [ 1306.547737][ T28] hid-generic 0006:0008:0001.0018: unknown main item tag 0x0 [ 1306.555427][ T28] hid-generic 0006:0008:0001.0018: unknown main item tag 0x0 [ 1306.577362][ T28] hid-generic 0006:0008:0001.0018: unknown main item tag 0x0 [ 1306.584971][ T28] hid-generic 0006:0008:0001.0018: unknown main item tag 0x0 [ 1306.592483][ T28] hid-generic 0006:0008:0001.0018: unknown main item tag 0x0 [ 1306.600314][ T28] hid-generic 0006:0008:0001.0018: unknown main item tag 0x0 [ 1306.607799][ T28] hid-generic 0006:0008:0001.0018: unknown main item tag 0x0 [ 1306.615334][ T28] hid-generic 0006:0008:0001.0018: unknown main item tag 0x0 [ 1306.622812][ T28] hid-generic 0006:0008:0001.0018: unknown main item tag 0x0 [ 1306.630389][ T28] hid-generic 0006:0008:0001.0018: unknown main item tag 0x0 [ 1306.637795][ T28] hid-generic 0006:0008:0001.0018: unknown main item tag 0x0 [ 1306.645278][ T28] hid-generic 0006:0008:0001.0018: unknown main item tag 0x0 [ 1306.652780][ T28] hid-generic 0006:0008:0001.0018: unknown main item tag 0x0 [ 1306.660268][ T28] hid-generic 0006:0008:0001.0018: unknown main item tag 0x0 [ 1306.667697][ T28] hid-generic 0006:0008:0001.0018: unknown main item tag 0x0 [ 1306.678993][ T28] hid-generic 0006:0008:0001.0018: unknown main item tag 0x0 [ 1306.687226][ T28] hid-generic 0006:0008:0001.0018: unknown main item tag 0x0 [ 1306.699758][ T28] hid-generic 0006:0008:0001.0018: hidraw0: VIRTUAL HID v0.04 Device [syz1] on syz0 [ 1306.772089][T17391] fido_id[17391]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 1306.822652][T17375] syz.1.3171 (17375): drop_caches: 2 [ 1306.876774][T17393] loop1: detected capacity change from 0 to 512 [ 1306.885248][T17393] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1306.895869][T17393] EXT4-fs: Ignoring removed bh option [ 1306.909901][T17393] EXT4-fs error (device loop1): mb_free_blocks:1970: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 1306.978068][T17393] EXT4-fs error (device loop1): ext4_do_update_inode:5255: inode #11: comm syz.1.3178: corrupted inode contents [ 1306.992539][ T5769] Bluetooth: hci2: command 0x0c1a tx timeout [ 1306.998342][T12714] Bluetooth: hci3: command 0x0406 tx timeout [ 1306.998561][T14802] Bluetooth: hci0: command 0x0406 tx timeout [ 1307.008441][T17393] EXT4-fs error (device loop1): ext4_dirty_inode:6143: inode #11: comm syz.1.3178: mark_inode_dirty error [ 1307.010897][T17363] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 1307.037074][T17393] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.3178: invalid indirect mapped block 1 (level 1) [ 1307.051359][T17393] EXT4-fs error (device loop1): ext4_do_update_inode:5255: inode #11: comm syz.1.3178: corrupted inode contents [ 1307.068708][T17393] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem [ 1307.109382][T17393] EXT4-fs error (device loop1): ext4_do_update_inode:5255: inode #11: comm syz.1.3178: corrupted inode contents [ 1307.121994][T17393] EXT4-fs error (device loop1): ext4_truncate:4301: inode #11: comm syz.1.3178: mark_inode_dirty error [ 1307.133741][T17393] EXT4-fs error (device loop1) in ext4_process_orphan:345: Corrupt filesystem [ 1307.144231][T17393] EXT4-fs (loop1): 1 truncate cleaned up [ 1307.151388][T17393] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1307.409221][ T28] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 1307.930944][T14307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1307.958029][T17406] netlink: 'syz.0.3182': attribute type 36 has an invalid length. [ 1308.106775][ T28] usb 4-1: Using ep0 maxpacket: 16 [ 1308.123248][ T28] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 1308.161539][ T28] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 1308.171321][T17410] fuse: Bad value for 'group_id' [ 1308.179266][ T28] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1308.194087][ T28] usb 4-1: Product: syz [ 1308.214611][ T28] usb 4-1: Manufacturer: syz [ 1308.229009][ T28] usb 4-1: SerialNumber: syz [ 1308.250206][ T28] usb 4-1: config 0 descriptor?? [ 1308.271943][ T28] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 1308.304151][ T28] em28xx 4-1:0.0: DVB interface 0 found: bulk [ 1308.332348][T17414] fuse: Unknown parameter 'group_id00000000000000000000' [ 1308.659011][ T9] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 1308.819179][ T9] usb 5-1: device descriptor read/64, error -71 [ 1308.894696][ T28] em28xx 4-1:0.0: unknown em28xx chip ID (0) [ 1309.059161][ T5769] Bluetooth: hci0: command 0x0406 tx timeout [ 1309.089155][ T9] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 1309.245588][T17418] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1309.252157][ T9] usb 5-1: device descriptor read/64, error -71 [ 1309.258670][T17418] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1309.265127][T17418] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1309.271481][T17418] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1309.346967][T17426] loop1: detected capacity change from 0 to 512 [ 1309.354359][T17426] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1309.361227][T17426] EXT4-fs: Ignoring removed bh option [ 1309.375974][T17426] EXT4-fs error (device loop1): mb_free_blocks:1970: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 1309.391470][ T9] usb usb5-port1: attempt power cycle [ 1309.397086][T17426] EXT4-fs error (device loop1): ext4_do_update_inode:5255: inode #11: comm syz.1.3191: corrupted inode contents [ 1309.415726][T17426] EXT4-fs error (device loop1): ext4_dirty_inode:6143: inode #11: comm syz.1.3191: mark_inode_dirty error [ 1309.434537][T17426] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.3191: invalid indirect mapped block 1 (level 1) [ 1309.449414][T17426] EXT4-fs error (device loop1): ext4_do_update_inode:5255: inode #11: comm syz.1.3191: corrupted inode contents [ 1309.462303][T17426] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem [ 1309.474099][T17426] EXT4-fs error (device loop1): ext4_do_update_inode:5255: inode #11: comm syz.1.3191: corrupted inode contents [ 1309.486470][T17426] EXT4-fs error (device loop1): ext4_truncate:4301: inode #11: comm syz.1.3191: mark_inode_dirty error [ 1309.498194][T17426] EXT4-fs error (device loop1) in ext4_process_orphan:345: Corrupt filesystem [ 1309.511005][T17426] EXT4-fs (loop1): 1 truncate cleaned up [ 1309.517666][T17426] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1309.532715][ T28] em28xx 4-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 1309.540927][ T28] em28xx 4-1:0.0: board has no eeprom [ 1309.619427][ T28] em28xx 4-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 1309.628306][ T28] em28xx 4-1:0.0: dvb set to bulk mode. [ 1309.638849][T14036] em28xx 4-1:0.0: Binding DVB extension [ 1309.662160][ T28] usb 4-1: USB disconnect, device number 17 [ 1309.688651][ T28] em28xx 4-1:0.0: Disconnecting em28xx [ 1309.755182][T14036] em28xx 4-1:0.0: Registering input extension [ 1309.763910][ T28] em28xx 4-1:0.0: Closing input extension [ 1309.777689][ T28] em28xx 4-1:0.0: Freeing device [ 1310.293631][T17432] veth0_vlan: entered allmulticast mode [ 1310.303118][T17432] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3192'. [ 1310.373665][T17432] veth0_vlan (unregistering): left allmulticast mode [ 1310.414549][ T9] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 1310.425832][T14307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1310.467765][ T9] usb 5-1: device descriptor read/8, error -71 [ 1310.499019][ T5769] Bluetooth: hci4: command 0x0406 tx timeout [ 1310.749253][ T9] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 1310.800337][ T9] usb 5-1: device descriptor read/8, error -71 [ 1310.904541][T17448] fuse: Unknown parameter 'group_id00000000000000000000' [ 1310.929342][ T9] usb usb5-port1: unable to enumerate USB device [ 1310.998038][ T9] hid-generic 0006:0008:0001.0019: unknown main item tag 0x0 [ 1311.005614][ T9] hid-generic 0006:0008:0001.0019: unknown main item tag 0x0 [ 1311.018466][ T9] hid-generic 0006:0008:0001.0019: unknown main item tag 0x0 [ 1311.027131][ T9] hid-generic 0006:0008:0001.0019: unknown main item tag 0x0 [ 1311.034741][ T9] hid-generic 0006:0008:0001.0019: unknown main item tag 0x0 [ 1311.046583][ T9] hid-generic 0006:0008:0001.0019: unknown main item tag 0x0 [ 1311.055395][ T9] hid-generic 0006:0008:0001.0019: unknown main item tag 0x0 [ 1311.068611][ T9] hid-generic 0006:0008:0001.0019: unknown main item tag 0x0 [ 1311.076858][ T9] hid-generic 0006:0008:0001.0019: unknown main item tag 0x0 [ 1311.089745][ T9] hid-generic 0006:0008:0001.0019: unknown main item tag 0x0 [ 1311.097360][ T9] hid-generic 0006:0008:0001.0019: unknown main item tag 0x0 [ 1311.108298][ T9] hid-generic 0006:0008:0001.0019: unknown main item tag 0x0 [ 1311.116964][ T9] hid-generic 0006:0008:0001.0019: unknown main item tag 0x0 [ 1311.125768][ T9] hid-generic 0006:0008:0001.0019: unknown main item tag 0x0 [ 1311.133315][ T9] hid-generic 0006:0008:0001.0019: unknown main item tag 0x0 [ 1311.140947][ T9] hid-generic 0006:0008:0001.0019: unknown main item tag 0x0 [ 1311.148400][ T9] hid-generic 0006:0008:0001.0019: unknown main item tag 0x0 [ 1311.159246][ T9] hid-generic 0006:0008:0001.0019: hidraw0: VIRTUAL HID v0.04 Device [syz1] on syz0 [ 1311.299274][ T5769] Bluetooth: hci2: command 0x0c1a tx timeout [ 1311.299295][T14802] Bluetooth: hci3: command 0x0406 tx timeout [ 1311.299314][T12714] Bluetooth: hci0: command 0x0406 tx timeout [ 1311.317883][T17418] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 1311.414539][T17457] loop4: detected capacity change from 0 to 512 [ 1311.422692][T17457] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1311.435374][T17457] EXT4-fs: Ignoring removed bh option [ 1311.445320][T17457] EXT4-fs error (device loop4): mb_free_blocks:1970: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 1311.461190][T17457] EXT4-fs error (device loop4): ext4_do_update_inode:5255: inode #11: comm syz.4.3201: corrupted inode contents [ 1311.474123][T17457] EXT4-fs error (device loop4): ext4_dirty_inode:6143: inode #11: comm syz.4.3201: mark_inode_dirty error [ 1311.487229][T17457] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.3201: invalid indirect mapped block 1 (level 1) [ 1311.505076][T17457] EXT4-fs error (device loop4): ext4_do_update_inode:5255: inode #11: comm syz.4.3201: corrupted inode contents [ 1311.517448][T17457] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem [ 1311.526502][T17457] EXT4-fs error (device loop4): ext4_do_update_inode:5255: inode #11: comm syz.4.3201: corrupted inode contents [ 1311.541935][T17457] EXT4-fs error (device loop4): ext4_truncate:4301: inode #11: comm syz.4.3201: mark_inode_dirty error [ 1311.553438][T17457] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem [ 1311.564033][T17457] EXT4-fs (loop4): 1 truncate cleaned up [ 1311.571348][T17457] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1312.451102][T16047] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1312.570412][T17470] fuse: Bad value for 'user_id' [ 1312.672173][T17473] loop4: detected capacity change from 0 to 2048 [ 1312.721156][T17473] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1312.782771][ T27] audit: type=1800 audit(1779579656.895:39): pid=17473 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3206" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 1312.803209][ C0] vkms_vblank_simulate: vblank timer overrun [ 1312.835767][T16047] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1313.379230][ T5769] Bluetooth: hci0: command 0x0406 tx timeout [ 1313.683144][T17481] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1313.690537][T17481] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1313.696564][T17481] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1313.704311][T17481] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1313.867941][T17489] loop3: detected capacity change from 0 to 512 [ 1313.887261][T17489] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1313.902771][T17489] EXT4-fs: Ignoring removed bh option [ 1313.924036][T17489] EXT4-fs error (device loop3): mb_free_blocks:1970: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 1313.945898][T17489] EXT4-fs error (device loop3): ext4_do_update_inode:5255: inode #11: comm syz.3.3212: corrupted inode contents [ 1313.961544][T17489] EXT4-fs error (device loop3): ext4_dirty_inode:6143: inode #11: comm syz.3.3212: mark_inode_dirty error [ 1314.004883][T17489] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.3212: invalid indirect mapped block 1 (level 1) [ 1314.047837][T17489] EXT4-fs error (device loop3): ext4_do_update_inode:5255: inode #11: comm syz.3.3212: corrupted inode contents [ 1314.065834][T17489] EXT4-fs error (device loop3) in ext4_orphan_del:303: Corrupt filesystem [ 1314.075112][T17489] EXT4-fs error (device loop3): ext4_do_update_inode:5255: inode #11: comm syz.3.3212: corrupted inode contents [ 1314.091924][T17489] EXT4-fs error (device loop3): ext4_truncate:4301: inode #11: comm syz.3.3212: mark_inode_dirty error [ 1314.105182][T17489] EXT4-fs error (device loop3) in ext4_process_orphan:345: Corrupt filesystem [ 1314.123491][T17489] EXT4-fs (loop3): 1 truncate cleaned up [ 1314.133824][T17489] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1314.146524][T17498] fuse: Bad value for 'user_id' [ 1314.368651][T17502] loop4: detected capacity change from 0 to 2048 [ 1314.403505][T17502] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1314.438197][ T27] audit: type=1800 audit(1779579658.545:40): pid=17502 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3218" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 1314.736088][T16047] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1314.923099][T14733] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1314.982523][ T5769] Bluetooth: hci4: command 0x0406 tx timeout [ 1314.999703][ T28] hid-generic 0006:0008:0001.001A: unknown main item tag 0x0 [ 1315.007577][ T28] hid-generic 0006:0008:0001.001A: unknown main item tag 0x0 [ 1315.020135][ T28] hid-generic 0006:0008:0001.001A: unknown main item tag 0x0 [ 1315.027678][ T28] hid-generic 0006:0008:0001.001A: unknown main item tag 0x0 [ 1315.035742][ T28] hid-generic 0006:0008:0001.001A: unknown main item tag 0x0 [ 1315.043856][ T28] hid-generic 0006:0008:0001.001A: unknown main item tag 0x0 [ 1315.051895][ T28] hid-generic 0006:0008:0001.001A: unknown main item tag 0x0 [ 1315.060166][ T28] hid-generic 0006:0008:0001.001A: unknown main item tag 0x0 [ 1315.067579][ T28] hid-generic 0006:0008:0001.001A: unknown main item tag 0x0 [ 1315.076413][ T28] hid-generic 0006:0008:0001.001A: unknown main item tag 0x0 [ 1315.084164][ T28] hid-generic 0006:0008:0001.001A: unknown main item tag 0x0 [ 1315.092016][ T28] hid-generic 0006:0008:0001.001A: unknown main item tag 0x0 [ 1315.099764][ T28] hid-generic 0006:0008:0001.001A: unknown main item tag 0x0 [ 1315.107285][ T28] hid-generic 0006:0008:0001.001A: unknown main item tag 0x0 [ 1315.115178][ T28] hid-generic 0006:0008:0001.001A: unknown main item tag 0x0 [ 1315.123250][ T28] hid-generic 0006:0008:0001.001A: unknown main item tag 0x0 [ 1315.127335][T17514] loop1: detected capacity change from 0 to 256 [ 1315.131698][ T28] hid-generic 0006:0008:0001.001A: unknown main item tag 0x0 [ 1315.148052][ T28] hid-generic 0006:0008:0001.001A: hidraw0: VIRTUAL HID v0.04 Device [syz1] on syz0 [ 1315.243832][T17514] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 1315.280598][T14036] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 1315.449086][T14036] usb 4-1: device descriptor read/64, error -71 [ 1315.699111][T12714] Bluetooth: hci0: command 0x0406 tx timeout [ 1315.705208][ T5769] Bluetooth: hci3: command 0x0406 tx timeout [ 1315.713193][T17481] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 1315.749245][T14036] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 1315.779476][T12714] Bluetooth: hci2: command 0x0c1a tx timeout [ 1315.919169][T14036] usb 4-1: device descriptor read/64, error -71 [ 1316.017047][T17525] loop0: detected capacity change from 0 to 128 [ 1316.036479][T17526] fuse: Bad value for 'user_id' [ 1316.054422][T14036] usb usb4-port1: attempt power cycle [ 1316.064930][T17525] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 1316.078291][T17525] FAT-fs (loop0): Filesystem has been set read-only [ 1316.203868][T17528] loop4: detected capacity change from 0 to 512 [ 1316.219721][T17528] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1316.239281][T17528] EXT4-fs: Ignoring removed bh option [ 1316.276774][T17528] EXT4-fs error (device loop4): mb_free_blocks:1970: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 1316.306780][T17528] EXT4-fs error (device loop4): ext4_do_update_inode:5255: inode #11: comm syz.4.3228: corrupted inode contents [ 1316.371404][T17528] EXT4-fs error (device loop4): ext4_dirty_inode:6143: inode #11: comm syz.4.3228: mark_inode_dirty error [ 1316.392757][T17528] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.3228: invalid indirect mapped block 1 (level 1) [ 1316.440607][T17528] EXT4-fs error (device loop4): ext4_do_update_inode:5255: inode #11: comm syz.4.3228: corrupted inode contents [ 1316.467224][T17528] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem [ 1316.492115][T14036] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 1316.505047][T17528] EXT4-fs error (device loop4): ext4_do_update_inode:5255: inode #11: comm syz.4.3228: corrupted inode contents [ 1316.531040][T17528] EXT4-fs error (device loop4): ext4_truncate:4301: inode #11: comm syz.4.3228: mark_inode_dirty error [ 1316.533003][T14036] usb 4-1: device descriptor read/8, error -71 [ 1316.547379][T17528] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem [ 1316.565568][T17528] EXT4-fs (loop4): 1 truncate cleaned up [ 1316.574306][T17528] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1316.829365][T14036] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 1316.860896][T14036] usb 4-1: device descriptor read/8, error -71 [ 1317.001291][T14036] usb usb4-port1: unable to enumerate USB device [ 1317.414541][T16047] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1317.515792][T17547] fuse: Bad value for 'fd' [ 1317.779069][T12714] Bluetooth: hci0: command 0x0406 tx timeout [ 1318.712739][T17557] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1318.774739][T17557] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1319.109766][T17557] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1319.134687][T17557] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1319.350345][T17581] fuse: Bad value for 'fd' [ 1320.140878][T12714] Bluetooth: hci4: command 0x0406 tx timeout [ 1320.209074][ T9] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 1320.467636][ T9] usb 4-1: Using ep0 maxpacket: 32 [ 1320.480086][ T9] usb 4-1: no configurations [ 1320.484964][ T9] usb 4-1: can't read configurations, error -22 [ 1320.639013][ T9] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 1320.819223][T12714] Bluetooth: hci0: command 0x0406 tx timeout [ 1320.825436][ T9] usb 4-1: Using ep0 maxpacket: 32 [ 1320.829014][T17557] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 1320.831980][ T9] usb 4-1: no configurations [ 1320.841405][ T9] usb 4-1: can't read configurations, error -22 [ 1320.848017][ T9] usb usb4-port1: attempt power cycle [ 1322.433171][T12714] Bluetooth: hci2: command 0x0c1a tx timeout [ 1322.433224][ T5769] Bluetooth: hci3: command 0x0406 tx timeout [ 1322.526306][T17606] loop4: detected capacity change from 0 to 128 [ 1322.624915][T17608] fuse: Bad value for 'fd' [ 1322.759439][ T9] usb usb4-port1: Cannot enable. Maybe the USB cable is bad? [ 1322.796080][T17616] fuse: Unknown parameter 'grou00000000000000000000' [ 1323.066006][T12714] Bluetooth: hci0: command 0x0406 tx timeout [ 1323.072572][ T9] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 1323.110905][ T9] usb 4-1: Using ep0 maxpacket: 16 [ 1323.125347][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 1323.549327][ T9] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 1323.562176][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1323.570357][ T9] usb 4-1: Product: syz [ 1323.574608][ T9] usb 4-1: Manufacturer: syz [ 1323.579686][ T9] usb 4-1: SerialNumber: syz [ 1323.589371][ T9] usb 4-1: config 0 descriptor?? [ 1323.606446][ T9] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 1323.626107][ T9] em28xx 4-1:0.0: DVB interface 0 found: bulk [ 1324.047928][T17639] fuse: Unknown parameter 'grou00000000000000000000' [ 1324.166024][T17645] overlayfs: failed to clone upperpath [ 1324.173611][T17645] overlayfs: missing 'lowerdir' [ 1324.219180][T14079] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 1324.232015][ T9] em28xx 4-1:0.0: unknown em28xx chip ID (0) [ 1324.429104][T14079] usb 2-1: Using ep0 maxpacket: 32 [ 1324.434907][T14079] usb 2-1: no configurations [ 1324.440415][T14079] usb 2-1: can't read configurations, error -22 [ 1324.599265][T14079] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 1324.789053][T14079] usb 2-1: Using ep0 maxpacket: 32 [ 1324.831011][T14079] usb 2-1: no configurations [ 1324.863922][T14079] usb 2-1: can't read configurations, error -22 [ 1324.949189][T14079] usb usb2-port1: attempt power cycle [ 1324.997313][ T9] em28xx 4-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 1325.007217][ T9] em28xx 4-1:0.0: board has no eeprom [ 1325.158575][ T9] em28xx 4-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 1325.178433][ T9] em28xx 4-1:0.0: dvb set to bulk mode. [ 1325.199762][ T5874] em28xx 4-1:0.0: Binding DVB extension [ 1325.222495][T12714] Bluetooth: hci0: command 0x0406 tx timeout [ 1325.246342][ T9] usb 4-1: USB disconnect, device number 25 [ 1325.274905][ T5874] em28xx 4-1:0.0: Registering input extension [ 1325.305277][ T9] em28xx 4-1:0.0: Disconnecting em28xx [ 1325.398668][ T9] em28xx 4-1:0.0: Closing input extension [ 1325.439239][T14079] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 1326.018230][ T9] em28xx 4-1:0.0: Freeing device [ 1326.024604][T14079] usb 2-1: Using ep0 maxpacket: 32 [ 1326.047300][T14079] usb 2-1: no configurations [ 1326.062187][T14079] usb 2-1: can't read configurations, error -22 [ 1326.071338][T17665] loop3: detected capacity change from 0 to 128 [ 1326.233260][T17669] fuse: Unknown parameter 'grou00000000000000000000' [ 1326.246247][T17671] overlayfs: failed to clone upperpath [ 1326.250583][T14079] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 1326.272910][T17671] overlayfs: missing 'lowerdir' [ 1326.306353][T14079] usb 2-1: Using ep0 maxpacket: 32 [ 1326.326407][T14079] usb 2-1: no configurations [ 1326.338418][T14079] usb 2-1: can't read configurations, error -22 [ 1326.350052][T14079] usb usb2-port1: unable to enumerate USB device [ 1327.717414][T14802] Bluetooth: hci0: command 0x0406 tx timeout [ 1329.211993][T17703] fuse: Unknown parameter 'group_i00000000000000000000' [ 1329.241441][T17706] overlayfs: failed to clone upperpath [ 1329.251901][T17706] overlayfs: missing 'lowerdir' [ 1329.619147][T14036] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 1329.801615][T14036] usb 2-1: Using ep0 maxpacket: 16 [ 1329.808254][T14036] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 1329.821159][T14036] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 1329.832779][T14036] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1329.840807][T14036] usb 2-1: Product: syz [ 1329.844985][T14036] usb 2-1: Manufacturer: syz [ 1329.852031][T14036] usb 2-1: SerialNumber: syz [ 1329.858058][T14036] usb 2-1: config 0 descriptor?? [ 1329.868411][T14036] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 1329.880312][T14036] em28xx 2-1:0.0: DVB interface 0 found: bulk [ 1330.213179][T17724] fuse: Unknown parameter 'group_i00000000000000000000' [ 1330.278817][T17728] overlayfs: failed to clone upperpath [ 1330.286434][T17728] overlayfs: missing 'workdir' [ 1330.478665][T14036] em28xx 2-1:0.0: unknown em28xx chip ID (0) [ 1331.105060][T14036] em28xx 2-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 1331.115097][T14036] em28xx 2-1:0.0: board has no eeprom [ 1331.199201][T14036] em28xx 2-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 1331.209581][T14036] em28xx 2-1:0.0: dvb set to bulk mode. [ 1331.215206][ T28] em28xx 2-1:0.0: Binding DVB extension [ 1331.230122][T14036] usb 2-1: USB disconnect, device number 17 [ 1331.237060][T14036] em28xx 2-1:0.0: Disconnecting em28xx [ 1331.282415][ T28] em28xx 2-1:0.0: Registering input extension [ 1331.295851][T14036] em28xx 2-1:0.0: Closing input extension [ 1331.320813][T14036] em28xx 2-1:0.0: Freeing device [ 1331.714470][T17749] fuse: Unknown parameter 'group_i00000000000000000000' [ 1331.758138][T17752] overlayfs: failed to clone upperpath [ 1331.758608][T17753] loop1: detected capacity change from 0 to 128 [ 1331.798707][T17752] overlayfs: missing 'workdir' [ 1332.284849][T17778] fuse: Unknown parameter 'group_id00000000000000000000' [ 1332.293810][T17779] overlayfs: failed to clone upperpath [ 1332.304293][T17779] overlayfs: missing 'workdir' [ 1333.202604][T17806] fuse: Unknown parameter 'group_id00000000000000000000' [ 1333.280961][T17810] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3338'. [ 1333.350078][T17816] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3338'. [ 1334.324776][T17852] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3351'. [ 1335.022847][T17864] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3355'. [ 1335.087394][T17870] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3355'. [ 1336.465580][T17913] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3372'. [ 1336.527328][T17914] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3372'. [ 1337.272784][T17937] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3379'. [ 1338.173853][T17972] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3391'. [ 1338.235237][T17975] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3391'. [ 1338.924226][T17987] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3398'. [ 1338.949527][T17987] erspan1: entered promiscuous mode [ 1338.955235][T17987] erspan1: entered allmulticast mode [ 1340.040999][T18016] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3409'. [ 1340.155675][T18021] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3411'. [ 1340.217360][T18022] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3411'. [ 1340.899114][T14802] Bluetooth: hci3: command 0x0406 tx timeout [ 1341.699117][T14802] Bluetooth: hci4: command 0x0406 tx timeout [ 1344.267775][T18116] fuse: Invalid rootmode [ 1344.644133][T18134] fuse: Unknown parameter 'group_id00000000000000000000' [ 1345.306277][ T5874] IPVS: starting estimator thread 0... [ 1345.493493][T18137] IPVS: using max 21 ests per chain, 50400 per kthread [ 1345.627856][T18155] fuse: Bad value for 'rootmode' [ 1346.232176][T18167] fuse: Bad value for 'user_id' [ 1347.479682][ T5874] IPVS: starting estimator thread 0... [ 1347.552515][T18188] fuse: Bad value for 'rootmode' [ 1347.599384][T18182] IPVS: using max 20 ests per chain, 48000 per kthread [ 1347.641535][T18192] fuse: Bad value for 'user_id' [ 1347.662383][T18194] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3469'. [ 1347.684563][T18194] erspan1: entered promiscuous mode [ 1347.693341][T18194] erspan1: entered allmulticast mode [ 1348.808616][T18212] fuse: Bad value for 'rootmode' [ 1349.285392][ T28] IPVS: starting estimator thread 0... [ 1349.429276][T18214] IPVS: using max 18 ests per chain, 43200 per kthread [ 1349.601636][T18220] fuse: Bad value for 'user_id' [ 1349.672270][T18224] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3481'. [ 1350.733555][T18242] fuse: Unknown parameter 'use00000000000000000000' [ 1350.862811][T18247] fuse: Bad value for 'fd' [ 1351.892220][T18265] fuse: Unknown parameter 'use00000000000000000000' [ 1352.691433][T18276] fuse: Bad value for 'fd' [ 1353.752425][T18292] fuse: Unknown parameter 'use00000000000000000000' [ 1354.824803][T18306] fuse: Bad value for 'fd' [ 1358.240834][T18375] fuse: Unknown parameter 'user_i00000000000000000000' [ 1359.517248][T18399] fuse: Unknown parameter 'user_id00000000000000000000' [ 1360.051069][T18430] fuse: Unknown parameter 'user_id00000000000000000000' [ 1360.066198][T18432] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3556'. [ 1360.103778][T18432] erspan1: entered promiscuous mode [ 1360.109343][T18432] erspan1: entered allmulticast mode [ 1360.368282][T14802] Bluetooth: hci0: unexpected subevent 0x03 length: 244 > 9 [ 1360.614471][T18456] fuse: Unknown parameter 'user_id00000000000000000000' [ 1360.658201][T18458] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3567'. [ 1361.058306][T18479] fuse: Bad value for 'fd' [ 1361.101105][T18481] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3576'. [ 1361.865136][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 1361.972213][T18499] fuse: Bad value for 'fd' [ 1362.132897][T18509] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3587'. [ 1363.277885][T18529] fuse: Bad value for 'fd' [ 1363.371511][T18534] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3597'. [ 1364.498307][T18558] fuse: Unknown parameter '0x0000000000000003' [ 1364.571611][T18560] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3608'. [ 1364.873345][T18581] fuse: Unknown parameter '0x0000000000000003' [ 1364.953547][T18585] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3619'. [ 1365.715417][T18603] fuse: Unknown parameter '0x0000000000000003' [ 1365.832704][T18609] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3629'. [ 1366.878700][T18624] fuse: Bad value for 'rootmode' [ 1366.977349][T18629] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3638'. [ 1367.300151][T18644] fuse: Unknown parameter '0x0000000000000003' [ 1367.430795][T18648] fuse: Bad value for 'rootmode' [ 1368.257298][T18658] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3649'. [ 1368.585513][T18673] fuse: Unknown parameter '0x0000000000000003' [ 1368.807987][T14036] IPVS: starting estimator thread 0... [ 1369.039518][T18676] IPVS: using max 21 ests per chain, 50400 per kthread [ 1369.675423][T18689] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3662'. [ 1370.905423][T18720] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3674'. [ 1371.121667][T18733] fuse: Bad value for 'fd' [ 1374.062985][T18790] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3701'. [ 1379.365831][T18910] fuse: Unknown parameter 'user_id00000000000000000000' [ 1379.645419][T18926] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3764'. [ 1379.767276][T18935] fuse: Unknown parameter 'user_id00000000000000000000' [ 1380.086030][T18949] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3773'. [ 1380.159688][T18955] fuse: Bad value for 'fd' [ 1380.452427][T18974] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3785'. [ 1380.525340][T18978] fuse: Bad value for 'fd' [ 1380.991496][T18997] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3794'. [ 1381.000991][T18999] fuse: Bad value for 'fd' [ 1381.391360][T19021] fuse: Unknown parameter '0x0000000000000003' [ 1381.396416][T19022] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3805'. [ 1381.702717][T19040] fuse: Unknown parameter '0x0000000000000003' [ 1381.761209][T19042] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3816'. [ 1382.252109][T19059] fuse: Unknown parameter '0x0000000000000003' [ 1382.484765][T19068] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3828'. [ 1383.652260][T19080] fuse: Unknown parameter '0x0000000000000003' [ 1383.673940][T19085] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3836'. [ 1383.716468][T19088] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3837'. [ 1385.317959][T19114] fuse: Unknown parameter '0x0000000000000003' [ 1385.466435][T19116] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3847'. [ 1386.783112][T19154] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3862'. [ 1388.085010][T19185] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3873'. [ 1394.494399][T14802] Bluetooth: hci4: unexpected event for opcode 0x2035 [ 1411.423284][T19607] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0) [ 1412.784249][ T27] audit: type=1326 audit(1779579756.895:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19634 comm="syz.0.4031" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd65b9ce59 code=0x7ffc0000 [ 1412.859006][ T27] audit: type=1326 audit(1779579756.895:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19634 comm="syz.0.4031" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd65b9ce59 code=0x7ffc0000 [ 1412.908981][ T27] audit: type=1326 audit(1779579756.925:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19634 comm="syz.0.4031" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fbd65b9ce59 code=0x7ffc0000 [ 1412.963462][ T27] audit: type=1326 audit(1779579756.955:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19634 comm="syz.0.4031" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd65b9ce59 code=0x7ffc0000 [ 1413.013960][ T27] audit: type=1326 audit(1779579756.955:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19634 comm="syz.0.4031" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd65b9ce59 code=0x7ffc0000 [ 1413.078335][ T27] audit: type=1326 audit(1779579756.965:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19634 comm="syz.0.4031" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7fbd65b9ce59 code=0x7ffc0000 [ 1413.130472][ T27] audit: type=1326 audit(1779579756.965:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19634 comm="syz.0.4031" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd65b9ce59 code=0x7ffc0000 [ 1413.157753][ T27] audit: type=1326 audit(1779579756.965:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19634 comm="syz.0.4031" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd65b9ce59 code=0x7ffc0000 [ 1413.220261][ T27] audit: type=1326 audit(1779579756.965:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19640 comm="syz.0.4031" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fbd65b5d68e code=0x7ffc0000 [ 1413.255232][ T27] audit: type=1326 audit(1779579757.115:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19640 comm="syz.0.4031" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7fbd65b9ce59 code=0x7ffc0000 [ 1414.443748][T19683] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4050'. [ 1422.639567][T14802] Bluetooth: hci3: unexpected event for opcode 0x2035 [ 1423.634551][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 1426.240933][T14802] Bluetooth: hci3: unexpected event for opcode 0x2035 [ 1428.657010][T14802] Bluetooth: hci2: unexpected event for opcode 0x2035 [ 1430.233936][T19977] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4143'. [ 1437.812659][T20124] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4200'. [ 1440.976342][T20177] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4218'. [ 1441.948352][T20202] fuse: Bad value for 'group_id' [ 1444.047208][T20235] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4241'. [ 1445.736634][T20264] fuse: Bad value for 'group_id' [ 1447.724928][T20300] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4265'. [ 1448.782004][T20318] fuse: Bad value for 'group_id' [ 1449.918775][T20334] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4277'. [ 1451.304932][T20363] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4289'. [ 1462.193128][T20664] fuse: Unknown parameter 'grou00000000000000000000' [ 1462.371619][T20674] netlink: 'syz.3.4412': attribute type 2 has an invalid length. [ 1463.343171][T20700] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4421'. [ 1463.352269][T20700] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4421'. [ 1463.467406][T20705] fuse: Unknown parameter 'grou00000000000000000000' [ 1464.526911][T20735] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4436'. [ 1464.536735][T20735] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 1464.544560][T20735] IPv6: NLM_F_CREATE should be set when creating new route [ 1464.960377][T20753] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4445'. [ 1464.976425][T20755] fuse: Unknown parameter 'grou00000000000000000000' [ 1466.567983][T20777] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4454'. [ 1467.107912][T20793] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4461'. [ 1467.328072][T20799] fuse: Unknown parameter 'group_i00000000000000000000' [ 1467.428713][T20801] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4464'. [ 1467.917279][T20820] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4473'. [ 1468.828567][T20843] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4482'. [ 1468.929918][T20846] fuse: Unknown parameter 'group_i00000000000000000000' [ 1469.805385][T20864] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 1471.068474][T20886] fuse: Unknown parameter 'group_i00000000000000000000' [ 1472.505715][T20924] fuse: Unknown parameter 'group_id00000000000000000000' [ 1476.434649][T20989] kAFS: unable to lookup cell 'Þ({^ú@' [ 1476.457068][T20991] overlayfs: failed to clone upperpath [ 1477.526709][T21004] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1477.536624][T21004] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1477.546800][T21004] bond0 (unregistering): Released all slaves [ 1478.187892][T21013] fuse: Unknown parameter 'group_id00000000000000000000' [ 1479.434457][ T27] audit: type=1326 audit(1779579823.545:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21026 comm="syz.0.4553" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd65b9ce59 code=0x7ffc0000 [ 1479.491167][ T27] audit: type=1326 audit(1779579823.575:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21026 comm="syz.0.4553" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd65b9ce59 code=0x7ffc0000 [ 1479.520547][ T27] audit: type=1326 audit(1779579823.575:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21026 comm="syz.0.4553" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd65b9ce59 code=0x7ffc0000 [ 1479.551093][ T27] audit: type=1326 audit(1779579823.575:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21026 comm="syz.0.4553" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd65b9ce59 code=0x7ffc0000 [ 1479.579757][ T27] audit: type=1326 audit(1779579823.575:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21026 comm="syz.0.4553" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7fbd65b9ce59 code=0x7ffc0000 [ 1479.633348][ T27] audit: type=1326 audit(1779579823.635:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21026 comm="syz.0.4553" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fbd65b5d68e code=0x7ffc0000 [ 1479.659234][ T27] audit: type=1326 audit(1779579823.635:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21026 comm="syz.0.4553" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fbd65b5d68e code=0x7ffc0000 [ 1479.687199][ T27] audit: type=1326 audit(1779579823.665:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21026 comm="syz.0.4553" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fbd65b5d68e code=0x7ffc0000 [ 1480.508929][ T27] audit: type=1326 audit(1779579823.665:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21026 comm="syz.0.4553" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fbd65b5d68e code=0x7ffc0000 [ 1480.533040][ T27] audit: type=1326 audit(1779579823.665:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21026 comm="syz.0.4553" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd65b9ce59 code=0x7ffc0000 [ 1481.955765][T21063] overlayfs: failed to clone upperpath [ 1483.142619][T21084] fuse: Bad value for 'user_id' [ 1484.745137][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 1484.749871][T21119] fuse: Bad value for 'user_id' [ 1486.232144][T21153] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4601'. [ 1486.277782][T21153] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 20004 - 0 [ 1486.287356][T21153] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 20004 - 0 [ 1486.296332][T21153] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 20004 - 0 [ 1486.305254][T21153] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 20004 - 0 [ 1486.316183][T21153] bond2: (slave geneve2): Enslaving as an active interface with an up link [ 1486.525398][T21167] fuse: Bad value for 'user_id' [ 1487.472586][T21193] netlink: 52 bytes leftover after parsing attributes in process `syz.1.4619'. [ 1487.677173][T21204] fuse: Bad value for 'fd' [ 1489.629255][ T27] kauditd_printk_skb: 3 callbacks suppressed [ 1489.629352][ T27] audit: type=1326 audit(3927063481.722:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21228 comm="syz.0.4634" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd65b9ce59 code=0x7ffc0000 [ 1489.660514][ T27] audit: type=1326 audit(3927063481.732:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21228 comm="syz.0.4634" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd65b9ce59 code=0x7ffc0000 [ 1489.693493][ T27] audit: type=1326 audit(3927063481.732:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21228 comm="syz.0.4634" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7fbd65b9ce59 code=0x7ffc0000 [ 1489.730343][ T27] audit: type=1326 audit(3927063481.732:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21228 comm="syz.0.4634" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd65b9ce59 code=0x7ffc0000 [ 1489.763857][ T27] audit: type=1326 audit(3927063481.732:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21228 comm="syz.0.4634" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd65b9ce59 code=0x7ffc0000 [ 1489.795313][T21238] netlink: 9275 bytes leftover after parsing attributes in process `syz.0.4638'. [ 1490.078082][ T27] audit: type=1326 audit(3927063482.182:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21254 comm="syz.4.4645" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31ff19ce59 code=0x7ffc0000 [ 1490.104213][ T27] audit: type=1326 audit(3927063482.182:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21254 comm="syz.4.4645" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31ff19ce59 code=0x7ffc0000 [ 1490.153589][ T27] audit: type=1326 audit(3927063482.182:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21254 comm="syz.4.4645" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31ff19ce59 code=0x7ffc0000 [ 1490.187130][ T27] audit: type=1326 audit(3927063482.182:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21254 comm="syz.4.4645" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31ff19ce59 code=0x7ffc0000 [ 1490.217332][ T27] audit: type=1326 audit(3927063482.182:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21254 comm="syz.4.4645" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f31ff15d68e code=0x7ffc0000 [ 1490.439986][T21265] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 1492.046710][T14802] Bluetooth: hci2: unexpected event for opcode 0x1005 [ 1492.214464][T21309] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4666'. [ 1602.508877][ C0] ------------[ cut here ]------------ [ 1602.515593][ C0] WARNING: CPU: 0 PID: 21334 at kernel/rcu/tree_stall.h:1001 rcu_check_gp_start_stall+0x2dc/0x460 [ 1602.526304][ C0] Modules linked in: [ 1602.530190][ C0] CPU: 0 PID: 21334 Comm: syz.1.4674 Not tainted syzkaller #0 [ 1602.537674][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1602.547714][ C0] RIP: 0010:rcu_check_gp_start_stall+0x2dc/0x460 [ 1602.554070][ C0] Code: ff ff ff 48 c7 c7 a0 24 31 97 be 04 00 00 00 e8 aa ea 6d 00 48 89 df b8 01 00 00 00 87 05 1c a2 bf 15 85 c0 0f 85 19 ff ff ff <0f> 0b 48 81 ff 80 73 13 8d 74 47 48 c7 c0 9c 6f 8b 8e 48 c1 e8 03 [ 1602.573690][ C0] RSP: 0018:ffffc90000007bb8 EFLAGS: 00010046 [ 1602.579773][ C0] RAX: 0000000000000000 RBX: ffffffff8d137380 RCX: ffffffff81718276 [ 1602.587724][ C0] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffffff8d137380 [ 1602.595674][ C0] RBP: ffffc90000007e30 R08: 0000000000000003 R09: 0000000000000004 [ 1602.603624][ C0] R10: dffffc0000000000 R11: fffffbfff2e62494 R12: 0000000000002904 [ 1602.611579][ C0] R13: ffffffff8d137380 R14: 0000000000000a02 R15: dffffc0000000000 [ 1602.619530][ C0] FS: 000055556b029500(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 1602.628440][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1602.635001][ C0] CR2: 00007fa33fbea540 CR3: 000000002e9de000 CR4: 00000000003506f0 [ 1602.642953][ C0] Call Trace: [ 1602.646278][ C0] [ 1602.649134][ C0] rcu_core+0x635/0x1770 [ 1602.653390][ C0] ? ktime_get+0x7f/0x280 [ 1602.657736][ C0] ? rcu_cpu_kthread_park+0x90/0x90 [ 1602.662913][ C0] ? kvm_sched_clock_read+0x11/0x20 [ 1602.668154][ C0] ? sched_clock+0x3f/0x60 [ 1602.672561][ C0] ? sched_clock_cpu+0x75/0x430 [ 1602.677398][ C0] ? ktime_get+0x7f/0x280 [ 1602.681710][ C0] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 1602.687675][ C0] ? lock_chain_count+0x20/0x20 [ 1602.692511][ C0] handle_softirqs+0x280/0x820 [ 1602.697258][ C0] ? __irq_exit_rcu+0xd3/0x190 [ 1602.702001][ C0] ? do_softirq+0x1a0/0x1a0 [ 1602.706486][ C0] ? irqtime_account_irq+0xb6/0x1c0 [ 1602.711669][ C0] __irq_exit_rcu+0xd3/0x190 [ 1602.716239][ C0] ? irq_exit_rcu+0x20/0x20 [ 1602.720723][ C0] irq_exit_rcu+0x9/0x20 [ 1602.724942][ C0] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 1602.730560][ C0] [ 1602.733472][ C0] [ 1602.736448][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1602.742480][ C0] RIP: 0010:_raw_spin_unlock_irq+0x29/0x50 [ 1602.748297][ C0] Code: 00 f3 0f 1e fa 53 48 89 fb 48 83 c7 18 48 8b 74 24 08 e8 ca bc d7 f6 48 89 df e8 82 91 d8 f6 e8 9d a8 fc f6 fb bf 01 00 00 00 62 98 cb f6 65 8b 05 f3 bf 72 75 85 c0 74 02 5b c3 e8 70 a7 6f [ 1602.767886][ C0] RSP: 0018:ffffc90004f0fc78 EFLAGS: 00000286 [ 1602.773933][ C0] RAX: e6a89efbbbeb9c00 RBX: ffff88807f24a500 RCX: e6a89efbbbeb9c00 [ 1602.781884][ C0] RDX: dffffc0000000000 RSI: ffffffff8acacbe0 RDI: 0000000000000001 [ 1602.789837][ C0] RBP: ffff88807f24a998 R08: ffffffff8e8b3aef R09: 1ffffffff1d1675d [ 1602.797786][ C0] R10: dffffc0000000000 R11: fffffbfff1d1675e R12: 1ffff1100fe49533 [ 1602.805739][ C0] R13: 0000000000000021 R14: dffffc0000000000 R15: 0000000000000000 [ 1602.813704][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 1602.818885][ C0] get_signal+0x11f5/0x13f0 [ 1602.823386][ C0] arch_do_signal_or_restart+0xc2/0x800 [ 1602.828960][ C0] ? get_sigframe_size+0x20/0x20 [ 1602.833889][ C0] ? exit_to_user_mode_loop+0x3b/0x110 [ 1602.839333][ C0] exit_to_user_mode_loop+0x70/0x110 [ 1602.844601][ C0] exit_to_user_mode_prepare+0xee/0x180 [ 1602.850157][ C0] syscall_exit_to_user_mode+0x1a/0x50 [ 1602.855600][ C0] do_syscall_64+0x61/0xb0 [ 1602.859999][ C0] ? clear_bhb_loop+0x40/0x90 [ 1602.864687][ C0] ? clear_bhb_loop+0x40/0x90 [ 1602.869345][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1602.875219][ C0] RIP: 0033:0x7fa33fb5d68e [ 1602.879628][ C0] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 1602.899219][ C0] RSP: 002b:00007ffc72b81ee8 EFLAGS: 00000246 [ 1602.905267][ C0] RAX: fffffffffffffffc RBX: 000055556b029500 RCX: 00007fa33fb5d68e [ 1602.913216][ C0] RDX: 00007ffc72b81f40 RSI: 0000000000000000 RDI: 0000000000000000 [ 1602.921169][ C0] RBP: 00007fa33fe17da0 R08: 0000000000000000 R09: 0000000000000000 [ 1602.929119][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000016ca1b [ 1602.937069][ C0] R13: 00007fa33fe1609c R14: 000000000016c7d6 R15: 00007fa33fe16090 [ 1602.945026][ C0] [ 1602.948029][ C0] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1602.955297][ C0] CPU: 0 PID: 21334 Comm: syz.1.4674 Not tainted syzkaller #0 [ 1602.962727][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1602.972768][ C0] Call Trace: [ 1602.976028][ C0] [ 1602.978851][ C0] dump_stack_lvl+0x18c/0x250 [ 1602.983512][ C0] ? show_regs_print_info+0x20/0x20 [ 1602.988686][ C0] ? load_image+0x420/0x420 [ 1602.993206][ C0] panic+0x2dc/0x730 [ 1602.997084][ C0] ? bpf_jit_dump+0xd0/0xd0 [ 1603.001574][ C0] __warn+0x2e0/0x470 [ 1603.005539][ C0] ? rcu_check_gp_start_stall+0x2dc/0x460 [ 1603.011241][ C0] ? rcu_check_gp_start_stall+0x2dc/0x460 [ 1603.016941][ C0] report_bug+0x2be/0x4f0 [ 1603.021311][ C0] ? rcu_check_gp_start_stall+0x2dc/0x460 [ 1603.027010][ C0] ? rcu_check_gp_start_stall+0x2dc/0x460 [ 1603.032708][ C0] ? rcu_check_gp_start_stall+0x2de/0x460 [ 1603.038406][ C0] handle_bug+0xcf/0x120 [ 1603.042628][ C0] exc_invalid_op+0x1a/0x50 [ 1603.047112][ C0] asm_exc_invalid_op+0x1a/0x20 [ 1603.051942][ C0] RIP: 0010:rcu_check_gp_start_stall+0x2dc/0x460 [ 1603.058250][ C0] Code: ff ff ff 48 c7 c7 a0 24 31 97 be 04 00 00 00 e8 aa ea 6d 00 48 89 df b8 01 00 00 00 87 05 1c a2 bf 15 85 c0 0f 85 19 ff ff ff <0f> 0b 48 81 ff 80 73 13 8d 74 47 48 c7 c0 9c 6f 8b 8e 48 c1 e8 03 [ 1603.077836][ C0] RSP: 0018:ffffc90000007bb8 EFLAGS: 00010046 [ 1603.083881][ C0] RAX: 0000000000000000 RBX: ffffffff8d137380 RCX: ffffffff81718276 [ 1603.091829][ C0] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffffff8d137380 [ 1603.099777][ C0] RBP: ffffc90000007e30 R08: 0000000000000003 R09: 0000000000000004 [ 1603.107725][ C0] R10: dffffc0000000000 R11: fffffbfff2e62494 R12: 0000000000002904 [ 1603.115672][ C0] R13: ffffffff8d137380 R14: 0000000000000a02 R15: dffffc0000000000 [ 1603.123625][ C0] ? rcu_check_gp_start_stall+0x2c6/0x460 [ 1603.129334][ C0] ? rcu_check_gp_start_stall+0x2c6/0x460 [ 1603.135037][ C0] rcu_core+0x635/0x1770 [ 1603.139269][ C0] ? ktime_get+0x7f/0x280 [ 1603.143576][ C0] ? rcu_cpu_kthread_park+0x90/0x90 [ 1603.148757][ C0] ? kvm_sched_clock_read+0x11/0x20 [ 1603.153931][ C0] ? sched_clock+0x3f/0x60 [ 1603.158325][ C0] ? sched_clock_cpu+0x75/0x430 [ 1603.163150][ C0] ? ktime_get+0x7f/0x280 [ 1603.167460][ C0] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 1603.173421][ C0] ? lock_chain_count+0x20/0x20 [ 1603.178254][ C0] handle_softirqs+0x280/0x820 [ 1603.182996][ C0] ? __irq_exit_rcu+0xd3/0x190 [ 1603.187737][ C0] ? do_softirq+0x1a0/0x1a0 [ 1603.192219][ C0] ? irqtime_account_irq+0xb6/0x1c0 [ 1603.197396][ C0] __irq_exit_rcu+0xd3/0x190 [ 1603.201962][ C0] ? irq_exit_rcu+0x20/0x20 [ 1603.206445][ C0] irq_exit_rcu+0x9/0x20 [ 1603.210661][ C0] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 1603.216274][ C0] [ 1603.219184][ C0] [ 1603.222092][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1603.228053][ C0] RIP: 0010:_raw_spin_unlock_irq+0x29/0x50 [ 1603.233840][ C0] Code: 00 f3 0f 1e fa 53 48 89 fb 48 83 c7 18 48 8b 74 24 08 e8 ca bc d7 f6 48 89 df e8 82 91 d8 f6 e8 9d a8 fc f6 fb bf 01 00 00 00 62 98 cb f6 65 8b 05 f3 bf 72 75 85 c0 74 02 5b c3 e8 70 a7 6f [ 1603.253422][ C0] RSP: 0018:ffffc90004f0fc78 EFLAGS: 00000286 [ 1603.259469][ C0] RAX: e6a89efbbbeb9c00 RBX: ffff88807f24a500 RCX: e6a89efbbbeb9c00 [ 1603.267420][ C0] RDX: dffffc0000000000 RSI: ffffffff8acacbe0 RDI: 0000000000000001 [ 1603.275368][ C0] RBP: ffff88807f24a998 R08: ffffffff8e8b3aef R09: 1ffffffff1d1675d [ 1603.283318][ C0] R10: dffffc0000000000 R11: fffffbfff1d1675e R12: 1ffff1100fe49533 [ 1603.291285][ C0] R13: 0000000000000021 R14: dffffc0000000000 R15: 0000000000000000 [ 1603.299244][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 1603.304425][ C0] get_signal+0x11f5/0x13f0 [ 1603.308913][ C0] arch_do_signal_or_restart+0xc2/0x800 [ 1603.314440][ C0] ? get_sigframe_size+0x20/0x20 [ 1603.319365][ C0] ? exit_to_user_mode_loop+0x3b/0x110 [ 1603.324820][ C0] exit_to_user_mode_loop+0x70/0x110 [ 1603.330085][ C0] exit_to_user_mode_prepare+0xee/0x180 [ 1603.335611][ C0] syscall_exit_to_user_mode+0x1a/0x50 [ 1603.341049][ C0] do_syscall_64+0x61/0xb0 [ 1603.345442][ C0] ? clear_bhb_loop+0x40/0x90 [ 1603.350097][ C0] ? clear_bhb_loop+0x40/0x90 [ 1603.354754][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1603.360626][ C0] RIP: 0033:0x7fa33fb5d68e [ 1603.365019][ C0] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 1603.384603][ C0] RSP: 002b:00007ffc72b81ee8 EFLAGS: 00000246 [ 1603.390648][ C0] RAX: fffffffffffffffc RBX: 000055556b029500 RCX: 00007fa33fb5d68e [ 1603.398599][ C0] RDX: 00007ffc72b81f40 RSI: 0000000000000000 RDI: 0000000000000000 [ 1603.406550][ C0] RBP: 00007fa33fe17da0 R08: 0000000000000000 R09: 0000000000000000 [ 1603.414500][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000016ca1b [ 1603.422450][ C0] R13: 00007fa33fe1609c R14: 000000000016c7d6 R15: 00007fa33fe16090 [ 1603.430406][ C0] [ 1604.525601][ C0] Shutting down cpus with NMI [ 1604.530585][ C0] Kernel Offset: disabled [ 1604.535353][ C0] Rebooting in 86400 seconds..