last executing test programs: 4.94871179s ago: executing program 3 (id=4329): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000280)={0x3c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x20, 0x11d, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xa8}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}]}]}]}, 0x3c}}, 0x0) 4.665579221s ago: executing program 3 (id=4332): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x1018e58, &(0x7f0000000140)={[{@acl}, {@noload}, {@auto_da_alloc}, {@noload}, {@journal_dev={'journal_dev', 0x3d, 0x4}}, {@norecovery}, {}, {@bsdgroups}]}, 0x6, 0x652, &(0x7f0000002580)="$eJzs3U9oHF8dAPDvzGbzS9L4SysiNigGPLQgTZNarHqxrQd7KFiwBxEPDU1SQ7d/SFKwtWACHhQURLwW6UXw7F169yZC9eZZqCIVC1q6P2Z2ttlsZrNJmuwm2c8HNjvz5m3e++7bt/NmZ99OAANrKvuTRpyOeHcriZho2TYejY1TRb7X/356O7slUa9/919JJEVaM39S3J8oVkYi4s9XIz5d2VruyuMnd+dq9YafRJxfvffw/MrjJ+eW7s3dWbizcH/2wtcuXpr5+uzF2ZaK7t2J4v7a9e98/pc//eFXF/9SO5fE5bhZ/fF8tMWxX6ZiKt4VIbamD0XEpWyh5Hk5ao5BCAOtUrweqxHx2ZiISr7WMBFLv+hr5YADVa9E1LeXdMsAHFW6Nwyq5jigeWxffhyctK3f7MHIpDdeXWkcAG2Nf6j4yGEkPzYae520HBk1Pts4uQ/lZ2W8fTry7O3TyWex6XOIN+9bZ2gfyulkbT0iPlcWf5LX7WQeaRZ/uulYP3tFzETEcFG/b31AHVpfXQfxOcx2dhN/azukEXG5uM/Sr+6x/PaPtXodPwCD6cWVYke+lq1t7P+ysUdz/BMl45/xDz8lk+v3/q/z+K+5vx/Jxz1p2zgsG7PcKP+X1faEv//82q87ld8Y/00+a96y8ptjwV54tR4x2Rb/z7Jgi/FPFn9S0v5ZlluXd1bGt1/+81qnbf2Ov/484kzp8c/GqDRb2ub85PnFpdrCTONvaRl//NMPftep/PL4PzqASMtl7T/WIf6W9k/bH5c9Jw/L/+V6e8Ifbjy/16n88a7tn/5jOGkcbw4XKT9aX11dno0YTq4XWYr0udXV5Qvbx9vI86ae38824j/7pfL+v+n13xbVaPMtcwcefu/u607b9vL6bzmZ/K6+wzp0ksU/3739t/T/LO1XOyzjv99/9IVO2zrHX82f4xJb3l8BAAAAAACAhjQ/B5uk0++X03R6ujFf9jMxltYerKx+efHBo/vzEWfz70NW00iT/CsjE431ZHGptjBbfB+2uX6hbf0rEXEqIn5TGc3Xp28/qM33O3gAAAAAAAAAAAAAAAAAAAA4JE4U8/+b16n+T6Ux/x8YEN0vMLfl+g/AMXGQF5gEDre8/2+3i/+4d3UBesv+HwbXXvv/yD7XA+g9+38YXPo/DC79HwaX/g+Da2i93zUA+sX+HwAAAACOpVNffPG3JCLWvjGa3zLDxTaTfuF4q+4qd+XA6gH0nh4Ng+v9qX+DfRg4Oxr//6/4ccCDrw7QB0lZYj44qG/f+V+UPnKDrxYDAAAAAAAAAAAAwL45c7rz/P/dzQ0GjhrT/mBwfcD8fz8dAEecn/6HweUYH+gyi7/zpf67zf8HAAAAAAAAAAAAAPbNeH5L0uliLvB4pOn0dMSnIuJkVJPFpdrCTER8HBF/rVQ/ytZn+11pAAAAAAAAAAAAAAAAAAAAOGZWHj+5O1erLSy3Lvx/S0oPF37/MqLHhTavgto9c30HebZd+Gbs8lGR9L4JRqPnTdDDhaGWlCRiLWv5Q1Gx5ZU4HNXIF/r8xgQAAAAAAAAAAAAAAAAAAAOoZe5xucnf9rhGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANB7G9f/77IwP9Z4wI4yb17od4wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwNH0SQAAAP//Kbg8mA==") quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x9d}) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000200)) 3.53216646s ago: executing program 1 (id=4339): r0 = epoll_create1(0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) writev(r1, &(0x7f0000000180)=[{&(0x7f0000000000)="9c", 0xffffff7d}], 0x1) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)) 2.887523891s ago: executing program 3 (id=4345): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x700, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="4400000070000100000000000000000007000000", @ANYRES32=r2, @ANYBLOB="0c0001800800010003000100200001800c0004800800020000000000100001"], 0x44}}, 0x0) 2.8428443s ago: executing program 5 (id=4346): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) openat$dlm_monitor(0xffffffffffffff9c, 0x0, 0x101000, 0x0) ptrace(0x10, r0) ptrace$pokeuser(0x6, r0, 0x0, 0x3) 2.64532175s ago: executing program 0 (id=4347): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000600)={'vxcan1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=@ipv6_deladdrlabel={0x38, 0x49, 0x1, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r2}, [@IFAL_ADDRESS={0x14, 0x1, @remote}, @IFAL_LABEL={0x8}]}, 0x38}}, 0x0) 2.5339508s ago: executing program 2 (id=4349): write$binfmt_script(0xffffffffffffffff, &(0x7f0000000240), 0x208e24b) syz_io_uring_setup(0x5169, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000100), 0x0) syz_io_uring_setup(0x2fd7, &(0x7f0000000280), &(0x7f0000000040), 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x20031, 0xffffffffffffffff, 0x0) 2.394438665s ago: executing program 1 (id=4350): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0) write$cgroup_int(r1, &(0x7f0000000100)=0xfffffffffffffffb, 0x12) 2.381928932s ago: executing program 3 (id=4351): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x11, 0x80a, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_ACTIVE_SLAVE={0x8}]}}}]}, 0x3c}}, 0x0) 2.300050998s ago: executing program 0 (id=4352): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000140)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_POWER_SAVE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x24, r1, 0x3, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}]}, 0x24}}, 0x0) 2.242776155s ago: executing program 4 (id=4353): unshare(0x22020400) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000080)='cpuset\x00'}, 0x30) r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)) ioctl$FICLONE(r0, 0x40049409, r0) 2.22165078s ago: executing program 5 (id=4354): socket$inet6(0xa, 0x3, 0x7) socket$inet6(0xa, 0x3, 0x7) r0 = socket$netlink(0x10, 0x3, 0x4) writev(r0, &(0x7f0000000300)=[{&(0x7f0000000000)="580000001400192340834b80040d8c560aff820fffff5bab00070000002058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100030c100000000000224e0000", 0x58}], 0x1) 2.084481339s ago: executing program 2 (id=4355): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b00000000001b000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000006ffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4000000010001fff000000000000000000060000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00b8"], 0x40}}, 0x0) 2.071730435s ago: executing program 1 (id=4356): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = socket(0x2, 0x3, 0xff) setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, 0x0, 0x0) 2.011972026s ago: executing program 3 (id=4357): setsockopt$inet6_MCAST_LEAVE_GROUP(0xffffffffffffffff, 0x29, 0x2d, &(0x7f0000000000)={0x3, {{0xa, 0x4e20, 0x0, @private1, 0x7}}}, 0x88) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="0500000000000000731121000900009183"], 0x0, 0xffff4d82, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x80000000, @void, @value}, 0x90) r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b04, &(0x7f0000000000)={'wlan1\x00'}) 1.97459325s ago: executing program 0 (id=4358): write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYBLOB="73797a31d9cfdf1f7cfd69c8c7e653792fefbe00f73c865d50b1b48a8840c8ece7df82bf7f5cdde5ed563b75bbe1cccceabab99233ca20317c2dac54a874ec308ed5e2858cba9f924224ddb8d96aa118cc4e16f3bc0b94a4ee45efbf3256e95c0c9af45359f669698b3afad2c69c2c765c39e2e3b6438536b4afc79aafde84a3d2de05a6b10d60fa66a85b43554899470268272d1dfeb3f1729dde104d50e2610d6d209c3617f773133da262cfe9f890b8f62d225384e220881a404dd8364aec9f1a361480f6d4d4f86807ed636a54f3cc5d84fdb29f5bc328087d4fe6876146d233b8f41e40df5dda9c97e4736a195c79dab97a6f26aa766bd2a5afb48311479ab13e6b7c1a7b8a2e8bda6304c7629f081737226e9f374418aaa73534c2b2415c3a9c0eb744dbc08d405f494c5abb2bd1c2aab0b901d0df5c4e1004fe458aa2de12fe38460528ba24cc315cb8ecbe769ed9e524af87f131218c8776e4afa2715e3ccbc560c05d966d8c01e72b0a1cd8b79b8d8724b8bc37253a755915445167e24d06e4558b9df66f2110e204182b4addbe193ae69816995f93f4889e36ba8dffb2da81235226d61d47530e953d3d64f5b7fae49193133094a18e6bfd894fbebecb7de3b1f3e6631215158497ee3cb0efce350285007b"], 0x1004) r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4) sendmsg$netlink(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000840)={0x1c, 0x22, 0x601, 0x0, 0x0, "", [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}, @generic="b7"]}, 0x1c}], 0x1}, 0x0) 1.929856544s ago: executing program 4 (id=4359): r0 = add_key$keyring(&(0x7f00000001c0), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$user(&(0x7f0000000080), &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000600)="0706675823b8a37f19b37e0f9f120663b78a6a322f28cbd9f0fffff804a03264a890a52094cd1825eddc42c667fc68923d7df9f4c5843c5f11b63d2684fff43955079736fa4c80100487c31c1b706b6bf10900000000000000491bd6ab098fe1a6741d65b085b4075db8419d9e6d17b1eec4dfb860a71d61af753459bcc5ea1f20d6c1c74aff7f00008bf98886eaac01b08aa753b8727f25773c98cd6a785c6b758992b03b81e2e09cf103dc16a5658a3b58626b457ee4773d41b3548f2258a2", 0xc0, r0) r2 = add_key$user(&(0x7f0000000100), &(0x7f0000001680)={'syz', 0x0}, &(0x7f00000002c0)='`', 0x1, 0xfffffffffffffffb) keyctl$dh_compute(0x17, &(0x7f0000000580)={r2, r1, r2}, &(0x7f0000000200)=""/58, 0x3a, &(0x7f0000000340)={&(0x7f0000000000)={'sha3-224-generic\x00'}}) 1.907768324s ago: executing program 5 (id=4360): sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xc, 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="850000002200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) syz_open_procfs$namespace(0x0, &(0x7f0000000280)='ns/ipc\x00') bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r0, 0x0, 0xcc0, 0xfffffffffffffde6, &(0x7f00000001c0)="348b0d151f8218e3c73697e4080049c416b90900000093291cfc5e8b99005e8b9900", 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 1.804491089s ago: executing program 0 (id=4361): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000540)={[{@nogrpid}, {@jqfmt_vfsv0}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@debug}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x5}}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) fstat(r0, &(0x7f0000000280)) 1.612579073s ago: executing program 3 (id=4362): r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xdc, 0x3f, 0x6e, 0x40, 0x813, 0x1, 0x3a08, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x9d, 0x26, 0x9b}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000280)={0x24, &(0x7f0000000180)={0x0, 0x0, 0x2, {0x2}}, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f00000008c0)={0x84, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 1.492139418s ago: executing program 1 (id=4363): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0) write$UHID_INPUT(r0, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3590bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d080000000000000014f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bdd277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd4829bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabaf18647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15283217e03d02a4054f34af3a65ef6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bccdf42bfd174d29b540161b4113c4e1a13f3a62bc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b391b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815501681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add38a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889581c750c34586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7004757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11c39d6fdcf5926d6ad5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a038813f2bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa500a0000000000006a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a00", 0xfffffffffffffe43}}, 0x1006) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0) statx(r0, &(0x7f00000000c0)='./file0\x00', 0x1000, 0x0, 0x0) 1.491469263s ago: executing program 4 (id=4364): unshare(0x62040200) r0 = socket(0x2, 0x80805, 0x0) sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{&(0x7f0000002e40)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)="03", 0x1}], 0x1}], 0x1, 0x0) sendmmsg$inet_sctp(r0, &(0x7f0000001f00)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000540)="850d4c0af31fc9cbcadbbbec02dc0df53e51183ee8371e666df8405d3b10f5c87aeed80702ce3d06eb9c054b5c59822c7324c506d1509122cb785cf9c09a476d33b0d466c08c901c424063de4a685ecac0da6ff01567", 0x56}], 0x1, &(0x7f0000000080)=ANY=[@ANYBLOB="30000000000000008400000001000000000000000c"], 0x30, 0x40000}, {&(0x7f00000001c0)=@in={0x2, 0x4e21, @multicast1}, 0x10, &(0x7f0000000840)=[{0x0}, {&(0x7f0000000240)}, {&(0x7f0000000640)="c21312502fbe3db8b7ec29ac8f98993b5422d44fecfdd055960669c0b16eff78524018ede366d22b2c778feb068f5144de46fcdaa71b9cb5ed20da5793185bbc1afbff6b089fd15695a1d8d1e7213e95fc9e35ad138d9be1f795866603505b00559b7d320e5140de8a8d9c123cb7b953694f11b2001e9a06aa8314bddffa38c96d28fb7d2f0f9c732833cef5fca8a263e690f9622537e6e0011bdf79074c3d8f130ae8e4ab20371c048e96dc5e64a4a79ecdd9841a62dc2453ee84a6fa12575905eb1eb4efa4497dad642129d8661431d114def1fe578741216943da2a0465b7b1a14c3191057fb67f5e8448f75825441b", 0xf1}, {&(0x7f0000000380)}], 0x4, &(0x7f00000008c0)=[@sndinfo={0x20, 0x84, 0x2, {0x0, 0x200, 0x7, 0x2}}, @dstaddrv6={0x20, 0x84, 0x8, @mcast1}, @authinfo={0x18, 0x84, 0x6, {0x7}}], 0x58, 0x80}], 0x2, 0x0) 1.398058162s ago: executing program 5 (id=4365): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x1a0682) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000280)={0x0, 0x9, 0x0, 'queue0\x00'}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r0, 0x40bc5311, &(0x7f00000001c0)={0x80, 0x1, 'client1\x00', 0xffffffff80000006, "d62e980da99179cf", "20e48560999fd132b6a5426180a8c27a00fcfffff0003336f794d20352346f8f"}) write$sndseq(r0, &(0x7f00000000c0)=[{0x5, 0x0, 0x0, 0x0, @time, {}, {0x0, 0x1}, @result}], 0x1c) 1.282363926s ago: executing program 0 (id=4366): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x13, r0, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r1, 0x28, 0x0, &(0x7f0000000500), 0x8) 1.191837738s ago: executing program 5 (id=4367): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) munmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000) mremap(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x3000, 0x0, &(0x7f0000ffb000/0x3000)=nil) 1.071702062s ago: executing program 1 (id=4368): r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x7) ioctl$KDGETKEYCODE(r0, 0x4b4c, 0x0) 924.285714ms ago: executing program 2 (id=4369): r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030031000b12d25a80648c2594f90124fc60100c074002200600053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0) r1 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030031000b12d25a802b8c2594f90424fc60100c034002200600053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 881.303645ms ago: executing program 5 (id=4370): r0 = timerfd_create(0x0, 0x0) readv(r0, &(0x7f0000000640)=[{&(0x7f0000000140)=""/168, 0xa8}], 0x1) timerfd_settime(r0, 0x3, &(0x7f0000000440)={{0x0, 0x989680}}, 0x0) clock_adjtime(0x0, &(0x7f0000000040)={0xd54, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}) 853.653578ms ago: executing program 0 (id=4371): openat$capi20(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00') r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000001400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r0]) 605.624443ms ago: executing program 1 (id=4372): r0 = socket(0x11, 0x800000003, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="340000001c0073fc000000000000000007000003", @ANYRES32=r2, @ANYBLOB="030044000a000200bb"], 0x34}}, 0x0) 481.509408ms ago: executing program 2 (id=4373): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x1000004, 0x12, r0, 0x0) r1 = syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0) preadv(r1, &(0x7f0000000140)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x12, 0x0) 421.688794ms ago: executing program 4 (id=4374): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x11, @loopback, 0x0, 0x0, 'ovf\x00', 0x1d}, 0x2c) r1 = socket$inet6(0xa, 0x2, 0x0) sendmmsg$inet6(r1, &(0x7f0000000080)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c, 0x0}}], 0x1, 0x0) 299.505116ms ago: executing program 4 (id=4375): bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x16, &(0x7f0000000a40)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xd2}, @kfunc, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @btf_id, @alu={0x4, 0x0, 0xd, 0x7, 0x5, 0x20, 0xfffffffffffffff0}, @snprintf]}, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)=0x4b) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x8946, &(0x7f0000000900)={'wlan1\x00', @random='\x00\x00\x00 \x00'}) 221.844035ms ago: executing program 2 (id=4376): r0 = socket(0x10, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'erspan0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000100)={'ip6tnl0\x00', &(0x7f0000000140)={'syztnl1\x00', r2, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @mcast2={0xff, 0x5}, 0x10}}) 110.072526ms ago: executing program 4 (id=4377): syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f00000022c0)=ANY=[], 0x1, 0x6ca, &(0x7f0000000500)="$eJzs3c1vHGcdB/DvrNeuN1TBaRMaoSKsRCpIEYkTK4VwwSCEcqhQVQ49W4nTWN0kVeIit0LgAoITEof+AQXJNw4IiXtQuHApt159rITEJeIQ9bJoZmftXXv9lthrBz6faDzPM8/L/OaZZ2a866w2wP+t6xfSfJgi1y+8sVzm11Zn22ursy/Uxe0kZbqRNLurFHeT4lEyV5YXfUv61lt8vHjtrc8er33ezTXrpao/tlO7IYbUXamXTNf9TQ9tOb7XXazU4eXFJDfq9aCJvfY1ULEctPP1Go5cZ4uV/TTfz3ULHDO9p1PRfW5uMZWcSDJZ/x6Q+u7QGF2Eh2NfdzkAAAB4Tn1676gjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdP/f3/Rb006nWmU/S+/3+it61OH0Nze6758FDjAAAAAAAAAIDR+PqTPMlyTvbynaL6m/+5KnM6X3SSL+X9PMhC7udiljOfpSzlfi4nmerraGJ5fmnp/uX1lqXhLa8MbXllVEcMAAAAAAAAAP+TfpnWxt//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgOCiSse6qWk7X60yl0cxGWVaSfyaZOOp496EYtvHh6OMAAACAZzL5FG2+/CRPspyTvXynqF7zf6V6vTyZ93M3S1nMUtpZyM36NXT5qr+xtjrbXludvVMuZX6w3+//e19hTNQ9jFW5YXs+W9Vo5VYWqy0Xc6MK5mYa3X2fT8724umLq89HZUzF92p7jKxZD2u5s99v9y7CgRh8K6KxQ83WRnDJ+ojM1LGVLU91R6Co3qhJNo/ErmenOZCbqnodX9/T5TTW3/k5fQhjfqJel8fzm0Md8/1aH4lGqpG40pt95TWz80gk3/jrn96+3b777u1bDy4cn0Paxdg22zfPidm+kXjluR6J5j7rz1QjcWY9fz0/yk9yIdN5M/ezmJ9mPktZSKcun6/nc/lzaueRmhvIvblbJBP1eemes73ENJ0fVqn5nKvansxiitzLzSzk9erflVzOt3M1V3Ot7wyf2Tbu6tiqq76x+arvnem/DQ3+/DfrRHl3++3GXW5upyPebnYelO69vxzXU33j2p31j9drneq7Dmb6Ruml3uiMD+38ae6Nza/WiXIfv9rlOTFaU/VIlBdQ7ynRi+7l7kg0q2fR1nn+h07ZLu27nc7t+fe26X9lU/61el1Oq9Wv7Va7Z/ipOFjlfHkpk/WdZHB2lGUvr99l+so6G3O5Wzb4xC3bnanKiqJ3pf4496oJsPVKnah/h9va05Wq7JWhZbNV2dm+soHft3Iv7dwcwfgB8DT+8fZ6cionJlr/an3a+qT169bt1huTP3jhOy+8OpHxv49/tzkz9lrj1eIv+SQ/33j9DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPL0HH3z47ny7vXB/eKKxfdFAopXNW3breVOiqL/QZ3+tjm9iMsnAlup7jkYeRmtzGFsSnV8kIx+f3pcIDq/zuzLR3DKjhiXmBrb8eWuHH+0zwmJv18UhJhoZ7U7HMnwCHOFNCRiJS0t33rv04IMPv7V4Z/6dhXcW7o5fvXpt5trV12cv3VpsL8x0fx51lMBh2HjoH3UkAAAAAAAAAAAAwF4N+2DAuRd3+9DInj7j4X8WAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfi+oU0H6bI5ZmLM2V+bXW2XS699EbNZpJGIyl+lhSPkrl0l0z1dVfkj4/SGbKfjxevvfXZ47XPN/pqdusnjXq9vZ1Lk6zUS6aTjNXrZzDQ341n7q/4T+8YygH7otPpzD1bfHAw/hsAAP//msX1EQ==") mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8) 0s ago: executing program 2 (id=4378): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000010000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000003200)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10) ioctl$TIOCMGET(r0, 0x5415, &(0x7f0000000040)) kernel console output (not intermixed with test programs): : config 0 descriptor?? [ 475.598878][T13849] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 475.611397][T13849] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 475.639361][T13849] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 475.669133][T13849] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 475.953650][T13849] 8021q: adding VLAN 0 to HW filter on device bond0 [ 475.967454][ T46] ath6kl: Unsupported hardware version: 0x0 [ 475.987676][ T46] ath6kl: Failed to init ath6kl core: -22 [ 476.005300][ T46] ath6kl_usb 5-1:0.0: probe with driver ath6kl_usb failed with error -22 [ 476.085917][T13849] 8021q: adding VLAN 0 to HW filter on device team0 [ 476.118838][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 476.126094][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 476.155617][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 476.162806][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 476.267480][ T5294] usb 5-1: USB disconnect, device number 14 [ 476.444278][ T46] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 476.673654][ T46] usb 4-1: New USB device found, idVendor=0fd9, idProduct=002c, bcdDevice=51.8f [ 476.702065][ T46] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 476.721219][ T46] usb 4-1: Product: syz [ 476.741494][ T46] usb 4-1: Manufacturer: syz [ 476.757378][ T46] usb 4-1: SerialNumber: syz [ 476.786119][ T46] usb 4-1: config 0 descriptor?? [ 476.833632][ T46] as10x_usb: device has been detected [ 476.855859][ T46] dvbdev: DVB: registering new adapter (Elgato EyeTV DTT Deluxe) [ 476.895310][T13849] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 476.928775][ T46] usb 4-1: DVB: registering adapter 1 frontend 0 (Elgato EyeTV DTT Deluxe)... [ 477.120077][T13849] veth0_vlan: entered promiscuous mode [ 477.161694][ T46] as10x_usb: error during firmware upload part1 [ 477.181106][ T46] Registered device Elgato EyeTV DTT Deluxe [ 477.188493][T13849] veth1_vlan: entered promiscuous mode [ 477.192221][ T46] usb 4-1: USB disconnect, device number 18 [ 477.229225][ T5250] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 477.241626][ T5250] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 477.250153][ T5250] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 477.272309][ T5250] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 477.281806][ T5250] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 477.290242][ T5250] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 477.393215][ T46] Unregistered device Elgato EyeTV DTT Deluxe [ 477.397667][ T46] as10x_usb: device has been disconnected [ 477.501495][T13849] veth0_macvtap: entered promiscuous mode [ 477.551727][T13849] veth1_macvtap: entered promiscuous mode [ 477.681943][T13849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 477.713307][T13849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.726562][T13849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 477.737657][T13849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.748327][T13849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 477.759038][T13849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.768981][T13849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 477.779839][T13849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.791224][T13849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 477.803384][T13849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.813713][T13849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 477.825826][T13849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.840089][T13849] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 477.941937][T13849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 477.984390][T13849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 478.014138][T13849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 478.057004][T13849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 478.095658][T13849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 478.128021][T13849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 478.148269][T13849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 478.185919][T13849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 478.217528][T13849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 478.246365][T13849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 478.282866][T13849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 478.311212][T13849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 478.335039][T13849] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 478.370346][T13849] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 478.395721][T13849] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 478.416592][T13849] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 478.447180][T13849] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 478.545510][T14125] program syz.0.3267 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 478.972596][T14100] chnl_net:caif_netlink_parms(): no params data found [ 479.202155][T14141] loop0: detected capacity change from 0 to 512 [ 479.391476][ T5248] Bluetooth: hci7: command tx timeout [ 479.401703][T14141] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 479.457195][T14141] ext4 filesystem being mounted at /268/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 479.465996][ T2897] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 479.514501][ T2897] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 479.613513][ T9991] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 479.730264][T14100] bridge0: port 1(bridge_slave_0) entered blocking state [ 479.749771][T14100] bridge0: port 1(bridge_slave_0) entered disabled state [ 479.770957][T14100] bridge_slave_0: entered allmulticast mode [ 479.781636][T14100] bridge_slave_0: entered promiscuous mode [ 479.805480][ T25] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 479.839344][T14100] bridge0: port 2(bridge_slave_1) entered blocking state [ 479.866554][T14100] bridge0: port 2(bridge_slave_1) entered disabled state [ 479.886446][T14100] bridge_slave_1: entered allmulticast mode [ 479.905230][T14100] bridge_slave_1: entered promiscuous mode [ 479.952090][T14151] loop0: detected capacity change from 0 to 256 [ 480.026192][ T25] usb 4-1: Using ep0 maxpacket: 16 [ 480.034174][ T25] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 480.046819][ T25] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00 [ 480.057215][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 480.067745][T14151] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 480.075130][ T25] usb 4-1: Product: syz [ 480.104746][ T25] usb 4-1: Manufacturer: syz [ 480.117042][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 480.134833][ T25] usb 4-1: SerialNumber: syz [ 480.156078][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 480.183637][T14100] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 480.194953][ T25] usb 4-1: config 0 descriptor?? [ 480.214224][ T25] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected [ 480.227597][ T25] usb 4-1: Detected FT232R [ 480.263049][T14100] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 480.400116][T14135] loop2: detected capacity change from 0 to 32768 [ 480.448400][T14135] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.3270 (14135) [ 480.512328][ T25] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 480.523368][T14135] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 480.543432][T14100] team0: Port device team_slave_0 added [ 480.563557][T14100] team0: Port device team_slave_1 added [ 480.597412][T14135] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 480.646925][T14135] BTRFS info (device loop2): using free-space-tree [ 480.662114][T14159] loop1: detected capacity change from 0 to 512 [ 480.684978][T14159] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 480.704174][T14100] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 480.734937][T14100] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 480.771194][T14100] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 480.789664][ T25] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 480.801028][T14100] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 480.810975][T14159] EXT4-fs (loop1): 1 truncate cleaned up [ 480.820362][T14159] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 480.832869][T14100] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 480.864146][T14100] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 481.001997][T14181] loop4: detected capacity change from 0 to 128 [ 481.006616][T14100] hsr_slave_0: entered promiscuous mode [ 481.036569][T14100] hsr_slave_1: entered promiscuous mode [ 481.045075][ T8] usb 1-1: new high-speed USB device number 29 using dummy_hcd [ 481.045867][T14159] EXT4-fs: Can't set or change test_dummy_encryption on remount [ 481.056787][T14181] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 481.103039][T14181] ext4 filesystem being mounted at /164/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 481.144550][T14100] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 481.184595][T14100] Cannot create hsr debugfs directory [ 481.239994][ T25] usb 4-1: USB disconnect, device number 19 [ 481.244729][ T8] usb 1-1: Using ep0 maxpacket: 8 [ 481.252082][ T5230] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 481.269066][ T8] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 481.293403][ T25] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 481.301843][ T8] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 481.306314][T13849] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 481.341872][ T8] usb 1-1: New USB device found, idVendor=07c0, idProduct=1125, bcdDevice= 0.40 [ 481.345059][ T25] ftdi_sio 4-1:0.0: device disconnected [ 481.360673][T11589] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 481.400813][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 481.415725][ T8] usb 1-1: Product: syz [ 481.421557][ T8] usb 1-1: Manufacturer: syz [ 481.433699][ T8] usb 1-1: SerialNumber: syz [ 481.455313][ T5248] Bluetooth: hci7: command tx timeout [ 481.651340][ T8] usbhid 1-1:1.0: can't add hid device: -22 [ 481.683719][ T8] usbhid 1-1:1.0: probe with driver usbhid failed with error -22 [ 481.878581][ T25] usb 1-1: USB disconnect, device number 29 [ 482.948201][T14100] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 483.348981][T14100] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 483.419463][T14209] netlink: 'syz.1.3293': attribute type 4 has an invalid length. [ 483.538040][ T5248] Bluetooth: hci7: command tx timeout [ 483.748465][T14100] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 483.858000][T14201] loop2: detected capacity change from 0 to 40427 [ 483.914901][T14201] F2FS-fs (loop2): Invalid log blocks per segment (5) [ 483.922097][T14201] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 483.988564][T14201] F2FS-fs (loop2): Found nat_bits in checkpoint [ 484.030272][T14100] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 484.234622][T14201] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 484.265124][T14201] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 484.278956][T14229] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 484.390368][T14231] loop3: detected capacity change from 0 to 256 [ 484.513415][T14100] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 484.548826][T14100] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 484.583813][T14100] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 484.652919][T14100] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 484.916314][T14215] loop4: detected capacity change from 0 to 32768 [ 484.975087][T14215] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3295 (14215) [ 484.999419][T14215] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 485.021829][T14215] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 485.047388][T14215] BTRFS info (device loop4): using free-space-tree [ 485.114258][ T29] audit: type=1326 audit(1726042884.957:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14244 comm="syz.0.3308" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3860f7def9 code=0x0 [ 485.174336][T14100] 8021q: adding VLAN 0 to HW filter on device bond0 [ 485.345111][T14100] 8021q: adding VLAN 0 to HW filter on device team0 [ 485.380287][ T2897] bridge0: port 1(bridge_slave_0) entered blocking state [ 485.387618][ T2897] bridge0: port 1(bridge_slave_0) entered forwarding state [ 485.398075][T11589] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 485.479191][ T1280] bridge0: port 2(bridge_slave_1) entered blocking state [ 485.486680][ T1280] bridge0: port 2(bridge_slave_1) entered forwarding state [ 485.620883][ T5248] Bluetooth: hci7: command tx timeout [ 485.993289][T14276] loop1: detected capacity change from 0 to 128 [ 486.082550][T14276] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 486.115182][ T25] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 486.117851][T14276] ext4 filesystem being mounted at /13/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 486.236491][T14276] EXT4-fs warning (device loop1): ext4_group_extend:1885: will only finish group (8193 blocks, 8129 new) [ 486.313322][T14276] EXT4-fs warning (device loop1): ext4_group_extend:1890: can't read last block, resize aborted [ 486.335602][ T25] usb 3-1: Using ep0 maxpacket: 8 [ 486.386301][ T25] usb 3-1: config 0 has no interfaces? [ 486.417776][ T25] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 486.455211][ T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 486.463340][ T25] usb 3-1: Product: syz [ 486.577072][ T25] usb 3-1: Manufacturer: syz [ 486.581789][ T25] usb 3-1: SerialNumber: syz [ 486.613658][T13849] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 486.647461][ T25] usb 3-1: config 0 descriptor?? [ 486.750544][T14100] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 486.916772][ T8] usb 3-1: USB disconnect, device number 24 [ 487.063334][T14297] netlink: 'syz.0.3320': attribute type 1 has an invalid length. [ 487.700919][ T5248] Bluetooth: hci7: command tx timeout [ 487.715374][ T5293] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 487.862109][T14100] veth0_vlan: entered promiscuous mode [ 487.899457][T14100] veth1_vlan: entered promiscuous mode [ 487.919174][ T5293] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 487.963999][ T5293] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 487.994000][ T5293] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 488.005323][ T5293] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 488.013396][ T5293] usb 4-1: SerialNumber: syz [ 488.034794][ C0] vkms_vblank_simulate: vblank timer overrun [ 488.114662][T14100] veth0_macvtap: entered promiscuous mode [ 488.174855][T14100] veth1_macvtap: entered promiscuous mode [ 488.299318][ T5293] usb 4-1: 0:2 : does not exist [ 488.330169][T14100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 488.372346][T14100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 488.374596][ T5293] usb 4-1: USB disconnect, device number 20 [ 488.407671][T14100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 488.431483][T14100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 488.456598][T14100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 488.495621][T14100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 488.515479][T14100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 488.535371][T14100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 488.555441][T14100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 488.576337][T14100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 488.597952][T14100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 488.618846][T14100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 488.638903][T14100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 488.665584][T14100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 488.701082][T14100] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 488.761468][T14100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 488.802617][T14100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 488.853295][T14100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 488.905561][T14100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 488.934585][T14100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 488.955685][T14100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 488.989338][T14100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 489.023674][T14100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 489.050514][T14100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 489.089952][T14100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 489.118794][T14100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 489.150079][T14100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 489.171449][T14100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 489.185862][T14100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 489.210671][T14100] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 489.234152][T14345] trusted_key: encrypted_key: keyword 'load' not allowed when called from .update method [ 489.314757][ C0] hrtimer: interrupt took 2075070 ns [ 489.595080][T14335] loop4: detected capacity change from 0 to 40427 [ 489.617344][T14335] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 489.626313][T14335] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 489.652995][T14335] F2FS-fs (loop4): invalid crc value [ 489.717815][T14335] F2FS-fs (loop4): Found nat_bits in checkpoint [ 489.879036][ C0] vkms_vblank_simulate: vblank timer overrun [ 489.898106][ T58] usb 1-1: new high-speed USB device number 30 using dummy_hcd [ 489.985071][ C0] vkms_vblank_simulate: vblank timer overrun [ 490.009692][T14335] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 490.033802][T14335] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 490.059494][ C0] vkms_vblank_simulate: vblank timer overrun [ 490.120903][ C0] vkms_vblank_simulate: vblank timer overrun [ 490.126416][ T29] audit: type=1800 audit(1726042889.936:85): pid=14335 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3335" name="bus" dev="loop4" ino=10 res=0 errno=0 [ 490.200027][ T58] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 490.212937][ T58] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 490.228753][ T58] usb 1-1: New USB device found, idVendor=056a, idProduct=0028, bcdDevice= 0.00 [ 490.238860][ T58] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 490.252254][ T58] usb 1-1: config 0 descriptor?? [ 490.364737][ C0] vkms_vblank_simulate: vblank timer overrun [ 490.737485][ T58] wacom 0003:056A:0028.0024: Unknown device_type for 'HID 056a:0028'. Assuming pen. [ 490.773350][ T58] wacom 0003:056A:0028.0024: hidraw0: USB HID v0.00 Device [HID 056a:0028] on usb-dummy_hcd.0-1/input0 [ 490.809750][T14100] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 490.859917][ T58] input: Wacom Intuos5 touch L Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:056A:0028.0024/input/input32 [ 490.885780][T14100] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 490.935071][T14100] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 490.976994][T14100] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 491.048635][ T58] usb 1-1: USB disconnect, device number 30 [ 491.471959][T14367] loop3: detected capacity change from 0 to 164 [ 491.495942][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 491.516476][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 491.544837][T14367] rock: corrupted directory entry. extent=41, offset=65536, size=8 [ 491.652867][T14367] rock: corrupted directory entry. extent=41, offset=65536, size=8 [ 491.687025][ T2897] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 491.725906][ T2897] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 492.336904][ T29] audit: type=1326 audit(1726042892.176:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14385 comm="syz.0.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3860f7def9 code=0x7ffc0000 [ 492.425667][ T29] audit: type=1326 audit(1726042892.176:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14385 comm="syz.0.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3860f7def9 code=0x7ffc0000 [ 492.515429][ T29] audit: type=1326 audit(1726042892.176:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14385 comm="syz.0.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3860f7def9 code=0x7ffc0000 [ 492.584733][ T29] audit: type=1326 audit(1726042892.196:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14385 comm="syz.0.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3860f7def9 code=0x7ffc0000 [ 492.658049][ T29] audit: type=1326 audit(1726042892.196:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14385 comm="syz.0.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3860f7def9 code=0x7ffc0000 [ 492.740581][ T29] audit: type=1326 audit(1726042892.226:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14385 comm="syz.0.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3860f7def9 code=0x7ffc0000 [ 492.825515][ T29] audit: type=1326 audit(1726042892.226:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14385 comm="syz.0.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3860f7def9 code=0x7ffc0000 [ 492.904315][ T29] audit: type=1326 audit(1726042892.226:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14385 comm="syz.0.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3860f7def9 code=0x7ffc0000 [ 493.006163][ T29] audit: type=1326 audit(1726042892.246:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14385 comm="syz.0.3355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=437 compat=0 ip=0x7f3860f7def9 code=0x7ffc0000 [ 493.638171][T14375] loop4: detected capacity change from 0 to 32768 [ 494.177925][T14414] loop1: detected capacity change from 0 to 16 [ 494.209175][T14414] erofs: (device loop1): mounted with root inode @ nid 36. [ 494.528288][T14392] loop0: detected capacity change from 0 to 32768 [ 494.737299][T14392] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 494.931988][T14400] loop3: detected capacity change from 0 to 32768 [ 494.953788][T14400] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.3361 (14400) [ 495.140462][T14400] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 495.145773][T14392] XFS (loop0): Ending clean mount [ 495.168568][T14400] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 495.207923][T14400] BTRFS info (device loop3): using free-space-tree [ 495.359033][T14446] loop5: detected capacity change from 0 to 16 [ 495.391717][T14446] erofs: (device loop5): mounted with root inode @ nid 36. [ 495.524505][T14457] program syz.2.3376 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 495.562396][ T9991] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 495.950366][T14420] loop4: detected capacity change from 0 to 32768 [ 496.048608][T14420] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 496.098388][ T5229] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 496.663185][T14420] XFS (loop4): Ending clean mount [ 496.763027][T14485] binder: Binderfs stats mode cannot be changed during a remount [ 497.200301][T11589] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 497.433994][T14494] loop3: detected capacity change from 0 to 1024 [ 497.554316][T14494] hfsplus: bad catalog entry type [ 497.693855][T14471] loop5: detected capacity change from 0 to 32768 [ 497.749193][ T11] hfsplus: b-tree write err: -5, ino 4 [ 497.937537][T14471] XFS (loop5): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 498.145235][T14471] XFS (loop5): Ending clean mount [ 498.240122][T14519] loop2: detected capacity change from 0 to 2048 [ 498.352752][T14527] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 498.700273][T14100] XFS (loop5): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 499.812985][T14554] tap0: tun_chr_ioctl cmd 1074025673 [ 499.841128][ T5309] usb 1-1: new high-speed USB device number 31 using dummy_hcd [ 500.080708][ T5309] usb 1-1: New USB device found, idVendor=30c9, idProduct=0093, bcdDevice=18.c6 [ 500.112905][ T5309] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 500.127102][T14560] loop4: detected capacity change from 0 to 4096 [ 500.199061][ T5309] usb 1-1: Product: syz [ 500.204699][T14560] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 500.237407][ T5309] usb 1-1: Manufacturer: syz [ 500.254104][T14568] loop1: detected capacity change from 0 to 256 [ 500.286777][T14568] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x4e1f5d09, utbl_chksum : 0xe619d30d) [ 500.288003][ T5309] usb 1-1: SerialNumber: syz [ 500.365177][ T5309] usb 1-1: config 0 descriptor?? [ 500.366916][T14568] exFAT-fs (loop1): error, in sector 160, dentry 12 should be unused, but 0x85 [ 500.392500][T14568] exFAT-fs (loop1): Filesystem has been set read-only [ 500.850984][ T29] kauditd_printk_skb: 2 callbacks suppressed [ 500.851031][ T29] audit: type=1800 audit(1726042900.695:97): pid=14560 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3410" name="file1" dev="loop4" ino=29 res=0 errno=0 [ 500.901856][T14558] loop3: detected capacity change from 0 to 32768 [ 500.927224][T14558] btrfs: Deprecated parameter 'usebackuproot' [ 500.973162][T14558] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 501.009033][T14558] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.3411 (14558) [ 501.095257][T14576] loop1: detected capacity change from 0 to 128 [ 501.113547][ T1254] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.120865][ T1254] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.155723][T14558] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 501.169198][T14551] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3408'. [ 501.209357][T14576] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 501.211524][T14558] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 501.232778][T14558] BTRFS info (device loop3): disk space caching is enabled [ 501.281090][T14576] ext4 filesystem being mounted at /42/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 501.285405][T14558] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 501.375176][ T5294] usb 1-1: USB disconnect, device number 31 [ 501.522640][T14576] fscrypt (loop1, inode 12): Mutually exclusive encryption flags (0x18) [ 501.689063][T14558] btrfs: Deprecated parameter 'usebackuproot' [ 501.695913][T14558] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 501.792365][T13849] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 501.802496][T14558] BTRFS warning (device loop3 state M): remount supports changing free space tree only from RO to RW [ 501.814080][T14558] BTRFS info (device loop3 state M): enabling free space tree [ 501.821920][T14558] BTRFS info (device loop3 state M): force clearing of disk cache [ 501.830060][T14558] BTRFS info (device loop3 state M): trying to use backup root at mount time [ 501.839040][T14558] BTRFS info (device loop3 state M): disabling disk space caching [ 502.123841][ T5229] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 502.886352][T14616] loop1: detected capacity change from 0 to 1024 [ 503.003499][T14616] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 503.048275][T14616] ext4 filesystem being mounted at /44/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 503.093962][T14622] loop3: detected capacity change from 0 to 256 [ 503.129011][T14622] exfat: Deprecated parameter 'utf8' [ 503.156790][T14622] exfat: Deprecated parameter 'namecase' [ 503.187435][T14622] exfat: Deprecated parameter 'utf8' [ 503.331356][T14622] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 503.461382][T14597] loop4: detected capacity change from 0 to 32768 [ 503.502063][T14597] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3418 (14597) [ 503.523570][T14622] exFAT-fs (loop3): hint_cluster is invalid (1), rewind to the first cluster [ 503.620489][ T5294] usb 1-1: new high-speed USB device number 32 using dummy_hcd [ 503.639409][T13849] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 503.661875][T14597] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 503.717751][T14597] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 503.788270][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 503.839344][T14627] exFAT-fs (loop3): error, failed to bmap (inode : ffff888060b9dc68 iblock : 0, err : -5) [ 503.855304][ T5294] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 503.865365][ T5294] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 503.867251][T14632] netlink: 138400 bytes leftover after parsing attributes in process `syz.2.3433'. [ 503.891291][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 503.901338][ T5294] usb 1-1: Product: syz [ 503.901391][ T5294] usb 1-1: Manufacturer: syz [ 503.901419][ T5294] usb 1-1: SerialNumber: syz [ 503.961497][ T5294] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 504.007819][T14627] exFAT-fs (loop3): error, failed to bmap (inode : ffff888060b9dc68 iblock : 0, err : -5) [ 504.018387][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 504.027127][T14627] exFAT-fs (loop3): error, failed to bmap (inode : ffff888060b9dc68 iblock : 1, err : -5) [ 504.049104][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 504.172442][T14627] exFAT-fs (loop3): error, failed to bmap (inode : ffff888060b9dc68 iblock : 2, err : -5) [ 504.198147][T14597] BTRFS info (device loop4): rebuilding free space tree [ 504.234368][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 504.244689][T14627] exFAT-fs (loop3): error, failed to bmap (inode : ffff888060b9dc68 iblock : 3, err : -5) [ 504.255957][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 504.303564][T14627] exFAT-fs (loop3): error, failed to bmap (inode : ffff888060b9dc68 iblock : 4, err : -5) [ 504.320332][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 504.331021][T14627] exFAT-fs (loop3): error, failed to bmap (inode : ffff888060b9dc68 iblock : 5, err : -5) [ 504.356792][T14612] loop5: detected capacity change from 0 to 32768 [ 504.364841][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 504.366503][T14597] BTRFS info (device loop4): disabling free space tree [ 504.420783][T14597] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 504.445552][T14597] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 504.447771][T14612] BTRFS: device fsid 34a2da50-e117-4d40-8878-8e0fb0127b5f devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3426 (14612) [ 504.470852][ T25] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 504.480291][T14627] exFAT-fs (loop3): error, failed to bmap (inode : ffff888060b9dc68 iblock : 6, err : -5) [ 504.541163][T14612] BTRFS info (device loop5): first mount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f [ 504.595085][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 504.626884][T14612] BTRFS info (device loop5): using xxhash64 (xxhash64-generic) checksum algorithm [ 504.651475][T14612] BTRFS info (device loop5): using free-space-tree [ 504.664153][T14627] exFAT-fs (loop3): error, failed to bmap (inode : ffff888060b9dc68 iblock : 7, err : -5) [ 504.701782][T11589] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 504.787403][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 504.797048][T14627] exFAT-fs (loop3): error, failed to bmap (inode : ffff888060b9dc68 iblock : 8, err : -5) [ 504.944461][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 505.015376][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 505.037783][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 505.124552][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 505.166508][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 505.230557][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 505.285107][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 505.339356][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 505.385902][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 505.428934][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 505.480744][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 505.513782][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 505.532393][T14670] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 505.579067][T14100] BTRFS info (device loop5): last unmount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f [ 505.594514][T14670] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 505.618722][ T25] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive [ 505.618840][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 505.647125][ T25] ath9k_htc: Failed to initialize the device [ 505.700023][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 505.769808][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 505.836449][ T25] usb 1-1: ath9k_htc: USB layer deinitialized [ 505.854244][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 506.018594][ T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!! [ 506.026956][ T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!! [ 506.041555][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 506.051939][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 506.101513][ T5272] usb 1-1: USB disconnect, device number 32 [ 506.140436][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 506.162227][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 506.195867][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 506.292756][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 506.339177][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 506.395869][T14627] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 506.479504][ T29] audit: type=1800 audit(1726042906.304:98): pid=14627 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.3424" name="file1" dev="loop3" ino=1048767 res=0 errno=0 [ 506.600569][T14683] overlayfs: failed to resolve './file0': -2 [ 506.712371][T14685] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3444'. [ 507.785645][T14703] loop3: detected capacity change from 0 to 256 [ 508.149088][T14703] FAT-fs (loop3): Directory bread(block 64) failed [ 508.156381][T14703] FAT-fs (loop3): Directory bread(block 65) failed [ 508.208060][T14703] FAT-fs (loop3): Directory bread(block 66) failed [ 508.215277][T14703] FAT-fs (loop3): Directory bread(block 67) failed [ 508.278126][T14703] FAT-fs (loop3): Directory bread(block 68) failed [ 508.305783][T14703] FAT-fs (loop3): Directory bread(block 69) failed [ 508.338707][T14703] FAT-fs (loop3): Directory bread(block 70) failed [ 508.403461][T14703] FAT-fs (loop3): Directory bread(block 71) failed [ 508.442201][T14703] FAT-fs (loop3): Directory bread(block 72) failed [ 508.487929][T14703] FAT-fs (loop3): Directory bread(block 73) failed [ 508.824620][T14689] loop5: detected capacity change from 0 to 32768 [ 509.118156][T14689] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 509.425177][T14689] XFS (loop5): Ending clean mount [ 509.433665][T14736] loop3: detected capacity change from 0 to 1024 [ 509.680665][ C1] vkms_vblank_simulate: vblank timer overrun [ 509.727778][ T52] hfsplus: b-tree write err: -5, ino 4 [ 509.862592][T14744] loop0: detected capacity change from 0 to 256 [ 509.974606][T14100] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 510.096919][T14747] loop3: detected capacity change from 0 to 2048 [ 510.108553][T14744] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011bf5, chksum : 0xcea91b8a, utbl_chksum : 0xe619d30d) [ 510.131645][T14744] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 510.169099][ C1] vkms_vblank_simulate: vblank timer overrun [ 510.263347][T14747] NILFS (loop3): invalid segment: Checksum error in segment payload [ 510.328183][T14747] NILFS (loop3): trying rollback from an earlier position [ 510.339120][T14711] loop1: detected capacity change from 0 to 32768 [ 510.382694][T14747] NILFS (loop3): recovery complete [ 510.428807][T14711] [ 510.428807][T14711] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 510.428807][T14711] [ 510.436520][T14753] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 510.666117][T14711] read_mapping_page failed! [ 510.708513][T14711] ERROR: (device loop1): txCommit: [ 510.708513][T14711] [ 510.783771][T14760] loop4: detected capacity change from 0 to 512 [ 510.852742][T14757] jfs_unlink: dtDelete returned -116 [ 510.882131][T14757] jfs_unlink: dtDelete returned -116 [ 510.912766][T14760] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.3475: bg 0: block 5: invalid block bitmap [ 510.942122][T14760] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 510.954561][T14760] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.3475: invalid indirect mapped block 3 (level 2) [ 510.972207][T14760] EXT4-fs (loop4): 1 orphan inode deleted [ 510.978112][T14760] EXT4-fs (loop4): 1 truncate cleaned up [ 510.985689][T14760] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 511.093684][T11589] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 511.242368][ C1] vkms_vblank_simulate: vblank timer overrun [ 511.381030][ C1] vkms_vblank_simulate: vblank timer overrun [ 511.413979][ T62] [ 511.413979][ T62] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 511.413979][ T62] [ 511.443306][ T62] [ 511.443306][ T62] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 511.443306][ T62] [ 511.513408][ T111] [ 511.513408][ T111] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 511.513408][ T111] [ 511.576133][ T62] [ 511.576133][ T62] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 511.576133][ T62] [ 511.590599][ T62] [ 511.590599][ T62] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 511.590599][ T62] [ 511.685478][ T110] [ 511.685478][ T110] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 511.685478][ T110] [ 511.707439][T13849] [ 511.707439][T13849] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 511.707439][T13849] [ 511.741443][T13849] [ 511.741443][T13849] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 511.741443][T13849] [ 511.854587][ C1] vkms_vblank_simulate: vblank timer overrun [ 511.951351][T14778] netlink: 'syz.3.3478': attribute type 1 has an invalid length. [ 511.998745][T14778] netlink: 'syz.3.3478': attribute type 2 has an invalid length. [ 512.039691][T14778] A link change request failed with some changes committed already. Interface macvlan0 may have been left with an inconsistent configuration, please check. [ 512.056320][ C1] vkms_vblank_simulate: vblank timer overrun [ 512.310191][ C1] vkms_vblank_simulate: vblank timer overrun [ 512.399871][T14786] loop0: detected capacity change from 0 to 4096 [ 512.557622][T14792] loop4: detected capacity change from 0 to 64 [ 512.577609][ C1] vkms_vblank_simulate: vblank timer overrun [ 512.746573][T14786] ntfs3: loop0: failed to convert "0000" to iso8859-6 [ 512.754370][T14786] ntfs3: loop0: failed to convert "0030" to iso8859-6 [ 512.786067][T14786] ntfs3: loop0: failed to convert name for inode 1e. [ 512.840932][T14786] ntfs3: loop0: failed to convert "0032" to iso8859-6 [ 512.993613][T14805] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3492'. [ 513.124887][T14809] Bluetooth: hci3: invalid len left 7, exp >= 35 [ 513.306591][T14811] vxcan2: entered allmulticast mode [ 513.875917][T14827] loop1: detected capacity change from 0 to 8 [ 513.994937][T14829] loop3: detected capacity change from 0 to 2048 [ 514.152931][T14835] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 514.304046][T14839] loop4: detected capacity change from 0 to 1024 [ 514.720173][T14835] NILFS (loop3): vblocknr = 18 has abnormal lifetime: start cno (= 504403158265495554) > current cno (= 3) [ 514.757752][T14835] NILFS error (device loop3): nilfs_bmap_propagate: broken bmap (inode number=2) [ 514.794321][T14835] Remounting filesystem read-only [ 514.809424][ T62] NILFS (loop3): discard dirty page: offset=0, ino=6 [ 514.816243][ T62] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024 [ 514.830784][T14851] loop1: detected capacity change from 0 to 64 [ 514.878580][ T62] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024 [ 514.887534][ T62] NILFS (loop3): discard dirty block: blocknr=37, size=1024 [ 514.899456][T14851] hfs: gid requires an argument [ 514.904376][T14851] hfs: unable to parse mount options [ 514.944732][ T62] NILFS (loop3): discard dirty block: blocknr=38, size=1024 [ 514.957854][T14854] loop4: detected capacity change from 0 to 8 [ 514.980042][ T62] NILFS (loop3): discard dirty page: offset=0, ino=12 [ 514.992888][T14851] loop1: detected capacity change from 0 to 128 [ 515.008683][ T62] NILFS (loop3): discard dirty block: blocknr=17, size=1024 [ 515.037057][T14851] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 515.053118][T14854] SQUASHFS error: Unable to read directory block [631:26] [ 515.061014][ T62] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024 [ 515.089094][ T62] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024 [ 515.089677][T14855] loop5: detected capacity change from 0 to 2048 [ 515.101917][T14851] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 515.132895][ T62] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024 [ 515.194423][ T62] NILFS (loop3): discard dirty page: offset=0, ino=5 [ 515.197594][T14855] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 515.234840][ T62] NILFS (loop3): discard dirty block: blocknr=41, size=1024 [ 515.278747][ T62] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024 [ 515.349484][ T62] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024 [ 515.419084][ T62] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024 [ 515.463759][ T5229] NILFS (loop3): disposed unprocessed dirty file(s) when stopping log writer [ 515.498817][ T5229] NILFS (loop3): discard dirty page: offset=0, ino=2 [ 515.526926][ T5229] NILFS (loop3): discard dirty block: blocknr=18, size=1024 [ 515.558761][ T5229] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024 [ 515.613096][ T5229] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024 [ 515.633400][ T5229] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024 [ 515.673056][T14100] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 515.711285][T14867] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3520'. [ 516.712833][T14894] loop0: detected capacity change from 0 to 256 [ 516.740662][T14896] binder: 14895:14896 ioctl c00c620f 20000340 returned -22 [ 516.751289][T14894] exfat: Deprecated parameter 'utf8' [ 516.762057][T14894] exfat: Deprecated parameter 'namecase' [ 516.798909][T14894] exFAT-fs (loop0): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 516.978105][T14902] loop4: detected capacity change from 0 to 2048 [ 517.063581][T14905] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 517.433965][T14911] sch_fq: defrate 9 ignored. [ 517.584138][T14918] loop4: detected capacity change from 0 to 8 [ 517.673373][T14921] loop5: detected capacity change from 0 to 1024 [ 517.770435][T14921] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 517.870369][T14926] vxcan2: entered allmulticast mode [ 517.886580][T14924] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3544'. [ 518.148127][T14100] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 518.482215][T14943] loop4: detected capacity change from 0 to 1024 [ 518.727416][ T12] hfsplus: b-tree write err: -5, ino 4 [ 518.942470][T14959] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3559'. [ 518.963080][ T25] usb 1-1: new high-speed USB device number 33 using dummy_hcd [ 519.136018][T14959] Êü: entered promiscuous mode [ 519.202367][ T25] usb 1-1: New USB device found, idVendor=0fd9, idProduct=002c, bcdDevice=51.8f [ 519.227616][ T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 519.256757][ T25] usb 1-1: Product: syz [ 519.279167][ T25] usb 1-1: Manufacturer: syz [ 519.292655][ T25] usb 1-1: SerialNumber: syz [ 519.318811][T14967] netlink: 'syz.4.3562': attribute type 15 has an invalid length. [ 519.332243][ T25] usb 1-1: config 0 descriptor?? [ 519.366401][ T25] as10x_usb: device has been detected [ 519.387010][ T25] dvbdev: DVB: registering new adapter (Elgato EyeTV DTT Deluxe) [ 519.428576][T14969] netlink: 'syz.2.3563': attribute type 1 has an invalid length. [ 519.466215][T14969] netlink: 'syz.2.3563': attribute type 2 has an invalid length. [ 519.481820][ T25] usb 1-1: DVB: registering adapter 1 frontend 0 (Elgato EyeTV DTT Deluxe)... [ 519.513132][T14969] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3563'. [ 519.560124][ T25] as10x_usb: error during firmware upload part1 [ 519.582717][ T25] Registered device Elgato EyeTV DTT Deluxe [ 519.600297][ T25] usb 1-1: USB disconnect, device number 33 [ 519.771406][ T25] Unregistered device Elgato EyeTV DTT Deluxe [ 519.775930][ T25] as10x_usb: device has been disconnected [ 519.864525][T14980] loop3: detected capacity change from 0 to 16 [ 519.910571][T14980] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 520.016674][T14980] cramfs: Error -3 while decompressing! [ 520.045445][T14980] cramfs: ffffffff9a46c688(27)->ffff88805c7a6000(4096) [ 520.072907][T14980] cramfs: Error -3 while decompressing! [ 520.086301][T14982] loop2: detected capacity change from 0 to 128 [ 520.095190][T14980] cramfs: ffffffff9a46c688(27)->ffff88805c7a6000(4096) [ 520.160645][ T29] audit: type=1800 audit(1726042920.012:99): pid=14980 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.3568" name="file2" dev="loop3" ino=348 res=0 errno=0 [ 521.063307][T14996] loop2: detected capacity change from 0 to 1024 [ 521.129778][T14996] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 521.210080][T14998] loop1: detected capacity change from 0 to 256 [ 521.217623][T14996] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 521.575176][ T5230] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 522.049962][T15016] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3583'. [ 522.307601][T14988] loop3: detected capacity change from 0 to 32768 [ 522.337779][T14988] XFS: ikeep mount option is deprecated. [ 522.384774][T14988] XFS: ikeep mount option is deprecated. [ 522.437280][T14991] loop0: detected capacity change from 0 to 32768 [ 522.454829][T14991] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.3571 (14991) [ 522.491400][T15032] loop1: detected capacity change from 0 to 1024 [ 522.552412][T14988] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 522.568216][T14991] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 522.572236][T15032] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 522.616677][T14991] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [ 522.667392][T14991] BTRFS info (device loop0): using free-space-tree [ 522.705188][T14988] XFS (loop3): Ending clean mount [ 522.976910][ T5229] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 522.996889][ T46] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 523.049092][T15060] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3592'. [ 523.065990][T15056] loop5: detected capacity change from 0 to 2048 [ 523.209678][ T46] usb 5-1: Using ep0 maxpacket: 16 [ 523.217152][ T46] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 523.219981][T15062] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 523.270351][ T46] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 523.344257][ T46] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 523.361837][ T9991] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 523.404217][ T46] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 523.435166][ T46] usb 5-1: Product: syz [ 523.450052][ T46] usb 5-1: Manufacturer: syz [ 523.454760][ T46] usb 5-1: SerialNumber: syz [ 523.466176][ T5296] hid-generic 0009:0000:0000.0025: unknown main item tag 0x0 [ 523.486393][ T46] usb 5-1: config 0 descriptor?? [ 523.514711][ T5296] hid-generic 0009:0000:0000.0025: unknown main item tag 0x0 [ 523.527680][ T46] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 523.557708][ T5296] hid-generic 0009:0000:0000.0025: unknown main item tag 0x0 [ 523.568119][ T46] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class) [ 523.577646][T15062] NILFS (loop5): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 523.601201][ T5296] hid-generic 0009:0000:0000.0025: unknown main item tag 0x0 [ 523.602189][T15062] NILFS error (device loop5): nilfs_bmap_propagate: broken bmap (inode number=4) [ 523.609512][ T5296] hid-generic 0009:0000:0000.0025: unknown main item tag 0x0 [ 523.630956][ T5296] hid-generic 0009:0000:0000.0025: unknown main item tag 0x0 [ 523.664641][ T5296] hid-generic 0009:0000:0000.0025: unknown main item tag 0x0 [ 523.685014][T15062] Remounting filesystem read-only [ 523.701799][ T5296] hid-generic 0009:0000:0000.0025: unknown main item tag 0x0 [ 523.713338][T14100] NILFS (loop5): discard dirty page: offset=0, ino=5 [ 523.740137][ T5296] hid-generic 0009:0000:0000.0025: unknown main item tag 0x0 [ 523.748529][ T5296] hid-generic 0009:0000:0000.0025: unknown main item tag 0x0 [ 523.767274][T14100] NILFS (loop5): discard dirty block: blocknr=41, size=1024 [ 523.780379][ T5272] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 523.790608][T14100] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024 [ 523.809982][T14100] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024 [ 523.810211][ T5296] hid-generic 0009:0000:0000.0025: unknown main item tag 0x0 [ 523.839670][T14100] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024 [ 523.850372][ T58] usb 3-1: new high-speed USB device number 25 using dummy_hcd [ 523.877263][T14100] NILFS (loop5): discard dirty page: offset=0, ino=4 [ 523.900208][T14100] NILFS (loop5): discard dirty block: blocknr=40, size=1024 [ 523.907856][ T5296] hid-generic 0009:0000:0000.0025: hidraw0: HID v0.00 Device [syz0] on syz0 [ 523.978532][T14100] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024 [ 524.008512][T14100] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024 [ 524.022069][T14100] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024 [ 524.103924][ T5272] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 524.114737][ T5272] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 524.153782][ T5272] usb 2-1: Product: syz [ 524.164234][ T46] em28xx 5-1:0.0: chip ID is em2800 [ 524.168318][ T58] usb 3-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65 [ 524.199915][ T5272] usb 2-1: Manufacturer: syz [ 524.210037][ T58] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 524.219026][ T58] usb 3-1: Product: syz [ 524.230075][ T5272] usb 2-1: SerialNumber: syz [ 524.281460][ T58] usb 3-1: Manufacturer: syz [ 524.286132][ T5272] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 524.294163][T15075] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3598'. [ 524.311717][T15075] netlink: 56 bytes leftover after parsing attributes in process `syz.5.3598'. [ 524.321138][T15075] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3598'. [ 524.377873][ T8] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 524.398851][ T46] em28xx 5-1:0.0: Config register raw data: 0xfffffffb [ 524.399247][ T58] usb 3-1: SerialNumber: syz [ 524.416323][ T46] em28xx 5-1:0.0: AC97 chip type couldn't be determined [ 524.434980][ T46] em28xx 5-1:0.0: No AC97 audio processor [ 524.521162][ T58] usb 3-1: config 0 descriptor?? [ 524.540578][ T46] usb 5-1: USB disconnect, device number 15 [ 524.547881][ T46] em28xx 5-1:0.0: Disconnecting em28xx [ 524.621702][ T46] em28xx 5-1:0.0: Freeing device [ 524.691197][ T5294] usb 2-1: USB disconnect, device number 18 [ 524.752194][ T58] cx82310_eth 3-1:0.0: probe with driver cx82310_eth failed with error -22 [ 524.812258][T15083] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3602'. [ 525.180732][T15089] loop5: detected capacity change from 0 to 1024 [ 525.240550][ T58] cxacru 3-1:0.0: usbatm_usb_probe: bind failed: -19! [ 525.415870][T15089] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 525.474220][ T5296] usb 3-1: USB disconnect, device number 25 [ 525.544234][ T8] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 525.554509][ T8] ath9k_htc: Failed to initialize the device [ 525.575399][ T5294] usb 2-1: ath9k_htc: USB layer deinitialized [ 525.615024][T15097] loop3: detected capacity change from 0 to 256 [ 525.652695][T15097] exfat: Deprecated parameter 'utf8' [ 525.675375][T15097] exfat: Deprecated parameter 'namecase' [ 525.706107][T15097] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d) [ 525.809765][T15104] loop0: detected capacity change from 0 to 512 [ 525.857586][T15104] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3611: bg 0: block 393: padding at end of block bitmap is not set [ 525.875299][T15104] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 525.885843][T15104] EXT4-fs (loop0): 2 truncates cleaned up [ 525.895993][T15104] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 525.936472][ T29] audit: type=1804 audit(1726042925.772:100): pid=15104 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.3611" name="/newroot/322/file0/.log" dev="loop0" ino=18 res=1 errno=0 [ 526.138387][ T9991] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 526.220686][T14100] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 526.559303][T15121] loop5: detected capacity change from 0 to 1764 [ 527.131606][T15141] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3627'. [ 527.321362][T15145] loop0: detected capacity change from 0 to 512 [ 527.419584][T15145] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 527.540297][ T46] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 527.550266][T15145] ext4 filesystem being mounted at /325/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 527.713575][T15154] loop5: detected capacity change from 0 to 1024 [ 527.725176][ T46] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 527.781017][ T46] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 527.815043][ T46] usb 4-1: New USB device found, idVendor=056a, idProduct=0016, bcdDevice= 0.00 [ 527.832656][ T9991] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 527.870210][ T46] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 527.921346][ T46] usb 4-1: config 0 descriptor?? [ 528.207749][ T46] usbhid 4-1:0.0: can't add hid device: -71 [ 528.226096][ T46] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 528.272633][ T46] usb 4-1: USB disconnect, device number 21 [ 528.364701][T15126] loop2: detected capacity change from 0 to 32768 [ 528.502979][T15126] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 528.669734][ T5250] Bluetooth: hci7: command 0x0405 tx timeout [ 528.804618][T15138] loop1: detected capacity change from 0 to 32768 [ 528.843773][T15126] XFS (loop2): Ending clean mount [ 528.876643][T15126] XFS (loop2): Quotacheck needed: Please wait. [ 528.900614][ T58] usb 1-1: new high-speed USB device number 34 using dummy_hcd [ 528.912413][T15138] XFS (loop1): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 529.111708][T15138] XFS (loop1): Starting recovery (logdev: internal) [ 529.200978][ T58] usb 1-1: Using ep0 maxpacket: 32 [ 529.203630][T15191] netlink: 'syz.3.3641': attribute type 3 has an invalid length. [ 529.232189][ T58] usb 1-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 529.252549][T15191] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.3641'. [ 529.256812][T15126] XFS (loop2): Quotacheck: Done. [ 529.268172][ T58] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 529.289735][T15138] XFS (loop1): Ending recovery (logdev: internal) [ 529.291431][ T58] usb 1-1: config 0 descriptor?? [ 529.335697][ T58] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 529.568590][T13849] XFS (loop1): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 529.588616][ T8] IPVS: starting estimator thread 0... [ 529.600492][T15193] IPVS: sh: SCTP 172.20.20.187:0 - no destination available [ 529.646900][T15161] loop4: detected capacity change from 0 to 40427 [ 529.679288][T15161] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 529.703744][ T5230] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 529.713797][T15161] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 529.754189][T15194] IPVS: using max 16 ests per chain, 38400 per kthread [ 529.774411][T15161] F2FS-fs (loop4): Found nat_bits in checkpoint [ 530.024082][T15161] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 530.045108][T15161] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 530.303873][ T58] gspca_nw80x: reg_r err -71 [ 530.309442][ T58] nw80x 1-1:0.0: probe with driver nw80x failed with error -71 [ 530.387661][ T58] usb 1-1: USB disconnect, device number 34 [ 530.931144][T15209] loop5: detected capacity change from 0 to 128 [ 531.492986][ T5296] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 531.741208][ T5296] usb 2-1: Using ep0 maxpacket: 16 [ 531.772080][ T5296] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 531.821275][ T5296] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 531.880625][ T5296] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 531.890514][ T5296] usb 2-1: config 1 has no interface number 1 [ 531.938425][ T5296] usb 2-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping [ 531.990737][ T5296] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 532.021351][ T5296] usb 2-1: config 1 interface 2 has no altsetting 0 [ 532.061230][ T5296] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 532.084859][ T5296] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 532.096380][ T5296] usb 2-1: Product: syz [ 532.102082][ T5296] usb 2-1: Manufacturer: syz [ 532.105549][T15237] loop4: detected capacity change from 0 to 1024 [ 532.113490][ T5296] usb 2-1: SerialNumber: syz [ 532.368651][ T29] audit: type=1800 audit(1726042932.201:101): pid=15237 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3661" name="file1" dev="loop4" ino=20 res=0 errno=0 [ 532.424227][ T5296] usb 2-1: 2:1 : no or invalid class specific endpoint descriptor [ 532.447169][ T5296] usb 2-1: 2:1 : format type 39 is not supported yet [ 532.465474][ T5296] usb 2-1: selecting invalid altsetting 0 [ 532.555839][ T11] hfsplus: b-tree write err: -5, ino 4 [ 532.644054][ T5296] usb 2-1: USB disconnect, device number 19 [ 533.073617][T15262] loop0: detected capacity change from 0 to 512 [ 533.126847][T15265] netlink: 'syz.5.3673': attribute type 5 has an invalid length. [ 533.141360][T15262] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 533.163811][T15265] netlink: 'syz.5.3673': attribute type 7 has an invalid length. [ 533.191685][T15262] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended [ 533.209734][T15266] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3674'. [ 533.287709][T15262] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.3672: bg 0: block 18: invalid block bitmap [ 533.393239][T15262] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 533.469826][T15262] EXT4-fs (loop0): 1 truncate cleaned up [ 533.495041][T15262] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 533.520978][ T5272] usb 3-1: new high-speed USB device number 26 using dummy_hcd [ 533.569821][T15262] ext2 filesystem being mounted at /333/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 533.626192][T15279] loop5: detected capacity change from 0 to 164 [ 533.683534][T15262] EXT4-fs error (device loop0): ext4_map_blocks:609: inode #2: block 3: comm syz.0.3672: lblock 0 mapped to illegal pblock 3 (length 1) [ 533.724404][T15279] isofs: isofs_export_get_parent(): child directory not normalized! [ 533.780513][ T5272] usb 3-1: Using ep0 maxpacket: 16 [ 533.797002][ T5272] usb 3-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=a4.8f [ 533.816849][ T5272] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 533.851110][ T5272] usb 3-1: Product: syz [ 533.855855][ T5272] usb 3-1: Manufacturer: syz [ 533.878721][ T5272] usb 3-1: SerialNumber: syz [ 533.939137][ T5272] usb 3-1: config 0 descriptor?? [ 534.032755][ T9991] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 534.203903][ T46] usb 3-1: USB disconnect, device number 26 [ 534.968109][T15309] usb usb8: usbfs: process 15309 (syz.5.3692) did not claim interface 0 before use [ 535.087783][T15312] loop0: detected capacity change from 0 to 512 [ 535.157991][T15312] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 535.177954][T15300] could not allocate digest TFM handle sha512-neon [ 535.267880][T15312] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 535.344750][T15312] ext4 filesystem being mounted at /336/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 535.571582][T15327] EXT4-fs error (device loop0): ext4_rename:3812: inode #16: comm syz.0.3693: target of rename is already freed [ 535.636979][T15325] netlink: 52 bytes leftover after parsing attributes in process `syz.1.3697'. [ 535.684308][T15325] netlink: 68 bytes leftover after parsing attributes in process `syz.1.3697'. [ 535.904578][ T9991] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 536.230677][T15340] loop0: detected capacity change from 0 to 512 [ 536.352090][T15340] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 536.431565][T15340] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 536.440886][T15340] System zones: 0-1, 15-15, 18-18, 34-34 [ 536.511997][T15340] EXT4-fs (loop0): orphan cleanup on readonly fs [ 536.523925][T15340] Quota error (device loop0): v2_read_header: Failed header read: expected=8 got=0 [ 536.568416][T15340] EXT4-fs warning (device loop0): ext4_enable_quotas:7066: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 536.633031][T15340] EXT4-fs (loop0): Cannot turn on quotas: error -22 [ 536.660412][T15340] EXT4-fs error (device loop0): ext4_orphan_get:1417: comm syz.0.3703: bad orphan inode 16 [ 536.705086][T15340] ext4_test_bit(bit=15, block=18) = 1 [ 536.733034][T15340] is_bad_inode(inode)=0 [ 536.756908][T15340] NEXT_ORPHAN(inode)=0 [ 536.773865][T15340] max_ino=32 [ 536.792292][T15340] i_nlink=2 [ 536.813180][T15340] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 537.138817][ T9991] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 537.406953][T15329] loop5: detected capacity change from 0 to 32768 [ 537.469455][T15329] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3699 (15329) [ 537.525606][T15329] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 537.561689][T15329] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm [ 537.627090][T15329] BTRFS info (device loop5): using free-space-tree [ 538.006017][T15375] loop2: detected capacity change from 0 to 8 [ 538.465231][T14100] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 539.032472][T15395] netlink: 'syz.3.3719': attribute type 1 has an invalid length. [ 539.272349][ T46] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 539.568851][ T46] usb 2-1: Using ep0 maxpacket: 16 [ 539.616576][ T46] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 539.630190][ T46] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint descriptor of length 5, skipping [ 539.674464][ T46] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 539.784817][ T46] usb 2-1: New USB device found, idVendor=0763, idProduct=1015, bcdDevice=15.7a [ 539.794667][ T46] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 539.832079][ T46] usb 2-1: Product: syz [ 539.846300][ T46] usb 2-1: Manufacturer: syz [ 539.901992][ T46] usb 2-1: SerialNumber: syz [ 539.918313][ T46] usb 2-1: config 0 descriptor?? [ 539.963034][ T46] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 540.236294][ T46] snd-usb-audio 2-1:0.0: probe with driver snd-usb-audio failed with error -2 [ 540.299679][ T46] usb 2-1: USB disconnect, device number 20 [ 540.546816][T15417] loop0: detected capacity change from 0 to 2048 [ 540.638122][T15417] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found! [ 540.668709][T15417] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 540.904914][T15425] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3734'. [ 541.172220][T15431] netlink: 'syz.2.3737': attribute type 9 has an invalid length. [ 541.340804][T15437] hsr0: entered promiscuous mode [ 542.033133][T15451] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3746'. [ 542.070188][T15451] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3746'. [ 542.123770][T15453] loop5: detected capacity change from 0 to 512 [ 542.135847][ T5272] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 542.189120][T15453] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 542.237117][T15453] ext4 filesystem being mounted at /71/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 542.434296][ T5272] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 542.448360][ T5272] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 542.493839][ T5272] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 542.537298][ T5272] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 542.567467][ T5272] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 542.619051][ T5272] usb 4-1: config 0 descriptor?? [ 542.778819][T15461] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3749'. [ 542.805987][T15435] loop1: detected capacity change from 0 to 32768 [ 542.832193][T14100] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 543.062576][T15435] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 543.164244][ T5272] plantronics 0003:047F:FFFF.0026: unbalanced collection at end of report description [ 543.179704][ T5272] plantronics 0003:047F:FFFF.0026: parse failed [ 543.189787][ T5272] plantronics 0003:047F:FFFF.0026: probe with driver plantronics failed with error -22 [ 543.297400][T15477] netdevsim netdevsim5 netdevsim0: entered promiscuous mode [ 543.341594][T15435] XFS (loop1): Ending clean mount [ 543.346515][T15477] macvtap1: entered promiscuous mode [ 543.372088][T15477] macvtap1: entered allmulticast mode [ 543.402143][T15477] netdevsim netdevsim5 netdevsim0: entered allmulticast mode [ 543.418492][T15479] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3754'. [ 543.464740][ T46] usb 4-1: USB disconnect, device number 22 [ 543.599594][T13849] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 543.760261][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 543.803410][T15489] vivid-008: disconnect [ 543.820797][T15487] vivid-008: reconnect [ 543.878303][ C1] vkms_vblank_simulate: vblank timer overrun [ 544.011352][ C1] vkms_vblank_simulate: vblank timer overrun [ 544.466072][ C1] vkms_vblank_simulate: vblank timer overrun [ 544.589053][T15499] loop3: detected capacity change from 0 to 512 [ 544.709495][T15499] EXT4-fs error (device loop3): ext4_init_orphan_info:586: comm syz.3.3763: inode #0: comm syz.3.3763: iget: illegal inode # [ 544.828886][ C1] vkms_vblank_simulate: vblank timer overrun [ 544.895292][ C1] vkms_vblank_simulate: vblank timer overrun [ 544.964674][T15499] EXT4-fs (loop3): get orphan inode failed [ 544.979596][T15499] EXT4-fs (loop3): mount failed [ 545.030189][T15503] loop5: detected capacity change from 0 to 4096 [ 545.258919][ C1] vkms_vblank_simulate: vblank timer overrun [ 545.730928][T15521] loop1: detected capacity change from 0 to 2048 [ 545.760292][T15521] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 545.835884][T15526] netlink: 'syz.5.3773': attribute type 6 has an invalid length. [ 545.852144][T15527] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 546.135608][T15493] loop4: detected capacity change from 0 to 32768 [ 546.171531][T15493] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3761 (15493) [ 546.226442][T15493] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 546.276331][T15493] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 546.292405][T15493] BTRFS info (device loop4): using free-space-tree [ 546.591281][ T29] audit: type=1326 audit(1726042946.429:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15554 comm="syz.5.3781" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f346a37def9 code=0x0 [ 546.652743][ T5272] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 546.875085][ T5272] usb 4-1: Using ep0 maxpacket: 8 [ 546.904353][T11589] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 546.908101][ T5272] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 546.977463][ T5272] usb 4-1: config 179 has no interface number 0 [ 547.012825][ T5272] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 547.013440][ C1] vkms_vblank_simulate: vblank timer overrun [ 547.078856][ T5272] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 547.115206][ T5272] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 547.161389][ C1] vkms_vblank_simulate: vblank timer overrun [ 547.200688][ T5272] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 547.234494][ T5272] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 547.309820][ T5272] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 547.340827][ T5272] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 547.368515][T15537] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 547.452528][T15566] loop1: detected capacity change from 0 to 4096 [ 548.026554][ T8] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:179.65/input/input36 [ 548.054476][ T5294] usb 4-1: USB disconnect, device number 23 [ 548.054560][ C0] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 548.068835][ C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 548.109870][ T5294] xpad 4-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 548.205488][ T8] kernel write not supported for file [eventfd] (pid: 8 comm: kworker/0:0) [ 548.356754][T15583] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3791'. [ 548.411512][ T29] audit: type=1800 audit(1726042948.249:103): pid=15576 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3785" name="bus" dev="loop1" ino=28 res=0 errno=0 [ 548.566764][T15586] loop4: detected capacity change from 0 to 16 [ 548.631045][T15586] erofs: (device loop4): erofs_read_superblock: dirblkbits 4 isn't supported [ 548.759002][T15592] loop1: detected capacity change from 0 to 64 [ 549.212033][ T29] audit: type=1326 audit(1726042949.049:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15601 comm="syz.0.3800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3860f7def9 code=0x7ffc0000 [ 549.236188][T15598] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 549.311201][ T29] audit: type=1326 audit(1726042949.049:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15601 comm="syz.0.3800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3860f7def9 code=0x7ffc0000 [ 549.432803][ T29] audit: type=1326 audit(1726042949.099:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15601 comm="syz.0.3800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f3860f7def9 code=0x7ffc0000 [ 549.522741][ T29] audit: type=1326 audit(1726042949.099:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15601 comm="syz.0.3800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3860f7def9 code=0x7ffc0000 [ 549.545204][ C1] vkms_vblank_simulate: vblank timer overrun [ 549.641411][ T29] audit: type=1326 audit(1726042949.099:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15601 comm="syz.0.3800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3860f7def9 code=0x7ffc0000 [ 549.663805][ C1] vkms_vblank_simulate: vblank timer overrun [ 549.786472][ T29] audit: type=1326 audit(1726042949.099:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15601 comm="syz.0.3800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=226 compat=0 ip=0x7f3860f7def9 code=0x7ffc0000 [ 549.809331][T15619] loop1: detected capacity change from 0 to 64 [ 549.893148][ T29] audit: type=1326 audit(1726042949.099:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15601 comm="syz.0.3800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3860f7def9 code=0x7ffc0000 [ 549.954003][T15623] loop4: detected capacity change from 0 to 128 [ 550.002144][ T29] audit: type=1326 audit(1726042949.099:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15601 comm="syz.0.3800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3860f7def9 code=0x7ffc0000 [ 550.074598][T15623] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 550.183765][T15623] ext4 filesystem being mounted at /256/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 550.455900][T11589] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 550.706746][T15636] loop5: detected capacity change from 0 to 4096 [ 551.293871][ T46] usb 3-1: new high-speed USB device number 27 using dummy_hcd [ 551.519660][ T46] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 551.544782][ T46] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice= 0.03 [ 551.562027][ T46] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 551.597510][ T46] usb 3-1: config 0 descriptor?? [ 551.617484][ T46] pwc: Askey VC010 type 2 USB webcam detected. [ 551.710703][T15675] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3834'. [ 551.742563][T15675] netem: unknown loss type 13 [ 551.763905][T15675] netem: change failed [ 551.795275][T15671] loop3: detected capacity change from 0 to 4096 [ 551.842463][ T46] pwc: send_video_command error -71 [ 551.867573][ T46] pwc: Failed to set video mode CIF@30 fps; return code = -71 [ 551.893495][ T25] usb 1-1: new high-speed USB device number 35 using dummy_hcd [ 551.904571][ T46] Philips webcam 3-1:0.0: probe with driver Philips webcam failed with error -71 [ 551.963313][ T46] usb 3-1: USB disconnect, device number 27 [ 552.123468][ T25] usb 1-1: Using ep0 maxpacket: 32 [ 552.134059][ T25] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 552.173207][ T25] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 552.192528][ T25] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 552.217071][ T25] usb 1-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 552.256659][ T25] usb 1-1: Product: syz [ 552.260962][ T25] usb 1-1: Manufacturer: syz [ 552.295592][ T25] hub 1-1:4.0: USB hub found [ 552.315213][T15686] program syz.4.3839 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 552.530245][ T46] usb 3-1: new high-speed USB device number 28 using dummy_hcd [ 552.583656][ T25] hub 1-1:4.0: 2 ports detected [ 552.756078][ T46] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 552.803935][ T46] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice= 0.03 [ 552.814238][ T46] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 552.827518][ T46] usb 3-1: config 0 descriptor?? [ 552.867063][ T46] pwc: Askey VC010 type 2 USB webcam detected. [ 552.990498][ T25] hub 1-1:4.0: set hub depth failed [ 553.016954][ T25] usb 1-1: USB disconnect, device number 35 [ 553.304618][ T46] pwc: recv_control_msg error -71 req 02 val 2b00 [ 553.338105][ T46] pwc: recv_control_msg error -71 req 02 val 2700 [ 553.361551][ T46] pwc: recv_control_msg error -71 req 02 val 2c00 [ 553.392908][ T46] pwc: recv_control_msg error -71 req 04 val 1000 [ 553.414789][ T46] pwc: recv_control_msg error -71 req 04 val 1300 [ 553.423319][ T46] pwc: recv_control_msg error -71 req 04 val 1400 [ 553.450971][ T46] pwc: recv_control_msg error -71 req 02 val 2000 [ 553.474394][ T46] pwc: recv_control_msg error -71 req 02 val 2100 [ 553.499013][ T46] pwc: recv_control_msg error -71 req 04 val 1500 [ 553.518262][ T46] pwc: recv_control_msg error -71 req 02 val 2500 [ 553.534887][ T46] pwc: recv_control_msg error -71 req 02 val 2400 [ 553.548926][ T46] pwc: recv_control_msg error -71 req 02 val 2600 [ 553.565107][ T46] pwc: recv_control_msg error -71 req 02 val 2900 [ 553.603554][ T46] pwc: recv_control_msg error -71 req 02 val 2800 [ 553.628833][ T46] pwc: recv_control_msg error -71 req 04 val 1100 [ 553.635030][ T46] pwc: recv_control_msg error -71 req 04 val 1200 [ 553.637117][ T46] pwc: Registered as video71. [ 553.641702][ T46] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input37 [ 553.665177][ T46] usb 3-1: USB disconnect, device number 28 [ 553.955556][T15720] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3854'. [ 553.974262][T15720] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3854'. [ 554.042349][T15720] vlan0: entered allmulticast mode [ 554.064190][T15717] loop4: detected capacity change from 0 to 4096 [ 554.073501][T15720] team0: entered allmulticast mode [ 554.089993][T15720] team_slave_0: entered allmulticast mode [ 554.123499][T15720] team_slave_1: entered allmulticast mode [ 554.157512][T15696] loop1: detected capacity change from 0 to 32768 [ 554.169028][T15724] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 554.234118][T15696] BTRFS: device fsid 92aec1fe-fee8-4e05-92dc-790b47b871d9 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3844 (15696) [ 554.303537][T15696] BTRFS info (device loop1): first mount of filesystem 92aec1fe-fee8-4e05-92dc-790b47b871d9 [ 554.357597][T15696] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 554.387714][T15696] BTRFS info (device loop1): using free-space-tree [ 554.734989][ T29] kauditd_printk_skb: 41 callbacks suppressed [ 554.735016][ T29] audit: type=1800 audit(1726042954.568:153): pid=15696 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3844" name="bus" dev="loop1" ino=263 res=0 errno=0 [ 554.919727][T15755] loop5: detected capacity change from 0 to 512 [ 555.006024][T15755] EXT4-fs error (device loop5): __ext4_iget:4985: inode #15: block 1803188595: comm syz.5.3863: invalid block [ 555.061347][T13849] BTRFS info (device loop1): last unmount of filesystem 92aec1fe-fee8-4e05-92dc-790b47b871d9 [ 555.087010][T15755] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.3863: couldn't read orphan inode 15 (err -117) [ 555.130976][T15765] loop0: detected capacity change from 0 to 128 [ 555.155373][T15755] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 555.276076][ T29] audit: type=1800 audit(1726042955.118:154): pid=15765 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3869" name="file1" dev="loop0" ino=1048776 res=0 errno=0 [ 555.310411][T15755] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.3863: invalid indirect mapped block 234881024 (level 0) [ 555.325752][ T46] usb 4-1: new high-speed USB device number 24 using dummy_hcd [ 555.554416][ T46] usb 4-1: Using ep0 maxpacket: 32 [ 555.576264][ T46] usb 4-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 555.600796][ T46] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 555.623980][T14100] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 555.644519][ T46] usb 4-1: Product: syz [ 555.663620][ T46] usb 4-1: Manufacturer: syz [ 555.668301][ T46] usb 4-1: SerialNumber: syz [ 555.719768][ T46] usb 4-1: config 0 descriptor?? [ 555.826433][T15774] sch_fq: defrate 0 ignored. [ 556.431743][T15784] netlink: 'syz.5.3876': attribute type 1 has an invalid length. [ 556.443900][ T46] (unnamed net_device) (uninitialized): Assigned a random MAC address: 22:53:ad:1e:8d:a4 [ 556.695843][ T46] rtl8150 4-1:0.0: eth1: rtl8150 is detected [ 556.728586][ T46] usb 4-1: USB disconnect, device number 24 [ 556.939595][T15790] sch_tbf: burst 32769 is lower than device lo mtu (65550) ! [ 558.110784][T15810] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3888'. [ 558.440848][T15820] [U]  [ 558.711695][T15833] netlink: 'syz.1.3897': attribute type 1 has an invalid length. [ 558.752030][T15833] netlink: 9372 bytes leftover after parsing attributes in process `syz.1.3897'. [ 558.795790][T15830] bridge0: port 1(bridge_slave_0) entered disabled state [ 558.808917][T15833] netlink: 'syz.1.3897': attribute type 1 has an invalid length. [ 558.892075][T15838] loop0: detected capacity change from 0 to 164 [ 559.022507][T15840] loop2: detected capacity change from 0 to 512 [ 559.136003][T15840] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #15: comm syz.2.3900: casefold flag without casefold feature [ 559.184308][T15840] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.3900: couldn't read orphan inode 15 (err -117) [ 559.200704][T15840] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 559.517757][ T5230] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 559.674143][ T5296] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 559.902931][ T5296] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 559.931537][T15871] loop4: detected capacity change from 0 to 128 [ 559.938938][ T5296] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 559.970802][ T5296] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 560.009895][ T5296] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 560.031035][T15871] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 560.068052][T15878] macsec2: entered promiscuous mode [ 560.074064][T15878] macvlan0: entered promiscuous mode [ 560.086224][T15878] macvlan0: left promiscuous mode [ 560.088574][T15854] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 560.175966][T15871] ext4 filesystem being mounted at /277/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 560.235903][ T5296] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 560.380900][T15877] batman_adv: batadv0: Adding interface: gretap1 [ 560.414325][T15877] batman_adv: batadv0: Interface activated: gretap1 [ 560.461971][T11589] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 560.948616][T15893] team_slave_0: entered promiscuous mode [ 560.957692][T15893] team_slave_1: entered promiscuous mode [ 560.968892][T15891] loop4: detected capacity change from 0 to 64 [ 560.976855][ T5295] usb 2-1: USB disconnect, device number 21 [ 561.000780][T15893] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 561.104246][T15893] team0: Device macvlan2 is already an upper device of the team interface [ 561.187604][T15893] team_slave_0: left promiscuous mode [ 561.194149][T15893] team_slave_1: left promiscuous mode [ 561.677041][T15908] loop3: detected capacity change from 0 to 1024 [ 561.847596][T15912] loop2: detected capacity change from 0 to 2048 [ 561.859989][ T12] hfsplus: b-tree write err: -5, ino 4 [ 562.306907][T15924] loop5: detected capacity change from 0 to 512 [ 562.367109][T15924] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 562.490092][T15924] EXT4-fs (loop5): 1 truncate cleaned up [ 562.527663][ T1254] ieee802154 phy0 wpan0: encryption failed: -22 [ 562.534809][ T1254] ieee802154 phy1 wpan1: encryption failed: -22 [ 562.549090][T15924] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 562.573565][T15935] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 562.772079][T15942] loop1: detected capacity change from 0 to 1024 [ 562.856941][ T5295] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 563.060314][T15942] hfsplus: inconsistency in B*Tree (128,1,255,1,0) [ 563.087014][ T5295] usb 5-1: Using ep0 maxpacket: 32 [ 563.095961][T15942] hfsplus: xattr search failed [ 563.113801][T15951] loop3: detected capacity change from 0 to 2048 [ 563.117721][ T5295] usb 5-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7 [ 563.162352][T14100] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 563.182107][ T5295] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 563.261546][ T5295] usb 5-1: config 0 descriptor?? [ 563.282901][ T5295] gspca_main: sq930x-2.14.0 probing 041e:403c [ 563.335850][T15951] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 563.776218][ T5229] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 564.195380][ T5295] gspca_sq930x: reg_w 0105 bf00 failed -71 [ 564.275069][ T5295] sq930x 5-1:0.0: probe with driver sq930x failed with error -71 [ 564.325594][ T5295] usb 5-1: USB disconnect, device number 16 [ 565.270536][T15955] loop0: detected capacity change from 0 to 40427 [ 565.324791][T15955] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 565.364979][T15955] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 565.406048][T15955] F2FS-fs (loop0): invalid crc value [ 565.456353][T15955] F2FS-fs (loop0): Found nat_bits in checkpoint [ 565.622700][ T29] audit: type=1326 audit(1726042965.457:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16018 comm="syz.3.3984" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1782d7def9 code=0x0 [ 565.797099][T15955] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 565.834971][T15955] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 566.083101][T16034] loop1: detected capacity change from 0 to 512 [ 566.093097][T16035] netlink: 'syz.5.3990': attribute type 1 has an invalid length. [ 566.119166][T16035] netlink: 9324 bytes leftover after parsing attributes in process `syz.5.3990'. [ 566.134497][T16034] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 566.148272][T16035] netlink: 'syz.5.3990': attribute type 1 has an invalid length. [ 566.229963][T16034] EXT4-fs (loop1): 1 truncate cleaned up [ 566.276053][T16034] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 566.456470][ T11] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 566.457524][T16034] fscrypt (loop1, inode 18): Reserved bits set in encryption policy [ 566.540115][ T11] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 566.632943][T13849] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 566.858314][T16052] netlink: 44 bytes leftover after parsing attributes in process `syz.5.4000'. [ 566.905098][T16052] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4000'. [ 566.955255][T16052] bridge0: port 2(bridge_slave_1) entered disabled state [ 567.026272][T16052] bridge0: port 2(bridge_slave_1) entered blocking state [ 567.033646][T16052] bridge0: port 2(bridge_slave_1) entered forwarding state [ 567.677925][T16069] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4007'. [ 567.965216][ T5296] kernel write not supported for file /dsp (pid: 5296 comm: kworker/0:4) [ 568.028652][T16080] loop4: detected capacity change from 0 to 128 [ 568.083016][T16080] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 568.127983][T16046] loop2: detected capacity change from 0 to 32768 [ 568.137683][T16080] ext4 filesystem being mounted at /291/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 568.305648][T16046] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 568.347294][ C1] vkms_vblank_simulate: vblank timer overrun [ 568.485531][T16046] XFS (loop2): Ending clean mount [ 568.782894][T11589] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 568.913874][ C1] vkms_vblank_simulate: vblank timer overrun [ 568.999939][ T5230] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 569.001599][T16110] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4021'. [ 569.425487][ T5296] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 569.629128][ T5296] usb 4-1: config 0 has no interfaces? [ 569.655515][ T5296] usb 4-1: New USB device found, idVendor=046d, idProduct=20ee, bcdDevice= 0.00 [ 569.685421][ T5296] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 569.718725][ T5296] usb 4-1: config 0 descriptor?? [ 569.725171][ T25] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 569.975779][ T58] usb 4-1: USB disconnect, device number 25 [ 569.981829][ T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 570.023332][ T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 570.055289][ T25] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00 [ 570.089234][ T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 570.106561][T16131] netlink: 188 bytes leftover after parsing attributes in process `syz.1.4032'. [ 570.136148][T16131] netlink: 56 bytes leftover after parsing attributes in process `syz.1.4032'. [ 570.146956][ T25] usb 6-1: config 0 descriptor?? [ 570.192750][ C1] vkms_vblank_simulate: vblank timer overrun [ 570.261031][ C1] vkms_vblank_simulate: vblank timer overrun [ 570.391074][ C1] vkms_vblank_simulate: vblank timer overrun [ 570.524424][ C1] vkms_vblank_simulate: vblank timer overrun [ 570.685631][ T25] pyra 0003:1E7D:2CF6.0027: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.5-1/input0 [ 570.738652][ C1] vkms_vblank_simulate: vblank timer overrun [ 570.793914][T16120] loop0: detected capacity change from 0 to 32768 [ 570.840461][T16120] XFS: ikeep mount option is deprecated. [ 571.045979][T16120] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 571.091429][ T25] pyra 0003:1E7D:2CF6.0027: couldn't init struct pyra_device [ 571.099685][ T25] pyra 0003:1E7D:2CF6.0027: couldn't install mouse [ 571.152722][ T25] pyra 0003:1E7D:2CF6.0027: probe with driver pyra failed with error -71 [ 571.230939][ T25] usb 6-1: USB disconnect, device number 21 [ 571.312012][T16120] XFS (loop0): Ending clean mount [ 571.347763][T16120] XFS (loop0): Quotacheck needed: Please wait. [ 571.575895][T16162] loop4: detected capacity change from 0 to 1024 [ 571.598705][ T29] audit: type=1326 audit(1726042971.426:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16164 comm="syz.2.4043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa693d7def9 code=0x7ffc0000 [ 571.637242][T16120] XFS (loop0): Quotacheck: Done. [ 571.704163][ T29] audit: type=1326 audit(1726042971.426:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16164 comm="syz.2.4043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa693d7def9 code=0x7ffc0000 [ 571.818874][ T29] audit: type=1326 audit(1726042971.456:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16164 comm="syz.2.4043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fa693d7def9 code=0x7ffc0000 [ 571.864960][T16159] mkiss: ax0: crc mode is auto. [ 571.955664][ T29] audit: type=1326 audit(1726042971.456:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16164 comm="syz.2.4043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa693d7def9 code=0x7ffc0000 [ 571.997900][T16172] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4045'. [ 572.081245][ T29] audit: type=1326 audit(1726042971.466:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16164 comm="syz.2.4043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7fa693d7def9 code=0x7ffc0000 [ 572.118200][ T29] audit: type=1326 audit(1726042971.526:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16164 comm="syz.2.4043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa693d7def9 code=0x7ffc0000 [ 572.128425][ T9991] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 572.149469][ T29] audit: type=1326 audit(1726042971.526:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16164 comm="syz.2.4043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa693d7def9 code=0x7ffc0000 [ 572.374767][ T5295] kernel write not supported for file /amidi2 (pid: 5295 comm: kworker/1:7) [ 573.337571][T16196] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4057'. [ 573.713010][T16201] loop4: detected capacity change from 0 to 512 [ 573.786208][T16201] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 573.871814][T16201] EXT4-fs (loop4): 1 truncate cleaned up [ 573.984179][T16201] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 574.435356][T11589] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 574.535722][ T29] audit: type=1326 audit(1726042974.366:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16213 comm="syz.2.4063" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa693d7def9 code=0x0 [ 575.906818][T16242] (syz.3.4075,16242,1):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options [ 575.967251][T16242] (syz.3.4075,16242,1):ocfs2_fill_super:1178 ERROR: status = -22 [ 576.497056][T16255] netlink: 'syz.2.4081': attribute type 6 has an invalid length. [ 576.556700][T16258] loop0: detected capacity change from 0 to 64 [ 576.999330][T16232] loop5: detected capacity change from 0 to 32768 [ 577.043895][ T8] usb 2-1: new high-speed USB device number 22 using dummy_hcd [ 577.097035][T16232] jfs_lookup: dtSearch returned -5 [ 577.205864][T16273] loop0: detected capacity change from 0 to 64 [ 577.226522][ T25] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 577.259538][ T8] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 577.276038][ T8] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 577.327762][ T8] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 577.356121][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 577.417903][T16263] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 577.443108][T16244] loop4: detected capacity change from 0 to 32768 [ 577.463277][ T8] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 577.467480][ T9991] Trying to free block not in datazone [ 577.480916][ T25] usb 4-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 577.500713][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 577.533939][ T25] usb 4-1: Product: syz [ 577.558650][ T25] usb 4-1: Manufacturer: syz [ 577.563327][ T25] usb 4-1: SerialNumber: syz [ 577.578387][ T9991] Trying to free block not in datazone [ 577.599954][ T29] audit: type=1800 audit(1726042977.426:164): pid=16244 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4076" name="bus" dev="loop4" ino=7 res=0 errno=0 [ 577.606488][ T9991] Trying to free block not in datazone [ 577.639417][ T25] usb 4-1: config 0 descriptor?? [ 577.658419][ T9991] Trying to free block not in datazone [ 577.676110][ T9991] Trying to free block not in datazone [ 577.678319][ T25] ch341 4-1:0.0: ch341-uart converter detected [ 577.712243][ T9991] Trying to free block not in datazone [ 577.726204][ T9991] minix_free_inode: bit 6 already cleared [ 577.746526][ T9991] Trying to free block not in datazone [ 577.752730][ T9991] minix_free_inode: bit 7 already cleared [ 577.883558][ T8] usb 2-1: USB disconnect, device number 22 [ 578.136832][T16282] vivid-000: disconnect [ 578.167433][T16281] vivid-000: reconnect [ 578.539154][ T25] usb 4-1: failed to send control message: -71 [ 578.545796][ T25] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71 [ 578.585818][ T25] usb 4-1: USB disconnect, device number 26 [ 578.624049][ T25] ch341 4-1:0.0: device disconnected [ 580.357654][T16334] netlink: 'syz.1.4118': attribute type 10 has an invalid length. [ 580.392981][T16334] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4118'. [ 580.435487][T16334] team0: Device lo is loopback device. Loopback devices can't be added as a team port [ 580.484728][T16334] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 580.495055][T16331] loop5: detected capacity change from 0 to 4096 [ 580.548669][T16331] ntfs3: loop5: Different NTFS sector size (2048) and media sector size (512). [ 580.569877][T16341] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4119'. [ 581.136039][T16358] loop0: detected capacity change from 0 to 64 [ 581.477886][T16367] loop3: detected capacity change from 0 to 1024 [ 581.603185][T16367] hfsplus: bad catalog entry type [ 581.874921][T16376] loop3: detected capacity change from 0 to 16 [ 581.917642][T16376] erofs: (device loop3): mounted with root inode @ nid 36. [ 582.272661][ T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 582.828855][ T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 583.499722][T16409] netlink: 'syz.4.4149': attribute type 1 has an invalid length. [ 583.530401][T16409] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4149'. [ 583.638560][T16413] netlink: 'syz.0.4150': attribute type 7 has an invalid length. [ 583.665898][T16415] loop2: detected capacity change from 0 to 256 [ 583.739165][T16415] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 585.068829][T16398] Bluetooth: hci1: command 0x0406 tx timeout [ 585.399798][T16426] loop3: detected capacity change from 0 to 40427 [ 585.529651][T16426] F2FS-fs (loop3): Found nat_bits in checkpoint [ 585.656173][T16464] loop4: detected capacity change from 0 to 764 [ 585.699127][T16467] loop5: detected capacity change from 0 to 512 [ 585.748464][T16467] EXT4-fs error (device loop5): ext4_orphan_get:1391: inode #15: comm syz.5.4173: casefold flag without casefold feature [ 585.765753][T16467] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.4173: couldn't read orphan inode 15 (err -117) [ 585.799352][T16467] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 585.906786][T16426] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 586.076051][T14100] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 586.367403][ T5229] syz-executor: attempt to access beyond end of device [ 586.367403][ T5229] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 586.407656][ T5229] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 586.927368][T16494] loop5: detected capacity change from 0 to 2048 [ 587.012342][T16494] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 587.317200][ T46] usb 1-1: new high-speed USB device number 36 using dummy_hcd [ 587.538232][ T46] usb 1-1: Using ep0 maxpacket: 8 [ 587.563630][ T46] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 587.616703][ T46] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 31 [ 587.667266][ T46] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8 [ 587.700907][ T46] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 587.750043][ T46] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40 [ 587.776803][ T46] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 587.817934][ T46] usb 1-1: SerialNumber: syz [ 587.865748][T16498] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 587.897867][T16498] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 587.922660][ T46] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -22 [ 587.965186][ T46] usb-storage 1-1:1.0: USB Mass Storage device detected [ 588.049629][ T46] usb-storage 1-1:1.0: Quirks match for vid 0525 pid a4a5: 10000 [ 588.176977][T16498] loop0: detected capacity change from 0 to 16 [ 588.241419][T16498] erofs: Unknown parameter 'erofs' [ 588.521061][ T58] usb 1-1: USB disconnect, device number 36 [ 589.096666][T16540] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4206'. [ 589.739974][T16558] loop5: detected capacity change from 0 to 16 [ 589.762780][T16558] erofs: (device loop5): mounted with root inode @ nid 36. [ 590.101248][T16565] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4217'. [ 590.451512][T16575] ntfs3: nullb0: Primary boot signature is not NTFS. [ 590.480664][T16575] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00 [ 590.553725][T16544] loop2: detected capacity change from 0 to 32768 [ 590.626953][T16544] find_entry called with index >= next_index [ 590.725464][T16581] netlink: 248 bytes leftover after parsing attributes in process `syz.4.4224'. [ 590.763976][T16583] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 591.117749][ T29] audit: type=1326 audit(1726042990.944:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16571 comm="syz.1.4220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82bc77def9 code=0x7fc00000 [ 591.227242][T16591] loop0: detected capacity change from 0 to 512 [ 591.235467][ T29] audit: type=1326 audit(1726042990.944:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16571 comm="syz.1.4220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f82bc77def9 code=0x7fc00000 [ 591.290017][T16591] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 591.327955][ T29] audit: type=1326 audit(1726042990.944:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16571 comm="syz.1.4220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82bc77def9 code=0x7fc00000 [ 591.392768][T16591] EXT4-fs (loop0): 1 truncate cleaned up [ 591.429490][T16591] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 591.430139][ T29] audit: type=1326 audit(1726042990.944:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16571 comm="syz.1.4220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82bc77def9 code=0x7fc00000 [ 591.642343][ T29] audit: type=1326 audit(1726042990.944:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16571 comm="syz.1.4220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82bc77def9 code=0x7fc00000 [ 591.692440][T16591] EXT4-fs error (device loop0): swap_inode_boot_loader:384: inode #5: comm syz.0.4230: iget: bad extra_isize 46 (inode size 256) [ 591.744124][ T29] audit: type=1326 audit(1726042990.944:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16571 comm="syz.1.4220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82bc77def9 code=0x7fc00000 [ 591.839087][ T29] audit: type=1326 audit(1726042990.944:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16571 comm="syz.1.4220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82bc77def9 code=0x7fc00000 [ 591.922989][ T29] audit: type=1326 audit(1726042990.944:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16571 comm="syz.1.4220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82bc77def9 code=0x7fc00000 [ 591.993689][ T29] audit: type=1326 audit(1726042990.944:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16571 comm="syz.1.4220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82bc77def9 code=0x7fc00000 [ 592.022932][ T9991] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 592.073364][ T29] audit: type=1326 audit(1726042990.944:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16571 comm="syz.1.4220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82bc77def9 code=0x7fc00000 [ 592.120272][ T5291] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 592.338082][ T5291] usb 6-1: Using ep0 maxpacket: 16 [ 592.356030][ T5291] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 592.396883][ T5291] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 592.441489][ T5291] usb 6-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00 [ 592.489896][ T5291] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 592.533776][ T5291] usb 6-1: config 0 descriptor?? [ 593.001505][ T5291] corsair 0003:1B1C:1B02.0028: unknown main item tag 0x0 [ 593.060716][ T5291] corsair 0003:1B1C:1B02.0028: hidraw0: USB HID v0.00 Device [HID 1b1c:1b02] on usb-dummy_hcd.5-1/input0 [ 593.211320][ T5291] corsair 0003:1B1C:1B02.0028: Read invalid backlight brightness: db. [ 593.257399][T16638] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4249'. [ 593.460219][T16643] PM: Enabling pm_trace changes system date and time during resume. [ 593.460219][T16643] PM: Correct system time has to be restored manually after resume. [ 593.470758][ T5291] usb 6-1: USB disconnect, device number 22 [ 594.179412][T16651] loop1: detected capacity change from 0 to 4096 [ 594.212981][T16651] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 594.412067][T16651] ntfs3: loop1: Failed to initialize $Extend/$Reparse. [ 594.469778][T16660] IPVS: Error connecting to the multicast addr [ 594.649521][T16667] loop5: detected capacity change from 0 to 128 [ 595.206711][T16680] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 595.256268][T16648] loop2: detected capacity change from 0 to 32768 [ 595.784786][T16696] netlink: 44 bytes leftover after parsing attributes in process `syz.4.4276'. [ 596.183646][T16706] loop0: detected capacity change from 0 to 128 [ 596.232755][T16706] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 596.441823][T16712] loop1: detected capacity change from 0 to 1024 [ 596.708644][ T5295] usb 3-1: new high-speed USB device number 29 using dummy_hcd [ 596.938449][ T5295] usb 3-1: Using ep0 maxpacket: 8 [ 596.956317][ T5295] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 596.986197][ T5295] usb 3-1: config 0 has no interface number 0 [ 597.008398][ T5295] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 597.058806][ T5295] usb 3-1: config 0 interface 1 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 597.088320][ T5295] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 597.119770][ T5295] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 597.170966][ T5295] usb 3-1: config 0 descriptor?? [ 597.193382][ T5295] iowarrior 3-1:0.1: no interrupt-in endpoint found [ 597.477848][ T5295] usb 3-1: USB disconnect, device number 29 [ 598.054226][T16720] loop0: detected capacity change from 0 to 32768 [ 598.109314][T16720] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.4287 (16720) [ 598.204219][T16720] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 598.256599][T16720] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [ 598.297831][T16720] BTRFS info (device loop0): using free-space-tree [ 598.391996][T16738] netlink: 186996 bytes leftover after parsing attributes in process `syz.2.4294'. [ 598.512519][T16738] netlink: 22856 bytes leftover after parsing attributes in process `syz.2.4294'. [ 598.881239][ T9991] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 599.706018][T16734] loop3: detected capacity change from 0 to 32768 [ 599.789990][T16734] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.4292 (16734) [ 599.898917][T16734] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 599.976126][T16734] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 600.032862][T16734] BTRFS info (device loop3): using free-space-tree [ 600.810852][ T25] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 600.999079][ T25] usb 5-1: Using ep0 maxpacket: 8 [ 601.051427][ T5229] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 601.073775][ T25] usb 5-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 601.100301][ T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 601.185226][ T25] usb 5-1: Product: syz [ 601.197215][ T25] usb 5-1: Manufacturer: syz [ 601.204145][ T25] usb 5-1: SerialNumber: syz [ 601.232364][ T25] usb 5-1: config 0 descriptor?? [ 601.311281][ T25] gspca_main: sq930x-2.14.0 probing 2770:930c [ 601.681351][T16832] loop0: detected capacity change from 0 to 4096 [ 601.690268][T16836] loop2: detected capacity change from 0 to 512 [ 601.715235][T16836] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 601.726725][T16832] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 601.821611][T16836] EXT4-fs (loop2): 1 truncate cleaned up [ 601.883496][T16836] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 602.039488][T16832] ntfs3: loop0: Failed to load $Extend (-22). [ 602.045696][T16832] ntfs3: loop0: Failed to initialize $Extend. [ 602.157758][ T25] gspca_sq930x: ucbus_write failed -71 [ 602.169023][ T25] sq930x 5-1:0.0: probe with driver sq930x failed with error -71 [ 602.207910][ T25] usb 5-1: USB disconnect, device number 17 [ 602.386077][ T5230] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 602.702214][T16851] loop3: detected capacity change from 0 to 1024 [ 602.784510][T16851] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 603.021434][T16851] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.4332: Invalid block bitmap block 0 in block_group 0 [ 603.139461][T16851] __quota_error: 28 callbacks suppressed [ 603.139512][T16851] Quota error (device loop3): write_blk: dquota write failed [ 603.190044][T16851] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 603.239354][T16851] EXT4-fs error (device loop3): ext4_acquire_dquot:6848: comm syz.3.4332: Failed to acquire dquot type 0 [ 603.334884][T16851] EXT4-fs error (device loop3): ext4_free_blocks:6590: comm syz.3.4332: Freeing blocks not in datazone - block = 0, count = 4096 [ 603.435722][T16851] EXT4-fs error (device loop3): ext4_read_inode_bitmap:140: comm syz.3.4332: Invalid inode bitmap blk 0 in block_group 0 [ 603.468096][ T11] Quota error (device loop3): do_check_range: Getting block 0 out of range 1-8 [ 603.561349][T16869] loop2: detected capacity change from 0 to 2048 [ 603.577563][ T11] EXT4-fs error (device loop3): ext4_release_dquot:6871: comm kworker/u8:0: Failed to release dquot type 0 [ 603.625048][T16851] EXT4-fs error (device loop3) in ext4_free_inode:362: Corrupt filesystem [ 603.630121][T16869] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 603.704544][T16869] ext4 filesystem being mounted at /832/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 603.725415][T16851] EXT4-fs (loop3): 1 orphan inode deleted [ 603.736486][T16851] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 603.850337][T16851] EXT4-fs error (device loop3): __ext4_get_inode_loc:4436: comm syz.3.4332: Invalid inode table block 12884901889 in block_group 0 [ 603.878768][ T29] audit: type=1800 audit(1726043003.713:203): pid=16869 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.4338" name="file0" dev="loop2" ino=13 res=0 errno=0 [ 603.909770][T16851] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5810: Corrupt filesystem [ 604.021261][ T5230] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 604.124653][ T1280] EXT4-fs error (device loop3): __ext4_get_inode_loc:4436: comm kworker/u8:7: Invalid inode table block 12884901889 in block_group 0 [ 604.188586][ T5229] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 604.751594][T16898] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 605.190962][T16917] loop0: detected capacity change from 0 to 512 [ 605.200984][T16917] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 605.244855][T16917] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec018, mo2=0002] [ 605.281503][T16917] System zones: 1-12 [ 605.443965][T16917] EXT4-fs (loop0): 1 truncate cleaned up [ 605.453814][T16917] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 605.561991][ T5250] Bluetooth: hci7: command 0x0405 tx timeout [ 605.712745][ T9991] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 605.750436][ T58] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 605.994127][ T58] usb 4-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 606.022143][ T58] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 606.064863][ T58] usb 4-1: config 0 descriptor?? [ 606.093915][ T58] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 606.111626][T16937] sp0: Synchronizing with TNC [ 606.139930][T16936] [U] è [ 606.163035][T16941] netlink: 'syz.2.4369': attribute type 7 has an invalid length. [ 606.190940][T16941] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.4369'. [ 606.264171][T16941] netlink: 'syz.2.4369': attribute type 3 has an invalid length. [ 606.304503][T16941] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.4369'. [ 606.440010][T16949] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4372'. [ 606.585641][T16953] IPVS: ovf: UDP 127.0.0.1:0 - no destination available [ 606.964921][T16960] loop4: detected capacity change from 0 to 1024 [ 711.399357][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 711.406381][ C1] rcu: 0-...!: (0 ticks this GP) idle=be1c/1/0x4000000000000000 softirq=49766/49766 fqs=0 [ 711.420111][ C1] rcu: (detected by 1, t=10506 jiffies, g=80821, q=436 ncpus=2) [ 711.427864][ C1] Sending NMI from CPU 1 to CPUs 0: [ 711.433096][ C0] NMI backtrace for cpu 0 [ 711.433113][ C0] CPU: 0 UID: 0 PID: 16943 Comm: syz.5.4370 Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0 [ 711.433139][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 711.433153][ C0] RIP: 0010:__lock_acquire+0x4de/0x2040 [ 711.433194][ C0] Code: 00 44 89 3b 44 89 c3 48 89 d8 48 c1 e8 06 48 8d 3c c5 40 48 1e 94 be 08 00 00 00 e8 1c ff 8a 00 48 0f a3 1d 84 70 ae 12 73 27 <48> 69 c3 c8 00 00 00 48 8d 98 40 c7 ba 93 48 ba 00 00 00 00 00 fc [ 711.433214][ C0] RSP: 0018:ffffc90000007910 EFLAGS: 00000057 [ 711.433234][ C0] RAX: 0000000000000001 RBX: 0000000000000001 RCX: ffffffff816fd7b4 [ 711.433250][ C0] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff941e4840 [ 711.433266][ C0] RBP: 000000000000000a R08: ffffffff941e4847 R09: 1ffffffff283c908 [ 711.433282][ C0] R10: dffffc0000000000 R11: fffffbfff283c909 R12: ffff888030bcbc00 [ 711.433300][ C0] R13: 0000000000000001 R14: 00000000000c4001 R15: 0000000000000000 [ 711.433318][ C0] FS: 0000555590262500(0000) GS:ffff8880b8800000(0000) knlGS:0000000000000000 [ 711.433339][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 711.433355][ C0] CR2: 00007f346b0f0d58 CR3: 00000000352a2000 CR4: 0000000000350ef0 [ 711.433373][ C0] Call Trace: [ 711.433387][ C0] [ 711.433398][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 711.433431][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 711.433473][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 711.433515][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 711.433547][ C0] ? nmi_handle+0x151/0x5a0 [ 711.433570][ C0] ? nmi_handle+0x2a/0x5a0 [ 711.433594][ C0] ? __lock_acquire+0x4de/0x2040 [ 711.433625][ C0] ? default_do_nmi+0x63/0x160 [ 711.433658][ C0] ? exc_nmi+0x123/0x1f0 [ 711.433688][ C0] ? end_repeat_nmi+0xf/0x53 [ 711.433725][ C0] ? __lock_acquire+0x4d4/0x2040 [ 711.433758][ C0] ? __lock_acquire+0x4de/0x2040 [ 711.433791][ C0] ? __lock_acquire+0x4de/0x2040 [ 711.433825][ C0] ? __lock_acquire+0x4de/0x2040 [ 711.433857][ C0] [ 711.433865][ C0] [ 711.433886][ C0] lock_acquire+0x1ed/0x550 [ 711.433918][ C0] ? debug_object_activate+0x16d/0x510 [ 711.433943][ C0] ? debug_objects_fill_pool+0x80/0x9b0 [ 711.433965][ C0] ? debug_objects_fill_pool+0x80/0x9b0 [ 711.433991][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 711.434022][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 711.434055][ C0] ? __lock_acquire+0x137a/0x2040 [ 711.434095][ C0] ? __pfx_debug_objects_fill_pool+0x10/0x10 [ 711.434123][ C0] _raw_spin_lock_irqsave+0xd5/0x120 [ 711.434160][ C0] ? debug_object_activate+0x16d/0x510 [ 711.434182][ C0] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 711.434226][ C0] debug_object_activate+0x16d/0x510 [ 711.434252][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 711.434280][ C0] ? __pfx_debug_object_activate+0x10/0x10 [ 711.434302][ C0] ? advance_sched+0xa02/0xca0 [ 711.434334][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 711.434367][ C0] ? _raw_spin_lock_irq+0xdf/0x120 [ 711.434402][ C0] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 711.434441][ C0] enqueue_hrtimer+0x30/0x3c0 [ 711.434477][ C0] __hrtimer_run_queues+0x6cb/0xd50 [ 711.434503][ C0] ? ktime_get_update_offsets_now+0x3c/0x250 [ 711.434548][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 711.434574][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 711.434607][ C0] ? ktime_get_update_offsets_now+0x22d/0x250 [ 711.434645][ C0] hrtimer_interrupt+0x396/0x990 [ 711.434686][ C0] __sysvec_apic_timer_interrupt+0x112/0x3f0 [ 711.434727][ C0] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 711.434765][ C0] [ 711.434773][ C0] [ 711.434782][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 711.434814][ C0] RIP: 0010:lock_acquire+0x264/0x550 [ 711.434847][ C0] Code: 2b 00 74 08 4c 89 f7 e8 ea 05 8b 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25 [ 711.434866][ C0] RSP: 0018:ffffc900034afb80 EFLAGS: 00000206 [ 711.434885][ C0] RAX: 0000000000000001 RBX: 1ffff92000695f7c RCX: d404e0535079f700 [ 711.434902][ C0] RDX: dffffc0000000000 RSI: ffffffff8c0ae6e0 RDI: ffffffff8c608f40 [ 711.434920][ C0] RBP: ffffc900034afcd0 R08: ffffffff941e4877 R09: 1ffffffff283c90e [ 711.434938][ C0] R10: dffffc0000000000 R11: fffffbfff283c90f R12: 1ffff92000695f78 [ 711.434955][ C0] R13: dffffc0000000000 R14: ffffc900034afbe0 R15: 0000000000000246 [ 711.434990][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 711.435025][ C0] ? __pfx___might_resched+0x10/0x10 [ 711.435059][ C0] ? __pfx_futex_wake+0x10/0x10 [ 711.435095][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 711.435128][ C0] ? seqcount_lockdep_reader_access+0x1d7/0x220 [ 711.435159][ C0] ? __might_fault+0xaa/0x120 [ 711.435194][ C0] __might_fault+0xc6/0x120 [ 711.435226][ C0] ? __might_fault+0xaa/0x120 [ 711.435260][ C0] _copy_from_user+0x2a/0xe0 [ 711.435292][ C0] get_timespec64+0x97/0x280 [ 711.435330][ C0] ? __pfx_get_timespec64+0x10/0x10 [ 711.435366][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 711.435399][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 711.435436][ C0] __se_sys_futex+0x1a2/0x480 [ 711.435471][ C0] ? irqentry_exit+0x63/0x90 [ 711.435495][ C0] ? __pfx___se_sys_futex+0x10/0x10 [ 711.435530][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 711.435563][ C0] ? __x64_sys_futex+0x21/0xf0 [ 711.435593][ C0] do_syscall_64+0xf3/0x230 [ 711.435622][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 711.435652][ C0] RIP: 0033:0x7f346a37def9 [ 711.435671][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 711.435690][ C0] RSP: 002b:00007ffde43985f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 711.435712][ C0] RAX: ffffffffffffffda RBX: 00007ffde4398720 RCX: 00007f346a37def9 [ 711.435730][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f346a536064 [ 711.435744][ C0] RBP: 00007f346a536064 R08: 7fffffffffffffff R09: 00007ffde43988ef [ 711.435762][ C0] R10: 00007ffde4398700 R11: 0000000000000246 R12: 0000000000094092 [ 711.435777][ C0] R13: 00007ffde4398700 R14: 0000000000000032 R15: 0000000000094060 [ 711.435804][ C0] [ 711.436087][ C1] rcu: rcu_preempt kthread timer wakeup didn't happen for 10505 jiffies! g80821 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 [ 712.054108][ C1] rcu: Possible timer handling issue on cpu=0 timer-softirq=42989 [ 712.062011][ C1] rcu: rcu_preempt kthread starved for 10506 jiffies! g80821 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0 [ 712.073418][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 712.083415][ C1] rcu: RCU grace-period kthread stack dump: [ 712.089320][ C1] task:rcu_preempt state:I stack:26448 pid:17 tgid:17 ppid:2 flags:0x00004000 [ 712.099520][ C1] Call Trace: [ 712.102813][ C1] [ 712.105763][ C1] __schedule+0x1800/0x4a60 [ 712.110332][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 712.116007][ C1] ? __pfx___schedule+0x10/0x10 [ 712.120911][ C1] ? __pfx_lock_release+0x10/0x10 [ 712.125972][ C1] ? __asan_memset+0x23/0x50 [ 712.130607][ C1] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 712.136452][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 712.142825][ C1] ? schedule+0x90/0x320 [ 712.147100][ C1] schedule+0x14b/0x320 [ 712.151292][ C1] schedule_timeout+0x1be/0x310 [ 712.156178][ C1] ? __pfx_schedule_timeout+0x10/0x10 [ 712.161594][ C1] ? __pfx_process_timeout+0x10/0x10 [ 712.167015][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 712.172698][ C1] ? prepare_to_swait_event+0x32e/0x350 [ 712.178293][ C1] rcu_gp_fqs_loop+0x2df/0x1330 [ 712.183193][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 712.188420][ C1] ? rcu_gp_init+0x1256/0x1630 [ 712.193229][ C1] ? __pfx_rcu_gp_init+0x10/0x10 [ 712.198222][ C1] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 712.203550][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 712.209490][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 712.215155][ C1] ? finish_swait+0xd4/0x1e0 [ 712.219779][ C1] rcu_gp_kthread+0xa7/0x3b0 [ 712.224407][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 712.229636][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 712.235571][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 712.241231][ C1] ? __kthread_parkme+0x169/0x1d0 [ 712.246294][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 712.251520][ C1] kthread+0x2f2/0x390 [ 712.255609][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 712.260839][ C1] ? __pfx_kthread+0x10/0x10 [ 712.265464][ C1] ret_from_fork+0x4d/0x80 [ 712.269913][ C1] ? __pfx_kthread+0x10/0x10 [ 712.274521][ C1] ret_from_fork_asm+0x1a/0x30 [ 712.279332][ C1]