last executing test programs: 20.581591198s ago: executing program 3 (id=616): timer_create(0x3, 0x0, &(0x7f0000000000)) clock_gettime(0x0, &(0x7f0000000080)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = syz_io_uring_setup(0x40f, &(0x7f0000000000), &(0x7f0000000080)=0x0, &(0x7f00000000c0)=0x0) syz_io_uring_setup(0x2bac, &(0x7f0000000340), &(0x7f0000000100)=0x0, &(0x7f0000000000)) syz_io_uring_submit(r5, r4, &(0x7f0000000100)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x26, 0x0, @fd_index=0x3}) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x40, &(0x7f0000000140)=0x80000004, 0x0, 0x4) io_uring_enter(r2, 0x35c, 0x0, 0x1, 0x0, 0x0) io_uring_enter(r2, 0x47e9, 0xeb13, 0x6, 0x0, 0x0) 15.225519864s ago: executing program 3 (id=633): write$6lowpan_enable(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0xffffffff) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000008c0)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800000f, @void, @value}, 0x94) sendmsg$TCPDIAG_GETSOCK(0xffffffffffffffff, 0x0, 0x80) 14.335555305s ago: executing program 3 (id=635): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000000000406c256d0000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000000)={0x2c, &(0x7f0000000300)=ANY=[@ANYBLOB="00dc6b"], 0x0, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x41b}}, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0003020000000203"], 0x0, 0x0}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) 11.567664359s ago: executing program 3 (id=646): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x2, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=") openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x8) creat(&(0x7f0000000000)='./bus\x00', 0x0) mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x5, 0x0, "ef359f413bb901527f00d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a01000000000000004faa2ad9c084a003ea0000000000000000000800002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]}) truncate(&(0x7f0000000900)='./file1\x00', 0xbf39) mkdir(0x0, 0x0) 11.187277894s ago: executing program 0 (id=650): r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a0000080480020009", @ANYBLOB="f7", @ANYRESOCT], 0x0) syz_usb_connect(0x0, 0x24, &(0x7f0000000100)={{0x12, 0x1, 0x0, 0xfd, 0x89, 0xe8, 0x20, 0x16c0, 0x5df, 0xb2bf, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3}}]}}]}}, 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) write$char_usb(r1, 0x0, 0x0) r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) write$char_usb(r2, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) 10.758137919s ago: executing program 3 (id=651): execve(&(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0) 9.986088878s ago: executing program 3 (id=654): socket$netlink(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x60b17f360213d71e, 0x0, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x24, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, 0x0, {0xffff, 0x5}, {0xffff, 0xffff}, {0x7}}}, 0x24}}, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 9.282001256s ago: executing program 32 (id=654): socket$netlink(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x60b17f360213d71e, 0x0, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x24, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, 0x0, {0xffff, 0x5}, {0xffff, 0xffff}, {0x7}}}, 0x24}}, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 7.971462703s ago: executing program 0 (id=660): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000008c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000300)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002dbd7000000000000700000008000300", @ANYRES32=r5, @ANYBLOB], 0x3c}}, 0x0) r6 = dup(r2) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, &(0x7f0000000080)="66b9800000c00f326635002000000f302e660f383d76fa2e81fd00e03e262e0f01c9f00fb0a900700f07660f5fcf1a2b0f4953b40f08", 0x36}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff) r8 = socket$kcm(0x10, 0x2, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r9 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0) read$msr(r9, &(0x7f0000019680)=""/102392, 0x18ff8) sendmsg$kcm(r8, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(0xffffffffffffffff, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x50) pwrite64(0xffffffffffffffff, &(0x7f0000000000)='2', 0x1, 0x4fed0) r10 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r10, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r10, &(0x7f0000000000), 0xd) sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x40000000}, 0x0) 5.310865625s ago: executing program 2 (id=667): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r0 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001100), r1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000001140)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_STOP_AP(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000001180)={0x1c, r2, 0x51f, 0x70bd28, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x800) 5.215802056s ago: executing program 0 (id=668): r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a000008048002", @ANYBLOB="f7", @ANYRESOCT], 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) write$char_usb(r1, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) 5.070611148s ago: executing program 2 (id=670): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, 0x0, 0xc0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setscheduler(0x0, 0x2, 0x0) r1 = epoll_create1(0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000100)={0x20000014}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f0000000000)={0xa0000001}) epoll_wait(0xffffffffffffffff, &(0x7f0000000380)=[{}], 0x2, 0x1000) 3.691637695s ago: executing program 1 (id=671): socket$inet6_icmp(0xa, 0x2, 0x3a) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6000, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/netfilter\x00') fchdir(r0) inotify_add_watch(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x5000009) sendto$inet6(r0, &(0x7f0000000100), 0x0, 0x20000000, 0x0, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x2c) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f00000003c0)={{{@in=@private=0xa010100, @in=@empty, 0x0, 0x2000, 0x4e24, 0x0, 0xa}, {0x0, 0x5, 0x6, 0x3, 0x0, 0x0, 0xffffdffffffffffd}, {0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3}, {{@in6=@mcast2, 0x0, 0x2b}, 0x0, @in6=@private1, 0x34ff, 0x0, 0x3, 0x5}}, 0xe8) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x4e21, 0x7, @loopback, 0xfcb}, 0x1c) r3 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7fc}, 0xe) r4 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) ioctl$sock_bt_hidp_HIDPCONNADD(r4, 0x400448c8, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x8, 0xb6, 0x7f, 0x8003, 0x9, 0x1, 0x3, 'syz0\x00'}) ioctl$sock_bt_hidp_HIDPCONNDEL(r4, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}) getdents64(r3, &(0x7f0000000040)=""/52, 0x34) getdents64(r3, 0xfffffffffffffffe, 0x29) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f0000000400)={[{@sysvgroups}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}]}, 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=") ftruncate(0xffffffffffffffff, 0x7bc7) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='task\x00') getdents64(r5, 0xffffffffffffffff, 0x43) 3.496628157s ago: executing program 1 (id=672): syz_emit_ethernet(0x0, 0x0, 0x0) syz_emit_vhci(&(0x7f00000016c0)=ANY=[@ANYBLOB="040e0c790320"], 0xf) syz_emit_vhci(&(0x7f0000000580)=ANY=[@ANYBLOB="02c820fe00fa0001000c09050005000800090b7fdf00060005003e4358efd2dd201c43939b5cf9bf3e4842d86f18b841acd001a07c83a1be1e4eb285d83768ea2377c52a24c1f1f2d4d5d2ee6df7341f0397d381972005fd6f4f4f04dfb8a05798a8201a0d2a8bcb88eb5d15533322389ff8db98754f16d4623754d61e4134f743f5bcd6a7e07e757b6c139344acb2ae069fe0e1b8cef032142b0762c9568f5d93f3e4ca1dd780cc1c262b5cf59256ec895a584831048f63c324155a4a4b3ab5e0a8faf718fadde2fee8d3e956984cd6cc3a83a7eec8aa206aa1960e64f31b92d425f7bd656a6ab24273f9ba50c20ec145fa22fa27021b04000400c6001110020009"], 0x103) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCMGET(r0, 0x5415, 0x0) socket$netlink(0x10, 0x3, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) gettid() prctl$PR_SET_SECCOMP(0x16, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000680)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={0x4c, r5, 0x1, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8, 0x1, 0x31}, @val={0x8, 0x3, r6}, @val={0xc, 0x99, {0x7ff, 0x70}}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'syzkaller0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}]}, 0x4c}, 0x1, 0x0, 0x0, 0x81}, 0x24044884) rseq(0x0, 0x0, 0x1, 0x0) 2.538977959s ago: executing program 4 (id=673): r0 = openat$kvm(0xffffff9c, 0x0, 0x40080, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x4048aec9, &(0x7f0000000140)={0x2, 0x0, @pic={0x7, 0xf7, 0xf7, 0x10, 0xa3, 0x6, 0x40, 0x3f, 0x1, 0x3, 0x9, 0xf, 0x97, 0x5, 0x5, 0x3f}}) 2.425220631s ago: executing program 4 (id=674): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[]) read$FUSE(r0, 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x1) socket$nl_generic(0x10, 0x3, 0x10) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$uhid(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) pselect6(0x40, &(0x7f0000000000)={0x0, 0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x8, 0x0, 0x0, 0x2, 0x7}, 0x0, 0x0) 2.300215142s ago: executing program 2 (id=675): r0 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000300)={0x0, 0x0, r1, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r0, 0xc06864ce, &(0x7f0000000440)={r2, 0x0, 0x20000000, 0x0, 0x0, [0x0], [0x1, 0x0, 0x0, 0x1], [0x0, 0xfffffffe, 0x0, 0xb68a], [0x0, 0x2, 0x0, 0xcbb]}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={r3}) r4 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r4, 0xc06864a1, &(0x7f0000000300)={0x0, 0x0, r5, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r4, 0xc06864ce, &(0x7f0000000440)={r6, 0x0, 0x20000000, 0x0, 0x0, [0x0], [0x1, 0x0, 0x0, 0x1], [0x0, 0xfffffffe, 0x0, 0xb68a], [0x0, 0x2, 0x0, 0xcbb]}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, &(0x7f0000000080)={r7}) 2.091921125s ago: executing program 0 (id=676): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000080)={0xd, 0x0, 0x2}) 2.021612945s ago: executing program 1 (id=677): execve(&(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0) 1.893680277s ago: executing program 2 (id=678): rt_sigprocmask(0x0, 0x0, 0x0, 0x0) r0 = signalfd4(0xffffffffffffffff, &(0x7f00000001c0)={[0xffffffffffffffff]}, 0x8, 0x80800) r1 = gettid() r2 = getpid() rt_tgsigqueueinfo(r2, r1, 0x1f, &(0x7f0000000140)={0x0, 0x0, 0x1}) read$FUSE(r0, &(0x7f0000003a40)={0x2020}, 0x2020) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) r3 = syz_open_procfs(0x0, &(0x7f0000000380)='clear_refs\x00') writev(r3, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1) 1.701778229s ago: executing program 1 (id=679): syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000740)='./file0\x00', 0x10040, &(0x7f0000000200)={[{@journal_dev}, {@nouid32}]}, 0xfe, 0x26d, &(0x7f00000002c0)="$eJzs3U9oHFUcB/Df7B/jJotEvQjiHxARDYR4E7zEi0JAQhARVIiIeJJEiAnesp68eNCzSkDwEsRb0x5LL6GXlkJPaZtDeim0oYeGHtrDlt3ZLdtkQ9r92+58PrDMTN57896E+b4MQ2Y2gMyajIjZiMhHxFREFCMiaa3wZvqZbGxulLYXI6rVz24n9XrpdqrZbiIiKhHxQUShWba29dXe3Z1P3vlttfj2v1tflgZ1fK3293Y/Pfh7/tdTc++vXbx8cz6J2Sg3ylqPo5eSNj8rJBEv9aOzp0RSGPYIeBwLP/9/pZb7lyPirXr+i5FrRPb3lefOFeO9v45r+8etS68OcqxA71WrxdrfwEoVyJxcRJQjyU1HRLqey01Pp9fwV/PjuR+WV36a+n55dem7Yc9UQK+UI9n9+MzY6YlD+b+RT/MPjK5yxO7nC5vXausH+WGPBuib1rvtr6WLWv6nvll/N+QfMkf+IbvkH7JL/mEEdJjdHuS/3b+2Ac+AbvL/fJ/GBAyG638YYcXmSqVtsfxDdsk/jKh/Tr41J/+QXa35BwCypTo27CeQgWEZ9vwDAAAAAAAAAAAAAAAAAAActVHaXmx+BtXn+T8j9j+KiEK7/vP17yNuvm18/E5Sq/ZQkjbrytdvdLmDLv3Xs6evSx21euF6r/rvzIXX+7PfXx7dPPaXs74UUalVnikUjp5/SeP869yLJ5QXv+2ygyd0+K2AH34x2P4Pu7853P7ndiLO1uafmXbzTy5eqS/bzz/l1lcsd+jHe13uAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIF5EAAA//9d9m3o") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) truncate(&(0x7f0000000000)='./file1\x00', 0x5e00) ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, &(0x7f00000000c0)={0x17c04, 0xffffffffffffffff, 0x7f, 0xfffffffe, 0x0, 0xa}) 1.518985882s ago: executing program 2 (id=680): openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0xe0000000, 0x5e490420, 0x2, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}}, 0x50) syz_fuse_handle_req(r0, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_fuse_handle_req(r0, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ecc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485e4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6bb06500f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784776f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2205eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a768cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d0500e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad24c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x78, 0x0, 0x80, {0xc, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, r2, 0x1}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0) io_setup(0x2, &(0x7f0000000200)=0x0) io_submit(r4, 0x140b, &(0x7f0000000700)=[&(0x7f0000000440)={0x18, 0x700fbff, 0x4, 0x1, 0x0, r3, &(0x7f0000000180)='\x00', 0x1001}]) dup3(r0, r3, 0x6700000000000000) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 1.467618292s ago: executing program 4 (id=681): socket$inet6_icmp(0xa, 0x2, 0x3a) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6000, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/netfilter\x00') fchdir(r0) inotify_add_watch(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x5000009) sendto$inet6(r0, &(0x7f0000000100), 0x0, 0x20000000, 0x0, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x2c) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f00000003c0)={{{@in=@private=0xa010100, @in=@empty, 0x0, 0x2000, 0x4e24, 0x0, 0xa}, {0x0, 0x5, 0x6, 0x3, 0x0, 0x0, 0xffffdffffffffffd}, {0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3}, {{@in6=@mcast2, 0x0, 0x2b}, 0x0, @in6=@private1, 0x34ff, 0x0, 0x3, 0x5}}, 0xe8) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x4e21, 0x7, @loopback, 0xfcb}, 0x1c) r3 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7fc}, 0xe) r4 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) ioctl$sock_bt_hidp_HIDPCONNADD(r4, 0x400448c8, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x8, 0xb6, 0x7f, 0x8003, 0x9, 0x1, 0x3, 'syz0\x00'}) ioctl$sock_bt_hidp_HIDPCONNDEL(r4, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}) getdents64(r3, &(0x7f0000000040)=""/52, 0x34) getdents64(r3, 0xfffffffffffffffe, 0x29) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f0000000400)={[{@sysvgroups}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}]}, 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=") ftruncate(0xffffffffffffffff, 0x7bc7) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='task\x00') getdents64(r5, 0xffffffffffffffff, 0x43) 1.330896114s ago: executing program 0 (id=682): r0 = socket(0x1e, 0x5, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) listen(r0, 0x0) r1 = socket(0x1e, 0x805, 0x0) sendmsg$tipc(r1, &(0x7f0000000080)={&(0x7f0000000100)=@name={0x1e, 0x2, 0x1}, 0x10, 0x0}, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f00000000c0)=@req3={0x80000000, 0x0, 0x2}, 0x1c) accept4$inet6(r0, 0x0, 0x0, 0x0) sendmsg$tipc(r1, &(0x7f0000000640)={&(0x7f0000000300)=@nameseq={0x1e, 0x1, 0x2, {0x43, 0x0, 0x3}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x0) 1.303006444s ago: executing program 4 (id=683): r0 = openat$kvm(0xffffff9c, &(0x7f0000000000), 0x40080, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x4048aec9, 0x0) 1.199408345s ago: executing program 2 (id=684): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, 0x0, 0xc0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setscheduler(0x0, 0x2, 0x0) r1 = epoll_create1(0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000100)={0x20000014}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f0000000000)={0xa0000001}) epoll_wait(0xffffffffffffffff, &(0x7f0000000380)=[{}], 0x2, 0x1000) 1.141221116s ago: executing program 1 (id=685): bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$inet6(0xa, 0x802, 0x0) connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x4, @remote, 0x5}, 0x1c) sendmmsg$inet6(r4, &(0x7f0000002940), 0x4000000000000c8, 0x40894) listen(r0, 0x101) setsockopt(0xffffffffffffffff, 0x10d, 0x800000000d, &(0x7f00001c9fff)="03", 0x1) connect$inet(0xffffffffffffffff, 0x0, 0x0) sendmmsg$inet(0xffffffffffffffff, &(0x7f00000019c0)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)='^', 0x1}], 0x1}}], 0x1, 0x20048045) ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f00000013c0)={0x0, 0x2, 0x2, {0x5, @vbi={0x0, 0x0, 0x4, 0x0, [], [0x8200], 0x1}}}) 970.377098ms ago: executing program 0 (id=686): r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a000008048002", @ANYBLOB="f7", @ANYRESOCT], 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) write$char_usb(r1, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) 870.23256ms ago: executing program 4 (id=687): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$MRT_INIT(r0, 0x0, 0xc8, 0x0, 0x0) 15.95121ms ago: executing program 4 (id=688): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000280)='/sys/power/pm_print_times', 0x40901, 0x88) write$FUSE_DIRENT(r0, &(0x7f0000000580)=ANY=[@ANYRESHEX=r0], 0x200001d0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x9) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x4) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r2, 0x0, r3, 0x0, 0x8000f28, 0x0) getsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x3d, 0x0, &(0x7f0000000080)) syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f00000022c0)=ANY=[], 0x1, 0x6ca, &(0x7f0000000500)="$eJzs3c1vHGcdB/DvrNeuN1TBaRMaoSKsRCpIEYkTK4VwwSCEcqhQVQ49W4nTWN0kVeIit0LgAoITEof+AQXJNw4IiXtQuHApt159rITEJeIQ9bJoZmftXXv9lthrBz6faDzPM8/L/OaZZ2a866w2wP+t6xfSfJgi1y+8sVzm11Zn22ursy/Uxe0kZbqRNLurFHeT4lEyV5YXfUv61lt8vHjtrc8er33ezTXrpao/tlO7IYbUXamXTNf9TQ9tOb7XXazU4eXFJDfq9aCJvfY1ULEctPP1Go5cZ4uV/TTfz3ULHDO9p1PRfW5uMZWcSDJZ/x6Q+u7QGF2Eh2NfdzkAAAB4Tn1676gjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdP/f3/Rb006nWmU/S+/3+it61OH0Nze6758FDjAAAAAAAAAIDR+PqTPMlyTvbynaL6m/+5KnM6X3SSL+X9PMhC7udiljOfpSzlfi4nmerraGJ5fmnp/uX1lqXhLa8MbXllVEcMAAAAAAAAAP+TfpnWxt//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgOCiSse6qWk7X60yl0cxGWVaSfyaZOOp496EYtvHh6OMAAACAZzL5FG2+/CRPspyTvXynqF7zf6V6vTyZ93M3S1nMUtpZyM36NXT5qr+xtjrbXludvVMuZX6w3+//e19hTNQ9jFW5YXs+W9Vo5VYWqy0Xc6MK5mYa3X2fT8724umLq89HZUzF92p7jKxZD2u5s99v9y7CgRh8K6KxQ83WRnDJ+ojM1LGVLU91R6Co3qhJNo/ErmenOZCbqnodX9/T5TTW3/k5fQhjfqJel8fzm0Md8/1aH4lGqpG40pt95TWz80gk3/jrn96+3b777u1bDy4cn0Paxdg22zfPidm+kXjluR6J5j7rz1QjcWY9fz0/yk9yIdN5M/ezmJ9mPktZSKcun6/nc/lzaueRmhvIvblbJBP1eemes73ENJ0fVqn5nKvansxiitzLzSzk9erflVzOt3M1V3Ot7wyf2Tbu6tiqq76x+arvnem/DQ3+/DfrRHl3++3GXW5upyPebnYelO69vxzXU33j2p31j9drneq7Dmb6Ruml3uiMD+38ae6Nza/WiXIfv9rlOTFaU/VIlBdQ7ynRi+7l7kg0q2fR1nn+h07ZLu27nc7t+fe26X9lU/61el1Oq9Wv7Va7Z/ipOFjlfHkpk/WdZHB2lGUvr99l+so6G3O5Wzb4xC3bnanKiqJ3pf4496oJsPVKnah/h9va05Wq7JWhZbNV2dm+soHft3Iv7dwcwfgB8DT+8fZ6cionJlr/an3a+qT169bt1huTP3jhOy+8OpHxv49/tzkz9lrj1eIv+SQ/33j9DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPL0HH3z47ny7vXB/eKKxfdFAopXNW3breVOiqL/QZ3+tjm9iMsnAlup7jkYeRmtzGFsSnV8kIx+f3pcIDq/zuzLR3DKjhiXmBrb8eWuHH+0zwmJv18UhJhoZ7U7HMnwCHOFNCRiJS0t33rv04IMPv7V4Z/6dhXcW7o5fvXpt5trV12cv3VpsL8x0fx51lMBh2HjoH3UkAAAAAAAAAAAAwF4N+2DAuRd3+9DInj7j4X8WAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfi+oU0H6bI5ZmLM2V+bXW2XS699EbNZpJGIyl+lhSPkrl0l0z1dVfkj4/SGbKfjxevvfXZ47XPN/pqdusnjXq9vZ1Lk6zUS6aTjNXrZzDQ341n7q/4T+8YygH7otPpzD1bfHAw/hsAAP//msX1EQ==") 0s ago: executing program 1 (id=689): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000280)='/sys/power/pm_print_times', 0x40901, 0x88) write$FUSE_DIRENT(r0, &(0x7f0000000580)=ANY=[@ANYRESHEX=r0], 0x200001d0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x9) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x4) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r2, 0x0, r3, 0x0, 0x8000f28, 0x0) getsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x3d, 0x0, &(0x7f0000000080)) syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f00000022c0)=ANY=[], 0x1, 0x6ca, &(0x7f0000000500)="$eJzs3c1vHGcdB/DvrNeuN1TBaRMaoSKsRCpIEYkTK4VwwSCEcqhQVQ49W4nTWN0kVeIit0LgAoITEof+AQXJNw4IiXtQuHApt159rITEJeIQ9bJoZmftXXv9lthrBz6faDzPM8/L/OaZZ2a866w2wP+t6xfSfJgi1y+8sVzm11Zn22ursy/Uxe0kZbqRNLurFHeT4lEyV5YXfUv61lt8vHjtrc8er33ezTXrpao/tlO7IYbUXamXTNf9TQ9tOb7XXazU4eXFJDfq9aCJvfY1ULEctPP1Go5cZ4uV/TTfz3ULHDO9p1PRfW5uMZWcSDJZ/x6Q+u7QGF2Eh2NfdzkAAAB4Tn1676gjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdP/f3/Rb006nWmU/S+/3+it61OH0Nze6758FDjAAAAAAAAAIDR+PqTPMlyTvbynaL6m/+5KnM6X3SSL+X9PMhC7udiljOfpSzlfi4nmerraGJ5fmnp/uX1lqXhLa8MbXllVEcMAAAAAAAAAP+TfpnWxt//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgOCiSse6qWk7X60yl0cxGWVaSfyaZOOp496EYtvHh6OMAAACAZzL5FG2+/CRPspyTvXynqF7zf6V6vTyZ93M3S1nMUtpZyM36NXT5qr+xtjrbXludvVMuZX6w3+//e19hTNQ9jFW5YXs+W9Vo5VYWqy0Xc6MK5mYa3X2fT8724umLq89HZUzF92p7jKxZD2u5s99v9y7CgRh8K6KxQ83WRnDJ+ojM1LGVLU91R6Co3qhJNo/ErmenOZCbqnodX9/T5TTW3/k5fQhjfqJel8fzm0Md8/1aH4lGqpG40pt95TWz80gk3/jrn96+3b777u1bDy4cn0Paxdg22zfPidm+kXjluR6J5j7rz1QjcWY9fz0/yk9yIdN5M/ezmJ9mPktZSKcun6/nc/lzaueRmhvIvblbJBP1eemes73ENJ0fVqn5nKvansxiitzLzSzk9erflVzOt3M1V3Ot7wyf2Tbu6tiqq76x+arvnem/DQ3+/DfrRHl3++3GXW5upyPebnYelO69vxzXU33j2p31j9drneq7Dmb6Ruml3uiMD+38ae6Nza/WiXIfv9rlOTFaU/VIlBdQ7ynRi+7l7kg0q2fR1nn+h07ZLu27nc7t+fe26X9lU/61el1Oq9Wv7Va7Z/ipOFjlfHkpk/WdZHB2lGUvr99l+so6G3O5Wzb4xC3bnanKiqJ3pf4496oJsPVKnah/h9va05Wq7JWhZbNV2dm+soHft3Iv7dwcwfgB8DT+8fZ6cionJlr/an3a+qT169bt1huTP3jhOy+8OpHxv49/tzkz9lrj1eIv+SQ/33j9DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPL0HH3z47ny7vXB/eKKxfdFAopXNW3breVOiqL/QZ3+tjm9iMsnAlup7jkYeRmtzGFsSnV8kIx+f3pcIDq/zuzLR3DKjhiXmBrb8eWuHH+0zwmJv18UhJhoZ7U7HMnwCHOFNCRiJS0t33rv04IMPv7V4Z/6dhXcW7o5fvXpt5trV12cv3VpsL8x0fx51lMBh2HjoH3UkAAAAAAAAAAAAwF4N+2DAuRd3+9DInj7j4X8WAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfi+oU0H6bI5ZmLM2V+bXW2XS699EbNZpJGIyl+lhSPkrl0l0z1dVfkj4/SGbKfjxevvfXZ47XPN/pqdusnjXq9vZ1Lk6zUS6aTjNXrZzDQ341n7q/4T+8YygH7otPpzD1bfHAw/hsAAP//msX1EQ==") mkdir(&(0x7f0000000080)='./file0\x00', 0x0) socket$nl_route(0x10, 0x3, 0x0) execve(&(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0) kernel console output (not intermixed with test programs): lan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.887715][ T4251] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.897708][ T4251] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.908247][ T4251] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.917098][ T4251] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.926980][ T4255] Bluetooth: hci1: command 0x040f tx timeout [ 75.933027][ T4255] Bluetooth: hci4: command 0x040f tx timeout [ 75.941209][ T4319] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 75.949073][ T4319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 75.957665][ T4319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 75.967387][ T4319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 75.978031][ T4319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 75.987414][ T4256] device veth1_vlan entered promiscuous mode [ 76.026692][ T4260] device veth1_vlan entered promiscuous mode [ 76.066625][ T4317] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.103415][ T4317] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.132165][ T4256] device veth0_macvtap entered promiscuous mode [ 76.181642][ T4260] device veth0_macvtap entered promiscuous mode [ 76.190347][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 76.199452][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 76.208035][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 76.216933][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 76.225330][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 76.233888][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 76.242495][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 76.253585][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 76.262196][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 76.280678][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 76.294911][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 76.412658][ T4317] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.432039][ T4256] device veth1_macvtap entered promiscuous mode [ 76.444226][ T4317] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.731671][ T4260] device veth1_macvtap entered promiscuous mode [ 76.914793][ T4260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.966416][ T4260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.107523][ T4260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.118114][ T4260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.128575][ T4260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.149764][ T4260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.168675][ T4260] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 77.195901][ T4319] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 77.208476][ T4319] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 77.219903][ T4319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 77.248241][ T4260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.262519][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.263523][ T4260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.271084][ T33] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.281054][ T4260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.299463][ T4260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.310286][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.317697][ T4260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.329160][ T33] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.329942][ T4260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.348546][ T4260] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.393319][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 77.401315][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 77.418323][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 77.428146][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 77.432820][ T4336] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 77.444514][ T4260] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.468801][ T4260] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.477860][ T4260] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.487151][ T4260] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.505040][ T4256] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.535543][ T4256] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.545547][ T4256] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.556084][ T4256] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.565964][ T4256] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.576582][ T4256] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.586532][ T4256] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.596983][ T4256] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.624856][ T4256] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 77.633895][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 77.643193][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 77.674884][ T4256] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.693199][ T4256] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.717179][ T4256] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.747381][ T4256] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.763504][ T4256] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.774567][ T4256] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.784800][ T4256] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.795926][ T4256] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.808282][ T4256] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.820752][ T4256] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.829784][ T4256] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.838541][ T4256] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.848014][ T4256] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.943030][ T4255] Bluetooth: hci2: command 0x0419 tx timeout [ 77.949097][ T4255] Bluetooth: hci0: command 0x0419 tx timeout [ 77.955198][ T4255] Bluetooth: hci3: command 0x0419 tx timeout [ 78.003257][ T4257] Bluetooth: hci1: command 0x0419 tx timeout [ 78.009358][ T4257] Bluetooth: hci4: command 0x0419 tx timeout [ 78.178476][ T4347] loop2: detected capacity change from 0 to 1024 [ 78.188308][ T4347] ======================================================= [ 78.188308][ T4347] WARNING: The mand mount option has been deprecated and [ 78.188308][ T4347] and is ignored by this kernel. Remove the mand [ 78.188308][ T4347] option from the mount to silence this warning. [ 78.188308][ T4347] ======================================================= [ 78.323039][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 78.403485][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 78.428616][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 78.483511][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 78.563415][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 78.632828][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 78.777632][ T4347] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:477: comm syz.2.7: Invalid block bitmap block 0 in block_group 0 [ 78.792146][ T4347] Quota error (device loop2): write_blk: dquota write failed [ 78.799768][ T4347] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 78.810158][ T4347] EXT4-fs error (device loop2): ext4_acquire_dquot:6795: comm syz.2.7: Failed to acquire dquot type 0 [ 78.823037][ T4347] EXT4-fs error (device loop2): ext4_free_blocks:6210: comm syz.2.7: Freeing blocks not in datazone - block = 0, count = 4096 [ 78.843247][ T4347] EXT4-fs error (device loop2): ext4_read_inode_bitmap:140: comm syz.2.7: Invalid inode bitmap blk 0 in block_group 0 [ 78.857411][ T4347] EXT4-fs error (device loop2) in ext4_free_inode:362: Corrupt filesystem [ 78.866439][ T4347] EXT4-fs (loop2): 1 orphan inode deleted [ 78.872167][ T4347] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 78.882602][ T46] Quota error (device loop2): do_check_range: Getting block 0 out of range 1-8 [ 78.892625][ T46] EXT4-fs error (device loop2): ext4_release_dquot:6818: comm kworker/u4:3: Failed to release dquot type 0 [ 78.933181][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 78.935563][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 78.962005][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 78.971709][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 79.042923][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 79.121626][ T4347] syz.2.7 (4347) used greatest stack depth: 19968 bytes left [ 79.129321][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 79.164608][ T4266] EXT4-fs (loop2): unmounting filesystem. [ 79.231074][ T4359] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 80.915565][ T4372] loop2: detected capacity change from 0 to 2048 [ 80.958268][ T4372] Alternate GPT is invalid, using primary GPT. [ 80.985991][ T4372] loop2: p1 p2 p3 [ 80.996430][ T4366] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.032836][ T4366] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.053984][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.076293][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.097863][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 81.129475][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 81.198969][ T4317] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.229208][ T4317] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.299143][ T4348] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.301231][ T4319] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 81.312910][ T4348] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.371488][ T14] cfg80211: failed to load regulatory.db [ 81.383189][ T4348] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 81.412333][ T4381] loop4: detected capacity change from 0 to 4096 [ 82.228729][ T4383] device syzkaller0 entered promiscuous mode [ 83.556570][ T4406] syz.2.15 uses obsolete (PF_INET,SOCK_PACKET) [ 84.587618][ T4414] loop4: detected capacity change from 0 to 32768 [ 84.722469][ T4414] XFS (loop4): Mounting V5 Filesystem [ 84.804148][ T4414] XFS (loop4): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 84.872803][ T4414] XFS (loop4): Starting recovery (logdev: internal) [ 84.919413][ T4414] XFS (loop4): Ending recovery (logdev: internal) [ 85.227139][ T4262] XFS (loop4): Unmounting Filesystem [ 86.496522][ T4435] loop3: detected capacity change from 0 to 1024 [ 86.555966][ T4435] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 87.585066][ T4434] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 87.601623][ T4434] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28 [ 87.618020][ T4434] EXT4-fs (loop3): This should not happen!! Data will be lost [ 87.618020][ T4434] [ 87.627742][ T4434] EXT4-fs (loop3): Total free blocks count 0 [ 87.633778][ T4434] EXT4-fs (loop3): Free/Dirty block details [ 87.639756][ T4434] EXT4-fs (loop3): free_blocks=68451041280 [ 87.645894][ T4434] EXT4-fs (loop3): dirty_blocks=32 [ 87.651022][ T4434] EXT4-fs (loop3): Block reservation details [ 87.657136][ T4434] EXT4-fs (loop3): i_reserved_data_blocks=2 [ 87.775244][ T4407] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14'. [ 87.936529][ T4256] EXT4-fs (loop3): unmounting filesystem. [ 88.042358][ T4446] netlink: 'syz.0.22': attribute type 1 has an invalid length. [ 88.226991][ T4454] loop3: detected capacity change from 0 to 128 [ 88.320452][ T4454] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 89.149944][ T4454] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 89.310289][ T4464] loop2: detected capacity change from 0 to 512 [ 89.371223][ T4464] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 89.394272][ T4464] EXT4-fs (loop2): invalid journal inode [ 89.408091][ T4464] EXT4-fs (loop2): can't get journal size [ 89.446864][ T4464] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c118, mo2=0002] [ 89.473293][ T4464] System zones: 1-12, 13-13 [ 89.486418][ T4464] EXT4-fs (loop2): 1 truncate cleaned up [ 89.494122][ T4464] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 89.620985][ T4474] loop0: detected capacity change from 0 to 4096 [ 89.701520][ T4478] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 90.625672][ T4484] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input5 [ 90.719620][ T4452] loop4: detected capacity change from 0 to 40427 [ 91.358033][ T4452] F2FS-fs (loop4): invalid crc value [ 91.733719][ T4484] loop3: detected capacity change from 0 to 128 [ 91.872945][ T4452] F2FS-fs (loop4): Failed to start F2FS issue_checkpoint_thread (-12) [ 91.954536][ T4266] EXT4-fs (loop2): unmounting filesystem. [ 95.138973][ T4510] sched: RT throttling activated [ 95.250359][ T4510] loop2: detected capacity change from 0 to 32768 [ 95.412807][ T4527] loop0: detected capacity change from 0 to 128 [ 95.426987][ T4527] FAT-fs (loop0): Unrecognized mount option "fowner<00000000000000000000" or missing value [ 95.902043][ T4530] Bluetooth: MGMT ver 1.22 [ 96.182694][ T4541] overlayfs: failed to resolve './file1': -2 [ 98.918867][ T4556] nvme_fabrics: missing parameter 'transport=%s' [ 98.960756][ T4556] nvme_fabrics: missing parameter 'nqn=%s' [ 99.322468][ T4567] loop2: detected capacity change from 0 to 32768 [ 99.371963][ T4570] Bluetooth: MGMT ver 1.22 [ 100.973997][ T4589] loop2: detected capacity change from 0 to 1024 [ 101.068699][ T4592] Zero length message leads to an empty skb [ 101.893729][ T4589] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 101.986107][ T4603] netlink: 16 bytes leftover after parsing attributes in process `syz.1.54'. [ 102.043110][ T4602] overlayfs: statfs failed on './file0' [ 102.062372][ T4266] EXT4-fs (loop2): unmounting filesystem. [ 102.152961][ T22] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 102.176229][ T4603] loop1: detected capacity change from 0 to 512 [ 102.271007][ T4603] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.54: inode #1: comm syz.1.54: iget: illegal inode # [ 102.275533][ T4609] loop2: detected capacity change from 0 to 256 [ 102.326939][ T4613] loop0: detected capacity change from 0 to 512 [ 102.337654][ T4269] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 102.367825][ T4603] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.54: error while reading EA inode 1 err=-117 [ 102.382850][ T22] usb 4-1: Using ep0 maxpacket: 16 [ 102.408054][ T4613] EXT4-fs (loop0): unsupported inode size: 264 [ 102.409127][ T22] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 33437, setting to 1024 [ 102.436880][ T4613] EXT4-fs (loop0): blocksize: 1024 [ 102.451888][ T22] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0xF has invalid maxpacket 1024 [ 102.455272][ T4603] EXT4-fs (loop1): 1 orphan inode deleted [ 102.466725][ T22] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 102.486910][ T4609] loop2: detected capacity change from 0 to 512 [ 102.487206][ T22] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 102.519475][ T4603] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 102.543719][ T4269] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 102.553911][ T22] usb 4-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87 [ 102.586841][ T22] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 102.641930][ T22] usb 4-1: Product: syz [ 102.671066][ T22] usb 4-1: Manufacturer: syz [ 102.690096][ T22] usb 4-1: SerialNumber: syz [ 102.732417][ T22] usb 4-1: config 0 descriptor?? [ 102.739656][ T4592] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 102.766363][ C1] port100 4-1:0.0: NFC: Urb failure (status -71) [ 102.773644][ T22] port100 4-1:0.0: NFC: Could not get supported command types [ 102.858455][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 103.024029][ T22] usb 4-1: USB disconnect, device number 2 [ 103.156483][ T4632] loop2: detected capacity change from 0 to 512 [ 103.242189][ T4632] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 103.312792][ T4632] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 103.330871][ T4632] EXT4-fs (loop2): 1 truncate cleaned up [ 103.343017][ T4632] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 104.022156][ T4636] syz.0.61 (4636): drop_caches: 2 [ 104.480602][ T4266] EXT4-fs (loop2): unmounting filesystem. [ 104.594228][ T4645] loop6: detected capacity change from 0 to 63 [ 104.669625][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 104.678972][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 104.762993][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 104.772120][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 104.780961][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 104.790116][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 104.801539][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 104.810717][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 105.028195][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 105.037409][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 105.065882][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 105.075098][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 105.839516][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 105.848738][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 105.919569][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 105.928776][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 105.974685][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 106.107153][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 106.128495][ T4645] ldm_validate_partition_table(): Disk read failed. [ 106.167257][ T4645] Dev loop6: unable to read RDB block 0 [ 106.613336][ T4645] loop6: unable to read partition table [ 106.653229][ T4645] loop_reread_partitions: partition scan of loop6 (3Ÿ ¾‚³˜) failed (rc=-5) [ 106.920003][ T4296] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 107.079019][ T3623] ldm_validate_partition_table(): Disk read failed. [ 107.087058][ T3623] Dev loop6: unable to read RDB block 0 [ 107.093650][ T3623] loop6: unable to read partition table [ 107.212988][ T4296] usb 3-1: Using ep0 maxpacket: 8 [ 107.222276][ T4296] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 107.235657][ T4673] loop0: detected capacity change from 0 to 1024 [ 107.262903][ T4296] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 107.286870][ T4296] usb 3-1: Product: syz [ 107.297761][ T4296] usb 3-1: Manufacturer: syz [ 107.303486][ T4673] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only. [ 107.336906][ T4296] usb 3-1: SerialNumber: syz [ 107.372408][ T4296] usb 3-1: config 0 descriptor?? [ 107.501727][ T4673] hfsplus: bad catalog entry used to create inode [ 108.469214][ T4296] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 108.531578][ T4688] syz.4.73 (4688): drop_caches: 2 [ 108.870866][ T4696] program syz.0.74 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 110.016956][ T4255] Bluetooth: hci0: unexpected cc 0x1004 length: 8 < 11 [ 110.103113][ T4715] sg_write: data in/out 28/14 bytes for SCSI command 0x0-- guessing data in; [ 110.103113][ T4715] program syz.4.80 not setting count and/or reply_len properly [ 110.122424][ T4296] dvb_usb_rtl28xxu: probe of 3-1:0.0 failed with error -71 [ 110.176013][ T4296] usb 3-1: USB disconnect, device number 2 [ 110.239867][ T1043] block nbd0: Attempted send on invalid socket [ 110.247382][ T1043] blk_print_req_error: 28 callbacks suppressed [ 110.247395][ T1043] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2 [ 110.268810][ T4714] XFS (nbd0): SB validate failed with error -5. [ 111.018165][ T4736] cgroup: No subsys list or none specified [ 112.785399][ T4748] syz.1.88 (4748): drop_caches: 2 [ 113.010465][ T4751] netlink: 8 bytes leftover after parsing attributes in process `syz.2.92'. [ 113.074204][ T4753] loop1: detected capacity change from 0 to 2048 [ 113.146686][ T4753] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 113.316073][ T4760] device gretap0 entered promiscuous mode [ 113.322172][ T4760] device vlan2 entered promiscuous mode [ 113.408985][ T4760] device gretap0 left promiscuous mode [ 113.531519][ T4764] loop0: detected capacity change from 0 to 4096 [ 113.575421][ T14] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 113.610192][ T4769] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 113.638673][ T27] audit: type=1800 audit(1742541965.486:2): pid=4764 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.96" name="file2" dev="loop0" ino=16 res=0 errno=0 [ 113.660541][ T4762] loop3: detected capacity change from 0 to 8192 [ 113.665926][ T4768] loop1: detected capacity change from 0 to 1024 [ 113.683833][ T14] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 113.895895][ T4768] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 113.911442][ T4299] kernel write not supported for file /uhid (pid: 4299 comm: kworker/1:5) [ 113.986776][ T4777] cgroup: No subsys list or none specified [ 114.580942][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 116.895451][ T4789] loop1: detected capacity change from 0 to 128 [ 116.902790][ T4789] FAT-fs (loop1): Unrecognized mount option "fowner<00000000000000000000" or missing value [ 117.162806][ T4303] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 117.245336][ T4546] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 117.357614][ T4794] loop0: detected capacity change from 0 to 256 [ 117.415767][ T4303] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 117.535602][ T4303] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 117.559770][ T4303] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 117.572879][ T4303] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 14129, setting to 64 [ 117.589214][ T4303] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 117.598720][ T4303] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 117.615918][ T4303] usb 3-1: Product: syz [ 117.631502][ T4303] usb 3-1: Manufacturer: syz [ 117.659980][ T4303] cdc_wdm 3-1:1.0: skipping garbage [ 117.671221][ T4303] cdc_wdm 3-1:1.0: skipping garbage [ 117.677276][ T4303] cdc_wdm: probe of 3-1:1.0 failed with error -22 [ 117.742850][ T4299] usb 1-1: new full-speed USB device number 2 using dummy_hcd [ 117.836340][ T4296] usb 3-1: USB disconnect, device number 3 [ 117.946453][ T4800] overlayfs: option "workdir=./file1" is useless in a non-upper mount, ignore [ 117.949519][ T4299] usb 1-1: config 0 has an invalid interface number: 206 but max is 1 [ 117.962876][ T4800] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 117.991609][ T4802] loop2: detected capacity change from 0 to 2048 [ 118.045958][ T4802] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 118.085768][ T4299] usb 1-1: config 0 has an invalid descriptor of length 181, skipping remainder of the config [ 118.177250][ T4299] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 118.213013][ T4299] usb 1-1: config 0 has no interface number 0 [ 118.219134][ T4299] usb 1-1: config 0 interface 206 altsetting 2 endpoint 0xB has invalid maxpacket 1024, setting to 64 [ 118.242906][ T4299] usb 1-1: config 0 interface 206 altsetting 2 endpoint 0xD has invalid maxpacket 1023, setting to 64 [ 118.278700][ T4299] usb 1-1: config 0 interface 206 altsetting 2 endpoint 0x8C has invalid maxpacket 27768, setting to 64 [ 118.300890][ T4299] usb 1-1: config 0 interface 206 altsetting 2 has 5 endpoint descriptors, different from the interface descriptor's value: 7 [ 118.314280][ T4299] usb 1-1: config 0 interface 206 has no altsetting 0 [ 118.343960][ T4299] usb 1-1: New USB device found, idVendor=0499, idProduct=1007, bcdDevice=df.8f [ 118.363955][ T4299] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 118.397127][ T4299] usb 1-1: Product: syz [ 118.401462][ T4299] usb 1-1: Manufacturer: syz [ 118.411626][ T4299] usb 1-1: SerialNumber: syz [ 118.423980][ T4303] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 118.432200][ T4299] usb 1-1: config 0 descriptor?? [ 118.589447][ T4794] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 118.598081][ T4794] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 118.616775][ T4303] usb 2-1: Using ep0 maxpacket: 32 [ 118.626407][ T4303] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 118.683591][ T4303] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 118.703592][ T4815] cgroup: No subsys list or none specified [ 118.915878][ T4303] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 118.976423][ T4303] usb 2-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 119.045763][ T4303] usb 2-1: Product: syz [ 119.079845][ T4303] usb 2-1: Manufacturer: syz [ 119.247290][ T4303] hub 2-1:4.0: USB hub found [ 119.404750][ T4818] loop3: detected capacity change from 0 to 128 [ 119.412105][ T4818] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 119.443550][ T4804] loop1: detected capacity change from 0 to 512 [ 119.450468][ T4804] EXT4-fs: Ignoring removed nomblk_io_submit option [ 119.462349][ T4818] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 119.493366][ T4299] usb 1-1: USB disconnect, device number 2 [ 119.568307][ T4804] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #2: comm syz.1.108: missing EA_INODE flag [ 119.587819][ T4804] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.108: error while reading EA inode 2 err=-117 [ 119.600844][ T4804] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2809: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 119.623038][ T4804] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #2: comm syz.1.108: missing EA_INODE flag [ 119.684474][ T4804] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.108: error while reading EA inode 2 err=-117 [ 119.708362][ T4804] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.108: inode #65536: comm syz.1.108: iget: illegal inode # [ 119.784677][ T4824] udevd[4824]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.206/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 119.805912][ T4804] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.108: error while reading EA inode 65536 err=-117 [ 119.855178][ T4804] EXT4-fs (loop1): 1 orphan inode deleted [ 119.860986][ T4804] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 119.922377][ T4303] hub 2-1:4.0: 15 ports detected [ 119.933088][ T4303] hub 2-1:4.0: insufficient power available to use all downstream ports [ 120.060329][ T4835] loop4: detected capacity change from 0 to 2048 [ 120.073234][ T4834] overlayfs: option "workdir=./file1" is useless in a non-upper mount, ignore [ 120.082123][ T4834] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 120.122803][ T4835] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 120.138370][ T4303] hub 2-1:4.0: hub_hub_status failed (err = -71) [ 120.156185][ T4303] hub 2-1:4.0: config failed, can't get hub status (err -71) [ 120.186587][ T4299] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 120.233660][ T4303] usb 2-1: USB disconnect, device number 2 [ 120.554632][ T4299] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 120.575234][ T4299] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 120.585740][ T4299] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 120.594977][ T4299] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 14129, setting to 64 [ 120.612117][ T4299] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 120.639595][ T4844] ptrace attach of "./syz-executor exec"[4262] was attempted by "./syz-executor exec"[4844] [ 120.713038][ T4844] sp0: Synchronizing with TNC [ 120.867854][ T4299] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 120.972851][ T4255] Bluetooth: hci4: command 0x0405 tx timeout [ 121.137518][ T4299] usb 3-1: Product: syz [ 121.185952][ T4299] usb 3-1: Manufacturer: syz [ 121.227308][ T4299] cdc_wdm 3-1:1.0: skipping garbage [ 121.239064][ T4299] cdc_wdm 3-1:1.0: skipping garbage [ 121.244672][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 121.387206][ T4299] cdc_wdm: probe of 3-1:1.0 failed with error -22 [ 121.438270][ T4831] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 121.594439][ T4831] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 121.624395][ T4854] cgroup: No subsys list or none specified [ 121.894072][ T4859] loop4: detected capacity change from 0 to 128 [ 121.987211][ T4855] syz.3.125 (4855): drop_caches: 2 [ 122.185408][ T4859] loop4: detected capacity change from 0 to 32768 [ 122.243436][ T4859] XFS (loop4): Mounting V5 Filesystem [ 122.449251][ T4859] XFS (loop4): Ending clean mount [ 122.474044][ T4859] process 'syz.4.127' launched './file0/file0' with NULL argv: empty string added [ 122.533233][ T4262] XFS (loop4): Unmounting Filesystem [ 122.732805][ T4298] usb 2-1: new full-speed USB device number 3 using dummy_hcd [ 122.954528][ T4298] usb 2-1: config 1 interface 0 has no altsetting 0 [ 122.971848][ T4298] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 122.996501][ T4296] usb 3-1: USB disconnect, device number 4 [ 123.024155][ T4298] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 123.063159][ T4298] usb 2-1: Product: syz [ 123.082775][ T4298] usb 2-1: Manufacturer: syz [ 123.111446][ T4298] usb 2-1: SerialNumber: syz [ 124.018801][ T4298] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 3 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8 [ 124.521817][ T4882] overlayfs: option "workdir=./file1" is useless in a non-upper mount, ignore [ 124.540095][ T4882] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 124.557167][ T4884] loop4: detected capacity change from 0 to 2048 [ 124.621732][ T4884] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 124.866259][ T4888] netlink: 28 bytes leftover after parsing attributes in process `syz.0.134'. [ 124.875803][ T4888] netlink: 28 bytes leftover after parsing attributes in process `syz.0.134'. [ 124.950956][ T4888] device netdevsim0 entered promiscuous mode [ 124.951767][ T4892] loop4: detected capacity change from 0 to 1024 [ 124.976562][ T4888] device erspan0 entered promiscuous mode [ 125.033566][ T1185] IPv6: ADDRCONF(NETDEV_CHANGE): hsr1: link becomes ready [ 125.378648][ T4897] cgroup: No subsys list or none specified [ 125.378910][ T4395] hfsplus: b-tree write err: -5, ino 4 [ 125.486119][ T7] usb 2-1: USB disconnect, device number 3 [ 125.502091][ T7] usblp0: removed [ 126.473511][ T4300] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 126.885362][ T4919] overlayfs: missing 'workdir' [ 126.895086][ T4300] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 126.940966][ T4300] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 126.995195][ T4300] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 127.015717][ T4300] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 14129, setting to 64 [ 127.113479][ T4300] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 127.122569][ T4300] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 127.219386][ T4924] loop3: detected capacity change from 0 to 2048 [ 127.229417][ T4300] usb 5-1: Product: syz [ 127.262188][ T4924] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 127.282653][ T4300] usb 5-1: Manufacturer: syz [ 127.311165][ T4300] cdc_wdm 5-1:1.0: skipping garbage [ 127.344818][ T4300] cdc_wdm 5-1:1.0: skipping garbage [ 127.358517][ T4300] cdc_wdm: probe of 5-1:1.0 failed with error -22 [ 128.230655][ T4903] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 128.240659][ T4903] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 128.885137][ T4942] loop3: detected capacity change from 0 to 4096 [ 128.906938][ T4942] EXT4-fs: Ignoring removed nobh option [ 129.107038][ T4948] sp0: Synchronizing with TNC [ 129.679594][ T4942] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 129.821386][ T14] usb 5-1: USB disconnect, device number 2 [ 129.891164][ T4942] Quota error (device loop3): find_block_dqentry: Quota for id 0 referenced but not present [ 129.972946][ T4942] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0 [ 129.982499][ T4942] EXT4-fs error (device loop3): ext4_acquire_dquot:6795: comm syz.3.153: Failed to acquire dquot type 1 [ 129.996087][ T4956] overlayfs: missing 'workdir' [ 130.273016][ T4300] usb 2-1: new full-speed USB device number 4 using dummy_hcd [ 130.661890][ T4300] usb 2-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43 [ 130.740640][ T4300] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 130.772417][ T4963] bridge0: port 2(bridge_slave_1) entered disabled state [ 130.809212][ T4300] usb 2-1: config 0 descriptor?? [ 130.822048][ T4300] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 130.831943][ T4256] EXT4-fs (loop3): unmounting filesystem. [ 130.842130][ T4963] netlink: 4 bytes leftover after parsing attributes in process `syz.4.159'. [ 130.898153][ T4963] bridge0: port 1(bridge_slave_0) entered disabled state [ 131.638441][ T4300] gp8psk: usb out operation failed. [ 131.644085][ T4300] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 131.696563][ T4300] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 131.707281][ T4300] usb 2-1: USB disconnect, device number 4 [ 131.742620][ T4963] device bridge_slave_0 left promiscuous mode [ 131.783973][ T4963] bridge0: port 1(bridge_slave_0) entered disabled state [ 132.098318][ T4981] netlink: 4 bytes leftover after parsing attributes in process `syz.0.166'. [ 132.202018][ T4981] loop0: detected capacity change from 0 to 256 [ 132.372809][ T4303] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 132.482777][ T14] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 132.575909][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.582245][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.615403][ T4303] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 132.654519][ T4303] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 132.692878][ T14] usb 3-1: Using ep0 maxpacket: 8 [ 132.702837][ T14] usb 3-1: unable to get BOS descriptor or descriptor too short [ 132.717703][ T4303] usb 5-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 132.739405][ T14] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xEE, skipping [ 132.783231][ T4303] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 132.791337][ T14] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 132.836102][ T4303] usb 5-1: config 0 descriptor?? [ 132.841180][ T14] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0xC has invalid maxpacket 1 [ 132.864282][ T14] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 132.879460][ T14] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xAC, skipping [ 132.919262][ T14] usb 3-1: New USB device found, idVendor=0763, idProduct=1002, bcdDevice=5f.84 [ 132.961223][ T14] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 132.982840][ T14] usb 3-1: Product: syz [ 132.987170][ T14] usb 3-1: Manufacturer: syz [ 133.011116][ T14] usb 3-1: SerialNumber: syz [ 133.053935][ T14] usb 3-1: config 0 descriptor?? [ 133.064315][ T4985] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 133.178205][ T4991] sp0: Synchronizing with TNC [ 133.818154][ T4303] arvo 0003:1E7D:30D4.0002: unknown main item tag 0x0 [ 133.834500][ T4303] arvo 0003:1E7D:30D4.0002: report_id 0 is invalid [ 133.841046][ T4303] arvo 0003:1E7D:30D4.0002: item 0 0 1 8 parsing failed [ 133.962277][ T4303] arvo 0003:1E7D:30D4.0002: parse failed [ 133.977279][ T14] snd-usb-audio: probe of 3-1:0.0 failed with error -2 [ 133.984237][ T4303] arvo: probe of 0003:1E7D:30D4.0002 failed with error -22 [ 134.026654][ T26] usb 3-1: USB disconnect, device number 5 [ 134.045768][ T4297] usb 5-1: USB disconnect, device number 3 [ 134.090744][ T4997] overlayfs: missing 'workdir' [ 134.262874][ T4300] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 134.294208][ T4546] udevd[4546]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 134.389251][ T5001] loop1: detected capacity change from 0 to 4096 [ 134.454387][ T4300] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 134.483065][ T4300] usb 1-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 134.501815][ T4300] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 134.511264][ T4300] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 14129, setting to 64 [ 134.513249][ T14] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 134.551768][ T4300] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 134.564335][ T4300] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 134.572350][ T4300] usb 1-1: Product: syz [ 134.582841][ T4300] usb 1-1: Manufacturer: syz [ 134.608355][ T4300] cdc_wdm 1-1:1.0: skipping garbage [ 134.620754][ T4300] cdc_wdm 1-1:1.0: skipping garbage [ 134.627323][ T4300] cdc_wdm: probe of 1-1:1.0 failed with error -22 [ 134.715151][ T14] usb 4-1: Using ep0 maxpacket: 16 [ 134.727358][ T14] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 134.845080][ T14] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 134.970874][ T4995] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 135.020101][ T14] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 135.085954][ T4995] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 135.150325][ T14] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 135.328716][ T14] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 135.404137][ T14] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 135.475897][ T14] usb 4-1: Product: syz [ 135.501728][ T14] usb 4-1: Manufacturer: syz [ 135.529684][ T14] usb 4-1: SerialNumber: syz [ 135.852887][ T4252] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 135.901483][ T5020] netlink: 4 bytes leftover after parsing attributes in process `syz.2.180'. [ 135.918072][ T5020] loop2: detected capacity change from 0 to 256 [ 135.996593][ T14] usb 4-1: 2:1 : no or invalid class specific endpoint descriptor [ 136.017394][ T14] usb 4-1: 2:1 : format type 0 is detected, processed as PCM [ 136.043302][ T4252] usb 2-1: Using ep0 maxpacket: 8 [ 136.053095][ T4252] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 136.084820][ T4252] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 136.106232][ T4252] usb 2-1: Product: syz [ 136.116565][ T4252] usb 2-1: Manufacturer: syz [ 136.137295][ T4252] usb 2-1: SerialNumber: syz [ 136.156478][ T4252] usb 2-1: config 0 descriptor?? [ 136.483061][ T4252] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 136.581262][ T5024] ptrace attach of "./syz-executor exec"[4266] was attempted by "./syz-executor exec"[5024] [ 136.624827][ T5024] sp0: Synchronizing with TNC [ 137.380273][ T14] usb 1-1: USB disconnect, device number 3 [ 137.538873][ T5029] loop0: detected capacity change from 0 to 1024 [ 137.551080][ T5029] EXT4-fs: Ignoring removed orlov option [ 137.557266][ T5029] EXT4-fs: Ignoring removed nomblk_io_submit option [ 137.660269][ T14] usb 4-1: USB disconnect, device number 3 [ 137.675052][ T5029] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 137.721374][ T5032] loop2: detected capacity change from 0 to 4096 [ 137.814670][ T5038] loop3: detected capacity change from 0 to 4096 [ 138.297304][ T4260] EXT4-fs (loop0): unmounting filesystem. [ 138.318922][ T4252] dvb_usb_rtl28xxu: probe of 2-1:0.0 failed with error -71 [ 138.335179][ T4252] usb 2-1: USB disconnect, device number 5 [ 139.507815][ T5055] netlink: 4 bytes leftover after parsing attributes in process `syz.3.191'. [ 139.542426][ T5055] loop3: detected capacity change from 0 to 256 [ 139.633354][ T5059] loop2: detected capacity change from 0 to 1024 [ 139.753226][ T4296] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 139.762371][ T4319] hfsplus: b-tree write err: -5, ino 4 [ 139.966556][ T4296] usb 1-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 140.052790][ T4296] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 140.129606][ T5063] ptrace attach of "./syz-executor exec"[4266] was attempted by "./syz-executor exec"[5063] [ 140.171189][ T5063] sp0: Synchronizing with TNC [ 140.812790][ T4296] usb 1-1: Product: syz [ 140.831245][ T4296] usb 1-1: Manufacturer: syz [ 140.852809][ T4296] usb 1-1: SerialNumber: syz [ 140.909340][ T4296] usb 1-1: config 0 descriptor?? [ 140.957403][ T5065] loop4: detected capacity change from 0 to 1764 [ 141.349224][ T5075] loop4: detected capacity change from 0 to 4096 [ 141.362810][ T4299] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 141.573111][ T4299] usb 4-1: Using ep0 maxpacket: 32 [ 141.584265][ T4299] usb 4-1: config 0 has an invalid interface number: 16 but max is 0 [ 141.593593][ T22] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 141.605121][ T4299] usb 4-1: config 0 has no interface number 0 [ 141.611510][ T4257] Bluetooth: Frame is too long (len 12, expected len 4) [ 141.618979][ T4299] usb 4-1: config 0 interface 16 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8 [ 141.631934][ T4299] usb 4-1: New USB device found, idVendor=0499, idProduct=102a, bcdDevice=85.2d [ 141.641161][ T4299] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 141.649520][ T4299] usb 4-1: Product: syz [ 141.654671][ T4299] usb 4-1: Manufacturer: syz [ 141.660106][ T4299] usb 4-1: SerialNumber: syz [ 141.667186][ T4299] usb 4-1: config 0 descriptor?? [ 141.672981][ T5067] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 141.695685][ T4296] usb 1-1: Firmware: major: 0, minor: 0, hardware type: ATUSB (0) [ 141.707510][ T4296] usb 1-1: Firmware version (0.0) predates our first public release. [ 141.720027][ T4296] usb 1-1: Please update to version 0.2 or newer [ 141.812822][ T22] usb 2-1: Using ep0 maxpacket: 32 [ 141.822154][ T22] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 141.842744][ T22] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 141.853091][ T4297] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 141.874777][ T22] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 141.888072][ T22] usb 2-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 141.894554][ T4252] usb 4-1: USB disconnect, device number 4 [ 141.912231][ T22] usb 2-1: Product: syz [ 141.953151][ T22] usb 2-1: Manufacturer: syz [ 141.971778][ T22] hub 2-1:4.0: USB hub found [ 142.012901][ T4296] usb 1-1: USB disconnect, device number 4 [ 142.062883][ T4297] usb 5-1: Using ep0 maxpacket: 8 [ 142.086528][ T4297] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 142.100290][ T4297] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 142.112428][ T4297] usb 5-1: Product: syz [ 142.117000][ T4297] usb 5-1: Manufacturer: syz [ 142.122251][ T4297] usb 5-1: SerialNumber: syz [ 142.141051][ T4297] usb 5-1: config 0 descriptor?? [ 142.184040][ T5077] loop1: detected capacity change from 0 to 512 [ 142.192137][ T5077] EXT4-fs: Ignoring removed nomblk_io_submit option [ 142.205198][ T5077] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #2: comm syz.1.201: missing EA_INODE flag [ 142.217563][ T5077] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.201: error while reading EA inode 2 err=-117 [ 142.230699][ T5077] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #2: comm syz.1.201: missing EA_INODE flag [ 142.245106][ T5077] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.201: error while reading EA inode 2 err=-117 [ 142.257796][ T5077] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.201: inode #65536: comm syz.1.201: iget: illegal inode # [ 142.271525][ T5077] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.201: error while reading EA inode 65536 err=-117 [ 142.286288][ T5077] EXT4-fs (loop1): 1 orphan inode deleted [ 142.292177][ T5077] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 142.306516][ T22] hub 2-1:4.0: 15 ports detected [ 142.311942][ T22] hub 2-1:4.0: insufficient power available to use all downstream ports [ 142.351929][ T4297] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 142.521688][ T22] hub 2-1:4.0: hub_hub_status failed (err = -71) [ 142.533779][ T22] hub 2-1:4.0: config failed, can't get hub status (err -71) [ 142.593503][ T22] usb 2-1: USB disconnect, device number 6 [ 142.823004][ T4298] usb 4-1: new full-speed USB device number 5 using dummy_hcd [ 142.871485][ T5096] netlink: 4 bytes leftover after parsing attributes in process `syz.0.208'. [ 142.906185][ T5096] loop0: detected capacity change from 0 to 256 [ 143.017582][ T4298] usb 4-1: config 0 has an invalid interface number: 107 but max is 0 [ 143.032757][ T4298] usb 4-1: config 0 has no interface number 0 [ 143.038887][ T4298] usb 4-1: config 0 interface 107 altsetting 0 endpoint 0x88 has invalid maxpacket 65535, setting to 64 [ 143.095294][ T4298] usb 4-1: New USB device found, idVendor=06cd, idProduct=0131, bcdDevice=16.60 [ 143.123908][ T4298] usb 4-1: New USB device strings: Mfr=175, Product=2, SerialNumber=3 [ 143.132109][ T4298] usb 4-1: Product: syz [ 143.162861][ T4298] usb 4-1: Manufacturer: syz [ 143.167517][ T4298] usb 4-1: SerialNumber: syz [ 143.184124][ T4298] usb 4-1: config 0 descriptor?? [ 143.189847][ T5092] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 143.208667][ T4298] keyspan 4-1:0.107: Keyspan 4 port adapter converter detected [ 143.234486][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 143.253423][ T4298] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 81 [ 143.283432][ T4298] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 1 [ 143.299232][ T4298] usb 4-1: Keyspan 4 port adapter converter now attached to ttyUSB0 [ 143.310807][ T4298] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 2 [ 143.319973][ T4298] usb 4-1: Keyspan 4 port adapter converter now attached to ttyUSB1 [ 143.329870][ T4298] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 4 [ 143.338852][ T4298] usb 4-1: Keyspan 4 port adapter converter now attached to ttyUSB2 [ 143.359344][ T4298] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 6 [ 143.372135][ T4298] usb 4-1: Keyspan 4 port adapter converter now attached to ttyUSB3 [ 143.621902][ T5100] ptrace attach of "./syz-executor exec"[4266] was attempted by "./syz-executor exec"[5100] [ 143.670960][ T5100] sp0: Synchronizing with TNC [ 143.818501][ T4297] dvb_usb_rtl28xxu: probe of 5-1:0.0 failed with error -71 [ 144.060336][ T4296] usb 4-1: USB disconnect, device number 5 [ 144.200920][ T4297] usb 5-1: USB disconnect, device number 4 [ 144.255459][ T4296] keyspan_4 ttyUSB0: Keyspan 4 port adapter converter now disconnected from ttyUSB0 [ 144.307920][ T4296] keyspan_4 ttyUSB1: Keyspan 4 port adapter converter now disconnected from ttyUSB1 [ 144.343690][ T4296] keyspan_4 ttyUSB2: Keyspan 4 port adapter converter now disconnected from ttyUSB2 [ 144.373279][ T4296] keyspan_4 ttyUSB3: Keyspan 4 port adapter converter now disconnected from ttyUSB3 [ 144.470064][ T4296] keyspan 4-1:0.107: device disconnected [ 144.596892][ T27] audit: type=1326 audit(1742541996.446:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5107 comm="syz.2.213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cfe38d169 code=0x7ffc0000 [ 144.670661][ T27] audit: type=1326 audit(1742541996.496:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5107 comm="syz.2.213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0cfe38d169 code=0x7ffc0000 [ 144.708364][ T27] audit: type=1326 audit(1742541996.496:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5107 comm="syz.2.213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cfe38d169 code=0x7ffc0000 [ 144.840651][ T27] audit: type=1326 audit(1742541996.496:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5107 comm="syz.2.213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cfe38d169 code=0x7ffc0000 [ 144.941295][ T27] audit: type=1326 audit(1742541996.496:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5107 comm="syz.2.213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f0cfe38d169 code=0x7ffc0000 [ 145.045884][ T27] audit: type=1326 audit(1742541996.496:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5107 comm="syz.2.213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cfe38d169 code=0x7ffc0000 [ 145.060979][ T5119] loop3: detected capacity change from 0 to 256 [ 145.264170][ T27] audit: type=1326 audit(1742541996.496:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5107 comm="syz.2.213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cfe38d169 code=0x7ffc0000 [ 145.317764][ T27] audit: type=1326 audit(1742541996.506:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5107 comm="syz.2.213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0cfe38d169 code=0x7ffc0000 [ 145.449104][ T5125] loop4: detected capacity change from 0 to 128 [ 145.461290][ T5125] FAT-fs (loop4): Unrecognized mount option "fowner<00000000000000000000" or missing value [ 145.516701][ T27] audit: type=1326 audit(1742541996.506:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5107 comm="syz.2.213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cfe38d169 code=0x7ffc0000 [ 145.699133][ T4300] usb 4-1: new full-speed USB device number 6 using dummy_hcd [ 145.949786][ T27] audit: type=1326 audit(1742541996.506:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5107 comm="syz.2.213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cfe38d169 code=0x7ffc0000 [ 146.174484][ T4300] usb 4-1: config 0 has an invalid interface number: 206 but max is 1 [ 146.203423][ T4300] usb 4-1: config 0 has an invalid descriptor of length 181, skipping remainder of the config [ 146.213638][ T5131] netlink: 4 bytes leftover after parsing attributes in process `syz.0.221'. [ 146.249532][ T4300] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 146.268769][ T4300] usb 4-1: config 0 has no interface number 0 [ 146.275064][ T4300] usb 4-1: config 0 interface 206 altsetting 2 endpoint 0xB has invalid maxpacket 1024, setting to 64 [ 146.296516][ T4300] usb 4-1: config 0 interface 206 altsetting 2 endpoint 0xD has invalid maxpacket 1023, setting to 64 [ 146.317991][ T4300] usb 4-1: config 0 interface 206 altsetting 2 endpoint 0x8C has invalid maxpacket 27768, setting to 64 [ 146.350144][ T4300] usb 4-1: config 0 interface 206 altsetting 2 has 5 endpoint descriptors, different from the interface descriptor's value: 7 [ 146.372738][ T4300] usb 4-1: config 0 interface 206 has no altsetting 0 [ 146.394160][ T4300] usb 4-1: New USB device found, idVendor=0499, idProduct=1007, bcdDevice=df.8f [ 146.542898][ T5131] loop0: detected capacity change from 0 to 256 [ 146.550503][ T4300] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 146.568275][ T4300] usb 4-1: Product: syz [ 146.572586][ T4300] usb 4-1: Manufacturer: syz [ 146.592658][ T5137] loop4: detected capacity change from 0 to 128 [ 146.601589][ T4300] usb 4-1: SerialNumber: syz [ 146.739656][ T5137] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 146.775926][ T5137] ext4 filesystem being mounted at /39/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 146.796172][ T4300] usb 4-1: config 0 descriptor?? [ 146.802005][ T5119] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 146.815201][ T5119] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 146.917004][ T5142] ptrace attach of "./syz-executor exec"[4266] was attempted by "./syz-executor exec"[5142] [ 146.968902][ T5142] sp0: Synchronizing with TNC [ 147.498790][ T4300] usb 4-1: USB disconnect, device number 6 [ 147.654393][ T5147] loop0: detected capacity change from 0 to 512 [ 147.671975][ T5147] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 147.729008][ T5147] EXT4-fs (loop0): 1 truncate cleaned up [ 147.738762][ T5147] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 147.773472][ T5103] udevd[5103]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.206/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 147.807864][ T4262] EXT4-fs (loop4): unmounting filesystem. [ 147.894216][ T4260] EXT4-fs (loop0): unmounting filesystem. [ 148.184294][ T5163] loop0: detected capacity change from 0 to 512 [ 148.347049][ T5163] EXT4-fs error (device loop0): ext4_do_update_inode:5224: inode #16: comm syz.0.232: corrupted inode contents [ 148.532909][ T5163] EXT4-fs error (device loop0): ext4_dirty_inode:6089: inode #16: comm syz.0.232: mark_inode_dirty error [ 148.706771][ T5163] EXT4-fs error (device loop0): ext4_do_update_inode:5224: inode #16: comm syz.0.232: corrupted inode contents [ 148.753800][ T5163] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #16: comm syz.0.232: mark_inode_dirty error [ 148.802877][ T5172] netlink: 4 bytes leftover after parsing attributes in process `syz.4.235'. [ 148.939657][ T5163] EXT4-fs error (device loop0): ext4_do_update_inode:5224: inode #16: comm syz.0.232: corrupted inode contents [ 148.955734][ T5163] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 148.965076][ T5163] EXT4-fs error (device loop0): ext4_do_update_inode:5224: inode #16: comm syz.0.232: corrupted inode contents [ 148.985572][ T5172] loop4: detected capacity change from 0 to 256 [ 149.014757][ T5163] EXT4-fs error (device loop0): ext4_truncate:4311: inode #16: comm syz.0.232: mark_inode_dirty error [ 149.027598][ T5163] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 149.086274][ T5176] ptrace attach of "./syz-executor exec"[4266] was attempted by "./syz-executor exec"[5176] [ 149.127324][ T5176] sp0: Synchronizing with TNC [ 149.544828][ T5163] EXT4-fs (loop0): 1 truncate cleaned up [ 149.764466][ T4395] __quota_error: 3 callbacks suppressed [ 149.764483][ T4395] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 149.782888][ T5163] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 149.817678][ T5163] ext4 filesystem being mounted at /51/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 149.829542][ T4395] EXT4-fs error (device loop0): ext4_release_dquot:6818: comm kworker/u4:10: Failed to release dquot type 1 [ 149.993711][ T5163] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 150.005526][ T5163] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 150.015920][ T5163] EXT4-fs error (device loop0): ext4_acquire_dquot:6795: comm syz.0.232: Failed to acquire dquot type 1 [ 150.043363][ T5163] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 150.055209][ T5163] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 150.065316][ T5163] EXT4-fs error (device loop0): ext4_acquire_dquot:6795: comm syz.0.232: Failed to acquire dquot type 1 [ 150.090854][ T5179] loop2: detected capacity change from 0 to 64 [ 150.152841][ T4260] EXT4-fs (loop0): unmounting filesystem. [ 150.231841][ T5179] overlayfs: upper fs needs to support d_type. [ 150.250638][ T5179] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 150.278332][ T5179] overlayfs: failed to set xattr on upper [ 150.307227][ T5182] loop0: detected capacity change from 0 to 512 [ 150.317175][ T5179] overlayfs: ...falling back to index=off,metacopy=off. [ 150.345840][ T5182] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 150.413851][ T5182] EXT4-fs (loop0): 1 truncate cleaned up [ 150.420319][ T5182] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 150.470774][ T4266] Trying to free block not in datazone [ 150.509792][ T4260] EXT4-fs (loop0): unmounting filesystem. [ 150.528255][ T4266] Trying to free block not in datazone [ 150.588059][ T4266] Trying to free block not in datazone [ 150.613282][ T4266] Trying to free block not in datazone [ 150.618846][ T4266] Trying to free block not in datazone [ 150.636056][ T4266] minix_free_block (loop2:6): bit already cleared [ 150.658255][ T4266] Trying to free block not in datazone [ 150.677449][ T4266] Trying to free block not in datazone [ 150.924469][ T5205] loop3: detected capacity change from 0 to 16 [ 151.091486][ T5205] erofs: Unknown parameter '0000000000000000000001777777777777777777777ÿÿ0xffffffffffffffffÿÿ' [ 153.080481][ T5230] ptrace attach of "./syz-executor exec"[4262] was attempted by "./syz-executor exec"[5230] [ 153.123896][ T5230] sp0: Synchronizing with TNC [ 153.182658][ T5232] cgroup: No subsys list or none specified [ 154.371394][ T5246] loop4: detected capacity change from 0 to 128 [ 154.381718][ T5246] FAT-fs (loop4): Unrecognized mount option "fowner<00000000000000000000" or missing value [ 157.414316][ T5277] ptrace attach of "./syz-executor exec"[4251] was attempted by "./syz-executor exec"[5277] [ 157.431813][ T5277] sp0: Synchronizing with TNC [ 158.152821][ T4295] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 158.327187][ T4295] usb 5-1: device descriptor read/64, error -71 [ 158.445813][ T5264] loop0: detected capacity change from 0 to 32768 [ 158.652844][ T4295] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 158.704428][ T5264] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 158.832974][ T4295] usb 5-1: device descriptor read/64, error -71 [ 158.973011][ T4295] usb usb5-port1: attempt power cycle [ 159.213970][ T4260] ocfs2: Unmounting device (7,0) on (node local) [ 159.772550][ T5308] loop1: detected capacity change from 0 to 512 [ 159.797368][ T5308] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 159.801770][ T5302] kvm: pic: non byte read [ 159.823444][ T5302] kvm: pic: level sensitive irq not supported [ 159.823556][ T5302] kvm: pic: non byte read [ 160.013453][ T5308] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 160.040223][ T5308] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002] [ 160.064927][ T5308] System zones: 0-1, 15-15, 18-18, 34-34 [ 160.100583][ T5308] EXT4-fs (loop1): orphan cleanup on readonly fs [ 160.264871][ T5317] loop0: detected capacity change from 0 to 128 [ 160.274993][ T5317] FAT-fs (loop0): Unrecognized mount option "fowner<00000000000000000000" or missing value [ 160.456056][ T5308] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=0 [ 160.682094][ T5308] EXT4-fs warning (device loop1): ext4_enable_quotas:7030: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 160.792910][ T5308] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 160.832821][ T5308] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.278: bg 0: block 40: padding at end of block bitmap is not set [ 161.034687][ T5308] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 161.081303][ T5308] EXT4-fs (loop1): 1 truncate cleaned up [ 161.111705][ T5308] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 161.394322][ T4298] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 161.635967][ T4298] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 161.708313][ T4298] usb 1-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 161.993721][ T4298] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 162.003177][ T4298] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 14129, setting to 64 [ 162.029358][ T4298] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 162.224896][ T5328] EXT4-fs error (device loop1): ext4_encrypted_get_link:46: inode #16: comm syz.1.278: bad symlink. [ 162.693350][ T4298] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 162.701471][ T4298] usb 1-1: Product: syz [ 162.713577][ T4298] usb 1-1: Manufacturer: syz [ 162.737839][ T4298] cdc_wdm 1-1:1.0: skipping garbage [ 162.756560][ T4298] cdc_wdm 1-1:1.0: skipping garbage [ 162.761933][ T4298] cdc_wdm: probe of 1-1:1.0 failed with error -22 [ 162.890465][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 163.488038][ T5338] cgroup: No subsys list or none specified [ 163.658192][ T5341] loop1: detected capacity change from 0 to 256 [ 163.972807][ T4295] usb 2-1: new full-speed USB device number 7 using dummy_hcd [ 163.982986][ T4299] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 164.101382][ T5346] syz.2.287 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 164.153197][ T4299] usb 4-1: device descriptor read/64, error -71 [ 164.199833][ T4295] usb 2-1: config 0 has an invalid interface number: 206 but max is 1 [ 164.238143][ T4295] usb 2-1: config 0 has an invalid descriptor of length 181, skipping remainder of the config [ 164.442918][ T4299] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 164.470173][ T4295] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 164.562236][ T4295] usb 2-1: config 0 has no interface number 0 [ 164.606481][ T4295] usb 2-1: config 0 interface 206 altsetting 2 endpoint 0xB has invalid maxpacket 1024, setting to 64 [ 164.622780][ T4299] usb 4-1: device descriptor read/64, error -71 [ 164.638086][ T4295] usb 2-1: config 0 interface 206 altsetting 2 endpoint 0xD has invalid maxpacket 1023, setting to 64 [ 164.663091][ T4295] usb 2-1: config 0 interface 206 altsetting 2 endpoint 0x8C has invalid maxpacket 27768, setting to 64 [ 164.682747][ T4295] usb 2-1: config 0 interface 206 altsetting 2 has 5 endpoint descriptors, different from the interface descriptor's value: 7 [ 164.727416][ T4295] usb 2-1: config 0 interface 206 has no altsetting 0 [ 164.738033][ T4303] usb 1-1: USB disconnect, device number 5 [ 164.745518][ T4295] usb 2-1: New USB device found, idVendor=0499, idProduct=1007, bcdDevice=df.8f [ 164.763052][ T4299] usb usb4-port1: attempt power cycle [ 164.778763][ T4295] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 164.808963][ T4295] usb 2-1: Product: syz [ 164.829110][ T4295] usb 2-1: Manufacturer: syz [ 164.834153][ T4295] usb 2-1: SerialNumber: syz [ 164.863534][ T4295] usb 2-1: config 0 descriptor?? [ 164.869950][ T5341] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 164.897072][ T5341] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 165.260946][ T5360] loop2: detected capacity change from 0 to 128 [ 165.271397][ T5360] FAT-fs (loop2): Unrecognized mount option "fowner<00000000000000000000" or missing value [ 165.362933][ T4299] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 165.438223][ T4299] usb 4-1: device descriptor read/8, error -71 [ 165.812983][ T4299] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 165.861763][ T4295] usb 2-1: USB disconnect, device number 7 [ 166.035225][ T4299] usb 4-1: device descriptor read/8, error -71 [ 166.145752][ T5103] udevd[5103]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.206/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 166.789326][ T4299] usb usb4-port1: unable to enumerate USB device [ 167.368702][ T5378] loop1: detected capacity change from 0 to 128 [ 167.379269][ T5378] FAT-fs (loop1): Unrecognized mount option "fowner<00000000000000000000" or missing value [ 168.464357][ T4299] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 168.681735][ T5388] loop1: detected capacity change from 0 to 2048 [ 168.702862][ T4299] usb 5-1: Using ep0 maxpacket: 8 [ 168.713384][ T4299] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 168.743098][ T4299] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 168.751384][ T4299] usb 5-1: Product: syz [ 168.775976][ T4299] usb 5-1: Manufacturer: syz [ 168.780609][ T4299] usb 5-1: SerialNumber: syz [ 168.788429][ T5388] Alternate GPT is invalid, using primary GPT. [ 168.818056][ T5388] loop1: p1 p2 p3 [ 168.823237][ T4299] usb 5-1: config 0 descriptor?? [ 169.049392][ T4299] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 169.377723][ T5396] syz.1.300 (5396): drop_caches: 2 [ 170.906740][ T4299] dvb_usb_rtl28xxu: probe of 5-1:0.0 failed with error -71 [ 170.947837][ T4299] usb 5-1: USB disconnect, device number 8 [ 171.054246][ T5404] loop3: detected capacity change from 0 to 512 [ 171.079452][ T5404] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 171.152855][ T5404] EXT4-fs (loop3): 1 truncate cleaned up [ 171.158944][ T5404] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 171.470500][ T4256] EXT4-fs (loop3): unmounting filesystem. [ 172.186356][ T5423] loop4: detected capacity change from 0 to 256 [ 172.442834][ T4303] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 173.208478][ T5431] loop3: detected capacity change from 0 to 128 [ 173.229057][ T5431] FAT-fs (loop3): Unrecognized mount option "fowner<00000000000000000000" or missing value [ 174.562796][ T4303] usb 3-1: device descriptor read/64, error -71 [ 174.569246][ T4295] usb 5-1: new full-speed USB device number 9 using dummy_hcd [ 175.237096][ T5449] loop1: detected capacity change from 0 to 128 [ 175.247418][ T5449] FAT-fs (loop1): Unrecognized mount option "fowner<00000000000000000000" or missing value [ 176.770422][ T5460] syz.4.316 (5460): drop_caches: 2 [ 177.562893][ T4303] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 177.788526][ T4303] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 177.892804][ T4303] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 177.943996][ T4303] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 177.972802][ T4303] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 14129, setting to 64 [ 178.046375][ T4303] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 178.092830][ T4303] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 178.141404][ T4303] usb 3-1: Product: syz [ 178.171478][ T4303] usb 3-1: Manufacturer: syz [ 178.269538][ T5473] loop4: detected capacity change from 0 to 1024 [ 178.309195][ T4303] cdc_wdm 3-1:1.0: skipping garbage [ 178.353805][ T4303] cdc_wdm 3-1:1.0: skipping garbage [ 178.491200][ T4303] cdc_wdm: probe of 3-1:1.0 failed with error -22 [ 179.135175][ T5473] VFS: Lookup of 'file0' in hfsplus loop4 would have caused loop [ 180.591400][ T4303] usb 3-1: USB disconnect, device number 8 [ 181.165175][ T5475] loop0: detected capacity change from 0 to 4096 [ 182.109475][ T5485] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input6 [ 182.149579][ T5485] loop3: detected capacity change from 0 to 128 [ 184.252913][ T22] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 184.547137][ T5511] syz.1.331 (5511): drop_caches: 2 [ 184.802952][ T22] usb 4-1: device descriptor read/64, error -71 [ 185.072828][ T22] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 185.682787][ T22] usb 4-1: device descriptor read/64, error -71 [ 185.942836][ T5476] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 186.198398][ T5476] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 186.208024][ T5476] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 186.585188][ T22] usb usb4-port1: attempt power cycle [ 186.624452][ T5476] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 186.721060][ T5476] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 14129, setting to 64 [ 186.774703][ T5476] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 186.789827][ T5476] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 186.799361][ T5476] usb 3-1: Product: syz [ 186.807996][ T5476] usb 3-1: Manufacturer: syz [ 186.818771][ T5476] cdc_wdm 3-1:1.0: skipping garbage [ 186.827673][ T5476] cdc_wdm 3-1:1.0: skipping garbage [ 186.835427][ T5476] cdc_wdm: probe of 3-1:1.0 failed with error -22 [ 188.891838][ T5549] cgroup: No subsys list or none specified [ 189.093594][ T125] usb 3-1: USB disconnect, device number 9 [ 191.803576][ T5566] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input7 [ 192.537844][ T5572] loop2: detected capacity change from 0 to 128 [ 193.131468][ T5476] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 194.009891][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.018680][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.222834][ T5476] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 194.252756][ T5476] usb 2-1: config 1 has an invalid descriptor of length 247, skipping remainder of the config [ 194.279460][ T5476] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 194.302504][ T5476] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 194.370585][ T5476] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 194.398574][ T5476] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 194.413524][ T5476] usb 2-1: Product: syz [ 194.417721][ T5476] usb 2-1: Manufacturer: syz [ 194.604068][ T5476] cdc_wdm: probe of 2-1:1.0 failed with error -22 [ 194.976639][ T5578] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 195.148400][ T5578] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 195.472302][ T5602] ptrace attach of "./syz-executor exec"[4260] was attempted by "./syz-executor exec"[5602] [ 195.532512][ T5602] sp0: Synchronizing with TNC [ 195.963076][ T5617] loop2: detected capacity change from 0 to 128 [ 195.974078][ T5617] FAT-fs (loop2): Unrecognized mount option "fowner<00000000000000000000" or missing value [ 196.083204][ T4255] Bluetooth: hci0: command 0x0406 tx timeout [ 196.090929][ T4257] Bluetooth: hci3: command 0x0406 tx timeout [ 196.099395][ T4257] Bluetooth: hci2: command 0x0406 tx timeout [ 196.115752][ T4259] Bluetooth: hci1: command 0x0406 tx timeout [ 196.475816][ T22] usb 2-1: USB disconnect, device number 8 [ 197.001956][ T5624] loop2: detected capacity change from 0 to 4096 [ 201.693027][ T4299] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 202.191833][ T5665] syz.0.372 (5665): drop_caches: 2 [ 202.906556][ T4299] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 202.922926][ T4299] usb 4-1: config 1 has an invalid descriptor of length 247, skipping remainder of the config [ 202.985744][ T4299] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 203.032296][ T4299] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 203.306860][ T4299] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 203.319491][ T5671] ptrace attach of "./syz-executor exec"[4251] was attempted by "./syz-executor exec"[5671] [ 203.335216][ T5671] sp0: Synchronizing with TNC [ 203.537086][ T4299] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 203.566816][ T4299] usb 4-1: Product: syz [ 203.571011][ T4299] usb 4-1: Manufacturer: syz [ 204.385716][ T5685] fuse: Bad value for 'group_id' [ 204.496239][ T4299] usb 4-1: can't set config #1, error -71 [ 204.656909][ T4299] usb 4-1: USB disconnect, device number 14 [ 206.185183][ T5705] loop0: detected capacity change from 0 to 128 [ 206.197459][ T5705] FAT-fs (loop0): Unrecognized mount option "fowner<00000000000000000000" or missing value [ 206.926653][ T4546] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 209.707806][ T5713] syz.0.384 (5713): drop_caches: 2 [ 211.695515][ T5733] ptrace attach of "./syz-executor exec"[4256] was attempted by "./syz-executor exec"[5733] [ 211.710324][ T5733] sp0: Synchronizing with TNC [ 211.972803][ T5588] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 212.164481][ T5588] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 212.189122][ T5588] usb 5-1: config 1 has an invalid descriptor of length 247, skipping remainder of the config [ 212.218934][ T5588] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 212.229075][ T5588] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 213.033532][ T5588] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 213.042654][ T5588] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 213.097261][ T5588] usb 5-1: Product: syz [ 213.111661][ T5588] usb 5-1: Manufacturer: syz [ 213.238268][ T5588] cdc_wdm: probe of 5-1:1.0 failed with error -22 [ 213.358047][ T5746] cgroup: No subsys list or none specified [ 213.563262][ T5732] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 213.612898][ T5732] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 213.812503][ T5752] loop3: detected capacity change from 0 to 128 [ 213.822823][ T5752] FAT-fs (loop3): Unrecognized mount option "fowner<00000000000000000000" or missing value [ 214.416217][ T5755] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input8 [ 214.695335][ T5759] loop3: detected capacity change from 0 to 4096 [ 215.337060][ T5761] syz.2.398 (5761): drop_caches: 2 [ 215.360056][ T5476] usb 5-1: USB disconnect, device number 10 [ 217.951124][ T5476] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 218.261041][ T5476] usb 5-1: device descriptor read/64, error -71 [ 218.562782][ T5476] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 218.777925][ T5799] loop3: detected capacity change from 0 to 32768 [ 220.646741][ T5807] loop4: detected capacity change from 0 to 4096 [ 221.172879][ T5476] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 221.240614][ T5815] netlink: 4 bytes leftover after parsing attributes in process `syz.0.413'. [ 221.455147][ T5476] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 221.479085][ T5815] netlink: 4 bytes leftover after parsing attributes in process `syz.0.413'. [ 221.502734][ T5476] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 221.511805][ T5476] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 222.741007][ T5476] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 222.750309][ T5476] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 222.758870][ T5476] usb 4-1: Product: syz [ 222.801427][ T5476] usb 4-1: Manufacturer: syz [ 222.894201][ T5476] cdc_wdm 4-1:1.0: skipping garbage [ 222.899554][ T5476] cdc_wdm: probe of 4-1:1.0 failed with error -22 [ 224.495283][ T5834] loop0: detected capacity change from 0 to 128 [ 224.505785][ T5834] FAT-fs (loop0): Unrecognized mount option "fowner<00000000000000000000" or missing value [ 225.080240][ T5816] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 225.142468][ T5816] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 225.809001][ T5851] loop4: detected capacity change from 0 to 128 [ 225.817121][ T5851] FAT-fs (loop4): Unrecognized mount option "fowner<00000000000000000000" or missing value [ 226.511617][ T4298] usb 4-1: USB disconnect, device number 15 [ 229.672824][ T5871] netlink: 4 bytes leftover after parsing attributes in process `syz.1.425'. [ 230.032229][ T5876] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input9 [ 230.061673][ T5873] loop0: detected capacity change from 0 to 4096 [ 230.194155][ T5883] loop4: detected capacity change from 0 to 128 [ 233.100955][ T5900] syz.3.430 (5900): drop_caches: 2 [ 233.818202][ T4297] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 235.294914][ T5922] loop0: detected capacity change from 0 to 128 [ 235.301880][ T5922] FAT-fs (loop0): Unrecognized mount option "fowner<00000000000000000000" or missing value [ 235.424708][ T4297] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 237.635172][ T4297] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 237.778577][ T4297] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 238.466157][ T4269] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 238.568490][ T4297] usb 2-1: string descriptor 0 read error: -71 [ 238.576065][ T4297] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 238.586009][ T4297] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 238.612908][ T4297] usb 2-1: can't set config #1, error -71 [ 238.672474][ T4297] usb 2-1: USB disconnect, device number 9 [ 238.906613][ T5947] loop2: detected capacity change from 0 to 128 [ 238.954891][ T5946] loop0: detected capacity change from 0 to 4096 [ 239.154529][ T4546] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 240.554800][ T5973] ptrace attach of "./syz-executor exec"[4262] was attempted by "./syz-executor exec"[5973] [ 240.593125][ T5973] sp0: Synchronizing with TNC [ 242.362773][ T5476] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 242.654267][ T5476] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 242.680875][ T5476] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 243.442564][ T5476] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 243.472534][ T5476] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 243.482741][ T5476] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 243.491643][ T5476] usb 4-1: Product: syz [ 243.497355][ T5476] usb 4-1: Manufacturer: syz [ 243.534243][ T5476] cdc_wdm 4-1:1.0: skipping garbage [ 243.539512][ T5476] cdc_wdm: probe of 4-1:1.0 failed with error -22 [ 243.797588][ T5991] cgroup: No subsys list or none specified [ 243.987559][ T5993] loop2: detected capacity change from 0 to 128 [ 243.994703][ T5993] FAT-fs (loop2): Unrecognized mount option "fowner<00000000000000000000" or missing value [ 244.048454][ T5981] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 244.093348][ T5981] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 245.320534][ T4269] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 245.596142][ T26] usb 4-1: USB disconnect, device number 16 [ 246.727345][ T6007] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input10 [ 246.830678][ T6007] loop0: detected capacity change from 0 to 128 [ 247.017163][ T6012] ptrace attach of "./syz-executor exec"[4262] was attempted by "./syz-executor exec"[6012] [ 247.034525][ T6012] sp0: Synchronizing with TNC [ 247.304165][ T4269] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 248.220181][ T6030] cgroup: No subsys list or none specified [ 250.342763][ T5476] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 250.497283][ T6044] loop4: detected capacity change from 0 to 4096 [ 250.544476][ T5476] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 250.581407][ T5476] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 250.622791][ T5476] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 250.665537][ T5476] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 250.732756][ T5476] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 251.245220][ T6050] loop0: detected capacity change from 0 to 128 [ 251.252315][ T6050] FAT-fs (loop0): Unrecognized mount option "fowner<00000000000000000000" or missing value [ 251.707797][ T5476] usb 3-1: Product: syz [ 251.712129][ T5476] usb 3-1: Manufacturer: syz [ 252.111244][ T6042] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 252.126361][ T5476] cdc_wdm 3-1:1.0: skipping garbage [ 252.162951][ T5476] cdc_wdm 3-1:1.0: skipping garbage [ 252.182023][ T6042] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 252.209510][ T5476] cdc_wdm: probe of 3-1:1.0 failed with error -22 [ 253.531009][ T6063] ptrace attach of "./syz-executor exec"[4256] was attempted by "./syz-executor exec"[6063] [ 253.548603][ T6063] sp0: Synchronizing with TNC [ 253.602215][ T4298] usb 3-1: USB disconnect, device number 10 [ 253.762737][ T6067] netlink: 92 bytes leftover after parsing attributes in process `syz.1.476'. [ 255.444887][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.451328][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.490629][ T6092] fuse: Unknown parameter 'grou00000000000000000000' [ 256.828257][ T6097] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input11 [ 256.922628][ T6097] loop3: detected capacity change from 0 to 128 [ 257.042796][ T4269] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 257.142731][ T6103] cgroup: No subsys list or none specified [ 257.432839][ T4301] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 258.777540][ T6108] ptrace attach of "./syz-executor exec"[4251] was attempted by "./syz-executor exec"[6108] [ 258.793469][ T6108] sp0: Synchronizing with TNC [ 258.805052][ T4301] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 258.843145][ T4301] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 258.964432][ T4301] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 258.981228][ T4301] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 258.990995][ T4301] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 258.999339][ T4301] usb 3-1: Product: syz [ 259.003841][ T4301] usb 3-1: Manufacturer: syz [ 259.014800][ T4301] cdc_wdm 3-1:1.0: skipping garbage [ 259.020052][ T4301] cdc_wdm 3-1:1.0: skipping garbage [ 259.056861][ T4301] cdc_wdm: probe of 3-1:1.0 failed with error -22 [ 259.217052][ T6101] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 259.254441][ T6101] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 261.668194][ T128] usb 3-1: USB disconnect, device number 11 [ 261.768080][ T6132] fuse: Unknown parameter 'group_i00000000000000000000' [ 263.910262][ T6152] ptrace attach of "./syz-executor exec"[4256] was attempted by "./syz-executor exec"[6152] [ 263.946923][ T6152] sp0: Synchronizing with TNC [ 264.740050][ T6151] loop4: detected capacity change from 0 to 4096 [ 266.931952][ T6179] syz.4.508 (6179): drop_caches: 2 [ 269.294106][ T6202] ptrace attach of "./syz-executor exec"[4251] was attempted by "./syz-executor exec"[6202] [ 269.329113][ T6202] sp0: Synchronizing with TNC [ 271.421181][ T6223] loop3: detected capacity change from 0 to 128 [ 271.431608][ T6223] FAT-fs (loop3): Unrecognized mount option "fowner<00000000000000000000" or missing value [ 272.458986][ T6225] syz.1.521 (6225): drop_caches: 2 [ 272.482932][ T4269] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 273.056713][ T6235] bridge0: port 2(bridge_slave_1) entered disabled state [ 273.074951][ T6237] netlink: 4 bytes leftover after parsing attributes in process `syz.1.527'. [ 273.160112][ T6237] bridge0: port 1(bridge_slave_0) entered disabled state [ 273.294704][ T6237] device bridge_slave_0 left promiscuous mode [ 273.303684][ T6237] bridge0: port 1(bridge_slave_0) entered disabled state [ 273.417353][ T5588] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 273.474477][ T6243] ptrace attach of "./syz-executor exec"[4260] was attempted by "./syz-executor exec"[6243] [ 273.607171][ T6243] sp0: Synchronizing with TNC [ 274.134353][ T5588] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 274.151373][ T5588] usb 3-1: config 1 has an invalid descriptor of length 48, skipping remainder of the config [ 274.161803][ T5588] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 274.171242][ T5588] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 274.175182][ T4257] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 274.195060][ T4257] Bluetooth: hci4: Injecting HCI hardware error event [ 274.204315][ T4255] Bluetooth: hci4: hardware error 0x00 [ 274.208766][ T5588] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 274.288837][ T5588] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 274.341277][ T5588] usb 3-1: Product: syz [ 274.443486][ T5588] usb 3-1: Manufacturer: syz [ 274.521230][ T5588] cdc_wdm 3-1:1.0: skipping garbage [ 274.634804][ T5588] cdc_wdm 3-1:1.0: skipping garbage [ 274.680787][ T5588] cdc_wdm: probe of 3-1:1.0 failed with error -22 [ 274.903437][ T6239] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 274.943082][ T6239] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 275.637642][ T6261] syz.0.535 (6261): drop_caches: 2 [ 276.269446][ T14] usb 3-1: USB disconnect, device number 12 [ 276.322804][ T4255] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 276.466494][ T6281] cgroup: No subsys list or none specified [ 276.625542][ T6284] loop4: detected capacity change from 0 to 128 [ 276.755799][ T4269] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 276.782926][ T14] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 276.972887][ T14] usb 3-1: Using ep0 maxpacket: 8 [ 276.982600][ T14] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 277.002281][ T14] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 277.020552][ T14] usb 3-1: Product: syz [ 277.025032][ T14] usb 3-1: Manufacturer: syz [ 277.029645][ T14] usb 3-1: SerialNumber: syz [ 277.053422][ T14] usb 3-1: config 0 descriptor?? [ 277.202794][ T5588] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 277.265160][ T14] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 277.396997][ T5588] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 277.433851][ T5588] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 277.466700][ T5588] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 277.494370][ T5588] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 277.539037][ T5588] usb 2-1: config 0 descriptor?? [ 277.780455][ T6298] fuse: Unknown parameter 'group_id00000000000000000000' [ 278.538864][ C0] raw-gadget.1 gadget.1: ignoring, device is not running [ 278.560211][ T5588] uclogic 0003:256C:006D.0003: failed retrieving Huion firmware version: -71 [ 278.659842][ T5588] uclogic 0003:256C:006D.0003: failed probing parameters: -71 [ 278.716985][ T5588] uclogic: probe of 0003:256C:006D.0003 failed with error -71 [ 278.808335][ T6312] loop3: detected capacity change from 0 to 512 [ 278.865885][ T14] dvb_usb_rtl28xxu: probe of 3-1:0.0 failed with error -71 [ 278.909344][ T5588] usb 2-1: USB disconnect, device number 10 [ 279.002504][ T14] usb 3-1: USB disconnect, device number 13 [ 279.057809][ T6312] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 279.263723][ T6312] EXT4-fs (loop3): 1 truncate cleaned up [ 279.291795][ T6312] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 279.439750][ T6319] netlink: 28 bytes leftover after parsing attributes in process `syz.4.555'. [ 279.470425][ T6319] netlink: 28 bytes leftover after parsing attributes in process `syz.4.555'. [ 279.514211][ T4256] EXT4-fs (loop3): unmounting filesystem. [ 280.038478][ T6332] loop0: detected capacity change from 0 to 128 [ 280.343209][ T6337] cgroup: No subsys list or none specified [ 280.842716][ T5588] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 281.044407][ T5588] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 281.072014][ T5588] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 281.102405][ T5588] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 281.138347][ T5588] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 281.172703][ T5588] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 281.212760][ T5588] usb 2-1: Product: syz [ 281.234049][ T5588] usb 2-1: Manufacturer: syz [ 281.269918][ T5588] cdc_wdm 2-1:1.0: skipping garbage [ 281.320231][ T5588] cdc_wdm: probe of 2-1:1.0 failed with error -22 [ 281.354317][ T6346] loop0: detected capacity change from 0 to 128 [ 281.361519][ T6346] FAT-fs (loop0): Unrecognized mount option "fowner<00000000000000000000" or missing value [ 281.408191][ T4546] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 282.785468][ T6356] loop0: detected capacity change from 0 to 512 [ 282.803298][ T6356] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 282.988977][ T6356] EXT4-fs (loop0): 1 truncate cleaned up [ 283.030465][ T6356] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 283.102881][ T4296] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 283.533593][ T4260] EXT4-fs (loop0): unmounting filesystem. [ 283.562758][ T4296] usb 4-1: Using ep0 maxpacket: 8 [ 283.573595][ T4296] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 283.584039][ T4296] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 283.592051][ T4296] usb 4-1: Product: syz [ 283.597152][ T4296] usb 4-1: Manufacturer: syz [ 283.601765][ T4296] usb 4-1: SerialNumber: syz [ 283.726447][ T4296] usb 4-1: config 0 descriptor?? [ 283.741933][ T5974] usb 2-1: USB disconnect, device number 11 [ 283.904297][ T4301] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 283.939561][ T4296] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 284.095652][ T4301] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 284.111482][ T4301] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 284.121959][ T4301] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 284.135296][ T4301] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 284.146466][ T4301] usb 5-1: config 0 descriptor?? [ 284.162758][ T7] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 284.362812][ T7] usb 1-1: Using ep0 maxpacket: 8 [ 284.393490][ T7] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 284.407070][ T7] usb 1-1: config 179 has no interface number 0 [ 284.416677][ T7] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 284.449063][ T7] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 284.494499][ T7] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 166, changing to 11 [ 284.596983][ T7] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 24966, setting to 1024 [ 284.618790][ T7] usb 1-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 284.645439][ T7] usb 1-1: config 179 interface 65 has no altsetting 0 [ 284.830178][ T7] usb 1-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 284.840135][ T7] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 284.868490][ T7] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input12 [ 284.954193][ T6384] cgroup: No subsys list or none specified [ 284.965148][ T4255] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 284.974748][ T4255] Bluetooth: hci2: Injecting HCI hardware error event [ 284.984397][ T4257] Bluetooth: hci2: hardware error 0x00 [ 285.043209][ T4301] uclogic 0003:256C:006D.0004: failed retrieving Huion firmware version: -71 [ 285.241159][ T4301] uclogic 0003:256C:006D.0004: failed probing parameters: -71 [ 285.344144][ T4301] uclogic: probe of 0003:256C:006D.0004 failed with error -71 [ 285.487163][ T4296] dvb_usb_rtl28xxu: probe of 4-1:0.0 failed with error -71 [ 285.503479][ T4301] usb 5-1: USB disconnect, device number 13 [ 285.516369][ T4296] usb 4-1: USB disconnect, device number 17 [ 285.604951][ C0] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -1 [ 285.652408][ T7] usb 1-1: USB disconnect, device number 6 [ 285.658308][ C0] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 285.743925][ T7] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 286.019878][ T6389] loop4: detected capacity change from 0 to 128 [ 286.026929][ T6389] FAT-fs (loop4): Unrecognized mount option "fowner<00000000000000000000" or missing value [ 286.085250][ T4546] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 287.062761][ T5974] usb 3-1: new full-speed USB device number 14 using dummy_hcd [ 287.147949][ T6405] loop0: detected capacity change from 0 to 512 [ 287.185770][ T6405] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 287.228364][ T6405] EXT4-fs (loop0): 1 truncate cleaned up [ 287.234145][ T6405] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 287.294646][ T5974] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 287.310539][ T5974] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 287.450251][ T5974] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 287.465711][ T5974] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 287.482877][ T5974] usb 3-1: Product: syz [ 287.488572][ T5974] usb 3-1: Manufacturer: syz [ 287.498082][ T5974] usb 3-1: SerialNumber: syz [ 287.567624][ T6416] fuse: Bad value for 'user_id' [ 287.582839][ T4301] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 287.607699][ T4260] EXT4-fs (loop0): unmounting filesystem. [ 287.693080][ T4257] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 287.724922][ T5974] usb 3-1: 0:2 : does not exist [ 287.746623][ T5974] usb 3-1: 5:0: failed to get current value for ch 0 (-22) [ 287.785896][ T5974] usb 3-1: USB disconnect, device number 14 [ 287.794751][ T4301] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 287.811475][ T4301] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 287.825478][ T4301] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 287.844485][ T4301] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 287.854246][ T4301] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 287.862954][ T4301] usb 2-1: Product: syz [ 287.868017][ T4301] usb 2-1: Manufacturer: syz [ 287.879729][ T4301] cdc_wdm 2-1:1.0: skipping garbage [ 287.885626][ T4301] cdc_wdm 2-1:1.0: skipping garbage [ 287.891328][ T4301] cdc_wdm: probe of 2-1:1.0 failed with error -22 [ 287.921789][ T6420] loop3: detected capacity change from 0 to 1764 [ 288.018406][ T6424] netlink: 4 bytes leftover after parsing attributes in process `syz.0.592'. [ 288.037506][ T4269] udevd[4269]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 288.234663][ T6426] loop3: detected capacity change from 0 to 128 [ 288.241505][ T6426] FAT-fs (loop3): Unrecognized mount option "fowner<00000000000000000000" or missing value [ 288.334245][ T4546] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 288.785899][ T6442] fuse: Bad value for 'user_id' [ 288.843868][ T4301] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 288.861354][ T6444] loop3: detected capacity change from 0 to 512 [ 288.899689][ T6444] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 288.959853][ T6444] EXT4-fs (loop3): 1 truncate cleaned up [ 288.968613][ T6444] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 289.032777][ T4301] usb 5-1: Using ep0 maxpacket: 32 [ 289.039656][ T4301] usb 5-1: config 0 has an invalid interface number: 51 but max is 0 [ 289.048856][ T4301] usb 5-1: config 0 has no interface number 0 [ 289.057550][ T6450] netlink: 4 bytes leftover after parsing attributes in process `syz.2.603'. [ 289.063090][ T4301] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 289.075912][ T4301] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 289.084368][ T4301] usb 5-1: Product: syz [ 289.088685][ T4301] usb 5-1: Manufacturer: syz [ 289.093734][ T4301] usb 5-1: SerialNumber: syz [ 289.100782][ T4301] usb 5-1: config 0 descriptor?? [ 289.108491][ T4301] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 289.127278][ T6450] bridge0: port 1(bridge_slave_0) entered disabled state [ 289.228154][ T6450] device bridge_slave_0 left promiscuous mode [ 289.230367][ T4256] EXT4-fs (loop3): unmounting filesystem. [ 289.235243][ T6450] bridge0: port 1(bridge_slave_0) entered disabled state [ 289.563714][ T4301] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 289.575374][ T4301] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 289.826163][ T6459] loop3: detected capacity change from 0 to 32768 [ 290.523146][ T6365] usb 5-1: USB disconnect, device number 14 [ 290.575927][ C1] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -108 [ 290.604056][ T6365] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 290.669119][ T5974] usb 2-1: USB disconnect, device number 12 [ 290.673446][ T6365] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 290.708950][ T6365] quatech2 5-1:0.51: device disconnected [ 290.887315][ T6462] loop0: detected capacity change from 0 to 128 [ 290.896155][ T6462] FAT-fs (loop0): Unrecognized mount option "fowner<00000000000000000000" or missing value [ 291.226563][ T4255] Bluetooth: hci3: unexpected event 0x03 length: 17 > 11 [ 291.291407][ T6478] loop1: detected capacity change from 0 to 1024 [ 291.350539][ T6481] loop0: detected capacity change from 0 to 512 [ 291.402795][ T6481] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 291.508646][ T6481] EXT4-fs (loop0): 1 truncate cleaned up [ 291.685176][ T6490] cgroup: No subsys list or none specified [ 291.769973][ T6478] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a000c018, mo2=0002] [ 291.851360][ T6478] System zones: 0-1, 3-12 [ 291.860939][ T6481] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 291.988264][ T6478] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 292.087233][ T6478] EXT4-fs (loop1): re-mounted. Quota mode: none. [ 292.259142][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 292.322048][ T4260] EXT4-fs (loop0): unmounting filesystem. [ 293.009389][ T6499] syz.2.621 (6499): drop_caches: 2 [ 293.282821][ T4257] Bluetooth: hci3: command 0x0409 tx timeout [ 293.558909][ T4295] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 293.589662][ T4295] hid-generic 0000:0000:0000.0005: hidraw0: HID v0.00 Device [syz1] on syz0 [ 293.694688][ T6504] loop0: detected capacity change from 0 to 32768 [ 293.862894][ T5974] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 294.080326][ T5974] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 294.094300][ T5974] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 294.175011][ T5974] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 294.269988][ T5974] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 294.276460][ T6512] loop4: detected capacity change from 0 to 47 [ 294.313030][ T5974] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 294.360138][ T5974] usb 2-1: Product: syz [ 294.376345][ T5974] usb 2-1: Manufacturer: syz [ 294.450562][ T5974] cdc_wdm 2-1:1.0: skipping garbage [ 294.461594][ T5974] cdc_wdm 2-1:1.0: skipping garbage [ 294.473978][ T5974] cdc_wdm: probe of 2-1:1.0 failed with error -22 [ 294.518977][ T6514] loop2: detected capacity change from 0 to 4096 [ 295.240795][ T6525] netlink: 28 bytes leftover after parsing attributes in process `syz.2.628'. [ 295.251104][ T6525] netlink: 28 bytes leftover after parsing attributes in process `syz.2.628'. [ 295.362836][ T4257] Bluetooth: hci3: command 0x040f tx timeout [ 295.480009][ T4295] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 296.334402][ T4295] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 296.410542][ T4295] usb 1-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 296.421448][ T4295] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 296.432761][ T4295] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 296.449982][ T4295] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 296.490043][ T4295] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 296.547048][ T4295] usb 1-1: Product: syz [ 296.562408][ T6535] loop4: detected capacity change from 0 to 512 [ 296.569009][ T4295] usb 1-1: Manufacturer: syz [ 296.586950][ T6535] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 296.601043][ T5588] usb 2-1: USB disconnect, device number 13 [ 296.614202][ T4295] cdc_wdm 1-1:1.0: skipping garbage [ 296.622083][ T4295] cdc_wdm 1-1:1.0: skipping garbage [ 296.627759][ T4295] cdc_wdm 1-1:1.0: skipping garbage [ 296.633027][ T4295] cdc_wdm: probe of 1-1:1.0 failed with error -22 [ 296.647191][ T6535] EXT4-fs (loop4): 1 truncate cleaned up [ 296.709365][ T6535] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 296.817412][ T6523] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 296.970318][ T6523] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 297.184148][ T4262] EXT4-fs (loop4): unmounting filesystem. [ 297.812842][ T4301] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 298.019926][ T4301] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 298.025713][ T6556] syz.4.636 (6556): drop_caches: 2 [ 298.031213][ T4301] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 298.046586][ T4301] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 298.056090][ T4301] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 298.086624][ T4301] usb 4-1: config 0 descriptor?? [ 298.491662][ T5588] usb 1-1: USB disconnect, device number 7 [ 299.193929][ T4301] uclogic 0003:256C:006D.0006: interface is invalid, ignoring [ 299.245350][ T6565] netlink: 28 bytes leftover after parsing attributes in process `syz.1.640'. [ 299.255805][ T4301] usb 4-1: USB disconnect, device number 18 [ 299.292935][ T6565] netlink: 28 bytes leftover after parsing attributes in process `syz.1.640'. [ 299.583939][ T6568] loop0: detected capacity change from 0 to 32768 [ 300.017692][ T6569] loop4: detected capacity change from 0 to 128 [ 300.024717][ T6569] FAT-fs (loop4): Unrecognized mount option "fowner<00000000000000000000" or missing value [ 300.327908][ T6580] loop3: detected capacity change from 0 to 512 [ 300.365835][ T6578] loop2: detected capacity change from 0 to 128 [ 300.412094][ T6580] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 300.442120][ T6580] ext4 filesystem being mounted at /128/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 300.498483][ T4269] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 300.542743][ T4301] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 300.676557][ T6580] loop3: detected capacity change from 512 to 0 [ 300.706066][ C1] I/O error, dev loop3, sector 140 op 0x0:(READ) flags 0x3000 phys_seg 1 prio class 2 [ 300.715758][ C1] I/O error, dev loop3, sector 144 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 300.715758][ T6592] EXT4-fs error (device loop3): ext4_get_inode_loc:4644: inode #18: block 35: comm syz.3.646: unable to read itable block [ 300.725447][ C1] I/O error, dev loop3, sector 136 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 300.755717][ T4366] loop: Write error at byte offset 9223372036854775807, length 2048. [ 300.768147][ C1] I/O error, dev loop3, sector 0 op 0x1:(WRITE) flags 0x3800 phys_seg 1 prio class 2 [ 300.777728][ C1] I/O error, dev loop3, sector 0 op 0x1:(WRITE) flags 0x3800 phys_seg 1 prio class 2 [ 300.787536][ C1] buffer_io_error: 26 callbacks suppressed [ 300.787547][ C1] Buffer I/O error on dev loop3, logical block 0, lost sync page write [ 300.803638][ T6592] EXT4-fs (loop3): I/O error while writing superblock [ 300.810440][ T6592] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5885: IO failure [ 300.820618][ T4301] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 300.829949][ T4301] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 300.839075][ T4301] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 300.853730][ T4366] loop: Write error at byte offset 9223372036854775807, length 2048. [ 300.862048][ C1] I/O error, dev loop3, sector 0 op 0x1:(WRITE) flags 0x3800 phys_seg 1 prio class 2 [ 300.862797][ T5588] usb 3-1: new full-speed USB device number 15 using dummy_hcd [ 300.871607][ C1] I/O error, dev loop3, sector 0 op 0x1:(WRITE) flags 0x3800 phys_seg 1 prio class 2 [ 300.888529][ C1] Buffer I/O error on dev loop3, logical block 0, lost sync page write [ 300.897536][ T6592] EXT4-fs (loop3): I/O error while writing superblock [ 300.904394][ T6592] EXT4-fs error (device loop3): ext4_setattr:5567: inode #18: comm syz.3.646: mark_inode_dirty error [ 300.922782][ T33] loop: Write error at byte offset 9223372036854775807, length 2048. [ 300.923581][ T4301] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 300.930879][ C0] I/O error, dev loop3, sector 0 op 0x1:(WRITE) flags 0x3800 phys_seg 1 prio class 2 [ 300.930916][ C0] I/O error, dev loop3, sector 0 op 0x1:(WRITE) flags 0x3800 phys_seg 1 prio class 2 [ 300.930946][ C0] Buffer I/O error on dev loop3, logical block 0, lost sync page write [ 300.942050][ T4301] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 300.975657][ T6592] EXT4-fs (loop3): I/O error while writing superblock [ 300.983656][ T6592] EXT4-fs error (device loop3) in ext4_setattr:5628: IO failure [ 300.991550][ T33] loop: Write error at byte offset 9223372036854775807, length 2048. [ 300.991561][ T4301] usb 2-1: Product: syz [ 300.991579][ T4301] usb 2-1: Manufacturer: syz [ 301.012894][ C0] Buffer I/O error on dev loop3, logical block 0, lost sync page write [ 301.018031][ T4301] cdc_wdm 2-1:1.0: skipping garbage [ 301.026632][ T6592] EXT4-fs (loop3): I/O error while writing superblock [ 301.034125][ T4301] cdc_wdm 2-1:1.0: skipping garbage [ 301.051536][ T4301] cdc_wdm: probe of 2-1:1.0 failed with error -22 [ 301.058423][ T4296] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 301.103067][ T4256] EXT4-fs error (device loop3): ext4_get_inode_loc:4644: inode #2: block 34: comm syz-executor: unable to read itable block [ 301.114752][ T5588] usb 3-1: not running at top speed; connect to a high speed hub [ 301.124262][ T4366] loop: Write error at byte offset 9223372036854775807, length 2048. [ 301.137411][ C0] Buffer I/O error on dev loop3, logical block 0, lost sync page write [ 301.145729][ T4256] EXT4-fs (loop3): I/O error while writing superblock [ 301.153670][ T4256] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5885: IO failure [ 301.158321][ T5588] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 301.171421][ T1185] loop: Write error at byte offset 9223372036854775807, length 2048. [ 301.181471][ C0] Buffer I/O error on dev loop3, logical block 0, lost sync page write [ 301.189785][ T4256] EXT4-fs (loop3): I/O error while writing superblock [ 301.190946][ T5588] usb 3-1: config 1 has no interface number 1 [ 301.199107][ T4256] EXT4-fs error (device loop3): ext4_dirty_inode:6089: inode #2: comm syz-executor: mark_inode_dirty error [ 301.216624][ T5588] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 301.237772][ T4366] loop: Write error at byte offset 9223372036854775807, length 2048. [ 301.242680][ T5588] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 301.246861][ C1] Buffer I/O error on dev loop3, logical block 0, lost sync page write [ 301.262172][ T5588] usb 3-1: Product: syz [ 301.262370][ T4256] EXT4-fs (loop3): I/O error while writing superblock [ 301.282805][ T5588] usb 3-1: Manufacturer: syz [ 301.284347][ T4296] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 301.287403][ T5588] usb 3-1: SerialNumber: syz [ 301.320111][ T4296] usb 1-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 301.345101][ T4296] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 301.354492][ T4296] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 301.367691][ T4317] EXT4-fs error (device loop3): __ext4_get_inode_loc_noinmem:4629: inode #2: block 34: comm kworker/u4:6: unable to read itable block [ 301.383401][ T4296] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 301.392459][ T4296] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 301.403440][ T5512] loop: Write error at byte offset 9223372036854775807, length 2048. [ 301.411836][ C1] Buffer I/O error on dev loop3, logical block 0, lost sync page write [ 301.420138][ T4317] EXT4-fs (loop3): I/O error while writing superblock [ 301.433460][ T4296] usb 1-1: Product: syz [ 301.436652][ T4256] EXT4-fs (loop3): unmounting filesystem. [ 301.437626][ T4296] usb 1-1: Manufacturer: syz [ 301.452350][ T4296] cdc_wdm 1-1:1.0: skipping garbage [ 301.464371][ T4366] loop: Write error at byte offset 9223372036854775807, length 2048. [ 301.472498][ C1] Buffer I/O error on dev loop3, logical block 0, lost sync page write [ 301.481034][ T4296] cdc_wdm 1-1:1.0: skipping garbage [ 301.486431][ T4296] cdc_wdm 1-1:1.0: skipping garbage [ 301.491659][ T4296] cdc_wdm: probe of 1-1:1.0 failed with error -22 [ 301.516596][ T5588] usb 3-1: 2:1 : format type 0 is detected, processed as PCM [ 301.525424][ T5512] loop: Write error at byte offset 9223372036854800383, length 2048. [ 301.537896][ C1] Buffer I/O error on dev loop3, logical block 12, lost sync page write [ 301.554717][ T5588] usb 3-1: failed to enable PITCH for EP 0x82 [ 301.614538][ T5588] usb 3-1: USB disconnect, device number 15 [ 301.670184][ T6593] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 301.704403][ T6593] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 301.908625][ T4366] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 301.919521][ T5103] udevd[5103]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 302.071770][ T4366] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 302.332471][ T4366] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 302.544659][ T4366] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 303.056581][ T6608] loop4: detected capacity change from 0 to 128 [ 303.067084][ T6608] FAT-fs (loop4): Unrecognized mount option "fowner<00000000000000000000" or missing value [ 303.544250][ T5588] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 303.586671][ T26] usb 2-1: USB disconnect, device number 14 [ 303.752697][ T5588] usb 3-1: Using ep0 maxpacket: 16 [ 303.761099][ T5588] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xF3, skipping [ 303.809735][ T6613] loop1: detected capacity change from 0 to 128 [ 303.818644][ T5588] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 303.851412][ T5588] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 303.882964][ T5588] usb 3-1: Product: syz [ 303.900148][ T5588] usb 3-1: Manufacturer: syz [ 303.910266][ T5588] usb 3-1: SerialNumber: syz [ 303.926892][ T125] usb 1-1: USB disconnect, device number 8 [ 303.955674][ T6615] loop4: detected capacity change from 0 to 4096 [ 303.958574][ T5588] usb 3-1: config 0 descriptor?? [ 304.036072][ T6619] netlink: 32 bytes leftover after parsing attributes in process `syz.0.660'. [ 304.434894][ T4255] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 304.458268][ T4255] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 304.474633][ T4255] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 304.493234][ T4255] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 304.504968][ T4255] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 304.513294][ T4255] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 306.203502][ T5588] usb 3-1: USB disconnect, device number 16 [ 306.562856][ T4257] Bluetooth: hci1: command 0x0409 tx timeout [ 306.884622][ T6631] chnl_net:caif_netlink_parms(): no params data found [ 306.902782][ T5588] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 307.094714][ T5588] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 307.106917][ T5588] usb 1-1: config 1 has an invalid descriptor of length 48, skipping remainder of the config [ 307.112894][ T26] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 307.141266][ T5588] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 307.166496][ T5588] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 307.181341][ T5588] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 307.193507][ T5588] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 307.201534][ T5588] usb 1-1: Product: syz [ 307.206044][ T5588] usb 1-1: Manufacturer: syz [ 307.217425][ T5588] cdc_wdm 1-1:1.0: skipping garbage [ 307.232687][ T5588] cdc_wdm 1-1:1.0: skipping garbage [ 307.237920][ T5588] cdc_wdm: probe of 1-1:1.0 failed with error -22 [ 307.250909][ T4366] device hsr_slave_0 left promiscuous mode [ 307.273335][ T4366] device hsr_slave_1 left promiscuous mode [ 307.287165][ T4366] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 307.313079][ T4366] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 307.321975][ T4366] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 307.330142][ T4366] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 307.338235][ T4366] device bridge_slave_1 left promiscuous mode [ 307.346383][ T4366] bridge0: port 2(bridge_slave_1) entered disabled state [ 307.347065][ T26] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 307.366283][ T4366] device bridge_slave_0 left promiscuous mode [ 307.372561][ T4366] bridge0: port 1(bridge_slave_0) entered disabled state [ 307.380540][ T26] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 307.409344][ T26] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 307.421934][ T26] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 307.441108][ T26] usb 5-1: config 0 descriptor?? [ 307.453539][ T4366] device veth1_macvtap left promiscuous mode [ 307.780730][ T4366] device veth0_macvtap left promiscuous mode [ 307.943953][ T4366] device veth1_vlan left promiscuous mode [ 308.059495][ T4366] device veth0_vlan left promiscuous mode [ 308.202163][ T6681] loop1: detected capacity change from 0 to 128 [ 308.295097][ T4546] blk_print_req_error: 19 callbacks suppressed [ 308.295113][ T4546] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 308.652902][ T4257] Bluetooth: hci1: command 0x041b tx timeout [ 308.742410][ T26] uclogic 0003:256C:006D.0007: interface is invalid, ignoring [ 308.754925][ T26] usb 5-1: USB disconnect, device number 15 [ 308.777124][ T4366] team0 (unregistering): Port device team_slave_1 removed [ 308.818979][ T4366] team0 (unregistering): Port device team_slave_0 removed [ 308.856554][ T4366] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 308.895007][ T4366] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 309.281885][ T4366] bond0 (unregistering): Released all slaves [ 309.413816][ T6631] bridge0: port 1(bridge_slave_0) entered blocking state [ 309.421032][ T6631] bridge0: port 1(bridge_slave_0) entered disabled state [ 309.430557][ T6631] device bridge_slave_0 entered promiscuous mode [ 309.741507][ T4301] usb 1-1: USB disconnect, device number 9 [ 310.310321][ T6704] loop1: detected capacity change from 0 to 128 [ 310.322825][ T6631] bridge0: port 2(bridge_slave_1) entered blocking state [ 310.353003][ T6704] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 310.370748][ T6631] bridge0: port 2(bridge_slave_1) entered disabled state [ 310.401155][ T6704] ext4 filesystem being mounted at /126/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 310.415993][ T6631] device bridge_slave_1 entered promiscuous mode [ 310.469220][ T6711] loop4: detected capacity change from 0 to 128 [ 310.487111][ T6708] fuse: Bad value for 'fd' [ 310.489471][ T6631] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 310.566691][ T6631] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 310.716114][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 310.720665][ T6631] team0: Port device team_slave_0 added [ 310.728417][ T4257] Bluetooth: hci1: command 0x040f tx timeout [ 310.816470][ T6631] team0: Port device team_slave_1 added [ 311.133582][ T6631] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 311.261884][ T6631] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 311.372823][ T5588] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 311.557533][ T6631] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 311.583334][ T5588] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 311.631662][ T5588] usb 1-1: config 1 has an invalid descriptor of length 48, skipping remainder of the config [ 311.756397][ T5588] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 311.820479][ T5588] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 311.897675][ T5588] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 311.939501][ T5588] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 311.956602][ T5588] usb 1-1: Product: syz [ 311.961742][ T5588] usb 1-1: Manufacturer: syz [ 312.058086][ T6739] loop1: detected capacity change from 0 to 1024 [ 312.126654][ T5588] cdc_wdm 1-1:1.0: skipping garbage [ 416.962601][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 416.969601][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P6720/1:b..l [ 416.978148][ C0] (detected by 0, t=10502 jiffies, g=26365, q=81 ncpus=2) [ 416.985365][ C0] task:syz.2.684 state:R running task stack:24808 pid:6720 ppid:4266 flags:0x00004000 [ 416.997178][ C0] Call Trace: [ 417.000487][ C0] [ 417.003438][ C0] __schedule+0x143f/0x4570 [ 417.007998][ C0] ? release_firmware_map_entry+0x18b/0x18b [ 417.013911][ C0] ? print_irqtrace_events+0x210/0x210 [ 417.019389][ C0] ? mark_lock+0x9a/0x340 [ 417.023733][ C0] ? preempt_schedule_irq+0xec/0x1c0 [ 417.029041][ C0] preempt_schedule_irq+0xf7/0x1c0 [ 417.034171][ C0] ? preempt_schedule_notrace+0x140/0x140 [ 417.039931][ C0] irqentry_exit+0x53/0x80 [ 417.044371][ C0] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 417.050376][ C0] RIP: 0010:lock_acquire+0x194/0x5a0 [ 417.055698][ C0] Code: 4c 89 fb 48 c1 eb 03 42 80 3c 2b 00 74 08 4c 89 ff e8 a0 56 77 00 48 c7 84 24 80 00 00 00 00 00 00 00 9c 8f 84 24 80 00 00 00 <42> 80 3c 2b 00 74 08 4c 89 ff e8 fd 55 77 00 48 8d 5c 24 60 4c 8b [ 417.075330][ C0] RSP: 0018:ffffc900035072c0 EFLAGS: 00000246 [ 417.081420][ C0] RAX: 0000000000000000 RBX: 1ffff920006a0e68 RCX: ffffffff816ab44b [ 417.089404][ C0] RDX: 0000000000000000 RSI: ffffffff8b5f6f60 RDI: ffffffff8b5f6f20 [ 417.097384][ C0] RBP: ffffc90003507408 R08: dffffc0000000000 R09: fffffbfff1d4168e [ 417.105372][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff920006a0e60 [ 417.113360][ C0] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffc90003507340 [ 417.121386][ C0] ? lock_acquire+0xeb/0x5a0 [ 417.126014][ C0] ? read_lock_is_recursive+0x10/0x10 [ 417.131407][ C0] ? reacquire_held_locks+0x660/0x660 [ 417.136820][ C0] ? mark_lock+0x9a/0x340 [ 417.141176][ C0] __filemap_get_folio+0x171/0xe80 [ 417.146305][ C0] ? __filemap_get_folio+0x150/0xe80 [ 417.151625][ C0] ? __filemap_get_folio+0x150/0xe80 [ 417.156939][ C0] ? page_cache_prev_miss+0x500/0x500 [ 417.162325][ C0] ? __lock_acquire+0x125b/0x1f80 [ 417.167379][ C0] shmem_get_folio_gfp+0x356/0x3470 [ 417.172620][ C0] ? shmem_get_folio+0xa0/0xa0 [ 417.177396][ C0] ? do_raw_spin_unlock+0x137/0x8a0 [ 417.182618][ C0] shmem_fault+0x235/0x9c0 [ 417.187054][ C0] ? shmem_fallocate+0x11c0/0x11c0 [ 417.192183][ C0] ? filemap_read_folio+0x780/0x780 [ 417.197397][ C0] ? count_memcg_event_mm+0x90/0x410 [ 417.202711][ C0] __do_fault+0x136/0x4f0 [ 417.207066][ C0] handle_mm_fault+0x3410/0x5340 [ 417.212019][ C0] ? follow_page_pte+0x39c/0x1880 [ 417.217075][ C0] ? numa_migrate_prep+0x250/0x250 [ 417.222213][ C0] ? follow_page_mask+0xb8a/0x1420 [ 417.227347][ C0] ? __get_user_pages+0x487/0x1190 [ 417.232503][ C0] ? __get_user_pages+0xd90/0x1190 [ 417.237632][ C0] __get_user_pages+0x4f3/0x1190 [ 417.242598][ C0] ? populate_vma_page_range+0x2b0/0x2b0 [ 417.248263][ C0] populate_vma_page_range+0x217/0x2b0 [ 417.253738][ C0] __mm_populate+0x275/0x440 [ 417.258343][ C0] ? check_vma_flags+0x4d0/0x4d0 [ 417.263302][ C0] vm_mmap_pgoff+0x22b/0x2d0 [ 417.267917][ C0] ? account_locked_vm+0xe0/0xe0 [ 417.272874][ C0] ? syscall_enter_from_user_mode+0x2e/0x230 [ 417.278870][ C0] ? ksys_mmap_pgoff+0xd8/0x6d0 [ 417.283741][ C0] do_syscall_64+0x3b/0xb0 [ 417.288172][ C0] ? clear_bhb_loop+0x45/0xa0 [ 417.292866][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 417.298773][ C0] RIP: 0033:0x7f0cfe38d169 [ 417.303204][ C0] RSP: 002b:00007f0cff1e8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 417.311632][ C0] RAX: ffffffffffffffda RBX: 00007f0cfe5a5fa0 RCX: 00007f0cfe38d169 [ 417.319616][ C0] RDX: b635773f06ebbeef RSI: 0000000000b36000 RDI: 0000200000000000 [ 417.327601][ C0] RBP: 00007f0cfe40e2a0 R08: ffffffffffffffff R09: 0000000000000000 [ 417.335582][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000 [ 417.343562][ C0] R13: 0000000000000000 R14: 00007f0cfe5a5fa0 R15: 00007ffdce0a6788 [ 417.351559][ C0] [ 417.354602][ C0] rcu: rcu_preempt kthread starved for 10520 jiffies! g26365 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 417.365838][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 417.375813][ C0] rcu: RCU grace-period kthread stack dump: [ 417.381704][ C0] task:rcu_preempt state:R running task stack:25592 pid:16 ppid:2 flags:0x00004000 [ 417.392499][ C0] Call Trace: [ 417.395809][ C0] [ 417.398752][ C0] __schedule+0x143f/0x4570 [ 417.403277][ C0] ? _raw_spin_unlock+0x40/0x40 [ 417.408147][ C0] ? __mod_timer+0x956/0xee0 [ 417.412756][ C0] ? release_firmware_map_entry+0x18b/0x18b [ 417.418678][ C0] ? lockdep_softirqs_off+0x420/0x420 [ 417.424068][ C0] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 417.429980][ C0] ? _raw_spin_unlock+0x40/0x40 [ 417.434877][ C0] schedule+0xbf/0x180 [ 417.438970][ C0] schedule_timeout+0x1b9/0x300 [ 417.443847][ C0] ? console_conditional_schedule+0x40/0x40 [ 417.449754][ C0] ? update_process_times+0x1b0/0x1b0 [ 417.455157][ C0] ? prepare_to_swait_event+0x329/0x350 [ 417.460737][ C0] rcu_gp_fqs_loop+0x2d2/0x1150 [ 417.465619][ C0] ? dyntick_save_progress_counter+0x2b0/0x2b0 [ 417.471794][ C0] ? rcu_gp_init+0x15f0/0x15f0 [ 417.476586][ C0] rcu_gp_kthread+0xa3/0x3b0 [ 417.481193][ C0] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 417.486318][ C0] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 417.492231][ C0] ? __kthread_parkme+0x168/0x1c0 [ 417.497279][ C0] kthread+0x28d/0x320 [ 417.501357][ C0] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 417.506498][ C0] ? kthread_blkcg+0xd0/0xd0 [ 417.511111][ C0] ret_from_fork+0x1f/0x30 [ 417.515558][ C0] [ 417.518604][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 417.524947][ C0] CPU: 0 PID: 6737 Comm: syz.1.689 Not tainted 6.1.131-syzkaller #0 [ 417.532936][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 417.542999][ C0] RIP: 0010:_raw_spin_unlock_irq+0x25/0x40 [ 417.548819][ C0] Code: a1 84 f5 ff 90 53 48 89 fb 48 83 c7 18 48 8b 74 24 08 e8 8e dc ae f6 48 89 df e8 f6 1a b0 f6 e8 51 6d d5 f6 fb bf 01 00 00 00 d6 9b a2 f6 65 8b 05 f7 71 46 75 85 c0 74 02 5b c3 e8 94 95 44 [ 417.568431][ C0] RSP: 0018:ffffc900033cfb30 EFLAGS: 00000286 [ 417.574511][ C0] RAX: a27df997ae9fb400 RBX: ffff888057dddc80 RCX: ffffffff973c0103 [ 417.582502][ C0] RDX: dffffc0000000000 RSI: ffffffff8b0c1d40 RDI: 0000000000000001 [ 417.590484][ C0] RBP: ffffc900033cfc70 R08: dffffc0000000000 R09: ffffed100afbbb91 [ 417.598484][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff1100afbbc23 [ 417.606470][ C0] R13: 000000001c000004 R14: 0000000000000021 R15: ffff888057dde118 [ 417.614456][ C0] FS: 00007f043b9196c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 417.623394][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 417.629994][ C0] CR2: 000020000006b000 CR3: 000000007da44000 CR4: 00000000003506f0 [ 417.637989][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 417.645982][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 417.653959][ C0] Call Trace: [ 417.657243][ C0] [ 417.660101][ C0] ? rcu_check_gp_kthread_starvation+0x1b8/0x220 [ 417.666456][ C0] ? print_other_cpu_stall+0x150c/0x1640 [ 417.672114][ C0] ? print_cpu_stall+0x5f0/0x5f0 [ 417.677088][ C0] ? rcu_sched_clock_irq+0xaf6/0x1200 [ 417.682478][ C0] ? rcutree_dead_cpu+0x20/0x20 [ 417.687347][ C0] ? hrtimer_run_queues+0x163/0x450 [ 417.692560][ C0] ? acct_account_cputime+0x194/0x270 [ 417.697943][ C0] ? update_process_times+0x147/0x1b0 [ 417.703332][ C0] ? tick_sched_timer+0x386/0x550 [ 417.708376][ C0] ? tick_setup_sched_timer+0x2f0/0x2f0 [ 417.713944][ C0] ? __hrtimer_run_queues+0x5a7/0xe50 [ 417.719343][ C0] ? hrtimer_interrupt+0x980/0x980 [ 417.724469][ C0] ? ktime_get_update_offsets_now+0x407/0x420 [ 417.730563][ C0] ? hrtimer_interrupt+0x392/0x980 [ 417.735715][ C0] ? __sysvec_apic_timer_interrupt+0x158/0x5b0 [ 417.741886][ C0] ? sysvec_apic_timer_interrupt+0x9b/0xc0 [ 417.747710][ C0] [ 417.750661][ C0] [ 417.753604][ C0] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 417.759788][ C0] ? _raw_spin_unlock_irq+0x25/0x40 [ 417.765020][ C0] get_signal+0x151f/0x17a0 [ 417.769555][ C0] ? ptrace_notify+0x370/0x370 [ 417.774343][ C0] arch_do_signal_or_restart+0xb0/0x1a10 [ 417.779994][ C0] ? __might_fault+0xa1/0x110 [ 417.784700][ C0] ? __lock_acquire+0x1f80/0x1f80 [ 417.789750][ C0] ? do_sigaltstack+0x3f3/0x610 [ 417.794623][ C0] ? get_sigframe_size+0x10/0x10 [ 417.799575][ C0] ? restore_altstack+0x107/0x150 [ 417.804623][ C0] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 417.810659][ C0] ? exit_to_user_mode_loop+0x39/0x100 [ 417.816137][ C0] exit_to_user_mode_loop+0x6a/0x100 [ 417.821433][ C0] exit_to_user_mode_prepare+0xb1/0x140 [ 417.826991][ C0] syscall_exit_to_user_mode+0x60/0x270 [ 417.832552][ C0] do_syscall_64+0x47/0xb0 [ 417.836979][ C0] ? clear_bhb_loop+0x45/0xa0 [ 417.841671][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 417.847575][ C0] RIP: 0033:0x7f043ab8d167 [ 417.852000][ C0] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 [ 417.871616][ C0] RSP: 002b:00007f043b919038 EFLAGS: 00000246 [ 417.877704][ C0] RAX: 0000000000000113 RBX: 00007f043ada5fa0 RCX: 00007f043ab8d169 [ 417.885684][ C0] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000005 [ 417.893675][ C0] RBP: 00007f043ac0e2a0 R08: 0000000008000f28 R09: 0000000000000000 [ 417.901725][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 417.909712][ C0] R13: 0000000000000000 R14: 00007f043ada5fa0 R15: 00007ffc7f344b08 [ 417.917714][ C0] [ 417.932628][ T4257] Bluetooth: hci1: command 0x0419 tx timeout [ 417.959445][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 417.971649][ T6365] rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { P6720 } 10597 jiffies s: 6805 root: 0x0/T [ 417.984015][ T6365] rcu: blocking rcu_node structures (internal RCU debug): [ 417.992736][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 418.004983][ T5588] cdc_wdm 1-1:1.0: skipping garbage [ 418.010357][ T5588] cdc_wdm: probe of 1-1:1.0 failed with error -22 [ 418.153808][ T6631] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 418.160816][ T6631] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 418.199256][ T5588] usb 1-1: USB disconnect, device number 10 [ 418.229011][ T6631] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active SYZFAIL: failed to send rpc fd=3 want=416 sent=0 n=-1 (errno 32: Broken pipe) [ 419.485370][ T6500] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 419.594978][ T6500] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 419.700338][ T6500] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 419.737716][ T4266] syz-executor (4266) used greatest stack depth: 19344 bytes left [ 419.791420][ T6500] device netdevsim0 left promiscuous mode [ 419.802401][ T6500] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 420.368576][ T6500] device erspan0 left promiscuous mode [ 420.857415][ T6500] device hsr_slave_0 left promiscuous mode [ 420.864137][ T6500] device hsr_slave_1 left promiscuous mode [ 420.870620][ T6500] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 420.879123][ T6500] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 420.887369][ T6500] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 420.898474][ T6500] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 420.908345][ T6500] device bridge_slave_1 left promiscuous mode [ 420.919347][ T6500] bridge0: port 2(bridge_slave_1) entered disabled state [ 420.927886][ T6500] device bridge_slave_0 left promiscuous mode [ 420.939103][ T6500] bridge0: port 1(bridge_slave_0) entered disabled state [ 420.977792][ T6500] device veth1_macvtap left promiscuous mode [ 420.983955][ T6500] device veth0_macvtap left promiscuous mode [ 420.990094][ T6500] device veth1_vlan left promiscuous mode [ 420.996519][ T6500] device veth0_vlan left promiscuous mode [ 421.487089][ T6500] team0 (unregistering): Port device team_slave_1 removed [ 421.524299][ T6500] team0 (unregistering): Port device team_slave_0 removed [ 421.559009][ T6500] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 421.596518][ T6500] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 421.959543][ T6500] bond0 (unregistering): Released all slaves [ 422.517313][ T9] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 422.577118][ T9] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 422.648031][ T9] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 422.731936][ T9] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 422.906676][ T9] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 422.960590][ T9] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 423.055894][ T9] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 423.134842][ T9] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 423.292110][ T9] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 423.368709][ T9] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 423.438143][ T9] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 423.532483][ T9] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 425.352521][ T9] device hsr_slave_0 left promiscuous mode [ 425.359902][ T9] device hsr_slave_1 left promiscuous mode [ 425.367214][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 425.381915][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 425.389920][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 425.401624][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 425.409654][ T9] device bridge_slave_1 left promiscuous mode [ 425.420027][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 425.431856][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 425.444813][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 425.453248][ T9] device bridge_slave_1 left promiscuous mode [ 425.459925][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 425.468600][ T9] device bridge_slave_0 left promiscuous mode [ 425.475126][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 425.492206][ T9] device hsr_slave_0 left promiscuous mode [ 425.498738][ T9] device hsr_slave_1 left promiscuous mode [ 425.509591][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 425.517418][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 425.529348][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 425.537098][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 425.548764][ T9] device bridge_slave_1 left promiscuous mode [ 425.555121][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 425.566220][ T9] device hsr_slave_0 left promiscuous mode [ 425.572557][ T9] device hsr_slave_1 left promiscuous mode [ 425.579221][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 425.586754][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 425.594686][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 425.602067][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 425.609769][ T9] device bridge_slave_1 left promiscuous mode [ 425.615968][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 425.661527][ T9] device veth1_macvtap left promiscuous mode [ 425.667619][ T9] device veth0_macvtap left promiscuous mode [ 425.673876][ T9] device veth1_vlan left promiscuous mode [ 425.679632][ T9] device veth0_vlan left promiscuous mode [ 425.687665][ T9] device veth1_macvtap left promiscuous mode [ 425.693712][ T9] device veth0_macvtap left promiscuous mode [ 425.699749][ T9] device veth1_vlan left promiscuous mode [ 425.705656][ T9] device veth0_vlan left promiscuous mode [ 425.712443][ T9] device veth1_macvtap left promiscuous mode [ 425.718526][ T9] device veth0_macvtap left promiscuous mode [ 425.724655][ T9] device veth1_vlan left promiscuous mode [ 425.730423][ T9] device veth0_vlan left promiscuous mode [ 426.230459][ T9] team0 (unregistering): Port device team_slave_1 removed [ 426.266707][ T9] team0 (unregistering): Port device team_slave_0 removed [ 426.302296][ T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 426.341894][ T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 426.672085][ T9] bond0 (unregistering): Released all slaves [ 426.783022][ T9] team0 (unregistering): Port device team_slave_1 removed [ 426.809865][ T9] team0 (unregistering): Port device team_slave_0 removed [ 426.831986][ T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 426.855394][ T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 426.930157][ T9] bond0 (unregistering): Released all slaves