last executing test programs: 36.407574171s ago: executing program 3 (id=1179): syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000140)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f00000022c0)=ANY=[], 0x1, 0x6ca, &(0x7f0000000500)="$eJzs3c1vHGcdB/DvrNeuN1TBaRMaoSKsRCpIEYkTK4VwwSCEcqhQVQ49W4nTWN0kVeIit0LgAoITEof+AQXJNw4IiXtQuHApt159rITEJeIQ9bJoZmftXXv9lthrBz6faDzPM8/L/OaZZ2a866w2wP+t6xfSfJgi1y+8sVzm11Zn22ursy/Uxe0kZbqRNLurFHeT4lEyV5YXfUv61lt8vHjtrc8er33ezTXrpao/tlO7IYbUXamXTNf9TQ9tOb7XXazU4eXFJDfq9aCJvfY1ULEctPP1Go5cZ4uV/TTfz3ULHDO9p1PRfW5uMZWcSDJZ/x6Q+u7QGF2Eh2NfdzkAAAB4Tn1676gjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdP/f3/Rb006nWmU/S+/3+it61OH0Nze6758FDjAAAAAAAAAIDR+PqTPMlyTvbynaL6m/+5KnM6X3SSL+X9PMhC7udiljOfpSzlfi4nmerraGJ5fmnp/uX1lqXhLa8MbXllVEcMAAAAAAAAAP+TfpnWxt//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgOCiSse6qWk7X60yl0cxGWVaSfyaZOOp496EYtvHh6OMAAACAZzL5FG2+/CRPspyTvXynqF7zf6V6vTyZ93M3S1nMUtpZyM36NXT5qr+xtjrbXludvVMuZX6w3+//e19hTNQ9jFW5YXs+W9Vo5VYWqy0Xc6MK5mYa3X2fT8724umLq89HZUzF92p7jKxZD2u5s99v9y7CgRh8K6KxQ83WRnDJ+ojM1LGVLU91R6Co3qhJNo/ErmenOZCbqnodX9/T5TTW3/k5fQhjfqJel8fzm0Md8/1aH4lGqpG40pt95TWz80gk3/jrn96+3b777u1bDy4cn0Paxdg22zfPidm+kXjluR6J5j7rz1QjcWY9fz0/yk9yIdN5M/ezmJ9mPktZSKcun6/nc/lzaueRmhvIvblbJBP1eemes73ENJ0fVqn5nKvansxiitzLzSzk9erflVzOt3M1V3Ot7wyf2Tbu6tiqq76x+arvnem/DQ3+/DfrRHl3++3GXW5upyPebnYelO69vxzXU33j2p31j9drneq7Dmb6Ruml3uiMD+38ae6Nza/WiXIfv9rlOTFaU/VIlBdQ7ynRi+7l7kg0q2fR1nn+h07ZLu27nc7t+fe26X9lU/61el1Oq9Wv7Va7Z/ipOFjlfHkpk/WdZHB2lGUvr99l+so6G3O5Wzb4xC3bnanKiqJ3pf4496oJsPVKnah/h9va05Wq7JWhZbNV2dm+soHft3Iv7dwcwfgB8DT+8fZ6cionJlr/an3a+qT169bt1huTP3jhOy+8OpHxv49/tzkz9lrj1eIv+SQ/33j9DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPL0HH3z47ny7vXB/eKKxfdFAopXNW3breVOiqL/QZ3+tjm9iMsnAlup7jkYeRmtzGFsSnV8kIx+f3pcIDq/zuzLR3DKjhiXmBrb8eWuHH+0zwmJv18UhJhoZ7U7HMnwCHOFNCRiJS0t33rv04IMPv7V4Z/6dhXcW7o5fvXpt5trV12cv3VpsL8x0fx51lMBh2HjoH3UkAAAAAAAAAAAAwF4N+2DAuRd3+9DInj7j4X8WAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfi+oU0H6bI5ZmLM2V+bXW2XS699EbNZpJGIyl+lhSPkrl0l0z1dVfkj4/SGbKfjxevvfXZ47XPN/pqdusnjXq9vZ1Lk6zUS6aTjNXrZzDQ341n7q/4T+8YygH7otPpzD1bfHAw/hsAAP//msX1EQ==") creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) rename(&(0x7f0000000c00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000001f80)='./file0\x00') setxattr$trusted_overlay_opaque(&(0x7f0000000080)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) 34.996740909s ago: executing program 3 (id=1184): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900840000000001000000940001000000fc13c40000000f00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='netlink_extack\x00', r1}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c000000130005"], 0x2c}}, 0x0) 33.756955252s ago: executing program 3 (id=1188): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000880)=@bridge_setlink={0x270, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0x110, 0xc, 0x0, 0x1, [@AF_INET={0x4, 0x18, 0x0, 0x1, {0xc, 0x5, 0x0, 0x1, [{0x8}]}}]}, @IFLA_VF_PORTS={0x8, 0x3, 0x0, 0x1, [{0x30, 0x2, 0x0, 0x1, [@IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "714abbd2547de97cbbf6efb226f19bf9"}, @IFLA_PORT_PROFILE={0xd, 0x2, ':(\x8e^[[Z@\x00'}]}, {0x60, 0x8, 0x0, 0x1, [@IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "293a02149f3b75a67093c28fd6f55a23"}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "e48f01e49713f0c2d839f940d9f088d8"}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_PROFILE={0x13, 0x2, 'bridge_slave_0\x00'}, @IFLA_PORT_PROFILE={0x7, 0x2, '):\x00'}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_VF={0x8}]}, {0x18, 0x1, 0x0, 0x1, [@IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "4d2906d0880fc8acc30fe2020f984967"}]}, {0x50, 0x1, 0x0, 0x1, [@IFLA_PORT_HOST_UUID={0x4, 0x5, "a1085e7df341b9dc3d8008a2fe5bdaad"}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "9c7e472c916020fe41bcc5aa8f56c947"}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "80ab8be51421cfa3c9e5cbfe8217e0af"}, @IFLA_PORT_VF={0x8}, @IFLA_PORT_VF={0x8}]}, {0x60, 0x1, 0x0, 0x1, [@IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_VF={0x8}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_PROFILE={0xc, 0x2, 'syztnl0\x00'}, @IFLA_PORT_VF={0x8}, @IFLA_PORT_PROFILE={0x13, 0x2, 'bridge_slave_0\x00'}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "e078d277f38ed3a40a448f3f6b6763e8"}]}, {0x3c, 0x1a, 0x0, 0x1, [@IFLA_PORT_VF={0x8, 0x4}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x19, "03dd96197aca85b64424a37dbda7b694"}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x8, "eb052fcd3dd4d3e8bbcbf1de857c0e1c"}]}, {0x3c, 0x1, 0x0, 0x1, [@IFLA_PORT_VF={0x8}, @IFLA_PORT_VF={0x8}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "b2112a97bf9704ee57915340334b8271"}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "e8635392a70f36f95f4b9b352920ebec"}]}]}, @IFLA_GSO_MAX_SEGS={0x8}, @IFLA_AF_SPEC={0x60, 0x1a, 0x0, 0x1, [@AF_INET6={0x20, 0xa, 0x0, 0x1, [@IFLA_INET6_ADDR_GEN_MODE={0x5}, @IFLA_INET6_TOKEN={0x14, 0x7, @local}]}, @AF_INET6={0x34, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x0, 0x7, @local}, @IFLA_INET6_TOKEN={0x14, 0x7, @ipv4={'\x00', '\xff\xff', @broadcast}}, @IFLA_INET6_TOKEN={0x14, 0x7, @mcast1}]}, @AF_BRIDGE={0x4}, @AF_INET6={0x0, 0xa, 0x0, 0x1, [@IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_TOKEN={0x0, 0x7, @remote}, @IFLA_INET6_TOKEN={0x0, 0x7, @loopback}, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_TOKEN={0x0, 0x7, @private2}, @IFLA_INET6_TOKEN={0x0, 0x7, @private1}]}]}]}, 0x270}}, 0x0) 31.915497014s ago: executing program 3 (id=1193): syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0x3810082, &(0x7f0000000e40)={[{@gid_ignore}, {@fileset={'fileset', 0x3d, 0x1}}, {@uid_ignore}, {@iocharset={'iocharset', 0x3d, 'koi8-ru'}}]}, 0x1, 0xc3a, &(0x7f0000000200)="$eJzs3U1sXNd9N+D/uRyKI/l9KyZ2FCeNi0lbpLJiufqKqViFO6pptgFkWQjF7AJwJI7UgSmSIKlGNtKC6aaLLgIURRdZEWiNAikaGE0RdMm0LpBsvCiy6opoYSMoumCLAFkFLO6dM9KQIm1FJCVKeh6b+s3ce86dc+4Z3ysLOvcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDxe6+dP3EyPexWAAAP0sXxr5445f4PAE+Uy/7/HwAAAAAAAAAAAAAA9rsURTwdKeYurqXJ6n1X/UJn8OatidGxrasdTFXNgap8+VM/eer0mS+9NHK2lxc6Mx9Rf7d9Nt4Yv3y+8ersjbn59sJCe6oxMdO5OjvVvucj7LT+ZseqE9C48ebNqWvXFhqnXjy9Yfet4Q+HnjoyfG7k+ePP9cpOjI6Njd8pUu8vX7vvhnRtN8PjQBRxPFK88L2fplZEFLHzc1F/sGO/2cGqE8eqTkyMjlUdme60ZhbLnZd6J6KIaPRVavbO0dZjEbXBB9qH7TUjlsrmlw0+VnZvfK4137oy3W5cas0vdhY7szOXUre1ZX8aUcTZFLEcEatDdx9uMIqoRYrvHF5LVyJioHcevlhNDN6+HcUe9vEelO1sDEYsF4/AmO1jQ1HE65HiZ+8djav5OlNda74Q8XqZP4h4p8xXIlL5xTgT8cEW3yMeTbUo4s/L8T+3lqaq60HvunLha42vzFyb7Svbu678kveHu64UD+n+cHBT7q7tbrD7/NpUjyJaVePX0v3/ZgcAAAAAAAAAAAAAAACA3XYwivhMpHjt3/6omlcc1bz0w+dGfn/4//dPaXv2Y45Tln0xIpaKe5uTeyBPDLyULqX0kOcSP8nqUcQf5/l/33rYjQEAAAAAAAAAAAAAAAAAAHiiFfGTSPHy+0fTcvSvKd6Zud643Loy3V0Vtrf2b2/N9PX19fVG6mYz52TOpZzLOVdyruaMItfP2cw5mXMp53LOlZyrOWMg18/ZzDmZcynncs6VnKs5o5br52zmnMy5lHM550rO1ZyxT9buBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4nBRRxC8ixbe/sZYiRUQzYjK6uTL0sFsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJSGUhHfjxSNP2je3laLiFT923W0/OVMNA+U+clojpT5SjTP52xVWWt+6yG0n50ZTEX8OFIM1d+9PeB5/Ae7725/DeKdb95599laNwd6O4c/HHrqyOFzI2O/9ux2r9NWDTh2oTNz81ZjYnRsbLxvcy1/+if7tg3nzy12p+tExMJbb7/Zmp5uz9//i/IrsIPqj9CLVHtCelp+M/ZBMx76i6jti2Y8nL7zBCjv/x9Eit9+/997N/zu/b8e/6/77vYdPn7+J3fu/y9vPtA93v9rm+vl+395T9/q/v9037aX8+9GBmsR9cUbc4NHIuoLb719vHOjdb19vT1z5sSJL4+MfPn0icEDEfVrnel236tdOV0AAAAAAAAAAAAAAAAAD04q4ncjRevHa6kREbeq+VrD50aeP/7cQAxU8602zNt+Y/zy+carszfm5tsLC+2pxsRM5+rsVPteP65eTfeaGB3bk858rIN73P6D9Vdn596a71z/w8Ut9x+qn7+ysDjfurr17jgYRUSzf8uxqsETo2NVo6c7rZmq6qUtJ9P/8gZTEf8RKa6eaaTP5215/v/mGf4b5v8vbT7QHs3//0TftvIzUyri55Hit/7i2fh81c5Dcdc5y+X+JlIcO/u5XC4OlOV6beg+V6A7M7As+z+R4h9+sbFsbz7k03fKnrznE/uIKMf/cKT4/p99N349b9v4/Ietx//Q5gPt0fg/07ft0IbnFey46+TxPx4pXnn63fiNvO2jnv/Re/bG0Vz49vM59mj8P9W3bTh/7m/uTtcBAAAAAAAAAAAeaYOpiL+NFD8cq6WX8rZ7+ft/U5sPtEd//+vTfdumdme9oo99seOTCgAAAAD7xGAq4ieR4vriu7fnUG+c/903//N37sz/HE2b9lZ/zvcr1XMDdvPP//oN58+d3Hm3AQAAAAAAAAAAAAAAAAAAYF9JqYiX8nrqk9V8/qlt11NfiRSv/dcLuVw6UpbrrQM/XP1avzg7c/z89PTs1dZi68p0uzE+17raLus+EynW/vpzuW5Rra/eW2++u8b7nbXY5yPF2N/1ynbXYu+tTf5Mr+xS+2RZ9hOR4j//fmPZ3jrWn7pz3FNl2b+KFF//p63LHrlT9nRZ9ruR4kdfb/TKHirL9p6P+uk7ZV+8OlvswagAAAAAAAAAAAAAAAAAAADwpBlMRfxppPjvG8u35/Ln9f8H+95W3vlm33r/m9yq1vkfrtb/3+71/az/Xz1XYGm7TwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMdTiiLejhRzF9fSylD5vqt+oTNz89bE6NjW1Q6mquZAVb78qZ88dfrMl14aOdvLj66/2z4Tb4xfPt94dfbG3Hx7YaE91ZiY6VydnWrf8xF2Wn+zY9UJaNx48+bUtWsLjVMvnt6w+9bwh0NPHRk+N/L88ed6ZSdGx8bG+8rUBu/70++Sttl+IIr4y0jxwvd+mn44FFHEzs/Fx3x39trBqhPHqk5MjI5VHZnutGYWy52XeieiiGj0VWr2ztEDGIsdaUYslc0vG3ys7N74XGu+dWW63bjUml/sLHZmZy6lbmvL/jSiiLMpYjkiVofuPtxgFPFmpPjO4bX0z0MRA73z8MWL4189cWr7dhR72Md7ULazMRixXHzUmG3RYTYYiiL+MVL87L2j8S9DEbXo/sQXIl4v8wcR70R3vFP5xTgT8YHT+tioRRH/W47/ubX03lB5PehdVy58rfGVmWuzfWV715VH/v7wIO3z+0k9ivhRdcVfS//qv2sAAAAAAAAAAAAAAACAfaSIX40UL79/NFXzg2/PKe7MXG9cbl2Z7k7r6839682ZXl9fX2+kbjZzTuZcyrmccyXnas4ocv2czTLr6+uT+f1SzuWcKzlXc8ZArp+zmXMy51LO5ZwrOVdzRi3Xz9nMOZlzKedyzpWcqzljn8zdAwAAAAAAAAAAAAAAAAAAHi9F9U+Kb39jLa0PVetLD/T2rVgP9LH3fwEAAP//8432hg==") mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f00000004c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000180), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) 29.392355426s ago: executing program 3 (id=1197): bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000080)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x0, 0x4, 0x0, 0x59, 0x0, 'syz1\x00', 0x0}) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc1105518, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}}) 26.883924221s ago: executing program 3 (id=1202): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./file0\x00', 0x10, &(0x7f0000000a80)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e0500001e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba0", @ANYRES16], 0x1, 0x11dc, &(0x7f0000001280)="$eJzs3MGLG1UcB/Bf19rW1N2sWqstiA+96GVo9uBFL0G2IA0obSO0gjB1JxoyJiETFiJi9eTVv0M8ehPEm1724t/gbS8eexBHTNR2l3hYdDewfD6X/OD3vuQ9BgbeMG/23/jq40Gvynr5NNbOnIm1cUR6kCLFWvzt83j19R9/euHWnbs32p3O9s2Urrdvt15LKW28+P17n37z0g/Ti+9+u/Hd+djbfH//161f9i7vXdn//fZH/Sr1qzQcTVOe7o1G0/xeWaSdfjXIUnqnLPKqSP1hVUwO9HvlaDyepXy4s94YT4qqSvlwlgbFLE1HaTqZpfzDvD9MWZal9UbwX3S/flDXdURdPx7noq7r+oloxMV4MtZjI5qxGU/F0/FMXIpn43I8F8/HlfmoVc8bAAAAAAAAAAAAAAAAAAAAThfn/wEAAAAAAAAAAAAAAAAAAGD1bt25e6Pd6WzfTOlCRPnlbne3u/hd9Nu96EcZRVyLZvwW89P/C4v6+lud7WtpbjO+KO//lb+/233sYL41/5zA0nxrkU8H8+ej8Wh+K5pxaXl+a2n+Qrzy8iP5LJrx8wcxijJ24s/sw/xnrZTefLtzKH91Pg4AAABOgyz9Y+n+Pcv+rb/IH+H5wKH99dm4ena1ayeimn0yyMuymBxbcS6O/S8UCsX/XKz6zsRJeHjRVz0TAAAAAAAAAAAAjuIkXidc9RoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA/2IFjAQAAAABh/tZpdGwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBVAAAA//8xgdSv") r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) 7.603404509s ago: executing program 4 (id=1262): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r1) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01400000000000000000067400062c00070073797352656d5f753a6f626a6563745f723a756465765f68656c7065725f657865635f743a733000080002000000e6ff07000700263a3a0914000600626f6e64300000000000000000000000080003"], 0x78}, 0x1, 0xffffffff00000003}, 0x0) 7.267504297s ago: executing program 0 (id=1263): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0) r0 = getpid() process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 7.016444522s ago: executing program 4 (id=1265): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10) sendmmsg$inet6(r0, &(0x7f0000008780)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, '\x00', 0x11}, 0x6}, 0x1c, &(0x7f0000000440)=[{&(0x7f0000000040)='{', 0x1}], 0x1}}], 0x1, 0x0) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f00000000c0), &(0x7f0000000100)=0x4) 6.586359829s ago: executing program 1 (id=1266): syz_mount_image$fuse(0x0, &(0x7f00000002c0)='./file0\x00', 0x2800, 0x0, 0x0, 0x0, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c}) llistxattr(&(0x7f0000000240)='./file0\x00', 0x0, 0x2) 5.359165467s ago: executing program 0 (id=1267): r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000002140)=ANY=[@ANYBLOB="4000000010000100"/20, @ANYRES32=r1, @ANYBLOB="00000000ff0000001c0016801800018014000b00feffffff"], 0x40}}, 0x0) 5.357044798s ago: executing program 1 (id=1268): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) sendmmsg$inet6(r0, &(0x7f0000001740)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @private0={0xfc, 0x0, '\x00', 0xfe}}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000000040)="17", 0x1}], 0x1}}, {{&(0x7f0000000600)={0xa, 0x4e1c, 0x6, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7}, 0x1c, &(0x7f0000001480)=[{&(0x7f0000000a40)='~', 0x1}], 0x1}}], 0x2, 0x0) shutdown(r0, 0x1) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000140)={0x0, 0x4}, 0x8) 5.318045695s ago: executing program 4 (id=1269): syz_usb_connect(0x0, 0x24, &(0x7f0000000540)=ANY=[@ANYBLOB="1201fb00e066e040810705000500000000010902120001000000000904"], 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 5.276310504s ago: executing program 2 (id=1270): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth0_to_team\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newqdisc={0x60, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PBURST={0x8, 0x7, 0x577}, @TCA_TBF_PARMS={0x28, 0x1, {{0x1, 0xe0a2ff6baa7cc2d2}, {0x1, 0x2, 0x0, 0x0, 0x0, 0x100}, 0xfffffffe}}]}}]}, 0x60}}, 0x4800) 4.539109973s ago: executing program 1 (id=1271): syz_mount_image$exfat(&(0x7f0000000340), &(0x7f0000000080)='./file0\x00', 0x1018002, &(0x7f0000000580)={[{@dmask={'dmask', 0x3d, 0x7}}, {@fmask={'fmask', 0x3d, 0x2}}, {@iocharset={'iocharset', 0x3d, 'iso8859-13'}}, {@allow_utime={'allow_utime', 0x3d, 0x1}}, {@errors_remount}, {@iocharset={'iocharset', 0x3d, 'cp932'}}, {@uid={'uid', 0x3d, 0xee01}}, {@fmask={'fmask', 0x3d, 0x5}}, {}, {@iocharset={'iocharset', 0x3d, 'cp866'}}]}, 0x1, 0x1508, &(0x7f0000002c80)="$eJzs3Au8TtXWMPAx5pyLTdKT5JY55lg8yWWSJLkk5JIkSZLklpAkSRKSW25JSELuSe4hucVO7vf7PUmOJElCQpL5/VTn9Z6393z1ved8n3O+Pf6/32KOvZ4xnrGesfd+1lq/vfc37QdVrlulQm1mhn8I/vpfNwBIAYC+AHANAEQAUDxL8SyX9mfQ2O0fexLxz/XQ1CvdgbiSZP5pm8w/bZP5p20y/7RN5p+2yfzTNpl/2ibzFyIt2zIt57Wypd3tz9//d//73XL//9+QvP//f+tPfaXJ/NM2mX/aJvNP22T+aZvMP22T+adtMv+0TeYvRFp2pe8//xtsf32prnQff7BF/6O8K/vZJ4QQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBAirTgXLjMA8Nf1le5LCCGEEEIIIYQQ/zwh/ZXuQAghhBBCCCGEEP/3IYDRYCCCdJAeUiADZISrIBNcDZnhGkjAtZAFroOscD1kg+yQA3JCLrgBcoMFAgcMMeSBvJCEGyEf3AT5oQAUhELgoTAUgZuhKNwCxeBWKA6zFwLcDiWhFJSGMnAHlIU7oRyUhwpwF1SESlAZqsDdUBXugWpwL1SH+6AG3A814QGoBQ9CbXgI6sDDUBcegXrwKNSHBtAQGkHj/1H+i9AZXoIu0BW6QXfoAS9DT+gFvaEP9IVXoB+8Cv3hNRgAA2EQvA6D4Q0YAm/CUBgGw+EtGAEjYRSMhjEwFsbB2zAe3oEJ8C5MhEkwGabAVJgG0+E9mAEzYRa8D7PhA5gDc2EezIcF8CEshEWQCh/BYvgYlsBSWAbLYQWshFWwGtbAWlgH62EDbIRNsBm2wFbYBtthB+yEXbC7/B74BPbCp7APPoP98Pn/Yf5Z+Nv8DggIqFChQYPpMB2mYApmxIyYCTNhZsyMCUxgFsyCWTErZsNsmANzYC7MhbkxNxISMjLmwTyYxCTmw3yYH/NjQSyIHj0WwSJYFG/BYlgMi2NxLIElsCSWwlJYBstgWSyL5bAcVrh9LgBWxMpYGe/Gu/EerIbVsDpWxxpYA2tiTayFtbA21sY6WAfrYl2sh/WwPtbHhtgQG2NjbIJNsCk2xebYHFtgC2yJLbEVtsLW2BrbYBtsi22xHbbD9tgeO2BH7Igv4ov4Er6EXbGi6o49sAf2xJ7YG/tgH3wF++Gr+Cq+hgNwIA7C1/F1fAOH4BkcisNwOA7HsmokjsLRyGosjsNxOB7H4wScgBNxEk7CKTgVp+F0nI4zcCbOxPdxNn6AH+BcnIvzcQEuwIW4CFMxFRfjWVyCS3EZLscVuBJX4Gpcg6txHa7HdbgRN+Jm3IxbcStux+24E3fibtyNn+An+Cl+igNwP+7HA3gAD+JBPISH8DAexiN4ZOtVAHgMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAGfz/VVnd0F1g4AdYlRRqVT6VSKSlEZVUaVSWVSmVVmlVAJlUVlUVlVVpVNZVM5VA6VS+VSuVVuRYoUq1jlUXlUUiVVPpVP5Vf5VUFVUHnlVRFVRBVVRVUxVUwVV7epEup2VVKVUs18GVVGlVXNfTlVXlVQFVRFVUlVVlVUFVVVVVXVVDVVXVVXNVQNVVM9oGqp7tgbH1KXJlNXDcR6ahDWVw1UQ9VIvYGPqSZqCDZVzVRz9YQahkOxpWriW6mnVWs1CtuoZ9VofE61U2OxvXpBdVAdVSf1ouqsmvouqquaiN1VDzUFe6peqrfqo2ZgJXVpYpXVa2qAGqgGqdfVfHxDDVFvqqFqmBqu3lIj1Eg1So1WY9RYNU69rcard9QE9a6aqCapyWqKmqqmqenqPTVDzVSz1PtqtvpAzVFz1Tw1Xy1QH6qFapFKVR+pxepjtUQtVcvUcrVCrVSr1Gq1Rq1V69R6tUFtVJvUZrVFbVXb1Ha1Q+1Uu9RutUd9ovaqT9U+9Znarz5XB9Rf1EH1hTqkvlSH1VfqiPpaHVXfqGPqW3VcdVUn1El1Sn2vTqsf1Bl1Vp1TP6rz6id1Qf2sLqqgQKNWWmujI51Op9cpOoPOqK/SmfTVOrO+Rif0tTqLvk5n1dfrbDq7zqFz6lz6Bp1bW03aadaxzqPz6qS+UefTN+n8uoAuqAtprwvrIvpmXVTfoovpW3VxfZsuoW/XJXUpXVqX0XfosvpOXU6X1xX0XbqirqQr6yr6bl1V36Or6Xt1dX2frqHv1zX1A7qWflDX1g/pOvphXVc/ouvpR3V93UA31I10Y/2YbqIf1011M91cP6Fb6Cd1S/2UbqWf1q31M7qNfla31c/pdvp53V6/oDvojrqT/llf1EF30V11N91d99Av6566l+6t++i++hXdT7+q++vX9AA9UA/Sr+vB+g09RL+ph+pherh+S4/QI/UoPVqP0WP1OP22Hq/f0RP0u3qinqQn6yl6qp6me/9WadafyH/nv8nv/8uzb9Zb9Fa9TW/XO/ROvUvv1nv0Hr1X79X79D69X+/XB/QBfVAf1If0IX1YH9ZH9BF9VB/Vx/QxfVwf1yf0Sf2j/l6f1j/oM/qsPqt/1Of1eX3ht9cADBpltDEmMulMepNiMpiM5iqTyVxtMptrTMJca7KY60xWc73JZrKbHCanyWVuMLmNNWScYRObPCavSZobTT5zk8lvCpiCppDxprApYm7+h/P/Tn/LJ/968mIam8amiWlimpqmprlpblqYFqalaWlamVamtWlt2pg2pq1pa9qZdqa9aW86mA6mk+lkOpvOpguC6Wa6mR7mZdPT9DK9TR/T17xi+pl+pr/pbwaYAWaQGWQGm8FmiBlihpqhxgDACDPCjDKjzBgzxowz48x4M95MMBPMRDPRTDaTzVQz1Uw3080MM8PMMrPMbDPbzDFzzDwzzywwC8xCs9CkmlSz2Cw2S8xSs9QsN8vNSrPSrDarzVqz1qw3681Gs9EsMVvMFrPNbDM7zA6zy+wye8wes9fsNfvMPrPf7DcHzAFz0Bw0h8whc9gcNkfMEXPUHDXHzDFz3Bw3J8wJc8qcMqfNaXPGnDHnzDlz3pw3F8wFc9FcvHTaF6lIRSYyUbooXZQSpUQZo4xRpihTlDnKHCWiRJQlyhJlja6PskXZoxxRzihXdEOUO7IRRS7iKI7yRHmjZHRjlC+6KcofFYgKRoUiHxWOikQ3R0WjW6Ji0a1R8ei2qER0e1QyKhWVjspEd0RlozujclH5qEJ0V1QxqhRVjqpEd0dVo3uiatG9UfXovqhGdH9UM3ogqhU9GNWOHorqRA9HdaNHonrRo1H9qEHUMGoUNf6n1g/hTPbHfRfb1aaH7raHfdn2tL1sb9vH9rWv2H72VdvfvmYH2IF2kH3dDrZv2CH2TTvUDrPD7Vt2hB1pR9nRdowda8fZt+14+46dYN+1E+0kO9lOsVPtNDvdvmdn2Jl2ln3fzrYf2Dl2rp1n59sF9kO70C6yqfYju9h+bJfYpXaZXW5X2JV2lV1t19i1dp1dbzfYjXaT3Wy32K12m91ud9iddpfdbffYT+xe+6ndZz+z++3n9oBN+e38/kt72H5lj9iv7VH7jT1mv7XH7Xf2hD1pT9nv7Wn7gz1jz9pz9kd73v5kL9if7UUbLp3cX3p7J0OG0lE6SqEUykgZKRNlosyUmRKUoCyUhbJSVspG2SgH5aBclItyU266hIkpD+WhJCUpH+Wj/JSfClJB8uSpCBWholSUilExKk7FqQSVoJJUkkpTabqD7qA76U4qT+XpLrqLKlElqkJVqCpVpWpUjapTdapBNagm1aRaVItqU22qQ3WoLtWlelSP6lN9akgNqTE1pibUhJpSU2pOzakFtaCW1JJaUStqTa2pDbWhttSW2lE7ak/tqQN1oE7UiTpTZ+pCXagbdaMe1IN6Uk/qTb2pL/WlftSP+lN/GkADaBANosE0mIbQEBpKw2g4vUUjaCSNotE0hsbSOBpH42k8TaAJNJEm0mSaTFNpKk2n6TSDZtAsmkWzaTbNoTk0j+bRAlpAC2khpVIqLabFtISW0DJaRitoBa2iVbSG1tA6WkcbaANtok20hbbQNtpGO2gH7aJdtIf20F7aS/toH+2n/XSADtBBOkiH6BAdpsN0hI7QUTpKx+gYHafjdIJO0Ck6RafpNJ2hM3SOztF5+oku0M90kQKluAwuo7vKZXJXu8zuGvdf4xwup8vlbnC5nXXZXPa/ick5l98VcAVdIeddYVfE3fy7uKQr5Uq7Mu4OV9bd6cr9Lq66ZsevP4ju7nNV3N2uqrvHVXP3uuruPlfD3e9qukdcLfeoq+0auDqukavrHnH13KOuvmvgGrpGroV70rV0T7lW7mnX2j3zu3ihW+TWuLVunVvv9rpP3Tn3ozvqvnHn3U+ui+vq+rpXXD/3quvvXnMD3MDfxcPdW26EG+lGudFujBv7u3iym+KmumluunvPzXAzfxcvcB+62S7VzXFz3Tw3/5f4Uk+p7iO32H3slrilbplb7la4lW6VW/0fvS53G90mt9ntcZ+4bW672+F2ul1u9y/xpePY5z5z+93n7oj72h10X7hD7pg77L76Jb50fMfct+64+86dcCfdKfe9O+1+cGfc2V+O/9Kxf+9+dhddcMDIijUbjjgdp+cUzsAZ+SrOxFdzZr6GE3wtZ+HrOCtfz9k4O+fgnJyLb+DcbJnYMXPMeTgvJ/lGzsc3cX4uwAW5EHsuzEX4Zi7Kt3AxvpWL821cgm/nklyKS3MZvoPL8p1cjstzBb6LK3IlrsxV+G6uyvdwNb6Xq/N9XIPv55r8ANfiB7k2P8R1+GGuy49wPX6U63MDbsiNuDE/xk34cW7Kzbg5P8Et+EluyU9xK36aW/Mz3Iaf5bb8HLfj57k9v8AduCN34he5M7/EXbgrd+Pu3INf5p7ci3tzH+7Lr3A/fpX782s8gAfyIH6dB/MbPITf5KE8jIfzWzyCR/IoHs1jeCyP47d5PL/DE/hdnsiTeDJP4ak8jafzezyDZ/Isfp9n8wc8h+fyPJ7PC/hDXsiLOJU/4sX8MS/hpbyMl/MKXsmreDWv4bW8jtfzBt7Im3gzb+GtvI23M/JO3sW7eQ9/wnv5U97Hn/F+/pwP8F/4IH/Bh/hLPsxf8RH+mo/yN3yMv+Xj/B2f4JN8ir/n0/wDn+GzfI5/5PP8E1/gn/kiB4YYYxXr2MRRnC5OH6fEGeKM8VVxpvjqOHN8TZyIr42zxNfFWePr42xx9jhHnDPOFd8Q545tTLGLOY7jPHHeOBnfGOeLb4rzxwXignGh2MeF4yLxzXHR+Ja4WHxrXDy+LS4R3x6XjEvFj9xXJr4jLhvfGZeLy8cV4rviinGluHJcJb47rhrfE1eL742rx/fFxeL745rxA3Gt+MG4dvxQXCd+OK4bPxLXix+N68cN4oZxo7hx/FjcJH48bho3i5vHT8Qt4ifjlvFTcav46bh1/Mwf7u8Wd497xC/HL8ch3KvnJecnFyQ/TC5MLkqmJj9KLk5+nFySXJpcllyeXJFcmVyVXJ1ck1ybXJdcn9yQ3JjclNycDKFKevDoldfe+Min8+l9is/gM/qrfCZ/tc/sr/EJf63P4q/zWf31PpvP7nP4nD6Xv8Hn9taTd5597PP4vD7pb/T5/E0+vy/gC/pC3vvCvohv5Bv7xr6Jf9w39c18c/+Ef8I/6Z/0T/mn/NO+tX/Gt/HP+rb+Od/OP++f9y/4Dr6j7+Rf9J39S76L7+q7+W6+h+/he/qevrfv7fv6vr6f7+f7+/5+gB/gB/lBfrAf7If4IX6oH+qH++F+hB/hR/lRfowf48f5cX68H+8n+Al+op/oJ/vJfqqf6qf76X6Gn+Fn+Vl+dv7Zfo6f4+f5eX6BX+AX+oU+1af6xX6xX+KX+GV+mV/hV/hVfpVf49f4dX6d3+A3+E1+k9/it/htfpvf4Xf4XX6X3+P3+L1+r9/n9/n9fr8/4A+cC/6gP+S/9If9V/6I/9of9d/4Y/5bf9x/50/4k/6U/96f9j/4M/6sP+d/9Of9T/6C/9lf9MGPS7ydGJ94JzEh8W5iYmJSYnJiSmJqYlpieuK9xIzEzMSsxPuJ2YkPEnMScxPzEvMTCxIfJhYmFiVSEx8lFic+TixJLE0sSyxPrEisTIRww7Y45Al5QzLcGPKFm0L+UCAUDIWCD4VDkXBzKBpuCcXCraF4uC2UCLeHkqFUKB0eDfVDg9AwNAqNw2OhSXg8NA3NQvPwRGgRngwtw1OhVXg6tA7PhDbh2dA2PBfahedD+/BC6BA6hk7hxdA5vBS6BB26he6hR3g59Ay9Qu/QJ/QNr4R+4dXQP7wWBoSBYVB4PQwOb4Qh4c0wNAwLw8NbYUQYGUaF0WFMGBvGhbfD+PBOmBDeDRPDpDA5TAlTw7QwPbwXZoSZYVZ4P8wOH4Q5YW6YF+aHBeHDsDAsCqnho7A4fByWhKVhWVgeIGVlWBVWhzVhbVgX1ocNYWPYFDaHLWFr2Ba2hx1hZ9gVdoc94ZOwN3wa9oXPwv7weTgQ/hIOhi/CofBlOBy+CkfC1+Fo+CYcC9+G4+G7cCKcDKfC9+F0+CGcCWfDufBjOB9+ChfCz+Gi/M6aEEIIIcSfov9gf/e/idR//Kt++0gPALh6e87D/7Xmhmy/rnupXC0SAPB01/YP/XWrWLFbt26/PXaJhijvXABIXM5PB5fjpdAcnoRW0AyK/rf99VIdz/Mf1E/eBpDxP+WkwOX4cv1b/k79kbP/sP5cgPx5L+dkgMvx5frFflc7+qV+9iZ/UD/DF+MAmv6nvExwOb5cvwg8Ds9Aq795pBBCCCGEEEII8ateqnTbP7q+vXR9nstczkkPl+M/uj4XQgghhBBCCCHElfdcx05PPdaqVbO2f2dR/u/vkkVaWaT712jj334B8C/Rxp9bXOnvTEIIIYQQQoh/tssn/Ve6EyGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQIu36f/HnxK70MQohhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBX2v8KAAD//6WkMbQ=") mount$nfs(&(0x7f0000000100)='...', &(0x7f0000000140)='./file0\x00', 0x0, 0x2000, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) 4.41884495s ago: executing program 2 (id=1272): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000000)='devices.deny\x00', 0x2, 0x0) write$cgroup_devices(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="62202a3a2a20778e"], 0x9) 3.46334689s ago: executing program 0 (id=1273): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000540), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000080)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)={0x24, r1, 0x1, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x80000001}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000) 2.992014738s ago: executing program 0 (id=1274): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000100)=0x80000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f00000002c0)={@local}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a6, 0x0) 2.933723524s ago: executing program 2 (id=1275): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9) r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x141301) ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f0000000000)={0x80, 0x6, 0xf00, 0x0, 0x2, 0x0, 0x0}) 2.583855847s ago: executing program 1 (id=1276): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000800)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a0b040000000000000000020000000900010073797a30000000000900020073797a320000000014000000110001"], 0x54}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000b40000000000000000000a38000000060a17f50000000000000000020000000900020073797a32000000000900010073797a30000000000c0003"], 0x80}}, 0x0) 2.535895583s ago: executing program 4 (id=1277): syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000140)='proc\x00', 0x0, 0x0) syz_mount_image$fuse(&(0x7f00000003c0), &(0x7f0000000080)='./file0\x00', 0x2304023, &(0x7f00000001c0)=ANY=[], 0x8, 0x0, 0x0) creat(&(0x7f0000002080)='./file0\x00', 0x0) 1.768772868s ago: executing program 0 (id=1278): r0 = socket(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000010180)=@newqdisc={0x40, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_etf={{0x8}, {0x14, 0x2, @TCA_ETF_PARMS={0xfffffffffffffc23}}}]}, 0x40}}, 0x0) 1.705600423s ago: executing program 2 (id=1279): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) r1 = epoll_create(0x3) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000003c0)={0x9000000c}) poll(&(0x7f0000000100)=[{r1}], 0x1, 0x0) 1.495640101s ago: executing program 4 (id=1280): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) r1 = syz_open_dev$sg(&(0x7f0000000440), 0x0, 0x0) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000100)) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f0000002b40)=ANY=[@ANYRES64=r0, @ANYBLOB='S']) 1.416074031s ago: executing program 1 (id=1281): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000002c0)='bdi_dirty_ratelimit\x00', r0}, 0x10) r2 = gettid() bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000380)={r2, r1, 0x0, 0x14, 0xfffffffffffffffe}, 0x42) 912.254347ms ago: executing program 2 (id=1282): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='br_fdb_external_learn_add\x00', r0}, 0x10) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000000080)=[{&(0x7f0000000200)="2e0400001c008102e00f80ecdb4cb9f207c804a00d00000088081afb0a0002000a0ada1b40d80800c500c50083b8", 0xfec9}], 0x1, 0x0, 0x0, 0x5865}, 0x0) 508.646503ms ago: executing program 0 (id=1283): r0 = timerfd_create(0x0, 0x0) timerfd_settime(r0, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) timerfd_gettime(r0, 0x0) readv(r0, &(0x7f0000000000)=[{&(0x7f00000020c0)=""/4106, 0x8}], 0x8) 297.316057ms ago: executing program 1 (id=1284): bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}}, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)=0x4b) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x8946, &(0x7f0000000900)={'wlan1\x00', @random='\x00\x00\x00 \x00'}) 282.882033ms ago: executing program 4 (id=1285): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/stat\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x20000023896) ioctl$TIOCSERGETLSR(r0, 0x5459, 0x0) 0s ago: executing program 2 (id=1286): r0 = socket(0x2, 0x3, 0x6) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f00000000c0)=0x6, 0x4) sendto$inet(r0, 0x0, 0x0, 0x8890, &(0x7f0000000000)={0x2, 0x0, @broadcast}, 0x10) kernel console output (not intermixed with test programs): r even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 298.044591][ T5752] CIFS mount error: No usable UNC path provided in device string! [ 298.044591][ T5752] [ 298.055429][ T5752] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 298.349265][ T5755] netlink: 16 bytes leftover after parsing attributes in process `syz.1.166'. [ 298.358949][ T5755] netlink: 16 bytes leftover after parsing attributes in process `syz.1.166'. [ 298.852401][ T5761] netlink: 4 bytes leftover after parsing attributes in process `syz.2.168'. [ 299.855903][ T5268] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 300.202276][ T5268] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 300.210755][ T5268] usb 4-1: config 0 has no interface number 0 [ 300.217644][ T5268] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 300.229092][ T5268] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 300.239412][ T5268] usb 4-1: config 0 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 300.252829][ T5268] usb 4-1: New USB device found, idVendor=04d9, idProduct=a0c2, bcdDevice= 0.00 [ 300.266744][ T5268] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 300.336532][ T5268] usb 4-1: config 0 descriptor?? [ 301.377137][ T5268] holtek_mouse 0003:04D9:A0C2.0001: unknown main item tag 0x0 [ 301.393042][ T5268] holtek_mouse 0003:04D9:A0C2.0001: unknown main item tag 0x0 [ 301.402987][ T5268] holtek_mouse 0003:04D9:A0C2.0001: unknown main item tag 0x0 [ 301.410887][ T5268] holtek_mouse 0003:04D9:A0C2.0001: unknown main item tag 0x0 [ 301.419171][ T5268] holtek_mouse 0003:04D9:A0C2.0001: unknown main item tag 0x0 [ 301.427373][ T5268] holtek_mouse 0003:04D9:A0C2.0001: unknown main item tag 0x0 [ 301.435345][ T5268] holtek_mouse 0003:04D9:A0C2.0001: unknown main item tag 0x0 [ 301.447758][ T5268] holtek_mouse 0003:04D9:A0C2.0001: unknown main item tag 0x0 [ 301.462762][ T5268] holtek_mouse 0003:04D9:A0C2.0001: unknown main item tag 0x0 [ 301.470757][ T5268] holtek_mouse 0003:04D9:A0C2.0001: unknown main item tag 0x0 [ 301.482691][ T5268] holtek_mouse 0003:04D9:A0C2.0001: unknown main item tag 0x0 [ 301.497770][ T5268] holtek_mouse 0003:04D9:A0C2.0001: item fetching failed at offset 14/41 [ 301.519688][ T5268] holtek_mouse 0003:04D9:A0C2.0001: hid parse failed: -22 [ 301.527701][ T5268] holtek_mouse 0003:04D9:A0C2.0001: probe with driver holtek_mouse failed with error -22 [ 301.607146][ T5268] usb 4-1: USB disconnect, device number 3 [ 301.633359][ T5772] loop1: detected capacity change from 0 to 4096 [ 301.682045][ T5772] ntfs3: loop1: Primary boot: invalid bytes per MFT record 126976 (31). [ 301.733942][ T5772] ntfs3: loop1: try to read out of volume at offset 0x1ffe00 [ 302.209161][ T5790] loop6: detected capacity change from 0 to 524287999 [ 302.320083][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 302.329906][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 302.368072][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 302.459858][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 302.469500][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 302.541599][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 302.551190][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 302.726266][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 302.736046][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 302.747467][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 302.757242][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 302.773746][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 302.783467][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 302.947517][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 302.957300][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 302.986105][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 302.995880][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 303.004589][ T5790] ldm_validate_partition_table(): Disk read failed. [ 303.014594][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 303.024220][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 303.122115][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 303.155694][ T5790] Dev loop6: unable to read RDB block 0 [ 303.350458][ T5790] loop6: unable to read partition table [ 303.411968][ T5790] loop_reread_partitions: partition scan of loop6 (3Ÿ ¾x³˜CÖ) failed (rc=-5) [ 303.726413][ T5805] loop3: detected capacity change from 0 to 256 [ 303.878769][ T5805] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d16cac, utbl_chksum : 0xe619d30d) [ 304.022741][ T5805] exFAT-fs (loop3): error, invalid access to FAT free cluster (entry 0x00000008) [ 304.032759][ T5805] exFAT-fs (loop3): Filesystem has been set read-only [ 304.039802][ T5805] exFAT-fs (loop3): error, failed to bmap (inode : ffff8880136503f0 iblock : 8, err : -5) [ 304.192503][ T5805] exFAT-fs (loop3): error, invalid access to FAT free cluster (entry 0x00000008) [ 304.202321][ T5805] exFAT-fs (loop3): write: fail to zero from 10 to 32768(-5) [ 304.210718][ T5811] exFAT-fs (loop3): error, invalid access to FAT free cluster (entry 0x00000008) [ 304.221226][ T5811] exFAT-fs (loop3): error, failed to bmap (inode : ffff8880136503f0 iblock : 8, err : -5) [ 304.334250][ T5811] exFAT-fs (loop3): error, invalid access to FAT free cluster (entry 0x00000008) [ 304.344237][ T5811] exFAT-fs (loop3): write: fail to zero from 4096 to 17179869192(-5) [ 304.451953][ T5805] syz.3.188 (5805) used greatest stack depth: 4984 bytes left [ 306.594697][ T5836] netlink: 4 bytes leftover after parsing attributes in process `syz.2.201'. [ 307.266350][ T5842] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 307.275598][ T5842] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 1th superblock [ 307.284683][ T5842] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 307.292926][ T5842] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 2th superblock [ 308.734763][ T5867] netlink: 4 bytes leftover after parsing attributes in process `syz.4.216'. [ 308.771121][ T5863] loop2: detected capacity change from 0 to 2048 [ 308.951662][ T5863] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 309.302760][ T5876] loop0: detected capacity change from 0 to 2048 [ 309.699867][ T5878] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 310.338835][ T5888] loop4: detected capacity change from 0 to 64 [ 310.618139][ T5878] NILFS (loop0): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 310.630126][ T5878] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=4) [ 310.698848][ T5878] Remounting filesystem read-only [ 310.771828][ T5184] NILFS (loop0): disposed unprocessed dirty file(s) when stopping log writer [ 310.889869][ T29] audit: type=1326 audit(1727965494.292:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5891 comm="syz.2.225" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ed579 code=0x7ffc0000 [ 310.916920][ T29] audit: type=1326 audit(1727965494.292:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5891 comm="syz.2.225" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ed579 code=0x7ffc0000 [ 310.941273][ T29] audit: type=1326 audit(1727965494.292:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5891 comm="syz.2.225" exe="/root/syz-executor" sig=0 arch=40000003 syscall=238 compat=1 ip=0xf73ed579 code=0x7ffc0000 [ 310.963713][ T29] audit: type=1326 audit(1727965494.292:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5891 comm="syz.2.225" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ed579 code=0x7ffc0000 [ 310.986058][ T29] audit: type=1326 audit(1727965494.292:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5891 comm="syz.2.225" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ed579 code=0x7ffc0000 [ 311.012863][ T29] audit: type=1800 audit(1727965494.572:10): pid=5888 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.224" name="bus" dev="loop4" ino=1 res=0 errno=0 [ 311.718971][ T5902] netlink: 12 bytes leftover after parsing attributes in process `syz.0.234'. [ 311.981040][ T5906] loop3: detected capacity change from 0 to 256 [ 312.005432][ T5904] netlink: 'syz.4.233': attribute type 21 has an invalid length. [ 312.261871][ T29] audit: type=1326 audit(1727965495.992:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5908 comm="syz.1.235" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743d579 code=0x7ffc0000 [ 312.284546][ T29] audit: type=1326 audit(1727965495.992:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5908 comm="syz.1.235" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743d579 code=0x7ffc0000 [ 312.306929][ T29] audit: type=1326 audit(1727965496.012:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5908 comm="syz.1.235" exe="/root/syz-executor" sig=0 arch=40000003 syscall=371 compat=1 ip=0xf743d579 code=0x7ffc0000 [ 312.329396][ T29] audit: type=1326 audit(1727965496.012:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5908 comm="syz.1.235" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743d579 code=0x7ffc0000 [ 312.728022][ T5914] netlink: 8 bytes leftover after parsing attributes in process `syz.0.237'. [ 313.622953][ T5927] netlink: 'syz.0.243': attribute type 49 has an invalid length. [ 314.102250][ T5936] Mount JFS Failure: -22 [ 314.106751][ T5936] jfs_mount failed w/return code = -22 [ 315.698187][ T5954] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 315.742605][ T5953] loop2: detected capacity change from 0 to 256 [ 316.609257][ T5967] PKCS7: Unknown OID: [5] 2.24.97.110.100.108.101.95.115.116.97.116.115.0.0 [ 316.618552][ T5967] PKCS7: Only support pkcs7_signedData type [ 317.633898][ T5980] loop2: detected capacity change from 0 to 64 [ 318.253535][ T5984] netlink: 'syz.0.266': attribute type 12 has an invalid length. [ 318.262028][ T5984] netlink: 132 bytes leftover after parsing attributes in process `syz.0.266'. [ 318.363049][ T5988] netlink: 4 bytes leftover after parsing attributes in process `syz.4.270'. [ 318.417722][ T5990] loop3: detected capacity change from 0 to 512 [ 318.453321][ T5988] netlink: 104 bytes leftover after parsing attributes in process `syz.4.270'. [ 318.462872][ T5988] netlink: 104 bytes leftover after parsing attributes in process `syz.4.270'. [ 318.491306][ T5990] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 318.709394][ T5995] loop2: detected capacity change from 0 to 64 [ 319.000244][ T5995] hfs: bad catalog entry type 0 [ 319.140805][ T6001] loop4: detected capacity change from 0 to 1024 [ 319.287253][ T6003] netlink: 4 bytes leftover after parsing attributes in process `syz.1.276'. [ 319.483688][ T5990] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 319.495476][ T6001] hfsplus: failed to load root directory [ 319.503070][ T5990] ext4 filesystem being mounted at /59/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 320.595155][ T6016] sctp: [Deprecated]: syz.4.282 (pid 6016) Use of int in max_burst socket option. [ 320.595155][ T6016] Use struct sctp_assoc_value instead [ 321.203325][ T5187] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 321.499438][ T6028] netlink: 16 bytes leftover after parsing attributes in process `syz.2.286'. [ 321.809861][ T6032] netlink: 'syz.3.283': attribute type 10 has an invalid length. [ 321.872303][ T6032] bridge0: port 2(bridge_slave_1) entered disabled state [ 321.882709][ T6032] bridge0: port 1(bridge_slave_0) entered disabled state [ 321.918973][ T6032] bridge0: port 2(bridge_slave_1) entered blocking state [ 321.927016][ T6032] bridge0: port 2(bridge_slave_1) entered forwarding state [ 321.936474][ T6032] bridge0: port 1(bridge_slave_0) entered blocking state [ 321.944576][ T6032] bridge0: port 1(bridge_slave_0) entered forwarding state [ 321.969976][ T6032] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 322.497155][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 322.497243][ T29] audit: type=1326 audit(1727965506.242:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6035 comm="syz.0.292" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ad579 code=0x7ffc0000 [ 322.526555][ T29] audit: type=1326 audit(1727965506.242:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6035 comm="syz.0.292" exe="/root/syz-executor" sig=0 arch=40000003 syscall=179 compat=1 ip=0xf73ad579 code=0x7ffc0000 [ 322.550864][ T29] audit: type=1326 audit(1727965506.242:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6035 comm="syz.0.292" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ad579 code=0x7ffc0000 [ 322.723994][ T5247] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 322.824522][ T5268] IPVS: starting estimator thread 0... [ 322.882065][ T5247] usb 5-1: Using ep0 maxpacket: 8 [ 322.912427][ T6044] IPVS: using max 240 ests per chain, 12000 per kthread [ 322.920706][ T5247] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 13 [ 322.962018][ T5247] usb 5-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58 [ 322.971712][ T5247] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 322.986472][ T5247] usb 5-1: Product: syz [ 322.995655][ T5247] usb 5-1: Manufacturer: syz [ 323.004240][ T5247] usb 5-1: SerialNumber: syz [ 323.205043][ T5247] usb 5-1: config 0 descriptor?? [ 323.254194][ T5247] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae [ 323.775347][ T1619] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 324.151112][ T5247] gspca_zc3xx: reg_w_i err -71 [ 324.172262][ T1619] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 324.183893][ T1619] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 324.194439][ T1619] usb 1-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00 [ 324.203989][ T1619] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 324.364503][ T1619] usb 1-1: config 0 descriptor?? [ 324.742390][ T5247] gspca_zc3xx: Unknown sensor - set to TAS5130C [ 324.749607][ T5247] gspca_zc3xx 5-1:0.0: probe with driver gspca_zc3xx failed with error -71 [ 324.793018][ T6065] gretap0: entered promiscuous mode [ 324.813655][ T5247] usb 5-1: USB disconnect, device number 2 [ 324.899230][ T6065] erspan0: entered promiscuous mode [ 324.945257][ T1619] steelseries 0003:1038:1410.0002: not enough values in HID_OUTPUT_REPORT 0 field 0 [ 325.098328][ T6062] loop2: detected capacity change from 0 to 2048 [ 325.179297][ T5241] usb 1-1: USB disconnect, device number 2 [ 325.225136][ T6066] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 327.041146][ T6088] loop4: detected capacity change from 0 to 128 [ 327.724914][ T6094] loop0: detected capacity change from 0 to 128 [ 328.818046][ T6100] loop4: detected capacity change from 0 to 4096 [ 328.949880][ T6100] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 329.307365][ T6116] netlink: 8 bytes leftover after parsing attributes in process `syz.0.322'. [ 329.322352][ T6116] netlink: 16 bytes leftover after parsing attributes in process `syz.0.322'. [ 329.703102][ T5247] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 329.901622][ T6121] netlink: 4 bytes leftover after parsing attributes in process `syz.3.324'. [ 330.012418][ T1599] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 330.067592][ T5247] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 330.136149][ T5241] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 330.152475][ T5247] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 330.222105][ T6100] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 330.270326][ T5247] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 330.339974][ T5247] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 330.373396][ T5241] usb 2-1: Using ep0 maxpacket: 8 [ 330.403921][ T1599] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 330.419344][ T5241] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 330.430859][ T5241] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 1040, setting to 1024 [ 330.442670][ T5241] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 330.453207][ T5241] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 330.467458][ T5241] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0 [ 330.512334][ T1599] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 330.582438][ T5247] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 330.644041][ T5241] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 330.654125][ T5241] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 330.662606][ T5241] usb 2-1: Product: syz [ 330.667055][ T5241] usb 2-1: Manufacturer: syz [ 330.676184][ T5241] usb 2-1: SerialNumber: syz [ 331.162173][ T5241] cdc_ncm 2-1:1.0: bind() failure [ 331.225947][ T5241] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found [ 331.233524][ T5241] cdc_ncm 2-1:1.1: bind() failure [ 331.323257][ T5241] usb 2-1: USB disconnect, device number 3 [ 331.414800][ T5247] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 331.685585][ T6136] loop0: detected capacity change from 0 to 512 [ 331.821143][ T6136] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 331.835191][ T6136] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 331.884652][ T6131] loop2: detected capacity change from 0 to 2048 [ 331.973600][ T6136] EXT4-fs (loop0): 1 truncate cleaned up [ 332.183132][ T6136] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 332.228950][ T6131] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 332.795176][ T5184] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 333.029536][ T5247] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 333.180467][ T6154] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 333.371815][ T5247] usb 2-1: Using ep0 maxpacket: 16 [ 333.398966][ T5198] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 333.531764][ T5247] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 333.548298][ T5247] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 333.560079][ T5247] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 333.573842][ T5247] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 333.583909][ T5247] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 333.669919][ T5247] usb 2-1: config 0 descriptor?? [ 334.287723][ T5247] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 334.296146][ T5247] microsoft 0003:045E:07DA.0003: item 0 0 0 11 parsing failed [ 334.566367][ T5247] microsoft 0003:045E:07DA.0003: parse failed [ 334.575185][ T5247] microsoft 0003:045E:07DA.0003: probe with driver microsoft failed with error -22 [ 334.762962][ T5247] usb 2-1: USB disconnect, device number 4 [ 335.045720][ T6169] loop4: detected capacity change from 0 to 16 [ 335.120172][ T6169] erofs: (device loop4): EXPERIMENTAL EROFS subpage compressed block support in use. Use at your own risk! [ 335.133161][ T6169] erofs: (device loop4): mounted with root inode @ nid 36. [ 335.271042][ T6169] erofs: (device loop4): z_erofs_do_map_blocks: invalid logical cluster 0 at nid 36 [ 335.287218][ T6169] syz.4.345: attempt to access beyond end of device [ 335.287218][ T6169] loop4: rw=0, sector=131072, nr_sectors = 1 limit=16 [ 335.303207][ T6169] erofs: (device loop4): z_erofs_read_folio: read error -5 @ 0 of nid 36 [ 335.629166][ T6174] netlink: 40 bytes leftover after parsing attributes in process `syz.2.347'. [ 336.125969][ T6178] loop3: detected capacity change from 0 to 256 [ 336.591008][ T6181] loop4: detected capacity change from 0 to 764 [ 336.837887][ T6189] Process accounting resumed [ 337.616185][ T6192] loop1: detected capacity change from 0 to 1024 [ 338.613800][ T4080] hfsplus: b-tree write err: -5, ino 4 [ 339.262748][ T6209] loop4: detected capacity change from 0 to 1024 [ 339.346663][ T5247] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 339.523026][ T6214] netlink: 40 bytes leftover after parsing attributes in process `syz.3.364'. [ 339.545516][ T5247] usb 2-1: Using ep0 maxpacket: 16 [ 339.948692][ T5247] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 339.961145][ T5247] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 339.993480][ T6219] netlink: 'syz.2.366': attribute type 138 has an invalid length. [ 340.001872][ T6219] netlink: 8 bytes leftover after parsing attributes in process `syz.2.366'. [ 340.336969][ T5247] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 340.346812][ T5247] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 340.355936][ T5247] usb 2-1: Product: syz [ 340.360388][ T5247] usb 2-1: Manufacturer: syz [ 340.365432][ T5247] usb 2-1: SerialNumber: syz [ 340.450939][ T6209] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 340.465161][ T6209] ext4 filesystem being mounted at /64/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 340.584744][ T5247] usb 2-1: config 0 descriptor?? [ 340.846761][ T5241] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 341.192076][ T5247] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 341.202885][ T5247] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class) [ 341.351052][ T5185] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 341.824643][ T5241] usb 4-1: Using ep0 maxpacket: 16 [ 341.843457][ T5241] usb 4-1: config 0 has an invalid descriptor of length 115, skipping remainder of the config [ 341.854197][ T5241] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 341.864401][ T5241] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x6 has an invalid bInterval 101, changing to 10 [ 341.875914][ T5241] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 24675, setting to 1024 [ 341.887523][ T5241] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 341.910133][ T5241] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 341.919883][ T5241] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 341.928365][ T5241] usb 4-1: Manufacturer: syz [ 342.016431][ T5247] em28xx 2-1:0.0: chip ID is em2750 [ 342.044889][ T5241] usb 4-1: config 0 descriptor?? [ 342.094000][ T5241] mceusb 4-1:0.0: mceusb_dev_probe: device setup failed! [ 342.101592][ T5241] mceusb 4-1:0.0: probe with driver mceusb failed with error -12 [ 342.113397][ T5241] usbhid 4-1:0.0: can't add hid device: -22 [ 342.120122][ T5241] usbhid 4-1:0.0: probe with driver usbhid failed with error -22 [ 342.281788][ T5247] em28xx 2-1:0.0: Config register raw data: 0xfffffffb [ 342.292243][ T5247] em28xx 2-1:0.0: AC97 chip type couldn't be determined [ 342.299498][ T5247] em28xx 2-1:0.0: No AC97 audio processor [ 342.433383][ T5247] usb 2-1: USB disconnect, device number 5 [ 342.441032][ T5247] em28xx 2-1:0.0: Disconnecting em28xx [ 342.614190][ T1619] usb 4-1: USB disconnect, device number 4 [ 342.671515][ T5247] em28xx 2-1:0.0: Freeing device [ 343.391266][ T6263] netlink: 34 bytes leftover after parsing attributes in process `syz.4.374'. [ 344.052169][ T4561] Bluetooth: hci2: command 0x0406 tx timeout [ 344.718154][ T6280] loop3: detected capacity change from 0 to 128 [ 344.846301][ T6281] loop4: detected capacity change from 0 to 512 [ 344.942128][ T6281] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities [ 345.195547][ T6284] netlink: 'syz.2.390': attribute type 5 has an invalid length. [ 345.204080][ T6284] netlink: 'syz.2.390': attribute type 5 has an invalid length. [ 345.217699][ T6284] netlink: 'syz.2.390': attribute type 2 has an invalid length. [ 345.227251][ T6284] netlink: 'syz.2.390': attribute type 8 has an invalid length. [ 345.235296][ T6284] netlink: 'syz.2.390': attribute type 1 has an invalid length. [ 345.243329][ T6284] netlink: 'syz.2.390': attribute type 1 has an invalid length. [ 346.227678][ T5268] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 346.484486][ T5268] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 346.496332][ T5268] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 346.506843][ T5268] usb 2-1: New USB device found, idVendor=056a, idProduct=00b0, bcdDevice= 0.00 [ 346.516435][ T5268] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 346.686632][ T5268] usb 2-1: config 0 descriptor?? [ 346.695972][ T6307] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 346.741109][ T6308] netlink: 292 bytes leftover after parsing attributes in process `syz.0.399'. [ 347.398009][ T6310] loop4: detected capacity change from 0 to 256 [ 347.777016][ T6310] exfat: Unknown parameter '18446744073709551615~ƒòW:Åþ¶ËË$žwN~ÙЖð¿¯lU³7ynXmÝ¢)ÊLrkHûÜEÿ§4Gë&ºN' [ 348.244378][ T6325] loop3: detected capacity change from 0 to 16 [ 348.287559][ T6325] erofs: (device loop3): mounted with root inode @ nid 36. [ 348.357254][ T6321] netlink: 24 bytes leftover after parsing attributes in process `syz.0.403'. [ 348.416434][ T5268] wacom 0003:056A:00B0.0004: Unknown device_type for 'HID 056a:00b0'. Assuming pen. [ 348.418391][ T6325] erofs: (device loop3): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 348.442702][ T5268] wacom 0003:056A:00B0.0004: hidraw0: USB HID v0.00 Device [HID 056a:00b0] on usb-dummy_hcd.1-1/input0 [ 348.459221][ T5268] input: Wacom Intuos3 4x5 Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:00B0.0004/input/input5 [ 348.510250][ T6325] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -38 in[52, 4044] out[1851] [ 348.521980][ T6325] erofs: (device loop3): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 348.544210][ T6325] erofs: (device loop3): z_erofs_do_map_blocks: invalid logical cluster 0 at nid 36 [ 348.554358][ T6325] syz.3.404: attempt to access beyond end of device [ 348.554358][ T6325] loop3: rw=0, sector=296, nr_sectors = 8 limit=16 [ 348.568033][ T6325] erofs: (device loop3): z_erofs_read_folio: read error -5 @ 0 of nid 36 [ 348.576984][ T6325] erofs: (device loop3): erofs_readdir: fail to readdir of logical block 0 of nid 36 [ 348.775570][ T5259] usb 2-1: USB disconnect, device number 6 [ 349.270661][ T6328] tc_dump_action: action bad kind [ 349.927825][ T5259] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 350.302342][ T5259] usb 3-1: Using ep0 maxpacket: 8 [ 350.649820][ T5259] usb 3-1: New USB device found, idVendor=04e6, idProduct=0101, bcdDevice= 2.00 [ 350.660819][ T5259] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 350.669517][ T5259] usb 3-1: Product: syz [ 350.674072][ T5259] usb 3-1: Manufacturer: syz [ 350.678962][ T5259] usb 3-1: SerialNumber: syz [ 350.803605][ T5259] usb 3-1: config 0 descriptor?? [ 350.865701][ T5259] usb-storage 3-1:0.0: USB Mass Storage device detected [ 351.144296][ T6361] loop3: detected capacity change from 0 to 128 [ 351.188891][ T5241] usb 3-1: USB disconnect, device number 2 [ 351.195297][ T6357] delete_channel: no stack [ 351.297914][ T29] audit: type=1800 audit(1727965535.032:19): pid=6361 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.416" name="file2" dev="loop3" ino=1048613 res=0 errno=0 [ 351.415817][ T29] audit: type=1804 audit(1727965535.172:20): pid=6362 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.416" name="/newroot/90/file0/file2" dev="loop3" ino=1048613 res=1 errno=0 [ 352.179992][ T1240] ieee802154 phy0 wpan0: encryption failed: -22 [ 352.189629][ T6366] loop1: detected capacity change from 0 to 4096 [ 352.253093][ T6366] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 352.749288][ T6370] loop4: detected capacity change from 0 to 256 [ 352.958884][ T6373] loop3: detected capacity change from 0 to 512 [ 353.016160][ T6370] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 353.025536][ T6370] FAT-fs (loop4): Filesystem has been set read-only [ 353.032747][ T6370] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 353.042043][ T6370] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 353.051100][ T6370] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 353.060474][ T6370] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 353.069819][ T6370] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 353.079100][ T6370] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 353.088464][ T6370] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 353.104405][ T6370] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 353.115494][ T6370] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 353.155616][ T29] audit: type=1800 audit(1727965536.922:21): pid=6370 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.418" name="file1" dev="loop4" ino=1048615 res=0 errno=0 [ 353.256982][ T6370] syz.4.418 (6370) used greatest stack depth: 3960 bytes left [ 353.333462][ T6373] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 353.346945][ T6373] ext4 filesystem being mounted at /91/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 353.684095][ T6373] EXT4-fs (loop3): shut down requested (2) [ 353.823431][ T6353] loop0: detected capacity change from 0 to 4096 [ 354.187886][ T5187] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 356.834682][ T6420] team0: Device ipvlan2 failed to register rx_handler [ 356.887132][ T6422] sctp: [Deprecated]: syz.3.435 (pid 6422) Use of struct sctp_assoc_value in delayed_ack socket option. [ 356.887132][ T6422] Use struct sctp_sack_info instead [ 356.906653][ T6422] sctp: [Deprecated]: syz.3.435 (pid 6422) Use of struct sctp_assoc_value in delayed_ack socket option. [ 356.906653][ T6422] Use struct sctp_sack_info instead [ 357.317427][ T6430] loop4: detected capacity change from 0 to 256 [ 357.388314][ T6428] loop0: detected capacity change from 0 to 512 [ 357.432483][ T6428] EXT4-fs: Ignoring removed mblk_io_submit option [ 357.484621][ T6428] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 357.510867][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 357.536891][ T6430] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 357.737552][ T6428] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002] [ 357.782957][ T6428] System zones: 1-12 [ 357.832675][ T6428] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.438: corrupted in-inode xattr: e_value size too large [ 357.902080][ T6428] EXT4-fs error (device loop0): ext4_orphan_get:1393: comm syz.0.438: couldn't read orphan inode 15 (err -117) [ 357.923017][ T6428] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 358.116327][ T0] NOHZ tick-stop error: local softirq work is pending, handler #242!!! [ 358.139656][ T6443] netlink: 40 bytes leftover after parsing attributes in process `syz.1.441'. [ 358.377203][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 358.422236][ T0] NOHZ tick-stop error: local softirq work is pending, handler #c2!!! [ 358.934452][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 358.960677][ T6451] netlink: 24 bytes leftover after parsing attributes in process `syz.4.444'. [ 359.092934][ T5241] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 359.123007][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 359.550483][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 359.652366][ T0] NOHZ tick-stop error: local softirq work is pending, handler #c6!!! [ 359.754189][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 359.856792][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 359.866798][ T5241] usb 2-1: Using ep0 maxpacket: 32 [ 360.293199][ T6457] loop3: detected capacity change from 0 to 8 [ 360.555456][ T5241] usb 2-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb [ 360.565123][ T5241] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 360.578663][ T5241] usb 2-1: Product: syz [ 360.584697][ T5241] usb 2-1: Manufacturer: syz [ 360.589597][ T5241] usb 2-1: SerialNumber: syz [ 360.722795][ T5241] usb 2-1: config 0 descriptor?? [ 362.178491][ T6469] loop2: detected capacity change from 0 to 256 [ 362.250719][ T5241] gspca_main: ov534_9-2.14.0 probing 05a9:1550 [ 363.082433][ T6469] FAT-fs (loop2): Directory bread(block 64) failed [ 363.089193][ T6469] FAT-fs (loop2): Directory bread(block 65) failed [ 363.097340][ T6469] FAT-fs (loop2): Directory bread(block 66) failed [ 363.105480][ T6469] FAT-fs (loop2): Directory bread(block 67) failed [ 363.113264][ T6469] FAT-fs (loop2): Directory bread(block 68) failed [ 363.119951][ T6469] FAT-fs (loop2): Directory bread(block 69) failed [ 363.126919][ T6469] FAT-fs (loop2): Directory bread(block 70) failed [ 363.137610][ T6469] FAT-fs (loop2): Directory bread(block 71) failed [ 363.145658][ T6469] FAT-fs (loop2): Directory bread(block 72) failed [ 363.152791][ T6469] FAT-fs (loop2): Directory bread(block 73) failed [ 364.007333][ T5241] gspca_ov534_9: reg_w failed -71 [ 364.023937][ T5184] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 364.466101][ T6477] netlink: 4 bytes leftover after parsing attributes in process `syz.3.455'. [ 364.644694][ T5199] Bluetooth: hci0: command 0x0406 tx timeout [ 364.651016][ T5199] Bluetooth: hci3: command 0x0406 tx timeout [ 364.657656][ T5199] Bluetooth: hci1: command 0x0406 tx timeout [ 364.702669][ T6477] netlink: 173 bytes leftover after parsing attributes in process `syz.3.455'. [ 364.781961][ T5241] gspca_ov534_9: Unknown sensor 0000 [ 364.782360][ T5241] ov534_9 2-1:0.0: probe with driver ov534_9 failed with error -22 [ 364.882228][ T5259] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 364.936973][ T5241] usb 2-1: USB disconnect, device number 7 [ 365.115793][ T5259] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 365.126452][ T5259] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 365.203567][ T5259] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 365.213294][ T5259] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 365.221980][ T5259] usb 5-1: Product: syz [ 365.226426][ T5259] usb 5-1: Manufacturer: syz [ 365.231514][ T5259] usb 5-1: SerialNumber: syz [ 365.741637][ T6495] netlink: 40 bytes leftover after parsing attributes in process `syz.2.461'. [ 366.256347][ T5259] cdc_ncm 5-1:1.0: SET_CRC_MODE failed [ 366.293115][ T5259] cdc_ncm 5-1:1.0: bind() failure [ 366.318700][ T5259] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found [ 366.326018][ T5259] cdc_ncm 5-1:1.1: bind() failure [ 366.450418][ T5259] usb 5-1: USB disconnect, device number 3 [ 366.635818][ T6502] loop2: detected capacity change from 0 to 512 [ 366.691289][ T6502] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 366.829708][ T6502] EXT4-fs (loop2): 1 truncate cleaned up [ 366.837809][ T6502] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 366.856491][ T6504] netlink: 16 bytes leftover after parsing attributes in process `syz.1.464'. [ 366.866263][ T6504] bond0: option ad_select: unable to set because the bond device is up [ 367.064508][ T6509] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 367.078023][ T6502] EXT4-fs error (device loop2): ext4_generic_delete_entry:2680: inode #2: block 13: comm syz.2.463: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 367.192869][ T6502] EXT4-fs error (device loop2) in ext4_delete_entry:2751: Corrupt filesystem [ 367.442209][ T6502] EXT4-fs warning (device loop2): ext4_rename_delete:3733: inode #2: comm syz.2.463: Deleting old file: nlink 5, error=-117 [ 367.685002][ T6516] loop3: detected capacity change from 0 to 256 [ 367.773310][ T6516] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 367.800443][ T5198] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 367.999564][ T6518] loop0: detected capacity change from 0 to 256 [ 368.067886][ T6521] loop1: detected capacity change from 0 to 128 [ 368.216824][ T6516] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512 [ 368.227385][ T6516] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 368.235482][ T6516] UDF-fs: Scanning with blocksize 512 failed [ 368.347316][ T6516] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 368.407499][ T6518] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 368.529449][ T6516] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 368.642457][ T6526] netlink: 408 bytes leftover after parsing attributes in process `syz.2.471'. [ 368.643018][ T29] audit: type=1800 audit(1727965552.372:22): pid=6518 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.470" name="bus" dev="loop0" ino=1048626 res=0 errno=0 [ 368.974462][ T5268] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 369.372176][ T5268] usb 5-1: Using ep0 maxpacket: 8 [ 369.728042][ T6537] loop2: detected capacity change from 0 to 256 [ 369.836874][ T5268] usb 5-1: New USB device found, idVendor=2001, idProduct=3c1a, bcdDevice=62.2f [ 369.846607][ T5268] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 369.855295][ T5268] usb 5-1: Product: syz [ 369.859744][ T5268] usb 5-1: Manufacturer: syz [ 369.864869][ T5268] usb 5-1: SerialNumber: syz [ 369.985016][ T5268] usb 5-1: config 0 descriptor?? [ 370.333058][ T5268] usb 5-1: USB disconnect, device number 4 [ 370.946370][ T5268] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 371.157063][ T5268] usb 5-1: New USB device found, idVendor=09e1, idProduct=5121, bcdDevice=40.c1 [ 371.166748][ T5268] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 371.175505][ T5268] usb 5-1: Product: syz [ 371.179959][ T5268] usb 5-1: Manufacturer: syz [ 371.184968][ T5268] usb 5-1: SerialNumber: syz [ 371.327367][ T5268] usb 5-1: config 0 descriptor?? [ 371.550391][ T5268] int51x1 5-1:0.0: probe with driver int51x1 failed with error -22 [ 372.117128][ T5268] usb 5-1: USB disconnect, device number 5 [ 372.343072][ T6568] netlink: 4 bytes leftover after parsing attributes in process `syz.1.490'. [ 372.645341][ T6574] netlink: 28 bytes leftover after parsing attributes in process `syz.2.494'. [ 372.836354][ T6572] netlink: 12 bytes leftover after parsing attributes in process `syz.0.495'. [ 373.835473][ T6582] kernel read not supported for file /$] (pid: 6582 comm: syz.1.499) [ 373.871935][ T29] audit: type=1800 audit(1727965557.612:23): pid=6582 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.499" name="$]" dev="mqueue" ino=10075 res=0 errno=0 [ 373.891649][ C1] vkms_vblank_simulate: vblank timer overrun [ 374.967668][ T6596] netlink: 'syz.4.505': attribute type 3 has an invalid length. [ 374.975921][ T6596] netlink: 8 bytes leftover after parsing attributes in process `syz.4.505'. [ 375.082942][ T5268] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 375.276531][ T5268] usb 3-1: Using ep0 maxpacket: 8 [ 375.310875][ T5268] usb 3-1: config 150 has an invalid interface number: 204 but max is 1 [ 375.324373][ T5268] usb 3-1: config 150 has no interface number 0 [ 375.332957][ T5268] usb 3-1: config 150 interface 204 has no altsetting 0 [ 375.340353][ T5268] usb 3-1: config 150 interface 1 has no altsetting 0 [ 375.590950][ T5268] usb 3-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb [ 375.600782][ T5268] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 375.609798][ T5268] usb 3-1: Product: syz [ 375.614420][ T5268] usb 3-1: Manufacturer: syz [ 375.619308][ T5268] usb 3-1: SerialNumber: syz [ 375.896389][ T6606] bond_slave_0: entered promiscuous mode [ 375.902572][ T6606] bond_slave_1: entered promiscuous mode [ 375.908612][ T6606] bridge0: entered promiscuous mode [ 375.919817][ T6606] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 376.116730][ T5268] xr_serial 3-1:150.204: xr_serial converter detected [ 376.146249][ T6606] bond_slave_0: left promiscuous mode [ 376.152173][ T6606] bond_slave_1: left promiscuous mode [ 376.157963][ T6606] bridge0: left promiscuous mode [ 376.962847][ T1599] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 377.000450][ T5268] xr_serial ttyUSB0: Failed to set reg 0x0d: -71 [ 377.007688][ T5268] xr_serial ttyUSB0: probe with driver xr_serial failed with error -71 [ 377.092503][ T5268] usb 3-1: USB disconnect, device number 3 [ 377.103508][ T5268] xr_serial 3-1:150.204: device disconnected [ 377.141862][ T1599] usb 5-1: Using ep0 maxpacket: 32 [ 377.235220][ T1599] usb 5-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 377.245932][ T1599] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 377.254624][ T1599] usb 5-1: Product: syz [ 377.259089][ T1599] usb 5-1: Manufacturer: syz [ 377.268456][ T1599] usb 5-1: SerialNumber: syz [ 377.386679][ T1599] usb 5-1: config 0 descriptor?? [ 377.773341][ T5268] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 378.063047][ T5268] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 378.074610][ T5268] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 378.089121][ T5268] usb 1-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 378.100727][ T5268] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 378.349336][ T5268] usb 1-1: config 0 descriptor?? [ 378.358966][ T1599] rtl8150 5-1:0.0: eth1: rtl8150 is detected [ 378.732234][ T6630] loop1: detected capacity change from 0 to 512 [ 379.009071][ T1599] usb 5-1: USB disconnect, device number 6 [ 379.197514][ T5268] mcp2221 0003:04D8:00DD.0005: unknown main item tag 0x0 [ 379.202928][ T6630] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 379.205634][ T5268] mcp2221 0003:04D8:00DD.0005: unknown main item tag 0x0 [ 379.226130][ T6630] ext4 filesystem being mounted at /98/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 379.233463][ T5268] mcp2221 0003:04D8:00DD.0005: unknown main item tag 0x7 [ 379.233690][ T5268] mcp2221 0003:04D8:00DD.0005: item fetching failed at offset 4/5 [ 379.238891][ T5268] mcp2221 0003:04D8:00DD.0005: can't parse reports [ 379.268159][ T5268] mcp2221 0003:04D8:00DD.0005: probe with driver mcp2221 failed with error -22 [ 379.566473][ T52] Bluetooth: hci4: link tx timeout [ 379.572131][ T52] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 379.792270][ T5268] usb 1-1: USB disconnect, device number 3 [ 380.972086][ T5186] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 381.732188][ T52] Bluetooth: hci4: command 0x0406 tx timeout [ 382.413113][ T6674] netlink: 48 bytes leftover after parsing attributes in process `syz.2.533'. [ 384.109974][ T6695] loop3: detected capacity change from 0 to 256 [ 384.801921][ T6707] netlink: 24 bytes leftover after parsing attributes in process `syz.1.548'. [ 384.916795][ T6695] FAT-fs (loop3): Directory bread(block 64) failed [ 384.924130][ T6695] FAT-fs (loop3): Directory bread(block 65) failed [ 384.931139][ T6695] FAT-fs (loop3): Directory bread(block 66) failed [ 384.941071][ T6695] FAT-fs (loop3): Directory bread(block 67) failed [ 384.953422][ T6695] FAT-fs (loop3): Directory bread(block 68) failed [ 384.961951][ T6695] FAT-fs (loop3): Directory bread(block 69) failed [ 384.968926][ T6695] FAT-fs (loop3): Directory bread(block 70) failed [ 384.976056][ T6695] FAT-fs (loop3): Directory bread(block 71) failed [ 384.983198][ T6695] FAT-fs (loop3): Directory bread(block 72) failed [ 384.990041][ T6695] FAT-fs (loop3): Directory bread(block 73) failed [ 385.233770][ T6714] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 386.167073][ T6725] loop1: detected capacity change from 0 to 512 [ 386.518553][ T6725] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 386.532601][ T6725] ext4 filesystem being mounted at /107/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 387.110921][ T5186] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 388.180120][ T6752] loop2: detected capacity change from 0 to 256 [ 388.202193][ T1599] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 388.235235][ T6752] exfat: Unknown parameter 'GßåÄ)zdÃûx' [ 388.402122][ T1599] usb 5-1: Using ep0 maxpacket: 32 [ 388.489874][ T1599] usb 5-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb [ 388.499535][ T1599] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 388.508064][ T1599] usb 5-1: Product: syz [ 388.512691][ T1599] usb 5-1: Manufacturer: syz [ 388.517568][ T1599] usb 5-1: SerialNumber: syz [ 388.716791][ T1599] usb 5-1: config 0 descriptor?? [ 388.774322][ T6761] tun0: tun_chr_ioctl cmd 2147767506 [ 389.027508][ T1599] gspca_main: ov534_9-2.14.0 probing 05a9:1550 [ 389.627892][ T1599] gspca_ov534_9: reg_w failed -71 [ 389.934791][ T1599] gspca_ov534_9: Unknown sensor 0000 [ 389.935165][ T1599] ov534_9 5-1:0.0: probe with driver ov534_9 failed with error -22 [ 390.008370][ T1599] usb 5-1: USB disconnect, device number 7 [ 391.470692][ T6786] netlink: 40 bytes leftover after parsing attributes in process `syz.2.582'. [ 391.713442][ T6789] netlink: 24 bytes leftover after parsing attributes in process `syz.2.584'. [ 391.901815][ T6792] netlink: 536 bytes leftover after parsing attributes in process `syz.2.585'. [ 391.916446][ T6792] netlink: 536 bytes leftover after parsing attributes in process `syz.2.585'. [ 392.692750][ T1599] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 392.934183][ T1599] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 392.934889][ T6808] netlink: 4 bytes leftover after parsing attributes in process `syz.3.591'. [ 392.945657][ T1599] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 392.965090][ T1599] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 392.978674][ T1599] usb 2-1: New USB device found, idVendor=056a, idProduct=032a, bcdDevice= 0.00 [ 392.988271][ T1599] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 393.048100][ T1599] usb 2-1: config 0 descriptor?? [ 393.780541][ T6815] loop4: detected capacity change from 0 to 512 [ 393.949515][ T1599] wacom 0003:056A:032A.0006: hidraw0: USB HID v0.00 Device [HID 056a:032a] on usb-dummy_hcd.1-1/input0 [ 394.008683][ T6815] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 394.022069][ T6815] ext4 filesystem being mounted at /102/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 394.082443][ T6815] EXT4-fs error (device loop4): ext4_empty_dir:3087: inode #12: comm syz.4.604: invalid size [ 394.417568][ T5185] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 394.452271][ T1599] usb 2-1: USB disconnect, device number 8 [ 395.192730][ T52] Bluetooth: hci4: unexpected event for opcode 0x201c [ 395.570953][ T6831] loop3: detected capacity change from 0 to 64 [ 395.762351][ T6836] netlink: 156 bytes leftover after parsing attributes in process `syz.0.602'. [ 396.833783][ T6846] netlink: 'syz.1.610': attribute type 4 has an invalid length. [ 397.249245][ T6857] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 397.343323][ T6859] netlink: 'syz.0.615': attribute type 3 has an invalid length. [ 397.552490][ T6863] netlink: 'syz.2.616': attribute type 1 has an invalid length. [ 397.560460][ T6863] netlink: 'syz.2.616': attribute type 2 has an invalid length. [ 397.853023][ T6852] loop3: detected capacity change from 0 to 4096 [ 398.571806][ T5247] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 398.802042][ T5247] usb 5-1: Using ep0 maxpacket: 8 [ 398.852270][ T5247] usb 5-1: config 0 has no interfaces? [ 399.257123][ T5247] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 399.266684][ T5247] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 399.275234][ T5247] usb 5-1: Product: syz [ 399.283994][ T5247] usb 5-1: Manufacturer: syz [ 399.288879][ T5247] usb 5-1: SerialNumber: syz [ 399.343368][ T52] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 399.352127][ T52] Bluetooth: hci4: Injecting HCI hardware error event [ 399.359712][ T52] Bluetooth: hci4: hardware error 0x00 [ 399.739322][ T5247] usb 5-1: config 0 descriptor?? [ 399.927379][ T6885] loop3: detected capacity change from 0 to 2048 [ 400.020508][ T6882] loop0: detected capacity change from 0 to 4096 [ 400.412545][ T5247] usb 5-1: USB disconnect, device number 8 [ 400.455674][ T6885] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 401.000619][ T6892] loop1: detected capacity change from 0 to 256 [ 401.014098][ T6890] ntfs3: loop0: ino=22, The size of extended attributes must not exceed 64KiB [ 401.384376][ T6892] FAT-fs (loop1): Directory bread(block 64) failed [ 401.392340][ T6892] FAT-fs (loop1): Directory bread(block 65) failed [ 401.399514][ T6892] FAT-fs (loop1): Directory bread(block 66) failed [ 401.406627][ T6892] FAT-fs (loop1): Directory bread(block 67) failed [ 401.416618][ T6892] FAT-fs (loop1): Directory bread(block 68) failed [ 401.423645][ T6892] FAT-fs (loop1): Directory bread(block 69) failed [ 401.436167][ T6892] FAT-fs (loop1): Directory bread(block 70) failed [ 401.444651][ T6892] FAT-fs (loop1): Directory bread(block 71) failed [ 401.453141][ T6892] FAT-fs (loop1): Directory bread(block 72) failed [ 401.459981][ T6892] FAT-fs (loop1): Directory bread(block 73) failed [ 401.540542][ T52] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 403.812295][ T5247] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 403.993242][ T5247] usb 1-1: Using ep0 maxpacket: 8 [ 404.027342][ T5247] usb 1-1: config 0 has no interfaces? [ 404.033892][ T5247] usb 1-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00 [ 404.043576][ T5247] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 404.136000][ T5247] usb 1-1: config 0 descriptor?? [ 404.492517][ T1599] usb 1-1: USB disconnect, device number 4 [ 404.543769][ T6936] tipc: Started in network mode [ 404.549050][ T6936] tipc: Node identity fe8000000000000000000000000000aa, cluster identity 4711 [ 404.559427][ T6936] tipc: Enabling of bearer rejected, failed to enable media [ 405.407096][ T6949] netlink: 12 bytes leftover after parsing attributes in process `syz.0.657'. [ 405.753765][ T6954] loop0: detected capacity change from 0 to 512 [ 405.912095][ T6954] EXT4-fs (loop0): 1 truncate cleaned up [ 405.919990][ T6954] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 406.624626][ T5184] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 407.445085][ T6972] pimreg: entered allmulticast mode [ 407.490266][ T6972] dvmrp5: entered allmulticast mode [ 407.554220][ T6972] pimreg: left allmulticast mode [ 407.559914][ T6972] dvmrp5: left allmulticast mode [ 407.747496][ T1599] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 408.031633][ T1599] usb 4-1: Using ep0 maxpacket: 16 [ 408.073438][ T1599] usb 4-1: config 1 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 408.089577][ T1599] usb 4-1: config 1 interface 0 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 408.104486][ T1599] usb 4-1: config 1 interface 0 has no altsetting 0 [ 408.257164][ T1599] usb 4-1: string descriptor 0 read error: -22 [ 408.264715][ T1599] usb 4-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.40 [ 408.274288][ T1599] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 408.652142][ T1599] usbhid 4-1:1.0: can't add hid device: -71 [ 408.658993][ T1599] usbhid 4-1:1.0: probe with driver usbhid failed with error -71 [ 408.756351][ T1599] usb 4-1: USB disconnect, device number 5 [ 408.911682][ T5247] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 409.154264][ T5247] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 409.164718][ T5247] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0 [ 409.175099][ T5247] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 409.185362][ T5247] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0 [ 409.380267][ T5247] usb 1-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00 [ 409.389982][ T5247] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 409.398798][ T5247] usb 1-1: Product: syz [ 409.403356][ T5247] usb 1-1: Manufacturer: syz [ 409.408240][ T5247] usb 1-1: SerialNumber: syz [ 409.574663][ T5247] usb 1-1: config 0 descriptor?? [ 409.633561][ T5247] ums-isd200 1-1:0.0: USB Mass Storage device detected [ 409.904861][ T5247] scsi host1: usb-storage 1-1:0.0 [ 409.969055][ T7005] netlink: 16 bytes leftover after parsing attributes in process `syz.3.680'. [ 410.184894][ T1599] usb 1-1: USB disconnect, device number 5 [ 411.136918][ T5247] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 411.428963][ T5247] usb 5-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 411.438816][ T5247] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 411.603336][ T5247] usb 5-1: config 0 descriptor?? [ 411.793742][ T5247] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 412.894253][ T5247] gspca_cpia1: usb_control_msg 01, error -71 [ 412.907310][ T5247] cpia1 5-1:0.0: only firmware version 1 is supported (got: 0) [ 412.949512][ T5247] usb 5-1: USB disconnect, device number 9 [ 413.603603][ T1240] ieee802154 phy0 wpan0: encryption failed: -22 [ 414.393401][ T7049] loop1: detected capacity change from 0 to 4096 [ 414.493343][ T7049] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 415.462667][ T7049] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 415.485046][ T7049] ntfs3: loop1: Failed to load $Extend (-22). [ 415.491786][ T7049] ntfs3: loop1: Failed to initialize $Extend. [ 415.528460][ T7066] sp0: Synchronizing with TNC [ 420.100046][ T7126] loop0: detected capacity change from 0 to 2048 [ 420.134316][ T7129] netlink: 32 bytes leftover after parsing attributes in process `syz.1.733'. [ 420.247591][ T7126] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 421.817648][ T7142] bond0: option all_slaves_active: invalid value (7) [ 422.546925][ T7156] netlink: 'syz.3.747': attribute type 49 has an invalid length. [ 423.302384][ T7164] loop1: detected capacity change from 0 to 2048 [ 423.480738][ T7164] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 423.946918][ T7164] overlayfs: upper fs needs to support d_type. [ 423.964595][ T7164] overlayfs: cleanup of 'work/#3' failed (-2) [ 423.970961][ T7164] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 423.978550][ T7164] overlayfs: failed to set xattr on upper [ 423.984593][ T7164] overlayfs: ...falling back to redirect_dir=nofollow. [ 423.991857][ T7164] overlayfs: ...falling back to index=off. [ 423.997876][ T7164] overlayfs: ...falling back to uuid=null. [ 424.217172][ T7170] loop0: detected capacity change from 0 to 512 [ 424.595265][ T5186] UDF-fs: error (device loop1): udf_read_inode: (ino 1317) failed !bh [ 424.611879][ T1599] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 424.633662][ T7170] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.753: Invalid inode bitmap blk 4 in block_group 0 [ 424.661195][ T5186] UDF-fs: error (device loop1): udf_read_inode: (ino 1317) failed !bh [ 424.726952][ T7170] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 424.986015][ T1599] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 424.995812][ T1599] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 425.066262][ T1599] usb 4-1: config 0 descriptor?? [ 425.087069][ T7170] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.753: Invalid inode bitmap blk 4 in block_group 0 [ 425.107399][ T1599] cp210x 4-1:0.0: cp210x converter detected [ 425.126477][ T7170] EXT4-fs error (device loop0) in ext4_free_inode:360: Corrupt filesystem [ 425.349973][ T3099] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 425.589164][ T5184] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 425.876791][ T3099] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 426.104043][ T1599] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 426.120640][ T3099] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 426.407381][ T1599] usb 4-1: cp210x converter now attached to ttyUSB0 [ 426.505493][ T1599] usb 4-1: USB disconnect, device number 6 [ 426.509493][ T4561] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 426.534469][ T4561] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 426.544751][ T4561] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 426.559748][ T4561] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 426.572328][ T4561] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 426.643491][ T4561] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 426.648036][ T1599] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 426.677864][ T3099] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 426.827522][ T1599] cp210x 4-1:0.0: device disconnected [ 427.326561][ T7199] PKCS7: Unknown OID: [5] 2.24.97.110.100.108.101.95.115.116.97.116.115.0.0 [ 427.344202][ T7199] PKCS7: Only support pkcs7_signedData type [ 427.619985][ T3099] bridge_slave_1: left allmulticast mode [ 427.626126][ T3099] bridge_slave_1: left promiscuous mode [ 427.633385][ T3099] bridge0: port 2(bridge_slave_1) entered disabled state [ 428.030512][ T3099] bridge_slave_0: left allmulticast mode [ 428.036750][ T3099] bridge_slave_0: left promiscuous mode [ 428.043628][ T3099] bridge0: port 1(bridge_slave_0) entered disabled state [ 428.720296][ T3099] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 428.774591][ T3099] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 428.802453][ T3099] bond0 (unregistering): Released all slaves [ 428.844932][ T7209] netlink: 'syz.2.770': attribute type 12 has an invalid length. [ 428.853495][ T7209] netlink: 132 bytes leftover after parsing attributes in process `syz.2.770'. [ 428.932569][ T4561] Bluetooth: hci2: command tx timeout [ 429.440885][ T29] audit: type=1326 audit(1727965613.122:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7219 comm="syz.4.776" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf743d579 code=0x0 [ 430.051187][ T7225] mmap: syz.0.778 (7225) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 430.292467][ T3099] hsr_slave_0: left promiscuous mode [ 430.371637][ T3099] hsr_slave_1: left promiscuous mode [ 430.393085][ T3099] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 430.393287][ T3099] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 430.404657][ T3099] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 430.404815][ T3099] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 430.498768][ T3099] veth1_macvtap: left promiscuous mode [ 430.498930][ T3099] veth0_macvtap: left promiscuous mode [ 430.499247][ T3099] veth1_vlan: left promiscuous mode [ 430.499485][ T3099] veth0_vlan: left promiscuous mode [ 430.973019][ T7229] loop2: detected capacity change from 0 to 1024 [ 431.207820][ T4561] Bluetooth: hci2: command tx timeout [ 431.788770][ T7238] loop3: detected capacity change from 0 to 1024 [ 432.228588][ T3099] team0 (unregistering): Port device team_slave_1 removed [ 432.357551][ T3099] team0 (unregistering): Port device team_slave_0 removed [ 432.734871][ T7238] hfsplus: xattr searching failed [ 432.915156][ T7238] hfsplus: xattr searching failed [ 433.197927][ T7189] chnl_net:caif_netlink_parms(): no params data found [ 433.257096][ T4561] Bluetooth: hci2: command tx timeout [ 433.594746][ T1092] hfsplus: found bad thread record in catalog [ 433.601562][ T1092] hfsplus: found bad thread record in catalog [ 435.169185][ T7269] loop0: detected capacity change from 0 to 512 [ 435.214112][ T7269] EXT4-fs: Ignoring removed oldalloc option [ 435.332155][ T4561] Bluetooth: hci2: command tx timeout [ 435.418496][ T7189] bridge0: port 1(bridge_slave_0) entered blocking state [ 435.433578][ T7189] bridge0: port 1(bridge_slave_0) entered disabled state [ 435.441626][ T7189] bridge_slave_0: entered allmulticast mode [ 435.451129][ T7189] bridge_slave_0: entered promiscuous mode [ 435.473199][ T7189] bridge0: port 2(bridge_slave_1) entered blocking state [ 435.481156][ T7189] bridge0: port 2(bridge_slave_1) entered disabled state [ 435.489120][ T7189] bridge_slave_1: entered allmulticast mode [ 435.499859][ T7189] bridge_slave_1: entered promiscuous mode [ 435.503598][ T7277] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 435.619915][ T7269] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.789: Parent and EA inode have the same ino 15 [ 435.978431][ T7189] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 435.980286][ T7269] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.789: Parent and EA inode have the same ino 15 [ 436.068706][ T7189] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 436.068913][ T7269] EXT4-fs (loop0): 1 orphan inode deleted [ 436.088246][ T7269] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 436.321522][ T7189] team0: Port device team_slave_0 added [ 436.412362][ T7189] team0: Port device team_slave_1 added [ 436.673410][ T5184] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 436.829691][ T7189] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 436.837053][ T7189] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 436.869024][ T7189] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 437.116085][ T7189] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 437.123437][ T7189] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 437.150123][ T7189] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 437.771416][ T7189] hsr_slave_0: entered promiscuous mode [ 437.906220][ T7189] hsr_slave_1: entered promiscuous mode [ 437.970349][ T7298] loop3: detected capacity change from 0 to 1024 [ 437.977448][ T7189] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 437.992088][ T7189] Cannot create hsr debugfs directory [ 438.019600][ T7303] loop2: detected capacity change from 0 to 512 [ 438.531673][ T7303] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 438.545071][ T7303] ext4 filesystem being mounted at /175/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 438.846933][ T7303] EXT4-fs error (device loop2): ext4_empty_dir:3090: inode #12: comm syz.2.801: Directory hole found for htree leaf block 0 [ 438.932748][ T7314] EXT4-fs error (device loop2): ext4_add_entry:2437: inode #12: comm syz.2.801: Directory hole found for htree leaf block 0 [ 439.585182][ T5198] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 439.588208][ T7322] netlink: 'syz.4.805': attribute type 138 has an invalid length. [ 439.603604][ T7322] netlink: 8 bytes leftover after parsing attributes in process `syz.4.805'. [ 439.701809][ T5248] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 439.912065][ T5248] usb 4-1: Using ep0 maxpacket: 16 [ 439.968928][ T5248] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 439.982044][ T5248] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 440.116233][ T5248] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 440.126113][ T5248] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 440.138853][ T5248] usb 4-1: Product: syz [ 440.144847][ T5248] usb 4-1: Manufacturer: syz [ 440.149733][ T5248] usb 4-1: SerialNumber: syz [ 440.355814][ T5248] usb 4-1: config 0 descriptor?? [ 440.429729][ T5248] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 440.439624][ T5248] em28xx 4-1:0.0: Audio interface 0 found (Vendor Class) [ 440.566404][ T7316] loop0: detected capacity change from 0 to 4096 [ 440.669432][ T7329] loop4: detected capacity change from 0 to 128 [ 440.744136][ T7316] ntfs3: loop0: Failed to load $MFT (-22). [ 441.134836][ T5248] em28xx 4-1:0.0: chip ID is em2750 [ 441.247417][ T7189] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 441.404735][ T7189] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 441.414389][ T5248] em28xx 4-1:0.0: Config register raw data: 0xfffffffb [ 441.432142][ T5248] em28xx 4-1:0.0: AC97 chip type couldn't be determined [ 441.439457][ T5248] em28xx 4-1:0.0: No AC97 audio processor [ 441.515181][ T7189] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 441.562048][ T5248] usb 4-1: USB disconnect, device number 7 [ 441.574390][ T5248] em28xx 4-1:0.0: Disconnecting em28xx [ 441.625524][ T5248] em28xx 4-1:0.0: Freeing device [ 441.691016][ T7189] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 442.088030][ C1] hrtimer: interrupt took 244221 ns [ 442.842191][ T7189] 8021q: adding VLAN 0 to HW filter on device bond0 [ 443.018979][ T7189] 8021q: adding VLAN 0 to HW filter on device team0 [ 443.164364][ T7346] netlink: 4 bytes leftover after parsing attributes in process `syz.2.815'. [ 443.184861][ T3099] bridge0: port 1(bridge_slave_0) entered blocking state [ 443.192737][ T3099] bridge0: port 1(bridge_slave_0) entered forwarding state [ 443.215293][ T3099] bridge0: port 2(bridge_slave_1) entered blocking state [ 443.223210][ T3099] bridge0: port 2(bridge_slave_1) entered forwarding state [ 443.533050][ T5268] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 443.731181][ T7349] sctp: [Deprecated]: syz.2.816 (pid 7349) Use of struct sctp_assoc_value in delayed_ack socket option. [ 443.731181][ T7349] Use struct sctp_sack_info instead [ 444.191864][ T5268] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 444.203328][ T5268] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 444.213736][ T5268] usb 1-1: New USB device found, idVendor=056a, idProduct=00b0, bcdDevice= 0.00 [ 444.223297][ T5268] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 444.317288][ T5268] usb 1-1: config 0 descriptor?? [ 445.143298][ T7189] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 445.327683][ T7189] veth0_vlan: entered promiscuous mode [ 445.372283][ T7189] veth1_vlan: entered promiscuous mode [ 445.416096][ T5268] wacom 0003:056A:00B0.0007: Unknown device_type for 'HID 056a:00b0'. Assuming pen. [ 445.535663][ T5268] wacom 0003:056A:00B0.0007: hidraw0: USB HID v0.00 Device [HID 056a:00b0] on usb-dummy_hcd.0-1/input0 [ 445.552451][ T5268] input: Wacom Intuos3 4x5 Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:056A:00B0.0007/input/input11 [ 445.895968][ T7189] veth0_macvtap: entered promiscuous mode [ 445.898154][ T5268] usb 1-1: USB disconnect, device number 6 [ 446.134813][ T7189] veth1_macvtap: entered promiscuous mode [ 446.288950][ T7189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 446.300681][ T7189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 446.310873][ T7189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 446.321742][ T7189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 446.332010][ T7189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 446.343031][ T7189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 446.353678][ T7189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 446.364512][ T7189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 446.387057][ T7189] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 446.648777][ T7189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 446.660890][ T7189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 446.671140][ T7189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 446.682151][ T7189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 446.697917][ T7189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 446.710313][ T7189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 446.720567][ T7189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 446.731486][ T7189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 446.747231][ T7189] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 447.003960][ T7189] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 447.014601][ T7189] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 447.023886][ T7189] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 447.033099][ T7189] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 450.035714][ T7418] loop2: detected capacity change from 0 to 2048 [ 450.339269][ T7418] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 450.353831][ T7418] ext4 filesystem being mounted at /184/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 450.904599][ T5198] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 452.132782][ T5248] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 452.693326][ T5248] usb 5-1: Using ep0 maxpacket: 32 [ 452.819331][ T5248] usb 5-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f [ 452.829020][ T5248] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 452.841713][ T5248] usb 5-1: Product: syz [ 452.846177][ T5248] usb 5-1: Manufacturer: syz [ 452.851067][ T5248] usb 5-1: SerialNumber: syz [ 452.879704][ T5248] usb 5-1: config 0 descriptor?? [ 452.970003][ T5248] gspca_main: stk1135-2.14.0 probing 174f:6a31 [ 453.822034][ T5248] gspca_stk1135: reg_w 0x5 err -71 [ 453.828543][ T5248] gspca_stk1135: serial bus timeout: status=0x00 [ 453.835650][ T5248] gspca_stk1135: Sensor write failed [ 453.841236][ T5248] gspca_stk1135: serial bus timeout: status=0x00 [ 453.848054][ T5248] gspca_stk1135: Sensor write failed [ 453.853735][ T5248] gspca_stk1135: serial bus timeout: status=0x00 [ 453.867209][ T5248] gspca_stk1135: Sensor read failed [ 453.874818][ T5248] gspca_stk1135: serial bus timeout: status=0x00 [ 453.881564][ T5248] gspca_stk1135: Sensor read failed [ 453.886988][ T5248] gspca_stk1135: Detected sensor type unknown (0x0) [ 453.894157][ T5248] gspca_stk1135: serial bus timeout: status=0x00 [ 453.900733][ T5248] gspca_stk1135: Sensor read failed [ 453.906337][ T5248] gspca_stk1135: serial bus timeout: status=0x00 [ 453.913053][ T5248] gspca_stk1135: Sensor read failed [ 453.918574][ T5248] gspca_stk1135: serial bus timeout: status=0x00 [ 453.925285][ T5248] gspca_stk1135: Sensor write failed [ 453.930910][ T5248] gspca_stk1135: serial bus timeout: status=0x00 [ 453.938171][ T5248] gspca_stk1135: Sensor write failed [ 453.944135][ T5248] stk1135 5-1:0.0: probe with driver stk1135 failed with error -71 [ 454.387934][ T5248] usb 5-1: USB disconnect, device number 10 [ 455.455571][ T29] audit: type=1326 audit(1727965639.222:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7495 comm="syz.0.858" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ad579 code=0x0 [ 456.203422][ T7509] loop3: detected capacity change from 0 to 256 [ 456.548981][ T7512] loop2: detected capacity change from 0 to 8 [ 456.625159][ T3073] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 456.633926][ T3073] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 457.268227][ T1092] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 457.276740][ T1092] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 458.833656][ T7536] loop1: detected capacity change from 0 to 1024 [ 459.626504][ T3099] hfsplus: b-tree write err: -5, ino 4 [ 459.747068][ T7550] loop0: detected capacity change from 0 to 2048 [ 460.032791][ T7550] UDF-fs: warning (device loop0): udf_fill_super: No partition found (2) [ 460.074404][ T7558] netlink: 12 bytes leftover after parsing attributes in process `syz.2.875'. [ 460.423305][ T7544] ebtables: wrong size: *len 120, entries_size 144, replsz 144 [ 460.541850][ T5247] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 460.934721][ T5247] usb 4-1: Using ep0 maxpacket: 16 [ 460.962068][ T5247] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 460.974318][ T5247] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 461.003149][ T5247] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 461.016979][ T5247] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 461.029574][ T5247] usb 4-1: Product: syz [ 461.035423][ T5247] usb 4-1: Manufacturer: syz [ 461.040307][ T5247] usb 4-1: SerialNumber: syz [ 461.052834][ T5247] usb 4-1: config 0 descriptor?? [ 461.080675][ T5247] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 461.092283][ T5247] em28xx 4-1:0.0: Audio interface 0 found (Vendor Class) [ 461.985508][ T5247] em28xx 4-1:0.0: chip ID is em2840 [ 462.089912][ T7580] loop2: detected capacity change from 0 to 64 [ 462.160599][ T5247] em28xx 4-1:0.0: Config register raw data: 0xfffffffb [ 462.170047][ T5247] em28xx 4-1:0.0: AC97 chip type couldn't be determined [ 462.177682][ T5247] em28xx 4-1:0.0: No AC97 audio processor [ 462.220779][ T7570] loop0: detected capacity change from 0 to 2048 [ 462.274592][ T5247] usb 4-1: USB disconnect, device number 8 [ 462.282424][ T5247] em28xx 4-1:0.0: Disconnecting em28xx [ 462.365555][ T5247] em28xx 4-1:0.0: Freeing device [ 462.419764][ T7570] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 464.010408][ T7603] loop0: detected capacity change from 0 to 256 [ 465.278164][ T7615] loop2: detected capacity change from 0 to 256 [ 465.288193][ T7615] exfat: Deprecated parameter 'utf8' [ 465.294101][ T7615] exfat: Deprecated parameter 'utf8' [ 465.877746][ T7615] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x811ad48d, utbl_chksum : 0xe619d30d) [ 466.049955][ T7617] loop4: detected capacity change from 0 to 2048 [ 466.274954][ T7617] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 466.421787][ T5247] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 466.662290][ T5247] usb 1-1: Using ep0 maxpacket: 8 [ 467.143475][ T5247] usb 1-1: config 0 has no interfaces? [ 467.149325][ T5247] usb 1-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 467.160554][ T5247] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 467.394925][ T5247] usb 1-1: config 0 descriptor?? [ 468.213766][ T7653] loop2: detected capacity change from 0 to 64 [ 468.333115][ T1599] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 468.572221][ T1599] usb 2-1: Using ep0 maxpacket: 8 [ 468.629571][ T1599] usb 2-1: config 0 has no interfaces? [ 468.635744][ T1599] usb 2-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00 [ 468.645472][ T1599] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 468.794563][ T1599] usb 2-1: config 0 descriptor?? [ 468.962547][ T5247] usb 1-1: USB disconnect, device number 7 [ 469.059689][ T1599] usb 2-1: USB disconnect, device number 9 [ 469.472973][ T7666] tipc: Started in network mode [ 469.478231][ T7666] tipc: Node identity fe8000000000000000000000000000aa, cluster identity 4711 [ 469.488439][ T7666] tipc: Enabling of bearer rejected, failed to enable media [ 471.278775][ T7684] program syz.4.918 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 471.568398][ T7689] loop3: detected capacity change from 0 to 512 [ 471.838386][ T7686] loop2: detected capacity change from 0 to 128 [ 471.888538][ T7693] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 472.094202][ T7686] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 472.108217][ T1619] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 472.137339][ T7686] ext4 filesystem being mounted at /203/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 472.211864][ T7689] EXT4-fs (loop3): 1 truncate cleaned up [ 472.219565][ T7689] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 472.363401][ T1619] usb 1-1: Using ep0 maxpacket: 8 [ 472.378437][ T1619] usb 1-1: config 150 has an invalid interface number: 204 but max is 1 [ 472.387616][ T1619] usb 1-1: config 150 has no interface number 0 [ 472.397999][ T1619] usb 1-1: config 150 interface 204 has no altsetting 0 [ 472.406734][ T1619] usb 1-1: config 150 interface 1 has no altsetting 0 [ 472.439451][ T7705] netlink: 4 bytes leftover after parsing attributes in process `syz.4.926'. [ 472.508660][ T1619] usb 1-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb [ 472.518575][ T1619] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 472.527506][ T1619] usb 1-1: Product: syz [ 472.537757][ T1619] usb 1-1: Manufacturer: syz [ 472.546700][ T1619] usb 1-1: SerialNumber: syz [ 472.814953][ T5187] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 472.877244][ T1619] xr_serial 1-1:150.204: xr_serial converter detected [ 473.248585][ T5198] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 473.792218][ T1619] xr_serial ttyUSB0: Failed to set reg 0x0d: -71 [ 473.799364][ T1619] xr_serial ttyUSB0: probe with driver xr_serial failed with error -71 [ 473.908265][ T1619] usb 1-1: USB disconnect, device number 8 [ 473.919923][ T1619] xr_serial 1-1:150.204: device disconnected [ 474.152176][ T1599] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 474.767172][ T1599] usb 4-1: Using ep0 maxpacket: 32 [ 475.026529][ T1240] ieee802154 phy0 wpan0: encryption failed: -22 [ 475.121795][ T1619] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 475.332133][ T1619] usb 2-1: Using ep0 maxpacket: 16 [ 475.424518][ T1619] usb 2-1: config 1 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 475.436161][ T1619] usb 2-1: config 1 interface 0 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 475.449841][ T1619] usb 2-1: config 1 interface 0 has no altsetting 0 [ 475.544155][ T1599] usb 4-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 475.554381][ T1599] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 475.563293][ T1599] usb 4-1: Product: syz [ 475.572758][ T1599] usb 4-1: Manufacturer: syz [ 475.579436][ T1599] usb 4-1: SerialNumber: syz [ 475.676030][ T1599] usb 4-1: config 0 descriptor?? [ 475.906617][ T1619] usb 2-1: string descriptor 0 read error: -22 [ 475.913844][ T1619] usb 2-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.40 [ 475.923507][ T1619] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 476.088983][ T7743] pimreg: entered allmulticast mode [ 476.244867][ T7743] dvmrp5: entered allmulticast mode [ 476.296925][ T7743] pimreg: left allmulticast mode [ 476.303266][ T7743] dvmrp5: left allmulticast mode [ 476.323025][ T1619] usbhid 2-1:1.0: can't add hid device: -71 [ 476.329780][ T1619] usbhid 2-1:1.0: probe with driver usbhid failed with error -71 [ 476.369275][ T1619] usb 2-1: USB disconnect, device number 10 [ 477.559735][ T1599] rtl8150 4-1:0.0: couldn't reset the device [ 477.567145][ T1599] rtl8150 4-1:0.0: probe with driver rtl8150 failed with error -5 [ 477.802734][ T1599] usb 4-1: USB disconnect, device number 9 [ 478.414762][ T7767] netlink: 4 bytes leftover after parsing attributes in process `syz.1.942'. [ 478.581734][ T7767] gretap0: entered promiscuous mode [ 478.808945][ T7772] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 478.817495][ T7772] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 1th superblock [ 478.826535][ T7772] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 478.834806][ T7772] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 2th superblock [ 480.831956][ T5247] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 481.027601][ T5247] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 481.039521][ T5247] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 481.050069][ T5247] usb 3-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00 [ 481.059872][ T5247] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 481.176832][ T5247] usb 3-1: config 0 descriptor?? [ 481.638718][ T5247] steelseries 0003:1038:1410.0008: not enough values in HID_OUTPUT_REPORT 0 field 0 [ 481.932273][ T5248] usb 3-1: USB disconnect, device number 4 [ 482.027990][ T7810] loop1: detected capacity change from 0 to 128 [ 482.162050][ T29] audit: type=1800 audit(1727965665.852:26): pid=7810 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.960" name="file2" dev="loop1" ino=1048641 res=0 errno=0 [ 482.264049][ T29] audit: type=1804 audit(1727965666.022:27): pid=7811 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.960" name="/newroot/20/file0/file2" dev="loop1" ino=1048641 res=1 errno=0 [ 483.367840][ T7818] netlink: 8 bytes leftover after parsing attributes in process `syz.2.964'. [ 483.782763][ T5248] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 484.052790][ T5248] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 484.069707][ T5248] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 484.081767][ T5248] usb 2-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00 [ 484.091417][ T5248] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 484.180411][ T5248] usb 2-1: config 0 descriptor?? [ 484.936875][ T7839] loop3: detected capacity change from 0 to 256 [ 484.947397][ T7839] exfat: Deprecated parameter 'namecase' [ 484.954639][ T7839] exfat: Deprecated parameter 'namecase' [ 485.596984][ T7831] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR [ 485.953926][ T7839] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1fdf94bc, utbl_chksum : 0xe619d30d) [ 488.546454][ T7839] syz.3.973: attempt to access beyond end of device [ 488.546454][ T7839] loop3: rw=0, sector=34225520824, nr_sectors = 1 limit=256 [ 488.564178][ T7839] syz.3.973: attempt to access beyond end of device [ 488.564178][ T7839] loop3: rw=0, sector=34225520824, nr_sectors = 1 limit=256 [ 488.584575][ T7839] syz.3.973: attempt to access beyond end of device [ 488.584575][ T7839] loop3: rw=0, sector=34225520824, nr_sectors = 1 limit=256 [ 488.600578][ T7839] buffer_io_error: 7 callbacks suppressed [ 488.600659][ T7839] Buffer I/O error on dev loop3, logical block 34225520824, async page read [ 488.669044][ T29] audit: type=1800 audit(1727965672.392:28): pid=7839 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.973" name="file1" dev="loop3" ino=1048642 res=0 errno=0 [ 489.337728][ T5248] hid-led 0003:0FC5:B080.0009: probe with driver hid-led failed with error -71 [ 489.473328][ T5248] usb 2-1: USB disconnect, device number 11 [ 489.577282][ T1619] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 489.777807][ T7848] loop4: detected capacity change from 0 to 2048 [ 490.221648][ T7858] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 490.433882][ T1619] usb 1-1: config 0 has no interfaces? [ 490.439737][ T1619] usb 1-1: New USB device found, idVendor=046d, idProduct=20ee, bcdDevice= 0.00 [ 490.449785][ T1619] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 490.464201][ T1619] usb 1-1: config 0 descriptor?? [ 490.752472][ T5247] usb 1-1: USB disconnect, device number 9 [ 491.430272][ T7870] syz_tun: entered promiscuous mode [ 491.474908][ T7870] syz_tun: left promiscuous mode [ 491.692768][ T1599] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 492.266287][ T1599] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 492.277779][ T1599] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 492.288211][ T1599] usb 5-1: New USB device found, idVendor=28bd, idProduct=0042, bcdDevice= 0.00 [ 492.297874][ T1599] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 492.387681][ T1599] usb 5-1: config 0 descriptor?? [ 492.903021][ T1599] uclogic 0003:28BD:0042.000A: interface is invalid, ignoring [ 493.099994][ T5248] usb 5-1: USB disconnect, device number 11 [ 493.278622][ T7887] netlink: 12 bytes leftover after parsing attributes in process `syz.1.993'. [ 493.297850][ T7887] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 494.746350][ T7892] loop0: detected capacity change from 0 to 2048 [ 494.974845][ T7892] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 495.083503][ T7892] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 495.112836][ T7914] loop3: detected capacity change from 0 to 256 [ 495.552314][ T7921] netlink: 88 bytes leftover after parsing attributes in process `syz.2.1003'. [ 495.561918][ T7921] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1003'. [ 496.540688][ T7929] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1005'. [ 497.542485][ T7944] netlink: 'syz.0.1011': attribute type 6 has an invalid length. [ 497.550778][ T7944] netlink: 'syz.0.1011': attribute type 30 has an invalid length. [ 497.559341][ T7944] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1011'. [ 497.569055][ T7944] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0) [ 497.578759][ T7944] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255 [ 498.186499][ T7945] loop3: detected capacity change from 0 to 4096 [ 498.444347][ T7945] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 498.524126][ T7945] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 498.670632][ T7945] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 498.721644][ T5248] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 499.452862][ T5248] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 499.465127][ T5248] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 499.475465][ T5248] usb 5-1: New USB device found, idVendor=05ac, idProduct=0062, bcdDevice= 0.00 [ 499.485081][ T5248] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 499.598102][ T7964] loop1: detected capacity change from 0 to 4096 [ 499.642256][ T7964] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 499.667102][ T5248] usb 5-1: config 0 descriptor?? [ 500.272183][ T5248] hid-generic 0003:05AC:0062.000B: unbalanced delimiter at end of report description [ 500.339813][ T5248] hid-generic 0003:05AC:0062.000B: probe with driver hid-generic failed with error -22 [ 500.498205][ T7969] loop2: detected capacity change from 0 to 2048 [ 500.717193][ T7969] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 500.835651][ T7973] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1026'. [ 500.950570][ T5247] usb 5-1: USB disconnect, device number 12 [ 501.033196][ T7976] loop0: detected capacity change from 0 to 64 [ 501.084718][ T7974] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 501.706908][ T7984] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1030'. [ 501.716456][ T7984] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1030'. [ 502.381583][ T7991] loop4: detected capacity change from 0 to 512 [ 502.415303][ T7991] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 502.757192][ T7991] EXT4-fs (loop4): 1 truncate cleaned up [ 502.765222][ T7991] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 502.917869][ T7999] loop0: detected capacity change from 0 to 256 [ 503.860703][ T5185] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 503.886395][ T7999] exFAT-fs (loop0): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d) [ 504.057882][ T8014] loop1: detected capacity change from 0 to 64 [ 504.244333][ T8012] loop3: detected capacity change from 0 to 2048 [ 504.412454][ T8012] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 504.635389][ T8019] loop0: detected capacity change from 0 to 64 [ 504.870150][ T8022] loop2: detected capacity change from 0 to 2048 [ 504.937810][ T8022] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 505.843479][ T8031] netem: unknown loss type 0 [ 505.892054][ T5198] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 507.123268][ T8045] loop2: detected capacity change from 0 to 1024 [ 507.198441][ T8045] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 507.329532][ T8045] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 507.539160][ T8051] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 507.756112][ T5198] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 507.858407][ T8057] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1060'. [ 508.588319][ T8063] loop4: detected capacity change from 0 to 512 [ 508.761172][ T8063] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 509.164087][ T8063] EXT4-fs error (device loop4): ext4_orphan_get:1388: inode #15: comm syz.4.1064: iget: bad i_size value: -67835469387268086 [ 509.317977][ T8063] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.1064: couldn't read orphan inode 15 (err -117) [ 509.443551][ T8063] EXT4-fs (loop4): mounted filesystem f7ff0000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 509.456639][ T8063] ext2 filesystem being mounted at /196/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 509.769940][ T8083] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1074'. [ 509.998999][ T8087] Bluetooth: MGMT ver 1.23 [ 510.205161][ T8063] EXT4-fs error (device loop4): ext4_add_entry:2437: inode #2: comm syz.4.1064: Directory hole found for htree leaf block 0 [ 510.461894][ T5268] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 510.652016][ T5247] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 510.721994][ T5268] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 510.733626][ T5268] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 510.744033][ T5268] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00 [ 510.753734][ T5268] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 510.868574][ T5247] usb 3-1: Using ep0 maxpacket: 32 [ 510.968785][ T5185] EXT4-fs (loop4): unmounting filesystem f7ff0000-0000-0000-0000-000000000000. [ 511.063494][ T5268] usb 2-1: config 0 descriptor?? [ 511.070308][ T5247] usb 3-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f [ 511.080252][ T5247] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 511.088954][ T5247] usb 3-1: Product: syz [ 511.093680][ T5247] usb 3-1: Manufacturer: syz [ 511.102421][ T5247] usb 3-1: SerialNumber: syz [ 511.221194][ T5247] usb 3-1: config 0 descriptor?? [ 511.438117][ T5247] gspca_main: stk1135-2.14.0 probing 174f:6a31 [ 511.847365][ T5268] pyra 0003:1E7D:2CF6.000C: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.1-1/input0 [ 512.176848][ T5268] pyra 0003:1E7D:2CF6.000C: couldn't init struct pyra_device [ 512.185312][ T5268] pyra 0003:1E7D:2CF6.000C: couldn't install mouse [ 512.247208][ T5268] pyra 0003:1E7D:2CF6.000C: probe with driver pyra failed with error -71 [ 512.295032][ T5268] usb 2-1: USB disconnect, device number 12 [ 512.361936][ T5247] gspca_stk1135: reg_w 0x5 err -71 [ 512.368616][ T5247] gspca_stk1135: serial bus timeout: status=0x00 [ 512.376723][ T5247] gspca_stk1135: Sensor write failed [ 512.383355][ T5247] gspca_stk1135: serial bus timeout: status=0x00 [ 512.389982][ T5247] gspca_stk1135: Sensor write failed [ 512.395996][ T5247] gspca_stk1135: serial bus timeout: status=0x00 [ 512.402819][ T5247] gspca_stk1135: Sensor read failed [ 512.408337][ T5247] gspca_stk1135: serial bus timeout: status=0x00 [ 512.415049][ T5247] gspca_stk1135: Sensor read failed [ 512.420458][ T5247] gspca_stk1135: Detected sensor type unknown (0x0) [ 512.427918][ T5247] gspca_stk1135: serial bus timeout: status=0x00 [ 512.440092][ T5247] gspca_stk1135: Sensor read failed [ 512.447234][ T5247] gspca_stk1135: serial bus timeout: status=0x00 [ 512.454121][ T5247] gspca_stk1135: Sensor read failed [ 512.459617][ T5247] gspca_stk1135: serial bus timeout: status=0x00 [ 512.466492][ T5247] gspca_stk1135: Sensor write failed [ 512.472253][ T5247] gspca_stk1135: serial bus timeout: status=0x00 [ 512.478875][ T5247] gspca_stk1135: Sensor write failed [ 512.484817][ T5247] stk1135 3-1:0.0: probe with driver stk1135 failed with error -71 [ 512.858709][ T5247] usb 3-1: USB disconnect, device number 5 [ 513.201588][ T29] audit: type=1800 audit(1727965696.962:29): pid=8114 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1088" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 513.580225][ T8116] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1089'. [ 514.523779][ T8126] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1094'. [ 515.337289][ T8137] loop2: detected capacity change from 0 to 256 [ 515.662385][ T8137] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 518.090848][ T8162] loop4: detected capacity change from 0 to 512 [ 518.229846][ T8162] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 518.302837][ T8162] EXT4-fs (loop4): orphan cleanup on readonly fs [ 518.450895][ T8162] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1111: bg 0: block 248: padding at end of block bitmap is not set [ 518.689099][ T8162] Quota error (device loop4): write_blk: dquota write failed [ 518.697557][ T8162] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 518.708150][ T8162] EXT4-fs error (device loop4): ext4_acquire_dquot:6879: comm syz.4.1111: Failed to acquire dquot type 1 [ 518.852698][ T8162] EXT4-fs (loop4): 1 truncate cleaned up [ 518.889205][ T8162] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 518.958935][ T8162] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 519.139947][ T8162] syz.4.1111 (8162) used greatest stack depth: 2904 bytes left [ 519.553495][ T5247] usb 1-1: new full-speed USB device number 10 using dummy_hcd [ 519.849165][ T5247] usb 1-1: unable to get BOS descriptor or descriptor too short [ 519.881933][ T5247] usb 1-1: not running at top speed; connect to a high speed hub [ 519.930929][ T5247] usb 1-1: config 129 has an invalid interface number: 239 but max is 0 [ 519.940171][ T5247] usb 1-1: config 129 has no interface number 0 [ 519.947012][ T5247] usb 1-1: config 129 interface 239 has no altsetting 0 [ 519.958486][ T8190] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1122'. [ 519.986809][ T8190] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1122'. [ 520.025838][ T5247] usb 1-1: string descriptor 0 read error: -22 [ 520.034111][ T5247] usb 1-1: New USB device found, idVendor=ed3e, idProduct=dba4, bcdDevice= f.27 [ 520.043697][ T5247] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 520.076782][ T5247] usb-storage 1-1:129.239: USB Mass Storage device detected [ 520.168685][ T8182] loop2: detected capacity change from 0 to 4096 [ 520.231879][ T8182] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 520.386668][ T5268] usb 1-1: USB disconnect, device number 10 [ 520.776981][ T8182] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 520.845019][ T8182] ntfs3: loop2: Failed to initialize $Extend/$Reparse. [ 521.137629][ T8182] ntfs3: loop2: MFT: r=b, expect seq=0 instead of b! [ 522.369612][ T8220] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1134'. [ 522.732297][ T8222] loop1: detected capacity change from 0 to 2048 [ 522.858153][ T8222] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 523.161098][ T5387] udevd[5387]: incorrect nilfs2 checksum on /dev/loop1 [ 523.349855][ T5357] udevd[5357]: incorrect nilfs2 checksum on /dev/loop1 [ 523.462781][ T8232] loop3: detected capacity change from 0 to 512 [ 523.558320][ T8232] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 523.566929][ T8232] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01c, mo2=0002] [ 523.639766][ T5357] udevd[5357]: incorrect nilfs2 checksum on /dev/loop1 [ 523.682289][ T8236] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 523.709373][ T8232] EXT4-fs (loop3): orphan cleanup on readonly fs [ 523.739197][ T8232] EXT4-fs warning (device loop3): ext4_block_to_path:107: block 3279949761 > max in inode 13 [ 523.750094][ T8232] EXT4-fs warning (device loop3): ext4_block_to_path:107: block 3279949762 > max in inode 13 [ 523.775341][ T8232] EXT4-fs (loop3): 1 truncate cleaned up [ 523.833886][ T8232] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 524.061985][ T8232] EXT4-fs warning (device loop3): dx_probe:893: inode #2: comm syz.3.1138: dx entry: limit 65535 != root limit 120 [ 524.074876][ T8232] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.1138: Corrupt directory, running e2fsck is recommended [ 524.270250][ T8232] EXT4-fs error (device loop3): ext4_readdir:261: inode #2: block 3: comm syz.3.1138: path /239/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0 [ 524.674611][ T8245] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check. [ 524.694963][ T5187] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 524.777731][ T5248] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 525.019236][ T5248] usb 3-1: Using ep0 maxpacket: 32 [ 525.222567][ T5248] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 525.239237][ T5248] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 525.251640][ T5248] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 525.261040][ T5248] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 525.355989][ T5248] usb 3-1: config 0 descriptor?? [ 525.838724][ T5248] savu 0003:1E7D:2D5A.000D: unbalanced collection at end of report description [ 525.871485][ T5248] savu 0003:1E7D:2D5A.000D: parse failed [ 525.877758][ T5248] savu 0003:1E7D:2D5A.000D: probe with driver savu failed with error -22 [ 526.039478][ T8261] binder: 8260:8261 ioctl 4018620d 0 returned -22 [ 526.073014][ T5268] usb 3-1: USB disconnect, device number 6 [ 528.250179][ T5268] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 528.330121][ T8289] loop4: detected capacity change from 0 to 2048 [ 528.424333][ T8291] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 528.442878][ T5268] usb 4-1: Using ep0 maxpacket: 16 [ 528.545534][ T5268] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 528.555580][ T5268] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 528.561499][ T8293] loop0: detected capacity change from 0 to 128 [ 528.564131][ T5268] usb 4-1: Product: syz [ 528.575174][ T5268] usb 4-1: Manufacturer: syz [ 528.580067][ T5268] usb 4-1: SerialNumber: syz [ 528.642935][ T5268] r8152-cfgselector 4-1: Unknown version 0x0000 [ 528.649542][ T5268] r8152-cfgselector 4-1: config 0 descriptor?? [ 529.283754][ T5268] r8152-cfgselector 4-1: USB disconnect, device number 10 [ 529.376256][ T5185] NILFS (loop4): DAT doesn't have a block to manage vblocknr = 8796093022222 [ 529.387048][ T5185] NILFS error (device loop4): nilfs_bmap_truncate: broken bmap (inode number=16) [ 529.447006][ T5185] Remounting filesystem read-only [ 529.452752][ T5185] NILFS (loop4): error -5 truncating bmap (ino=16) [ 529.512966][ T5185] NILFS (loop4): disposed unprocessed dirty file(s) when detaching log writer [ 531.248104][ T8315] loop3: detected capacity change from 0 to 1024 [ 531.454805][ T8315] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 531.670267][ T8317] loop4: detected capacity change from 0 to 2048 [ 532.526869][ T8325] loop1: detected capacity change from 0 to 512 [ 532.558214][ T8325] EXT4-fs (loop1): blocks per group (71) and clusters per group (32768) inconsistent [ 532.573383][ T8317] NILFS (loop4): invalid segment: Checksum error in segment payload [ 532.582389][ T8317] NILFS (loop4): trying rollback from an earlier position [ 532.770196][ T8317] NILFS (loop4): recovery complete [ 532.776738][ T8329] loop3: detected capacity change from 0 to 1024 [ 532.814847][ T8331] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 532.944755][ T8317] NILFS error (device loop4): nilfs_readdir: zero-length directory entry [ 533.027443][ T8329] hfsplus: found bad thread record in catalog [ 533.027843][ T8317] Remounting filesystem read-only [ 533.034152][ T8329] hfsplus: catalog searching failed [ 533.557418][ T3882] hfsplus: found bad thread record in catalog [ 533.591005][ T3882] hfsplus: found bad thread record in catalog [ 533.897951][ T8335] loop0: detected capacity change from 0 to 1764 [ 533.983203][ T8335] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 533.993995][ T8335] ISOFS: unable to read i-node block [ 533.999669][ T8335] isofs_fill_super: get root inode failed [ 534.285497][ T8339] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1184'. [ 534.318462][ T8341] netlink: 408 bytes leftover after parsing attributes in process `syz.4.1195'. [ 534.774316][ T8343] tipc: Started in network mode [ 534.779884][ T8343] tipc: Node identity fe8000000000000000000000000000aa, cluster identity 4711 [ 534.790052][ T8343] tipc: Enabling of bearer rejected, failed to enable media [ 535.099725][ T8347] loop1: detected capacity change from 0 to 512 [ 535.214438][ T8347] EXT4-fs: Ignoring removed mblk_io_submit option [ 535.316180][ T8347] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 535.329917][ T8349] netlink: 'syz.3.1188': attribute type 5 has an invalid length. [ 535.338611][ T8349] netlink: 'syz.3.1188': attribute type 5 has an invalid length. [ 535.347140][ T8349] netlink: 'syz.3.1188': attribute type 2 has an invalid length. [ 535.355364][ T8349] netlink: 'syz.3.1188': attribute type 8 has an invalid length. [ 535.363908][ T8349] netlink: 'syz.3.1188': attribute type 1 has an invalid length. [ 535.376245][ T8349] netlink: 'syz.3.1188': attribute type 1 has an invalid length. [ 535.479752][ T8347] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002] [ 535.492497][ T8347] System zones: 1-12 [ 535.536313][ T8355] netlink: 'syz.4.1190': attribute type 49 has an invalid length. [ 535.614479][ T8347] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.1187: corrupted in-inode xattr: e_value size too large [ 535.651661][ T5248] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 535.684305][ T8347] EXT4-fs error (device loop1): ext4_orphan_get:1393: comm syz.1.1187: couldn't read orphan inode 15 (err -117) [ 535.823901][ T8347] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 535.869833][ T8357] loop0: detected capacity change from 0 to 128 [ 536.170538][ T5248] usb 3-1: Using ep0 maxpacket: 16 [ 536.182881][ T5248] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 536.198404][ T5248] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 536.256674][ T5248] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 536.266543][ T5248] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 536.275186][ T5248] usb 3-1: Product: syz [ 536.279671][ T5248] usb 3-1: Manufacturer: syz [ 536.284934][ T5248] usb 3-1: SerialNumber: syz [ 536.329455][ T5248] usb 3-1: config 0 descriptor?? [ 536.352382][ T5248] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 536.362410][ T5248] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class) [ 536.467072][ T1240] ieee802154 phy0 wpan0: encryption failed: -22 [ 536.847860][ T8359] loop3: detected capacity change from 0 to 2048 [ 536.886438][ T8359] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 537.059677][ T8359] overlayfs: upper fs needs to support d_type. [ 537.072792][ T8359] overlayfs: cleanup of 'work/#5' failed (-2) [ 537.079347][ T8359] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 537.086774][ T8359] overlayfs: failed to set xattr on upper [ 537.093018][ T8359] overlayfs: ...falling back to redirect_dir=nofollow. [ 537.100221][ T8359] overlayfs: ...falling back to index=off. [ 537.112167][ T8359] overlayfs: ...falling back to uuid=null. [ 537.127959][ T5248] em28xx 3-1:0.0: chip ID is em2750 [ 537.393713][ T5248] em28xx 3-1:0.0: Config register raw data: 0xfffffffb [ 537.404066][ T5248] em28xx 3-1:0.0: AC97 chip type couldn't be determined [ 537.411497][ T5248] em28xx 3-1:0.0: No AC97 audio processor [ 537.439612][ T1599] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 537.708490][ T5248] usb 3-1: USB disconnect, device number 7 [ 537.716177][ T5248] em28xx 3-1:0.0: Disconnecting em28xx [ 537.762127][ T5187] UDF-fs: error (device loop3): udf_read_inode: (ino 1317) failed !bh [ 537.772426][ T5187] UDF-fs: error (device loop3): udf_read_inode: (ino 1317) failed !bh [ 537.781353][ T1599] usb 1-1: Using ep0 maxpacket: 32 [ 537.846595][ T1599] usb 1-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 537.857027][ T1599] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 537.865579][ T1599] usb 1-1: Product: syz [ 537.870038][ T1599] usb 1-1: Manufacturer: syz [ 537.875128][ T1599] usb 1-1: SerialNumber: syz [ 537.892381][ T5248] em28xx 3-1:0.0: Freeing device [ 538.121157][ T8361] loop4: detected capacity change from 0 to 4096 [ 538.166494][ T1599] usb 1-1: config 0 descriptor?? [ 538.178510][ T8361] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 538.673821][ T8361] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 538.838429][ T1599] rtl8150 1-1:0.0: eth1: rtl8150 is detected [ 538.892805][ T8361] ntfs3: loop4: Failed to load $Extend (-22). [ 538.899160][ T8361] ntfs3: loop4: Failed to initialize $Extend. [ 539.165166][ T1599] usb 1-1: USB disconnect, device number 11 [ 539.808597][ T8365] loop2: detected capacity change from 0 to 256 [ 540.988155][ T8365] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 541.014699][ T8365] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512 [ 541.024939][ T8365] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 541.033183][ T8365] UDF-fs: Scanning with blocksize 512 failed [ 541.060264][ T7189] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 541.172567][ T8365] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 541.318533][ T8365] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 541.416589][ T5268] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 541.765409][ T3882] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 541.793124][ T5268] usb 1-1: Using ep0 maxpacket: 32 [ 541.834728][ T5268] usb 1-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb [ 541.844387][ T5268] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 541.852994][ T5268] usb 1-1: Product: syz [ 541.857434][ T5268] usb 1-1: Manufacturer: syz [ 541.862444][ T5268] usb 1-1: SerialNumber: syz [ 542.269706][ T3882] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 542.287802][ T5268] usb 1-1: config 0 descriptor?? [ 542.587776][ T5268] gspca_main: ov534_9-2.14.0 probing 05a9:1550 [ 542.699743][ T52] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 542.734251][ T3882] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 542.826311][ T52] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 542.901017][ T52] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 543.038359][ T52] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 543.053912][ T3882] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 543.081892][ T52] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 543.092293][ T52] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 543.226609][ T5268] gspca_ov534_9: reg_w failed -71 [ 543.541770][ T5268] gspca_ov534_9: Unknown sensor 0000 [ 543.542136][ T5268] ov534_9 1-1:0.0: probe with driver ov534_9 failed with error -22 [ 543.582011][ T5268] usb 1-1: USB disconnect, device number 12 [ 543.622012][ T8381] loop4: detected capacity change from 0 to 1024 [ 543.744213][ T8377] loop2: detected capacity change from 0 to 4096 [ 543.754156][ T3882] bridge_slave_1: left allmulticast mode [ 543.760124][ T3882] bridge_slave_1: left promiscuous mode [ 543.775348][ T3882] bridge0: port 2(bridge_slave_1) entered disabled state [ 544.050264][ T8381] hfsplus: bad catalog entry type [ 544.056980][ T3882] bridge_slave_0: left allmulticast mode [ 544.063304][ T3882] bridge_slave_0: left promiscuous mode [ 544.078157][ T3882] bridge0: port 1(bridge_slave_0) entered disabled state [ 544.454696][ T3073] hfsplus: b-tree write err: -5, ino 4 [ 544.946389][ T8377] ntfs3: loop2: ino=22, The size of extended attributes must not exceed 64KiB [ 545.017809][ T3882] erspan0 (unregistering): left promiscuous mode [ 545.193464][ T3882] gretap0 (unregistering): left promiscuous mode [ 545.282292][ T52] Bluetooth: hci3: command tx timeout [ 545.528555][ T8396] overlayfs: failed to resolve './file2': -2 [ 545.530656][ T3882] bond0 (unregistering): (slave bridge0): Releasing backup interface [ 546.040002][ T3882] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 546.080162][ T3882] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 546.099166][ T3882] bond0 (unregistering): Released all slaves [ 546.281225][ T8403] loop1: detected capacity change from 0 to 1024 [ 546.583572][ T8403] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 546.596567][ T8403] ext4 filesystem being mounted at /79/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 547.360311][ T52] Bluetooth: hci3: command tx timeout [ 547.393457][ T7189] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 547.872072][ T8421] loop2: detected capacity change from 0 to 1764 [ 548.807981][ T3882] hsr_slave_0: left promiscuous mode [ 548.862394][ T3882] hsr_slave_1: left promiscuous mode [ 548.898220][ T3882] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 548.906703][ T3882] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 548.965045][ T3882] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 548.973103][ T3882] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 549.070474][ T3882] veth1_macvtap: left promiscuous mode [ 549.076621][ T3882] veth0_macvtap: left promiscuous mode [ 549.083100][ T3882] veth1_vlan: left promiscuous mode [ 549.093122][ T3882] veth0_vlan: left promiscuous mode [ 549.417723][ T52] Bluetooth: hci3: command tx timeout [ 550.182461][ T3882] team0 (unregistering): Port device team_slave_1 removed [ 550.252061][ T3882] team0 (unregistering): Port device team_slave_0 removed [ 550.600464][ T8375] chnl_net:caif_netlink_parms(): no params data found [ 551.489590][ T8460] loop2: detected capacity change from 0 to 64 [ 551.512555][ T52] Bluetooth: hci3: command tx timeout [ 551.568895][ T8460] hfs: unable to locate alternate MDB [ 551.575014][ T8460] hfs: continuing without an alternate MDB [ 551.768388][ T8465] loop1: detected capacity change from 0 to 256 [ 551.832243][ T29] audit: type=1800 audit(1727965735.572:30): pid=8460 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1232" name="file1" dev="loop2" ino=18 res=0 errno=0 [ 552.458942][ T8469] loop4: detected capacity change from 0 to 64 [ 552.833798][ T8375] bridge0: port 1(bridge_slave_0) entered blocking state [ 552.841955][ T8375] bridge0: port 1(bridge_slave_0) entered disabled state [ 552.849845][ T8375] bridge_slave_0: entered allmulticast mode [ 552.859611][ T8375] bridge_slave_0: entered promiscuous mode [ 553.017428][ T8375] bridge0: port 2(bridge_slave_1) entered blocking state [ 553.025493][ T8375] bridge0: port 2(bridge_slave_1) entered disabled state [ 553.033576][ T8375] bridge_slave_1: entered allmulticast mode [ 553.125199][ T8375] bridge_slave_1: entered promiscuous mode [ 553.561537][ T8375] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 553.758596][ T8375] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 553.893359][ T4561] Bluetooth: hci2: command 0x0406 tx timeout [ 554.144768][ T8375] team0: Port device team_slave_0 added [ 554.248188][ T8375] team0: Port device team_slave_1 added [ 554.405189][ T8375] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 554.419460][ T8375] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 554.445966][ T8375] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 554.464049][ T8375] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 554.472744][ T8375] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 554.500681][ T8375] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 554.808110][ T8375] hsr_slave_0: entered promiscuous mode [ 554.913678][ T8375] hsr_slave_1: entered promiscuous mode [ 555.090726][ T8375] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 555.098716][ T8375] Cannot create hsr debugfs directory [ 556.880022][ T8512] loop1: detected capacity change from 0 to 1024 [ 557.918971][ T8375] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 557.985791][ T8512] EXT4-fs: Ignoring removed nomblk_io_submit option [ 558.005212][ T8375] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 558.021125][ T8512] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 558.031787][ T8512] EXT4-fs (loop1): Test dummy encryption mode enabled [ 558.090062][ T8512] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c855c01c, mo2=0003] [ 558.111154][ T8375] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 558.149037][ T8375] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 558.180253][ T8520] sctp: [Deprecated]: syz.2.1252 (pid 8520) Use of int in max_burst socket option. [ 558.180253][ T8520] Use struct sctp_assoc_value instead [ 558.247741][ T8512] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 558.694133][ T8535] fscrypt (loop1): Missing crypto API support for AES-256-CBC-CTS (API name: "cts(cbc(aes))") [ 558.804516][ T8512] fscrypt (loop1): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 559.699791][ T7189] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 560.138695][ T8375] 8021q: adding VLAN 0 to HW filter on device bond0 [ 560.280744][ T8375] 8021q: adding VLAN 0 to HW filter on device team0 [ 560.363389][ T3955] bridge0: port 1(bridge_slave_0) entered blocking state [ 560.371428][ T3955] bridge0: port 1(bridge_slave_0) entered forwarding state [ 560.491973][ T3955] bridge0: port 2(bridge_slave_1) entered blocking state [ 560.499758][ T3955] bridge0: port 2(bridge_slave_1) entered forwarding state [ 560.795904][ T8565] ip6gretap0: entered promiscuous mode [ 560.912596][ T8565] ip6gretap0: left promiscuous mode [ 561.291690][ T8571] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1262'. [ 561.715824][ T8580] sctp: [Deprecated]: syz.4.1265 (pid 8580) Use of int in max_burst socket option. [ 561.715824][ T8580] Use struct sctp_assoc_value instead [ 562.835155][ T8375] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 563.489225][ T8375] veth0_vlan: entered promiscuous mode [ 563.616779][ T8375] veth1_vlan: entered promiscuous mode [ 563.693152][ T5247] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 563.759277][ T8601] sch_tbf: burst 0 is lower than device veth0_to_team mtu (1514) ! [ 563.956801][ T5247] usb 5-1: New USB device found, idVendor=0781, idProduct=0005, bcdDevice= 0.05 [ 563.967172][ T5247] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 564.003435][ T8375] veth0_macvtap: entered promiscuous mode [ 564.027491][ T8375] veth1_macvtap: entered promiscuous mode [ 564.075539][ T8603] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1267'. [ 564.080992][ T5247] usb 5-1: config 0 descriptor?? [ 564.199884][ T5247] ums-usbat 5-1:0.0: USB Mass Storage device detected [ 564.356657][ T8375] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 564.367609][ T8375] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 564.378052][ T8375] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 564.388950][ T8375] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 564.399169][ T8375] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 564.410113][ T8375] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 564.420354][ T8375] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 564.431206][ T8375] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 564.453079][ T8375] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 564.474384][ T8375] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 564.485243][ T8375] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 564.495804][ T8375] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 564.506726][ T8375] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 564.516926][ T8375] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 564.527858][ T8375] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 564.538188][ T8375] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 564.549024][ T8375] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 564.570779][ T8375] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 564.592781][ T8375] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 564.602127][ T8375] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 564.611234][ T8375] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 564.614609][ T8608] loop1: detected capacity change from 0 to 256 [ 564.620405][ T8375] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 564.879784][ T5247] ums-usbat 5-1:0.0: Quirks match for vid 0781 pid 0005: 1 [ 565.263457][ T8608] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d) [ 565.432571][ T5248] usb 5-1: USB disconnect, device number 13 [ 567.301083][ T8639] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1278'. [ 567.862376][ T8650] netlink: 830 bytes leftover after parsing attributes in process `syz.2.1282'. [ 568.069616][ T8646] program syz.4.1280 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 568.513460][ T3099] ===================================================== [ 568.520774][ T3099] BUG: KMSAN: uninit-value in n_tty_receive_buf_closing+0x539/0xb40 [ 568.529307][ T3099] n_tty_receive_buf_closing+0x539/0xb40 [ 568.535388][ T3099] n_tty_receive_buf_common+0x196b/0x2490 [ 568.541575][ T3099] n_tty_receive_buf2+0x4c/0x60 [ 568.551691][ T3099] tty_ldisc_receive_buf+0xd0/0x290 [ 568.557156][ T3099] tty_port_default_receive_buf+0xdf/0x190 [ 568.564584][ T3099] flush_to_ldisc+0x473/0xdb0 [ 568.569897][ T3099] process_scheduled_works+0xae0/0x1c40 [ 568.575991][ T3099] worker_thread+0xea7/0x14f0 [ 568.580925][ T3099] kthread+0x3e2/0x540 [ 568.585391][ T3099] ret_from_fork+0x6d/0x90 [ 568.590008][ T3099] ret_from_fork_asm+0x1a/0x30 [ 568.595109][ T3099] [ 568.597549][ T3099] Uninit was created at: [ 568.602239][ T3099] __kmalloc_noprof+0x661/0xf30 [ 568.607334][ T3099] __tty_buffer_request_room+0x36e/0x6d0 [ 568.615486][ T3099] __tty_insert_flip_string_flags+0x140/0x570 [ 568.622535][ T3099] uart_insert_char+0x39e/0xa10 [ 568.627769][ T3099] serial8250_read_char+0x1a7/0x5d0 [ 568.633551][ T3099] serial8250_handle_irq+0x970/0x1130 [ 568.639143][ T3099] serial8250_default_handle_irq+0x120/0x2b0 [ 568.649231][ T3099] serial8250_interrupt+0xc5/0x360 [ 568.655809][ T3099] __handle_irq_event_percpu+0x118/0xca0 [ 568.662387][ T3099] handle_irq_event+0xef/0x2c0 [ 568.667473][ T3099] handle_edge_irq+0x340/0xfb0 [ 568.672535][ T3099] __common_interrupt+0x97/0x1f0 [ 568.677681][ T3099] common_interrupt+0x92/0xb0 [ 568.682726][ T3099] asm_common_interrupt+0x2b/0x40 [ 568.688025][ T3099] [ 568.690502][ T3099] CPU: 1 UID: 0 PID: 3099 Comm: kworker/u8:13 Not tainted 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 568.704623][ T3099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 568.715860][ T3099] Workqueue: events_unbound flush_to_ldisc [ 568.722246][ T3099] ===================================================== [ 568.729353][ T3099] Disabling lock debugging due to kernel taint [ 568.736000][ T3099] Kernel panic - not syncing: kmsan.panic set ... [ 568.742594][ T3099] CPU: 1 UID: 0 PID: 3099 Comm: kworker/u8:13 Tainted: G B 6.12.0-rc1-syzkaller-00046-g7ec462100ef9 #0 [ 568.755255][ T3099] Tainted: [B]=BAD_PAGE [ 568.759525][ T3099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 568.769756][ T3099] Workqueue: events_unbound flush_to_ldisc [ 568.775803][ T3099] Call Trace: [ 568.779222][ T3099] [ 568.782271][ T3099] dump_stack_lvl+0x216/0x2d0 [ 568.787163][ T3099] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 568.793167][ T3099] dump_stack+0x1e/0x30 [ 568.797517][ T3099] panic+0x4e2/0xcf0 [ 568.801609][ T3099] ? kmsan_get_metadata+0x41/0x1c0 [ 568.807016][ T3099] kmsan_report+0x2c7/0x2d0 [ 568.811702][ T3099] ? __msan_warning+0x95/0x120 [ 568.816809][ T3099] ? n_tty_receive_buf_closing+0x539/0xb40 [ 568.822868][ T3099] ? n_tty_receive_buf_common+0x196b/0x2490 [ 568.829007][ T3099] ? n_tty_receive_buf2+0x4c/0x60 [ 568.834249][ T3099] ? tty_ldisc_receive_buf+0xd0/0x290 [ 568.839822][ T3099] ? tty_port_default_receive_buf+0xdf/0x190 [ 568.846024][ T3099] ? flush_to_ldisc+0x473/0xdb0 [ 568.851072][ T3099] ? process_scheduled_works+0xae0/0x1c40 [ 568.857034][ T3099] ? worker_thread+0xea7/0x14f0 [ 568.862108][ T3099] ? kthread+0x3e2/0x540 [ 568.866596][ T3099] ? ret_from_fork+0x6d/0x90 [ 568.871378][ T3099] ? ret_from_fork_asm+0x1a/0x30 [ 568.876555][ T3099] ? kmsan_get_metadata+0x13e/0x1c0 [ 568.882025][ T3099] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 568.888020][ T3099] ? kmsan_get_metadata+0x13e/0x1c0 [ 568.893398][ T3099] ? kmsan_get_metadata+0x13e/0x1c0 [ 568.898796][ T3099] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 568.904800][ T3099] ? __update_load_avg_cfs_rq+0x969/0x10e0 [ 568.910833][ T3099] ? kmsan_get_metadata+0x13e/0x1c0 [ 568.916211][ T3099] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 568.922211][ T3099] ? kmsan_get_metadata+0x13e/0x1c0 [ 568.927640][ T3099] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 568.933726][ T3099] __msan_warning+0x95/0x120 [ 568.938696][ T3099] n_tty_receive_buf_closing+0x539/0xb40 [ 568.944605][ T3099] n_tty_receive_buf_common+0x196b/0x2490 [ 568.950577][ T3099] ? kmsan_get_metadata+0x13e/0x1c0 [ 568.956003][ T3099] n_tty_receive_buf2+0x4c/0x60 [ 568.961140][ T3099] ? __pfx_n_tty_receive_buf2+0x10/0x10 [ 568.966944][ T3099] tty_ldisc_receive_buf+0xd0/0x290 [ 568.972366][ T3099] tty_port_default_receive_buf+0xdf/0x190 [ 568.978401][ T3099] flush_to_ldisc+0x473/0xdb0 [ 568.983298][ T3099] ? __pfx_tty_port_default_receive_buf+0x10/0x10 [ 568.989937][ T3099] ? __pfx_flush_to_ldisc+0x10/0x10 [ 568.995339][ T3099] process_scheduled_works+0xae0/0x1c40 [ 569.001145][ T3099] worker_thread+0xea7/0x14f0 [ 569.006075][ T3099] kthread+0x3e2/0x540 [ 569.010367][ T3099] ? __pfx_worker_thread+0x10/0x10 [ 569.015703][ T3099] ? __pfx_kthread+0x10/0x10 [ 569.020521][ T3099] ret_from_fork+0x6d/0x90 [ 569.025121][ T3099] ? __pfx_kthread+0x10/0x10 [ 569.029951][ T3099] ret_from_fork_asm+0x1a/0x30 [ 569.034947][ T3099] [ 569.038494][ T3099] Kernel Offset: disabled [ 569.042911][ T3099] Rebooting in 86400 seconds..