last executing test programs: 2m35.458629394s ago: executing program 0 (id=2489): r0 = semget$private(0x0, 0x3, 0x23a) semtimedop(r0, &(0x7f0000000000)=[{0x2, 0x1ff, 0x800}, {0x2, 0x0, 0x1000}], 0x2, &(0x7f0000000040)={0x0, 0x3938700}) 2m35.226879124s ago: executing program 0 (id=2492): r0 = socket$inet_udp(0x2, 0x2, 0x0) sendmmsg$unix(r0, &(0x7f00000029c0)=[{{&(0x7f0000000600)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000c00)=[@cred={{0x14, 0x1, 0x51}}], 0x20, 0x20000010}}], 0x1, 0x3400c0c4) 2m35.026927521s ago: executing program 0 (id=2496): r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) fcntl$getflags(r0, 0xb) 2m34.815048872s ago: executing program 0 (id=2499): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x801, 0x0, 0x0, {0xa, 0x0, 0x4}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x80) 2m34.542406132s ago: executing program 0 (id=2502): syz_mount_image$squashfs(&(0x7f0000000200), &(0x7f0000000000)='./file0\x00', 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="005901e3fd18fb9c322293c67dcde48bfeffd1843c336e09b34af65ad26aafded7da5cfeeda2b8d8d900c2195f00f646f699eeb47813177405a6a6baf786c0d14f2079a9efa9db8973bcca25eb2973856c6760a483c41d0980c78a4cb096a5affa6b980600000000000000a1eacd2c820176737d4eb55dca564820dd769d8742f6d9ab243775a67afcdf845f978e95365cdf6f30aa43423b381881433e00ccbe6353b21300d8f0ca972589398eef9487db78486fcf174990c488031f8b39cc01bb509f3ea4bcde33d4c9e305ecb4dd88204c5d7bb5e469cabfda0feca3ce70c0acbc34d13e5a5c796eab23abfe3b717834f8e9d7120e1e925c4e210b4152c75210b3e979fbe8ddf23eef2d53733209b22206e0a4afc354c33d7ca2a00116a14d686e4aa86b6ec6a4130178c3ad8c723c0d8506bd7bff780000000000000000004b2ec61cfde813cc124715aaaf5508b93d8cf0860042108b660b74f94b1e4851eeec09fdb7a617eabeeeff8ce8bb99f4b1f9c2896cf31e19c3c24155b0ea7dc3cae1b56acb1946830cad94af3f1caf43ea03b38fc08a7e19480e283a4c0d", @ANYRESDEC, @ANYRESHEX, @ANYRESOCT, @ANYRES16, @ANYRES8, @ANYBLOB="eae535d4c5cd41b584d3bdb8d3fb3e37666220165c8aec9c235bc9af137d4058a50551a5b228bbbcf6cd1275ef3732adfeaebdf711988cbe9d1da671f8bbaac371392e227f548006163fc9aaf3d55e97410ccacb7df3444c03ac4170da3fbc69ae1c8a590318a7a33a774debbcc54bb6d6025bc65458b94791d5a8bcd898b75cce569e2c6fd55928c5084aab22c8196fb436916cff76302fd8c4b69ca674271f5db630ffad103ad9286287759d0d5470d0b54f701a713e8803665b87799065f31bb0cff21d9c109c1fbfffb640facdacd569f158f694c34ffb4c405b186aa90e8be7b47c56e6e439ae953605d89c131c711ff56f0adb96e5ee0d269b4cfc9d089794f60bdd06e845b5ffdccfefee032ecfd92f6cba5920130f685e807f88de4a2e595ea37f39a92dcbaeb2de15dab62a5a199d4666578eb1707e88ebb0b98140fdb62d60005fd6721f18a2054b2ba2ed308813164f8dbc7e1d26a11a707adc6978a25cca2fca5d62e51794447f656b92f8372ebf98934a0bc057b901080da81ef02ccfa18a29c9b82c90fd38eb554b83428948f3608cd8fd5845bed25a0d96b146f09bd4cce20efc1ecc7bf64bd88e7a460b372a298cb776eb1d78cc334da71dc6056b2d1119cdad3af9092a42c184e9d487076399f0be65a442fdc06901089e6b5178ecb57aa4b98ff1f538696e8510551dbb5cbd36b125efa2a3e719f22b96eeec80a178dae9c894a7dd170419c33817baedfc132cde868a1c55192b9c8a332772fc40fed9f6fee1aea0e2001752caeb58afb55ea7c421cd0eb5e6ea301f8e2f6b68484849f5d3e7bd1b4aa865d2cd049dfc773bb4281f5f8dd2a3f1563c8cd3655dd9e391424151dadf7415afb242cb99b9b9541b6780beafc6a8c2c0bd109749dde1e8535040d8d2cda8393abaa6cdae24e13917e867d6d301f6f39619bcbd70acc747e093ef3c22f0b1a8b8a4d8bd11bc19c7102e11a8603d563507423c96d1653a42d02ff1ee390934927f037d2022cbbf86cb605e82e2b6e2c2fa1d523f72b47738f318836defed1f898271bdd4fcbe7863e5aa7c7e468d9bad908de3c6851c696df710da87771840f46e63fc4c3d5d9b13b663ed2fef2e56a8690cdee9e6ac0a9824c9fe458ad29614f9485f9c18caf2d5c229f24a220ab84daa26ddb2a0d4059b43e073b703148d82fe4d91ae24db7224df2ee4e10d596846466d6a62faa9da7d24f9dd1e3b5cc291f4840b6603d1173204a452a9b05a5efcf4f9e09c2a3c38f2fd49322e718ddc8278ea182a359043387705c0be61be7e62ba7bb85dfa0f24400f89087f78d84d2296844944d186fb55045eb016dd3d602c85211d7b19dbebe3247313283da5bcbba09a3a74c590fdce8cdbef49a73b11413a9df4aaefc356e94f838cef801ba2380d7e5fdc8865140311f071c82bc1482c2033b8ad70d08a5a71e1c949f93cd8743b0bd4eefdaf45f5246efcf800444c8e9b8c2a01b76b6eb4e0639ee7381971172c53e165f14946fb56896e40424a3b981d97b4b01504806d797bb9e3405a7326d2ba7bfa6efc923c4c68d0165aea2d80ae953c7e2ec6534d0da7c28bbe255d81097e84254ff7bd065caa84fa7455885e1b28ab7d6243d0f02903860049935a764ebfe5384bdf9ae0b71f1641e457780da2071a84937dd88d2e4aec7ddaab66e335887f555a724ad9692ee996521ccaa35e2358aea1ab6a8c9845af8af552520fdec7ecb635d230074aa532c3efe6677c79b1328451a779501eccb4c11750744cfce16ba2ced0fc6dd2b75a5ff1770f3851c93bcf8850adf496012d94b8dd6a00d1f9f0c96989979b89838a29875072e0b678a2a55338f21625165c350134d7cb9119ac4dcc77f13a153fe6819d1bdc6b357e93531a68813913daf65d2e62d4bd09da6bb16e8d686518f6faff70dc0804b4b6810117d8698a4d27f0482f9adf9be3aae179dbcad90ab1fbd6b1ba15cdc78ee7686bd15a8fe1cf5af00fcc0a6981a77ac5c3485518921a1b4ea90b02e0059c2c71850d517bddc12bd61a5571da765a34b53e5f06a2b8bb122bf9d642f1ad50a0eb7afe34ef6fd2474d25f314adbf276a895b80b8de6e31eaee5fe4544f4709bf6416f26ec52d517dd3a350cb68df6791dc671495e0f056de8b158095b32ec8b43f65b1f3110cf7da37d2383e99a5bd9a0e0d5684a5b15246170bd11909ef22ee740aa5556dbc0f9dacc8ce440c137bf0ec673651067ef1146004701376116986c49b10226141bea12f679c3f53eaea945b1bb92e6c922a85a2221f768ff4f1c188dc82f9e8d947e140f43c4950430f88a47fb15dcd8ef8491ff08d7b287b280eab99e44a7fba6d4fe20fcb2c2cfa1a6f4d59b51755e66a3d9a325a08a286185c2bdac8c8c2910ed3ff8e047f28b2bf1827e0829f8ec8459241300583f1880c96b2e405b253af5f7e9ee91e34c3fa2cd5c53a71bc3b4b1a5741c17a7b73c8e7d3e8ec9e51a90772b8eb38f23fcb9e07eff8b0f68d4f7d4d68bfb8fbc8d90be681166fe5ed220e3a425c65c0e678e8b7470a99d7fccc7a3be07189ee02e1f8c81549b0b8c0113ef602d10d5d2429e8b60fa5aaddd55cb86141609bae35c185c5ad743d0fb0a1244ba6d67755e46073f3d428926c0d9033f8180120deab78a4b42664e36b6723039457195bff897760ede28bf2661a95715dd20bc744ae2a06bcb12ef8b7a373f3a5557f20256446ba95d45b7810d68494f954d1802aa8986279adc368c2365168c0619bc8952ec6ac60840d9968302edb8809d36f6b0c83dc6941193fb8eb2adcef36db70cbe51fd533ee108eaedebc05ab363058feecfb51e294419695019d0ba50a660ecbe3fd1b43ac973141b7e4c423c062f63ad24468ca79740502716b10a823821429d53f34409cc0757587a5de21663c33a8b194c988a3c209cec76b9fc18805649d9cc109635271c968972f4328e561b562ad6c32a71b269718a303ae3635e5b06717152817a11589d3efa0f803d7bb560c08132827333ada867d1a870e2feb3a5e7851363fc333bb681018764aab63eb740978994f62ec3147d4d6a40e099ada0c50c1a5f6a8196549be226508055aef349c76af40596f6c9b7217423628bb6dc07d9382f6d4c87c962ec97bee6384ba3e2522b76ee8619093500a75bcc8fd0fb9bb5093650ec0ca9c867a22260e2668ecf46047e3df87f5d82d992a558e45fb852be616c030edf6aeeae70848403dc1166e6a16776e8660f90449f297224f667563850480f259f6a59039b1a3ea5488971b5e4bcbf380c527c937055dbf4f5a676bacc09f4dde33c50a1286f6024980df1064a9dc4b3f101b129fa1fc141e54f52d4b7322a0cb1c2567205016f5ede0794122fcaa2d11fa77f5fddb3a5f3c7b3d85f0cb6f32cd11d752f755687fb8d93d40711a4c8873ec7c794f0f781bb9c10f9df22fa8f40cca06a48c37e66ea4480fcdd686526be62915ebe36e0bdf7dafd3940f698469ecdc792ca6105a37499a19382247a85bb734e4ba325dd307be8444b5860f99f9dbc7aa28c26747c89041bde3c10c459406786e10792078a52f4bcc32aff61b3f5798cb5dc2927f260f70a41d8e5fc38498b02d0053a86ae408d2efdc1aca9a8508ef9128dfd1fc6a92ba72f940ee469a3111e2cf6c28e77e5a206db6f09139db812fa4e4cfe33c8d184e4763bd8e54e0e473346215b8905d101463dd2ca855747c81c7ffd6c2625e0b59273a9516ec96a5cd8d9078c974980a16b6b87563986ba287821cd41f417792e42dd24e796e313b9cd943f1b9dd6ee35676ff4ad46dbd52db83abbc78f5dad11b6e7bd09a4ace8c246d0a52c36dcb1f0c6025f6ed2868f4b918b6e4e645c63689b7e7bc369dbe44725993b3b43f4572a7136b6e610adc161f45fc307c0937f2338ebc4fd571852b229b80ccd071e1a29c927f88b8b45efa503691758125d29463e742e2ef508babf30ae39ff8bb3a94cfee379f84348c002fdef77b410bee9f47f8119388b3fc159b409b9d9c9af97a4b75c38ca5fc0665cd975df293370de64714cefdd470c1d05a5d3e0f257182889d7a2d797ebf42d6935d1c6b5ef8cd1e2783cef3a316dbd4768510f26ee5b1c481bcac3e1608458d4b5ec6411cb3c921a131140440561931ca51b92231de91d1f950d992eec74c6500a6ecc9e8bc26eec367dba82720accd6dee234db88c132ec649baeef23a16ebb18c8e5b68b95aac984d8322a01b39636baf16911e458242730ea8b22c686bd01bc451e91c34f81fafe88485bbe97ec99299940ca897c3f802d080ecf8ca7e5032c728b8b33f162ab26a6805db239b88103c19ff8160a28268f8f7ac66593c67251fb0f3fa3004d5ad08107f48e0ecc1e4e910554f49ca72e3fd7e212d828fc3c0c40203e4642a3a372f36cfd13a037fd4dd107d6b386659b379c4c41813c8599cb71fd08e4b80f22dbb088d3d0257f30493b1c4d54201a00e049d998d291ecb659e65e2eed9776b367afc9b84b03957701bcbef289b0eea8e5722a63e1bd748d5af209c5ebff7df185d0d68e7ceabbf9a63bba55946cd3b52a09383fd9b9d2d956dc4e5af16986c5600dfd0db89e0e478420557d001c3716350c3e6ba0bbec1e5888435d296d8666f455d22205ea407a95eb60bc68a184e95ae3259f3783c594d3e550c018369df677ea11a37c757a3bd3c19eb257f5e228ad760562e431754a0c620004548962c3a4fb42d49259dafc1b9d365323fa2ace81876728a24f70b06e1198d5f863bfd00a04d5393b3adb15f4191d374c607c7ccb6b7ef84303454b6655392a23dccca41f55cb314a3bfbb637f57178cc9df4fe0645a8dc1ca0386d1fb0ff2cfc3e149991f97264d893fba0b013c027ce753c3e1f907a2988b1507eecd0e5e26368155ff5c55f616ffec31a613be450ee048955a46d68c272aa53f1db6ce199e2765f4be20933799d96f13b3a65f33cb60da1929023ff5d820172c423f83210a992264a37854033cd43c88129fabb5146367d2b748d84be96dc3a4ad95279ec7ed78dcb57056597a9f46a948708b0e9915b22f28216d94554db2082f4b9782a5802bf6700ef9017168a68304b6573f46c78a0a3be302e096b4f5b87313a2ef9a2b5f51956d9e315b08ee89a59aeec225227f3ece808c451e1103df7887f944138af1b93235bc93121fb84591d065d5f245c035c238a1c30d510be5db14725148919e8d57f1e3a36ead8be870e2505e3c9935c4461741c4a8dc4dff7e0e042167a7228bf218c9d8dd9c0be9e5ff4a79968d8f34cfc3206e0ade5889e9c5e44c918ed3755063d4148e7f1da9d2ce7aa45b9fc873f85cb92160b8a4d5b219884d0c43cc1194259ec4a6127887470d2fabbc1983b1bcc51e931f131d1238333c09740b43802fc5b1c01a942c5d08693b81e59429cb7d49f454f517cddc160d563a243182083008f2481e35312b4b35a2688468f18f4733f4b40d2f298c0b88ec2ad51e2efa509905233e3bbb9e172a1e697ab379f500c8c791aa97623bc8faa7f0468e02e6bc6f9bc40c75b4c01b92731fc371ad7c90928bead62a74580bb2d0aa1d8972fa857766ebe8aa00cd9eae79a591ea3e87a5ce636dc865b992c98a6fafe478973665936ad477558dac400fe179e86e6fef41aa074d0812f0c14f3992edb76358d02a2b763512ca9abc0940dd711670deb4d9abf196de9106efa5e1c14a673de86193908206ab9f72afd6ef1b05355f06ad0b9bc83750bb196654566b56e13e6e820d12bc34920b45c3"], 0x1, 0x200, &(0x7f0000006140)="$eJzsUr9rFEEU/mZ37tzThBxyIIogSvBHkdxmo/FHoWBjUEEQhRgQPO4u8XDjj+yB3nHgWqWwERQhQSwESQoL8R9wQW3ERiHYhUhaU6SwkYSVN/tmb88/INV8xX4z8958731v53bwINgBYGujUwWKIEiU8P2XgARwQKgj1OyEHebLzHmOX7ASjpj/Mm+dbE9MAqJxaGXMivbUDooi+kp/vq6iioGbOP360rsfV3Mvlnevv/1I+Revtz5AHKkNvHn1/tn5+X4lL25MZnXsaP+CQ0IAnm9OrKzKvXZJazXCZSqdg8bLKQh3wQEw/Hlo/qzb/9RizaDVvlPx/fpscO6JhXVV6udGp0qLWwBiAvsbB5DNIftLnENn+yRwDYCNOM2R6KLcnLlfDlrtocZMZbo+Xb/reaNj7nHXPeGVpxp+3aUvwNXUdZ4giI8BoN9UoBaEiu+i2Cbn7EQvSIf6CtO496XA7RfQqeb1r/udXikgU0/b0iwQsS1H9QFllSwfBo32YSgyp4NKRUIZG4eAzZsRmekvqeWowPCne35tDuSNry1Cphoja8ilGy+7GT2lHWKOeRB2zygWmdeY9YvWL1UqBYsvHQ2BPB5Vms04jh9jqQ9XviUROpv18ukqnZcaGFku2r3mzvy37y4MDAwMDAwMDAwMDAy2H/8CAAD//xZelnI=") open(&(0x7f0000000140)='./file2\x00', 0x0, 0x0) 2m33.528593943s ago: executing program 0 (id=2523): syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000280)='./file0\x00', 0x18000, &(0x7f0000000400)=ANY=[], 0x1, 0x2fe, &(0x7f00000006c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkk6DqTGiK7fGD2EMYcmORPkCbNzpxo07NiaayMI4ptMZCmUoFloq8P8lZA5z5szcWwZybsN0/c7rx/mspWX1sgSjSgIiIhsigxIUT8DdBp04Ilu9kIt93z+dvXX33o1UOj02qdR4aupSUik1MPT+ybOYe9hKr6wNPlj/lvy69v/a6fXfU49ylspZqlAsK11NF7+U9WnTULM5K68pNWEaumWoXMEySrV8sZbPmsW5uYrSC7P98bmSYVlKL1RU3qioclGVSxUVeqjnCkrTNNUfF+wlszg5qaf8Mr17F890YEDogFIppYdEJLYjk1nsyoAAAEBXNfb/QVHt7P+Xzq2W+24vD7j9/0rEr/+//Ll2rm39f1REfPt/7/ph8en/9db6/50d0cmye/+PI2MosmNXoB5Wk6WUHnd/fx0v7y8NOwH9PwAAAAAAAAAAAAAAAAAAAAAAR8GGbSds2054W++rV0SiIuJ971MaEpGrXRgy2ugAP38cA/UH98IDIuar+cx8prZ1D1gVEVMMGZaE/HLuB1c19p48UlWD8sFccOsX5jMhJ5PKSs6pH5FEjzTW2/b49fTYiKrZXt8j8a31SUnIf/71Sd/6iFw4v6Vek4R8nJGimDLrjKNe/3xEqWs30w31Mec4AAAAAACOA01t8l2/a1pD3tlbzdfqN9fXje8PhOrr62Hf9XlYzoS7OXMAAAAAAE4Oq/I0r5umUWoSxGTvY/YfhDt0Zm+Gf1vl/S9D52baJPAuvi0VdXe2/WUJtPCy7BIEZT9VQ9XZqIPOwnvbqCH1w7ZtJ5CJ0ebnibVw87cUnHrz9mf7TnhlOeo/012Cdy1cItT8Bug5lD8+AAAAAA5Vven39ox2d0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJxAh/H5dt2eIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPCv+BMAAP//RYACeQ==") openat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x44800, 0x94, 0x4}, 0x48) 2m18.42116122s ago: executing program 32 (id=2523): syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000280)='./file0\x00', 0x18000, &(0x7f0000000400)=ANY=[], 0x1, 0x2fe, &(0x7f00000006c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkk6DqTGiK7fGD2EMYcmORPkCbNzpxo07NiaayMI4ptMZCmUoFloq8P8lZA5z5szcWwZybsN0/c7rx/mspWX1sgSjSgIiIhsigxIUT8DdBp04Ilu9kIt93z+dvXX33o1UOj02qdR4aupSUik1MPT+ybOYe9hKr6wNPlj/lvy69v/a6fXfU49ylspZqlAsK11NF7+U9WnTULM5K68pNWEaumWoXMEySrV8sZbPmsW5uYrSC7P98bmSYVlKL1RU3qioclGVSxUVeqjnCkrTNNUfF+wlszg5qaf8Mr17F890YEDogFIppYdEJLYjk1nsyoAAAEBXNfb/QVHt7P+Xzq2W+24vD7j9/0rEr/+//Ll2rm39f1REfPt/7/ph8en/9db6/50d0cmye/+PI2MosmNXoB5Wk6WUHnd/fx0v7y8NOwH9PwAAAAAAAAAAAAAAAAAAAAAAR8GGbSds2054W++rV0SiIuJ971MaEpGrXRgy2ugAP38cA/UH98IDIuar+cx8prZ1D1gVEVMMGZaE/HLuB1c19p48UlWD8sFccOsX5jMhJ5PKSs6pH5FEjzTW2/b49fTYiKrZXt8j8a31SUnIf/71Sd/6iFw4v6Vek4R8nJGimDLrjKNe/3xEqWs30w31Mec4AAAAAACOA01t8l2/a1pD3tlbzdfqN9fXje8PhOrr62Hf9XlYzoS7OXMAAAAAAE4Oq/I0r5umUWoSxGTvY/YfhDt0Zm+Gf1vl/S9D52baJPAuvi0VdXe2/WUJtPCy7BIEZT9VQ9XZqIPOwnvbqCH1w7ZtJ5CJ0ebnibVw87cUnHrz9mf7TnhlOeo/012Cdy1cItT8Bug5lD8+AAAAAA5Vven39ox2d0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJxAh/H5dt2eIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPCv+BMAAP//RYACeQ==") openat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x44800, 0x94, 0x4}, 0x48) 1m16.425532933s ago: executing program 2 (id=3504): syz_usbip_server_init(0x4) syz_usb_connect(0x0, 0x34, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100002c464708c2153b003e66010203010902220001000000000904000001e3fe11000905000000000000000705936b90"], 0x0) 1m14.118638737s ago: executing program 2 (id=3519): r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000002ec0)={0x1, @win={{0x5683a662, 0x6b, 0x47425247, 0x400040}, 0x8, 0x2, 0x0, 0x7, 0x0, 0xe}}) 1m13.708710784s ago: executing program 2 (id=3523): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000300)={r0, 0xffffffffffffffff, 0x12}, 0x14) 1m13.385933356s ago: executing program 2 (id=3527): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000280)='./file0\x00', 0x800, &(0x7f0000000500)=ANY=[@ANYBLOB='iocharset=cp850,dmask=00000000000000000000777,namecase=1,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c666d61736b3d30300000000000000040303030303030303030303031302c757466382c666d61736b3d30303030303030303030303030303030303030303030372c6572726f72733d72476d6f756e742d726f2c6e616d65636173653d312c706c6c6f775f7574696d653d30303030323030303030303030303015303134373037302c00904f5ef6c3660c06b4d7d3172ed33955a22d96c6b58d48d25609fc8fd957db7f4cfb97e98333158a7878aa16963be19155c4a0068007e41cc520b790c6292f5e20dbf5725a2a02670903b3d75dfbb2030d8cdef5210ed5485e27f1d33f67e2d90248d081d098053c"], 0x1, 0x1528, &(0x7f00000037c0)="$eJzs3AuYT9X6OPD3XWvtMSS+TXIZ1lrv5ptclkmSXJLkkiRJkuSWkDTJkYTEEJI0JCG5DEkMIblMTBr3+/2SkCRNkoTklqz/M+FxOnX+p/M7/XKe37yf59mP9X73ftd+9/f9XvbeZubbrkNrNaldvRERwX8EL/yTBACxADAQAPICQAAA5ePKx2Wtzykx6T/bCftzPZh6pStgVxL3P3vj/mdv3P/sjfufvXH/szfuf/bG/c/euP+MZWebphW6hpfsu/D9/+yMv///D8ksM/bLNWWu6wYQ80dTuP/ZG/f//6zgj2zE/c/euP/ZVeyVLoD9F+D3f3aQ45+u4f5nb9x/xrKzK33/+UovEPkvew6O5LzQmL/q+BljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsb/AaX+ZAoBL4ytdF2OMMcYYY4wxxv48PseVroAxxhhjjDHGGGP/+xAESFAQQAzkgFjICblAAMDVkAfyQgSugTi4FvLBdZAfCkBBKATxUBiKgAYDFghCKArFIArXQ3G4AUpASSgFpcFBGUiAG6Es3ATl4GYoD7dABbgVKkIlqAxV4DaoCrdDNbgDqsOdUANqQi2oDXdBHbgb6sI9UA/uhfpwHzSA+6EhPACN4EFoDA9BE3gYmsIj0AyaQwtoCa3+R/nPQ094AXpBb0iCPtAXXoR+0B8GwEswEF6GQfAKDIZXIRmGwFB4DYbB6zAc3oARMBJGwZswGt6CMTAWxsF4SIEJMBHehknwDkyGd2EKTIVUmAbT4T2YATNhFrwPs+EDmANzYR7MhzT4EBbAQkiHj2ARfAwZsBiWwFJYBsthBayEVbAa1sBaWAfrYQNshE2wGbbAVtgG22EHfAI74VPYBbthD3wGe+HzfzP/1D/kd0NAQIECFSqMwRiMxVjMhbkwN+bGPJgHIxjBOIzDfJgP82N+LIgFMR7jsQgWQYMGCQmLYlGMYhSLY3EsgSWwFJZChw4TMAHL4k1YDstheSyPFbACVsRKWAmrYBWsilWxGlbD6lgda2ANrIW18C68C/tgXayL9bAe1sf6l25PYSNshI2xMTbBJtgUm2IzbIYtsAW2wlbYGltjG2yD7bAdtsf22AE7YCImYkfsiJ2wE3bGztgFu2BX7IrdsDt2z3w+B+AL+AL2xhqiD/bFvtgPk3MMwJfwJXwZB+Er+Aq+isk4BIfia/gavo7D8SSOwJE4CkdhVfEWjsGxSGI8pmAKTsSJOAknYVah7+JUTMVpOB2n4wyciTPxfZyNH+AHOBfn4nxMwzRcgAsxHdNxEZ7CDFyMS3ApLsPluAxX4ipciWtwLa7B9bgeN+JG3IybcStuxe24HT9BBYCf4m7cjcm4F/fiPtyH+3E/HsADmImZeBAP4iE8hIfxMB7BI3gUj+FxPIYn8ASexFN4Gk/jWTyL5/DZ+K8bf1JydTKILEooESNiRKyIFblELpFb5BZ5RB4RERERJ+JEPpFP5Bf5RUFRUMSLeFFEFBFGGEEijAEAERVRUVwUFyVECVFKlBJOOJEgEkRZUVaUE+VEeXGLqCBuFRVFJdHWVRFVRFXRzlUTd4jqorqoIWqKWqK2qC3qiDqirqgr6ol6or6oLxqI+0VD0QcH4IMiqzNNxBBsKoZiM9FcyIufYK3FcGwj2op24nExEkdgB9HaJYqnREcxBjuJv4mx+IzoIsZjV/Gc6Ca6ix7iedFTtHG9RG8xGfuIvmIq9hP9xQDxkpiBNcX7ODtnLfGqSBZDxFDxmpiPr4vh4g0xQowUo8SbYrR4S4wRY8U4MV6kiAlionhbTBLviMniXTFFTBWpYpqYLt4TM8RMMUu8L2aLD8QcMVfME/NFmvhQLBALRbr4SCwSH4sMsVgsEUvFMrFcrBArxSqxWqwRa8U6sV5sEBvFJrFZbBFbxTaxXewQn4id4lOxS+wWe8RnYq/4XOwTX4j94ktxQHwlMsXX4qD4RhwS34rD4jtxRHwvjopj4rj4QZwQP4qT4pQ4Lc6Is+IncU78LM4LL0CiFFJKJQMZI3PIWJlT5pJXydwyuPjsXiPj5LUyn7xO5pcFZEFZSMbLwrKI1NJIK0mGsqgsJqPyellc3iBLyJKylCwtnSwjE+SNsqy8SZaTN8vy8hZZQd4qK8pKsrKsIm+TVeXtEiIX9lFD1pS1ZG15l0yCu2VdeY+sJ++V9eV9soG8XzaUD8hG8kHZWD4km8iHZVP5iGwmm8sWsqVsJR+VreVjso1sK9vJx2V7+YTsIJ+UifIp2VH6iy+RZ2QX+azsKp+T3WR32UP+LM9LL3vJ3hL6gOwrX5T9ZH85IBYA5MtykHxFDpavymQ5RA6Vr8lh8nU5XL4hR8iRcpR8U46Wb8kxcqwcJ8fLFDlBTpRvy0nyHTlZviunyKkyVU6TA+TAX2aaJeW/zH/7d/IH/7L3jXKT3Cy3yK1ym9wud8hP5E65U+6Su+QeuUfulXvlPrlP7pf75QF5QGbKTHlQHpSH5CF5WB6WR+QReVQek2fkD/KE/FGelKfkKXlGnpVn5bmLzwEoVEJJpVSgYlQOFatyqlzqKpVbXa3yqLwqoq5RcepalU9dp/KrAqqgKqTiVWFVRGlllFWkQlVUFVNRdT1efMGoUqq0cqqMSlA3/jv5qri6QZVQJX+Vf6m+pH9SXyvVSrVWrVUb1Ua1U+1Ue9VedVAdVKJKVB1VR9VJdVKdVWfVRXVRXVVX1U11Uz1UD9VT9VS9VC+VpJJUX/Wi6qf6qwHqJTVQvawGqUFqsBqsklWyGqqGqmFqmBquhqsRaoQapUap0Wq0GqPGqHFqnEpRKWqimqgmqUlqspqspqgpKlWlqulqupqhZqhZapaarWarOWqOmqfmqTSVphaoBSpdpatFapHKUIvVYrVULVXL1XK1Uq1Uq9VqtVatVevVepWhNqlNaovaorapbWqH2qF2qp1ql9ql9qg9aq/aq/apfWq/2q8OqAMqU2Wqg+qgOqQOqcPqsDqijqij6qg6ro6rE+qEOqlOqtPqtDqrzqpz6pw6r85nnfYFIhCBClQQE8QEsUFskCvIFeQOcgd5gjxBJIgEcUFckC+4LsgfFAgKBoWC+KBwUCTQgQlsIC42PRpcHxQPbghKBCWDUkHpwAVlgoTgxqBscFNQLrg5KB/cElQIbg0qBpWCykGV4LaganB7UC24I6ge3BnUCGoGtYLawV1BneDuoG5wT1AvuDeoH9wXNAjuDxoGDwSNggeDxsFDQZPg4aBp8EjQLGgetAhaBq3+1Pm9P1ngMddL99ZJuo/uq1/U/XR/PUC/pAfql/Ug/YoerF/VyXqIHqpf08P063q4fkOP0CP1KP2mHq3f0mP0WD1Oj9cpeoKeqN/Wk/Q7erJ+V0/RU3Wqnqan6/f0DD1Tz9Lv69n6Az1Hz9Xz9Hydpj/UC/RCna4/0ov0xzpDL9ZL9FK9TC/XK/RKvUqv1mv0Wr1Or9cb9Ea9SW/WW/RWvU1v1zv0J3qn/lTv0rv1Hv2Z3qs/1/v0F3q//lIf0F/pTP21Pqi/0Yf0t/qw/k4f0d/ro/qYPq5/0Cf0j/qkPqVP6zP6rP5Jn9M/6/PaZ53cZ329G2WUiTExJtbEmlwml8ltcps8Jo+JmIiJM3Emn8ln8pv8pqApaOJNvCliipgsZMgUNUVN1ERNcVPclDAlTClTyjjjTIJJMGVNWVPOlDPlTXlTwVQwFU1FU9lUNreZ28zt5nZzh7nD3GnuNDVNTVPb1DZ1TB1T19Q19Uw9U9/UNw1MA9PQNDSNTCPT2DQ2TUwT09Q0Nc1MM9PCtDCtTCvT2rQ2bUwb0860M+1Ne9PBdDCJJtF0NB1NJ9PJdDadTRfTxXQ1XU030830MD1MT9PT9DK9TJJJMn1NX9PP9DMDzAAz0Aw0g8wgM9gMNskm2Qw1Q80wM8wMN8PNCDPSjMo6UTVvmTFmrBlnxpsUk2ImmolmkplkJpvJZoqZYlJNqpluppsZZoaZZWaZ2Wa2mWPmmHlmnkkzaWaBWWDSTbpZZBaZDJNhlpglZplZZlaYFWaVWWXWmDVmHawzG8wGs8lsMlvMFrPNbDM7zA6z0+w0u8wus8fsMXvNXrPP7DP7zX5zwBwwmSbTHDQHzSFzyBw2h80Rc8QcNUfNcXPcnDAnzElz0pw2p81ZU+Di96U3sTanzWWvsrnt1TaPzWv/MS5oC9l4W9gWsdrmtwV+FRtrbQlb0paypa2zZWyCvfE3cUVbyVa2Vexttqq93Vb7TVzH3m3r2ntsPXuvrW3v+lVc395nG9iHbUNEANvcNrYtbRP7sG1qH7HNbHPbwra07e0TtoN90ibap2xH+/Rv4gV2oV1lV9s1dq3dZXfb0/aMPWS/tWftT7aX7W0H2pftIPuKHWxftcl2yG/iUfZNO9q+ZcfYsXacHf+beIqdalPtNDvdvmdn2Jm/idPsh3a2Tbdz7Fw7z87/Jc6qKd1+ZBfZj22GDWCJXWqX2eV2hV15qVaf1663G+xGu9N+arfYrXab3W53XDoRtrvtHvuZ3Ws/twftN3a//dIesIdtpv36lzjr+A7b7+wR+709ao/Z4/YHe8L+qC5lZx37D/Zne956C4QEJElRQDGUg2IpJ+Wiqyg3XU15KC9F6BqKo2spH11H+akAFaRCFE+FqQhpMmSJKKSiVIyidD1dKq8UlSZHZSiBbqSydBOVo5upPN1CFehWqkiVqDJVoduoKt1O1egOqk53Ug2qSbWoNt1Fdehuqkv3UD26l+rTfdSA7qeG9AA1ogepMT1ETehhakqPUDNqTi2oJbWiR6k1PUZtqC21o8epPT1BHehJSqSnqCM9TZ3ob9SZnqEu9Cx1peeoG3WnHvQ89aQXqBf1piTqQ33pRepH/WkAvUQD6WUaRK/QYHqVkmkIDaXXaBi9TsPpDRpBI2kUvUmj6S0aQ2NpHI2nFJpAE+ltmkTv0GR6l6bQVEqlaTSd3qMZNJNm0fs0mz6gOTSX5tF8SqMPaQEtpHT6iBbRx5RBi2kJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQJ7STPqVdtJv20Ge0lz6nffQF7acv6QB9RZn0NR2kb+gQfUuH6Tvfm76no3SMjtMPdIJ+pJN0ik7TGTpLP9E5+pnOkycIMRShDFUYhDFhjjA2zBnmCq8Kc4dXh3nCvGEkvCaMC68N84XXhfnDAmHBsFAYHxYOi4Q6NKENKQzDomGxMBpeHxYPbwhLhCXDUmHp0IVlwoTwxrBseFNYLrw5LB/eElYIbw0rhpXCh++tEt4WVg1vD6uFd4TVwzvDGmHNsFZYO7wrrBPeHdYN7wnrhfeG5cL7wgbh/WHD8IGwUfhg2Dh8KGwSPhw2DR8Jm4XNwxZhy7BV+GjYOnwsbBO2DduFj4ftwyfCDuGTYWL4VNgxfPqX9fct/Ofrk8I+Yd/wxfDF0Pt75Lzo/Gha9MPogujCaHr0o+ii6MfRjOji6JLo0uiy6PLoiujK6Kro6uia6Nrouuj66Iboxqj3tXOAQyecdMoFLsblcLEup8vlrnK53dUuj8vrIu4aF+eudfncdS6/K+AKukIu3hV2RZx2xllHLnRFXTEXdde74u4GV8KVdKVcaedcGZfgWrpWrpVr7R5zbVxb18497h53T7gn3JPuSfeU6+iedp3c31xn94zr4p51z7rnXDfX3fVwz7uebkKeC+/JJNfX9XX9XD83wA1wA91AN8gNcoPdYJfskt1QN9QNc8PccDfcjXAj3Cg3yo12o90YN8aNc+NciktxE91EN8lNcpPdZDfFTXGpLtVNd9PdDDfDVZ15YS9z3Bw3z81zaS7NLXBZ54zpbpFb5DJchlvilrhlbplb4Va4VW6VW+PWuHVundvgNrhNbpPb4ra4bW6b2+F2uJ1up9vl816Y1O11+9w+t9/tdwfcVy7Tfe0Oum/cIfetO+y+c0fc9+6oO+aOux/cCfejO+lOudPujDvrfnLn3M/uvPMuJTIhMjHydmRS5J3I5Mi7kSmRqZHUyLTI9Mh7kRmRmZFZkfcjsyMfROZE5kbmReZH0iIfRhZEFkbSIx9FFkU+jmREFkeWRJZGlkWWR7wvvCX0RX0xH/XX++L+Bl/Cl/SlfGnvfBmf4G/0Zf1Nvpy/2Zf3t/gK/lZf0Vfylf0jvplv7lv4lr6Vf9S39o/5Nr6tb+cf9+39E76Df9In+qd8R/+07+T/5jv7Z3wX/6zv6p/z3Xx338M/73v6F3wv39sn+T6+r3/R9/P9/QD/kh/oX/aD/Ct+sH/VJ/shfqh/zQ/zr/vh/g0/wo/0o2Le9KMvXSLDeJ/iJ/iJ/m0/yb/jJ/t3/RQ/1af6aX66f8/P8DP9LP++n+0/8HP8XD/Pz/dp/kO/wC/06f4jv8h/7DP84ks3lf0Kv9Kv8qv9Gr/Wr/Pr/Qa/0W/ym/0Wv9Vv89v9Dv+J3+k/9bv8br/Hf+b3+s/9Pv+F3++/9Af8Vz7Tf+0P+m/8If+tP+y/80f89/6oP+aP+x/8Cf+jP+lP+dP+jD/rf/Ln/M/+PP/OGmOMMcbYHzLh8lD8es2F2/l9fidH/N3GfQHg6q2FMv9+fdYZ5br8F8b9RXz7CAA81bvrg5eWGjWSkpIubpshISg2F+DS/wRliYHL8WJoB09AIrSFsr9bf3/R/Sz9i/mjtwDk+rucWLgcX57/CwBM+p35H3181IIK4em4/8/8cwFKFLuckxMux4uh3S/3V9pCuX9Sf4HW/6L+nF+mALT5u5zccDm+XH8CPAZPQ+KvtmSMMcYYY4wxxi7oLyp3vnT9eeknPn/v+jxeXc7JAZfjf3V9zhhjjDHGGGOMsSvvme49nnw0MbFt539/UO1/lPWHB03hf2tmHvzuwHuAS48oAPgPJwTIGsi/8ig2/yX7Sr741vnHVcvO+AD+O1r5Zwyu8AcTY4wxxhhj7E93+aT/14+rK1UQY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDGWDf0Vf07sSh8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdqX9vwAAAP//kfb+pw==") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) 1m12.78510145s ago: executing program 2 (id=3534): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x8922, &(0x7f0000000000)={'veth1_vlan\x00', @random="05b11a63ef00"}) 1m11.954377717s ago: executing program 2 (id=3548): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x40, 0x7ffc1ffb}]}) setgroups(0x0, 0x0) 1m11.412479165s ago: executing program 33 (id=3548): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x40, 0x7ffc1ffb}]}) setgroups(0x0, 0x0) 2.436806006s ago: executing program 1 (id=4302): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) mlock2(&(0x7f0000004000/0x4000)=nil, 0x40ef, 0x0) 2.102634446s ago: executing program 1 (id=4309): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c00000013000500"/20, @ANYRES32=0x0, @ANYBLOB="000000006081000c140003"], 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x0) 1.928637052s ago: executing program 4 (id=4312): r0 = socket$can_raw(0x1d, 0x3, 0x1) getsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000280)=[{}], &(0x7f0000001900)=0x8) 1.866131641s ago: executing program 5 (id=4314): r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0xc1105511, &(0x7f0000000040)) 1.747936625s ago: executing program 1 (id=4315): r0 = socket$inet(0x2, 0x2, 0x1) sendmsg$inet(r0, &(0x7f0000000040)={&(0x7f0000000440)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000000480)=[{&(0x7f00000000c0)="08001eb3b0335d00", 0x8}, {&(0x7f0000000680)="84e1d2455d1a0f66a36949972d9e98b338e5930521d266f58473e4de4ce1e0f9a00101c5003ca287b2a30b4732a1bf60cdb005699bea54ae3c74c4c4adbc616063d647f651960d7d9b4e24b13546b3ba337abd4a00be4dc1f3b34018793631592c1c2e775b8cb466cb08a3eab8193b160830708eca1d6f5c0b9e2e45a86933e4a5f438e346680d01ff46dc1209a205e2cc135ae722c96c79c5674cc685a9dfbff2e8042c3c837cfd6c88c168697e953ada56bfec9e7475c1bf5d73929adc8de2ce624565eedd3557d0349688acc246efd3047a0f63dfa6b7d94ee913c2022447dbb53a1fcff37a32171c2cb18ab48cce9fe76fd6bac20a0e9a1c04b4f258d37f997c55f7df90d72d2ec8af7580eac272f1135bba9c5bfd48b7aca8c9eb242c297224ecc7d7244782d621b44a3a09fbcd26e44e9ac53bc3342e33697d0a86b47bb4834136d57b12f87a066526427f526a1637418156a12b021d576db5f5fcdeb3faaa81e55607056e79476723c42e20e6d8af4e7d2067f214aea4cafafeb01fcf4be1685ea1304fbae4fc7629b811283e36eb9e5c93cc683374c17a30f8aac579d83510d8a4a8813ece5c837551d53920abf4202e0834dea3f16e7d069142df83c85ece4a7de6b0b345e65452c7896db0af76469e5b1c32134f1b0d41d4b0acca45585f45efb3ad0ebf124470e4c7843b54429103e89930e7b69730c41d0694305bc5f3010dfa7b424c36079c0a2b82c25bddf0089e0e681d3985517536f1ccfe793b94fbbc0f5b7fd85bbb2fc8e3682d70c4e442e334b156bdf266601cfbd827fe13c159a0d212cc5b3b8ca3919ce9bcf671a02f4801fcf08a7830e867f59ed64ce97d9f9c6608cf6c66ef9b538daf17988db0a3b8bdfd8ae25d25b405a527c1e8da744ebac3eea5b8b9ebfd9bbd10ec7f504b0448f6de8c2fa8c024e51a728b147de1f0f2a14a03819873af76ac64f8f4967f1196f16a75f20e75fcac832f653dda6b7cbabc9baaab9458361fcc59e7b338ec9967ed42bc52732cfcbcfb6e12a5e7598d06681e32592b2e16e4d99278dd9f3f820f5b2c72750cd8c919c3867724586fcd8764979c6f77009942b2406e861bb1917583bc3ba0c0c8a179970e5124a043dfe6d3653951cf0dfd377de09f02f44bf7db63c634cec26f7d31ec2a44e2abe3b3365e67c973eaa3f114a8ca770e6dea7b1baae0ace95fef7ffc641c82384b697fbf202f2bb939eeb1d32a678feaa7a41afa99aebf7b152fdbbf80b7223b855487c7ff3fd3ab96a85fbd00724ea537743a897df71dd82137f5834f39c570c18620805aee599295ce03a3378589c356ff38911ea4675aef4e68ac555f5ea3767cd6189c60e3bc5a32392acc6a08158b588ce4add0494e768e57e73f9ca4c91c978ecab7a726b8c99ce50ee539a4fd4444ed596e9b92f3d35c27c1a9536baeed78e42a909afbcff982299f53e4326c458777026508880aed7d92dc223508cc55652e7725360222f412902be648bdc76a3e9efc18e6b5555f11e1aee44725f7623a3aab8872864612325345b6287e8674afcc4d66451d61a3aec1f7a9d9253d026ff87697ed2de2f0fcfaaa7f2677602954078e273d69b00bae24a29f28e1cb7ea361295619871b3744f8be27ad28e61fc738bc7956fdc512f7c45b962870616690140c9c49525864c5c8926c0c2f3610f0cf227c4b79d2c37d36f9420ed17341f59b9f99ed11ce4a8aa1f65b6df8ec5319349315264341e10e37df528d52e289da1250d352880339732a15f72c1bf51520e084a943d7ce78ed820081714e22df35368ea4711d2a6683d3d325a248022eff0fd695068c0a44f52eadceb9210cd7c142349d10b41c63239d5f3509e941b9efcc1cb9e289754ef1cf8b9af8eea520f745071a4b40e08376f5bb415d24c437e44996d8fbe7921fdc4c17cb2d4cd7f5413630e402b595623df17338185f40ef93e47b33d28dedab927591b8d04b17a3093adbf3618f39be08e6a2823f2ad616767ec5f08be7498ab576e5e96b90d4cad3fd972343c9e769040b6d250e36de4ce2abbfed4932b2", 0xfffffe1d}], 0x2, 0x0, 0x0, 0xe0000000}, 0x8000) 1.707179503s ago: executing program 3 (id=4316): r0 = socket$inet(0x2, 0x2, 0x1) sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0xffff, @multicast2}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f00000004c0)="1ed8b7f9d457", 0x6}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c0000000000000000000000020000"], 0x40}, 0x20000000) 1.695857943s ago: executing program 6 (id=4317): ioperm(0x284, 0x7f, 0xe3) quotactl_fd$Q_SETINFO(0xffffffffffffffff, 0xffffffff80000602, 0xee01, 0x0) 1.602188807s ago: executing program 4 (id=4318): r0 = openat$binfmt_format(0xffffff9c, &(0x7f0000000040)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x2, 0x0) write$binfmt_format(r0, &(0x7f0000000180)='-1\x00', 0x3) 1.518403273s ago: executing program 7 (id=4319): r0 = syz_open_dev$video4linux(&(0x7f0000000040), 0x7ffffffbffffffff, 0x0) ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r0, 0xc040564a, &(0x7f0000000200)={0x0, 0x0, 0x3014}) 1.518259743s ago: executing program 5 (id=4320): r0 = syz_open_procfs(0x0, &(0x7f0000000200)='ns\x00') getdents64(r0, 0xffffffffffffffff, 0x43) 1.424164164s ago: executing program 1 (id=4321): unshare(0x40600) flock(0xffffffffffffffff, 0x8) 1.385037958s ago: executing program 3 (id=4322): r0 = openat$apparmor_thread_current(0xffffff9c, &(0x7f0000001140), 0x2, 0x0) write$apparmor_current(r0, &(0x7f0000000080)=@profile={'stack ', '&&\x00'}, 0x9) 1.264628482s ago: executing program 7 (id=4323): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) getsockopt$ARPT_SO_GET_INFO(r0, 0x0, 0x60, &(0x7f0000000080)={'filter\x00', 0x0, [0x6, 0x0, 0x3]}, &(0x7f0000000100)=0x44) 1.222318449s ago: executing program 6 (id=4324): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050014000900010073797a3000000000400000001b0a01030000000000000000050080000900010073797a3000000000090003"], 0x9c}}, 0x0) 1.213382586s ago: executing program 5 (id=4325): r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x5, &(0x7f0000001080)=0xffffffff, 0x4) 1.179512578s ago: executing program 4 (id=4326): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x8, 0x3, &(0x7f0000000080)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x61, 0x54}}, &(0x7f0000281ffc)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={r0, 0x0, 0xe40, 0x0, &(0x7f00000000c0)="5cdd3086ddffff6633c9bbac88a8862608dffd00139fb7a884bdfc14f4870800", 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.114299822s ago: executing program 1 (id=4327): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000007c0)=@newsa={0x144, 0x10, 0x413, 0x20, 0x25dfdbf9, {{@in6=@dev, @in=@remote, 0x0, 0x0, 0x0, 0x5}, {@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x0, 0x32}, @in=@dev, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x100000001}, {0x1}, 0x0, 0x0, 0xa, 0x4, 0x0, 0x28}, [@algo_aead={0x4c, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0x0, 0x60}}, @extra_flags={0x8, 0x18, 0x6}]}, 0x144}}, 0x0) 1.076164957s ago: executing program 3 (id=4328): r0 = openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f0000001c40), 0x2, 0x0) write$apparmor_current(r0, &(0x7f0000000040)=@profile={'stack ', '&&\n:\f\xca|+\b\xc9\xdf\xf7\x89w\xf3\x06\xb4W\xca\x93\x03\x1d7\x1d\x06\xd2\xe5\x9e\x86>/\xe5A\x18\xa4\xeeC\x06\x8d\xf6\xba\x88\xe1\xb6\xdc:U,\x91\xae\x1c\x81}k`\x14\'\v\x8b\xc5\x1fs68R\xf4\xf1.\xe9U\xf4dY\x9f\fH]\x00`\x93sh\xedX\xf2\xcb\xb0\x1c\x83\xe4f\xe9\xaao\x13\xf3\x81\xf0>(AKf\x83\x92\xb5\xa0Z\xaa\xa5N\xa9\xf0q.\xd5*&c\x1a\x8e\x02\xe6\xd29\xf1!\a&\xe7k\xda\x93w\xb2\xa2\xefm\xdf$\"\xee\xc7\xe3.\x1f\xe6\xba\xae\x83s\xc8\xaco\x17\x14!N\xfd\xca\xac^L\xd4\xe1N\xc7\xf6\x98\xa7}\xaeH\xed\\Q\xf5\xf4\xcf\xf8\xa3Yv n\xf5\xfc/\xa7\xc6\x93\';\x04\xd6Y=Hf\x82h\xdfe\xb0j\x8a~6\xee>\xbf\xc5\'$\x1f;\f+\xa8[x\xd4\x95N\xb3\x1a\xbb$0\x8c\xb4x\xd5\xbf\x17\xdch#'}, 0xf4) 1.024341094s ago: executing program 7 (id=4329): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)={0x14, 0x34, 0x701, 0x0, 0x0, {0x3}}, 0x14}, 0x1, 0x0, 0x0, 0x4044840}, 0x0) 875.207651ms ago: executing program 5 (id=4330): r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000280)="89000000120081ae08060cdc030000017f03e3f7000000006ee2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c0001000b080c00bdad01409bbc7a46e39a8285dcdf12176679df069163ce947ee2b49e33538afaeb2713f450ebd010a20ff27fff0000000000000000", 0x89}], 0x1}, 0xff0f000000000000) 857.990992ms ago: executing program 6 (id=4331): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="6c000000000201040000000000000000020000002400028014000180080001000000000008000200ac1e00010c0002800500010000000000300003802c00018014000300fc00000000000000000000000000000014000400fe8000000000000000000000000000bb04000180"], 0x6c}}, 0x0) 784.053856ms ago: executing program 3 (id=4332): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, r0}, 0x38) 698.375392ms ago: executing program 7 (id=4333): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) getsockopt$sock_buf(r0, 0x1, 0x1c, &(0x7f0000000280)=""/123, &(0x7f0000000180)=0x7b) 685.682841ms ago: executing program 4 (id=4334): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001940)=ANY=[@ANYBLOB="bf16000000000000b7070000000100004870000000000000500000000000000095000000000000002ba728041598fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f0711e6bd917487960717142fa9ea4318123f602000000000080de89e661168c1886d0d4d94f204e345c65c26e278ef58d5e2dc662c5be8156253bf6ceb9eeb915395b19284a1a4bc72fbc1626e3a2a2ad358061d0ae0209e62f51ee988e6ea604ce974a22a550d6f9708098040000dc027c46e4c53e05df3ceb9f1feae5737ecaa80a666963c474c2a100c788b277beee1cbf9b0a4d3881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3431abe8023c889fd4cf6c662ed4048d3b3e22278d00ce00000000d3a02762c2951257b85802189d74005d2a1bcf9436e192e23fd275985bf31b714f000bcab6fcd610f25f5888000000003f11afc9bd08c6ebfbb89432fb465bc52f49129b9b6150e320c9901de2ebb9000000018e3095c4c5c7a156cec33a667dccaff950ca1e5efdd4c968dacf81baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba175d876defd3541772f26e27c44cfdb2d85d6d29983e830a9cdd79837b3468e8c67a571d0a017c100344c52a6f387a1340bdc8889464f90cc4cd1f570dd39877dfb2ff1ae66e1ce917474b2e650ae630afd014a337ac5d58bcb5e51723257c872c5255f20100000000000000f041b665ab21372c8d8b7bac5b5c784d20a4a24d8dbd75062e1daef9dead619cc6e7baa72707157791c3d2a286ffb8d35452bb5d36c2a8682bf7ecbd23f5faf50d8053f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b9935f771fd490180cd9d48aeb12b1d6acabd380200bcd222614d1f62734d679039a97d2b74f9e8e997ccd314000f7477137f4e8e7025123e783df8b8a17e3aa9fe1f662aef87a065b03cfb65b4dfe4f1b56e1f23128d743753a1de172d683d5892ce9414a1d98ea93e3d35dbb6c23b90cf36e83b8a434a97d09343d7f83079ccb02e69d384146056d125cfa788237874dd42dae334bda042819a2aa24dba1c25be2794448b4f63483026b5e34d44705b76ef29241adab0dd7d68bf975e02069f6f2425e1bc97a3d588085f16bef63a06578d4f5de7bfb6aaa75f16996d536256c02284cb1d3a6fb8cae87691fae365a70c3fc69e1565bba8dd8a8ca049f798abe646f738bebd69413afc9d8a5edd7aaa000000000000001e6c2f2a287c5278a218dbfaffffff00a14db5cfa6819eb1d39c48cfdc80d215c9e16e0c4736c819363154cca4e2f89800d18c89d7f46f679df6c9e2952ae1ebfd0ca88368ee6ce139e8b5822c22cf2e9dde943d34c432e1001171792c65986146666a5490928441f47e0fe5eac41824ca1fd0eb71aa243c88d5480efd8329d9a733d8f9ffffff5f912ac4e34bf6ea8a86da707b03bddb491ba0cc98f6be92c50008a2b50025419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9b844051f1a642aca9ff98c9036471ccff0522903e7bcf62e18f7696bbc280b95e8e0d6fd5644b0ebde3a95b06548862de809d3dae3cccf109f7c78e8479a345e800000000000000000000009455bf417627ce723a5d9103706aba69279500bb82f6b5a3ddc0bd9856712945b70c75ce5b722578820820d010d7a3266499fc647d0b82ef26ab708c0b19ed144be51c3b398f0e6bb7a30006000000cba12953d58cff0f0378740fe6662f377b97d8e7cdb047acd083d3cd3856476a60a49ad127ba6570bafc2bbcf9ee721fd9cb467ff071e5604fbf0491245c0000007d932d7a64de4c4aa433fc0840aff7c47da3a4c6966d0000000000000000f6bfbae29e8a6e2a889f6ef6869d82d6bd73eb76b65c7a35a54a4a6b8ad4600e3a972a0bb5971a5f16590b0a03dafa3fd1118765cc8ab9fccf3b51c41a339f200f2fa33006910a679a9ae0187b4d750c4bd244cb0cbfd23b265f4d4da448a7a0d19c5e43eae50a31609dfa2dde267551467eb6475293dd7012cc449009981f22820e57a0eff234ccfe21d7a2302e000669753d3c3432cc14ee1abe724adb6b5431befedd3e22971118f0e21aed1823cb7dde8212a8531bd9691dd4cc6a370e9eb56b3d790b98f2bd0db1e5de6a146597b2cbb7103040d2a39d7965d34df524b760ab92efcce7dd1574052c735935bf6a752c7f000000b1f5c1ee4b05ebf1445ea110f499f840a5c965443d725556351ee25fe09f69494b053678dcadcf02e063dff2fa4bef1ac3bbbebe6c74d71ec3b23e29895eff1d1017024fe3e8cc759b05785adc346b7ffd05963f92c1d0d7d90ba878ad89e490f3e29ac51d30632869a534418f916bf6fe8167827a8e6c8f8b391c822805cb0adf1b8bd6947ff208753eb0d208ce14f7b206b2e02c21e963abc5ceb735c1b3c46b0a843de589020000dfb663a8d8ee9c2b2705c1a81d9d3b9656b219c8cd99c9cafcd0d0540884d97aecb19983fc6af29ab44a82aff9cba921192c665b877af6539bdb1b564e1eac69e7e88a63960975f490e161e371ec8534791e3b61c685d900a9c0839208356b53750e76fcc3c2d1bddcbd83897921414d0c02e8188f3df79ea2a5c5444004830e6cb227ca1bdafb977c00000000003a417193b8c5d793687335a930867094fd6a78218218e04b705ec62f1608cb569b81914e68f175b392af6bc4fd2121d7fd276af2c97a441b56e7a0687d98b8e76d8d0d231e4fe00be1de76bd19cc12bd938eb681ed6bc951c1b4f7c51af59eea4d40c6000000000200778a677b72786311153271a3313da026459e4d04ac86dd14ff7b9a10d3fa74696fe3953a5b7706bf5d1faba4b18808d9cb0e9db696dec4e0820ee4028d7225a2c9c427cf64cbde6fba056b2006b7a37c1181d530fb865e235cd302f3b4071ee5237ada986b9e5e3144bf479f277f10656ad3744037ccc9c63685a6f1109d2ea73773df635f61497f1fa1ea4a16f601800bf3e59141fbf05a96113320c445f9ba8596970d5254727e804fbd99ccefb7c09229dd2c5c25e56e169ac15980f3f85f7ca36dd5950ef5b64fd46f123311829534a82940994199b3cf7a8fabea9930952f5da9b909c1946e55289f668c423fcbb31ae91864c882313151741a67538c9689dc8ecc9903c7041e5c0704e2fa55a756487517a7445cbd9e3f5175e41c00000000000000000000000000bf98efd587fffe326f474b0b089c017b16c0062cbce96f5adebec52a79f9363909942f79c50a1520be46d87003137e4c5031f00123e812a5e37cd52c9eb7336281cb8c6ce9934b157d7875a75889e25d830c14bc0eaf103cb3138e2361c51cd1eab8a26b232acf6bf0ab829c26dab637538b2eb1420d812d2b80c777710ba0f18e4661681aa218d9ba54023ab4305d77eb15611ae2545835e9d30e9f6d4fb43a291c69545a1eea0f8720431132d8549f99bf6c5cb060da70cbb59d0a000000000034d083fc37d2449f72de0cbea4bc1dc89c136cdbc504f849d5502d77a95c7bfff4cd9c03058d0d4d07ea64824f1acf2b39389f675f39d01719cdbab3f1ce10609c8d7b3e37cb99b41da5e485a441b6a103549f55ab09dc98767763d1f2fafd45bb7d2b40050d1f8292f4d9ec6d00000000000039bbef2290f4996fdd55b06023437e9e2072daf7f5d82f6f1b5b89a41134f4dc2e65bb11272fdf8c8141f41d6160b3d8b6ecd16d14267f61b4881adee7f07f3d6af5ae79e16fe2c3f55ac7a6392d2e1d9b4286b6c3e1f5a76b85ed6e1f0000c67e6c5fcdc8c39381be4299b8cb2d08b8202c807dd755e22b801162381aa9d1af2bbc9cfd497585337eac408b8475b47a392a10cae349160f1200c36a90624f6aed398a215e9c5cdb2b039c4abf349d2c0f88a42e9189bbfa7f5cf35b6e7ef8f9d33163b7ea87550fb1ba33770ce3aec4714c9c4ca3ecb04f2720237615a28bf310b58ffa2a103216fdcc8c2d8f5d55e5e7ebf147105272aaae56e86d856b3cf79a3f7306436762dd1a08ce873e07cebc7892ec6f9f696da38feed3dc0001500e34adae1ba89a32bad2af9030f840f1ba4664f35547cdadd5cbacc59352c290f55d971b65953533668c25f21d8d62d849e9058eaa97c63491568887548f668cdbca2abf01a361a0b64d8b523e669da350e3ec7445dfbf366b0b3bc5e76824a1e43eaaeca70db90f2fa39596443447671933079a24fe3681ad9ac361f71ac279a688f10a1cc4df1112105edebc5e3bbc394c83058b129ca2dfb9b7c5e9d097bd01b495cccefddce569117f7f5d6a6270ff0f0f4c371029ca8489571b55841bf3dd003bc81460eee57ceb3c33f4e9300b0144fe040cf5fcfcbb616c2070237881afdb314cecd1623f3e55ab8b7627fa1be349145a8d6313cbc790eefe2020138e82fb9d351be4ddcbcc9bc048dd3db5828d16baec6e07a007f0030f34ea3cfd524d6fa1d45da5641d6c94e1d3ae7fba1c85035d2a60ef1696e0d96aa1c60019f73ae0aa6113cd66ef26b5777337c26e1461405d86fdf091edd526f25cada439bb3609ed5c35ab60a539ade786bd6004d0ea3edbd6c4da0d8e8be8c771c8c8a0b07d9859e04adb18964dcce9bce546074c26dffbc2df372a016e8c845d4257000000000000000000000000000000000000f29657697d9c2b132b2dc2f5ea5122836582a7e85fe2bc166f17aefd9d861de0191f5277d4a3b5afb6f23d9eea2459f7844606e1202768d83c24cc791bde44a448022bbfa571fe029a7b2d5152639e0000894ab6168992ff0acc01b39a078f285ce615351f262019586eb9447bb3eaffd7b53d8f37ca6c5f1027dd5b7592996c8a7789ba108979cc9ad07ed86682843e2eaa855dd01443ee6ffde1811f10039d5d14458177096e15cc4d8f2582a1bea5cc98d992f3de7d1cdfb24384b9f10f615c87c441dc970ec896a5af6bf69b50a244bc138a1cae9868c3079bafe69769000000000000000000e99b63029d219cd3545a8426b56554a9f265d3557eefb3602894507c256cb8ee9ebadfecb6afeb84ba757bfa8d00a5af0dd6aa1e8144ef8ef04410d52204c335408941b8eccc5c734cc6a05247142ed647f89bcb5c043acfb382b9cc918bc3cdc368983157851cdf678800aa7eb2a6cbc12c7ae23bc88b8f10223ab2a093429f3f6965bc5af0114cf6f2460000000000000000000000000000000000000000000000b4ad10caca3507cf3089113f6c79c3eb914f6a93d945593c685f94d21343b2860fdde0e0b9ab623c826e41fd3b93c5d4d547f2ae7d5289d7ea734118e3a6fc3821b597ec46ac0d7340d6218c71d6b4878bb6cdb147333b0eeacbe60d17f66cff6b249f0e2050b2be1d93b5c1e421840c2a959ad7000ce496db4dcda73e1b22bb56c464cab4135000d317d67c086d00000000"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe89, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x18000000000002a0, 0xe40, 0x2f00, &(0x7f0000000500)="b958945d8ae49c4f19be14f06558", 0x0, 0x84c, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x48) 583.662773ms ago: executing program 6 (id=4335): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000d00)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000004c0)=@bpf_lsm={0x6, 0x6, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000002000018200000", @ANYRES32=r0, @ANYBLOB="00000000000000006200f8ff0000000095"], &(0x7f0000000180)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 467.295523ms ago: executing program 7 (id=4336): r0 = open(&(0x7f0000000100)='.\x00', 0x0, 0x0) copy_file_range(r0, 0x0, r0, 0x0, 0x0, 0x0) 402.190595ms ago: executing program 3 (id=4337): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)={0x24, 0x1, 0x1, 0x301, 0x0, 0x0, {0xa, 0x0, 0x8}, [@CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x40f}]}, @CTA_TUPLE_REPLY={0x4}]}, 0x24}}, 0x0) 378.33231ms ago: executing program 6 (id=4338): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x5c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_DATA_TYPE={0x8, 0x6, 0x1, 0x0, 0xffffff00}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x18}, @NFTA_SET_EXPR={0x10, 0x11, 0x0, 0x1, @last={{0x9}, @void}}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_DATA={0x4}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xe4}}, 0x0) 354.77583ms ago: executing program 4 (id=4339): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) sendmsg$inet(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000300)="bebec4cc9d", 0x5}, {0x0}], 0x2}, 0x400) 351.42811ms ago: executing program 5 (id=4340): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_opts(r0, 0x0, 0x18, &(0x7f0000000000)="0e", 0x1) 142.113088ms ago: executing program 7 (id=4341): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000fc0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x34, 0x4, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, @range={{0xa}, @val={0x20, 0x2, 0x0, 0x1, [@NFTA_RANGE_TO_DATA={0x4}, @NFTA_RANGE_OP={0x8}, @NFTA_RANGE_SREG={0x8, 0x1, 0x1, 0x0, 0x15}, @NFTA_RANGE_FROM_DATA={0x8, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x4}]}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xd0}}, 0x0) 114.044234ms ago: executing program 3 (id=4342): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="700000001000010026bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="0221000000000000140003006e657464657673696d3000000000000008000a00", @ANYRES32=0x0, @ANYBLOB="34001680300001802c000c80140001000500edff300000003394000088a8000014"], 0x70}}, 0x24040800) 96.327742ms ago: executing program 1 (id=4343): r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt(r0, 0x1, 0x4, &(0x7f00000001c0)=""/135, &(0x7f0000000180)=0x87) 50.780311ms ago: executing program 6 (id=4344): r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2) ioctl$VIDIOC_G_EXT_CTRLS(r0, 0xc0205649, &(0x7f00000000c0)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0x98f905, 0xffffffff, '\x00', @string=&(0x7f0000000100)=0x8f}}) 50.140585ms ago: executing program 4 (id=4345): r0 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x2, 0x800) ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r0, 0xc008551b, 0x0) 0s ago: executing program 5 (id=4346): r0 = landlock_create_ruleset(&(0x7f0000000000)={0x0, 0x3}, 0x10, 0x0) landlock_add_rule$LANDLOCK_RULE_NET_PORT(r0, 0x2, &(0x7f00000000c0)={0x3}, 0x0) kernel console output (not intermixed with test programs): -30 [ 344.760573][T15312] loop6: detected capacity change from 0 to 32768 [ 344.815512][T15273] (syz.4.2910,15273,1):ocfs2_local_alloc_slide_window:1317 ERROR: status = -30 [ 344.841531][T15273] (syz.4.2910,15273,1):ocfs2_reserve_local_alloc_bits:672 ERROR: status = -30 [ 344.881991][T15273] (syz.4.2910,15273,0):ocfs2_reserve_local_alloc_bits:710 ERROR: status = -30 [ 344.902284][T15312] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 344.961067][T15273] (syz.4.2910,15273,1):ocfs2_reserve_clusters_with_limit:1170 ERROR: status = -30 [ 344.970557][T15273] (syz.4.2910,15273,1):ocfs2_reserve_clusters_with_limit:1219 ERROR: status = -30 [ 344.981641][T15273] (syz.4.2910,15273,1):ocfs2_expand_inline_dir:2856 ERROR: status = -30 [ 344.990438][T15273] (syz.4.2910,15273,1):ocfs2_extend_dir:3203 ERROR: status = -30 [ 344.998445][T15273] (syz.4.2910,15273,1):ocfs2_prepare_dir_for_insert:4308 ERROR: status = -30 [ 345.009055][T15273] (syz.4.2910,15273,1):ocfs2_mknod:298 ERROR: status = -30 [ 345.017966][T15273] (syz.4.2910,15273,1):ocfs2_mknod:502 ERROR: status = -30 [ 345.040147][T15312] XFS (loop6): Ending clean mount [ 345.106835][T15312] XFS (loop6): Quotacheck needed: Please wait. [ 345.198158][ T5831] (syz-executor,5831,1):ocfs2_inode_is_valid_to_delete:886 ERROR: Skipping delete of system file 72 [ 345.255061][T15312] XFS (loop6): Quotacheck: Done. [ 345.294558][ T5831] ocfs2: Unmounting device (7,4) on (node local) [ 345.582895][T14442] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 345.694260][T15395] loop1: detected capacity change from 0 to 256 [ 345.753131][T15395] exfat: Deprecated parameter 'namecase' [ 345.795812][T15395] exfat: Deprecated parameter 'namecase' [ 345.850140][T15395] exfat: Deprecated parameter 'namecase' [ 345.945275][T15395] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x079995a4, utbl_chksum : 0xe619d30d) [ 346.361243][T15421] netlink: 252 bytes leftover after parsing attributes in process `syz.4.2944'. [ 346.534726][T15359] loop5: detected capacity change from 0 to 40427 [ 346.584861][T15359] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 346.629988][T15359] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 346.707221][T15359] F2FS-fs (loop5): invalid crc value [ 347.114195][T15359] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 347.123578][T15479] loop4: detected capacity change from 0 to 64 [ 347.164422][T15359] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 347.331870][T15485] loop3: detected capacity change from 0 to 1024 [ 347.354219][ T30] audit: type=1800 audit(2000000080.359:2292): pid=15359 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2928" name="file0" dev="loop5" ino=10 res=0 errno=0 [ 347.545295][T15485] syz.3.2953: attempt to access beyond end of device [ 347.545295][T15485] loop3: rw=0, sector=201326592, nr_sectors = 2 limit=1024 [ 347.576708][T15485] Buffer I/O error on dev loop3, logical block 100663296, async page read [ 347.614238][T15485] hfsplus: unable to mark blocks free: error -5 [ 347.620677][T15485] hfsplus: can't free extent [ 347.660385][T15502] loop4: detected capacity change from 0 to 256 [ 347.821143][T15502] FAT-fs (loop4): error, fat_free_clusters: deleting FAT entry beyond EOF [ 348.239491][T15524] loop2: detected capacity change from 0 to 2048 [ 348.309953][T15524] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 348.347864][T15536] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2964'. [ 348.364113][T15524] syz.2.2963: attempt to access beyond end of device [ 348.364113][T15524] loop2: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 348.366936][T15537] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 348.421982][T15536] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2964'. [ 348.444748][T15536] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 348.538774][T15524] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 348.627888][T15524] Remounting filesystem read-only [ 348.686628][T15524] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 348.735421][T15524] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 348.786750][ T30] audit: type=1800 audit(2000000081.819:2293): pid=15524 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2963" name="file3" dev="loop2" ino=16 res=0 errno=0 [ 348.888677][T15560] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2971'. [ 349.028922][T15563] netlink: 92 bytes leftover after parsing attributes in process `syz.6.2973'. [ 349.073451][T15565] loop5: detected capacity change from 0 to 256 [ 349.535805][T15586] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 349.719699][T15597] loop6: detected capacity change from 0 to 1024 [ 349.792436][T15597] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 350.043339][ T30] audit: type=1800 audit(2000000083.069:2294): pid=15620 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2986" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 350.063979][ C0] vkms_vblank_simulate: vblank timer overrun [ 350.189542][T14442] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 350.415423][T15639] loop5: detected capacity change from 0 to 1764 [ 351.536463][ T24] usb 6-1: new high-speed USB device number 23 using dummy_hcd [ 351.726393][ T24] usb 6-1: Using ep0 maxpacket: 8 [ 351.754470][ T24] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 351.784433][ T24] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 351.862693][ T24] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 351.914398][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 351.954020][T15717] netlink: 'syz.3.3009': attribute type 10 has an invalid length. [ 351.963246][ T24] usb 6-1: SerialNumber: syz [ 352.004974][ T24] cdc_acm 6-1:1.0: skipping garbage [ 352.010242][ T24] cdc_acm 6-1:1.0: Control and data interfaces are not separated! [ 352.038267][T15717] macvlan1: entered allmulticast mode [ 352.060924][T15717] veth1_vlan: entered allmulticast mode [ 352.080695][ T24] cdc_acm 6-1:1.0: This needs exactly 3 endpoints [ 352.104213][ T24] cdc_acm 6-1:1.0: probe with driver cdc_acm failed with error -22 [ 352.165268][T15717] team0: Port device macvlan1 added [ 352.208578][T15655] loop1: detected capacity change from 0 to 32768 [ 352.241571][ T24] usb 6-1: USB disconnect, device number 23 [ 352.278314][T15655] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2994 (15655) [ 352.316070][T15661] loop2: detected capacity change from 0 to 32768 [ 352.375180][T15661] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.2995 (15661) [ 352.376220][T15655] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 352.472614][T15655] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 352.485178][T15661] BTRFS info (device loop2 state S): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 352.527163][T15655] BTRFS info (device loop1): disk space caching is enabled [ 352.537143][T15661] BTRFS info (device loop2 state S): using crc32c (crc32c-x86_64) checksum algorithm [ 352.580643][T15655] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 352.594243][T15661] BTRFS info (device loop2 state S): using free-space-tree [ 352.843563][ T36] BTRFS warning (device loop2 state S): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0xbeadaddc level 0, ignored [ 352.914950][ T36] BTRFS warning (device loop2 state S): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0x32c165c1 level 0, ignored [ 352.994529][T15782] loop4: detected capacity change from 0 to 2048 [ 353.041325][T15655] BTRFS info (device loop1): rebuilding free space tree [ 353.177073][T15782] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 353.213633][T15655] BTRFS info (device loop1): disabling free space tree [ 353.263712][T15782] ext4 filesystem being mounted at /492/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 353.264453][T15655] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 353.378984][T15655] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 353.542589][ T5827] BTRFS info (device loop2 state S): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 353.635257][ T5831] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 353.736754][T15655] BTRFS info (device loop1): balance: start -sstripes=0..32767 [ 353.891955][T15655] BTRFS info (device loop1): relocating block group 1048576 flags system [ 354.214920][T15847] syz_tun: refused to change device tx_queue_len [ 354.314225][T15655] BTRFS info (device loop1): balance: ended with status: 0 [ 354.630544][ T5843] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 355.179884][T15892] netlink: 684 bytes leftover after parsing attributes in process `syz.2.3039'. [ 355.217886][T15892] netlink: 684 bytes leftover after parsing attributes in process `syz.2.3039'. [ 355.597052][T15905] xt_CT: You must specify a L4 protocol and not use inversions on it [ 355.674372][T15901] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 356.080394][T15840] loop4: detected capacity change from 0 to 40427 [ 356.090136][ T5828] Bluetooth: hci0: unexpected event for opcode 0x043d [ 356.139454][T15840] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 356.195806][T15840] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 356.246745][T15840] F2FS-fs (loop4): invalid crc value [ 356.381927][T15840] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 356.493571][T15948] netlink: 'syz.1.3054': attribute type 11 has an invalid length. [ 356.553202][T15948] netlink: 'syz.1.3054': attribute type 5 has an invalid length. [ 356.727180][T15840] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 356.734448][T15840] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 357.543907][T15998] netlink: 232 bytes leftover after parsing attributes in process `syz.2.3071'. [ 357.945863][T15959] loop6: detected capacity change from 0 to 32768 [ 357.995692][T15959] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.3057 (15959) [ 358.108869][T15959] BTRFS info (device loop6): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 358.190571][T15959] BTRFS info (device loop6): using xxhash64 (xxhash64-generic) checksum algorithm [ 358.241259][T15959] BTRFS info (device loop6): disk space caching is enabled [ 358.284921][T15959] BTRFS warning (device loop6): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 358.592073][T15987] loop5: detected capacity change from 0 to 32768 [ 358.675986][T15959] BTRFS info (device loop6): rebuilding free space tree [ 358.706481][T15987] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 358.734037][T16064] bridge0: port 3(batadv0) entered blocking state [ 358.758036][T15959] BTRFS info (device loop6): disabling free space tree [ 358.808421][T15959] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 358.828660][T16064] bridge0: port 3(batadv0) entered disabled state [ 358.842576][T15959] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 358.866444][T16064] batadv0: entered allmulticast mode [ 358.916090][T16064] batadv0: entered promiscuous mode [ 358.938757][T16012] loop3: detected capacity change from 0 to 32768 [ 358.964654][T16012] (syz.3.3075,16012,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 358.980782][T16064] bridge0: port 3(batadv0) entered blocking state [ 358.984745][T16012] (syz.3.3075,16012,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 358.987436][T16064] bridge0: port 3(batadv0) entered forwarding state [ 359.046394][T16012] JBD2: Ignoring recovery information on journal [ 359.062354][T15959] BTRFS info (device loop6): balance: start -f -sprofiles=data|metadata,usage=18446744069414584324,usage=4..4294967295,devid=0,drange=4398046511104..0,vrange=0..8589934592,limit=2194728304445,stripes=260..255 [ 359.083457][T15959] BTRFS info (device loop6): balance: ended with status: 0 [ 359.227235][T15987] XFS (loop5): Ending clean mount [ 359.244515][T16012] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 359.274903][T14442] BTRFS info (device loop6): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 359.295366][T15987] XFS (loop5): Quotacheck needed: Please wait. [ 359.469204][T16088] loop1: detected capacity change from 0 to 1024 [ 359.480938][ T36] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 359.486810][T16091] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3089'. [ 359.491192][ T36] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 359.573882][T16083] "syz.2.3086" (16083) uses obsolete ecb(arc4) skcipher [ 359.594639][T15987] XFS (loop5): Quotacheck: Done. [ 359.810034][ T5823] ocfs2: Unmounting device (7,3) on (node local) [ 359.874463][ T13] hfsplus: b-tree write err: -5, ino 4 [ 359.901647][ T5837] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 360.167504][T16121] loop6: detected capacity change from 0 to 256 [ 360.175427][T16121] exfat: Deprecated parameter 'utf8' [ 360.404396][T16121] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d) [ 360.578086][T16138] loop2: detected capacity change from 0 to 256 [ 360.769028][T16138] FAT-fs (loop2): Directory bread(block 64) failed [ 360.781563][T16138] FAT-fs (loop2): Directory bread(block 65) failed [ 360.790241][T16138] FAT-fs (loop2): Directory bread(block 66) failed [ 360.812690][T16138] FAT-fs (loop2): Directory bread(block 67) failed [ 360.830015][T16147] hsr0: entered promiscuous mode [ 360.835498][T16138] FAT-fs (loop2): Directory bread(block 68) failed [ 360.871181][T16138] FAT-fs (loop2): Directory bread(block 69) failed [ 360.877966][T16147] hsr0: entered allmulticast mode [ 360.883034][T16147] hsr_slave_0: entered allmulticast mode [ 360.916872][T16138] FAT-fs (loop2): Directory bread(block 70) failed [ 360.923488][T16138] FAT-fs (loop2): Directory bread(block 71) failed [ 360.970169][T16147] hsr_slave_1: entered allmulticast mode [ 360.980292][T16138] FAT-fs (loop2): Directory bread(block 72) failed [ 361.041282][T16138] FAT-fs (loop2): Directory bread(block 73) failed [ 361.221162][T16138] FAT-fs (loop2): Filesystem has been set read-only [ 361.332167][T16167] nfs: Unknown parameter 'ntext' [ 361.575383][T16183] ubi31: attaching mtd0 [ 361.583431][T16183] ubi31: scanning is finished [ 361.610724][T16183] ubi31: empty MTD device detected [ 361.874393][T16183] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 361.934544][T16183] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 361.962973][T16183] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 362.003559][T16183] ubi31: VID header offset: 64 (aligned 64), data offset: 128 [ 362.033181][T16211] loop6: detected capacity change from 0 to 512 [ 362.060867][T16183] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 362.110030][T16183] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 362.150034][T16183] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2556279500 [ 362.200819][T16183] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 362.219429][T16200] ubi31: background thread "ubi_bgt31d" started, PID 16200 [ 362.230340][T16211] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 362.335423][T16211] ext4 filesystem being mounted at /39/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 362.390153][T16230] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3122'. [ 362.423788][T16211] Quota error (device loop6): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 362.489850][T16211] Quota error (device loop6): qtree_read_dquot: Can't read quota structure for id 0 [ 362.564609][T16211] EXT4-fs error (device loop6): ext4_acquire_dquot:6935: comm syz.6.3120: Failed to acquire dquot type 0 [ 362.919104][T14442] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 362.968891][T16256] loop4: detected capacity change from 0 to 256 [ 363.082281][T16256] FAT-fs (loop4): Directory bread(block 64) failed [ 363.139725][T16256] FAT-fs (loop4): Directory bread(block 65) failed [ 363.170579][T16256] FAT-fs (loop4): Directory bread(block 66) failed [ 363.214354][T16256] FAT-fs (loop4): Directory bread(block 67) failed [ 363.221151][T16256] FAT-fs (loop4): Directory bread(block 68) failed [ 363.278162][T16256] FAT-fs (loop4): Directory bread(block 69) failed [ 363.303095][T16256] FAT-fs (loop4): Directory bread(block 70) failed [ 363.331712][T16256] FAT-fs (loop4): Directory bread(block 71) failed [ 363.416321][T16256] FAT-fs (loop4): Directory bread(block 72) failed [ 363.434108][T16256] FAT-fs (loop4): Directory bread(block 73) failed [ 363.574983][T16294] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 363.665323][T16294] CIFS mount error: No usable UNC path provided in device string! [ 363.665323][T16294] [ 363.718797][T16294] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 364.120794][T16319] xt_bpf: check failed: parse error [ 364.133555][T16317] loop1: detected capacity change from 0 to 256 [ 364.585569][T16281] loop2: detected capacity change from 0 to 32768 [ 364.656988][T16281] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.3141 (16281) [ 364.804707][T16281] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 364.836875][T16281] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm [ 364.891922][T16281] BTRFS info (device loop2): disk space caching is enabled [ 364.924940][T16281] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 364.982740][T16367] loop3: detected capacity change from 0 to 256 [ 365.144478][T16281] BTRFS info (device loop2): rebuilding free space tree [ 365.271469][T16281] BTRFS info (device loop2): disabling free space tree [ 365.300315][T16281] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 365.362506][T16281] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 365.732744][ T5827] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 365.755871][T16419] loop5: detected capacity change from 0 to 2048 [ 365.795206][T16419] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=26504, location=26504 [ 365.960859][T16419] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 366.089084][T16444] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 366.202690][T16445] loop2: detected capacity change from 0 to 1024 [ 368.013243][T16457] loop4: detected capacity change from 0 to 32768 [ 368.126952][T16457] (syz.4.3188,16457,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 368.185552][T16457] (syz.4.3188,16457,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 368.311592][T16457] JBD2: Ignoring recovery information on journal [ 368.438863][T16457] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 368.516004][T16469] loop3: detected capacity change from 0 to 32768 [ 368.587102][T16469] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 368.763890][ T5831] ocfs2: Unmounting device (7,4) on (node local) [ 368.983058][T16585] netlink: 'syz.2.3220': attribute type 4 has an invalid length. [ 368.997515][T16469] XFS (loop3): Ending clean mount [ 369.021590][T16585] netlink: 152 bytes leftover after parsing attributes in process `syz.2.3220'. [ 369.046405][T16469] XFS (loop3): Quotacheck needed: Please wait. [ 369.151984][T16585] : renamed from bond0 (while UP) [ 369.234603][T16469] XFS (loop3): Quotacheck: Done. [ 369.385081][T16601] loop4: detected capacity change from 0 to 64 [ 369.394082][T16602] loop5: detected capacity change from 0 to 512 [ 369.432027][T16602] EXT4-fs: Ignoring removed orlov option [ 369.479246][ T5823] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 369.491553][T16601] syz.4.3218: attempt to access beyond end of device [ 369.491553][T16601] loop4: rw=0, sector=65534, nr_sectors = 2 limit=64 [ 369.535698][T16602] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 369.589894][T16602] ext4 filesystem being mounted at /609/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 369.604405][T16601] Buffer I/O error on dev loop4, logical block 32767, async page read [ 369.640515][T16601] syz.4.3218: attempt to access beyond end of device [ 369.640515][T16601] loop4: rw=0, sector=65534, nr_sectors = 2 limit=64 [ 369.688000][T16602] EXT4-fs error (device loop5): ext4_empty_dir:3080: inode #12: comm syz.5.3224: Directory hole found for htree leaf block 0 [ 369.724479][T16601] Buffer I/O error on dev loop4, logical block 32767, async page read [ 369.936098][T16628] mmap: syz.1.3232 (16628): VmData 37482496 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 369.985464][ T5837] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 370.233906][T16644] xt_AUDIT: Audit type out of range (valid range: 0..2) [ 370.309463][T16647] program syz.6.3236 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 370.604793][ T24] usb 2-1: new high-speed USB device number 22 using dummy_hcd [ 370.814337][ T24] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 370.823658][ T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 370.874319][ T24] usb 2-1: Product: syz [ 370.878552][ T24] usb 2-1: Manufacturer: syz [ 370.883166][ T24] usb 2-1: SerialNumber: syz [ 370.947163][ T24] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 370.993926][ T5965] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 371.458498][ T5918] usb 2-1: USB disconnect, device number 22 [ 371.617748][T16707] loop4: detected capacity change from 0 to 1764 [ 371.685567][T16711] loop3: detected capacity change from 0 to 1764 [ 371.765253][T16711] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 371.923217][T16667] loop6: detected capacity change from 0 to 32768 [ 372.006273][T16667] JBD2: Ignoring recovery information on journal [ 372.110363][T16680] loop5: detected capacity change from 0 to 32768 [ 372.177610][T16667] ocfs2: Mounting device (7,6) on (node local, slot 0) with writeback data mode. [ 372.272087][T16744] loop1: detected capacity change from 0 to 64 [ 372.284776][ T5965] usb 2-1: Service connection timeout for: 256 [ 372.310758][ T5965] ath9k_htc 2-1:1.0: ath9k_htc: Unable to initialize HTC services [ 372.344951][T16744] Bad inode number on dev loop1: 6 is out of range [ 372.352187][ T5965] ath9k_htc: Failed to initialize the device [ 372.377116][ T5918] usb 2-1: ath9k_htc: USB layer deinitialized [ 372.448394][T16750] loop3: detected capacity change from 0 to 2048 [ 372.487559][T16750] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 372.513426][T14442] ocfs2: Unmounting device (7,6) on (node local) [ 372.603171][T16766] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 373.065273][T16782] loop1: detected capacity change from 0 to 1764 [ 373.288324][T16793] loop5: detected capacity change from 0 to 1024 [ 373.796761][ T5965] usb 2-1: new high-speed USB device number 23 using dummy_hcd [ 373.824461][ T5918] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 374.001362][ T5965] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 374.021584][ T5918] usb 7-1: Using ep0 maxpacket: 16 [ 374.024755][ T5965] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0093, bcdDevice=23.5a [ 374.040722][ T5918] usb 7-1: config 0 has an invalid interface number: 105 but max is 0 [ 374.058472][ T5965] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 374.069734][ T5918] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 374.095642][ T5965] usb 2-1: Product: syz [ 374.099863][ T5965] usb 2-1: Manufacturer: syz [ 374.111670][ T5918] usb 7-1: config 0 has no interface number 0 [ 374.146674][ T5965] usb 2-1: SerialNumber: syz [ 374.159050][ T5918] usb 7-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28 [ 374.176186][ T5965] usb 2-1: config 0 descriptor?? [ 374.195706][ T5918] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 374.215082][ T5918] usb 7-1: Product: syz [ 374.219299][ T5918] usb 7-1: Manufacturer: syz [ 374.249597][ T5918] usb 7-1: SerialNumber: syz [ 374.284075][ T5918] usb 7-1: config 0 descriptor?? [ 374.415411][ T5965] usb 2-1: dvb_usb_v2: usb_bulk_msg() failed=-8 [ 374.450019][ T5965] dvb_usb_af9035 2-1:0.0: probe with driver dvb_usb_af9035 failed with error -8 [ 374.506231][ T5918] usb 7-1: Found UVC 0.00 device syz (046d:08d3) [ 374.508170][ T5965] usb 2-1: USB disconnect, device number 23 [ 374.512616][ T5918] usb 7-1: No valid video chain found. [ 374.608578][T16872] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3284'. [ 374.739761][ T5885] usb 7-1: USB disconnect, device number 2 [ 374.918268][T16895] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 375.217319][T16908] SET target dimension over the limit! [ 375.559132][T16925] loop2: detected capacity change from 0 to 256 [ 376.008560][T16951] loop5: detected capacity change from 0 to 2048 [ 376.077351][T16951] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 376.237787][ T5965] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 376.459048][ T5965] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 376.511197][ T5965] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 376.587466][ T5965] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 376.618910][ T5965] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 376.633741][T16989] loop5: detected capacity change from 0 to 2048 [ 376.697817][T16959] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 376.733357][ T5965] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 376.801282][ T5972] loop5: p1 < > p4 [ 376.849703][ T5972] loop5: p4 size 8388608 extends beyond EOD, truncated [ 376.911411][T16989] loop5: p1 < > p4 [ 376.969666][T16989] loop5: p4 size 8388608 extends beyond EOD, truncated [ 377.060045][ T5965] usb 5-1: USB disconnect, device number 18 [ 377.418328][ T5972] udevd[5972]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory [ 377.427916][ T5975] udevd[5975]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory [ 377.564613][T17064] netlink: 'syz.3.3328': attribute type 7 has an invalid length. [ 377.789162][ T5972] udevd[5972]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory [ 377.845628][ T5975] udevd[5975]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory [ 377.880709][T17070] bond1: entered promiscuous mode [ 377.907722][T17070] bond1: entered allmulticast mode [ 377.941540][T17070] 8021q: adding VLAN 0 to HW filter on device bond1 [ 377.981569][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 377.988345][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.179532][ T5885] usb 3-1: new high-speed USB device number 30 using dummy_hcd [ 378.396988][ T5885] usb 3-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 378.444771][ T5885] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 378.496477][ T5885] usb 3-1: config 0 descriptor?? [ 378.719592][ T5885] usb 3-1: Cannot read MAC address [ 378.739854][ T5885] MOSCHIP usb-ethernet driver 3-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71 [ 378.801469][ T5885] usb 3-1: USB disconnect, device number 30 [ 378.849641][T17170] kAFS: unable to lookup cell 'sy@0' [ 379.146250][T17195] netlink: 200 bytes leftover after parsing attributes in process `syz.4.3354'. [ 379.374826][ T5965] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 379.590266][ T5965] usb 2-1: too many configurations: 38, using maximum allowed: 8 [ 379.650921][ T5965] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 379.674253][ T5965] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 379.701213][ T5965] usb 2-1: Product: syz [ 379.733172][ T5965] usb 2-1: Manufacturer: syz [ 379.774323][ T5965] usb 2-1: SerialNumber: syz [ 379.820046][ T5965] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 379.848700][ T24] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 381.154466][T17278] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3381'. [ 381.857169][ T5965] usb 2-1: USB disconnect, device number 24 [ 381.871693][ T24] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 381.879341][ T24] ath9k_htc: Failed to initialize the device [ 381.915095][ T5965] usb 2-1: ath9k_htc: USB layer deinitialized [ 382.031567][T17304] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 382.111370][T17241] infiniband syz0: set active [ 382.145780][T17241] infiniband syz0: added bond_slave_1 [ 382.188972][T17241] syz0: rxe_create_cq: returned err = -12 [ 382.244712][T17241] infiniband syz0: Couldn't create ib_mad CQ [ 382.277494][T17241] infiniband syz0: Couldn't open port 1 [ 382.429901][T17322] --map-set only usable from mangle table [ 382.481592][T17241] RDS/IB: syz0: added [ 382.505813][T17241] smc: adding ib device syz0 with port count 1 [ 382.534509][T17241] smc: ib device syz0 port 1 has pnetid [ 382.653054][T17334] cgroup: Bad value for 'name' [ 383.237480][T17359] gre1: entered promiscuous mode [ 383.443253][T17370] loop1: detected capacity change from 0 to 512 [ 383.704023][T17370] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 383.767787][T17370] ext4 filesystem being mounted at /551/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 383.948739][ T5843] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 384.055977][T17335] loop6: detected capacity change from 0 to 32768 [ 384.262821][T17422] openvswitch: netlink: Actions may not be safe on all matching packets [ 384.398131][T17335] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): Using encoding defined by superblock: utf8-12.1.0 [ 384.441724][T17429] netlink: 'syz.1.3426': attribute type 5 has an invalid length. [ 384.522783][T17429] ip6erspan0: entered promiscuous mode [ 384.607506][T17335] bcachefs (loop6): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,recovery_pass_last=initialize_subvolumes,nojournal_transaction_names,read_only,reconstruct_alloc [ 384.607506][T17335] allowing incompatible features above 0.0: (unknown version) [ 384.717802][T17335] bcachefs (loop6): recovering from clean shutdown, journal seq 10 [ 384.758128][T17335] bcachefs (loop6): Version upgrade required: [ 384.758128][T17335] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 384.758128][T17335] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.25: extent_flags [ 384.758128][T17335] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 385.072483][T17335] bcachefs (loop6): dropping and reconstructing all alloc info [ 385.226266][T17335] bcachefs (loop6): accounting_read... done [ 385.322092][T17335] bcachefs (loop6): alloc_read... done [ 385.370299][T17335] bcachefs (loop6): done starting filesystem [ 385.675790][T14442] bcachefs (loop6): shutting down [ 385.693680][T17494] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3444'. [ 385.795195][T17495] loop1: detected capacity change from 0 to 1024 [ 385.842037][T17495] EXT4-fs: Ignoring removed nomblk_io_submit option [ 385.925448][T17495] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 385.942012][T14442] bcachefs (loop6): shutdown complete [ 385.990420][T17495] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 386.090587][T17512] bridge3: entered promiscuous mode [ 386.242966][T17520] openvswitch: netlink: Missing valid actions attribute. [ 386.271453][T17520] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 386.294499][ T5843] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 386.689071][T17537] netlink: 'syz.4.3455': attribute type 1 has an invalid length. [ 386.754246][T17537] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3455'. [ 387.689877][T17540] loop1: detected capacity change from 0 to 32768 [ 387.735641][T17540] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3456 (17540) [ 387.807196][T17563] loop2: detected capacity change from 0 to 2048 [ 387.836942][T17540] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 387.875065][T17540] BTRFS info (device loop1): using crc32c (crc32c-x86_64) checksum algorithm [ 387.893378][T17548] loop4: detected capacity change from 0 to 32768 [ 387.917763][T17548] (syz.4.3459,17548,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 387.954467][T17540] BTRFS info (device loop1): using free-space-tree [ 388.001181][T17563] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 388.002675][T17553] loop3: detected capacity change from 0 to 32768 [ 388.030520][T17548] (syz.4.3459,17548,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 388.072592][T17553] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.3461 (17553) [ 388.251095][T17553] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 388.271021][T17548] JBD2: Ignoring recovery information on journal [ 388.284233][T17553] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 388.292697][T17553] BTRFS info (device loop3): using free-space-tree [ 388.384059][ T5827] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 388.525507][T17548] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 388.775239][ T5843] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 388.916642][ T5831] ocfs2: Unmounting device (7,4) on (node local) [ 389.018203][ T5823] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 389.949705][ T30] audit: type=1326 audit(2000000122.969:2295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17651 comm="syz.3.3475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f171218e969 code=0x7ffc0000 [ 390.062409][T17661] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 390.099225][ T30] audit: type=1326 audit(2000000122.969:2296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17651 comm="syz.3.3475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f171218e969 code=0x7ffc0000 [ 390.134228][T17661] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 390.177768][T17661] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 390.197750][T17661] overlayfs: missing 'lowerdir' [ 390.236428][ T30] audit: type=1326 audit(2000000122.979:2297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17651 comm="syz.3.3475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=235 compat=0 ip=0x7f171218e969 code=0x7ffc0000 [ 390.386455][ T30] audit: type=1326 audit(2000000122.979:2298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17651 comm="syz.3.3475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f171218e969 code=0x7ffc0000 [ 390.501276][ T30] audit: type=1326 audit(2000000122.979:2299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17651 comm="syz.3.3475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f171218e969 code=0x7ffc0000 [ 391.128518][T17687] loop2: detected capacity change from 0 to 4096 [ 391.147625][T17687] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 391.175055][T17693] loop6: detected capacity change from 0 to 1024 [ 391.178059][T17699] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3489'. [ 391.248295][T17699] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3489'. [ 391.267003][T17647] loop4: detected capacity change from 0 to 32768 [ 391.281633][T17647] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3467 (17647) [ 391.309150][T17693] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 391.375192][T17647] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 391.389847][T17687] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 391.427824][T17647] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm [ 391.464974][T17647] BTRFS info (device loop4): disk space caching is enabled [ 391.483941][T14442] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 391.524213][T17647] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 391.990063][T17647] BTRFS info (device loop4): rebuilding free space tree [ 392.125188][T17647] BTRFS info (device loop4): disabling free space tree [ 392.132279][T17647] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 392.184390][T17647] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 392.354803][T17763] loop3: detected capacity change from 0 to 512 [ 392.375831][T17763] EXT4-fs (loop3): Test dummy encryption mode enabled [ 392.414267][T17763] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 392.453152][T17763] EXT4-fs (loop3): 1 truncate cleaned up [ 392.490257][T17763] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 392.612997][ T5831] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 392.696903][T17763] EXT4-fs error (device loop3): ext4_search_dir:1476: inode #2: block 13: comm syz.3.3500: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=16, rec_len=0, size=1024 fake=0 [ 392.796578][T17763] EXT4-fs (loop3): Remounting filesystem read-only [ 392.815258][T17776] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 392.822148][T17776] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 392.895065][T17776] vhci_hcd vhci_hcd.0: Device attached [ 392.986534][ T5823] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 393.026842][ T24] usb 3-1: new high-speed USB device number 31 using dummy_hcd [ 393.067207][ T5965] vhci_hcd: vhci_device speed not set [ 393.175397][ T5965] usb 37-1: new full-speed USB device number 2 using vhci_hcd [ 393.242511][ T24] usb 3-1: Using ep0 maxpacket: 8 [ 393.261458][ T24] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 393.341777][ T24] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x93, changing to 0x83 [ 393.373913][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 393.463280][T17762] loop1: detected capacity change from 0 to 32768 [ 393.466131][ T24] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 393.547268][ T24] usb 3-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e [ 393.580879][ T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 393.589122][T17762] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3501 (17762) [ 393.640180][ T24] usb 3-1: Product: syz [ 393.660188][ T24] usb 3-1: Manufacturer: syz [ 393.681326][T17810] loop5: detected capacity change from 0 to 512 [ 393.701866][ T24] usb 3-1: SerialNumber: syz [ 393.730226][T17814] loop6: detected capacity change from 0 to 256 [ 393.740580][ T24] usb 3-1: config 0 descriptor?? [ 393.797811][T17762] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 393.804377][T17810] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 393.869528][ T24] input: iMON Panel, Knob and Mouse(15c2:003b) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input20 [ 393.874265][T17762] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 393.884801][T17814] FAT-fs (loop6): Directory bread(block 1285) failed [ 394.004676][T17762] BTRFS info (device loop1): using free-space-tree [ 394.020469][T17810] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 394.064353][T17814] FAT-fs (loop6): Directory bread(block 1286) failed [ 394.071089][T17814] FAT-fs (loop6): Directory bread(block 1287) failed [ 394.118158][T17779] vhci_hcd: connection reset by peer [ 394.125815][ T24] imon:send_packet: packet tx failed (-71) [ 394.134832][T17810] ext4 filesystem being mounted at /635/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 394.164599][ T24] imon 3-1:0.0: panel buttons/knobs setup failed [ 394.220474][ T1158] vhci_hcd: stop threads [ 394.229988][T17848] loop3: detected capacity change from 0 to 64 [ 394.289420][ T1158] vhci_hcd: release socket [ 394.294338][T17814] FAT-fs (loop6): Directory bread(block 1288) failed [ 394.301077][T17814] FAT-fs (loop6): Directory bread(block 1289) failed [ 394.320904][ T1158] vhci_hcd: disconnect device [ 394.331825][T17814] FAT-fs (loop6): Directory bread(block 1290) failed [ 394.391325][T17814] FAT-fs (loop6): Directory bread(block 1291) failed [ 394.395943][T17846] loop4: detected capacity change from 0 to 2048 [ 394.448571][ T24] rc_core: IR keymap rc-imon-pad not found [ 394.483027][T17848] Trying to free block not in datazone [ 394.505054][T17814] FAT-fs (loop6): Directory bread(block 1292) failed [ 394.506648][ T24] Registered IR keymap rc-empty [ 394.512194][T17846] EXT4-fs (loop4): stripe (8) is not aligned with cluster size (16), stripe is disabled [ 394.532421][T17814] FAT-fs (loop6): Directory bread(block 1293) failed [ 394.532898][ T24] imon 3-1:0.0: Looks like you're trying to use an IR protocol this device does not support [ 394.569870][T17848] Trying to free block not in datazone [ 394.572768][T17814] FAT-fs (loop6): Directory bread(block 1294) failed [ 394.624381][T17848] Trying to free block not in datazone [ 394.659300][T17848] Trying to free block not in datazone [ 394.674310][T17848] minix_free_block (loop3:6): bit already cleared [ 394.674494][ T24] imon 3-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol [ 394.683939][T17846] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 394.737175][ T24] imon:send_packet: packet tx failed (-71) [ 394.743323][T17762] BTRFS info (device loop1): rebuilding free space tree [ 394.748339][T17848] Trying to free block not in datazone [ 394.758919][ T24] imon 3-1:0.0: remote input dev register failed [ 394.814407][ T24] imon 3-1:0.0: imon_init_intf0: rc device setup failed [ 394.825297][ T5837] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 394.834945][T17848] Trying to free block not in datazone [ 394.901255][T17846] EXT4-fs error (device loop4): ext4_find_extent:902: inode #2: comm syz.4.3516: inode has invalid extent depth: 6 [ 395.071334][ T24] imon 3-1:0.0: unable to initialize intf0, err 0 [ 395.104211][ T24] imon:imon_probe: failed to initialize context! [ 395.120580][ T24] imon 3-1:0.0: unable to register, err -19 [ 395.158427][ T5831] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 395.167229][T17872] netlink: 48 bytes leftover after parsing attributes in process `syz.5.3518'. [ 395.192969][ T24] usb 3-1: USB disconnect, device number 31 [ 395.298467][ T5843] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 395.599891][T17898] 9pnet_fd: p9_fd_create_tcp (17898): problem connecting socket to 127.0.0.1 [ 395.711233][T17906] loop2: detected capacity change from 0 to 256 [ 395.755431][T17906] exfat: Deprecated parameter 'namecase' [ 395.792096][T17906] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 395.806159][ T30] audit: type=1326 audit(2000000128.819:2300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17908 comm="syz.5.3528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a4978e969 code=0x7ffc0000 [ 395.927144][ T30] audit: type=1326 audit(2000000128.839:2301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17908 comm="syz.5.3528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a4978e969 code=0x7ffc0000 [ 396.083252][ T30] audit: type=1326 audit(2000000128.869:2302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17908 comm="syz.5.3528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=75 compat=0 ip=0x7f4a4978e969 code=0x7ffc0000 [ 396.204598][ T30] audit: type=1326 audit(2000000128.869:2303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17908 comm="syz.5.3528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a4978e969 code=0x7ffc0000 [ 396.321166][ T30] audit: type=1326 audit(2000000128.869:2304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17908 comm="syz.5.3528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a4978e969 code=0x7ffc0000 [ 396.604349][T17945] netlink: 'syz.4.3538': attribute type 4 has an invalid length. [ 397.162585][ T1158] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 397.397846][ T1158] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 397.608516][ T1158] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 397.620355][T17987] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3551'. [ 397.620409][T17987] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3551'. [ 397.839702][T17972] loop4: detected capacity change from 0 to 32768 [ 397.846406][ T5918] usb 6-1: new high-speed USB device number 24 using dummy_hcd [ 397.939963][T17972] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3547 (17972) [ 397.987111][T17972] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 398.028742][T17972] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm [ 398.058823][ T1158] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 398.069556][T17972] BTRFS info (device loop4): disk space caching is enabled [ 398.097144][ T5918] usb 6-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 398.097971][T17972] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 398.120890][T18003] loop6: detected capacity change from 0 to 1764 [ 398.127779][ T5918] usb 6-1: New USB device strings: Mfr=9, Product=2, SerialNumber=3 [ 398.127809][ T5918] usb 6-1: Product: syz [ 398.127827][ T5918] usb 6-1: Manufacturer: syz [ 398.127845][ T5918] usb 6-1: SerialNumber: syz [ 398.144284][ T5918] usb 6-1: config 0 descriptor?? [ 398.354371][ T5965] vhci_hcd: vhci_device speed not set [ 398.484828][ T5918] hso 6-1:0.0: Failed to find BULK IN ep [ 398.533989][ T5918] usb-storage 6-1:0.0: USB Mass Storage device detected [ 398.556318][T17972] BTRFS info (device loop4): rebuilding free space tree [ 398.668784][T18039] loop1: detected capacity change from 0 to 64 [ 398.695610][ T5918] usb 6-1: USB disconnect, device number 24 [ 398.726654][T17972] BTRFS info (device loop4): disabling free space tree [ 398.767680][T17972] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 398.800393][T17972] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 398.872153][ T5824] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 398.890480][ T5824] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 398.899678][ T5824] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 398.915578][ T5824] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 398.926716][ T5824] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 399.154281][ T1158] batadv0: left allmulticast mode [ 399.155758][T17972] BTRFS info (device loop4): balance: start -sstripes=0..32767 [ 399.159692][ T1158] batadv0: left promiscuous mode [ 399.209184][T17972] BTRFS info (device loop4): relocating block group 1048576 flags system [ 399.253021][ T1158] bridge0: port 3(batadv0) entered disabled state [ 399.283432][ T30] audit: type=1326 audit(2000000132.309:2305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18086 comm="syz.1.3565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd88e78e969 code=0x7ffc0000 [ 399.414573][ T30] audit: type=1326 audit(2000000132.309:2306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18086 comm="syz.1.3565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd88e78e969 code=0x7ffc0000 [ 399.462867][ T1158] bridge_slave_1: left allmulticast mode [ 399.510054][ T1158] bridge_slave_1: left promiscuous mode [ 399.529583][ T1158] bridge0: port 2(bridge_slave_1) entered disabled state [ 399.539825][T17972] BTRFS info (device loop4): balance: ended with status: 0 [ 399.554624][ T30] audit: type=1326 audit(2000000132.339:2307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18086 comm="syz.1.3565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=93 compat=0 ip=0x7fd88e78e969 code=0x7ffc0000 [ 399.633342][T18104] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 399.644440][ T1158] bridge_slave_0: left allmulticast mode [ 399.669902][ T1158] bridge_slave_0: left promiscuous mode [ 399.672679][T18105] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3571'. [ 399.678868][ T30] audit: type=1326 audit(2000000132.339:2308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18086 comm="syz.1.3565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd88e78e969 code=0x7ffc0000 [ 399.716849][ T1158] bridge0: port 1(bridge_slave_0) entered disabled state [ 399.758389][ T30] audit: type=1326 audit(2000000132.339:2309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18086 comm="syz.1.3565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd88e78e969 code=0x7ffc0000 [ 399.789665][ T5831] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 400.232001][T18122] loop1: detected capacity change from 0 to 1024 [ 400.881146][T18145] Scaler: ================= START STATUS ================= [ 400.904218][T18145] Scaler: ================== END STATUS ================== [ 401.015599][ T5824] Bluetooth: hci1: command tx timeout [ 401.052573][T18151] netlink: 'syz.1.3585': attribute type 7 has an invalid length. [ 401.098498][T18151] netlink: 'syz.1.3585': attribute type 5 has an invalid length. [ 401.121451][T18151] netlink: 17 bytes leftover after parsing attributes in process `syz.1.3585'. [ 401.386005][ T1158]  (unregistering): (slave bond_slave_0): Releasing backup interface [ 401.399527][ T1158]  (unregistering): (slave bond_slave_1): Releasing backup interface [ 401.412051][ T1158]  (unregistering): Released all slaves [ 401.755209][T18172] netlink: 'syz.5.3588': attribute type 21 has an invalid length. [ 401.756464][T18166] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3589'. [ 401.763065][T18172] netlink: 128 bytes leftover after parsing attributes in process `syz.5.3588'. [ 401.763138][T18172] netlink: 3 bytes leftover after parsing attributes in process `syz.5.3588'. [ 401.853960][ T1158] IPVS: stopping backup sync thread 14308 ... [ 402.316966][T18194] loop1: detected capacity change from 0 to 512 [ 402.353044][T18194] EXT4-fs: Ignoring removed i_version option [ 402.417664][T18194] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 402.490932][T18194] EXT4-fs (loop1): 1 truncate cleaned up [ 402.501609][T18194] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 402.511319][T18159] loop3: detected capacity change from 0 to 32768 [ 402.678142][T18159] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 402.695918][ T5843] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 403.002954][T18159] XFS (loop3): Ending clean mount [ 403.084346][ T5824] Bluetooth: hci1: command tx timeout [ 403.371063][ T5823] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 404.643255][ T1158] hsr_slave_0: left promiscuous mode [ 404.695654][ T1158] hsr_slave_1: left promiscuous mode [ 404.733977][ T1158] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 404.756051][ T1158] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 404.784995][T18389] tmpfs: Bad value for 'mpol' [ 404.802255][ T1158] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 404.834270][ T1158] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 404.922386][T18254] loop6: detected capacity change from 0 to 32768 [ 405.001784][T18254] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.3606 (18254) [ 405.117543][ T1158] veth1_macvtap: left promiscuous mode [ 405.149170][T18254] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 405.153425][T18402] loop4: detected capacity change from 0 to 1024 [ 405.174348][ T1158] veth0_macvtap: left promiscuous mode [ 405.184415][ T5824] Bluetooth: hci1: command tx timeout [ 405.200921][ T1158] veth1_vlan: left promiscuous mode [ 405.218511][T18254] BTRFS info (device loop6): using sha256 (sha256-ni) checksum algorithm [ 405.241236][T18254] BTRFS info (device loop6): disk space caching is enabled [ 405.294495][T18254] BTRFS warning (device loop6): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 405.564973][T18254] BTRFS info (device loop6): rebuilding free space tree [ 405.607579][T18294] loop1: detected capacity change from 0 to 32768 [ 405.626426][T18254] BTRFS info (device loop6): disabling free space tree [ 405.659148][T18254] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 405.685250][T18288] loop5: detected capacity change from 0 to 32768 [ 405.695955][T18254] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 405.789853][T18288] ea_get: invalid extended attribute [ 406.191537][T14442] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 406.857881][T18461] loop1: detected capacity change from 0 to 1764 [ 407.015140][T18471] Cannot find add_set index 1026 as target [ 407.262024][ T5824] Bluetooth: hci1: command tx timeout [ 407.555413][T18491] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3635'. [ 407.566969][T18485] loop1: detected capacity change from 0 to 4096 [ 407.609909][T18489] loop5: detected capacity change from 0 to 4096 [ 407.629954][T18489] ntfs3(loop5): try to read out of volume at offset 0x3fffffc0c00 [ 407.639562][T18489] ntfs3(loop5): try to read out of volume at offset 0x3fffffc0c00 [ 407.663082][T18489] ntfs3(loop5): try to read out of volume at offset 0x3fffffc0c00 [ 407.675130][T18489] ntfs3(loop5): try to read out of volume at offset 0x3fffffc0c00 [ 407.687501][T18489] ntfs3(loop5): try to read out of volume at offset 0x3fffffc1c00 [ 407.703618][T18489] ntfs3(loop5): try to read out of volume at offset 0x3fffffc2c00 [ 407.712505][T18489] ntfs3(loop5): try to read out of volume at offset 0x3fffffc4c00 [ 407.720813][T18489] ntfs3(loop5): try to read out of volume at offset 0x3fffffc8c00 [ 407.744028][T18489] ntfs3(loop5): try to read out of volume at offset 0x3fffffd0c00 [ 407.762296][T18489] ntfs3(loop5): try to read out of volume at offset 0x3fffffe0c00 [ 408.132292][T18506] netlink: 'syz.1.3638': attribute type 2 has an invalid length. [ 408.193369][T18506] netlink: 244 bytes leftover after parsing attributes in process `syz.1.3638'. [ 408.338766][ T1158] team0 (unregistering): Port device team_slave_1 removed [ 408.452053][ T1158] team0 (unregistering): Port device team_slave_0 removed [ 408.679318][T18519] netlink: 1041 bytes leftover after parsing attributes in process `syz.1.3642'. [ 409.033038][T18529] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3645'. [ 409.211555][T18532] loop1: detected capacity change from 0 to 4096 [ 409.235081][T18532] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 409.354374][T18532] ntfs3(loop1): Failed to initialize $Extend/$Reparse. [ 409.572514][T18062] chnl_net:caif_netlink_parms(): no params data found [ 409.770717][T18570] loop5: detected capacity change from 0 to 256 [ 409.881649][T18570] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 409.928491][T18570] FAT-fs (loop5): Filesystem has been set read-only [ 409.954926][T18570] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 410.059854][T18570] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 410.092204][ T30] kauditd_printk_skb: 5 callbacks suppressed [ 410.092223][ T30] audit: type=1800 audit(2000000143.119:2315): pid=18570 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.3651" name="file1" dev="loop5" ino=1048651 res=0 errno=0 [ 410.150806][T18614] netlink: zone id is out of range [ 410.160175][T18614] netlink: zone id is out of range [ 410.448672][T18062] bridge0: port 1(bridge_slave_0) entered blocking state [ 410.466919][T18637] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3657'. [ 410.496993][T18062] bridge0: port 1(bridge_slave_0) entered disabled state [ 410.516785][T18651] loop3: detected capacity change from 0 to 8 [ 410.524618][T18062] bridge_slave_0: entered allmulticast mode [ 410.582584][T18062] bridge_slave_0: entered promiscuous mode [ 410.810854][T18637] bond2: entered promiscuous mode [ 410.828029][T18637] bond2: entered allmulticast mode [ 410.855618][T18637] 8021q: adding VLAN 0 to HW filter on device bond2 [ 410.911310][T18062] bridge0: port 2(bridge_slave_1) entered blocking state [ 410.962642][T18062] bridge0: port 2(bridge_slave_1) entered disabled state [ 410.998695][T18062] bridge_slave_1: entered allmulticast mode [ 411.020150][T18062] bridge_slave_1: entered promiscuous mode [ 411.227961][T18706] A link change request failed with some changes committed already. Interface xfrm0 may have been left with an inconsistent configuration, please check. [ 411.547186][T18062] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 411.630200][T18062] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 411.792740][T18770] netlink: 48 bytes leftover after parsing attributes in process `syz.6.3674'. [ 411.972634][T18062] team0: Port device team_slave_0 added [ 411.999833][T18062] team0: Port device team_slave_1 added [ 412.212243][T18826] loop6: detected capacity change from 0 to 512 [ 412.237058][T18826] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 412.281601][T18062] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 412.303838][T18062] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 412.335444][T18062] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 412.351732][T18826] EXT4-fs (loop6): 1 orphan inode deleted [ 412.360708][T18062] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 412.368460][T18826] EXT4-fs (loop6): 1 truncate cleaned up [ 412.376546][T18826] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 412.388849][T18062] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 412.414885][ C1] vkms_vblank_simulate: vblank timer overrun [ 412.422085][T18062] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 412.450112][T18826] EXT4-fs error (device loop6): ext4_search_dir:1476: inode #12: block 7: comm syz.6.3678: bad entry in directory: directory entry overrun - offset=0, inode=13, rec_len=784, size=56 fake=0 [ 412.643413][T14442] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 412.653344][T18774] Bluetooth: hci0: Opcode 0x080f failed: -4 [ 412.654733][T18062] hsr_slave_0: entered promiscuous mode [ 412.702593][T18062] hsr_slave_1: entered promiscuous mode [ 413.438859][T18948] loop4: detected capacity change from 0 to 512 [ 413.545420][T18948] EXT4-fs: Ignoring removed orlov option [ 413.605072][T18948] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 413.686221][T18948] EXT4-fs (loop4): orphan cleanup on readonly fs [ 413.698965][T18978] loop5: detected capacity change from 0 to 64 [ 413.716764][T18948] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3688: bg 0: block 248: padding at end of block bitmap is not set [ 413.753706][T18948] Quota error (device loop4): write_blk: dquota write failed [ 413.773967][T18948] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 413.815923][ T5885] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 413.844396][T18948] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.3688: Failed to acquire dquot type 1 [ 413.897260][ T5824] Bluetooth: hci0: command 0x0406 tx timeout [ 413.926640][T18948] EXT4-fs (loop4): 1 truncate cleaned up [ 413.946694][T18948] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 413.984227][ T5885] usb 2-1: Using ep0 maxpacket: 32 [ 413.993589][ T5885] usb 2-1: config 2 has an invalid interface number: 1 but max is 0 [ 414.010795][ T5885] usb 2-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config [ 414.053878][T18948] EXT4-fs: Ignoring removed orlov option [ 414.083722][ T5885] usb 2-1: config 2 has 2 interfaces, different from the descriptor's value: 1 [ 414.094607][T18948] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 414.137638][T18062] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 414.146055][ T5885] usb 2-1: New USB device found, idVendor=22b8, idProduct=2d97, bcdDevice=51.64 [ 414.173987][ T5885] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 414.194516][T18948] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 414.226955][ T5885] usb 2-1: Product: syz [ 414.231175][ T5885] usb 2-1: Manufacturer: syz [ 414.244218][T18948] EXT4-fs warning (device loop4): read_mmp_block:115: Error -117 while reading MMP block 0 [ 414.264260][ T5885] usb 2-1: SerialNumber: syz [ 414.270962][T18062] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 414.346512][T18926] loop3: detected capacity change from 0 to 32768 [ 414.370142][T18926] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.3685 (18926) [ 414.383198][ T5885] cdc_acm 2-1:2.1: probe with driver cdc_acm failed with error -22 [ 414.413979][T18062] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 414.436680][ T5885] cdc_acm 2-1:2.0: probe with driver cdc_acm failed with error -22 [ 414.467047][ T5831] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 414.483767][T18926] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 414.498871][T18926] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 414.511441][T18926] BTRFS info (device loop3): using free-space-tree [ 414.543601][T18062] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 414.553526][ T5885] usb 2-1: USB disconnect, device number 25 [ 414.835720][T18937] loop6: detected capacity change from 0 to 32768 [ 414.957117][T18937] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 415.262434][T18062] 8021q: adding VLAN 0 to HW filter on device bond0 [ 415.273105][ T5823] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 415.410061][T18062] 8021q: adding VLAN 0 to HW filter on device team0 [ 415.518273][ T1084] bridge0: port 1(bridge_slave_0) entered blocking state [ 415.525549][ T1084] bridge0: port 1(bridge_slave_0) entered forwarding state [ 415.574264][T18937] XFS (loop6): Ending clean mount [ 415.581821][ T1084] bridge0: port 2(bridge_slave_1) entered blocking state [ 415.589146][ T1084] bridge0: port 2(bridge_slave_1) entered forwarding state [ 415.665029][T18937] XFS (loop6): Quotacheck needed: Please wait. [ 415.900991][T18937] XFS (loop6): Quotacheck: Done. [ 415.966237][T18062] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 416.399033][T14442] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 416.452376][T19038] loop5: detected capacity change from 0 to 40427 [ 416.514450][T19099] netlink: 'syz.1.3705': attribute type 10 has an invalid length. [ 416.542752][T19099] netlink: 392 bytes leftover after parsing attributes in process `syz.1.3705'. [ 416.562283][T19038] F2FS-fs (loop5): invalid crc value [ 416.813408][T19095] loop4: detected capacity change from 0 to 4096 [ 416.918686][T19095] ntfs3(loop4): Different NTFS sector size (2048) and media sector size (512). [ 416.993557][T18062] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 417.053179][T19038] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 418.310313][T18062] veth0_vlan: entered promiscuous mode [ 418.402052][T18062] veth1_vlan: entered promiscuous mode [ 418.559406][T18062] veth0_macvtap: entered promiscuous mode [ 418.618650][T18062] veth1_macvtap: entered promiscuous mode [ 418.712168][T18062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 418.753982][T18062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 418.791847][T19127] loop1: detected capacity change from 0 to 32768 [ 418.814201][T18062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 418.861170][T19127] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3709 (19127) [ 418.891527][T18062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 418.912026][T18062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 418.944393][T18062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 418.967766][T19127] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 418.985328][T19127] BTRFS info (device loop1): using crc32c (crc32c-x86_64) checksum algorithm [ 418.999948][T18062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 419.005399][T19127] BTRFS info (device loop1): using free-space-tree [ 419.044434][T18062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 419.069351][T19140] loop3: detected capacity change from 0 to 32768 [ 419.075926][T18062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 419.088488][T18062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 419.105976][T18062] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 419.123551][T19140] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.3712 (19140) [ 419.137451][ T5941] usb 6-1: new high-speed USB device number 25 using dummy_hcd [ 419.177922][T18062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 419.233301][T18062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 419.254006][T19140] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 419.297432][T19127] BTRFS info (device loop1): rebuilding free space tree [ 419.314190][T18062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 419.334847][ T5941] usb 6-1: Using ep0 maxpacket: 32 [ 419.340429][T19140] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 419.365754][ T5941] usb 6-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=8a.0a [ 419.401233][ T5941] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 419.414562][T18062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 419.416295][T19140] BTRFS info (device loop3): using free-space-tree [ 419.454167][ T5941] usb 6-1: Product: syz [ 419.458964][T18062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 419.480106][ T5941] usb 6-1: Manufacturer: syz [ 419.484870][T19217] dlm: no locking on control device [ 419.514483][T18062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 419.541888][ T5941] usb 6-1: SerialNumber: syz [ 419.571910][T18062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 419.617804][T18062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 419.638316][ T5941] usb 6-1: config 0 descriptor?? [ 419.670571][T18062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 419.692806][T18062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 419.767608][T18062] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 419.797830][T18062] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 419.904353][T18062] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 419.913130][T18062] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 419.952083][ T5885] usb 6-1: USB disconnect, device number 25 [ 419.966634][T18062] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 420.172035][ T5843] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 420.217186][ T5823] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 420.261288][T19258] netlink: 72 bytes leftover after parsing attributes in process `syz.4.3728'. [ 420.359000][T19258] netlink: 72 bytes leftover after parsing attributes in process `syz.4.3728'. [ 420.691315][T19272] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3727'. [ 420.835970][T19272] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 42344 - 0 [ 420.874259][T19272] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 42344 - 0 [ 420.898155][T19272] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 42344 - 0 [ 420.942981][T19272] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 42344 - 0 [ 421.029127][T19272] geneve2: entered promiscuous mode [ 421.043654][T19272] geneve2: entered allmulticast mode [ 421.209816][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 421.274396][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 421.448503][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 421.495800][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 421.749527][T19322] netlink: 2 bytes leftover after parsing attributes in process `syz.5.3742'. [ 421.846418][T19325] netlink: 'syz.3.3743': attribute type 11 has an invalid length. [ 421.984258][T19325] netlink: 'syz.3.3743': attribute type 11 has an invalid length. [ 422.031099][T19325] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3743'. [ 422.614453][T19367] loop4: detected capacity change from 0 to 512 [ 422.657047][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 422.673731][T19367] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 422.713760][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 422.732346][T19367] EXT4-fs (loop4): Test dummy encryption mode enabled [ 422.755221][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 422.794799][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 422.802300][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 422.843228][T19367] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.3754: invalid indirect mapped block 4294967295 (level 1) [ 422.859561][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 422.867821][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 422.876075][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 422.884885][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 422.892355][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 422.900896][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 422.909922][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 422.918831][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 422.926585][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 422.933987][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 422.942107][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 422.949791][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 422.967411][T19367] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.3754: invalid indirect mapped block 4294967295 (level 1) [ 422.984468][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 422.991880][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 423.058037][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 423.074189][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 423.120683][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 423.121017][T19367] EXT4-fs (loop4): 2 truncates cleaned up [ 423.161544][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 423.173940][T19392] loop3: detected capacity change from 0 to 1024 [ 423.199274][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 423.242898][T19367] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 423.251981][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 423.266400][T19401] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3762'. [ 423.299253][T19401] netlink: 7 bytes leftover after parsing attributes in process `syz.5.3762'. [ 423.308844][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 423.331752][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 423.361235][ T5886] usb 2-1: new high-speed USB device number 26 using dummy_hcd [ 423.381109][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 423.406416][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 423.419743][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 423.460836][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 423.490730][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 423.532561][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 423.554818][ T5886] usb 2-1: Using ep0 maxpacket: 16 [ 423.560177][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 423.576054][ T5886] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 423.605085][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 423.615700][ T5886] usb 2-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 423.638020][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 423.650656][ T5831] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 423.659861][ T5886] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 423.714403][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 423.724181][ T5886] usb 2-1: Product: syz [ 423.730561][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 423.741557][ T5886] usb 2-1: Manufacturer: syz [ 423.748561][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 423.757106][ T5886] usb 2-1: SerialNumber: syz [ 423.762273][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 423.772771][ T5886] usb 2-1: config 0 descriptor?? [ 423.784888][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 423.792879][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 423.803187][ T5886] hub 2-1:0.0: bad descriptor, ignoring hub [ 423.822879][ T5886] hub 2-1:0.0: probe with driver hub failed with error -5 [ 423.844016][ T5918] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 423.947978][ T5886] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input22 [ 423.952305][T19422] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3766'. [ 423.980366][ T5918] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.02 Device [syz0] on syz0 [ 424.329778][T19450] loop4: detected capacity change from 0 to 256 [ 424.568636][T19445] loop7: detected capacity change from 0 to 4096 [ 424.632179][T19445] ntfs3(loop7): Different NTFS sector size (1024) and media sector size (512). [ 424.642759][T19399] loop6: detected capacity change from 0 to 32768 [ 424.653762][T19464] ubi31: detaching mtd0 [ 424.680641][T19399] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.3761 (19399) [ 424.713380][T19470] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3772'. [ 424.747502][T19464] ubi31: mtd0 is detached [ 424.790074][T19399] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 424.791886][T19470] netlink: 'syz.4.3772': attribute type 5 has an invalid length. [ 424.864278][T19399] BTRFS info (device loop6): using sha256 (sha256-ni) checksum algorithm [ 424.879683][T19470] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3772'. [ 424.914822][T19399] BTRFS info (device loop6): using free-space-tree [ 425.095795][T19470] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0 [ 425.133774][T19470] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0 [ 425.187657][T19470] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0 [ 425.233536][T19470] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0 [ 425.278781][T19470] geneve2: entered promiscuous mode [ 425.334335][T19470] geneve2: entered allmulticast mode [ 425.672907][T14442] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 427.056358][T19579] loop5: detected capacity change from 0 to 64 [ 427.331564][ T5886] usb 2-1: USB disconnect, device number 26 [ 427.577430][T19605] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3803'. [ 429.054462][ T24] usb 2-1: new high-speed USB device number 27 using dummy_hcd [ 429.225984][ T24] usb 2-1: Using ep0 maxpacket: 32 [ 429.252556][ T24] usb 2-1: config 0 has an invalid interface number: 35 but max is 0 [ 429.286697][ T24] usb 2-1: config 0 has no interface number 0 [ 429.293266][ T24] usb 2-1: config 0 interface 35 altsetting 2 endpoint 0x2 has an invalid bInterval 129, changing to 11 [ 429.373288][ T24] usb 2-1: config 0 interface 35 has no altsetting 0 [ 429.407292][ T24] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=6a.c2 [ 429.431251][ T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 429.482812][ T24] usb 2-1: Product: syz [ 429.494582][ T24] usb 2-1: Manufacturer: syz [ 429.499215][ T24] usb 2-1: SerialNumber: syz [ 429.567317][ T24] usb 2-1: config 0 descriptor?? [ 429.800460][ T24] usbtest 2-1:0.35: Linux gadget zero [ 429.827629][ T24] usbtest 2-1:0.35: high-speed {control in/out int-out} tests (+alt) [ 429.837353][T19734] loop6: detected capacity change from 0 to 2048 [ 429.914241][T19734] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 430.032611][ T5918] usb 2-1: USB disconnect, device number 27 [ 430.506927][ T30] audit: type=1326 audit(2000000163.539:2316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19785 comm="syz.5.3850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a4978e969 code=0x7ffc0000 [ 430.610193][ T30] audit: type=1326 audit(2000000163.539:2317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19785 comm="syz.5.3850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a4978e969 code=0x7ffc0000 [ 430.729178][ T30] audit: type=1326 audit(2000000163.569:2318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19785 comm="syz.5.3850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=209 compat=0 ip=0x7f4a4978e969 code=0x7ffc0000 [ 430.889241][ T30] audit: type=1326 audit(2000000163.569:2319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19785 comm="syz.5.3850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a4978e969 code=0x7ffc0000 [ 431.014217][ T30] audit: type=1326 audit(2000000163.569:2320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19785 comm="syz.5.3850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a4978e969 code=0x7ffc0000 [ 431.867194][ T5886] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 431.884310][T19873] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3876'. [ 432.054353][ T5886] usb 8-1: Using ep0 maxpacket: 8 [ 432.075736][ T5886] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 432.152288][ T5886] usb 8-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 432.184349][ T5886] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 432.192605][ T5886] usb 8-1: SerialNumber: syz [ 432.218159][T19885] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3881'. [ 432.247303][ T5886] usb 8-1: config 0 descriptor?? [ 432.262691][T19888] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3882'. [ 432.302364][ T5886] usb 8-1: Found UVC 0.00 device (05ac:8501) [ 432.326097][ T5886] uvcvideo 8-1:0.0: Entity type for entity Output 255 was not initialized! [ 432.390678][ T5886] usb 8-1: Failed to create links for entity 255 [ 432.408089][ T5886] usb 8-1: Failed to register entities (-22). [ 432.459788][T19896] netlink: 'syz.1.3884': attribute type 1 has an invalid length. [ 432.523881][ T5886] usb 8-1: USB disconnect, device number 2 [ 432.743509][T19924] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3890'. [ 432.853435][T19930] loop4: detected capacity change from 0 to 64 [ 433.022890][T19941] loop5: detected capacity change from 0 to 128 [ 433.118578][T19941] EXT4-fs: Ignoring removed bh option [ 433.215749][T19941] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 433.242224][ T30] audit: type=1326 audit(2000000166.269:2321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19953 comm="syz.3.3896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f171218e969 code=0x7ffc0000 [ 433.282318][T19941] ext4 filesystem being mounted at /704/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 433.375525][ T30] audit: type=1326 audit(2000000166.269:2322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19953 comm="syz.3.3896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f171218e969 code=0x7ffc0000 [ 433.472526][ T30] audit: type=1326 audit(2000000166.349:2323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19953 comm="syz.3.3896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f171218e969 code=0x7ffc0000 [ 433.504322][ T973] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 433.609774][ T30] audit: type=1326 audit(2000000166.349:2324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19953 comm="syz.3.3896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f171218e969 code=0x7ffc0000 [ 433.680442][ T5837] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 433.682276][ T30] audit: type=1326 audit(2000000166.349:2325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19953 comm="syz.3.3896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f171218e969 code=0x7ffc0000 [ 433.694414][ T973] usb 7-1: Using ep0 maxpacket: 8 [ 433.837426][ T973] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 433.913604][ T973] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 433.926643][ T973] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 433.936883][ T973] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 16374, setting to 1024 [ 433.961790][ T973] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 433.973256][ T973] usb 7-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 433.982424][ T973] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 434.019362][ T973] usb 7-1: config 0 descriptor?? [ 434.064807][T19952] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 434.157618][T19983] loop7: detected capacity change from 0 to 4096 [ 434.187738][T19983] ntfs3(loop7): Different NTFS sector size (1024) and media sector size (512). [ 434.400295][T20009] loop3: detected capacity change from 0 to 64 [ 434.470638][ T5828] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 434.479286][ T5828] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 434.487257][ T5828] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 434.494267][ T5828] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 434.503056][ T5828] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 434.510096][ T5828] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 434.517069][ T5828] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 434.523963][ T5828] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 434.530915][ T5828] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 434.539831][ T5828] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 434.546895][ T5828] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 434.553807][ T5828] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 434.560858][ T5828] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 434.567957][ T5828] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 434.577238][ T5828] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 434.586245][ T5828] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 434.593157][ T5828] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 434.600405][ T5828] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 434.607420][ T5828] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 434.614383][ T5828] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 434.621282][ T5828] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 434.628270][ T5828] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 434.635199][ T5828] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 434.642170][ T5828] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 434.649120][ T5828] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 434.656170][ T5828] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 434.663032][ T5828] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 434.670005][ T5828] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 434.677004][ T5828] Bluetooth: hci7: Received unexpected HCI Event 0x00 [ 434.707149][ T5824] Bluetooth: hci7: Opcode 0x0c03 failed: -71 [ 434.715397][ T5918] usb 7-1: USB disconnect, device number 3 [ 435.031095][T20015] loop5: detected capacity change from 0 to 4096 [ 435.071005][T20015] ntfs3(loop5): Different NTFS sector size (2048) and media sector size (512). [ 435.162956][T19986] loop1: detected capacity change from 0 to 32768 [ 435.317573][T19971] loop4: detected capacity change from 0 to 32768 [ 435.384548][T19986] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 435.439313][T19971] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 435.462280][T19986] XFS (loop1): Ending clean mount [ 435.473809][T19986] XFS (loop1): Quotacheck needed: Please wait. [ 435.600811][T19986] XFS (loop1): Quotacheck: Done. [ 435.756699][T20084] loop5: detected capacity change from 0 to 64 [ 435.778442][ T5843] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 435.821988][T19971] XFS (loop4): Ending clean mount [ 435.873363][ T5918] usb 7-1: new low-speed USB device number 4 using dummy_hcd [ 435.900982][T20084] Trying to free block not in datazone [ 435.921695][T19971] XFS (loop4): Quotacheck needed: Please wait. [ 436.075254][ T5918] usb 7-1: config index 0 descriptor too short (expected 6427, got 27) [ 436.083591][ T5918] usb 7-1: config 0 has an invalid interface number: 21 but max is 0 [ 436.136376][T19971] XFS (loop4): Quotacheck: Done. [ 436.160010][ T5918] usb 7-1: config 0 has no interface number 0 [ 436.167907][ T5918] usb 7-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 436.179957][ T5918] usb 7-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 436.191239][ T5918] usb 7-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 436.201427][ T5918] usb 7-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 436.312724][ T5918] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 436.382879][ T5918] usb 7-1: config 0 descriptor?? [ 436.432875][ T5831] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 436.865412][ T5918] usb 7-1: USB disconnect, device number 4 [ 437.170855][T20148] loop1: detected capacity change from 0 to 512 [ 437.316367][T20148] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 437.397579][T20148] ext4 filesystem being mounted at /649/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 437.514434][ T5965] usb 4-1: new full-speed USB device number 20 using dummy_hcd [ 437.517561][T20148] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2962: inode #15: comm syz.1.3933: corrupted xattr block 33: e_value out of bounds [ 437.533823][T20170] sit2: entered promiscuous mode [ 437.650025][T20170] sit2: entered allmulticast mode [ 437.661052][T20148] EXT4-fs warning (device loop1): ext4_evict_inode:279: xattr delete (err -117) [ 437.679899][T20181] loop6: detected capacity change from 0 to 1024 [ 437.740760][ T5965] usb 4-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f [ 437.779655][ T5965] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 437.834673][ T5965] usb 4-1: Product: syz [ 437.859379][ T5965] usb 4-1: Manufacturer: syz [ 437.876244][ T5965] usb 4-1: SerialNumber: syz [ 437.886700][ T13] hfsplus: b-tree write err: -5, ino 4 [ 437.916823][ T5965] usb 4-1: config 0 descriptor?? [ 437.982735][ T5843] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 438.164864][ T5918] usb 6-1: new high-speed USB device number 26 using dummy_hcd [ 438.210043][T20213] netlink: 'syz.1.3943': attribute type 7 has an invalid length. [ 438.352601][ T5965] airspy 4-1:0.0: usb_control_msg() failed -71 request 0a [ 438.365974][ T5918] usb 6-1: Using ep0 maxpacket: 16 [ 438.390067][ T5965] airspy 4-1:0.0: Could not detect board [ 438.397165][ T5918] usb 6-1: config 0 has an invalid interface number: 35 but max is 0 [ 438.421804][ T5918] usb 6-1: config 0 has no interface number 0 [ 438.434347][ T5965] airspy 4-1:0.0: probe with driver airspy failed with error -71 [ 438.448455][ T5918] usb 6-1: config 0 interface 35 altsetting 0 endpoint 0xE has an invalid bInterval 0, changing to 7 [ 438.494984][ T5918] usb 6-1: config 0 interface 35 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0 [ 438.496305][ T5965] usb 4-1: USB disconnect, device number 20 [ 438.528144][ T5918] usb 6-1: New USB device found, idVendor=07d0, idProduct=4101, bcdDevice=ec.5c [ 438.554897][ T5918] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 438.622344][ T5918] usb 6-1: Product: syz [ 438.652624][ T5918] usb 6-1: Manufacturer: syz [ 438.670279][ T5918] usb 6-1: SerialNumber: syz [ 438.735951][ T5918] usb 6-1: config 0 descriptor?? [ 438.753095][ T5918] cypress_m8 6-1:0.35: Nokia CA-42 V2 Adapter converter detected [ 438.909265][T20245] loop1: detected capacity change from 0 to 1024 [ 439.030955][ T5918] usb 6-1: Nokia CA-42 V2 Adapter converter now attached to ttyUSB0 [ 439.068931][T20245] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 439.258488][ T5918] usb 6-1: USB disconnect, device number 26 [ 439.326704][ T5918] nokiaca42v2 ttyUSB0: Nokia CA-42 V2 Adapter converter now disconnected from ttyUSB0 [ 439.336452][ T5843] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 439.403408][ T5918] cypress_m8 6-1:0.35: device disconnected [ 439.421314][T20280] SET target dimension over the limit! [ 439.421342][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.433280][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 439.613631][T20292] loop4: detected capacity change from 0 to 512 [ 439.795215][T20292] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 439.814638][T20292] ext4 filesystem being mounted at /647/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 440.290159][ T5831] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 440.344509][T20331] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3966'. [ 440.530940][T20346] netlink: 'syz.1.3969': attribute type 33 has an invalid length. [ 441.004347][ T5918] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 441.476789][ T5918] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 441.494136][ T5918] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 441.534175][ T5918] usb 7-1: Product: syz [ 441.538405][ T5918] usb 7-1: Manufacturer: syz [ 441.565191][ T5918] usb 7-1: SerialNumber: syz [ 441.616786][ T5918] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 441.642870][ T5886] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 441.889114][ C0] usb 7-1: ath: unknown panic pattern! [ 442.145637][ T24] usb 7-1: USB disconnect, device number 5 [ 442.294816][ T9] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 442.504855][ T9] usb 5-1: Using ep0 maxpacket: 8 [ 442.527897][ T9] usb 5-1: New USB device found, idVendor=0458, idProduct=7003, bcdDevice=7a.1a [ 442.546348][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 442.581776][ T9] usb 5-1: Product: syz [ 442.590209][ T9] usb 5-1: Manufacturer: syz [ 442.615739][ T9] usb 5-1: SerialNumber: syz [ 442.638349][ T9] usb 5-1: config 0 descriptor?? [ 442.680598][ T9] gspca_main: sn9c2028-2.14.0 probing 0458:7003 [ 442.764640][ T5886] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive [ 442.809827][ T5886] ath9k_htc: Failed to initialize the device [ 442.851782][ T24] usb 7-1: ath9k_htc: USB layer deinitialized [ 442.933266][T20459] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3995'. [ 442.990119][T20387] loop1: detected capacity change from 0 to 32768 [ 443.051207][T20387] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3981 (20387) [ 443.092005][ T9] gspca_sn9c2028: read1 error -71 [ 443.111248][ T9] gspca_sn9c2028: read1 error -71 [ 443.142272][ T9] sn9c2028 5-1:0.0: probe with driver sn9c2028 failed with error -71 [ 443.144959][T20387] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 443.204531][ T9] usb 5-1: USB disconnect, device number 19 [ 443.234580][T20387] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 443.274232][T20387] BTRFS info (device loop1): disk space caching is enabled [ 443.348478][T20387] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 443.894045][T20387] BTRFS info (device loop1): rebuilding free space tree [ 443.903832][T20434] loop7: detected capacity change from 0 to 32768 [ 443.970379][T20387] BTRFS info (device loop1): disabling free space tree [ 444.038503][T20387] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 444.060856][T20387] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 444.374760][T20434] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): Using encoding defined by superblock: utf8-12.1.0 [ 444.552626][ T5843] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 444.634348][T20434] bcachefs (loop7): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,degraded,no_splitbrain_check,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,nocow [ 444.634348][T20434] allowing incompatible features above 0.0: (unknown version) [ 444.724665][T20434] bcachefs (loop7): recovering from clean shutdown, journal seq 10 [ 444.752829][T20434] bcachefs (loop7): Version upgrade required: [ 444.752829][T20434] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 444.752829][T20434] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.25: extent_flags [ 444.752829][T20434] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 444.797763][T20566] loop5: detected capacity change from 0 to 256 [ 444.862756][T20434] bcachefs (loop7): dropping and reconstructing all alloc info [ 444.895677][T20571] mmap: syz.6.4014 (20571) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 444.912930][T20566] exfat: Deprecated parameter 'namecase' [ 444.978564][T20566] exfat: Deprecated parameter 'utf8' [ 444.985178][T20434] bcachefs (loop7): accounting_read... done [ 445.050212][T20434] bcachefs (loop7): alloc_read... done [ 445.076248][T20566] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 445.149909][T20434] bcachefs (loop7): snapshots_read... done [ 445.175924][T20434] bcachefs (loop7): done starting filesystem [ 445.387424][T20592] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4020'. [ 445.568999][T18062] bcachefs (loop7): shutting down [ 445.727398][T20606] x_tables: unsorted underflow at hook 3 [ 445.916067][T18062] bcachefs (loop7): shutdown complete [ 446.522845][T20640] loop6: detected capacity change from 0 to 4096 [ 446.699357][T20661] loop1: detected capacity change from 0 to 1024 [ 447.775548][T20709] loop6: detected capacity change from 0 to 256 [ 447.902393][T20709] FAT-fs (loop6): Directory bread(block 64) failed [ 447.954520][T20709] FAT-fs (loop6): Directory bread(block 65) failed [ 447.961242][T20709] FAT-fs (loop6): Directory bread(block 66) failed [ 448.024613][T20709] FAT-fs (loop6): Directory bread(block 67) failed [ 448.031335][T20709] FAT-fs (loop6): Directory bread(block 68) failed [ 448.059561][T20709] FAT-fs (loop6): Directory bread(block 69) failed [ 448.084519][T20709] FAT-fs (loop6): Directory bread(block 70) failed [ 448.108368][T20709] FAT-fs (loop6): Directory bread(block 71) failed [ 448.128716][T20709] FAT-fs (loop6): Directory bread(block 72) failed [ 448.165113][T20709] FAT-fs (loop6): Directory bread(block 73) failed [ 448.195842][T20733] loop1: detected capacity change from 0 to 8 [ 448.205314][ T5885] usb 6-1: new high-speed USB device number 27 using dummy_hcd [ 448.406492][ T5885] usb 6-1: Using ep0 maxpacket: 32 [ 448.445672][ T5885] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 448.477497][ T5885] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 448.544216][ T5885] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 448.602023][ T5885] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 448.642053][T20676] loop3: detected capacity change from 0 to 32768 [ 448.684521][ T5885] usb 6-1: config 0 descriptor?? [ 448.717689][ T5885] hub 6-1:0.0: USB hub found [ 448.819151][T20676] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 448.874019][T20764] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4057'. [ 448.899926][ T5885] hub 6-1:0.0: 26 ports detected [ 448.907880][ T5885] hub 6-1:0.0: insufficient power available to use all downstream ports [ 449.112633][ T5885] hub 6-1:0.0: hub_hub_status failed (err = -71) [ 449.123028][ T5885] hub 6-1:0.0: config failed, can't get hub status (err -71) [ 449.147996][ T5885] usbhid 6-1:0.0: can't add hid device: -71 [ 449.161864][ T5885] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 449.207545][ T5885] usb 6-1: USB disconnect, device number 27 [ 449.230966][T20676] XFS (loop3): Ending clean mount [ 449.279984][T20783] netlink: 40 bytes leftover after parsing attributes in process `syz.6.4059'. [ 449.319528][T20783] netlink: 32 bytes leftover after parsing attributes in process `syz.6.4059'. [ 449.499167][ T5823] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 449.874246][ T5885] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 450.108527][ T5885] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 450.170109][ T5885] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 8 [ 450.242100][T20826] netlink: 'syz.6.4068': attribute type 10 has an invalid length. [ 450.277988][ T5885] usb 5-1: New USB device found, idVendor=0499, idProduct=103e, bcdDevice=4e.18 [ 450.300477][ T5885] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 450.319037][ T5885] usb 5-1: Product: syz [ 450.323246][ T5885] usb 5-1: Manufacturer: syz [ 450.352337][ T5885] usb 5-1: SerialNumber: syz [ 450.356897][T20833] openvswitch: netlink: Tunnel attr 130 out of range max 16 [ 450.376115][ T5885] usb 5-1: config 0 descriptor?? [ 450.381771][T20826] macvlan0: entered promiscuous mode [ 450.391958][T20826] macvlan0: entered allmulticast mode [ 450.470105][T20826] veth1_vlan: entered allmulticast mode [ 450.520471][T20826] bond0: (slave macvlan0): Enslaving as an active interface with an up link [ 450.634631][ T5885] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 450.871205][ T24] usb 5-1: USB disconnect, device number 20 [ 450.944999][T20868] netlink: 'syz.1.4075': attribute type 1 has an invalid length. [ 450.952795][T20868] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4075'. [ 451.004640][T20882] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4076'. [ 451.134987][ T5968] udevd[5968]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 451.322564][T20898] loop5: detected capacity change from 0 to 1024 [ 452.198651][T20950] xt_hashlimit: size too large, truncated to 1048576 [ 452.239685][T20950] xt_hashlimit: max too large, truncated to 1048576 [ 452.378548][T20950] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 452.650235][T20965] loop3: detected capacity change from 0 to 1024 [ 452.695654][T20965] EXT4-fs: Ignoring removed bh option [ 452.701136][T20965] EXT4-fs: inline encryption not supported [ 452.757699][T20965] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 452.813993][T20965] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 452.879402][T20965] EXT4-fs error (device loop3): ext4_map_blocks:675: inode #3: block 2: comm syz.3.4101: lblock 2 mapped to illegal pblock 2 (length 1) [ 452.941819][T20986] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4106'. [ 452.982775][T20965] __quota_error: 1 callbacks suppressed [ 452.982801][T20965] Quota error (device loop3): qtree_write_dquot: dquota write failed [ 453.061433][T20965] EXT4-fs error (device loop3): ext4_map_blocks:675: inode #3: block 48: comm syz.3.4101: lblock 0 mapped to illegal pblock 48 (length 1) [ 453.122580][T20995] netlink: 64 bytes leftover after parsing attributes in process `syz.6.4109'. [ 453.141844][T20965] Quota error (device loop3): v2_write_file_info: Can't write info structure [ 453.204438][T20965] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.4101: Failed to acquire dquot type 0 [ 453.242486][T21000] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4111'. [ 453.279735][T20965] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5899: Corrupt filesystem [ 453.284434][T21000] IPv6: NLM_F_CREATE should be specified when creating new route [ 453.367955][T20965] EXT4-fs error (device loop3): ext4_evict_inode:259: inode #11: comm syz.3.4101: mark_inode_dirty error [ 453.434395][T20965] EXT4-fs warning (device loop3): ext4_evict_inode:262: couldn't mark inode dirty (err -117) [ 453.504527][T20965] EXT4-fs (loop3): 1 orphan inode deleted [ 453.544862][T20965] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 453.560292][ T62] EXT4-fs error (device loop3): ext4_map_blocks:675: inode #3: block 1: comm kworker/u8:4: lblock 1 mapped to illegal pblock 1 (length 1) [ 453.656489][ T62] Quota error (device loop3): remove_tree: Can't read quota data block 1 [ 453.698664][ T62] EXT4-fs error (device loop3): ext4_release_dquot:6971: comm kworker/u8:4: Failed to release dquot type 0 [ 453.733979][T20965] EXT4-fs error (device loop3): ext4_map_blocks:675: inode #3: block 1: comm syz.3.4101: lblock 1 mapped to illegal pblock 1 (length 1) [ 453.881819][T20965] Quota error (device loop3): find_next_id: Can't read quota tree block 1 [ 454.112934][ T5823] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 454.156125][T21044] netlink: 100 bytes leftover after parsing attributes in process `syz.1.4126'. [ 454.195620][ T5823] EXT4-fs error (device loop3): __ext4_get_inode_loc:4450: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 454.245849][ T5823] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5899: Corrupt filesystem [ 454.282931][ T5823] EXT4-fs error (device loop3): ext4_quota_off:7219: inode #3: comm syz-executor: mark_inode_dirty error [ 454.494961][T21066] loop4: detected capacity change from 0 to 164 [ 454.607249][T21066] syz.4.4135: attempt to access beyond end of device [ 454.607249][T21066] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 454.649608][T21066] syz.4.4135: attempt to access beyond end of device [ 454.649608][T21066] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 454.708618][ T30] audit: type=1800 audit(2000000187.739:2327): pid=21066 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.4135" name="file0" dev="loop4" ino=1862 res=0 errno=0 [ 454.730289][T21085] xt_ecn: cannot match TCP bits for non-tcp packets [ 454.834220][ T24] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 455.018598][ T24] usb 7-1: Using ep0 maxpacket: 32 [ 455.067068][ T24] usb 7-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 455.115583][ T24] usb 7-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 455.154306][ T24] usb 7-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 455.201949][ T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 455.274429][ T5885] usb 6-1: new high-speed USB device number 28 using dummy_hcd [ 455.305617][ T24] hub 7-1:4.0: USB hub found [ 455.308045][T21107] loop7: detected capacity change from 0 to 4096 [ 455.407394][T21118] netlink: 'syz.1.4147': attribute type 21 has an invalid length. [ 455.444644][ T5885] usb 6-1: Using ep0 maxpacket: 8 [ 455.481941][T21118] netlink: 164 bytes leftover after parsing attributes in process `syz.1.4147'. [ 455.492849][ T5885] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 455.504505][ T24] hub 7-1:4.0: 2 ports detected [ 455.533329][ T5885] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 455.533996][ T24] usb 7-1: selecting invalid altsetting 1 [ 455.571028][ T5885] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xAE, changing to 0x8E [ 455.588231][T21124] loop3: detected capacity change from 0 to 256 [ 455.621273][ T24] hub 7-1:4.0: Using single TT (err -22) [ 455.629455][ T5885] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid maxpacket 51986, setting to 1024 [ 455.640900][T21126] ptrace attach of "./syz-executor exec"[5831] was attempted by ""[21126] [ 455.705154][ T24] hub 7-1:4.0: hub_hub_status failed (err = -71) [ 455.744134][ T5885] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 1024 [ 455.766399][ T24] hub 7-1:4.0: config failed, can't get hub status (err -71) [ 455.816010][ T5885] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a4, bcdDevice=9e.7e [ 455.852947][ T5885] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 455.869788][ T24] usb 7-1: USB disconnect, device number 6 [ 455.890012][ T5885] usb 6-1: Product: syz [ 455.910587][ T5885] usb 6-1: Manufacturer: syz [ 455.931855][ T5885] usb 6-1: SerialNumber: syz [ 456.010072][ T5885] usb 6-1: config 0 descriptor?? [ 456.056702][T21098] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 456.095563][ T5885] usbtest 6-1:0.0: Linux user mode test driver [ 456.104691][ T5885] usbtest 6-1:0.0: high-speed {control bulk-in bulk-out} tests (+alt) [ 456.292238][ T5918] usb 6-1: USB disconnect, device number 28 [ 456.408381][T21176] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4158'. [ 456.635883][T21184] geneve2: entered promiscuous mode [ 456.853657][ T5828] Bluetooth: hci6: command 0x0406 tx timeout [ 456.993488][T21197] loop4: detected capacity change from 0 to 2048 [ 457.009248][T21206] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4165'. [ 457.024797][ T30] audit: type=1400 audit(2000000190.049:2328): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=21199 comm="syz.7.4167" [ 457.104911][T21197] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 457.128207][T21197] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 457.266315][ T5831] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 457.279086][T21224] loop5: detected capacity change from 0 to 64 [ 457.480388][T21237] ieee802154 phy0 wpan0: encryption failed: -22 [ 457.814440][T21252] netlink: 'syz.4.4179': attribute type 1 has an invalid length. [ 458.259976][T21261] loop5: detected capacity change from 0 to 4096 [ 458.294412][T21269] binder: 21268:21269 ioctl c018620c 200000000380 returned -22 [ 458.594916][ T5918] usb 2-1: new high-speed USB device number 28 using dummy_hcd [ 458.786523][ T5918] usb 2-1: Using ep0 maxpacket: 8 [ 458.817160][ T5918] usb 2-1: New USB device found, idVendor=0979, idProduct=0270, bcdDevice=a8.17 [ 458.817399][T21233] loop6: detected capacity change from 0 to 32768 [ 458.847216][ T5918] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 458.879753][ T5918] usb 2-1: Product: syz [ 458.894469][ T5918] usb 2-1: Manufacturer: syz [ 458.903822][T21243] loop7: detected capacity change from 0 to 32768 [ 458.910499][ T5918] usb 2-1: SerialNumber: syz [ 458.932297][ T5918] usb 2-1: config 0 descriptor?? [ 458.939713][T21233] (syz.6.4174,21233,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 458.991297][ T5918] hub 2-1:0.0: bad descriptor, ignoring hub [ 459.019571][ T5918] hub 2-1:0.0: probe with driver hub failed with error -5 [ 459.035409][T21233] (syz.6.4174,21233,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 459.083230][T21306] netlink: 'syz.4.4193': attribute type 6 has an invalid length. [ 459.108875][T21233] JBD2: Ignoring recovery information on journal [ 459.118448][ T5918] gspca_main: jeilinj-2.14.0 probing 0979:0270 [ 459.219078][ T5918] usb 2-1: USB disconnect, device number 28 [ 459.369692][T21233] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode. [ 459.579641][T21339] loop5: detected capacity change from 0 to 8 [ 459.629767][T21333] nvme_fabrics: missing parameter 'transport=%s' [ 459.647012][T21333] nvme_fabrics: missing parameter 'nqn=%s' [ 459.766545][T14442] ocfs2: Unmounting device (7,6) on (node local) [ 460.266016][ T5885] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 460.416392][T21379] netlink: 'syz.1.4209': attribute type 2 has an invalid length. [ 460.486074][ T5885] usb 4-1: Using ep0 maxpacket: 16 [ 460.511061][T21379] : entered promiscuous mode [ 460.527425][ T5885] usb 4-1: New USB device found, idVendor=07ab, idProduct=fc01, bcdDevice=28.e0 [ 460.571875][T21391] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4212'. [ 460.584159][ T5885] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 460.644156][ T5885] usb 4-1: Product: syz [ 460.648396][ T5885] usb 4-1: Manufacturer: syz [ 460.702071][ T5885] usb 4-1: SerialNumber: syz [ 460.724013][ T5885] usb 4-1: config 0 descriptor?? [ 460.756494][ T5885] ums-freecom 4-1:0.0: USB Mass Storage device detected [ 460.831183][T21404] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check. [ 461.018344][ T5885] usb 4-1: USB disconnect, device number 21 [ 461.578128][ T5885] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 461.761918][ T5885] usb 8-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 461.791855][ T5885] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 461.814216][ T5885] usb 8-1: Product: syz [ 461.821269][T21459] loop5: detected capacity change from 0 to 4096 [ 461.838838][ T5885] usb 8-1: Manufacturer: syz [ 461.868346][ T5885] usb 8-1: SerialNumber: syz [ 461.899300][ T5885] r8152-cfgselector 8-1: Unknown version 0x0000 [ 461.916727][ T5885] r8152-cfgselector 8-1: config 0 descriptor?? [ 462.032185][T21483] binder: 21482:21483 ioctl c0306201 200000000100 returned -22 [ 462.323569][T21498] netlink: 'syz.4.4240': attribute type 1 has an invalid length. [ 462.413821][T21508] bridge0: port 1(bridge_slave_0) entered forwarding state [ 462.435549][ T5941] r8152-cfgselector 8-1: USB disconnect, device number 3 [ 462.443207][T21507] loop1: detected capacity change from 0 to 1024 [ 462.502633][T21507] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869) [ 462.550280][T21507] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 462.638134][T21507] EXT4-fs error (device loop1): ext4_get_journal_inode:5798: inode #32: comm syz.1.4242: iget: special inode unallocated [ 462.721382][T21507] EXT4-fs (loop1): Remounting filesystem read-only [ 462.731590][T21507] EXT4-fs (loop1): no journal found [ 462.769597][T21507] EXT4-fs (loop1): can't get journal size [ 462.780392][T21531] xt_hashlimit: size too large, truncated to 1048576 [ 462.816331][T21507] EXT4-fs (loop1): filesystem is read-only [ 462.826354][T21531] xt_hashlimit: overflow, try lower: 0/0 [ 462.835407][T21507] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 462.893621][T21534] (unnamed net_device) (uninitialized): option primary_reselect: invalid value (65) [ 463.061841][ T5843] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 463.210917][T21547] loop5: detected capacity change from 0 to 512 [ 463.264803][T21547] EXT4-fs error (device loop5): ext4_orphan_get:1391: inode #15: comm syz.5.4256: casefold flag without casefold feature [ 463.295525][T21562] loop4: detected capacity change from 0 to 16 [ 463.343209][T21547] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.4256: couldn't read orphan inode 15 (err -117) [ 463.365012][T21562] erofs (device loop4): mounted with root inode @ nid 36. [ 463.433368][T21547] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 463.617026][T21576] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4261'. [ 463.670131][ T5837] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 463.684478][T21576] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4261'. [ 463.811805][T21576] ip6erspan0: entered allmulticast mode [ 463.942464][T21592] loop5: detected capacity change from 0 to 256 [ 464.367449][ T5965] usb 5-1: new low-speed USB device number 21 using dummy_hcd [ 464.411675][T21617] loop7: detected capacity change from 0 to 1024 [ 464.516852][ T1158] hfsplus: b-tree write err: -5, ino 4 [ 464.553761][T21544] loop6: detected capacity change from 0 to 32768 [ 464.579669][ T5965] usb 5-1: config 0 has no interfaces? [ 464.605256][ T5965] usb 5-1: string descriptor 0 read error: -22 [ 464.640236][ T5965] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 464.674268][ T5965] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 464.691431][T21620] loop1: detected capacity change from 0 to 4096 [ 464.723372][T21620] ntfs3(loop1): try to read out of volume at offset 0x3fffffc0c00 [ 464.743930][T21620] ntfs3(loop1): try to read out of volume at offset 0x3fffffc0c00 [ 464.761377][ T5965] usb 5-1: config 0 descriptor?? [ 464.784414][T21620] ntfs3(loop1): try to read out of volume at offset 0x3fffffc0c00 [ 464.813523][T21620] ntfs3(loop1): try to read out of volume at offset 0x3fffffc0c00 [ 464.845807][T21620] ntfs3(loop1): try to read out of volume at offset 0x3fffffc1c00 [ 464.879648][T21620] ntfs3(loop1): try to read out of volume at offset 0x3fffffc2c00 [ 464.916439][T21620] ntfs3(loop1): try to read out of volume at offset 0x3fffffc4c00 [ 464.951017][T21620] ntfs3(loop1): try to read out of volume at offset 0x3fffffc8c00 [ 464.963612][T21644] xt_TCPMSS: Only works on TCP SYN packets [ 464.984320][T21620] ntfs3(loop1): try to read out of volume at offset 0x3fffffd0c00 [ 465.002589][T21620] ntfs3(loop1): try to read out of volume at offset 0x3fffffe0c00 [ 465.018322][ T5965] usb 5-1: USB disconnect, device number 21 [ 465.123585][T21657] usb usb1: usbfs: process 21657 (syz.3.4280) did not claim interface 0 before use [ 465.707766][T21680] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4286'. [ 466.063113][T21707] netlink: 270 bytes leftover after parsing attributes in process `syz.5.4295'. [ 466.229312][T21710] loop1: detected capacity change from 0 to 1764 [ 466.312367][T21710] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 466.656869][ T30] audit: type=1326 audit(2000000199.689:2329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21738 comm="syz.1.4302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd88e78e969 code=0x7ffc0000 [ 466.692801][T21740] loop6: detected capacity change from 0 to 64 [ 466.762895][ T30] audit: type=1326 audit(2000000199.709:2330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21738 comm="syz.1.4302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd88e78e969 code=0x7ffc0000 [ 466.903125][ T30] audit: type=1326 audit(2000000199.729:2331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21738 comm="syz.1.4302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7fd88e78e969 code=0x7ffc0000 [ 466.971629][T21754] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4309'. [ 467.023270][ T30] audit: type=1326 audit(2000000199.739:2332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21738 comm="syz.1.4302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd88e78e969 code=0x7ffc0000 [ 467.136464][ T30] audit: type=1326 audit(2000000199.739:2333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21738 comm="syz.1.4302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd88e78e969 code=0x7ffc0000 [ 467.800553][T21800] netlink: 20 bytes leftover after parsing attributes in process `syz.6.4324'. [ 467.974278][ T30] audit: type=1400 audit(2000000200.999:2334): apparmor="DENIED" operation="stack" class="file" info="label not found" error=-2 profile="unconfined" name=26260A3A0CCA7C2B08C9DFF78977F306B457CA93031D371D06D2E59E863E2FE54118A4EE43068DF6BA88E1B6DC3A552C91AE1C817D6B6014270B8BC51F73363852F4F12EE955F464599F0C485D pid=21811 comm="syz.3.4328" [ 468.854547][ T31] INFO: task syz-executor:5835 blocked for more than 143 seconds. [ 468.862474][ T31] Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 [ 468.921018][T21860] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 468.940230][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 468.969919][ T31] task:syz-executor state:D stack:17608 pid:5835 tgid:5835 ppid:1 task_flags:0x400140 flags:0x00004004 [ 469.018896][ T31] Call Trace: [ 469.038896][ T31] [ 469.041895][ T31] __schedule+0x16e2/0x4cd0 [ 469.084363][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.114270][ T31] ? schedule+0x165/0x360 [ 469.118705][ T31] ? __lock_acquire+0xaac/0xd20 [ 469.149570][ T31] ? __pfx___schedule+0x10/0x10 [ 469.171570][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.182116][ T31] ? schedule+0x91/0x360 [ 469.186469][ T31] schedule+0x165/0x360 [ 469.190657][ T31] io_schedule+0x81/0xe0 [ 469.197477][ T31] folio_wait_bit_common+0x6b0/0xb90 [ 469.202830][ T31] ? __pfx_folio_wait_bit_common+0x10/0x10 [ 469.208715][ T31] ? __pfx_wake_page_function+0x10/0x10 [ 469.214753][ T31] ? folios_put_refs+0x559/0x640 [ 469.219720][ T31] ? __pfx_find_lock_entries+0x10/0x10 [ 469.225263][ T31] __filemap_get_folio+0x139/0xaf0 [ 469.230581][ T31] truncate_inode_pages_range+0x3ed/0xda0 [ 469.236800][ T31] ? evict+0x847/0x9c0 [ 469.240978][ T31] ? evict_inodes+0x636/0x6c0 [ 469.245959][ T31] ? generic_shutdown_super+0x9a/0x2c0 [ 469.251438][ T31] ? kill_block_super+0x44/0x90 [ 469.256344][ T31] ? deactivate_locked_super+0xbc/0x130 [ 469.261932][ T31] ? __pfx_truncate_inode_pages_range+0x10/0x10 [ 469.269391][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 469.291831][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.299212][ T31] ? __lock_acquire+0xaac/0xd20 [ 469.304442][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 469.309727][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 469.315293][ T31] evict+0x517/0x9c0 [ 469.319239][ T31] ? __pfx_evict+0x10/0x10 [ 469.323670][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.330019][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.335929][ T31] ? do_raw_spin_unlock+0x122/0x240 [ 469.341249][ T31] evict_inodes+0x636/0x6c0 [ 469.345853][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.351530][ T31] ? __pfx_evict_inodes+0x10/0x10 [ 469.356776][ T31] generic_shutdown_super+0x9a/0x2c0 [ 469.362087][ T31] kill_block_super+0x44/0x90 [ 469.366818][ T31] deactivate_locked_super+0xbc/0x130 [ 469.372235][ T31] cleanup_mnt+0x425/0x4c0 [ 469.376909][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.382567][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 469.387940][ T31] task_work_run+0x1d4/0x260 [ 469.392564][ T31] ? __pfx_task_work_run+0x10/0x10 [ 469.398780][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.406056][ T31] resume_user_mode_work+0x5e/0x80 [ 469.411216][ T31] syscall_exit_to_user_mode+0x9a/0x120 [ 469.416975][ T31] do_syscall_64+0x103/0x210 [ 469.421596][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.427296][ T31] ? exc_page_fault+0x91/0x110 [ 469.432176][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 469.438352][ T31] RIP: 0033:0x7f508a38fc97 [ 469.442776][ T31] RSP: 002b:00007ffc95b86498 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 469.451287][ T31] RAX: 0000000000000000 RBX: 00007f508a41089d RCX: 00007f508a38fc97 [ 469.459388][ T31] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc95b86550 [ 469.467437][ T31] RBP: 00007ffc95b86550 R08: 0000000000000000 R09: 0000000000000000 [ 469.475539][ T31] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc95b875e0 [ 469.483531][ T31] R13: 00007f508a41089d R14: 000000000004cf9a R15: 00007ffc95b87620 [ 469.492000][ T31] [ 469.495332][ T31] [ 469.495332][ T31] Showing all locks held in the system: [ 469.507081][ T31] 2 locks held by kworker/u8:0/12: [ 469.512233][ T31] 1 lock held by khungtaskd/31: [ 469.517290][ T31] #0: ffffffff8df3b860 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 469.527299][ T31] 3 locks held by kworker/u8:6/1084: [ 469.532623][ T31] 4 locks held by klogd/5184: [ 469.537505][ T31] 2 locks held by getty/5576: [ 469.542200][ T31] #0: ffff8880304250a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 469.552280][ T31] #1: ffffc90002ffe2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400 [ 469.562643][ T31] 1 lock held by syz-executor/5835: [ 469.590377][ T31] #0: ffff888030e5e0e0 (&type->s_umount_key#77){+.+.}-{4:4}, at: deactivate_super+0xa9/0xe0 [ 469.613679][ T31] [ 469.633487][ T31] ============================================= [ 469.633487][ T31] [ 469.642048][ T31] NMI backtrace for cpu 1 [ 469.642067][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(full) [ 469.642096][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 469.642111][ T31] Call Trace: [ 469.642120][ T31] [ 469.642129][ T31] dump_stack_lvl+0x189/0x250 [ 469.642177][ T31] ? __wake_up_klogd+0xd9/0x110 [ 469.642205][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.642235][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 469.642269][ T31] ? __pfx__printk+0x10/0x10 [ 469.642305][ T31] nmi_cpu_backtrace+0x39e/0x3d0 [ 469.642350][ T31] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 469.642386][ T31] ? _printk+0xcf/0x120 [ 469.642415][ T31] ? __pfx__printk+0x10/0x10 [ 469.642443][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 469.642471][ T31] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 469.642515][ T31] watchdog+0xfee/0x1030 [ 469.642548][ T31] ? watchdog+0x1de/0x1030 [ 469.642588][ T31] kthread+0x711/0x8a0 [ 469.642621][ T31] ? __pfx_watchdog+0x10/0x10 [ 469.642650][ T31] ? __pfx_kthread+0x10/0x10 [ 469.642678][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.642708][ T31] ? __pfx_kthread+0x10/0x10 [ 469.642735][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 469.642760][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.642788][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 469.642817][ T31] ? __pfx_kthread+0x10/0x10 [ 469.642846][ T31] ret_from_fork+0x4e/0x80 [ 469.642871][ T31] ? __pfx_kthread+0x10/0x10 [ 469.642899][ T31] ret_from_fork_asm+0x1a/0x30 [ 469.642942][ T31] [ 469.642952][ T31] Sending NMI from CPU 1 to CPUs 0: [ 469.809992][ C0] NMI backtrace for cpu 0 [ 469.810013][ C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(full) [ 469.810040][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 469.810054][ C0] RIP: 0010:lock_release+0x4b/0x3e0 [ 469.810091][ C0] Code: 89 44 24 28 0f 1f 44 00 00 65 8b 05 93 31 d7 10 83 f8 08 0f 83 9a 02 00 00 89 c0 48 0f a3 05 bc b9 e0 0d 73 16 e8 c5 c8 08 00 <84> c0 75 0d f6 05 dd af ca 0d 01 0f 84 ad 02 00 00 83 3d 7d e8 e0 [ 469.810110][ C0] RSP: 0018:ffffc90000146a90 EFLAGS: 00000212 [ 469.810129][ C0] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 6e52e03717147700 [ 469.810145][ C0] RDX: ffffffff90082460 RSI: ffffffff8bc1d200 RDI: ffffffff8bc1d1c0 [ 469.810162][ C0] RBP: dffffc0000000000 R08: 000000000000000f R09: 0000000000000000 [ 469.810176][ C0] R10: 0000000000000000 R11: ffffffff817199f5 R12: 1ffff92000028d79 [ 469.810192][ C0] R13: ffffffff817199f5 R14: ffffffff8df3b860 R15: ffffffff817199f5 [ 469.810212][ C0] FS: 0000000000000000(0000) GS:ffff8881260cb000(0000) knlGS:0000000000000000 [ 469.810230][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 469.810245][ C0] CR2: 00007f746b180178 CR3: 000000003307f000 CR4: 0000000000350ef0 [ 469.810263][ C0] Call Trace: [ 469.810272][ C0] [ 469.810286][ C0] ? unwind_next_frame+0xa5/0x2390 [ 469.810315][ C0] unwind_next_frame+0x19a9/0x2390 [ 469.810346][ C0] ? unwind_next_frame+0xa5/0x2390 [ 469.810372][ C0] ? ret_from_fork_asm+0x1a/0x30 [ 469.810402][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 469.810427][ C0] arch_stack_walk+0x11c/0x150 [ 469.810460][ C0] ? ret_from_fork_asm+0x1a/0x30 [ 469.810484][ C0] stack_trace_save+0x9c/0xe0 [ 469.810507][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 469.810537][ C0] kasan_save_track+0x3e/0x80 [ 469.810561][ C0] ? kasan_save_track+0x3e/0x80 [ 469.810582][ C0] ? __kasan_kmalloc+0x93/0xb0 [ 469.810606][ C0] ? __kmalloc_noprof+0x27a/0x4f0 [ 469.810632][ C0] ? cfg80211_inform_single_bss_data+0x905/0x1ac0 [ 469.810659][ C0] ? cfg80211_inform_bss_data+0x1f6/0x3ad0 [ 469.810682][ C0] ? cfg80211_inform_bss_frame_data+0x362/0x700 [ 469.810707][ C0] ? ieee80211_bss_info_update+0x746/0x9e0 [ 469.810731][ C0] ? ieee80211_scan_rx+0x527/0x9b0 [ 469.810753][ C0] ? ieee80211_rx_list+0x22fc/0x2d80 [ 469.810777][ C0] ? ieee80211_rx_napi+0x1a8/0x3d0 [ 469.810800][ C0] ? ieee80211_handle_queued_frames+0xe8/0x1f0 [ 469.810822][ C0] ? tasklet_action_common+0x36c/0x580 [ 469.810845][ C0] ? handle_softirqs+0x286/0x870 [ 469.810878][ C0] ? run_ksoftirqd+0x9b/0x100 [ 469.810899][ C0] ? smpboot_thread_fn+0x542/0xa60 [ 469.810933][ C0] ? kthread+0x711/0x8a0 [ 469.810956][ C0] ? ret_from_fork+0x4e/0x80 [ 469.810978][ C0] ? ret_from_fork_asm+0x1a/0x30 [ 469.811022][ C0] ? do_raw_spin_unlock+0x122/0x240 [ 469.811047][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.811076][ C0] __kasan_kmalloc+0x93/0xb0 [ 469.811102][ C0] __kmalloc_noprof+0x27a/0x4f0 [ 469.811129][ C0] ? cfg80211_inform_single_bss_data+0x905/0x1ac0 [ 469.811158][ C0] cfg80211_inform_single_bss_data+0x905/0x1ac0 [ 469.811190][ C0] ? __pfx_cfg80211_inform_single_bss_data+0x10/0x10 [ 469.811230][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 469.811255][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.811281][ C0] ? queue_work_on+0x1ed/0x270 [ 469.811302][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.811329][ C0] ? cfg80211_inform_bss_data+0x1e6/0x3ad0 [ 469.811357][ C0] cfg80211_inform_bss_data+0x1f6/0x3ad0 [ 469.811382][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 469.811413][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.811438][ C0] ? __local_bh_enable_ip+0x12d/0x1c0 [ 469.811472][ C0] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 469.811508][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.811536][ C0] ? ieee80211_rx_handlers+0xbc67/0xbce0 [ 469.811561][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.811586][ C0] ? ieee80211_rx_handlers+0xbc67/0xbce0 [ 469.811615][ C0] ? __pfx_cfg80211_inform_bss_data+0x10/0x10 [ 469.811654][ C0] ? __pfx_ieee80211_rx_handlers+0x10/0x10 [ 469.811686][ C0] ? unwind_next_frame+0xa5/0x2390 [ 469.811724][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.811753][ C0] cfg80211_inform_bss_frame_data+0x362/0x700 [ 469.811788][ C0] ieee80211_bss_info_update+0x746/0x9e0 [ 469.811816][ C0] ? __pfx_ieee80211_bss_info_update+0x10/0x10 [ 469.811850][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.811876][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.811901][ C0] ? ieee80211_get_channel_khz+0x15b/0x8a0 [ 469.811926][ C0] ieee80211_scan_rx+0x527/0x9b0 [ 469.811955][ C0] ieee80211_rx_list+0x22fc/0x2d80 [ 469.811983][ C0] ? rcu_read_lock_sched_held+0x89/0x100 [ 469.812022][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.812047][ C0] ? arch_scale_cpu_capacity+0x18/0xb0 [ 469.812075][ C0] ? __pfx_ieee80211_rx_list+0x10/0x10 [ 469.812109][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.812135][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.812164][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.812194][ C0] ? ieee80211_rx_napi+0xca/0x3d0 [ 469.812219][ C0] ieee80211_rx_napi+0x1a8/0x3d0 [ 469.812246][ C0] ? __pfx_ieee80211_rx_napi+0x10/0x10 [ 469.812274][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.812299][ C0] ? skb_dequeue+0x10e/0x150 [ 469.812324][ C0] ieee80211_handle_queued_frames+0xe8/0x1f0 [ 469.812351][ C0] tasklet_action_common+0x36c/0x580 [ 469.812375][ C0] ? trace_sched_exit_tp+0x38/0x120 [ 469.812413][ C0] ? __pfx_tasklet_action_common+0x10/0x10 [ 469.812436][ C0] ? rcu_softirq_qs+0xf2/0x350 [ 469.812472][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.812497][ C0] ? workqueue_softirq_action+0xd4/0x150 [ 469.812524][ C0] handle_softirqs+0x286/0x870 [ 469.812556][ C0] ? schedule+0x165/0x360 [ 469.812581][ C0] ? run_ksoftirqd+0x9b/0x100 [ 469.812607][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 469.812644][ C0] ? smpboot_thread_fn+0x4d/0xa60 [ 469.812677][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.812705][ C0] ? smpboot_thread_fn+0x4d/0xa60 [ 469.812738][ C0] run_ksoftirqd+0x9b/0x100 [ 469.812761][ C0] ? __pfx_run_ksoftirqd+0x10/0x10 [ 469.812790][ C0] smpboot_thread_fn+0x542/0xa60 [ 469.812825][ C0] ? smpboot_thread_fn+0x4d/0xa60 [ 469.812865][ C0] kthread+0x711/0x8a0 [ 469.812893][ C0] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 469.812928][ C0] ? __pfx_kthread+0x10/0x10 [ 469.812952][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.812979][ C0] ? __pfx_kthread+0x10/0x10 [ 469.813004][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 469.813025][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.813050][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 469.813074][ C0] ? __pfx_kthread+0x10/0x10 [ 469.813099][ C0] ret_from_fork+0x4e/0x80 [ 469.813121][ C0] ? __pfx_kthread+0x10/0x10 [ 469.813146][ C0] ret_from_fork_asm+0x1a/0x30 [ 469.813177][ C0] [ 469.814701][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 469.814725][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(full) [ 469.814755][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 469.814772][ T31] Call Trace: [ 469.814783][ T31] [ 469.814794][ T31] dump_stack_lvl+0x99/0x250 [ 469.814841][ T31] ? __asan_memcpy+0x40/0x70 [ 469.814869][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 469.814906][ T31] ? __pfx__printk+0x10/0x10 [ 469.814941][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.814976][ T31] panic+0x2db/0x790 [ 469.815012][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.815047][ T31] ? __pfx_panic+0x10/0x10 [ 469.815081][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.815109][ T31] ? nmi_backtrace_stall_check+0x433/0x440 [ 469.815159][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.815188][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 469.815218][ T31] ? nmi_trigger_cpumask_backtrace+0x2b6/0x300 [ 469.815265][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.815299][ T31] watchdog+0x102d/0x1030 [ 469.815335][ T31] ? watchdog+0x1de/0x1030 [ 469.815376][ T31] kthread+0x711/0x8a0 [ 469.815410][ T31] ? __pfx_watchdog+0x10/0x10 [ 469.815440][ T31] ? __pfx_kthread+0x10/0x10 [ 469.815469][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.815499][ T31] ? __pfx_kthread+0x10/0x10 [ 469.815528][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 469.815555][ T31] ? srso_alias_return_thunk+0x5/0xfbef5 [ 469.815583][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 469.815613][ T31] ? __pfx_kthread+0x10/0x10 [ 469.815642][ T31] ret_from_fork+0x4e/0x80 [ 469.815667][ T31] ? __pfx_kthread+0x10/0x10 [ 469.815697][ T31] ret_from_fork_asm+0x1a/0x30 [ 469.815739][ T31] [ 470.663540][ T31] Kernel Offset: disabled [ 470.667857][ T31] Rebooting in 86400 seconds..