last executing test programs: 3.897630228s ago: executing program 0 (id=311): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5", 0x4) r1 = accept4(r0, 0x0, 0x0, 0x80800) sendmmsg$alg(r1, &(0x7f0000000c40)=[{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000300)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f00000004c0)="33b6f982a62e715f3484fab4d07991a770bcae58c28945eaaeae058df5a923d651da3784c21428b02b2e1cc931d0822040fa6cda6079442f208f9488c0fa6e3a80c26b1d1b23fe4da5bf681446155a6994e346d2e844895b4eb1a6a14b6f0b6114", 0xffffff99}, {&(0x7f0000000600)="d09ef15703efa654edd387ed90d643beaf9b3aeb05160c5aaeafc5f20047d5c3966bd83fe1ea6ddf432db90b8d8cb2696edb962654f023f00790673e077e93713677b8672664a8fa91df9768f7b14e83a0b12ae1c4fa61fb8d3bbfc736b7ab83bc21ce66d122ce768d032f6690555f4420919edb6454bd0be2d36c9851a4e4c894ef9624e4973f2b3eb4e2a356b9af3c416676be5828c5c8ceeed81a978fd9c32d877ec94961df3203f2b7bafe86580c10d29ad805053e356bd960018a", 0xbd}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, {0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000002c0)="1914593fbe63c1c99bcbf2a2e1688c0ff2ee5b69", 0x14}, {&(0x7f00000006c0)="8d6500d3deb0317161b5e261a7f1e9dea247618f9703f844911f62e1d5ef48f42d25c5df86a12c2cb3d6678a34e724e3ab1620eaccf431a7b3233dd844f7f64b315280ab081a0adf7fe1e097111217fc5b32a93de5000e99be1f6930ec7f4400a24c04303d1b4a44569bfe6763fa541e3ba6f0b4ab128aca96995a3a8f1bc07e30add8ba2bdfe022", 0x88}], 0x2, &(0x7f0000000f40)=[@iv={0xe8, 0x117, 0x2, 0xcf, "62783c54cdc47da6cdb7f03d8cab5abe1a2c7fba3106730d09833a5f362901e8998d1bdb7b17d2231b63942a4e156500be1246b02efe051a238dc81ee8438f6b2ff7e93b21ff348844f5e5a67df0de01ec340585f874125320137c0bd3c5ea253f30729a229af1f07def7e9c5681f97cb16eb40f04477084186b7ef0e9431a107bf991abef4bbe24aa287d12171617a1748f0d13a7951392b8c8bd22c7d29d83480a7d720f738e8b2e22d5d6adb8656c6be7f8d4c74b19e9be637735447ed3b0d157c47581a13a9ca3cadaee1b605a"}, @assoc={0x18, 0x117, 0x4, 0x7}, @op={0x18}, @assoc={0x18, 0x117, 0x4, 0x7}, @assoc={0x18, 0x117, 0x4, 0x80}, @assoc={0x18, 0x117, 0x4, 0xae5}, @iv={0x40, 0x117, 0x2, 0x25, "bd2dfdf3a35167789d1e86eb11d3da70196a98ded037398fd10a44e4483892f9e41494aeae"}, @iv={0x0, 0x117, 0x2, 0x0, "a1525e4edb3ed20038351cbec9986b7f1548bae5344672d70bc4d90e089d8633b56f8225904f42e78f6230ee768d387680c1bf7e20c820e147bd8f79440392b7eefd4c5864e0f2a352fd4075429d9bc38be3651a9cf1c8fbc4e8483928334ef4890430eaf0a72d1e68b1d11113c773cd53225e60024023b723f721683d79a8533a6cd2b3b7eb0862c4f44eb5"}, @op={0x18}, @iv={0x30, 0x117, 0x2, 0x15, "e186f696fd1013a29e3da8955ad005d353361442a1"}], 0x200, 0x4044044}, {0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000440)="eeec18b7a2f22103ffd1f9150c0e463d450dc5a4615dc8d05e03e6e8a4246acfedd42008bf0732311cbca46040ac3ba8b9f3d42acd5c6f364ce65a", 0x3b}], 0x1, &(0x7f0000000d40)=[@assoc={0x18, 0x117, 0x4, 0x9}, @iv={0x50, 0x117, 0x2, 0x38, "ad9d57ae1a34cd169d6fad8561a7ecad9a52c724a11e24510fc61cfeb3470c372d2eff433cea2fec76c92d3482c3c6692d8275cd566690ad"}, @op={0x18}, @iv={0x140, 0x117, 0x2, 0x128, "526b0e047fbc4fc252eaaa51f7070028035fd68fb6a92539435a12fdd225925548abd17a81e91752f591a67510f95fed70277e530a0b2df40e11706c22ec31fa53c1633bdd18cae8d5f81a9cdbf6cbe2071e0bc29a15a0f8da17b970b2a255f66034ee2b8d5279aebd8443314ef736cc8877f63cf74b1ea57afcffff685b654790d2808056973ed5942a0b1eff9f9a579ff973f5ea72daa97da16b68e3673a015aba3a67d562dcf23d9c0d49fad7dc7a393c5930587e7134f5223a8d448c9eea6096d5daee0474879430adc1c28c5261a66ce95d9669576bb8e4cf5ebe4b2bd49a4edd6323179758dd152f4467c2de203fa6d1221b0c0d11e37a6e3a2b484bc9c07b9f91f394da7fe4bea5dcabafc0e4add1cfb250702f606ded8df35eff331aedfd9aacc8b7656d"}, @assoc={0x18, 0x117, 0x4, 0xeed}], 0x1d8, 0x4000010}, {0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000ac0)="e57b2098eebbf00e85c066cd616ac4c7f7aad46ad25398631c11a50d045d08af9c20922a4d95b0e6f376a6acf9baffa30229d37793c31505429b9aeb02ebbce4a2", 0x41}], 0x1, &(0x7f0000000b40)=[@op={0x18}, @assoc={0x18, 0x117, 0x4, 0x7}, @assoc={0x0, 0x117, 0x4, 0x1}, @iv={0x80, 0x117, 0x2, 0x65, "433075e40e764ff78e98d6e2fd28ab1e7de0926b29692837e244860a37ed45eef4be3fa9abbd4b13ca0aac110785fc948b1797d36763c6d368e52217fda90bbe4fc93ce397e33566a5f1637e9ab82231e64719d3529d653ab937022831b3a638704fe05ac9"}], 0xc8, 0x7a4e64b47bb0bd6a}], 0x4, 0x0) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x10, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x1f}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2, 0x0, 0x0, 0xf5000000}, 0x0) 3.72507506s ago: executing program 0 (id=312): write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x7fffffff, 0x2, 0x7, 0x7f, 0x20000006, 0x4d, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x7, 0x3, 0x0, 0x5, 0x24, 0x1, 0x7, 0x3c5a, 0x1, 0x24, 0x6, 0x1, 0x5, 0xffffffff, 0xe661, 0x4, 0x7, 0x89d2, 0x8, 0x4c74, 0x80000000, 0x40000, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0xd, 0x407, 0x5, 0x3e, 0x8f, 0x4006, 0x6, 0x80000000, 0x0, 0x4, 0x8, 0x400, 0x80, 0x0, 0x4, 0x7, 0x8, 0x4, 0xfffffffe, 0x40], [0x10000007, 0xf0000000, 0x8000012f, 0x8004, 0x5, 0x6, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2bf, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0x10, 0x312, 0xd, 0xea4, 0xffffffff, 0x4, 0x7, 0x7fff, 0x5a7c, 0x420, 0x401, 0x6, 0x0, 0xff, 0x1, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x4, 0xb, 0x4, 0x20009, 0x8, 0x9, 0x9, 0x4a, 0x8000, 0x1, 0xfe000000, 0xffff, 0xfffffffe, 0x7, 0x9, 0x5, 0x3, 0x8, 0x1, 0x3, 0x6c0, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x8004, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x9, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x10000, 0x3, 0x5, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x1, 0x800003, 0x200, 0x7e, 0x7, 0x4, 0x2950bfaf, 0xffe, 0xa2, 0x7, 0xa9, 0x5, 0x9, 0xac8, 0x2000bf, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0x0, 0x0, 0x5, 0x1c, 0x120000, 0xffffff49, 0x2004, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x4, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x9, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0xffff, 0x2000a620, 0x2, 0x5, 0x1, 0x2, 0x5, 0xe7, 0x6, 0x16, 0xfffffffe, 0x80000003, 0x6, 0x1, 0xc8, 0x9, 0xfffff000, 0x10000, 0x3, 0x7e, 0xfd, 0x9602, 0x7, 0xaf, 0x8, 0x6, 0xffffffff, 0x5, 0x5, 0x8, 0x30b1d693, 0x5, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff3441, 0xfff]}, 0x45c) syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fffffff, 0x2) syz_open_dev$vim2m(&(0x7f0000000040), 0x40005, 0x2) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]}) close_range(r0, 0xffffffffffffffff, 0x0) 3.481711661s ago: executing program 0 (id=314): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r1, 0x2000) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17) ioctl$FBIO_WAITFORVSYNC(0xffffffffffffffff, 0x40044620, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9) 2.921285903s ago: executing program 2 (id=318): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{r0}, &(0x7f0000000700), &(0x7f0000000180)='%+9llu \x00'}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10) 2.680464654s ago: executing program 2 (id=319): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0) io_uring_setup(0x7327, &(0x7f00000000c0)={0x0, 0xebcc, 0x1, 0x1, 0x24}) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000140)=0x4) close_range(r0, 0xffffffffffffffff, 0x0) 2.319208471s ago: executing program 3 (id=320): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000008300), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000002100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) syz_fuse_handle_req(r0, &(0x7f00000021c0), 0x2000, &(0x7f00000041c0)={&(0x7f0000000080)={0x50, 0x0, 0x0, {0x7, 0x29, 0x7, 0x12510421, 0x0, 0xc, 0x1, 0x56, 0x0, 0x0, 0x2}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_fuse_handle_req(r0, &(0x7f0000006300)="bdf25e6f0d10668122f289a6bf3cc1c9476de5625a0271b8d988a9f5d5e0081242133ed6d905168ffd12a79b9d0245efce333b69021258af0b7f8fcc7b0ce9b48ff73dc5ebaa2a607033a6220a60c4e1348d92f8d0e9c79504518133021220077e1e0b4e0c8d373c779e03dd36c1f9667c8ee6aa56c2b97e9cded8b1738fea65774c4c5dedf7be75405218742aa9f5348129b9893ca01e43a8f648e689adb9776f9008596ca8a749e94b7d7b906945390e6c68fefd7364e749c35484b0a7b4569e8d5bf6fdc06c3ed56c599d61a21ed03ec5b61f74d9a7400e9a0999404ac63d7849d3f1bc1e777d2c180220c4227c492bd3ee3f854e846baf93fa9759ed96fb69c9bc2fca51d1f24a68e735ba5deeb0afc2b017849a1786574a50b6818e3ee1029b2257fe2ede4b065637fcb05632587600d1090b004d4fc3dc8d3576762d06a964bcc7d31f94e09ecec7a999717dd639a3db03df310a0a4f26134d982e80f00d3f1f20693cf36115046f52734d0bafab657131682c6c415168b87cabb42a125fdd6cb8a545b717e1fc301c0798515f201f7ff7bfd35db7605f4ef97a91a6da5d5f88d1455edce0e86ea60901ea22aee508a567dfcf0f3f630d4e8be3a312a5d997bbb8fcc319f32c45fc62b09778bcf810b48a863c1a0ffeac68af383d3bfb60ad9f69f50bb11557bb2e966bd231c49fee49ec8c2174fd3cfd245c56a1c982a1f818a50713df546cf9d01b70e165d371ce0d2ba41c6758c46da7eb8078d2c7f2a2462a32e37129dded20ec3f6169a33d136765d9ae28addf3fbecb633aee9a7ded0ec160b5ce35c92b855ba8362205017afaf9e45758d5e256e35452f6d03ac89712e81445b32dfdd8cdd28a5af8c75df2a27922dbf5cceabff945327b5f4ec2e93c4b367ebc6a54f903567ff1a3f9469a466ecbfef5c39671c9ac29f14de1575de46ba2e933cdeb068259593e73da67f05858ba0cf3e0316aa1a91c21f1a1ccf157b2f4160b86dd67ea854ddd098f34c0421a7ab541b6d105f76ff19afdef08456da28244b25b61162093592e72bc251936db09134f590ca0a1b844244aa054a748b695346a5d49b979b4c69cdad7ef09f615196bfa2918c07e81c325370461cdc50aeb105b3cc51e0a098d9e49118da9c1bb04da247fc4e7876136059fe1ed10042383502b54c6e26082eddf83196d6b2c9410e4217dc8c4c2de483e328ccfbea9c54ab549a23ec98c9db241a67ffd79af97822bcc0a784e8f4e61c83cfb637f4aa1a80027fb2322bca99b65d4d64e93f3484c83ce7f46e12f7accacf74c5d0362198d60de93925e1a631ea6c786843261c49cadf482f3ff541b88d92f801a8610c195ad6e09e4a1bc15f727d09d063e23bfde60585def96e3963978f0686ca079e86032cd23b30222ff0843fa1d0e883d2d75dffc12bab0109b25ff08cf1caeeb7c39e5f438c7b2a9a2a366d32fa9fa0e2885a473ce6b97455d58d941b46faac1f2d8335f276f14232e193be1301416584c47062059e92ece4347c89aa9bf2c12b7c7b5ef7b3bf27ef23367ca3fd037fd9145f84e6852ea3eb624b7622411851134a7ef388e7799df33bfae12a35bdde94de1b10e0e0fe6b40d158409992244a4e27af355aaf7983aceb0ca6c790ecbe5234fd0ad063ae2ee1fe48aff51c35c5553fd1ab998abcb3dd7b0efb2f9c658fc4671e536c0ea75b36d59efe1901e971a750a4fdaf15bc0d1de7681a18c73bd00329d8a7a59c8dde6ee9156759386428a593d9bcbac57f2ec6387dc713703b30e44e655f663947caf4bf15624517bf3f4df16a8ade7193d0a69d998d970c07406a5892dc625a2695bc5c495079f2100ac033f912b5135551c923b61687574b1c43ca81ae9312d668415c8162aea7582b8db90f96181700ac22771b985c0c3f6081cca160efb1bdcabc2177d081ee618ed92c5af569721cc9f0453fe8e512d089a2aa0a219504ff51ba258f6b3737120e7d55e3ceed42c1aef42ac5e969642e3ffa8bc9e7319927ff971d450ac5a8a12ef68747b2574e89a64dcff67a36cbcf0f166371f98825c6eaa8516e27b81b8701d47fbbb87748a771265afff6fdf0acd2e9da1d759523feb0f33a6b27c050cbd5ea833c4859d7c84878253652dc4277a8ad6dd0b1b118e866cb90f7f29cf3a65cd9ba5c5e888c2afdfcef2b9dca883dcb7908c0a2ba0e76d5992430819f4f7d0369c53f737abc75e7f52ed95320dde44bf8b6397ef1ae719eb550a2bcad515ed99246f753d9d344f668c58c2343873b2af2dbb8d0c1c3280a5e8267a89a16eae734102bf4ed6aec57f4e29eaadb118f5407337387ec12f6629f8de94b2fefceffb735effca8865722334dd3a27c789c96c2fdc7f96d702fa5e360a460856c3559ac65dac1aae0c10712cd99e8f7c9188a43460c2e3775f27518893628cb5f2cd25985570ad101b3ba16a342885d65ea1befef80aca975a3f8428eab9999124aeafa991f68151eb7ab9bffe132c8ad1f2e0ad79e0cbc0806aa46c0c53b6f1217dcd88f197a3c6ddcb5e1ca9c278d02736ab3f81db85d3fd751c38bdd449fb3f9e52c2e067fb8761b94ccf13e4958cb1f703d327cd510089ae4d10a96328b950689efd262f43470dd47c73327c63cd882432807a65d9d21ae39b57e27c14af2b6792c6d6687526593ce97e8000eb49157553fc6fc9e4f040098b43e4308aceb1c5f87f046389b3174cf96459460927b0fff05764d398c7c5e987ec4b08259c4a41a4fd293e0106e2c522cff08f07cb4dcb7165dd6ba7358bb7d389aae1bd76957e1b69e4b65a0443fe2ca48722b3babd8df8c53b6fc1fc0537defa60e79bf6f746771d3be7def7b14a813087804fdb7523566c47041014d0e4eb8e0faa6db79dc05a54299e54b34be446a3d3b0c073e212e305a78a190034885174fe25443061447ea7fa094f104b10dacc382cb353c96e3cf4993aba3b7271ecf3828feaa2490fa03697ac6bcd841130a175d7275033da3e7c094141d2ce798e8cf25b4b9d3356c0d74563ee9b81f9b18d10bf25988ce3f81ed002095c94b2cf2c8799f4e2194b11a6f4a774ac4fbf5c78d8163e681271505c17f47e71cd03a20490241c1f144ae59b19cce564475575e0af7f41984ffa6f5f8b365a338687ad494a79317679c00d74242b4155fb0a06fc735793d66bd6f252a26278896b6df70a393a21b0a9b80056c505f7266f296bbc3587af24c06476539cd1bfe1f20f818c778fd712300feab31861b31c254211c42d9f27ff3f41f5bb170c15b3daad6dda056065b24107ab3976549a353bd6f2859d84fba3d21f4377b1c5a0aa4fd039c485d1bdd8017817cdea1b8ba5b52c30ea06ae1abb942abd1917626deb37297d3df42cc848cd01622f13ad081f9d2c96384f6b4c72d4df9541b2cb36ec119e326f625aba6436dfa5d986cc8a6a15e082e2111c26a6da1d1e387445a7fe5a9ccf05dc01d08fd1b16f768b5b3b8b464976d480f4f1a44346ca5f01f29eff48e2ad585cc32f6c00e2c045c7015cb46f70052e4935c246ebcdbc7c3d091c825f864eea2dfe25459b6456f7b52c168fd565d250514261d171d65c8e9ef6fde70ff716b7c45a24f9666462a0919ed7a1a614df711c7f5b24dda275c71fbf973ed4f8cbbba5ea15bd7e5aaad972711159b20751f5fdb91a223f39cde6a83751a06c1ad0536d387bf3ea4a3d7e5e90bc52f4d101c045d5ad32fb58e45fd2fa2f5c8aa0bb40957465b87bef7fe6b76c16c8d07ecd51edb49faa5bb0070aba2dad3ca7eea1955d939cadb75286904a02db81fceb6b6b9b16ad84d373d33e134007fcdc02d40472fbbf70b57a53b6e5df122c0f8b3d44dc045104690f2d78b8cd2d0905d5d66830cb9125fa041d0fc2f08e20f9fa70bd17815cbb50f8019048d05df1673e9c8cc83e17dc91fd74b024b2b56b41bbff26016c6638b6ecc16deb349ee392776962746d62751b5672755a845b443c85d7c53605f274f3d5c3edd6ecd15e28545d2aea4df5d5e4eb169af361159249daf53f1339c1819370ad4d3ceafa7dc6a9118a2f1e69c4db409093eca05ec1cad8d606db1c5d3b58609eda4f1e71ae62765d79501ce8de42e60cfdc08517559f9c65e8dfbd73a5f971aa96f2cd20f1763e59d3b15367e0b206e97d5f5462e81299743e1959376fcdfac93855ebac2b5235b0f03c58eeaffcea40be5a9fe6bd290deddbb28db6539a72936a1953cb4a558dc93271a54d1e05cc3f4025c0ecca369b0d25d47c3e66049045d0daf9dc9fbe2c69d217d2e6939bf6d1875cd23b73d2e921aea9eee4f1f9b036e8f5cbb0100710c1dc27d1fb37ea26634dc827bfe42d094ce9576611a6bce6b67467f983a327e9dd34896672f257b41b8bee33a041ce2e83a65fad93e1a2a06854a40fe3751997c5233d397e5ce5ea676379527ad0e298fa62cd91ef89e9876db8e0909b60ff16c4a0ba01307826bf18c242e77af8ac40c681b8ae2cbd58c4eb4e6a580bd3f57bf1ffa44a1d080426d3f8c733568ccc75a61980ec92b5b0f4cf03e3ece177954c21b90b7828c9113da0fc53f6f5c5ea8bea08e14a12b889fc705ee44d834f184532421a584bd7301c9bc822deb7e71050a8cf0cd7f96dd2fd93b9d7306bb9702af5b88b2090d2b67bd88a299704e8c556b9066e35e4c864cf1775a6ed94a9685e996c4c671cc807f7c09b45559ee079d56547179e1b1af630c4ba04717cb5e88c0caadaf57964f5197d9d98a7f5b5e622c3eb5844645c4c2408806bbb4be5778925df16518c06597b243019bdc690a4723548a658529717360d474cfb6fcf30060b320cac29b2e42ec4f390a6c7a15274099a64a8d71c4a84e86d206cd2c7ee8125b19752a18dd2eb0dc643aa6b4494760f62acf187080281ec7d0a526374f69051e6aa13d8321372bea8d9e9c7fed4d0a48257e5c7463bc0a0165acc4712aec8cdd014de0b98d0de9b0dc3cc2d40c3be3ea3edb04b18f72209da21f5900a4ef002aeb88a364ed0bb102c2e164ac4f0dff7f082c3757b7ee1cd0e3b1ad45dd77553a4462c8f84ae21f8246281a02160bcf90c00b7816f93524d4d6577c6432d97da328757c3dc06c06760c82946f9f44e909cefaad0734094d8a9076abfc79c79bdb9bcdfa13697bff6f1a219653ac96882d615fe4757b76a8235f2f5e5978cdb5c5bacf4217a56fc6416943552d6e1d6c3f2e8801322368855aed0c5302d1445cbbeb5ef970abd8b5316f0c7cb7f5bd023c619ecf6b1714705a48b67e7a5c2f15bf9c90f6ada82d36484776d20f464d22b88b5d99dc2ba812b9f38754ac71499705f83875eee065482e2fed4c5f3537449857f409c635dbb2c0565ce9f23bbb5bde3ee0bb94f3fca1b5a0d78825c80f50a839a4b3fe6439fbef4190f8ddf1012990268aa8c87b91fdd210530e0bee9c17e35ee59e519801f7fdc72e5d1b96793ff13654b8eb28c2f1a702b1c5ed694d567e70981c596d9997a3e9133e3b623ea071bbd807c86ee191f02400c53851e567f2ceea1a80506af359cdf36c3cd9963d5cf3d32c64f4f7706c78a90d55f6cf12373fac70e17aa1bb6688710eb3b62ee809de762e5093cb326ed56c57b164fd73023021a4be32ec50bbed23bac420880af3a17a5f3502c95781e6251f88b17f83a02511ca782118f1bb07fe73d50fb70043734df8c82f07e74bb4500179d3c1e33d4075aa4a873eec1a34fd09bb3747825e1d821ce6e4f6b8270b0d1123499ca176ad47613bcd02b4825ad70ec79ecd1dbb496737d5258024898dde00e62b0b594f0e830f0c8475a3638ed4c438e87b6919314f9f2b5f81b2c42a9a0269477a637edc4b06486d41e093c65bb26acc7968320713fcf9551e9c6a855dbf7d3961bda89df32fbfb67bc285a1c14692afb72fbc6587e255627fed4971e8058248a926fd586bfa25aa19dc46b3f51d402f74724abcbbea314d8127c7e92ce0adf8af38b7047b8d5269e145c2d58158d178f0d91ed03a451e3a324b7add7377675ab8a56c5395efdaabaafcb6b1348e984677353e6f77296fe7e75a5afe6d2bd1e26be62ecb84801c20a462c4481762d2be207dce9c49e656133c605b16a1b4ff683983e3ececed23fb6540f0dd89776d525f5c4e07a3f50968f35b0bf92cd65514b1759918e333637d383a1810e28a822fb20151878461ff61cca3c340cb23f9602d03c10d4b05d4f712521921148c3e249358925f87d00a351ef7917b4e817a7a1d2191e6bb026dfb8e2ba08e52f1e43346cbab51a45dd2d8bfdd252ec79a7e9203e97a576a7db467def3ac0b789a6d52015712e89bb0df0879d2868d85e2f2d2c90547dae52500db275842eca910e48f0c43fc33fbd179d39ac9aab6e0f397f8eaca95793d8c196e49b050fd9815994f700ad4d22c07756fce9a755768be74dad0589411935de2dbfd10d200da75b4a4f9e523e763034820afc8c7d02132bde03108293263f84d7ed165e587733d255e4c11fffd52f72725fd0238dcd5ff815fd22c26126aae530a7d01e60c14f4f8e701ab527b6483fe78125c5e4402ff51c721cee92e5dd6db40e28b21532a21facbaf396d163237c5cad61a05e9c0c39d1ce99152687a16104787d87b092e9037f147da8bbc0c6456bbe7a2006742534010f507dca79ce8b59097e0cbbe312f48fc0a3ea84e7a484b266ee766a85849b464d93f872acae4af0ff5c7ea06dfb26a66674fba6e8a9481b49a41bed7becbfa680681834b1a3d7961d69d592fdb403d1566770e0173cbf8fa14956e0539a5a4eeae62cb6a7d1ec9e9d9a36b30b511a615395b470fccab197139818a30224c4f053d35e8d9897141c8a94012f8254f325b8ddec5c0e638c09e2cef80cb4e16bd9aea09b86bb48548b012145ef88932040d7cc59cb0265ee451e243c08d672ddc06de38dc15daf50a8ec1c18b9bbd87e2158ea8fd7a7559fe94d4c6680e304e2d500ca016e68d9f8a25271421b9deca3c8067f59a8f3edf2ad1cd20f15e4c820d703b6ffb6e368e8418bd392994c931c50cb4c858a7db9658e2a468fe06b416265b5e236fbcdaa86cee8ef146fe78628ed35c6aaad5bc455ecc2197ae951940e5bb64454b488a3b12e4b67e84f5a35a1daec5d95a33184f6c30fc553f5d0955a797831aeeed051fc7619471e77f5c5c8e40af7d6b354d039c4fcccc8624360cfc8b4a4a266e581f87b2822e1096741e804ad6a70973a3343822bc4138fdb2cac87fe7a74d0f71473668b3c62f00c622f8d9a25f6970700000000000000f412d53976b5fa199c0f85fcec7a6e8ba629b053f1a26597bdea2c53bc17fb1bca3d6ba561ddc17cee05ad161c20a24b420304b805733d613f8c67c6014a873f3d5f4ec973ebaf0078114db4fc6b607f2f9aefd61f439d80dca94c297081f005b63b26012d39d88b32e36d73b6dd5cc1838aed1d594bb3991f4a073330884eb07c2157f6864bec324ebcc8ce6a49c90cd2541323d95fff147ace0e70a86c6e5d758e37b12b6a280f72bdde00411c803607c4241a1d62b595925503636590b2a4fb910b1577026a83629fc039207b6d355e6a06353daf4a8b0f2e9c412044105df627e8686cc69e223b11c961eb00561144defd02ee6f5b8c0db6a314afe11cb68a66b01974c6dc9e685b013b654d9c7a450f7429cf2a26f6e34ea79895051d71b06b1903274f30fe2fd107b7e7bd477d70bd6324824d39d0e07b0f90e5152c562daddcb258a0faf8a9941868e7463910d35da02696ccb6b16567576bd8397337f20c5a5db9ac04fb302c513845883babdd345d7eebbd107fe0d2cdbbc01d5e40c56660eee85bba1c7317ec59a572a4eb9d1fea5d76dfb3e01f416ae4a0795eadd5f32b17dad816e37d630f9a433a05bbf091de03fdb0f4a5c8d74c0846d0fdec786a2adafd535d82401923eb5279009a2a247f41db21afc647b88c82529b65bec96dc5bd799264d32fc15de8a909946a939701d5c60269d0a631d4d9263ef527a69e5875339d5d2bdd0a2cbd5ccd58127b524bbb114b7a306ea220fe082db0e0db14d828cd72900c77dbcad0bb760e85b2986fc76d98e76a327253327bfb4d23aa1d45629ef71e30e453e19acc470538b95c3b77d84f376a5b485f2f5156392e22a99716dc90e653c1eb6343e647c41a60a2604b001f44c2e65c7f0d5040a405e948d9be5cad3aff848de9e9db6268a043c91e666226bcf9a8dadeeda32db2e14bece95d4925e06bf26cf6665000f98e47c4ca4b5a7859f28cca8c7f1b3340bcf616920c3cd53c2789364b03e6a291817766888425b0ec7ccc484d5474a02a7cbb821b058cc853fe830f86f6cb1ca73812dd919f1c79a7dfa13d310654176609f8ca482c3fee11dc8d843116f5a775fdeccbb975d7e833f081e16d914e0f7154a48668c2be7ccedccf2edb407975630e4ae24a16d818fea03b141dea14cbd404ac9b01dc8d0cba227cfbd33f33d20c9101a71f33d1fa832ce68868907be9fd8f9f6a76b03eb4eda0c55d83c57cedd17e3e96d267410287caa26984f84903b8748579a6879a301e7393ed1467cb98be15c34d6d5c0c957e1a7b941ecefe07b9954e207c76065c1f668ec143c533dd3d863fec137f2a00d746d349d8cf9fc438eb9aa22284f75f73891ede03d20757df1df054957ec94d551cfa56f10b2044e257e7d75470dfe0cc6094b8a1f2c6198cc89ba6df91e57fa87340edf426702aca7d2b3ef46b78335c2442b0d775405ad2569ad7ce46dd3494dab4d98d78e7f393ed6816a5b6c9356b7409a5cdc00b4ea99b7823c744e46e4215945cb02edbdf332d7c109fc4a83ceb2d6198fcc6f3a835679cad70c7dff7dc605450d5fa7e29f9b32f5a1d53d12e2561361346c55dd3fc79e2ea2588fbb8e55c42e55c8cf22ccdac9216be9fdad10efea56c393f6f58896a0df541141f829b50e5e7208f6218bb683208af0c542ac5636e5c2eeb15044072f28a9755c63ec67baeedf0941c6d0c5f2fd702ef1011539932368dbe1664de988efbed22a43b215ae69eeb5312ac5cc966ca12f12c034ddaaae340cd6e89e42621053db7969cd9753a72a6451f78fbd8b4840329b6c6eb9bdf365444276ab81251f6894fe3d125e8eecf30f3a98116c96d2de30a1b195c1d10ffdc731b78740a53f09bcb66b6b237bc56f9426135ca651d9329540c386dc5251b537c4b8317460b0dafbc3d4f1b8d6a939e51de59b22d32e5daafb5f0d469e58567cba1f327e67ee8d0f53b041fa643a4a594d4cf28a0004aace404ca95b58a1e26d601563b188fdd2c97b8d8714913c3564d0a445d35060ed2ce20daa4174cb92653626fa9bd10513c8006d757acecd7eda9d41393dfdd683ad50ab4de8cd832b26c82edeb4af5013f43f297dbf502b62fd6c2ced9641235838853c2aeb447fa06b6ecd1c11f17d3261e87aa1ec86ec8b23fd4281f33469d7c4414b60268367d38d9235dfe3ac4c7032e298d0cbee4b705f4085f5653b4637a80ae575b44c6f1a2374b899e061d03abad5770355673020afdb8fecf5be2a8617aab331646f05d49bf5beefd650bfd240ed3b5abadb21941c4a615004284ff7927ef9a745e3d4208dfabb0b04d04002bb7e449ca884373fe4ebe35e18ffd249e992ba779284b1064b1e27e6aa0c4c88e915246e029113b4d01b53583b8282ea1d5d4a305d3e20f894af640abf9e376d6b1c6fd3bf86821b4a57c5c22d8172ea40daf2b398dc0329d4b7dd08c75c902f0368def10217234bea599509a7e61b4a11915009680613bf69f2f4b38e7595449a20aee13949c688a69cfa73af328c7df7a494d0e8d249cb3c843149b11bdddf34282db31b156261254472fbc2e12c7b7133f7d273ef472761b58e7f8e54ea2861ebccfb141e3b245b5e4a75204d12ff5d7b0a44ae039b3cf79869d24f1602060f81785a851b996a3693856c6b2e90f27dbd4be518ae3065e692e5f2842380e4f5cf91582632e6d36b260c27a1e7ae80b47d14067db8720e619c7323f358098ef054fddde357f4453c6e7ace38833ed1c9bc9bf0c054564b79885cc7c8fc5d7ebde25f0307067816067a4a96ddedfbd268ca19a67207ecfec5598a442a1c0e823e012ced27c3266c6721aa5718dc076e7f50023a49a40980bc0fcd568295c8d4c59f1874aa944b88901e38c803ef52c226a7daf055f4ec3bbecd878654a456448e552a0fafa64124688dbd7f3787af8b3fdf661680ae309939542337ab22f510ba9ab1a7229f5244938e9324b0b1ad22ad9e16b84f93cea693186a5c76ad7f74e7c82ce6cb9a9ecf3a4a1a6d06a8fdd6474ae1aeddfcef270c6c637918b7aed3d5068e17d3642e9fa66c985b2dca5b38ffdb3545a4954d0a5813bfec99721259562b80696dadd921e9f18978d21dee1129a386623cf93c804aeb4e511ee8658fcef51746dbe1f87285eae850f008f3effdb78994e6eb370600c1855f672de0b750ad56c22aa937c1eaa8a7a333fc55f814e878bf71e8d9717a8f0854635554f07393ce04cb6d58e9ac0f5808d9158fd6320fdf75b2db9cd0380418e8664b5ccdde967b8a76e8002683849fa507d78e971f7118b2eba2c025dc359684cbd7b6b2e41ed0783da3fa2ae2de5dcb2db67d06a21aa419bd465ecc378842219a55f647535c7f4002061c65338d9c098ef31b77297c9905b91555cb436b83cb88e48821fe750dfcb4305e146b7f68265a35331017dcd902071a8b904534dc26a017f2bd14bcc65963efc9a8689298e039ac717fd460703e7d08ead0ca43c3c88ee423ed92a20e0b7dd6636313d057b97fbfead33d0aea2ff50c57df057bdd6c7470fde9bf9f1fbfc7ddcea22c1ce9273705be952464b3d48aacb7a96e5ddcab0b4d7b564d12b66c07663e05dff55d40d7a2371ead0f948e6921b8d271f8c710f526844db88102e68c3ae1a35a729af6d6521dc587f83ced8263d6d5801dc8b9c11659cca84c6e4076021f2747769cbf50d3362602f6491a1c3734a62aa024e060e69b32a5ca8f5ebdf8deeeda60405610fd182cef2e4cd534ee31db32bb13f0bdd53799dc438c38ac0a49be58f0dacb53286fb7f1648b8eaaf4c997689eb703594f55fdbac9840b91696f1f2ee8599cd84d3a904b3b7515fd22866cc0c2ef1f8db911593801474bc90bc8151ad4b0da717cba6b388440dbf85cfd6fdf874960712e93bfe9cb22bd84139c0e3badc70b36dfb9edb4f4d4b45514e826c5dc0972a9596f14c0b4de118253de91aaf7c6bec8f95ea509c374f35543f678f12e467c394d21f613b446607051943ebd5a49b729e91681f54215f9d1c330e264efd1f214b7196e72eeca6796ca35b17e27c10cb6171e7eb520fbe0394f7399b65fcb0014a5c3b9c9c10b14877520d0a572b8fdf5e0bccd328540422a4ad906e2e358a6916dbae6b36aa8c3bd4514c56fc2602bc84c7c571af4f667eb7c3015f3ff85a6a309db43c6c1dcc922951fbc65c659d4b9c65608086ee33151e02596976109e3e2de848dfcca7b771c1997b9fa6ccc7e0299303ad5d11700611ed70b809ea039b00", 0x2000, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={0x78, 0x0, 0x9, {0x101, 0xa, 0x0, {0x6, 0xfffffffffffffff4, 0xbdd4, 0x3fe, 0x10000, 0x80000000, 0x9d1e, 0x4, 0x8, 0x4000, 0x2000007, 0x0, 0x0, 0x80000003, 0xc0ac}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) chown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) 1.909681743s ago: executing program 1 (id=321): prctl$PR_SET_SECUREBITS(0x1c, 0x24) setuid(0xee01) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f00000001c0), 0x12) 1.839473443s ago: executing program 3 (id=322): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000002240)='./file0\x00', 0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c666c7573682c646d61736b3d30303030303030303030303030303030303137373737372c73686f72746e616d653d77696e39352c636865636b3d7374726963742c73686f72746e616d653d6d697865642c6e6f6e756d7461696c3d302c757466383d312c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c756e695f786c6174653d312c726f6469722c696f636861727365743d757466382c666d61736b3d30303030303030303030303030303030303030303030342c646d61736b3d30303030303030303030303030303030303030303030372c757466383d312c726f6469722c73686f72746e616d653d77696e39352c726f6469722c00743ccfec81d6c7d05b0f2a54ddce151ec4cbbaacb9552647fd950fedfdc024b3953e7669bc9d4f66e3beaecb80fe73633280b1d3e82023d4f5c7f5a4989406c0f0d0cf537f132dc1e63d84a17532cb78ae7a368bc0029207b9b166705972f4e8dad041e6be170bf43057b456d43f100c53b471aa6c8e3751", @ANYRES16], 0x1, 0x2c2, &(0x7f00000006c0)="$eJzs3T+LI2UYAPBndpNJ7iySwkoEB7SwOm6vtckiOThMpaRQC128O5AkCHew4CkGK1sbSz+BINj5JWwEP4DgB7DzioNXJpkh2btJsoHLrX9+vyL77Lzv877POzPZPyzz7sevziZ3i7j/9Ze/R7ebxdEgBvE4i34cRS2llGJl8G0AAP9mj1OKP9PSJVMG5UsWEd3DlgYAHMje3/9/OnhJAMCBvff+B++cjkbDd4uiG7dn35yPy9/sy4/L9tP78WlM417cjF48Wf4toP5poXy9nVKat4pSP96Yzc/HZebso1+q8U/riU6iF/1FdDH/zmh4Uiyt5c/LOq5X8w/K+W9FL15umP/OaHirIT/Gebz5+lr9N6IXv34Sn8U07i6KWOV/dVIUb6fv/vriw7K8Mj+bn487i34r6fjFXRUAAAAAAAAAAAAAAAAAAAAAAP7rblR753RisX9Peajaf+f4SflJO4pa/+L+PMv8rB7oqf2B5im+T6nTihgNbxZFkaqOq/xWvNKK1tWsGgAAAAAAAAAAAAAAAAAAAP5ZHn7+aHI2nd570BD8dj1iQ9OGoN4NoH6sf0fW8aamwdqR1+LR5KyzecC1pqMq3DJpHNd9soity4lWux65v9dJ2D+4tqnmH37cd8Du7j7tbefn+QT13TU5y6KxTyfqI936mv683iePS86Vb2pKu2+/tSBvbOrtvfb8pUUw39Insm2FvfXH8sxVR7KnV5EvzmpjenttN47me6P5Wmx6pzwjW7yt8+f3xQcAAAAAAAAAAAAAAAAAALhg9dDvM03XdqQepc7BygIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAF2r1///3COZV8iU65/Hg4RUvEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP+BvwMAAP//QSRWPA==") r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0) r2 = dup(r1) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x28011, r2, 0x0) ioctl$VFAT_IOCTL_READDIR_BOTH(r0, 0x82307201, &(0x7f0000000f80)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) 1.761186973s ago: executing program 1 (id=323): write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0x1, 0xffda}, 0x1d, [0x6, 0xc95a, 0xfffffff3, 0x9, 0x7f, 0x2, 0x801, 0x7f, 0x6, 0xfffffff9, 0xfffffff2, 0x3, 0xa, 0x3, 0xffff2d37, 0x1dd2, 0x6, 0x7, 0x0, 0x80000001, 0x4, 0x7, 0x3, 0x3c5b, 0x1, 0x24, 0xfffffffd, 0xfffffffe, 0x1f461e2c, 0x24000, 0xe661, 0x4, 0x9, 0x3, 0x7fff, 0x4c74, 0x8f00, 0x642, 0x3, 0xa, 0x0, 0x1000071, 0x7, 0x7, 0x80000001, 0x0, 0x5, 0x3c, 0x91, 0x7, 0x0, 0x3, 0x5, 0x7, 0x8, 0x0, 0x7e, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000004, 0x8, 0x12f, 0x8000, 0x10, 0x8, 0x129432e2, 0xcb, 0xf9, 0xd, 0x2bf, 0x6c9, 0x9, 0x1, 0x7, 0x0, 0x7, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0xa, 0x4, 0x4000, 0x8000, 0x9, 0x1, 0x1, 0x6, 0xfffffffd, 0xff, 0x1005, 0x7ff, 0x5f31, 0x4, 0x0, 0x6, 0x2, 0x19, 0x4, 0x9, 0x8, 0x9, 0x6, 0x5, 0xc681, 0x2, 0x7fff, 0xffff, 0x2, 0x7f, 0x9, 0x5, 0x10005, 0x4, 0x1, 0x7, 0xb, 0xf, 0x48c93690, 0x3, 0xff], [0x4, 0x4, 0x0, 0x64e, 0x3e8, 0x7fffffff, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x6, 0x5, 0x5, 0x2, 0x1ef, 0x5, 0x8, 0x86, 0xf, 0x665, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0xf, 0x8, 0x4, 0x6d01, 0x5, 0x3b, 0x3, 0x200, 0x80, 0x3, 0x4, 0x2, 0x0, 0xa2, 0xff, 0x53cf697b, 0x5, 0x6, 0x54fe12d6, 0xbf, 0x200, 0x3, 0x400002, 0xfffffff9, 0x0, 0x6, 0x5, 0x0, 0x6, 0xfffffffb, 0x120000, 0x3, 0x6, 0x9, 0x1004, 0x3], [0x9, 0xbb2f, 0x3, 0x7, 0x5, 0x8001, 0x6, 0x81, 0x0, 0x5, 0xce7, 0x1ff, 0x2, 0x8ad, 0x4, 0x3, 0x101, 0x10000, 0x6, 0x7fff, 0x8ffff, 0xa620, 0x2, 0x5, 0x9, 0x2, 0x14c, 0x40060a7, 0x6, 0x5, 0xffffffff, 0x7ffffffe, 0x5, 0x8, 0xc8, 0x3, 0x4, 0x9, 0x3, 0x9, 0x100, 0x9602, 0xa, 0x2, 0x4, 0xe, 0x1, 0x10000, 0x1, 0x800008, 0x2b91, 0xa1f, 0x7ff, 0x3, 0x1, 0x6c1b, 0x0, 0xb, 0x5, 0x200c, 0x1, 0x200, 0xffff3441, 0xffff0001]}, 0x45c) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x822b01) write$char_usb(r1, &(0x7f0000000040)="e2", 0x918) r2 = signalfd4(0xffffffffffffffff, &(0x7f00000008c0)={[0xdcfe]}, 0x8, 0x80800) mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f00000001c0), 0xa, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}}) 1.617683661s ago: executing program 2 (id=324): syz_mount_image$nilfs2(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000001400)=ANY=[@ANYRES64=0x0, @ANYRES8, @ANYRES32, @ANYRESDEC, @ANYRES8=0x0, @ANYRES32, @ANYBLOB="e5f0986a95b4a041c6140884aa3ee1b8a51a2f195aca4ce79a3b534f3fa12c4e1790181917f9b22d45f7d86339c33c4a5e4f7224ec19", @ANYRES16, @ANYRESHEX, @ANYRESOCT, @ANYRESHEX], 0x1, 0xa7a, &(0x7f0000000980)="$eJzs3UuMHEcZAODu3Z21nTh4HGxinJDYBJIIyG68a8zDgjiKL1gx4hYp4mI5TrBwDMKRIFEkbJ+4kcgyN8RDnHKJACGRC7Jy4hKJWOKSU+DAActIkThAgj1oZ6tmZ37PpGe9j97Z+T6ppqa7arqqZ3t6+1VVBTC2Jtqvjfbr5TcvHf3nQ//YtvD+8U6OZvt1qmtqIXeZpqfC8t6bXIxvvP/KyX5xWcy1X/P0ZNdn7yyK4nyxr7hSNIu9l6++9vbcU8cvHLu4/53XD19bg1UHAICx860rhw/u/ttf7t35wRv3Hym2dObn4/Nmmt6ejvuPpAP/hWiqzOcPS+cDZVfoNh3yTaUwEfJN9slXdOVr5Hxbez8Xy58Oy20MyLelovzJcI5ShvrAKMvbcbMoJ2Z6picmZmYWz8mL9nn9dDlz9vSZ587VVFFg1f37gaIo9gnCuIXWjs6PoPa61Be6vgWAWsX7hbc4H68srExnaVPDlX/9iYn+n+/VWM06Mj7We/tXflx+bz3Wu/yq9f/NhTVef8bK8FvT1jWtx2rL65V/R9vTdLyPEJ9fWu7+Jy9vMixv2AOAQfcRRuX+wqB6Tq5zPW7XoPrH7WKz+lqK8/fw9ZDe/fuJf9NR+RsD/f1nw13/37ZUudrrIgibO7Tq3PkA9ao4rY/PzbWSnB6f64vpWyrSt1akb6tIv6Mi/c6KdBhnv3/xp8WrZdG3PV6xeP7f/rEMez0sX2e7K8UfW2Z94vXI5V6Pi8/9LtdKy4/PE8NG9scTT5/68rPPXF18/r/sbP830/a+L00302/rSsqQrxfG6+qdZ/+bveVMDMh3d6jPXX3yt9/v6s1X7lpaTtG1n7mlHnt6P7djUL77evM1Q75tKcTDpXh8ckf4XD7+yPvV/H1NhfVthPWYDvXI+5WdKR6tuzFsVHl7HPT8f94+9xSN8rnTZ049lqbzdvrnycaWhfkH1rnewMoN2/5nT9Hb/md7Z35jonu/sGNpftm9X2iG+XMD5s+n6fx/7juT29rzZ05+78yzq73yMObOvfTyd0+cOXPqB9544403nTd175mAtTb74gvfnz330suPnn7hxPOnnj91dv7Qofm5uUNfmT842z6un+0+ugc2k6V/+nXXBAAAAAAAAAAAABjWD48dvfrXt7707mL7/6X2f7n9f37yN7f//0lo/x/byed28Lkd4M4+6e08oYPV6ZCvkcLHQ313hXJ2h899IsWdcfxS+/9cXOzXNdfnnjA/9t+b84XuBG7pL2U69EESxwv8dIovpvjXBdSo/Hn/2Smu6t86b+u5fwr9Uoym/HfL/Znkfkxy++9B/Trl/f/O/ov98WrXk9W1Hs0J615HoL9/bbj+v9ckLHX4WXtdus4Yaq+LsNHCjVartZ7ltVofNYqHsaaA9VP3+J/5umeOz/7pG1sXQs52/Yne/WXsvxRWou7xL2srP19YHNf1H7L81R7/szP+3dD7vzBiXvP2yv3vL66921VssXdg+VuKnvLj+ud+oHctr/wPUvl5bR4uBpXfu/6tX4Xy4w2hIX0Yyr9jyPLj+l9absGpwP+l8vPX9siDw5a/uIByorce8bpxvv8XrxtnN8L65749l7v+tztQ481UPoyzURlndrl6xv+90Fr/8X9XOMJQfA7ji2k67wjzcw5xvJPl1j8/X5H/D+wOyy8r/r8Z/3e0fTXFVb+HPP5v3h6bfaYnuqYbfb7bzbqvgVH13qrd/+t6Ym4D3EcRxieUtrnbDq1Wq9abfO4w1qvu77/u84S6y6/7+68Sx/+Nx/Bx/N+YHsf/jelx/N+Y3r6u+OHSoL3x+4rj/8b0OP5vTL8nlBvHB95Tkf7JivS9Fen3VqTfV5H+qYr0/RXp91ekP1CRfndF+oMV6Z8Jf/GY/tmKzz9Ukf7IR6fP/6ji85tdbo8yrusP4yy2z/P7h/GR7/8M+v3vqkgHRtfP3jjw5DO/+3Zzsf3/dOd6SL6PdyRNN9K5czxfitdPJlPaW2n67yF9o1/vgHES+8+I/98frkgHRld+zsvvG8ZQ2b/HnmH7rRp0nM9o+VyKP5/iL6T40RTPpHg2xQdSPLdO9WNtPPnbPxx+tVw6398R0od9njy2B4r9RM0PWZ94fWC5z7PHfvyWa6Xl32ZzMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNpMtF8PHtxTFsXlNy8dffr46dmFOY93cjTbr1NdU43O54risRRPpviX6c2N91852R3fTHFZzBVlUXbmF9+83inpzqIozhf7iitFs9h7+eprb889dfzCsYv733n98LW1+wYAAABg8/t/AAAA//9N2hwq") r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) r1 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x80044940, &(0x7f00000010c0)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$msdos(&(0x7f00000003c0), &(0x7f0000000340)='.\x00', 0x126a4b5, &(0x7f0000004140)=ANY=[@ANYRES16=r6, @ANYRES64=r4, @ANYRES8=r4, @ANYRES16=r6, @ANYRESDEC=r5, @ANYRES16=r3, @ANYRES16, @ANYBLOB="9a7f40ad4c7145903a868b9020e1e8899ed5747db23004fc9d248900abcaa6b065cf0800930a71dcd8b8955d93c78b9d4e5e06d8d5c9ac9b75d177754d6eba23e6d2be546c0dfecdf61baf732950a5729c01fbdc11e36cb411be200a9135657acd97d21ee46aac313ebdddd9265af16558dd3e5ba4836659a6abfe08aad84276acf949bdaa34bdf7f7b2dfb2fe8b9d6d225dcecebeb6e15f649994728842bd99fc94897d24315ac2d17bf6c2acfbfa8464d80f36304f88b906b78ab359be3479db5b0e7555f04416807c2202d6551f2425440be741dbe053e0bfeb845623e722a9293843f1cf0a71119dcadf7e353af4da52aed3086d6e5a095774248be9a1b1418dec1c03a2cb0ece0840ebeaaf7b67867da45943b700e2d6dad775ae6f33e55aa86ca84c336c91e3b7d7224f7a9a10d5b45a6ce0769d875415bea136b5508e5e0a88290792da3b11b2284a3d757c301cec78b55d3fcfa073615ccb089f66c5b9a5c84f6c1bb78c3370c4687eab260711fa05525687c7709e15cddea061f70798cbf940ad929eb80f33ad8bb4fcd322dd0558f111d7d01351147976b425a27e573402490055054cf3d80bebde6a89f3086170633740f08780aac3a73f17eaeda8deb642c2887962596b4d78c0ffffb28d0e64073b0641f89cf83a69afaaea03ba6070838fdbdaccb81630a6fdaa77fc10146013b9fd79e965a320daf81c1a51f032a3f462f2740e579eb116cad80b4e233326bf94fea52184517accf608b1fbfb395942869841b9ca0f314beff6b2dc0a74d7599012274b24775f0382e72907c1f0c571b994f048c0266feb775d893fec84e5733cd66a96cd45b60f63743b17b05d99c427a2d00a27fef17cadf128059a2e227b80701755b0bc706f32255c8cd619fa995cc7649f28337361a62cff46669fa4cf095a2d148987a9fafa6e1fb9f59b5ac5ff10a4c62e0187a3c75a983f7f5211142c6c09170a13e29c2044e5568bda8055cee4722e445e83ea01307c42cbe63a5bc529e1200e5874f7500275abacd6cc0e3bf8fd38ab7bab39f54d180d60892e2e3a713a3e654c89b8e9ba4474909991844514c04b655c66ccd6f2a17e29ff69d343ebac7ac5e1510ad4ff52e6a932a97bb0d814259da6545022152dd63f06219a1d66ec2278b694876ed6195b0543b8c9289b8438e8ee57dd38bcdb045a6fc4cede28effaa0354afbd4190fcbccd9a0e91508e4399e0e30a0bfdedcc19454b6dd7c2785a6e4fe74a0ece1d683ad07d76eafec02fb0d88debfeacd3531413185da0ffa4fb9b5e6d5a916f7bb5d51efc8ab61e4953fc6b2d1e670769f3ca56d51b804ceb118278acc90422e1f51e448a27d2fe4f93c88cf7c6148474bf650902dd6dd96541044113d244cf938150ec426e7ed63e1f153bbe328f4232552b104c8dee60b0c4e4c25f2605e97cc6f4263d32e8340be2d167137682373ae4cd501fdc9c5359b40f52803a5e4c0e04a5de0412c5cbd4d05e6135a1209d4b2dff50d39e481f1d1b01ed71004fb0c18e736af8ab176f833a439a85c9132e6d2296f665771c6a284eadc08c94ffa520dcc37fd6426c152364699514b15d4df6732fff39834e8ba29688b19db27a970d9d7fbee973c76bee04fb6164963969ebde0f785606781d63726736d8b60a713d5f72207a23f6f00420fdf24d14c069f36a7e236620481cc7a63857cc1355bac8d4f9a3f32785ad4d9d81719077a816b33b98006c322ee473aa9f8f83fae86a4d421104b298a9e42357c44b773e3504b3f9eb5b29330411b776b78fdb6dd9713dd1aee0cc9c7ee8bd23a50d4c8babaf6d74bc25377009a8c57c941f80e58ac08c93a275656cbad3864df9e791305d66103ab30983b07553ede5b5d5b0aab157f805eb6c11c75dd7f297c2cc9110551131a797164dec422b13799f1c261464c765a62c201eb9c8686eee94642d59f429cd137cba0d1a8126dcdfc28ea5c201526c61164a86f480dfde0c60fdf6afd3cd64719de1d89b5a362e058054a9db73aaffac324b04e8903060e1f14ca4ac31c82183066e6d581685efbe3452a20a665166b03808220770d66051971b61d8114376e22a4511cae9fdf7bbed68bb9f45b57eee1c15775730ef1434731d7b82a7cbcd6155396263984edfcea62196189da0ba9908d7d5ef514d75a3e1d4ae42654365083873fc4ce969fa4fac51d640be8d948bb9464d1a7e494c8df98bd5a569ff7fe1aca542c34610148a8f1dc9d60ff0f761270577f286a362f32164184ffce3ad132637e9f0381e9ce76a11f296f9d1e835cdc44926104e1df4d0a282a84b9fbc23064bfcab0d221c6e3124ae8ba6022e62f170dcc2d655f73b40f83fd65f5c705bc1f9e8df13adeadff9e1fe4660a55be7dc969cfffaed607190162dcd09d0cd86a297b22142b88f0eb28dd1a45152a4f4f2dca0d96d39fa594349040f486cd486af619b7083236cf90324cddc6f1ed0f6a103c8d936d7f2f31d420ef50931838e66721bff7494617b6b4bc385f3e51b3f81cf5d6953ac7fddc0f3466682911b38bc7f082e0c18e3ae0badf7f3fd3e186ebc2bab71fa26f77bb14cd97e6761c93c8c25887c0ef1f3dc1d8d86ce0fb73190f66f4deca77977e8d6064bfeeac3fad2bc50488c144e2a1a82fcc1e1c12ac54bf3e2d468e8f53241e4a6ad9e466746a45b053452ded5caa20461881d78d8235e986ba8b77e83601655d2650bf1b64ce17c75314216b43bbd1101a2e12e57525bb7d3b136a70635bdac8af24367a24ce2fe2a72ef2b0e56ff8dc62a82946f86f9b6b1418a89b1971372dfe7d5ce2e6611befff721f04a19bce7f90b1551a4cdead136662c50513fdde6f9d4a199c3907ed8799f231f54dd8347c71d829ff8ddc5d96b5aac2fe58652c81ff7f54e2568119dff2763ef435aa420630dacc7e9414340ee8688f46c7a8ab96d860937641042b3cdf6857ff1d2d4e47cec1f23e65fe541f38cb96b132666f999002e89cd1896ca58c2e63b87382e1a6c1ee9afa56cf3ba923fa9c989e20bff313f37252632fdcff03fbdd2d334ee93baf75c1bdae30feaa81fb2ac1b63c42dda06f20ce8c9d003eb3efed7931def342fb874fce92763f6f477c7f589b75d2129419fc4cb7a8893a1d3f94533ed9fdf9f21fc254fd80aa74750833d390327a2107e761240928d35a36c5eaca61fd848116b8dd7ec8157928bc2dd87f7756aa517cf6a61d2009fd4ba0579ca3b3129cfd5403546f5ab6d0575799a008fc67da9658427636d8f806d9b8cad64aee438d0a9b45957f31a5afe3ed894add9acadfd347246099c6ff0b4ec6f19ac61557daf8739e528185ab1468ca72d6d72e4f026e371e540b774b6576df3014dcc9e91b2cd1f0403a4fcaa6627b22682bb54f92150c2917acaee1972b2b03bc2bd37fdb9e7352c654d94ef196b7229e4da5ee62b7d395ecdd5177f2563242ea49ff78151a4a816a94e89b03f41c7e6684f8be3e5802e9338e7cbd3b43f708c062f944a59f31b02ca9a177e6b681accee8785d2467d2d78636be4330febaa3f6907db07992a2de74e459f3ae8ee6adae20cbc75aabd2d5d3424de0ddcc3ddd981c3a4966c57f8fdb1c42db87395f0bc800ff8ddb4c228a7d793d8a997885494a8578f5433d3f82886ea573641bf16065efbc25718c88f7277ce04c94af560d8deb7968496f849d3fad78741272b08bf7aec3f3c777428d3b8b897333ae5afb6823af63cb7347601ee2e8d4e21b21a12e6d42f66a1aac26d296bc68a998d8ba179ed5f756c2efd8a7acc0e3f08093bb4a83d37f15b4fe07c90858058ad1ff0e21bb7bf4363079c5d452dba5972b21c8f41daf6f11a51d321d3c1d544190238036d907d965ff469ce4895eb7675f3e94a15f83b837b892a40390d87d76e9b15eda02366299d3dd93943466bceeb2f9e465adccc08e1a02c3ac01815931627ed327e0ffbe09563221a365b88c4f2449bd3634920d5bfbde7cdc92c4cb16a579f35f07dafc87ce6ce4de7bf9e8ff0e80b81cdab8f2164a25a0a6929679ce9ae0dc2ac7ed41a787446676f091597551dc2e8c054224bac6652bba5fb675c0b2c94d2faac160f11b7b96fc96415aca8a47fa03658b8afa24b6bd97f7dbeead9ae5f7ec1cb0d000055f41a5043c6c4c97212398b168b5cb9ee650726eabcc31b6712e815fdaae77885350884fb36d6d5444d5e5500a7d636d4eced14b9d411c765b36a4be06ca9be2965d6d6c06c3b6bcb38babeb2999ee71295d48926bf6e39363fabf74de5e57aa0b59f9dddeca142d0c50ab7ff198196c69c971e6ab591220f4e42d6525e2dbd99b6c57949c854e4ee0e4581f9e3e160b3f66b01f23f4d0472c0a1f307837ac8dac0a257d09ab82975148dcd764fe6359a5f21b9cbe2ae7b9b277489a8b3285b8289a84ff854508b4488ffcf68f47ec7a5c18a8c3d06e26b32f754ac74ea8e93a554147fd3b3daf1fbe924e2e389cac13a5f80f3a21dbd250d3917f7b5acfc739a63f2b3d6b3f099efb4be7a842215c89fc87bd8550d11ba2a4af0f111ab124503b26feeae3be3ee24168dd4553a226b9168edb11c3e61bc850adf995b4d6f1aace6db0b91f805c3d1789a3e6b470e5470968f429d5b05c8f76ca2981e37f5bde4ad00a09755c76774ead7d93f3f41255b1d56152e3699b133b2e0b277427c992323d1b4d8c438434e9e901ddd43788f80cb9a975e9dd1671ce16be5ff8033d5da824f00fd78b540edbcd69a2e9aff03e31af9afefb809434f52b4a1239fdd241ed3a268258addde19d1724155a1a4c877bd59b0659b7a786886f6ffcb5999d1f9c007d615020926f7165a9ddd4aaa3c7b631d30cc951e328131d99282ac06a18f88373092320ea5308f06c376e711aecda4cd1c2b639d9ea7a2613d4e9eaa9a0ef72774fdec622f7d131b45135d577897bf686b460a371083070139ea544bda15012251d6c8e7163c25412841faefba76765648ca7cd1b423403a654b6b5754588ae6c309621477db20f7c9236af1e422ebd3fb6d6a712e7a6d00d58416b7d65a53a2514bf51bedfe9207f16a4d79418600389b98ea8b9e06b8da708a86f191e567925af39a09ac9fd7902e8f8e77567baf1b75c05ba1eb7089b424801405afc982a8d79c80fada184a1ab3bab526a3b0a5e20d2dc6bcdd2c5cb7c49f735f3e8f4d36a388ca805876ae08f0e3acca5dd864c1fa1552068bf799095221480374fd2dcaeddb74be93470eff4fe278e190f0a131f32340ada9cca518af769f42943875f4c5707beee2179771da21cd66405b9973648bd047a516d1cf902fa1f0fcdcbc3f4c1f20fc22f9a7e9f4c3a52576399604c46f83ede44f542d06d54e6e8a1e693a2cfcbb16c178d1bace976133e72cc4533bd02b1c4ec2cc22097435aff5a682ca7227414895450831560fa682493f4814ce8fbdb190f8ce2b533ed9582638511bda93aeae5d0690f745b788db622864ba3fb60952f119427fbe66754c5c038c5fb2cb87c326d65862e353c14950bd1fa7c70e36323e9cf90c81f6275e59c7926acac1560a0b6bbc7a850817f2effa19d485315a219d49e293f871278294d02765cf72caa2f438de3337ed205bf68ff6ddaaa5e4b80de5fba022dfcf9cf074a319678df11eb77b3ef66e512b67ba5182265a60eaf457691e973d23cbaf6000537f886695074ebb616f9cdad9de7c6fe9ecfbd13d537d64c34a7c90ca56b50e60d6a7067e391e63561793edf6ed3c2eeb8555909a59ce73da1f096d41fb42de44494128324a9", @ANYRESHEX=0x0, @ANYRES32=r2], 0x5, 0x0, &(0x7f0000000000)) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x40086e81, 0x0) 1.617486691s ago: executing program 0 (id=325): r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10) r1 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x3, 0x3, 0x3}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000100)={0x44, 0xfffffffd, 0x3, 0x3}, 0x10) sendmsg$tipc(r1, &(0x7f0000000080)={&(0x7f0000000000)=@name={0x1e, 0x2, 0x2, {{0xd4043f9e78e97721}, 0x3}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x24000000) 1.39336018s ago: executing program 0 (id=326): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4) sendto$inet6(r0, &(0x7f0000000300)="a6", 0x1, 0x20000045, &(0x7f0000000140)={0xa, 0x2, 0xffff, @loopback, 0x3}, 0x1c) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) write$P9_RMKNOD(r0, &(0x7f0000000280)={0x14, 0x13, 0x2, {0x4, 0x2}}, 0xfffffe5c) 1.143902993s ago: executing program 2 (id=327): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000bc0)=ANY=[@ANYBLOB="0a000000050000000200000007"], 0x48) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x5, 0x2, 0x2, 0x4}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x2000000, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x18000, &(0x7f0000000000), 0x1, 0x632, &(0x7f0000001280)="$eJzs3c9rHNcdAPDvzEqyZauVXUqpTUsFPdhQvJZcU7c92e6hPhhqqA8h5GBhSY7w+geWDLZjsAw5JJBACLmG4Ev+gZBr0DXkFgKJbzkHnBCc5JAEb5jZWWuz2rU3kla78Xw+MDNvfmjf++7s2/dmZkcTQGlNZaM0Yl9EnEsiJlvWTURj5VSx3cOvb5/PhiTq9f9/lURSLGtu/6iY7s5GSeNvPj4Z8bvK+nyXbt66OFurN9yJOLx86erhpZu3Di1emr0wf2H+8syRfx49Nv2vmQ+3Js7dxfTU6f/96fWXX/zHwie1Q0kcj7OjL81FWxxbZarx7kYWYuvykYg4liU6vC+wnSrF53E0Iv4Qk1HJ5xomY/G1gRYO6Kt6pdE+1cfqQOkk0UwMuCDANmv2A5rH9v04Dh5mD05k4xsd4h8pjt535sdGux4mLUdG2dKIPVuQ/0pE/Hh7/9vZEF3OQ4xsQT5d878bEX/stP+TPP49eaRZ/GmkLX+XpaeLcxtZ+f6ziTIkLenePn93NpHbz/2S+Fv3Qxb/8WKaLT/Z5fWfdopnqm2+bPUPgMFYPVE05FlHJNbav6xn2Oz/RHv/p/5+fm2ove3aiO7tX7oFr/50ef9vpFP732zvd+ZteNrWD0ti5dsznV9ytH3B56+eerNb/lMt/b9syPJv9gV7sOmu4YO7Efvb4n8lf+uTx/s/6dD/zfp753rM47+ffnmq27pNxr9p9XsRBzoe/6z1SrNU2/XJJJrXJ4/OHF5YrM1PN8Yd8/jgoxfe7Zb/oOPP9v+uLvE/af9ny672mMd7Z+5daqR2rFs38dT40y/GkrN5aiwfr1WvseR0sUljcmN2efnakSeXpblNPp1pxH/wr53rf5f484OP8eZXZg+uPnfxYbd1m9z/j+o9bthNFv/cBvf/Gz3m8d3z1//cbd36+NfOSYxvNCgAAAAAAAAoqTS/Bpuk1cfpNK0WF95+H7vS2pWl5b8tXLl+eS7iYP57yNG0eaV7sjGfZPMzxe9hm/NH2ub/HhF7I+Ktyng+Xz1/pTY36OABAAAAAAAAAAAAAAAAAABgSOwu7v9/VDwP7JtKmlargy4VsG36+YA5YLip/1Beef3fnuetAUNG+w/l1bH++1KAUlDVobzUfygv9R/KS/2H8lL/oby61/91a+72uywAAAAAwJbZ+5fV+yMRsfLv8XzIjBXrRgdaMqDf1HEor8qgCwAMzOML/G7/h9Lpqf//ffHPAftfHGAAkpb0SjORdw7qT678q0nfywYAAAAAAAAAAAAANBzYt3o/cf8/lJLb/qC8Nnb/f2XjfwoMjU7/+t/jQKAcHONDyfVwEmBntxXu/wcAAAAAAAAAAACAbTORD0laLX4GPBFpWq1G/CYi9sRosrBYm5+OiN9GxGeV0R3Z/MygCw0AAAAAAAAAAAAAAAAAAADPmKWbty7O1mrz11oTP6xb8mwnmk88HZbytCYi6XsWabQtGY+IYYi9P4mRliVJxEq257filZPNf35iGN6fIjHgLyYAAAAAAAAAAAAAAAAAACihlnuPO9v/zjaXCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC239rz//uXGHSMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCv008BAAD//xS+O5U=") 772.51115ms ago: executing program 3 (id=328): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x4a, &(0x7f0000000040)=0x7, 0x4) setsockopt$inet6_int(r0, 0x29, 0x4, &(0x7f0000000000)=0x1, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) recvmsg(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x8141) 681.702052ms ago: executing program 1 (id=329): r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000380), 0x1000a) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r1, 0x0) setresuid(0x0, 0xee01, 0xffffffffffffffff) ioctl$sock_inet_SIOCSIFADDR(r0, 0x891c, &(0x7f0000000540)={'batadv_slave_1\x00', {0x2, 0x0, @private=0xfffffffc}}) 631.935948ms ago: executing program 2 (id=330): syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x4040, &(0x7f0000000a80)=ANY=[@ANYBLOB='force,decompose,nls=cp857,uid=', @ANYRESHEX=0xee01, @ANYBLOB="2c6e6f626172726965722c706172743d3078303030303030303030303030303030342c0029da224046557ecb65ded5c50ad3a6a30bc9ff1a3ebc851290177bba8d57fc514869fde9ff0cd99031aef2250bd32f6fe7dffcc4d843c5398f85b2162d81bd51c7ad5d6c6ec22b4391379123720a07da3c987a8779b03b21db3c6542040ee5b3167521a1f384b80673a5e56ff56bf5523200000000079a42c04c9e8f94e57cdc0e3adfa978c6d4d7f05fa88ead40f3ec2bf6239d4c40d4496fb2ded06d4900"/206], 0x20, 0x6fe, &(0x7f0000002100)="$eJzs3U9sG1kZAPBvJrYTd6Wsd9nuFoTUaCsq2EKbxCwtEhIFIZTDCipx2Wto021UJ1slWZRWiHqBBW5wQj3sYREKhz0hDkiLOCCWGxISEvfeK3HgVnHAaMYzie0kTtzGTSm/nzSeN57355vPb8b2pJUD+L+18GZU25HEwrk3NrPt+1vN1v2t5kpZjojJiEgjKt1VJKsRyccRl6O7xCezJ4vukv3Gef3BR++fvfdhs7tVKZa8fjqs3Y7OkBHaxRIzETFRrEdU2a+/q3v0d3ekrpPtuLOEnSkTB8ets0t7lOaHOG+Bp93diInqHs83Ik5ExFTxOSCKq0P6hMM7ciNd5QAAAODY7fWtPb8HPtTzD+NhbMb0WEICAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAZ1TS/c3ApFjSsjwTSfH7/98uquVqteMN9wCfP2D/e9efUCAAAAAAAAAAcPSqO8XTD+NhbMZ0ud1J8r/5v5pvvJQ/PhfvxHosxVqcj81YjI3YiLWYi6hO9/RZ21zc2Fib293yl5G17HQ6d4uW8xHR2NVyfszHDAAAAAAAAADPth/GQkwfdxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAriZjorvLlpbLciLQSEVMRUcvqtSP+WJafBo1HbPenI44DAAAAnkL1Yj2d/Kdb6CT5d/6X8+/9U/FOrMZGLMdGtGIpruX3Arrf+tO/t5ut+1vNlWzZ3fHX/jlSHHmPETER7+4z8mxe4+R2i4X4ZnwnzsVMXIm1WI7vxWJsxFLMRD07iFiMJBr17t2LRhlnf7wTRVeX+0K5Mhjb6YHtU3kk9bgey3ls5+NqrewtzWskcapntN/XIgYy9G6WneSrhUPm6FrP6/WL4r5MofP8IfsYj0Z+5NXtjMxmuS+y8cLeuS+NOE8GR5qLdPse1Es7o2SbgyOVOf/uKDk/UayzXP+kP+dHbcRbaYOZmI+0mH0RL/fn/NZn7r3Y3/hz//jzlRvp6s0b19fPjfGQxqpaFgYz0ezJxCvDZ1+RiVaWifZgJqoHD12aesxjOSK1IhvdC9vhrpbfyEuL8WrPFHw7rsVSXIzZmItLMRtfjvlo9s2wk315rTRX+nOSn2vp7utbfUjwZz7bU+mnB1Qeh/3Hy/LyQk9ee690jXxf8czln8dsT5ZeHD77HuVdoPKpopCN8aPtd5ynQV8mimtzGV35BrVPJn7VyR7XW6s3124s3jrkeGeLdXbavtd/bf71Yx/MY8nmS3bFreRbeU7q5XzJ9n1iO9r+fNWKv7h026W79p3c3teI6ViOb+17ptaKz3C7e+rue2XPfc1836mefX2fcuLtaOWfQgbMPJmsAnBoJ147Uas/qP+t/kH9x/Ub9Temvj55afLTtaj+pfKHid+mv0m/krwWH8QPYvq4IwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgGfB+u07NxdbraW1MRZqjzhWpAfW2XrucB1GI2L4WElRqI07G7fvZPkYodXPit8rPLow/jU1NBv1GNOx/274UdQee4hk/PM5eyWOpMPyh9PyZzoTB7b664WI7jOV4fOnEutT1X3yPLnzukfj5mLr352+OvXoOWWAZ9yFjZVbF9Zv3/nC8sriW0tvLa3OX7p46WLzS3NfvHB9ubU023087iiBcVi/fWfiuGMAAAAAAAAAAAAARlP86/+NtTQrJKP/L53KAXVqa+t7j3z6SR8qAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8D9q4c2otiOJudnzs9n2/a1mK1vK8k7NSkSkEZF8PyL5OOJydJdo9HSX7DfO6w8+ev/svQ+bO31VyvrpsHaH0y6WmImIiWJ9sMk9utnd39We/tqPFF6yfYRZws6UiYPj9t8AAAD//ycX7eY=") chdir(&(0x7f0000000140)='./file0\x00') mknod$loop(&(0x7f0000000200)='./file0\x00', 0x2480, 0x1) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f00000000c0)=""/70, 0x46) unlink(&(0x7f0000000480)='./file0\x00') 576.811645ms ago: executing program 3 (id=331): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a5"], 0x0}, 0x90) r0 = socket$inet(0x2, 0x6000000000000001, 0x0) mmap(&(0x7f0000001000/0x200000)=nil, 0x200000, 0x2000001, 0x2011, r0, 0x0) r1 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) bind$bt_hci(r1, &(0x7f0000000000)={0x27}, 0x74) sendmmsg$unix(r1, &(0x7f0000000b00)=[{{&(0x7f00000000c0)=@file={0x0, './file0/file0\x00'}, 0x6e, 0x0}}, {{&(0x7f0000000e80)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000740)=[{&(0x7f0000001dc0)="bb", 0x1}], 0x1, 0x0, 0x0, 0x1}}], 0x2, 0x0) 457.642461ms ago: executing program 1 (id=332): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="19000000040000000400000002"], 0x48) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xe, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00') read$eventfd(r1, &(0x7f0000000180), 0x8) 408.890917ms ago: executing program 3 (id=333): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x6) ioctl$KVM_CAP_HYPERV_SYNIC2(r2, 0x4068aea3, &(0x7f0000000140)) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)={0x1, 0x0, [{0x40000091, 0x1936ca0e, 0x65f27}]}) 245.687648ms ago: executing program 1 (id=334): r0 = epoll_create1(0x0) r1 = epoll_create1(0x0) close(r0) openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000c85000)) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000140)={0x77540947ad9a168d}) 157.649769ms ago: executing program 2 (id=335): write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000340)=ANY=[], 0x118) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000980)={0x44, r1, 0x5, 0xffffffff, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SCAN_SSIDS={0x28, 0x2d, 0x0, 0x1, [{0xa, 0x0, @default_ap_ssid}, {0xa, 0x0, @default_ibss_ssid}, {0xfffffffffffffec9, 0x0, @default_ap_ssid}]}]}, 0x44}}, 0x0) 157.384419ms ago: executing program 0 (id=336): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0900000006000000080000000800000002"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040), &(0x7f0000000300), 0x8001, r0}, 0x38) r1 = socket$inet6(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendto$inet6(r1, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0) 107.398116ms ago: executing program 3 (id=337): syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, &(0x7f0000000440)={0x44, &(0x7f0000000240)=ANY=[@ANYBLOB="4001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r0 = syz_open_dev$evdev(&(0x7f0000001540), 0x0, 0x0) ioctl$EVIOCGLED(r0, 0x5452, &(0x7f0000000240)=""/77) ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000180)={0x57, 0x0, 0x0, {0xfffe, 0x1}, {0x74, 0x2}, @const={0x6, {0x7f, 0x0, 0x8000, 0xfffd}}}) r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x78, 0x822b01) write$char_usb(r1, &(0x7f0000000040)="e2", 0x1068) 0s ago: executing program 1 (id=338): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000080)={0x8}, 0x1) sendto$inet6(r0, &(0x7f0000000040)='l', 0x1, 0x0, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) shutdown(r0, 0x1) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.192' (ED25519) to the list of known hosts. syzkaller login: [ 80.935877][ T5754] cgroup: Unknown subsys name 'net' [ 81.075000][ T5754] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 82.722293][ T5754] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 84.354231][ T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 84.362376][ T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 84.371022][ T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 84.379256][ T51] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 84.386723][ T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 84.394458][ T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 84.402288][ T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 84.411336][ T51] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 84.418713][ T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 84.427196][ T51] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 84.434565][ T51] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 84.446031][ T5779] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 84.451970][ T5777] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 84.517413][ T5082] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 84.522327][ T5779] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 84.535366][ T5082] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 84.544050][ T5779] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 84.551988][ T5779] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 84.559774][ T5779] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 84.568036][ T5779] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 84.575883][ T5779] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 84.594549][ T5082] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 84.603026][ T5082] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 84.616057][ T5082] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 85.051861][ T5774] chnl_net:caif_netlink_parms(): no params data found [ 85.073445][ T5766] chnl_net:caif_netlink_parms(): no params data found [ 85.136878][ T5770] chnl_net:caif_netlink_parms(): no params data found [ 85.230665][ T5768] chnl_net:caif_netlink_parms(): no params data found [ 85.363297][ T5774] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.374466][ T5774] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.382005][ T5774] bridge_slave_0: entered allmulticast mode [ 85.389813][ T5774] bridge_slave_0: entered promiscuous mode [ 85.404783][ T5770] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.412093][ T5770] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.419366][ T5770] bridge_slave_0: entered allmulticast mode [ 85.426864][ T5770] bridge_slave_0: entered promiscuous mode [ 85.434412][ T5766] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.444046][ T5766] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.452101][ T5766] bridge_slave_0: entered allmulticast mode [ 85.461318][ T5766] bridge_slave_0: entered promiscuous mode [ 85.470444][ T5766] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.477765][ T5766] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.484967][ T5766] bridge_slave_1: entered allmulticast mode [ 85.493208][ T5766] bridge_slave_1: entered promiscuous mode [ 85.501308][ T5774] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.510181][ T5774] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.519111][ T5774] bridge_slave_1: entered allmulticast mode [ 85.527715][ T5774] bridge_slave_1: entered promiscuous mode [ 85.541258][ T5770] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.549859][ T5770] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.558713][ T5770] bridge_slave_1: entered allmulticast mode [ 85.565927][ T5770] bridge_slave_1: entered promiscuous mode [ 85.634374][ T5766] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.668800][ T5774] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.680261][ T5766] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.715447][ T5768] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.722687][ T5768] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.730877][ T5768] bridge_slave_0: entered allmulticast mode [ 85.738384][ T5768] bridge_slave_0: entered promiscuous mode [ 85.748988][ T5770] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.758371][ T5768] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.766226][ T5768] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.773485][ T5768] bridge_slave_1: entered allmulticast mode [ 85.780627][ T5768] bridge_slave_1: entered promiscuous mode [ 85.789391][ T5774] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.813284][ T5770] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.856679][ T5766] team0: Port device team_slave_0 added [ 85.898127][ T5774] team0: Port device team_slave_0 added [ 85.909637][ T5766] team0: Port device team_slave_1 added [ 85.937102][ T5770] team0: Port device team_slave_0 added [ 85.948299][ T5768] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.968507][ T5774] team0: Port device team_slave_1 added [ 85.996737][ T5770] team0: Port device team_slave_1 added [ 86.004727][ T5768] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.026044][ T5766] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.033049][ T5766] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.059152][ T5766] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.073102][ T5766] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.080175][ T5766] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.106269][ T5766] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.163240][ T5774] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.170414][ T5774] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.196931][ T5774] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.210212][ T5774] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.217390][ T5774] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.243752][ T5774] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.274549][ T5768] team0: Port device team_slave_0 added [ 86.283857][ T5768] team0: Port device team_slave_1 added [ 86.309472][ T5770] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.319511][ T5770] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.345878][ T5770] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.390611][ T5770] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.397710][ T5770] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.423835][ T5770] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.469859][ T5766] hsr_slave_0: entered promiscuous mode [ 86.476551][ T5766] hsr_slave_1: entered promiscuous mode [ 86.490589][ T5774] hsr_slave_0: entered promiscuous mode [ 86.497210][ T5774] hsr_slave_1: entered promiscuous mode [ 86.503750][ T5774] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 86.512608][ T5774] Cannot create hsr debugfs directory [ 86.520920][ T5768] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.531331][ T5768] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.558848][ T5082] Bluetooth: hci0: command tx timeout [ 86.558857][ T5768] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.570866][ T5768] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.577479][ T5775] Bluetooth: hci1: command tx timeout [ 86.582018][ T5768] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.613498][ T5768] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.635559][ T5775] Bluetooth: hci2: command tx timeout [ 86.714662][ T5770] hsr_slave_0: entered promiscuous mode [ 86.720411][ T5775] Bluetooth: hci3: command tx timeout [ 86.728575][ T5770] hsr_slave_1: entered promiscuous mode [ 86.734887][ T5770] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 86.742575][ T5770] Cannot create hsr debugfs directory [ 86.774691][ T5768] hsr_slave_0: entered promiscuous mode [ 86.781719][ T5768] hsr_slave_1: entered promiscuous mode [ 86.788413][ T5768] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 86.796355][ T5768] Cannot create hsr debugfs directory [ 87.407009][ T5768] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 87.442026][ T5768] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 87.461394][ T5768] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 87.488618][ T5768] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 87.567560][ T5774] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 87.621644][ T5774] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 87.642675][ T5774] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 87.661567][ T5774] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 87.726194][ T5766] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 87.768450][ T5766] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 87.780134][ T5766] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 87.790510][ T5766] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 87.847510][ T5770] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 87.859523][ T5770] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 87.872729][ T5770] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 87.889191][ T5770] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 88.009874][ T5768] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.091223][ T5768] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.123042][ T32] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.130442][ T32] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.146961][ T5774] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.171944][ T32] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.179158][ T32] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.223800][ T5774] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.233485][ T5766] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.272682][ T32] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.279967][ T32] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.306239][ T5770] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.329641][ T5766] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.349052][ T32] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.356246][ T32] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.367052][ T32] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.374236][ T32] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.384257][ T32] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.391488][ T32] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.453253][ T5770] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.489009][ T32] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.496428][ T32] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.537364][ T1015] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.544577][ T1015] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.573518][ T5774] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 88.587090][ T5774] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 88.638334][ T5775] Bluetooth: hci1: command tx timeout [ 88.644824][ T5775] Bluetooth: hci0: command tx timeout [ 88.717598][ T5082] Bluetooth: hci2: command tx timeout [ 88.795937][ T5082] Bluetooth: hci3: command tx timeout [ 89.087851][ T5768] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.168003][ T5770] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.194264][ T5768] veth0_vlan: entered promiscuous mode [ 89.232125][ T5766] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.244190][ T5768] veth1_vlan: entered promiscuous mode [ 89.278762][ T5774] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.334189][ T5766] veth0_vlan: entered promiscuous mode [ 89.370656][ T5766] veth1_vlan: entered promiscuous mode [ 89.399774][ T5770] veth0_vlan: entered promiscuous mode [ 89.442044][ T5770] veth1_vlan: entered promiscuous mode [ 89.453573][ T5768] veth0_macvtap: entered promiscuous mode [ 89.468525][ T5768] veth1_macvtap: entered promiscuous mode [ 89.492519][ T5766] veth0_macvtap: entered promiscuous mode [ 89.504209][ T5766] veth1_macvtap: entered promiscuous mode [ 89.536314][ T5774] veth0_vlan: entered promiscuous mode [ 89.562541][ T5766] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.589362][ T5766] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.601954][ T5766] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.612222][ T5766] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.621293][ T5766] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.631442][ T5766] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.646959][ T5770] veth0_macvtap: entered promiscuous mode [ 89.659930][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 89.670921][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.683996][ T5768] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.694512][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 89.708763][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.720560][ T5768] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.729364][ T5774] veth1_vlan: entered promiscuous mode [ 89.763527][ T5768] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.774155][ T5768] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.782979][ T5768] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.791804][ T5768] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.812197][ T5770] veth1_macvtap: entered promiscuous mode [ 89.929271][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 89.940779][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.951409][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 89.962055][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.974144][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.992229][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.003633][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.015016][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.026107][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.039136][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.054316][ T5774] veth0_macvtap: entered promiscuous mode [ 90.070977][ T5774] veth1_macvtap: entered promiscuous mode [ 90.076933][ T1015] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.085001][ T1015] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.112733][ T5770] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.129492][ T5770] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.138285][ T5770] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.147853][ T5770] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.187491][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.196194][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.198647][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.216681][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.222592][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.234701][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.246191][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.256928][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.270547][ T5774] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.302014][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.313653][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.332962][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.343610][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.353808][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.364873][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.377190][ T5774] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.420722][ T1015] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.429334][ T1015] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.468586][ T5774] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.479057][ T5774] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.488274][ T5774] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.497095][ T5774] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.522710][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.549216][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.715521][ T5082] Bluetooth: hci0: command tx timeout [ 90.721025][ T5082] Bluetooth: hci1: command tx timeout [ 90.738224][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.754421][ T1084] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.766655][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.786321][ T1084] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.796038][ T5082] Bluetooth: hci2: command tx timeout [ 90.861193][ T32] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.876224][ T5082] Bluetooth: hci3: command tx timeout [ 90.892777][ T32] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.962023][ T32] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.005649][ T32] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.153567][ T5863] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2'. [ 91.185700][ T5863] bridge: RTM_NEWNEIGH with invalid ether address [ 91.216234][ T5863] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2'. [ 91.242223][ T5863] bridge: RTM_NEWNEIGH with invalid ether address [ 91.521942][ T5869] Zero length message leads to an empty skb [ 91.659444][ T5876] syz.1.10[5876]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 91.847593][ T5876] loop1: detected capacity change from 0 to 8192 [ 91.887706][ T5876] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 91.957767][ T5876] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 91.967861][ T5876] REISERFS (device loop1): using ordered data mode [ 91.974555][ T5876] reiserfs: using flush barriers [ 91.987625][ T5876] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 92.006563][ T5876] REISERFS (device loop1): checking transaction log (loop1) [ 92.046311][ T5886] loop2: detected capacity change from 0 to 1024 [ 92.054742][ T5876] REISERFS (device loop1): Using r5 hash to sort names [ 92.065514][ T5876] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 92.095031][ T5886] EXT4-fs: Ignoring removed nomblk_io_submit option [ 92.179889][ T23] cfg80211: failed to load regulatory.db [ 92.229935][ T5886] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 92.491380][ T5766] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 92.545674][ T5854] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 92.753823][ T5854] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 92.785264][ T5854] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 92.796167][ T5082] Bluetooth: hci1: command tx timeout [ 92.801637][ T5082] Bluetooth: hci0: command tx timeout [ 92.838770][ T5854] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 92.875610][ T5082] Bluetooth: hci2: command tx timeout [ 92.883444][ T5854] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 92.916106][ T5854] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 92.955791][ T5082] Bluetooth: hci3: command tx timeout [ 92.991291][ T5854] usb 1-1: config 0 descriptor?? [ 93.164006][ T5906] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 93.470457][ T5904] loop3: detected capacity change from 0 to 32768 [ 93.481774][ T5904] ======================================================= [ 93.481774][ T5904] WARNING: The mand mount option has been deprecated and [ 93.481774][ T5904] and is ignored by this kernel. Remove the mand [ 93.481774][ T5904] option from the mount to silence this warning. [ 93.481774][ T5904] ======================================================= [ 93.512965][ T5854] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving [ 93.618608][ T5854] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 93.658252][ T5904] JBD2: Ignoring recovery information on journal [ 93.768606][ T5904] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 94.168320][ T5768] ocfs2: Unmounting device (7,3) on (node local) [ 94.828312][ C0] plantronics 0003:047F:FFFF.0001: usb_submit_urb(ctrl) failed: -1 [ 94.854496][ T5929] loop2: detected capacity change from 0 to 32768 [ 94.889505][ T5929] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.31 (5929) [ 94.924297][ T5929] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 94.941753][ T5929] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 94.951330][ T5929] BTRFS info (device loop2): using free space tree [ 94.962416][ T5932] loop3: detected capacity change from 0 to 32768 [ 94.997849][ T5932] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.29 (5932) [ 95.066284][ T5932] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 95.127231][ T5932] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 95.182085][ T5932] BTRFS info (device loop3): setting nodatacow, compression disabled [ 95.205372][ T5929] BTRFS info (device loop2): enabling ssd optimizations [ 95.212405][ T5929] BTRFS info (device loop2): auto enabling async discard [ 95.238494][ T5932] BTRFS info (device loop3): force clearing of disk cache [ 95.254811][ T5932] BTRFS info (device loop3): enabling ssd optimizations [ 95.280176][ T5932] BTRFS info (device loop3): using spread ssd allocation scheme [ 95.309669][ T5932] BTRFS info (device loop3): turning off barriers [ 95.316296][ T5932] BTRFS info (device loop3): disabling free space tree [ 95.337662][ T5932] BTRFS info (device loop3): not using ssd optimizations [ 95.344806][ T5932] BTRFS info (device loop3): not using spread ssd allocation scheme [ 95.406981][ T5766] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 95.676643][ T5932] BTRFS info (device loop3): rebuilding free space tree [ 95.753049][ T1197] usb 1-1: USB disconnect, device number 2 [ 95.815146][ T5971] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 95.874983][ T5932] BTRFS info (device loop3): disabling free space tree [ 95.915179][ T5932] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 95.934292][ T5932] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 96.170305][ T28] audit: type=1800 audit(1768692033.767:2): pid=5932 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.29" name="file1" dev="loop3" ino=260 res=0 errno=0 [ 96.376768][ T5948] loop1: detected capacity change from 0 to 32768 [ 96.407125][ T5948] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.32 (5948) [ 96.465054][ T5948] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 96.503111][ T5948] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 96.543842][ T5948] BTRFS info (device loop1): using free space tree [ 96.769057][ T6001] capability: warning: `syz.0.40' uses deprecated v2 capabilities in a way that may be insecure [ 96.784528][ T5948] BTRFS info (device loop1): enabling ssd optimizations [ 96.795150][ T5768] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 96.845324][ T5948] BTRFS info (device loop1): auto enabling async discard [ 96.976156][ T5770] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 98.376433][ T6016] loop2: detected capacity change from 0 to 32768 [ 98.401849][ T6016] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.45 (6016) [ 98.456152][ T6016] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 98.471957][ T6022] loop1: detected capacity change from 0 to 32768 [ 98.505472][ T6022] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop1 scanned by syz.1.48 (6022) [ 98.506881][ T6016] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 98.575364][ T6016] BTRFS info (device loop2): metadata ratio 2 [ 98.585712][ T6016] BTRFS info (device loop2): allowing degraded mounts [ 98.602974][ T6022] BTRFS info (device loop1): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 98.615503][ T6016] BTRFS info (device loop2): force zlib compression, level 3 [ 98.622999][ T6016] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 98.655963][ T6022] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm [ 98.666675][ T6016] BTRFS info (device loop2): use zstd compression, level 3 [ 98.674892][ T6016] BTRFS info (device loop2): allowing degraded mounts [ 98.685539][ T6022] BTRFS info (device loop1): using free space tree [ 98.707774][ T6016] BTRFS info (device loop2): max_inline at 0 [ 98.717459][ T6016] BTRFS info (device loop2): using free space tree [ 98.848525][ T6022] BTRFS info (device loop1): enabling ssd optimizations [ 98.865431][ T6022] BTRFS info (device loop1): auto enabling async discard [ 98.931112][ T6016] BTRFS info (device loop2): enabling ssd optimizations [ 98.966886][ T6028] loop3: detected capacity change from 0 to 32768 [ 99.061450][ T6022] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_LZO (0x8) [ 99.086766][ T6028] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 99.107825][ T28] audit: type=1800 audit(1768692036.727:3): pid=6016 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.45" name="bus" dev="loop2" ino=263 res=0 errno=0 [ 99.206321][ T6030] loop0: detected capacity change from 0 to 32768 [ 99.239482][ T6030] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.52 (6030) [ 99.342275][ T5770] BTRFS info (device loop1): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 99.343989][ T6028] XFS (loop3): Ending clean mount [ 99.375402][ T6030] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 99.418608][ T6030] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 99.446663][ T6028] XFS (loop3): Quotacheck needed: Please wait. [ 99.463640][ T6030] BTRFS info (device loop0): using free space tree [ 99.586229][ T6028] XFS (loop3): Quotacheck: Done. [ 99.624064][ T5766] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 99.673818][ T6030] BTRFS info (device loop0): enabling ssd optimizations [ 99.751449][ T6030] BTRFS info (device loop0): auto enabling async discard [ 99.889463][ T5768] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 100.015650][ T5774] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 100.696761][ T6095] process 'syz.3.55' launched '/dev/fd/4' with NULL argv: empty string added [ 100.783105][ T6088] loop1: detected capacity change from 0 to 32768 [ 100.831633][ T6088] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.53 (6088) [ 100.943843][ T6088] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 100.984061][ T6088] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 101.022142][ T6102] loop0: detected capacity change from 0 to 512 [ 101.045387][ T6088] BTRFS info (device loop1): using free space tree [ 101.086519][ T6102] EXT4-fs: Ignoring removed i_version option [ 101.092629][ T6102] EXT4-fs: Ignoring removed oldalloc option [ 101.158235][ T6102] EXT4-fs: Ignoring removed nomblk_io_submit option [ 101.166005][ T1197] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 101.182363][ T6102] EXT4-fs (loop0): Test dummy encryption mode enabled [ 101.274156][ T6102] EXT4-fs (loop0): 1 truncate cleaned up [ 101.325917][ T6102] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 101.381214][ T6088] BTRFS info (device loop1): enabling ssd optimizations [ 101.387211][ T1197] usb 3-1: Using ep0 maxpacket: 8 [ 101.405841][ T1197] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 101.415709][ T1197] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 101.428746][ T6088] BTRFS info (device loop1): auto enabling async discard [ 101.445255][ T1197] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 101.471475][ T1197] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 101.492445][ T1197] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 101.513685][ T1197] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 101.523254][ T1197] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 101.612791][ T6102] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.59: invalid indirect mapped block 234881024 (level 0) [ 101.678132][ T5770] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 101.695883][ T6102] EXT4-fs (loop0): Remounting filesystem read-only [ 101.797594][ T1197] usb 3-1: usb_control_msg returned -32 [ 101.818604][ T1197] usbtmc 3-1:16.0: can't read capabilities [ 101.878573][ T5774] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.033234][ T6131] capability: warning: `syz.1.62' uses 32-bit capabilities (legacy support in use) [ 102.517857][ T6149] loop8: detected capacity change from 0 to 8 [ 102.544855][ T6149] loop8: [CUMANA/ADFS] p1 [ADFS] p1 [ 102.566562][ T6149] loop8: partition table partially beyond EOD, truncated [ 102.584611][ T6149] loop8: p1 size 3004527350 extends beyond EOD, truncated [ 102.622421][ T6152] usbtmc 3-1:16.0: usb_control_msg returned -32 [ 102.707371][ T5759] udevd[5759]: inotify_add_watch(7, /dev/loop8p1, 10) failed: No such file or directory [ 102.758892][ T5854] usb 3-1: USB disconnect, device number 2 [ 103.061240][ T6163] loop0: detected capacity change from 0 to 128 [ 103.443934][ T6158] loop1: detected capacity change from 0 to 32768 [ 103.481159][ T6158] JBD2: Ignoring recovery information on journal [ 103.567251][ T6158] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 103.736556][ T28] audit: type=1800 audit(1768692041.337:4): pid=6158 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.72" name="file1" dev="loop1" ino=17058 res=0 errno=0 [ 103.932948][ T6187] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 103.955275][ T5770] OCFS2: ERROR (device loop1): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #1056 has bad signature [ 103.973431][ T6187] overlayfs: failed to set xattr on upper [ 103.986822][ T6187] overlayfs: ...falling back to redirect_dir=nofollow. [ 103.993142][ T5770] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 104.006690][ T6187] overlayfs: ...falling back to index=off. [ 104.025726][ T6187] overlayfs: ...falling back to uuid=null. [ 104.060321][ T5770] OCFS2: File system is now read-only. [ 104.076294][ T5770] (syz-executor,5770,1):_ocfs2_free_suballoc_bits:2489 ERROR: status = -30 [ 104.107932][ T5770] (syz-executor,5770,0):_ocfs2_free_clusters:2583 ERROR: status = -30 [ 104.117688][ T5770] (syz-executor,5770,0):ocfs2_sync_local_to_main:1001 ERROR: status = -30 [ 104.126368][ T5770] (syz-executor,5770,0):ocfs2_sync_local_to_main:1013 ERROR: status = -30 [ 104.135750][ T5770] (syz-executor,5770,0):ocfs2_shutdown_local_alloc:449 ERROR: status = -30 [ 104.181566][ T5770] ocfs2: Unmounting device (7,1) on (node local) [ 104.205440][ T1197] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 104.425080][ T9] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 104.438956][ T1197] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 104.458426][ T1197] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 104.483646][ T1197] usb 4-1: config 0 descriptor?? [ 104.508946][ T1197] cp210x 4-1:0.0: cp210x converter detected [ 104.625749][ T9] usb 1-1: Using ep0 maxpacket: 8 [ 104.647277][ T9] usb 1-1: New USB device found, idVendor=093b, idProduct=a104, bcdDevice= 0.01 [ 104.660327][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 104.688435][ T9] usb 1-1: Product: syz [ 104.703003][ T9] usb 1-1: Manufacturer: syz [ 104.732720][ T9] usb 1-1: SerialNumber: syz [ 104.743616][ T9] usb 1-1: config 0 descriptor?? [ 104.758795][ T9] go7007: probe of 1-1:0.0 failed with error -12 [ 104.923502][ T1197] cp210x 4-1:0.0: failed to get vendor val 0x0010 size 3: -32 [ 104.946009][ T6188] loop3: detected capacity change from 0 to 128 [ 104.991889][ T9] usb 1-1: USB disconnect, device number 3 [ 105.016775][ T5759] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 105.066168][ T1197] usb 4-1: cp210x converter now attached to ttyUSB0 [ 105.268301][ T27] usb 4-1: USB disconnect, device number 2 [ 105.289903][ T27] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 105.334798][ T27] cp210x 4-1:0.0: device disconnected [ 105.536666][ T6200] loop1: detected capacity change from 0 to 32768 [ 105.570729][ T6200] XFS: noikeep mount option is deprecated. [ 105.585597][ T6200] XFS: ikeep mount option is deprecated. [ 105.641231][ T6200] XFS (loop1): DAX unsupported by block device. Turning off DAX. [ 105.652198][ T6200] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 105.736302][ T6210] loop0: detected capacity change from 0 to 512 [ 105.786748][ T6210] EXT4-fs: inline encryption not supported [ 105.824374][ T6210] EXT4-fs (loop0): orphan cleanup on readonly fs [ 105.876759][ T6200] XFS (loop1): Ending clean mount [ 105.876970][ T6210] EXT4-fs error (device loop0): ext4_iget_extra_inode:4732: inode #15: comm syz.0.90: corrupted in-inode xattr: invalid size in ea xattr [ 105.937870][ T6200] XFS (loop1): Quotacheck needed: Please wait. [ 105.963939][ T6210] EXT4-fs (loop0): Remounting filesystem read-only [ 105.972893][ T6210] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 106.115062][ T6200] XFS (loop1): Quotacheck: Done. [ 106.147352][ T5774] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.201238][ T28] audit: type=1800 audit(1768692043.817:5): pid=6200 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.89" name="bus" dev="loop1" ino=9292 res=0 errno=0 [ 106.371522][ T6216] loop3: detected capacity change from 0 to 256 [ 106.427551][ T5770] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 106.470472][ T6218] loop0: detected capacity change from 0 to 1024 [ 106.483164][ T6216] FAT-fs (loop3): Directory bread(block 64) failed [ 106.498234][ T6216] FAT-fs (loop3): Directory bread(block 65) failed [ 106.517173][ T6218] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 106.538766][ T6216] FAT-fs (loop3): Directory bread(block 66) failed [ 106.562998][ T6216] FAT-fs (loop3): Directory bread(block 67) failed [ 106.598918][ T6216] FAT-fs (loop3): Directory bread(block 68) failed [ 106.630071][ T6216] FAT-fs (loop3): Directory bread(block 69) failed [ 106.638539][ T6218] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 106.675525][ T6216] FAT-fs (loop3): Directory bread(block 70) failed [ 106.682144][ T6216] FAT-fs (loop3): Directory bread(block 71) failed [ 106.763750][ T6216] FAT-fs (loop3): Directory bread(block 72) failed [ 106.799629][ T6218] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters [ 106.841340][ T6216] FAT-fs (loop3): Directory bread(block 73) failed [ 106.851210][ T6218] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2852: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 106.888454][ T6218] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 106.918410][ T6218] EXT4-fs (loop0): This should not happen!! Data will be lost [ 106.918410][ T6218] [ 106.960442][ T6218] EXT4-fs (loop0): Total free blocks count 0 [ 106.995530][ T6218] EXT4-fs (loop0): Free/Dirty block details [ 107.035578][ T6218] EXT4-fs (loop0): free_blocks=20480 [ 107.063866][ T6218] EXT4-fs (loop0): dirty_blocks=48 [ 107.083868][ T6225] netlink: 'syz.1.95': attribute type 1 has an invalid length. [ 107.085776][ T6218] EXT4-fs (loop0): Block reservation details [ 107.110182][ T6225] netlink: 'syz.1.95': attribute type 6 has an invalid length. [ 107.126034][ T6218] EXT4-fs (loop0): i_reserved_data_blocks=3 [ 107.133706][ T6225] netlink: 'syz.1.95': attribute type 3 has an invalid length. [ 107.242292][ T32] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 30 with max blocks 4 with error 28 [ 107.848401][ T6243] loop1: detected capacity change from 0 to 2048 [ 107.963377][ T6249] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 108.020389][ T6243] NILFS error (device loop1): nilfs_check_page: bad entry in directory #2: rec_len is too small for name_len - offset=0, inode=2, rec_len=16, name_len=203 [ 108.045710][ T6243] Remounting filesystem read-only [ 108.055602][ T6243] NILFS error (device loop1): nilfs_check_page: bad entry in directory #2: rec_len is too small for name_len - offset=0, inode=2, rec_len=16, name_len=203 [ 108.077834][ T6251] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 108.123913][ T6251] iommufd_mock iommufd_mock2: Adding to iommu group 1 [ 108.198618][ T6253] loop0: detected capacity change from 0 to 512 [ 108.242932][ T6253] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c02c, mo2=0002] [ 108.264345][ T6253] System zones: 1-12 [ 108.293085][ T6253] EXT4-fs error (device loop0): ext4_xattr_inode_iget:446: comm syz.0.105: error while reading EA inode 32 err=-116 [ 108.419797][ T6258] loop1: detected capacity change from 0 to 256 [ 108.444774][ T6253] EXT4-fs (loop0): Remounting filesystem read-only [ 108.461894][ T6253] EXT4-fs warning (device loop0): ext4_evict_inode:255: couldn't mark inode dirty (err -5) [ 108.482757][ T6253] EXT4-fs (loop0): 1 orphan inode deleted [ 108.492283][ T6253] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 108.514907][ T6258] FAT-fs (loop1): Directory bread(block 1285) failed [ 108.553573][ T6258] FAT-fs (loop1): Directory bread(block 1285) failed [ 108.677756][ T5774] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.862751][ T6265] loop3: detected capacity change from 0 to 1024 [ 108.928067][ T6267] loop1: detected capacity change from 0 to 512 [ 108.982148][ T6267] EXT4-fs (loop1): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 108.997356][ T6265] hfsplus: invalid length 32517 has been corrected to 255 [ 109.076306][ T6270] loop0: detected capacity change from 0 to 1024 [ 109.125058][ T6267] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 109.146357][ T6270] EXT4-fs: Ignoring removed mblk_io_submit option [ 109.180961][ T6270] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 109.222326][ T5770] EXT4-fs (loop1): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 109.268562][ T6270] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 109.451321][ T5774] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.653969][ T6277] loop0: detected capacity change from 0 to 256 [ 109.701885][ T6277] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012c80, chksum : 0x0ff561db, utbl_chksum : 0xe619d30d) [ 109.800506][ T28] audit: type=1800 audit(1768692047.417:6): pid=6277 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.114" name="bus" dev="loop0" ino=1048596 res=0 errno=0 [ 110.193599][ T6296] loop0: detected capacity change from 0 to 128 [ 110.210852][ T6296] FAT-fs (loop0): bogus number of FAT structure [ 110.229752][ T6296] FAT-fs (loop0): This doesn't look like a DOS 1.x volume; no bootstrapping code [ 110.266713][ T6296] FAT-fs (loop0): Can't find a valid FAT filesystem [ 111.081130][ T5082] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201' [ 111.091280][ T5082] CPU: 0 PID: 5082 Comm: kworker/u5:1 Not tainted syzkaller #0 [ 111.098909][ T5082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 111.109029][ T5082] Workqueue: hci1 hci_rx_work [ 111.113812][ T5082] Call Trace: [ 111.117153][ T5082] [ 111.120140][ T5082] dump_stack_lvl+0x18c/0x250 [ 111.124893][ T5082] ? show_regs_print_info+0x20/0x20 [ 111.130164][ T5082] ? load_image+0x400/0x400 [ 111.134796][ T5082] sysfs_create_dir_ns+0x26e/0x2a0 [ 111.139979][ T5082] ? sysfs_warn_dup+0xa0/0xa0 [ 111.144735][ T5082] ? do_raw_spin_unlock+0x121/0x230 [ 111.150002][ T5082] kobject_add_internal+0x61c/0xcc0 [ 111.155280][ T5082] kobject_add+0x164/0x240 [ 111.159828][ T5082] ? __rwlock_init+0x150/0x150 [ 111.164667][ T5082] ? kobject_init+0x1e0/0x1e0 [ 111.169415][ T5082] ? _raw_spin_unlock+0x28/0x40 [ 111.174340][ T5082] ? get_device_parent+0x366/0x390 [ 111.179524][ T5082] device_add+0x408/0xc20 [ 111.183925][ T5082] hci_conn_add_sysfs+0xd5/0x1e0 [ 111.188929][ T5082] le_conn_complete_evt+0xf5d/0x1540 [ 111.194269][ T5082] ? hci_event_packet+0x4cb/0x1270 [ 111.199453][ T5082] ? hci_le_big_info_adv_report_evt+0x910/0x910 [ 111.205761][ T5082] ? __mutex_unlock_slowpath+0x1b4/0x6c0 [ 111.211462][ T5082] ? skb_pull_data+0xfb/0x200 [ 111.216242][ T5082] hci_le_conn_complete_evt+0x187/0x440 [ 111.221855][ T5082] ? hci_remote_host_features_evt+0x150/0x150 [ 111.227995][ T5082] hci_event_packet+0x7ba/0x1270 [ 111.233003][ T5082] ? bis_list+0x290/0x290 [ 111.237403][ T5082] ? lockdep_hardirqs_on+0x98/0x150 [ 111.242664][ T5082] ? hci_send_to_monitor+0xd7/0x4f0 [ 111.247937][ T5082] hci_rx_work+0x43a/0xd60 [ 111.252416][ T5082] ? process_scheduled_works+0x96f/0x15d0 [ 111.258210][ T5082] process_scheduled_works+0xa5d/0x15d0 [ 111.263939][ T5082] ? assign_work+0x430/0x430 [ 111.268589][ T5082] ? assign_work+0x3d0/0x430 [ 111.273241][ T5082] worker_thread+0xa55/0xfc0 [ 111.277903][ T5082] ? _raw_spin_unlock_irqrestore+0xc5/0x120 [ 111.283864][ T5082] ? _raw_spin_unlock+0x40/0x40 [ 111.288788][ T5082] ? _raw_spin_unlock_irqrestore+0x86/0x120 [ 111.294802][ T5082] kthread+0x2fa/0x390 [ 111.298932][ T5082] ? pr_cont_work+0x560/0x560 [ 111.303676][ T5082] ? kthread_blkcg+0xd0/0xd0 [ 111.308339][ T5082] ret_from_fork+0x48/0x80 [ 111.312817][ T5082] ? kthread_blkcg+0xd0/0xd0 [ 111.317460][ T5082] ret_from_fork_asm+0x11/0x20 [ 111.322308][ T5082] [ 111.334532][ T5082] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 111.349717][ T5082] Bluetooth: hci1: failed to register connection device [ 111.536729][ T6333] netlink: 8 bytes leftover after parsing attributes in process `syz.3.138'. [ 111.622000][ T6335] loop1: detected capacity change from 0 to 512 [ 111.660375][ T6335] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 111.708888][ T6335] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a800e01c, mo2=0002] [ 111.729580][ T6335] System zones: 1-12 [ 111.733871][ T6335] EXT4-fs (loop1): orphan cleanup on readonly fs [ 111.789602][ T6335] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.139: invalid indirect mapped block 12 (level 1) [ 111.811679][ T6335] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.139: invalid indirect mapped block 2 (level 2) [ 111.903664][ T6335] EXT4-fs (loop1): 1 truncate cleaned up [ 111.944066][ T6335] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 111.986538][ T6335] EXT4-fs (loop1): ext4_remount: Checksum for group 0 failed (17031!=33349) [ 112.090910][ T5770] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 112.172775][ T6331] loop0: detected capacity change from 0 to 32768 [ 112.214464][ T6331] XFS: noikeep mount option is deprecated. [ 112.290408][ T6331] XFS (loop0): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 112.613646][ T6331] XFS (loop0): Ending clean mount [ 112.668419][ T6331] XFS (loop0): Quotacheck needed: Please wait. [ 112.854372][ T6331] XFS (loop0): Quotacheck: Done. [ 113.275208][ C1] sched: RT throttling activated [ 113.430293][ T5774] XFS (loop0): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 113.443282][ T6354] loop1: detected capacity change from 0 to 131072 [ 113.456314][ T6354] F2FS-fs (loop1): Wrong CP boundary, start(512) end(1536) blocks(0) [ 113.464815][ T6354] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 113.481799][ T6354] F2FS-fs (loop1): invalid crc value [ 113.515543][ T6354] F2FS-fs (loop1): Found nat_bits in checkpoint [ 113.604096][ T6380] loop2: detected capacity change from 0 to 256 [ 113.631593][ T6354] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 113.639147][ T6354] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 113.860777][ T6380] FAT-fs (loop2): Directory bread(block 64) failed [ 113.886420][ T6380] FAT-fs (loop2): Directory bread(block 65) failed [ 113.893235][ T6380] FAT-fs (loop2): Directory bread(block 66) failed [ 113.935416][ T6380] FAT-fs (loop2): Directory bread(block 67) failed [ 113.942229][ T6380] FAT-fs (loop2): Directory bread(block 68) failed [ 113.985359][ T6380] FAT-fs (loop2): Directory bread(block 69) failed [ 114.007279][ T6380] FAT-fs (loop2): Directory bread(block 70) failed [ 114.014069][ T6380] FAT-fs (loop2): Directory bread(block 71) failed [ 114.075392][ T6380] FAT-fs (loop2): Directory bread(block 72) failed [ 114.082015][ T6380] FAT-fs (loop2): Directory bread(block 73) failed [ 114.247458][ T6388] loop3: detected capacity change from 0 to 16 [ 114.364218][ T6388] erofs: (device loop3): mounted with root inode @ nid 36. [ 114.429936][ T5082] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -41 in[4096, 0] out[9000] [ 114.446273][ T6388] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -41 in[4096, 0] out[8192] [ 114.475262][ T28] audit: type=1800 audit(1768692052.087:7): pid=6388 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.156" name="file2" dev="loop3" ino=89 res=0 errno=0 [ 114.514222][ T6388] syz.3.156 (6388) used greatest stack depth: 20336 bytes left [ 115.008056][ T23] libceph: connect (1)[c::]:6789 error -101 [ 115.027395][ T23] libceph: mon0 (1)[c::]:6789 connect error [ 115.057360][ T6399] ceph: No mds server is up or the cluster is laggy [ 115.823583][ T6407] loop3: detected capacity change from 0 to 512 [ 115.942554][ T6407] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.163: invalid indirect mapped block 10 (level 1) [ 116.007852][ T6407] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.163: invalid indirect mapped block 8 (level 1) [ 116.065563][ T6407] EXT4-fs (loop3): 1 truncate cleaned up [ 116.095969][ T6407] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 116.230273][ T6434] loop0: detected capacity change from 0 to 8192 [ 116.244757][ T6435] loop1: detected capacity change from 0 to 4096 [ 116.265891][ T6434] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 116.285644][ T27] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 116.302085][ T6435] ntfs: (device loop1): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 116.330321][ T6434] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 116.346492][ T6434] REISERFS (device loop0): using ordered data mode [ 116.353260][ T6434] reiserfs: using flush barriers [ 116.361389][ T6434] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 116.378905][ T6434] REISERFS (device loop0): checking transaction log (loop0) [ 116.390104][ T5768] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.469009][ T6435] ntfs: volume version 3.1. [ 116.505361][ T27] usb 3-1: Using ep0 maxpacket: 32 [ 116.522702][ T27] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 116.569295][ T27] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 116.606379][ T27] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 116.672033][ T27] usb 3-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00 [ 116.718048][ T27] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 116.756557][ T27] usb 3-1: config 0 descriptor?? [ 116.773293][ T6434] REISERFS (device loop0): Using tea hash to sort names [ 116.803014][ T6434] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 116.899674][ T6434] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [2 5 0x0 SD] (nlink == 2) not found (pos 4) [ 117.058336][ T6441] loop1: detected capacity change from 0 to 2048 [ 117.093190][ T6441] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 117.245773][ T27] input: HID 0458:5011 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0458:5011.0002/input/input5 [ 117.411104][ T27] input: HID 0458:5011 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0458:5011.0002/input/input6 [ 117.433534][ T6442] UDF-fs: warning (device loop1): udf_truncate_tail_extent: Too long extent after EOF in inode 1367: i_size: 266240 lbcount: 270336 extent 129+234496 [ 117.490083][ T27] kye 0003:0458:5011.0002: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0458:5011] on usb-dummy_hcd.2-1/input0 [ 117.515861][ T5082] Bluetooth: hci1: command 0x0406 tx timeout [ 117.880746][ T6438] loop3: detected capacity change from 0 to 40427 [ 117.904841][ T6438] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 117.932414][ T6438] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 117.961921][ T6438] F2FS-fs (loop3): invalid crc_offset: 33558524 [ 118.000788][ T6438] F2FS-fs (loop3): Found nat_bits in checkpoint [ 118.099194][ T6438] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 118.106671][ T6438] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 118.127596][ T6457] netlink: 4 bytes leftover after parsing attributes in process `syz.1.179'. [ 118.150221][ T6438] F2FS-fs (loop3): f2fs_fill_dentries: corrupted namelen=27648, run fsck to fix. [ 118.161576][ T6457] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 118.174525][ T6438] F2FS-fs (loop3): f2fs_fill_dentries: corrupted namelen=27648, run fsck to fix. [ 118.325676][ C1] kye 0003:0458:5011.0002: usb_submit_urb(ctrl) failed: -1 [ 118.343930][ T6457] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 118.895877][ T6475] netlink: 176 bytes leftover after parsing attributes in process `syz.0.184'. [ 118.905080][ T6475] ip6gretap0: entered promiscuous mode [ 118.955743][ T6475] netlink: 176 bytes leftover after parsing attributes in process `syz.0.184'. [ 119.095638][ T6481] netlink: 4 bytes leftover after parsing attributes in process `syz.1.185'. [ 119.191552][ T27] usb 3-1: USB disconnect, device number 3 [ 119.214484][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 119.221333][ C1] vcan0: j1939_xtp_rx_dat: no rx connection found [ 119.227961][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 119.234478][ C1] vcan0: j1939_xtp_rx_dat: no rx connection found [ 119.241108][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 119.247602][ C1] vcan0: j1939_xtp_rx_dat: no rx connection found [ 119.254239][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 119.260745][ C1] vcan0: j1939_xtp_rx_dat: no rx connection found [ 119.267388][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 119.273861][ C1] vcan0: j1939_xtp_rx_dat: no rx connection found [ 119.280488][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 119.288406][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 119.296394][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 119.304308][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 119.312356][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 119.320287][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 119.328333][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 119.336248][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 119.344219][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 119.352154][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 119.360153][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 119.368097][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 119.376084][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 119.383973][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 119.391995][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 119.399893][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 119.407911][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 119.415810][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 119.423793][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 119.431694][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 119.439709][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 119.447599][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 119.455633][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 119.463498][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 119.471542][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 119.479439][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 119.487490][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 119.495391][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 119.503366][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 119.511283][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 119.543079][ T6485] loop0: detected capacity change from 0 to 512 [ 119.550556][ T6485] EXT4-fs: Ignoring removed oldalloc option [ 119.558700][ T6485] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 119.573496][ T6485] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 119.623208][ T6485] EXT4-fs (loop0): 1 truncate cleaned up [ 119.646763][ T6485] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 119.807416][ T6485] loop0: detected capacity change from 512 to 64 [ 119.844804][ T6485] EXT4-fs error (device loop0): mb_free_blocks:1954: group 0, inode 19: block 77:freeing already freed block (bit 76); block bitmap corrupt. [ 119.862461][ T6485] EXT4-fs (loop0): pa ffff888059ca12b8: logic 0, phys. 65, len 64 [ 119.871392][ T6485] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5388: group 0, free 64, pa_free 12 [ 119.910251][ T6472] loop3: detected capacity change from 0 to 32768 [ 119.978313][ T6472] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode. [ 120.097671][ T6495] loop1: detected capacity change from 0 to 64 [ 120.163238][ T5774] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 120.189900][ T6472] (syz.3.181,6472,1):ocfs2_change_extent_flag:5208 ERROR: Owner 17058 tried to clear 1 flags on an extent that didn't have them [ 120.236962][ T6472] (syz.3.181,6472,0):ocfs2_mark_extent_written:5272 ERROR: status = -5 [ 120.271014][ T6472] (syz.3.181,6472,0):ocfs2_write_cluster:1163 ERROR: status = -5 [ 120.330463][ T6472] (syz.3.181,6472,1):ocfs2_write_cluster_by_desc:1248 ERROR: status = -5 [ 120.365670][ T6472] (syz.3.181,6472,1):ocfs2_write_begin_nolock:1820 ERROR: status = -5 [ 120.419005][ T6472] (syz.3.181,6472,1):ocfs2_write_begin:1907 ERROR: status = -5 [ 120.523031][ T5770] hfs: node 4:3 still has 1 user(s)! [ 120.523948][ T6498] loop2: detected capacity change from 0 to 8192 [ 120.569541][ T6498] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 120.584572][ T5768] ocfs2: Unmounting device (7,3) on (node local) [ 120.592308][ T6498] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 120.639656][ T6498] REISERFS (device loop2): using ordered data mode [ 120.690552][ T6498] reiserfs: using flush barriers [ 120.750924][ T6498] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 120.839456][ T6498] REISERFS (device loop2): checking transaction log (loop2) [ 120.853912][ T6506] netlink: 'syz.0.195': attribute type 12 has an invalid length. [ 120.863954][ T6506] netlink: 'syz.0.195': attribute type 29 has an invalid length. [ 120.882400][ T6508] Bluetooth: MGMT ver 1.22 [ 120.882777][ T6506] netlink: 148 bytes leftover after parsing attributes in process `syz.0.195'. [ 120.907305][ T6506] netlink: 'syz.0.195': attribute type 2 has an invalid length. [ 120.919682][ T6506] netlink: 'syz.0.195': attribute type 3 has an invalid length. [ 120.921966][ T6508] Bluetooth: hci0: invalid length 0, exp 2 for type 18 [ 120.929198][ T6506] netlink: 15 bytes leftover after parsing attributes in process `syz.0.195'. [ 121.067483][ T6511] loop1: detected capacity change from 0 to 1024 [ 121.075030][ T6511] EXT4-fs: Ignoring removed nobh option [ 121.084114][ T6511] EXT4-fs: inline encryption not supported [ 121.101085][ T6511] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 121.159692][ T6511] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 121.216350][ T6515] loop0: detected capacity change from 0 to 8 [ 121.244460][ T6498] REISERFS (device loop2): Using tea hash to sort names [ 121.256760][ T6498] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 121.356569][ T6498] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [2 5 0x0 SD] (nlink == 2) not found (pos 1) [ 121.383838][ T5770] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 121.406535][ T6498] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [2 5 0x0 SD] (nlink == 2) not found (pos 1) [ 121.636434][ T27] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 121.846159][ T27] usb 4-1: Using ep0 maxpacket: 8 [ 121.860889][ T27] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 121.873385][ T27] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 121.893394][ T27] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 121.917578][ T27] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 121.941843][ T27] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0 [ 121.990746][ T27] usb 4-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 122.020173][ T27] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 122.041452][ T27] usb 4-1: config 0 descriptor?? [ 122.106518][ T5775] Bluetooth: hci4: urb ffff8880265e3a00 submission failed (90) [ 122.125571][ T6529] netlink: 8 bytes leftover after parsing attributes in process `syz.0.204'. [ 122.307563][ T27] usb 4-1: USB disconnect, device number 3 [ 122.429934][ T6538] loop2: detected capacity change from 0 to 2048 [ 122.437891][ T6537] netlink: 'syz.0.207': attribute type 11 has an invalid length. [ 122.509955][ T6538] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 122.863092][ T6548] input: syz0 as /devices/virtual/input/input7 [ 123.224113][ T6559] loop3: detected capacity change from 0 to 1024 [ 123.247412][ T6559] EXT4-fs: Ignoring removed bh option [ 123.292228][ T6559] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback. [ 123.426473][ T6571] EXT4-fs error (device loop3): ext4_iget_extra_inode:4732: inode #15: comm syz.3.216: corrupted in-inode xattr: e_value out of bounds [ 123.624890][ T5768] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-001000000000. [ 124.418648][ T6586] loop0: detected capacity change from 0 to 32768 [ 124.449253][ T6586] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.226 (6586) [ 124.666980][ T6586] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 124.677510][ T6586] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 124.687248][ T6586] BTRFS info (device loop0): enabling auto defrag [ 124.693790][ T6586] BTRFS info (device loop0): max_inline at 0 [ 124.699904][ T6586] BTRFS info (device loop0): force clearing of disk cache [ 124.707104][ T6586] BTRFS info (device loop0): turning on sync discard [ 124.713856][ T6586] BTRFS info (device loop0): using free space tree [ 124.785443][ T27] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 124.883282][ T6579] loop1: detected capacity change from 0 to 131072 [ 124.972001][ T6586] BTRFS info (device loop0): enabling ssd optimizations [ 124.997631][ T6586] BTRFS info (device loop0): rebuilding free space tree [ 125.015344][ T6579] F2FS-fs (loop1): Found nat_bits in checkpoint [ 125.028133][ T27] usb 4-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 125.078763][ T27] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 125.124829][ T27] usb 4-1: Product: syz [ 125.128397][ T6579] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 125.154754][ T27] usb 4-1: Manufacturer: syz [ 125.179835][ T27] usb 4-1: SerialNumber: syz [ 125.222706][ T27] usb 4-1: config 0 descriptor?? [ 125.256926][ T5774] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 125.491698][ T27] usb 4-1: USB disconnect, device number 4 [ 126.147312][ T6584] syz.2.225: vmalloc error: size 6291456, failed to allocated page array size 12288, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz2,mems_allowed=0-1 [ 126.216131][ T6584] CPU: 0 PID: 6584 Comm: syz.2.225 Not tainted syzkaller #0 [ 126.223514][ T6584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 126.233616][ T6584] Call Trace: [ 126.236959][ T6584] [ 126.239926][ T6584] dump_stack_lvl+0x18c/0x250 [ 126.244652][ T6584] ? show_regs_print_info+0x20/0x20 [ 126.249900][ T6584] ? load_image+0x400/0x400 [ 126.254468][ T6584] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 126.260935][ T6584] ? cpuset_print_current_mems_allowed+0x2e7/0x360 [ 126.267485][ T6584] warn_alloc+0x246/0x340 [ 126.271874][ T6584] ? zone_watermark_ok_safe+0x230/0x230 [ 126.277485][ T6584] ? _raw_spin_unlock+0x28/0x40 [ 126.282405][ T6584] ? netlink_rcv_skb+0x241/0x4d0 [ 126.287422][ T6584] __vmalloc_node_range+0x662/0x1330 [ 126.292776][ T6584] ? __asan_memset+0x22/0x40 [ 126.297456][ T6584] ? free_vm_area+0x50/0x50 [ 126.302039][ T6584] ? kvmalloc_node+0x70/0x180 [ 126.306776][ T6584] ? rcu_is_watching+0x15/0xb0 [ 126.311606][ T6584] ? kvmalloc_node+0x70/0x180 [ 126.316342][ T6584] ? trace_kmalloc+0x1f/0x90 [ 126.321012][ T6584] kvmalloc_node+0x13f/0x180 [ 126.325671][ T6584] ? hash_netport4_resize+0x232/0x1b40 [ 126.331195][ T6584] hash_netport4_resize+0x232/0x1b40 [ 126.336522][ T6584] ? hash_netport4_uadt+0xc99/0xf30 [ 126.341764][ T6584] ? hash_netport4_uadt+0xf30/0xf30 [ 126.346994][ T6584] ? hash_netport4_kadt+0x590/0x590 [ 126.352230][ T6584] ? _local_bh_enable+0xa0/0xa0 [ 126.357114][ T6584] call_ad+0x454/0xb40 [ 126.361222][ T6584] ? ip_set_ad+0x9c0/0x9c0 [ 126.365675][ T6584] ? __nla_parse+0x40/0x50 [ 126.370134][ T6584] ip_set_ad+0x81a/0x9c0 [ 126.374421][ T6584] ? ip_set_dump_done+0x1e0/0x1e0 [ 126.379473][ T6584] ? rcu_is_watching+0x15/0xb0 [ 126.384298][ T6584] nfnetlink_rcv_msg+0xbf0/0x12b0 [ 126.389366][ T6584] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 126.395469][ T6584] ? nfnetlink_rcv_msg+0x22a/0x12b0 [ 126.400746][ T6584] ? nfnetlink_unbind+0x160/0x160 [ 126.405834][ T6584] ? __dev_queue_xmit+0x1ac2/0x36b0 [ 126.411074][ T6584] ? __netlink_deliver_tap+0x5ab/0x830 [ 126.416564][ T6584] ? netlink_deliver_tap+0x19c/0x1b0 [ 126.421885][ T6584] ? netlink_unicast+0x72c/0x8d0 [ 126.426865][ T6584] ? netlink_sendmsg+0x8d0/0xbf0 [ 126.431826][ T6584] ? ____sys_sendmsg+0x5ba/0x960 [ 126.436795][ T6584] ? ___sys_sendmsg+0x2a6/0x360 [ 126.441686][ T6584] ? __se_sys_sendmsg+0x1c2/0x2b0 [ 126.446738][ T6584] ? do_syscall_64+0x55/0xa0 [ 126.451369][ T6584] netlink_rcv_skb+0x241/0x4d0 [ 126.456162][ T6584] ? nfnetlink_unbind+0x160/0x160 [ 126.461218][ T6584] ? netlink_ack+0x1180/0x1180 [ 126.466015][ T6584] ? apparmor_capable+0x137/0x1a0 [ 126.471072][ T6584] ? bpf_lsm_capable+0x9/0x10 [ 126.475786][ T6584] ? security_capable+0x89/0xb0 [ 126.480706][ T6584] nfnetlink_rcv+0x2c9/0x24a0 [ 126.485446][ T6584] ? __local_bh_enable_ip+0x13a/0x1c0 [ 126.490857][ T6584] ? lockdep_hardirqs_on+0x98/0x150 [ 126.496092][ T6584] ? __local_bh_enable_ip+0x13a/0x1c0 [ 126.501497][ T6584] ? _local_bh_enable+0xa0/0xa0 [ 126.506383][ T6584] ? __dev_queue_xmit+0x26b/0x36b0 [ 126.511536][ T6584] ? __dev_queue_xmit+0x26b/0x36b0 [ 126.516686][ T6584] ? __dev_queue_xmit+0x124f/0x36b0 [ 126.521917][ T6584] ? nfnetlink_net_exit_batch+0xa0/0xa0 [ 126.527509][ T6584] ? __dev_queue_xmit+0x26b/0x36b0 [ 126.532693][ T6584] ? ref_tracker_free+0x690/0x840 [ 126.537749][ T6584] ? refcount_inc+0x70/0x70 [ 126.542287][ T6584] ? __asan_memcpy+0x40/0x70 [ 126.546904][ T6584] ? __skb_clone+0x63/0x790 [ 126.551442][ T6584] ? __skb_clone+0x480/0x790 [ 126.556070][ T6584] ? __netlink_deliver_tap+0x7e8/0x830 [ 126.561556][ T6584] ? netlink_deliver_tap+0x2e/0x1b0 [ 126.566785][ T6584] ? __lock_acquire+0x7d40/0x7d40 [ 126.571847][ T6584] ? netlink_deliver_tap+0x2e/0x1b0 [ 126.577078][ T6584] netlink_unicast+0x751/0x8d0 [ 126.581893][ T6584] netlink_sendmsg+0x8d0/0xbf0 [ 126.586693][ T6584] ? netlink_getsockopt+0x590/0x590 [ 126.591919][ T6584] ? aa_sock_msg_perm+0x94/0x150 [ 126.596899][ T6584] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 126.602219][ T6584] ? security_socket_sendmsg+0x80/0xa0 [ 126.607703][ T6584] ? netlink_getsockopt+0x590/0x590 [ 126.612939][ T6584] ____sys_sendmsg+0x5ba/0x960 [ 126.617741][ T6584] ? __asan_memset+0x22/0x40 [ 126.622452][ T6584] ? __sys_sendmsg_sock+0x30/0x30 [ 126.627512][ T6584] ? __import_iovec+0x5f2/0x850 [ 126.632415][ T6584] ? import_iovec+0x73/0xa0 [ 126.636960][ T6584] ___sys_sendmsg+0x2a6/0x360 [ 126.641683][ T6584] ? __sys_sendmsg+0x2a0/0x2a0 [ 126.646516][ T6584] __se_sys_sendmsg+0x1c2/0x2b0 [ 126.651447][ T6584] ? __x64_sys_sendmsg+0x80/0x80 [ 126.656430][ T6584] ? lockdep_hardirqs_on+0x98/0x150 [ 126.661660][ T6584] do_syscall_64+0x55/0xa0 [ 126.666101][ T6584] ? clear_bhb_loop+0x40/0x90 [ 126.670805][ T6584] ? clear_bhb_loop+0x40/0x90 [ 126.675519][ T6584] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 126.681451][ T6584] RIP: 0033:0x7f9f4419acb9 [ 126.685955][ T6584] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 126.705594][ T6584] RSP: 002b:00007f9f45085028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 126.714045][ T6584] RAX: ffffffffffffffda RBX: 00007f9f44415fa0 RCX: 00007f9f4419acb9 [ 126.722060][ T6584] RDX: 0000000000000080 RSI: 00002000000002c0 RDI: 0000000000000004 [ 126.730067][ T6584] RBP: 00007f9f44208bf7 R08: 0000000000000000 R09: 0000000000000000 [ 126.738074][ T6584] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 126.746072][ T6584] R13: 00007f9f44416038 R14: 00007f9f44415fa0 R15: 00007ffd75e9def8 [ 126.754088][ T6584] [ 126.935381][ T6584] Mem-Info: [ 126.938698][ T6584] active_anon:18376 inactive_anon:0 isolated_anon:0 [ 126.938698][ T6584] active_file:1240 inactive_file:40020 isolated_file:0 [ 126.938698][ T6584] unevictable:768 dirty:176 writeback:0 [ 126.938698][ T6584] slab_reclaimable:10305 slab_unreclaimable:93069 [ 126.938698][ T6584] mapped:24708 shmem:13639 pagetables:577 [ 126.938698][ T6584] sec_pagetables:0 bounce:0 [ 126.938698][ T6584] kernel_misc_reclaimable:0 [ 126.938698][ T6584] free:1347577 free_pcp:9851 free_cma:0 [ 127.026330][ T6617] loop3: detected capacity change from 0 to 512 [ 127.052784][ T6617] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 127.085353][ T6584] Node 0 active_anon:70604kB inactive_anon:0kB active_file:4960kB inactive_file:159876kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:98832kB dirty:704kB writeback:0kB shmem:50020kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11216kB pagetables:2308kB sec_pagetables:0kB all_unreclaimable? no [ 127.120797][ T6617] EXT4-fs (loop3): 1 truncate cleaned up [ 127.136521][ T6617] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 127.141512][ T6584] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 127.181158][ T6584] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 127.208891][ T6584] lowmem_reserve[]: 0 2521 2522 2522 2522 [ 127.214745][ T6584] Node 0 DMA32 free:1487808kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:70128kB inactive_anon:0kB active_file:4960kB inactive_file:159084kB unevictable:1536kB writepending:716kB present:3129332kB managed:2586960kB mlocked:0kB bounce:0kB free_pcp:19316kB local_pcp:1264kB free_cma:0kB [ 127.254631][ T6584] lowmem_reserve[]: 0 0 0 0 0 [ 127.260048][ T6584] Node 0 Normal free:8kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:828kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 127.305293][ T6584] lowmem_reserve[]: 0 0 0 0 0 [ 127.310132][ T6584] Node 1 Normal free:3886712kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:23484kB local_pcp:11800kB free_cma:0kB [ 127.364083][ T6615] loop0: detected capacity change from 0 to 32768 [ 127.375082][ T6584] lowmem_reserve[]: 0 0 0 0 0 [ 127.380701][ T6584] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 127.394101][ T6584] Node 0 DMA32: 361*4kB (UME) 936*8kB (UME) 706*16kB (UME) 372*32kB (UME) 123*64kB (UME) 39*128kB (UME) 21*256kB (UM) 1*512kB (E) 1*1024kB (M) 3*2048kB (UE) 349*4096kB (M) = 1487556kB [ 127.420480][ T6584] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 127.433031][ T6584] Node 1 Normal: 184*4kB (UME) 61*8kB (UME) 41*16kB (UME) 43*32kB (UME) 19*64kB (UME) 6*128kB (UE) 2*256kB (UE) 2*512kB (ME) 1*1024kB (U) 2*2048kB (UE) 946*4096kB (M) = 3886712kB [ 127.464112][ T6615] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 127.491248][ T6615] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 127.496218][ T6584] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 127.526347][ T6584] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 127.536587][ T6584] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 127.548485][ T6584] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 127.567334][ T5768] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 127.615395][ T6584] 51783 total pagecache pages [ 127.633387][ T6584] 0 pages in swap cache [ 127.659553][ T6584] Free swap = 124472kB [ 127.668630][ T6615] XFS (loop0): Ending clean mount [ 127.685558][ T6584] Total swap = 124996kB [ 127.692914][ T6584] 2097051 pages RAM [ 127.702926][ T6584] 0 pages HighMem/MovableOnly [ 127.723600][ T6615] XFS (loop0): Quotacheck needed: Please wait. [ 127.734225][ T6584] 416925 pages reserved [ 127.747221][ T6584] 0 pages cma reserved [ 127.825826][ T6615] XFS (loop0): Quotacheck: Done. [ 128.043801][ T6635] syz.3.233 uses obsolete (PF_INET,SOCK_PACKET) [ 128.083637][ T5774] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 128.643543][ T964] libceph: connect (1)[c::]:6789 error -101 [ 128.657757][ T964] libceph: mon0 (1)[c::]:6789 connect error [ 128.699235][ T6655] syz_tun: entered promiscuous mode [ 128.709162][ T6655] batadv_slave_0: entered promiscuous mode [ 128.721336][ T6655] hsr1: entered allmulticast mode [ 128.731496][ T6655] syz_tun: entered allmulticast mode [ 128.739117][ T6655] batadv_slave_0: entered allmulticast mode [ 128.928527][ T964] libceph: connect (1)[c::]:6789 error -101 [ 128.942534][ T964] libceph: mon0 (1)[c::]:6789 connect error [ 129.296681][ T6672] loop0: detected capacity change from 0 to 1024 [ 129.420712][ T6649] ceph: No mds server is up or the cluster is laggy [ 129.435028][ T6677] loop3: detected capacity change from 0 to 256 [ 129.598608][ T6677] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x09066d1f, utbl_chksum : 0xe619d30d) [ 129.693271][ T6680] loop1: detected capacity change from 0 to 1024 [ 130.252193][ T6694] loop1: detected capacity change from 0 to 2048 [ 130.368027][ T6694] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 130.389181][ T6699] binder: 6698:6699 ioctl c0306201 2000000003c0 returned -22 [ 130.420484][ T6694] ext4 filesystem being mounted at /56/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 130.466243][ T6675] loop2: detected capacity change from 0 to 40427 [ 130.498987][ T6675] F2FS-fs (loop2): Wrong segment_count / block_count (31 > 0) [ 130.543849][ T6675] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock [ 130.601674][ T6675] F2FS-fs (loop2): invalid crc value [ 130.620975][ T5770] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.637814][ T6675] F2FS-fs (loop2): Found nat_bits in checkpoint [ 130.773592][ T6675] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0 [ 130.781179][ T6675] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 130.836176][ T6709] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 130.914887][ T6712] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 131.109727][ T5766] syz-executor: attempt to access beyond end of device [ 131.109727][ T5766] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 131.169465][ T5766] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 131.189084][ T5766] syz-executor: attempt to access beyond end of device [ 131.189084][ T5766] loop2: rw=2049, sector=45128, nr_sectors = 8 limit=40427 [ 131.223362][ T5766] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 131.738106][ T6730] loop1: detected capacity change from 0 to 2048 [ 131.766652][ T6730] EXT4-fs: Ignoring removed bh option [ 131.817344][ T6713] loop0: detected capacity change from 0 to 32768 [ 131.843883][ T6730] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 131.917359][ T6730] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 131.920597][ T6713] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 131.945813][ T6730] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 159 with max blocks 1 with error 28 [ 131.986668][ T6730] EXT4-fs (loop1): This should not happen!! Data will be lost [ 131.986668][ T6730] [ 132.083094][ T6730] EXT4-fs (loop1): Total free blocks count 0 [ 132.111072][ T28] audit: type=1804 audit(1768692069.727:8): pid=6742 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.263" name="/newroot/60/file1/file1" dev="loop1" ino=15 res=1 errno=0 [ 132.125486][ T6730] EXT4-fs (loop1): Free/Dirty block details [ 132.140024][ T6744] netlink: 'syz.2.260': attribute type 39 has an invalid length. [ 132.167261][ T6730] EXT4-fs (loop1): free_blocks=2415919104 [ 132.187060][ T6730] EXT4-fs (loop1): dirty_blocks=32 [ 132.206956][ T6713] XFS (loop0): Ending clean mount [ 132.214557][ T6730] EXT4-fs (loop1): Block reservation details [ 132.251277][ T6730] EXT4-fs (loop1): i_reserved_data_blocks=2 [ 132.276534][ T6713] XFS (loop0): Quotacheck needed: Please wait. [ 132.337702][ T6713] XFS (loop0): Quotacheck: Done. [ 132.389966][ T28] audit: type=1800 audit(1768692070.007:9): pid=6713 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.257" name="file1" dev="loop0" ino=9286 res=0 errno=0 [ 132.416302][ T5069] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 132.734754][ T6728] loop3: detected capacity change from 0 to 32768 [ 132.781615][ T6728] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 scanned by syz.3.262 (6728) [ 132.784674][ T5774] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 132.824359][ T6728] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 132.837386][ T6728] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 132.865975][ T6728] BTRFS info (device loop3): force zlib compression, level 3 [ 132.884862][ T6728] BTRFS info (device loop3): force clearing of disk cache [ 132.910102][ T6728] BTRFS info (device loop3): turning off barriers [ 132.945752][ T6728] BTRFS info (device loop3): doing ref verification [ 132.952456][ T6728] BTRFS info (device loop3): enabling disk space caching [ 133.003521][ T6728] BTRFS info (device loop3): disk space caching is enabled [ 133.133986][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.152116][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.262698][ T6728] BTRFS info (device loop3): enabling ssd optimizations [ 133.275303][ T6728] BTRFS info (device loop3): auto enabling async discard [ 133.353563][ T6728] BTRFS info (device loop3): rebuilding free space tree [ 133.417822][ T6728] BTRFS info (device loop3): disabling free space tree [ 133.437658][ T6728] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 133.447846][ T6772] tipc: Started in network mode [ 133.453242][ T6772] tipc: Node identity ac14140f, cluster identity 4711 [ 133.465319][ T6728] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 133.488501][ T6772] tipc: New replicast peer: 255.255.255.255 [ 133.497671][ T6752] loop2: detected capacity change from 0 to 32768 [ 133.511652][ T6772] tipc: Enabled bearer , priority 10 [ 133.526906][ T6752] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.266 (6752) [ 133.641978][ T6752] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 133.693654][ T6752] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 133.735449][ T6752] BTRFS info (device loop2): setting nodatacow, compression disabled [ 133.757096][ T6752] BTRFS info (device loop2): enabling disk space caching [ 133.775290][ T6752] BTRFS info (device loop2): turning off barriers [ 133.784788][ T5768] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 133.795023][ T6752] BTRFS info (device loop2): turning on flush-on-commit [ 133.795050][ T6752] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_LZO (0x8) [ 133.795159][ T6752] BTRFS info (device loop2): force lzo compression, level 0 [ 133.853925][ T6752] BTRFS info (device loop2): max_inline at 0 [ 133.874144][ T6752] BTRFS info (device loop2): force clearing of disk cache [ 133.912152][ T6752] BTRFS info (device loop2): using default commit interval 30s [ 133.954666][ T6752] BTRFS info (device loop2): enabling ssd optimizations [ 133.977327][ T6752] BTRFS info (device loop2): max_inline at 868 [ 134.015877][ T6752] BTRFS info (device loop2): disk space caching is enabled [ 134.295025][ T28] audit: type=1326 audit(1768692071.907:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6799 comm="syz.3.274" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f82e539acb9 code=0x0 [ 134.342325][ T6609] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 11 /dev/loop3 scanned by udevd (6609) [ 134.371970][ T6752] BTRFS info (device loop2): auto enabling async discard [ 134.403947][ T6752] BTRFS info (device loop2): rebuilding free space tree [ 134.444861][ T6752] BTRFS info (device loop2): disabling free space tree [ 134.462726][ T6752] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 134.505009][ T6752] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 134.618335][ T27] tipc: Node number set to 2886997007 [ 135.047688][ T5766] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 135.775435][ T8] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 135.836842][ T6831] loop3: detected capacity change from 0 to 64 [ 135.985338][ T8] usb 1-1: Using ep0 maxpacket: 8 [ 136.002624][ T8] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 136.027818][ T8] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 136.052397][ T8] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 136.080012][ T8] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 136.122737][ T8] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 136.147069][ T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 136.383833][ T8] usb 1-1: GET_CAPABILITIES returned 0 [ 136.401591][ T8] usbtmc 1-1:16.0: can't read capabilities [ 136.608941][ C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 136.618572][ C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 136.627721][ C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 136.662166][ C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 136.688724][ C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 136.698001][ C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 136.722750][ C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 136.731933][ C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 136.741087][ C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 136.758097][ C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 136.758649][ T6852] input: syz1 as /devices/virtual/input/input8 [ 136.767248][ C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 136.767304][ C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 136.773308][ C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 136.805860][ C1] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 136.815115][ C1] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 136.824260][ C1] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 136.897709][ T27] usb 1-1: USB disconnect, device number 4 [ 137.531419][ T6853] loop3: detected capacity change from 0 to 40427 [ 137.568535][ T6853] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 137.584630][ T6853] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 137.597430][ T6853] F2FS-fs (loop3): invalid crc value [ 137.619098][ T6853] F2FS-fs (loop3): Found nat_bits in checkpoint [ 137.763420][ T6853] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 137.791746][ T6853] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 138.119256][ T6883] nbd2: detected capacity change from 0 to 8 [ 138.179449][ T6888] block nbd2: shutting down sockets [ 138.235907][ C0] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 138.245451][ C0] Buffer I/O error on dev nbd2, logical block 0, async page read [ 138.253477][ T24] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 138.265922][ T24] Buffer I/O error on dev nbd2, logical block 0, async page read [ 138.295397][ T5759] ldm_validate_partition_table(): Disk read failed. [ 138.326308][ T5759] Dev nbd2: unable to read RDB block 0 [ 138.354775][ T5759] nbd2: unable to read partition table [ 138.361159][ T5759] nbd2: partition table beyond EOD, truncated [ 138.494969][ T6894] loop1: detected capacity change from 0 to 256 [ 138.589910][ T6894] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18d7c, utbl_chksum : 0xe619d30d) [ 139.283879][ T6911] kvm: user requested TSC rate below hardware speed [ 139.315516][ T6911] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. [ 139.708983][ T6914] loop3: detected capacity change from 0 to 32768 [ 139.735697][ T6914] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 scanned by syz.3.307 (6914) [ 139.788078][ T6914] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 139.817127][ T6914] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm [ 139.836625][ T6914] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 139.846646][ T6914] BTRFS info (device loop3): use zstd compression, level 3 [ 139.854222][ T6914] BTRFS info (device loop3): using free space tree [ 139.976305][ T6914] BTRFS info (device loop3): enabling ssd optimizations [ 139.996367][ T6914] BTRFS info (device loop3): auto enabling async discard [ 140.193471][ T5768] BTRFS info (device loop3): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 140.475067][ T5759] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 10 /dev/loop3 scanned by udevd (5759) [ 140.984115][ T6953] loop2: detected capacity change from 0 to 2048 [ 141.041644][ T6953] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 141.151466][ T6956] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 141.489763][ T6960] loop2: detected capacity change from 0 to 1024 [ 141.518504][ T6960] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 141.554146][ T6960] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 141.566104][ T6960] EXT4-fs (loop2): orphan cleanup on readonly fs [ 141.574954][ T6960] EXT4-fs error (device loop2): ext4_free_blocks:6692: comm syz.2.327: Freeing blocks not in datazone - block = 0, count = 4096 [ 141.630443][ T6960] EXT4-fs (loop2): 1 orphan inode deleted [ 141.665792][ T6960] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 141.843079][ T5766] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.039062][ T6970] loop2: detected capacity change from 0 to 1024 [ 142.300889][ T1082] hfsplus: b-tree write err: -5, ino 4 [ 142.491979][ T6983] netlink: 96 bytes leftover after parsing attributes in process `syz.0.336'. [ 142.526414][ T6984] [ 142.528816][ T6984] ===================================================== [ 142.535789][ T6984] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected [ 142.543304][ T6984] syzkaller #0 Not tainted [ 142.547749][ T6984] ----------------------------------------------------- [ 142.554708][ T6984] syz.3.337/6984 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 142.562296][ T6984] ffff88802dd7f018 (&new->fa_lock){....}-{2:2}, at: kill_fasync+0x192/0x4b0 [ 142.571066][ T6984] [ 142.571066][ T6984] and this task is already holding: [ 142.578470][ T6984] ffff88805da0b028 (&client->buffer_lock){....}-{2:2}, at: evdev_pass_values+0xcb/0xab0 [ 142.588278][ T6984] which would create a new lock dependency: [ 142.594192][ T6984] (&client->buffer_lock){....}-{2:2} -> (&new->fa_lock){....}-{2:2} [ 142.602337][ T6984] [ 142.602337][ T6984] but this new dependency connects a HARDIRQ-irq-safe lock: [ 142.611820][ T6984] (&dev->event_lock#2){-...}-{2:2} [ 142.611862][ T6984] [ 142.611862][ T6984] ... which became HARDIRQ-irq-safe at: [ 142.624821][ T6984] lock_acquire+0x19e/0x420 [ 142.629481][ T6984] _raw_spin_lock_irqsave+0xb4/0x100 [ 142.634899][ T6984] input_event+0x7a/0xc0 [ 142.639266][ T6984] psmouse_report_standard_packet+0x53/0x200 [ 142.645377][ T6984] psmouse_process_byte+0x478/0x670 [ 142.650702][ T6984] psmouse_handle_byte+0x43/0x490 [ 142.655868][ T6984] ps2_interrupt+0x164/0x980 [ 142.660589][ T6984] serio_interrupt+0x8b/0x130 [ 142.665398][ T6984] i8042_interrupt+0x385/0x710 [ 142.670300][ T6984] __handle_irq_event_percpu+0x271/0x940 [ 142.676070][ T6984] handle_irq_event+0x8b/0x1e0 [ 142.680975][ T6984] handle_edge_irq+0x247/0xb30 [ 142.685872][ T6984] __common_interrupt+0x13b/0x230 [ 142.691023][ T6984] common_interrupt+0xb4/0xd0 [ 142.695833][ T6984] asm_common_interrupt+0x26/0x40 [ 142.700991][ T6984] _raw_spin_unlock_irqrestore+0xc0/0x120 [ 142.706848][ T6984] i8042_aux_write+0x109/0x170 [ 142.711751][ T6984] ps2_do_sendbyte+0x1fd/0x6f0 [ 142.716681][ T6984] ps2_sendbyte+0x5f/0x120 [ 142.721233][ T6984] cypress_send_ext_cmd+0x244/0x930 [ 142.726565][ T6984] cypress_detect+0x93/0x1a0 [ 142.731291][ T6984] psmouse_extensions+0x471/0xc00 [ 142.736449][ T6984] psmouse_switch_protocol+0xc8/0x5f0 [ 142.741983][ T6984] psmouse_connect+0x8d8/0x14c0 [ 142.746987][ T6984] serio_driver_probe+0x7a/0xa0 [ 142.751975][ T6984] really_probe+0x25b/0xb20 [ 142.756614][ T6984] __driver_probe_device+0x18c/0x330 [ 142.762038][ T6984] driver_probe_device+0x4f/0x420 [ 142.767195][ T6984] __driver_attach+0x44e/0x6e0 [ 142.772092][ T6984] bus_for_each_dev+0x235/0x2b0 [ 142.777079][ T6984] serio_handle_event+0x1a2/0x860 [ 142.782236][ T6984] process_scheduled_works+0xa5d/0x15d0 [ 142.787916][ T6984] worker_thread+0xa55/0xfc0 [ 142.792642][ T6984] kthread+0x2fa/0x390 [ 142.796846][ T6984] ret_from_fork+0x48/0x80 [ 142.801397][ T6984] ret_from_fork_asm+0x11/0x20 [ 142.806303][ T6984] [ 142.806303][ T6984] to a HARDIRQ-irq-unsafe lock: [ 142.813363][ T6984] (tasklist_lock){.+.+}-{2:2} [ 142.813401][ T6984] [ 142.813401][ T6984] ... which became HARDIRQ-irq-unsafe at: [ 142.826160][ T6984] ... [ 142.826172][ T6984] lock_acquire+0x19e/0x420 [ 142.833429][ T6984] _raw_read_lock+0x36/0x50 [ 142.838070][ T6984] do_wait+0x294/0xae0 [ 142.842281][ T6984] kernel_wait+0xd7/0x1c0 [ 142.846800][ T6984] call_usermodehelper_exec_work+0xb9/0x220 [ 142.852833][ T6984] process_scheduled_works+0xa5d/0x15d0 [ 142.858515][ T6984] worker_thread+0xa55/0xfc0 [ 142.863260][ T6984] kthread+0x2fa/0x390 [ 142.867463][ T6984] ret_from_fork+0x48/0x80 [ 142.872026][ T6984] ret_from_fork_asm+0x11/0x20 [ 142.876933][ T6984] [ 142.876933][ T6984] other info that might help us debug this: [ 142.876933][ T6984] [ 142.887206][ T6984] Chain exists of: [ 142.887206][ T6984] &dev->event_lock#2 --> &client->buffer_lock --> tasklist_lock [ 142.887206][ T6984] [ 142.900840][ T6984] Possible interrupt unsafe locking scenario: [ 142.900840][ T6984] [ 142.909198][ T6984] CPU0 CPU1 [ 142.914620][ T6984] ---- ---- [ 142.920027][ T6984] lock(tasklist_lock); [ 142.924388][ T6984] local_irq_disable(); [ 142.931200][ T6984] lock(&dev->event_lock#2); [ 142.938458][ T6984] lock(&client->buffer_lock); [ 142.945885][ T6984] [ 142.949377][ T6984] lock(&dev->event_lock#2); [ 142.954290][ T6984] [ 142.954290][ T6984] *** DEADLOCK *** [ 142.954290][ T6984] [ 142.962732][ T6984] 7 locks held by syz.3.337/6984: [ 142.967857][ T6984] #0: ffff888144f7e110 (&evdev->mutex){+.+.}-{3:3}, at: evdev_write+0x180/0x490 [ 142.977069][ T6984] #1: ffff8881426e4230 (&dev->event_lock#2){-...}-{2:2}, at: input_inject_event+0xab/0x320 [ 142.987251][ T6984] #2: ffffffff8d12ffe0 (rcu_read_lock){....}-{1:2}, at: input_inject_event+0xbc/0x320 [ 142.996994][ T6984] #3: ffffffff8d12ffe0 (rcu_read_lock){....}-{1:2}, at: input_pass_values+0xa3/0x12f0 [ 143.006764][ T6984] #4: ffffffff8d12ffe0 (rcu_read_lock){....}-{1:2}, at: evdev_events+0x79/0x330 [ 143.016078][ T6984] #5: ffff88805da0b028 (&client->buffer_lock){....}-{2:2}, at: evdev_pass_values+0xcb/0xab0 [ 143.026339][ T6984] #6: ffffffff8d12ffe0 (rcu_read_lock){....}-{1:2}, at: kill_fasync+0x53/0x4b0 [ 143.035479][ T6984] [ 143.035479][ T6984] the dependencies between HARDIRQ-irq-safe lock and the holding lock: [ 143.045931][ T6984] -> (&dev->event_lock#2){-...}-{2:2} { [ 143.051642][ T6984] IN-HARDIRQ-W at: [ 143.055747][ T6984] lock_acquire+0x19e/0x420 [ 143.062127][ T6984] _raw_spin_lock_irqsave+0xb4/0x100 [ 143.069285][ T6984] input_event+0x7a/0xc0 [ 143.075416][ T6984] psmouse_report_standard_packet+0x53/0x200 [ 143.083274][ T6984] psmouse_process_byte+0x478/0x670 [ 143.090364][ T6984] psmouse_handle_byte+0x43/0x490 [ 143.097289][ T6984] ps2_interrupt+0x164/0x980 [ 143.103761][ T6984] serio_interrupt+0x8b/0x130 [ 143.110310][ T6984] i8042_interrupt+0x385/0x710 [ 143.116954][ T6984] __handle_irq_event_percpu+0x271/0x940 [ 143.124474][ T6984] handle_irq_event+0x8b/0x1e0 [ 143.131117][ T6984] handle_edge_irq+0x247/0xb30 [ 143.137753][ T6984] __common_interrupt+0x13b/0x230 [ 143.144642][ T6984] common_interrupt+0xb4/0xd0 [ 143.151203][ T6984] asm_common_interrupt+0x26/0x40 [ 143.158096][ T6984] _raw_spin_unlock_irqrestore+0xc0/0x120 [ 143.165683][ T6984] i8042_aux_write+0x109/0x170 [ 143.172316][ T6984] ps2_do_sendbyte+0x1fd/0x6f0 [ 143.178958][ T6984] ps2_sendbyte+0x5f/0x120 [ 143.185248][ T6984] cypress_send_ext_cmd+0x244/0x930 [ 143.192315][ T6984] cypress_detect+0x93/0x1a0 [ 143.198776][ T6984] psmouse_extensions+0x471/0xc00 [ 143.205668][ T6984] psmouse_switch_protocol+0xc8/0x5f0 [ 143.212910][ T6984] psmouse_connect+0x8d8/0x14c0 [ 143.219724][ T6984] serio_driver_probe+0x7a/0xa0 [ 143.226445][ T6984] really_probe+0x25b/0xb20 [ 143.232821][ T6984] __driver_probe_device+0x18c/0x330 [ 143.239978][ T6984] driver_probe_device+0x4f/0x420 [ 143.246875][ T6984] __driver_attach+0x44e/0x6e0 [ 143.253508][ T6984] bus_for_each_dev+0x235/0x2b0 [ 143.260223][ T6984] serio_handle_event+0x1a2/0x860 [ 143.267123][ T6984] process_scheduled_works+0xa5d/0x15d0 [ 143.274547][ T6984] worker_thread+0xa55/0xfc0 [ 143.281021][ T6984] kthread+0x2fa/0x390 [ 143.286951][ T6984] ret_from_fork+0x48/0x80 [ 143.293238][ T6984] ret_from_fork_asm+0x11/0x20 [ 143.299876][ T6984] INITIAL USE at: [ 143.303891][ T6984] lock_acquire+0x19e/0x420 [ 143.310174][ T6984] _raw_spin_lock_irqsave+0xb4/0x100 [ 143.317244][ T6984] input_inject_event+0xab/0x320 [ 143.323964][ T6984] led_trigger_event+0x133/0x210 [ 143.330689][ T6984] kbd_led_trigger_activate+0xbd/0x100 [ 143.337935][ T6984] led_trigger_set+0x52c/0x950 [ 143.344494][ T6984] led_trigger_set_default+0x1a0/0x1e0 [ 143.351747][ T6984] led_classdev_register_ext+0x733/0x9b0 [ 143.359167][ T6984] input_leds_connect+0x4eb/0x6b0 [ 143.365969][ T6984] input_register_device+0xcdc/0x1070 [ 143.373126][ T6984] atkbd_connect+0x70a/0x9b0 [ 143.379499][ T6984] serio_driver_probe+0x7a/0xa0 [ 143.386138][ T6984] really_probe+0x25b/0xb20 [ 143.392512][ T6984] __driver_probe_device+0x18c/0x330 [ 143.399578][ T6984] driver_probe_device+0x4f/0x420 [ 143.406385][ T6984] __driver_attach+0x44e/0x6e0 [ 143.412918][ T6984] bus_for_each_dev+0x235/0x2b0 [ 143.419546][ T6984] serio_handle_event+0x1a2/0x860 [ 143.426358][ T6984] process_scheduled_works+0xa5d/0x15d0 [ 143.433693][ T6984] worker_thread+0xa55/0xfc0 [ 143.440100][ T6984] kthread+0x2fa/0x390 [ 143.445951][ T6984] ret_from_fork+0x48/0x80 [ 143.452140][ T6984] ret_from_fork_asm+0x11/0x20 [ 143.458690][ T6984] } [ 143.461320][ T6984] ... key at: [] input_allocate_device.__key.5+0x0/0x20 [ 143.470502][ T6984] -> (&client->buffer_lock){....}-{2:2} { [ 143.476285][ T6984] INITIAL USE at: [ 143.480228][ T6984] lock_acquire+0x19e/0x420 [ 143.486334][ T6984] _raw_spin_lock+0x2e/0x40 [ 143.492448][ T6984] evdev_pass_values+0xcb/0xab0 [ 143.498908][ T6984] evdev_events+0x1d8/0x330 [ 143.505022][ T6984] input_pass_values+0x905/0x12f0 [ 143.511689][ T6984] input_event_dispose+0x346/0x6c0 [ 143.518417][ T6984] input_inject_event+0x1f9/0x320 [ 143.525085][ T6984] evdev_write+0x35f/0x490 [ 143.531125][ T6984] vfs_write+0x296/0x990 [ 143.536997][ T6984] ksys_write+0x150/0x260 [ 143.542939][ T6984] do_syscall_64+0x55/0xa0 [ 143.548967][ T6984] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 143.556473][ T6984] } [ 143.559018][ T6984] ... key at: [] evdev_open.__key.28+0x0/0x20 [ 143.567275][ T6984] ... acquired at: [ 143.571113][ T6984] _raw_spin_lock+0x2e/0x40 [ 143.575844][ T6984] evdev_pass_values+0xcb/0xab0 [ 143.580923][ T6984] evdev_events+0x1d8/0x330 [ 143.585638][ T6984] input_pass_values+0x905/0x12f0 [ 143.590849][ T6984] input_event_dispose+0x346/0x6c0 [ 143.596146][ T6984] input_inject_event+0x1f9/0x320 [ 143.601364][ T6984] evdev_write+0x35f/0x490 [ 143.606015][ T6984] vfs_write+0x296/0x990 [ 143.610456][ T6984] ksys_write+0x150/0x260 [ 143.614978][ T6984] do_syscall_64+0x55/0xa0 [ 143.619584][ T6984] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 143.625680][ T6984] [ 143.628057][ T6984] [ 143.628057][ T6984] the dependencies between the lock to be acquired [ 143.628070][ T6984] and HARDIRQ-irq-unsafe lock: [ 143.641641][ T6984] -> (tasklist_lock){.+.+}-{2:2} { [ 143.646967][ T6984] HARDIRQ-ON-R at: [ 143.651147][ T6984] lock_acquire+0x19e/0x420 [ 143.657661][ T6984] _raw_read_lock+0x36/0x50 [ 143.664175][ T6984] do_wait+0x294/0xae0 [ 143.670266][ T6984] kernel_wait+0xd7/0x1c0 [ 143.676634][ T6984] call_usermodehelper_exec_work+0xb9/0x220 [ 143.684588][ T6984] process_scheduled_works+0xa5d/0x15d0 [ 143.692196][ T6984] worker_thread+0xa55/0xfc0 [ 143.698832][ T6984] kthread+0x2fa/0x390 [ 143.704908][ T6984] ret_from_fork+0x48/0x80 [ 143.711334][ T6984] ret_from_fork_asm+0x11/0x20 [ 143.718107][ T6984] SOFTIRQ-ON-R at: [ 143.722277][ T6984] lock_acquire+0x19e/0x420 [ 143.728821][ T6984] _raw_read_lock+0x36/0x50 [ 143.735384][ T6984] do_wait+0x294/0xae0 [ 143.741567][ T6984] kernel_wait+0xd7/0x1c0 [ 143.747921][ T6984] call_usermodehelper_exec_work+0xb9/0x220 [ 143.755830][ T6984] process_scheduled_works+0xa5d/0x15d0 [ 143.763403][ T6984] worker_thread+0xa55/0xfc0 [ 143.770027][ T6984] kthread+0x2fa/0x390 [ 143.776118][ T6984] ret_from_fork+0x48/0x80 [ 143.782573][ T6984] ret_from_fork_asm+0x11/0x20 [ 143.789402][ T6984] INITIAL USE at: [ 143.793494][ T6984] lock_acquire+0x19e/0x420 [ 143.800095][ T6984] _raw_write_lock_irq+0xaf/0xf0 [ 143.806972][ T6984] copy_process+0x2275/0x3d80 [ 143.813573][ T6984] kernel_clone+0x24b/0x8a0 [ 143.820002][ T6984] user_mode_thread+0x111/0x180 [ 143.826790][ T6984] rest_init+0x27/0x300 [ 143.832922][ T6984] arch_call_rest_init+0xe/0x10 [ 143.839728][ T6984] start_kernel+0x459/0x4e0 [ 143.846151][ T6984] x86_64_start_reservations+0x2a/0x30 [ 143.853546][ T6984] copy_bootdata+0x0/0xe0 [ 143.859814][ T6984] secondary_startup_64_no_verify+0x179/0x17b [ 143.867813][ T6984] INITIAL READ USE at: [ 143.872336][ T6984] lock_acquire+0x19e/0x420 [ 143.879221][ T6984] _raw_read_lock+0x36/0x50 [ 143.886115][ T6984] do_wait+0x294/0xae0 [ 143.892567][ T6984] kernel_wait+0xd7/0x1c0 [ 143.899264][ T6984] call_usermodehelper_exec_work+0xb9/0x220 [ 143.907522][ T6984] process_scheduled_works+0xa5d/0x15d0 [ 143.915428][ T6984] worker_thread+0xa55/0xfc0 [ 143.922428][ T6984] kthread+0x2fa/0x390 [ 143.928865][ T6984] ret_from_fork+0x48/0x80 [ 143.935686][ T6984] ret_from_fork_asm+0x11/0x20 [ 143.942819][ T6984] } [ 143.945502][ T6984] ... key at: [] tasklist_lock+0x18/0x40 [ 143.953415][ T6984] ... acquired at: [ 143.957399][ T6984] _raw_read_lock+0x36/0x50 [ 143.962085][ T6984] send_sigurg+0xf0/0x3c0 [ 143.966596][ T6984] sk_send_sigurg+0x6f/0xc0 [ 143.971289][ T6984] queue_oob+0x3f1/0x4f0 [ 143.975777][ T6984] unix_stream_sendmsg+0xaf0/0xbf0 [ 143.981107][ T6984] ____sys_sendmsg+0x5ba/0x960 [ 143.986087][ T6984] ___sys_sendmsg+0x2a6/0x360 [ 143.990948][ T6984] __sys_sendmmsg+0x2ca/0x510 [ 143.995819][ T6984] __x64_sys_sendmmsg+0xa0/0xb0 [ 144.000943][ T6984] do_syscall_64+0x55/0xa0 [ 144.005548][ T6984] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 144.011643][ T6984] [ 144.013998][ T6984] -> (&f->f_owner.lock){....}-{2:2} { [ 144.019537][ T6984] INITIAL USE at: [ 144.023527][ T6984] lock_acquire+0x19e/0x420 [ 144.029782][ T6984] _raw_write_lock_irq+0xaf/0xf0 [ 144.036493][ T6984] __f_setown+0x3b/0x330 [ 144.042505][ T6984] do_fcntl+0x11fd/0x1490 [ 144.048593][ T6984] __se_sys_fcntl+0xc9/0x1a0 [ 144.054934][ T6984] do_syscall_64+0x55/0xa0 [ 144.061097][ T6984] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 144.068739][ T6984] INITIAL READ USE at: [ 144.073193][ T6984] lock_acquire+0x19e/0x420 [ 144.079894][ T6984] _raw_read_lock_irqsave+0xbc/0x100 [ 144.087397][ T6984] send_sigio+0x33/0x360 [ 144.093825][ T6984] kill_fasync+0x228/0x4b0 [ 144.100427][ T6984] sock_wake_async+0x137/0x160 [ 144.107391][ T6984] sk_wake_async+0x184/0x280 [ 144.114221][ T6984] sock_def_readable+0x22d/0x420 [ 144.121385][ T6984] mptcp_data_ready+0x3c8/0x710 [ 144.128452][ T6984] subflow_data_ready+0x273/0x650 [ 144.135702][ T6984] tcp_data_queue+0x221b/0x5ac0 [ 144.142772][ T6984] tcp_rcv_established+0xa3f/0x1d20 [ 144.150156][ T6984] tcp_v4_do_rcv+0x4ed/0xb80 [ 144.156927][ T6984] __release_sock+0x1e5/0x460 [ 144.163796][ T6984] release_sock+0x5f/0x1c0 [ 144.170409][ T6984] __mptcp_push_pending+0x43b/0x880 [ 144.177803][ T6984] mptcp_sendmsg+0xe2b/0x16d0 [ 144.184697][ T6984] sock_write_iter+0x2df/0x420 [ 144.191646][ T6984] do_iter_write+0x738/0xc30 [ 144.198426][ T6984] do_writev+0x27f/0x480 [ 144.204863][ T6984] do_syscall_64+0x55/0xa0 [ 144.211470][ T6984] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 144.219589][ T6984] } [ 144.222194][ T6984] ... key at: [] init_file.__key+0x0/0x20 [ 144.230127][ T6984] ... acquired at: [ 144.234050][ T6984] _raw_read_lock_irqsave+0xbc/0x100 [ 144.239538][ T6984] send_sigio+0x33/0x360 [ 144.243999][ T6984] kill_fasync+0x228/0x4b0 [ 144.248599][ T6984] sock_wake_async+0x137/0x160 [ 144.253546][ T6984] sk_wake_async+0x184/0x280 [ 144.258318][ T6984] sock_def_readable+0x22d/0x420 [ 144.263439][ T6984] mptcp_data_ready+0x3c8/0x710 [ 144.268471][ T6984] subflow_data_ready+0x273/0x650 [ 144.273687][ T6984] tcp_data_queue+0x221b/0x5ac0 [ 144.278768][ T6984] tcp_rcv_established+0xa3f/0x1d20 [ 144.284189][ T6984] tcp_v4_do_rcv+0x4ed/0xb80 [ 144.288963][ T6984] __release_sock+0x1e5/0x460 [ 144.293831][ T6984] release_sock+0x5f/0x1c0 [ 144.298429][ T6984] __mptcp_push_pending+0x43b/0x880 [ 144.303819][ T6984] mptcp_sendmsg+0xe2b/0x16d0 [ 144.308690][ T6984] sock_write_iter+0x2df/0x420 [ 144.313643][ T6984] do_iter_write+0x738/0xc30 [ 144.318451][ T6984] do_writev+0x27f/0x480 [ 144.322884][ T6984] do_syscall_64+0x55/0xa0 [ 144.327503][ T6984] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 144.333605][ T6984] [ 144.335942][ T6984] -> (&new->fa_lock){....}-{2:2} { [ 144.341083][ T6984] INITIAL USE at: [ 144.345001][ T6984] lock_acquire+0x19e/0x420 [ 144.351075][ T6984] _raw_write_lock_irq+0xaf/0xf0 [ 144.357687][ T6984] fasync_remove_entry+0xf4/0x1c0 [ 144.364319][ T6984] sock_fasync+0x88/0xf0 [ 144.370146][ T6984] __fput+0x7f3/0x970 [ 144.375720][ T6984] task_work_run+0x1d4/0x260 [ 144.381989][ T6984] exit_to_user_mode_loop+0xe6/0x110 [ 144.388867][ T6984] exit_to_user_mode_prepare+0xee/0x180 [ 144.396000][ T6984] syscall_exit_to_user_mode+0x1a/0x50 [ 144.403036][ T6984] do_syscall_64+0x61/0xa0 [ 144.409075][ T6984] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 144.416545][ T6984] INITIAL READ USE at: [ 144.420875][ T6984] lock_acquire+0x19e/0x420 [ 144.427487][ T6984] _raw_read_lock_irqsave+0xbc/0x100 [ 144.434824][ T6984] kill_fasync+0x192/0x4b0 [ 144.441259][ T6984] sock_wake_async+0x137/0x160 [ 144.448062][ T6984] sk_wake_async+0x184/0x280 [ 144.454659][ T6984] sock_def_readable+0x22d/0x420 [ 144.461600][ T6984] mptcp_data_ready+0x3c8/0x710 [ 144.468459][ T6984] subflow_data_ready+0x273/0x650 [ 144.475530][ T6984] tcp_data_queue+0x221b/0x5ac0 [ 144.482418][ T6984] tcp_rcv_established+0xa3f/0x1d20 [ 144.489656][ T6984] tcp_v4_do_rcv+0x4ed/0xb80 [ 144.496280][ T6984] __release_sock+0x1e5/0x460 [ 144.503007][ T6984] release_sock+0x5f/0x1c0 [ 144.509473][ T6984] __mptcp_push_pending+0x43b/0x880 [ 144.516702][ T6984] mptcp_sendmsg+0xe2b/0x16d0 [ 144.523403][ T6984] sock_write_iter+0x2df/0x420 [ 144.530195][ T6984] do_iter_write+0x738/0xc30 [ 144.536832][ T6984] do_writev+0x27f/0x480 [ 144.543092][ T6984] do_syscall_64+0x55/0xa0 [ 144.549534][ T6984] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 144.557463][ T6984] } [ 144.559978][ T6984] ... key at: [] fasync_insert_entry.__key+0x0/0x20 [ 144.568696][ T6984] ... acquired at: [ 144.572500][ T6984] _raw_read_lock_irqsave+0xbc/0x100 [ 144.577981][ T6984] kill_fasync+0x192/0x4b0 [ 144.582635][ T6984] evdev_pass_values+0x54b/0xab0 [ 144.587779][ T6984] evdev_events+0x1d8/0x330 [ 144.592461][ T6984] input_pass_values+0x905/0x12f0 [ 144.597764][ T6984] input_event_dispose+0x346/0x6c0 [ 144.603059][ T6984] input_inject_event+0x1f9/0x320 [ 144.608269][ T6984] evdev_write+0x35f/0x490 [ 144.612866][ T6984] vfs_write+0x296/0x990 [ 144.617312][ T6984] ksys_write+0x150/0x260 [ 144.621874][ T6984] do_syscall_64+0x55/0xa0 [ 144.626505][ T6984] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 144.632606][ T6984] [ 144.634935][ T6984] [ 144.634935][ T6984] stack backtrace: [ 144.640825][ T6984] CPU: 0 PID: 6984 Comm: syz.3.337 Not tainted syzkaller #0 [ 144.648121][ T6984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 144.658232][ T6984] Call Trace: [ 144.661614][ T6984] [ 144.664551][ T6984] dump_stack_lvl+0x18c/0x250 [ 144.669290][ T6984] ? load_image+0x400/0x400 [ 144.673842][ T6984] ? show_regs_print_info+0x20/0x20 [ 144.679080][ T6984] ? load_image+0x400/0x400 [ 144.683631][ T6984] ? print_shortest_lock_dependencies+0xf4/0x160 [ 144.689992][ T6984] __lock_acquire+0x6851/0x7d40 [ 144.694875][ T6984] ? verify_lock_unused+0x140/0x140 [ 144.700091][ T6984] ? _raw_spin_unlock_irqrestore+0xc5/0x120 [ 144.705996][ T6984] ? verify_lock_unused+0x140/0x140 [ 144.711206][ T6984] lock_acquire+0x19e/0x420 [ 144.715741][ T6984] ? kill_fasync+0x192/0x4b0 [ 144.720358][ T6984] ? read_lock_is_recursive+0x20/0x20 [ 144.725752][ T6984] _raw_read_lock_irqsave+0xbc/0x100 [ 144.731094][ T6984] ? kill_fasync+0x192/0x4b0 [ 144.735716][ T6984] ? _raw_read_lock+0x50/0x50 [ 144.740407][ T6984] kill_fasync+0x192/0x4b0 [ 144.744839][ T6984] ? kill_fasync+0x53/0x4b0 [ 144.749380][ T6984] evdev_pass_values+0x54b/0xab0 [ 144.754379][ T6984] ? evdev_pass_values+0x5c1/0xab0 [ 144.759503][ T6984] evdev_events+0x1d8/0x330 [ 144.764011][ T6984] ? evdev_events+0x79/0x330 [ 144.768609][ T6984] ? evdev_event+0xf0/0xf0 [ 144.773047][ T6984] input_pass_values+0x905/0x12f0 [ 144.778120][ T6984] ? input_pass_values+0xa3/0x12f0 [ 144.783275][ T6984] input_event_dispose+0x346/0x6c0 [ 144.788394][ T6984] input_inject_event+0x1f9/0x320 [ 144.793453][ T6984] ? input_inject_event+0xbc/0x320 [ 144.798575][ T6984] evdev_write+0x35f/0x490 [ 144.803001][ T6984] ? evdev_read+0xba0/0xba0 [ 144.807508][ T6984] ? common_file_perm+0x198/0x1f0 [ 144.812544][ T6984] ? fsnotify_perm+0x5d/0x5e0 [ 144.817234][ T6984] ? security_file_permission+0x79/0xa0 [ 144.822792][ T6984] ? evdev_read+0xba0/0xba0 [ 144.827326][ T6984] vfs_write+0x296/0x990 [ 144.831615][ T6984] ? file_end_write+0x250/0x250 [ 144.836486][ T6984] ? __fget_files+0x28/0x4b0 [ 144.841113][ T6984] ? __fget_files+0x28/0x4b0 [ 144.845712][ T6984] ? __fget_files+0x43d/0x4b0 [ 144.850396][ T6984] ? __fdget_pos+0x1d8/0x330 [ 144.854997][ T6984] ? ksys_write+0x75/0x260 [ 144.859446][ T6984] ksys_write+0x150/0x260 [ 144.863812][ T6984] ? __ia32_sys_read+0x90/0x90 [ 144.868602][ T6984] ? lockdep_hardirqs_on+0x98/0x150 [ 144.873814][ T6984] do_syscall_64+0x55/0xa0 [ 144.878259][ T6984] ? clear_bhb_loop+0x40/0x90 [ 144.883003][ T6984] ? clear_bhb_loop+0x40/0x90 [ 144.887728][ T6984] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 144.893647][ T6984] RIP: 0033:0x7f82e539acb9 [ 144.898071][ T6984] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 144.917703][ T6984] RSP: 002b:00007f82e6334028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 144.926149][ T6984] RAX: ffffffffffffffda RBX: 00007f82e5615fa0 RCX: 00007f82e539acb9 [ 144.934244][ T6984] RDX: 0000000000001068 RSI: 0000200000000040 RDI: 0000000000000004 [ 144.942274][ T6984] RBP: 00007f82e5408bf7 R08: 0000000000000000 R09: 0000000000000000 [ 144.950371][ T6984] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 144.958355][ T6984] R13: 00007f82e5616038 R14: 00007f82e5615fa0 R15: 00007ffd99b582a8 [ 144.966408][ T6984] [ 144.969536][ C0] vkms_vblank_simulate: vblank timer overrun