last executing test programs: 14.542581469s ago: executing program 4 (id=879): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) io_setup(0x27, &(0x7f0000000100)=0x0) io_submit(r1, 0x2, &(0x7f00000002c0)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x1}, &(0x7f0000000280)={0x0, 0x0, 0x2, 0x2, 0x0, r0, 0x0}]) 14.13591844s ago: executing program 5 (id=883): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f00000004c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x44, r1, 0x1, 0x0, 0x0, {}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_RATE_NODE_NAME={0xe}]}, 0x44}}, 0x0) 13.626468168s ago: executing program 4 (id=887): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r0, 0x0, 0x0, 0x0) 13.573322712s ago: executing program 5 (id=888): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000006040)=ANY=[@ANYBLOB="84010000", @ANYRES16=r1, @ANYBLOB="010000000000000000000100000004000480080002000100000008000100000000000400088058010c8054000b8008000900000000000800090000000080"], 0x184}}, 0x0) 13.515839143s ago: executing program 3 (id=889): ioperm(0x0, 0xab50, 0x8) prctl$PR_SET_MM_MAP(0x41, 0x3, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x41, 0x0, 0x0) 13.148091009s ago: executing program 4 (id=891): r0 = socket$netlink(0x10, 0x3, 0x4) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)) writev(r0, &(0x7f0000000300)=[{&(0x7f0000000000)="580000001400192340834b80040d8c560aff820fffff5bab003a0000002058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100040c100000000000224e0000", 0x58}], 0x1) 13.019261662s ago: executing program 3 (id=892): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000000203010400000000ffffffff000000000800010001"], 0x28}}, 0x0) sendmsg$NFQNL_MSG_VERDICT_BATCH(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000005c0)={0x20, 0x3, 0x3, 0x3, 0x0, 0x0, {}, [@NFQA_VERDICT_HDR={0xc, 0x2, {0xfffffffffffffffb}}]}, 0x20}}, 0x0) 12.826014713s ago: executing program 5 (id=894): prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000780)={&(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x2000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x2000)=nil, 0x0}, 0x68) brk(0x20ff8000) brk(0x20ff8000) 12.67188567s ago: executing program 4 (id=896): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x28bd, 0x935, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)={0x0, 0x5, 0x5, {0x5, 0xb, "a7ea31"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) 12.395522988s ago: executing program 3 (id=897): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000000000000000000400000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000005080)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_TARGET_NAME={0x9, 0x1, 'MARK\x00'}, @NFTA_TARGET_REV={0x8, 0x2, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x0) 12.35670721s ago: executing program 5 (id=899): syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x840, &(0x7f0000000080)=ANY=[@ANYBLOB='acl,heartbeat=none,dir_resv_level=00003,coherency=full,coherency=full,localflocks,coherency=full,noacl,\x00'/119], 0xfd, 0x4421, &(0x7f0000004500)="$eJzs3c9PHGUfAPBnBt63UNsKtYeamLiJTTRqCPSk0kRKaSm0WFNtY7xsF9i26MI2sBgPPeCtiScTD8ZDo4k3Tg0Hr/VP8OKxnpvowYuJSSNmd2eBGXbDSliwzeeTlNl5fu9+d5595jB94kTl9txSbm4pV1jIlWduLp3OfVYuLc8XQ7xPDrp/2tOJOIn9wbly7sIH10+H8NPsL4/X19fXQ1V3aGpoy+s//7g7s/XYEGfqVNtt3tpe+TiEcGLbuKq6Qggf/RhCFEI4m6SNJsfeEMKxUM+7fvfLG7k9Gs2DR8Uz+SdT99aGT02u3l9r/d6jEL4tvfjmrfnfXuka/vX1PeoeAAAAAAAAAAAAAAAAAICn3PjVK9feHxwKD6PQvRptf153PDm2ej52fc+83Pk3CwAAAAAAAAAAAAAAAAAAAP9Rm8//56LjTZ7/H0uOIy3qr7/b+THSORPvXRk7PziU7P8ebct/K0n6/WxX6G+y73t2//ezmfrN93/f3s9uNcbX6LcvRPFA6jyOBwZC+D7Z+P1kdDgulZcqb9wsLy/M7tkwnlrp+Nd3709FJ9nQv934j2ba7/z+/y9s+zZVz2/s3VfsmZaOf1fLcj98EbUV/3OZevsRf3YvHf/uWlrv1gIj9QmgGv+vuneO/1im/U7F/1gIIRdVx5pLzQDVNUw1vdV6hbR0/P9XS0tNnckH2er6/ysT//OZ9g9q/l/J/hDRVDr+/6+l9aRKbF7//fHO1/+FTPsHEf/q+Ff8/rclHf9D9cTuVJHaJ9nu/D+eab9T8b8WJ+M8FqW+AatRPb3V/1dHWjr+PdvyN+//4rbWfxcz9ffr/q/Rb+P+rzH9vxbV7/9oLh3/3pbl2r3+JzL1Oj3/j9TWf+xWOv6Ha2nptXNf7W+78Z/MtN+p+NdWJT2N+G/OJ38fqqd/Z/3XlnT8n6snxltLrNT+1tZ/0c7r/0uZ9g9i/Vcd/0rc2V6fFen4H2lZrhr/n9v4/b+cqdf5+IcwaK2/a+n4H21Zrnb99+wc/6lMvU7H/9VONg4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwFBhNjn0higdS53E8MBDCueT8ZDgcTRdm89Ol8synSyGMJem5cDy6VSpPF0r5uYXybDFfKJXKMyGcT/JPhJ5oqVSu5OcLdy5stNUb3S4WFivTxUIlhDCepL8Ujjbamp6rzBfuhBAubuQ9H5cX79wuLORn5xbfGRwcHAwTG2Poj4qfV4oLlXrv9dwQJjfq9kVbBlfLvrQxliPRJ+XlxYVCqZZ+eUudUnmmUNpSZyrJ+zr0R5XF5YWZQqWYL5VvNfo7SCPJcWzi6odXLw9ty78R1Y+j+zssAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6lh8NvfxNC6K6fxSGEXJS8iJJ/KQ8eFc/kn0zdWxs+Nbl6f+1xszIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/7ADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFXfpHaSCI4gD8Ziy09BhWy25nu6KIFq4InkCP4WH0KF7CO1ikSJsiBJJZCPsHtkmq72sezI+Z92AeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyz2+de+vdROR4mp7GfH7+fd/nD+X+n03ff/iDDNyOk8v3f1D3ZR/T6P8thyt2rxPN+uvj5iovZ/Bngz36WDcZ2hu3+bm6/teR8pVRLQlv0k5V9WytwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAHTtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgWMBAAAAAGH+1lH0bQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD//z8QH1I=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) preadv2(r0, &(0x7f0000000100)=[{&(0x7f0000000000)=""/67, 0x43}], 0x1, 0x3, 0x4, 0x1d) 12.133583096s ago: executing program 1 (id=901): r0 = syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file2\x00', 0x200801f, &(0x7f00000000c0), 0x0, 0x509, &(0x7f0000005280)="$eJzs3c9vG1kdAPDvTOxt02ZxFjjASuyu2EVJBXWSDd2NOCwgITitBJR7CYkbRXHiKnHaJqogFeKMhBAgISE4cUHiD0BC/RMQUiW4I0CgClo4cCgMsj3Opq6dH6pjt/HnI73Mm/Ebf9+LPc/zZkYzAYysNyJiOiKyLMsuRUQpX57mKfZaqVHu0cM7S42URJZd/UcSSb6s/V7n8unFfLXzEfH1r0R8K3k67tbO7tpitVrZzOdn6uvJ4yzbvby6vrhSWalszM/PvbPw7sKVhdm+tHMyIt770l9/9P1ffvm9337m1p+u/X36260GthxsRz+1ml5s/i/aChGxeRrBhqTQbGHLlSHXBQCAwzX29z8cEZ+MiEtRirHm3hwAAABwlmSfn4jHSev8HwAAAHA2pRExEUlazq/3nYg0LZdb1/B+NC6k1dpW/dNZaf94wWQU0+ur1cpsfu3AZBSTxvxcfo1te/7tjvn5iHglIn5YGm/Ol5dq1eWhHvkAAACA0XGxY/z/71Jr/A8AAACcMZMnKl08tXoAAAAAp+dk438AAADgRWT8DwAAAGfaV99/v5Gy9vOvl2/ubK/Vbl5ermytlde3l8pLtc0b5ZVabaV5z7717u9ybj9XrdVufDY2tm/P1Ctb9Zmtnd1r67Xtjfq11ScegQ0AAAAM0Cuv3/tjEhF7nxtPIyJLDrxWjMjGDhYuDL5+wOlJT1L4L6dXD2DwxoZdAWBo7NLD6HIzP+CofqDnxTu/639dAACA0zH18f3z/80EjI57D5qTJBl2RYCBc/4fRpfzfzC6ioftARgUwJmXHmNTf/bz/1l2okoBAAB9N9FMSVrOxwETkablcsTLzccCFJPrq9XKbER8KCL+UCqea8zPNddMHB4AAAAAAAAAAAAAAAAAAAAAAAAAgGPKsiSyrpIY3y/T6Wff674OAAAA8DyKSP+W5M//miq9NdF5fOCl5D+l5jQibv306o9vL9brm3ON5f/cX17/Sb787UEfvQAAAAC6aY/T2+N4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOinRw/vLLXTIOM++GJETHaLX4jzzen5KEbEhX8lUTiwXhIRY32Iv3c3Ij7WLX7SqFZM5rXojJ9GxPiQ41/sQ3wYZfca/c8Xum1/abzRnHbf/gp5ela9+780j5zmJZ/u/17u9obp04tevf/rmZ7x70a8Wuje/7T736RH//vmMdv4zW/s7vZ6LftFxFTX35/kiVgzSeHGzNbO7uXV9cWVykplY35+7p2FdxeuLMzOXF+tVvK/XWP84BO/+V8r91LX9l/oEX/yiPa/dcz2//f+7YcfaWWLHS8V4+dZNv1mR/xm09PGz0LX+O3fvk/lH3djfqqd32vlD3rtV79/7fUedWu0f7lH+4/6/KeP2f5LX/vun49ZFAAYgK2d3bXFarWy+aJk2oPu56U+MsfIjMcAgy4e+t0oDO778508VGtJ8oJtcUPojAAAgFP1wU7/sGsCAAAAAAAAAAAAAAAAAAAAo+uo24BFH24n1hlzbzhNBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA41P8DAAD//yhiwkQ=") unshare(0x400) fremovexattr(r0, &(0x7f0000000100)=@known='system.sockprotoname\x00') 11.965150187s ago: executing program 2 (id=902): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f00000003c0)={0x89}, 0x8) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) 11.945166363s ago: executing program 3 (id=903): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000140)={0xffffffffffffffff}, 0x13f, 0x8}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f00000002c0)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0xffff, @mcast1}, {0xa, 0x4e23, 0x4, @private1, 0x8001}, r1, 0x7}}, 0x48) 11.536010748s ago: executing program 3 (id=905): r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x2, 0x0, &(0x7f00000000c0)) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0xa, &(0x7f0000000d80)={0x0, @in, 0x3, 0x5, 0x10e, 0x9, 0x7, 0x3}, &(0x7f0000000e40)=0x98) 11.521618141s ago: executing program 2 (id=906): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)={@cgroup=r0, 0xffffffffffffffff, 0x3, 0x0, 0x4000, @void, @value}, 0x10) 11.154874162s ago: executing program 3 (id=908): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{0x15, 0x2, 0x3, 0xff9f0008}, {0x15}, {}, {0x0, 0x0, 0x0, 0x57}, {0x6}]}) 11.11440993s ago: executing program 2 (id=909): r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000300)=0x1b) write$binfmt_misc(r0, &(0x7f0000000dc0), 0x386) 10.969401441s ago: executing program 1 (id=911): r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r0, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x0, @private=0xa010100}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0xfffffe72}, &(0x7f0000000300)=[{&(0x7f0000002640)=""/102389, 0x18ff5}], 0x1, 0x1903d, 0xb8}}], 0x48}, 0x0) 10.687450996s ago: executing program 2 (id=912): r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=@newtaction={0x60, 0x30, 0x0, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_ctinfo={0xfffffffffffffeb8, 0x0, 0x0, 0x0, {{0xb}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CTINFO_ZONE]}, {0x4}, {0xfffffffffffffeb6}, {0xc}}}]}]}, 0xfffffffffffffed8}}, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003b000b05d25a806c8c6394f90224fc60100005000a000200053582c137153e37000c0180fc0b10000500", 0x33fe0}], 0x1}, 0x0) 10.493922856s ago: executing program 1 (id=914): r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x84, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r0, 0x40045542, &(0x7f0000000180)=0x5) syz_open_dev$dmmidi(&(0x7f0000000080), 0x200, 0x2) 10.191526746s ago: executing program 2 (id=915): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000000104038a0000000000000000000000000a00020000000000020000000500010001"], 0x28}}, 0x0) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB="3000000001040102000000000000000000000000080004400000006d0a0002000041ac539e"], 0x30}}, 0x0) 10.169111495s ago: executing program 1 (id=916): unshare(0x22020600) r0 = syz_open_procfs$namespace(0x0, &(0x7f00000001c0)='ns/cgroup\x00') setns(r0, 0x0) 9.79529803s ago: executing program 1 (id=917): r0 = socket$inet6(0xa, 0x800000000000002, 0x0) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x3, 0x0, @mcast2, 0x44}, 0x5d) sendmmsg$inet6(r0, &(0x7f0000000f40)=[{{0x0, 0xcb000004, 0x0}}], 0x28000, 0x0) 9.751502999s ago: executing program 2 (id=918): ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) r0 = socket$unix(0x1, 0x1, 0x0) ioctl(r0, 0x8b21, &(0x7f0000000040)) 9.294035718s ago: executing program 4 (id=920): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2000002, &(0x7f0000000280)={[{@user_xattr}]}, 0x9, 0x537, &(0x7f0000000fc0)="$eJzs3c9vI1cdAPCvJ4mTbtNmF3qACtgFCgtarb3xtlHVC90LCFWVEIgD4rANiTcKseMQO1UTIpH+DXDgCn8CByQOSD1x4MYRiQNCKgekBSLQBgkkoxlPUm/idL2Nf0D8+UijmTfPM9/3ksy8mefJvAAm1o2IOIiIYkS8FREL+fpCPsXrnSn93KPD/ZWjw/2VQrTb3/pbIctP10XXNqln833ORcQ3vxbxvcLZuM3dvY3lWq26nafLrfpWubm7d3u9vrxWXatuVipLi0t3Xr37SmVgdb1e/8XDr66/8e1f/+rT7//u4Ms/TIs1n+d112OQOlWfOYmTmo6IN4YRbAym8nlxzOXgo0ki4mMR8bns+F+IqeyvEwC4zNrthWgvdKcBgMsuyfrACkkp7wuYjyQplTp9eC/ElaTWaLZuPWjsbK52+squxkzyYL1WvXNt9g8/yK4YZgppejHLy/KzdOVU+m5EXIuIn8w+k6VLK43a6vguewBgoj17qv3/52yn/e9Dj2/1AID/G3PjLgAAMHLafwCYPNp/AJg8fbT/+Zf9B0MvCwAwGk9x/58MsxwAwOjo/weAyaP9B4CJ8o0330yn9lH+/uvVt3d3Nhpv316tNjdK9Z2V0kpje6u01misZe/sqT9pf7VGY2vx5dh5p9yqNlvl5u7e/XpjZ7N1P3uv9/3qzEhqBQB8mGvX3/t9ISIOXnsmm6JrLAdtNVxunueByeUlfjC5jPYFk6v/e/zfDrUcwPj0vA+Y67n4uJ8+RRDPGcH/lJuf7L//3xjPcLno/4fJNfWRtpodeDmA0dP/D5Or3S6cHvO/eJIFAFxKF3jGv/2jQV2EAGP1pOeAB/L9PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwy8xHx/SgkpXws8PlIklIp4rmIuBozhQfrteqdiHg+rkfEzGyaXhx3oQGAC0r+UsjH/7q58NL86dxi4V/ZYP/FtPXP120vpuv/frJ+9nj4sMoH211gXEEAYMDeWW61tiv5vOtG/tHh/srxNMryPLwX/8mHIl45OtzPpk7OdExn87nsWuLKPwp5ujMW6YsRMTWA+AfvRsQnetW/kPWNXM1HPu2OH3ns50YaP3ksfpLldebpxdfHB1AWmDTv3YuI13sdf0ncyOa9j/+57Ax1cQ/vdXZ2fO47OtwvHsc/Pv9N9YifHvM3+o3x8m++fmZle6GT927Ei9OPxT85/xzHL5wT/6U+4//xU5/58VfOyWv/LOJm9I7fHavcqm+Vm7t7t9fry2vVtepmpbK0uHTn1buvVMpZH3X5uKf6rL++duv588qW1v/KOfHneta/eLLtF/qs/8///dZ3P/sh8b/0+V7xk3ihZ/yOtE38Yp/xl6/88tzhu9P4q+fU/0m//1t9xn//z3urfX4UABiB5u7exnKtVt2+0EJ6FzqI/ZxZSIs40B32WCh2Ff5PMdxYT7UwM6yf6tAXpk+uFQe75++kexxxdZKB1+JCC49GFWu85yVg+D446MddEgAAAAAAAAAAAAAA4Dyj+NelcdcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAy+u/AQAA//9xkcaD") setxattr$security_capability(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, 0x0, 0x0) setxattr$incfs_metadata(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000680), 0x0, 0x0, 0x2) 9.285728459s ago: executing program 5 (id=921): setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000000)=0x200, 0x4) r0 = syz_open_dev$evdev(&(0x7f0000000240), 0x20000, 0x0) ioctl$EVIOCGLED(r0, 0x80284504, &(0x7f0000000000)=""/56) 8.513791887s ago: executing program 4 (id=924): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001180)=ANY=[@ANYBLOB="240000002a00090000000000000000000400002c08001700", @ANYRES32=r0], 0x24}, 0x1, 0x3000000}, 0x0) 8.438405147s ago: executing program 1 (id=925): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0x4800}, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000003900)=ANY=[@ANYBLOB="240000001600010a000000000000000000000000040000000c0007"], 0x24}}, 0x0) 8.127372138s ago: executing program 5 (id=927): syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000080)={0x14, 0x0, 0x0, &(0x7f00000000c0), 0x0}, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0xf00, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4400000010004b0400000000000000007a000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006272696467650000140002800800080081000000060027"], 0x44}}, 0x0) 2.547351527s ago: executing program 0 (id=940): r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x46d, 0xc626, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x1000, 0x0, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0xd}}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000380)={0x24, 0x0, 0x0, &(0x7f0000000300)={0x0, 0x22, 0x7, {[@local=@item_4={0x3, 0x2, 0xa, "4378c6db"}, @global=@item_012={0x1, 0x1, 0x8, "0f"}]}}, 0x0}, 0x0) 691.936773ms ago: executing program 0 (id=942): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) unshare(0x2000400) connect$bt_l2cap(r0, &(0x7f00000000c0)={0x1f, 0x0, @fixed}, 0xe) 435.529109ms ago: executing program 0 (id=943): r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) unshare(0x28000600) fcntl$lock(r0, 0x5, 0x0) 236.275366ms ago: executing program 0 (id=944): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0x17, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) getsockopt$bt_hci(r0, 0x84, 0x84, &(0x7f0000000080)=""/4096, &(0x7f0000001200)=0x1000) 132.80456ms ago: executing program 0 (id=945): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x101842, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b000000000000000000000000800000100000f0f7885785"], 0x48) readv(r0, &(0x7f00000002c0)=[{&(0x7f0000000300)=""/56, 0x6a}], 0x300) 0s ago: executing program 0 (id=946): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$FOU_CMD_GET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x20, r1, 0x1, 0x0, 0x0, {}, [@FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_TYPE={0x5}]}, 0x20}}, 0x0) kernel console output (not intermixed with test programs): 75.542640][ T1168] usb 3-1: config 0 descriptor?? [ 75.549196][ T5291] usb 6-1: config 0 descriptor?? [ 75.638655][ T5410] loop1: detected capacity change from 0 to 256 [ 75.654565][ T5406] loop4: detected capacity change from 0 to 4096 [ 75.670739][ T5410] exfat: Deprecated parameter 'namecase' [ 75.710539][ T5410] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d) [ 75.771671][ T5412] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 75.791962][ T5291] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 2 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 75.839966][ T5376] loop0: detected capacity change from 0 to 32768 [ 75.857994][ T5376] ======================================================= [ 75.857994][ T5376] WARNING: The mand mount option has been deprecated and [ 75.857994][ T5376] and is ignored by this kernel. Remove the mand [ 75.857994][ T5376] option from the mount to silence this warning. [ 75.857994][ T5376] ======================================================= [ 75.980725][ T1168] logitech-djreceiver 0003:046D:C537.0002: unknown main item tag 0x0 [ 75.993295][ T1168] logitech-djreceiver 0003:046D:C537.0002: unknown main item tag 0x0 [ 76.042387][ T1168] logitech-djreceiver 0003:046D:C537.0002: unknown main item tag 0x0 [ 76.050544][ T1168] logitech-djreceiver 0003:046D:C537.0002: unknown main item tag 0x0 [ 76.078077][ T5289] usb 6-1: USB disconnect, device number 2 [ 76.126410][ T1168] logitech-djreceiver 0003:046D:C537.0002: unknown main item tag 0x0 [ 76.138475][ T5289] usblp0: removed [ 76.206257][ T9] usb 3-1: USB disconnect, device number 3 [ 76.208323][ T5376] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 76.852724][ T5225] ocfs2: Unmounting device (7,0) on (node local) [ 76.999317][ T5429] netlink: 36 bytes leftover after parsing attributes in process `syz.2.42'. [ 77.053097][ T5430] loop1: detected capacity change from 0 to 164 [ 77.129377][ T5413] loop3: detected capacity change from 0 to 32768 [ 77.175580][ T5413] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.34 (5413) [ 77.289297][ T5413] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 77.361491][ T5413] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 77.370258][ T5413] BTRFS info (device loop3): using free-space-tree [ 77.496665][ T5444] loop5: detected capacity change from 0 to 8 [ 77.509125][ T5441] loop0: detected capacity change from 0 to 512 [ 77.599429][ T5444] squashfs image failed sanity check [ 77.615196][ T5444] loop5: detected capacity change from 0 to 8 [ 77.644309][ T5444] hpfs: hpfs_map_sector(): read error [ 77.718679][ T5441] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 78.032830][ T5481] capability: warning: `syz.1.57' uses deprecated v2 capabilities in a way that may be insecure [ 78.098227][ T5441] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 78.128947][ T5441] ext4 filesystem being mounted at /3/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 78.408387][ T5225] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.526305][ T5497] xt_bpf: check failed: parse error [ 78.674544][ T5505] netlink: 12 bytes leftover after parsing attributes in process `syz.0.64'. [ 78.693809][ T5235] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 78.921390][ T1168] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 79.071620][ T1168] usb 3-1: Using ep0 maxpacket: 8 [ 79.087574][ T1168] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 79.105132][ T1168] usb 3-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 79.151339][ T1168] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 79.178304][ T5517] loop4: detected capacity change from 0 to 1024 [ 79.189039][ T1168] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 79.211346][ T1168] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 79.219404][ T1168] usb 3-1: Product: syz [ 79.235885][ T5517] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 79.248468][ T1168] usb 3-1: Manufacturer: syz [ 79.255012][ T1168] usb 3-1: SerialNumber: syz [ 79.370945][ T5525] loop0: detected capacity change from 0 to 512 [ 79.378331][ T5525] EXT4-fs: Ignoring removed bh option [ 79.385572][ T5525] EXT4-fs: Ignoring removed mblk_io_submit option [ 79.421319][ T5525] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 79.450798][ T5525] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 79.460013][ T5525] EXT4-fs (loop0): orphan cleanup on readonly fs [ 79.475705][ T5525] Quota error (device loop0): v2_read_file_info: Free block number 1 out of range (1, 6). [ 79.486430][ T5525] EXT4-fs warning (device loop0): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 79.503961][ T5525] EXT4-fs (loop0): Cannot turn on quotas: error -117 [ 79.520386][ T5525] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.77: Invalid block bitmap block 0 in block_group 0 [ 79.549189][ T5229] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.551112][ T5525] EXT4-fs (loop0): Remounting filesystem read-only [ 79.590155][ T5525] EXT4-fs (loop0): 1 orphan inode deleted [ 79.597716][ T5525] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 79.695466][ T5288] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 79.884912][ T5225] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.912995][ T5288] usb 4-1: Using ep0 maxpacket: 16 [ 79.942685][ T5288] usb 4-1: config 0 has an invalid interface number: 214 but max is 0 [ 79.951053][ T5288] usb 4-1: config 0 has no interface number 0 [ 79.977732][ T1168] usb 3-1: 0:2 : does not exist [ 79.986384][ T5288] usb 4-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid maxpacket 1023, setting to 64 [ 80.043104][ T1168] usb 3-1: USB disconnect, device number 4 [ 80.063584][ T5288] usb 4-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5 [ 80.093818][ T5288] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 80.147986][ T5288] usb 4-1: Product: syz [ 80.166461][ T5288] usb 4-1: Manufacturer: syz [ 80.173847][ T5286] udevd[5286]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 80.203185][ T5288] usb 4-1: SerialNumber: syz [ 80.226826][ T5288] usb 4-1: config 0 descriptor?? [ 80.233558][ T5544] mkiss: ax0: crc mode is auto. [ 80.332217][ T5550] netlink: 8 bytes leftover after parsing attributes in process `syz.1.87'. [ 80.464226][ T5554] loop1: detected capacity change from 0 to 64 [ 80.582519][ T5554] syz.1.90: attempt to access beyond end of device [ 80.582519][ T5554] loop1: rw=0, sector=548, nr_sectors = 2 limit=64 [ 80.595778][ T5554] Buffer I/O error on dev loop1, logical block 274, async page read [ 80.622851][ T5554] syz.1.90: attempt to access beyond end of device [ 80.622851][ T5554] loop1: rw=0, sector=548, nr_sectors = 2 limit=64 [ 80.635907][ T5554] Buffer I/O error on dev loop1, logical block 274, async page read [ 80.656183][ T29] audit: type=1800 audit(1729117319.090:2): pid=5554 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.90" name="file3" dev="loop1" ino=6 res=0 errno=0 [ 80.860618][ T5554] syz.1.90 (5554) used greatest stack depth: 17872 bytes left [ 80.882630][ T5288] usbtouchscreen 4-1:0.214: probe with driver usbtouchscreen failed with error -71 [ 80.909898][ T5288] usb 4-1: USB disconnect, device number 2 [ 80.915080][ T5560] loop5: detected capacity change from 0 to 32768 [ 80.939748][ T5560] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.92 (5560) [ 80.963244][ T5560] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 80.973677][ T5560] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm [ 80.983723][ T5560] BTRFS info (device loop5): using free-space-tree [ 81.160343][ T931] cfg80211: failed to load regulatory.db [ 81.296833][ T5588] loop1: detected capacity change from 0 to 128 [ 81.524321][ T5332] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 81.702158][ T5224] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 81.856546][ T5332] usb 3-1: Using ep0 maxpacket: 8 [ 81.923369][ T5332] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 81.941292][ T5332] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 81.951439][ T5332] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 81.966029][ T5332] usb 3-1: New USB device found, idVendor=04fc, idProduct=05d8, bcdDevice= 0.00 [ 81.975198][ T5332] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 81.987352][ T5332] usb 3-1: config 0 descriptor?? [ 82.417039][ T5332] sunplus 0003:04FC:05D8.0003: item fetching failed at offset 5/7 [ 82.427349][ T5332] sunplus 0003:04FC:05D8.0003: probe with driver sunplus failed with error -22 [ 82.624545][ T5598] loop4: detected capacity change from 0 to 32768 [ 82.672130][ T5598] JBD2: Ignoring recovery information on journal [ 82.696595][ T5602] loop1: detected capacity change from 0 to 32768 [ 82.710796][ T5332] usb 3-1: USB disconnect, device number 5 [ 82.842609][ T5602] ERROR: (device loop1): dtSearch: stack overrun! [ 82.842609][ T5602] [ 82.885446][ T5602] ERROR: (device loop1): remounting filesystem as read-only [ 82.915098][ T5598] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 82.942337][ T5602] btstack dump: [ 82.976800][ T5602] bn = 0, index = 0 [ 82.996999][ T5602] bn = 0, index = 0 [ 83.000845][ T5602] bn = 0, index = 0 [ 83.031277][ T5602] bn = 0, index = 0 [ 83.035126][ T5602] bn = 0, index = 0 [ 83.079671][ T5602] bn = 0, index = 0 [ 83.096157][ T5602] bn = 0, index = 0 [ 83.097125][ T5640] netlink: 'syz.5.119': attribute type 1 has an invalid length. [ 83.106237][ T5602] bn = 0, index = 0 [ 83.126254][ T5602] jfs_lookup: dtSearch returned -5 [ 83.152437][ T5634] ERROR: (device loop1): dtSearch: stack overrun! [ 83.152437][ T5634] [ 83.161440][ T5640] netlink: 112860 bytes leftover after parsing attributes in process `syz.5.119'. [ 83.161857][ T5634] btstack dump: [ 83.176725][ T5641] netlink: zone id is out of range [ 83.194342][ T5640] netlink: 5 bytes leftover after parsing attributes in process `syz.5.119'. [ 83.204868][ T5641] netlink: set zone limit has 8 unknown bytes [ 83.208356][ T5634] bn = 0, index = 0 [ 83.241739][ T5229] ocfs2: Unmounting device (7,4) on (node local) [ 83.251419][ T5634] bn = 0, index = 0 [ 83.255471][ T5634] bn = 0, index = 0 [ 83.259290][ T5634] bn = 0, index = 0 [ 83.297915][ T5634] bn = 0, index = 0 [ 83.332795][ T5634] bn = 0, index = 0 [ 83.336733][ T5634] bn = 0, index = 0 [ 83.340565][ T5634] bn = 0, index = 0 [ 83.424209][ T5634] jfs_lookup: dtSearch returned -5 [ 84.363860][ T5672] loop3: detected capacity change from 0 to 32768 [ 84.531776][ T5672] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 85.015706][ T5698] loop2: detected capacity change from 0 to 32768 [ 85.077347][ T5698] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.142 (5698) [ 85.227430][ T5672] XFS (loop3): Ending clean mount [ 85.279099][ T5672] XFS (loop3): Quotacheck needed: Please wait. [ 85.379613][ T5672] XFS (loop3): Quotacheck: Done. [ 85.454503][ T5688] loop1: detected capacity change from 0 to 40427 [ 85.476188][ T5688] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 85.484486][ T5688] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 85.520335][ T5698] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 85.550384][ T5698] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 85.587161][ T5709] loop5: detected capacity change from 0 to 4096 [ 85.591306][ T5698] BTRFS info (device loop2): using free-space-tree [ 85.608634][ T5709] ntfs3(loop5): Different NTFS sector size (2048) and media sector size (512). [ 85.652357][ T5235] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 85.711492][ T5709] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 85.815527][ T5718] macvlan2: entered promiscuous mode [ 85.819430][ T5688] F2FS-fs (loop1): Found nat_bits in checkpoint [ 85.820966][ T5718] macvlan2: entered allmulticast mode [ 86.044995][ T5737] loop4: detected capacity change from 0 to 128 [ 86.067343][ T5688] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 86.075290][ T5688] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 86.221401][ T5737] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 86.240440][ T5737] ext4 filesystem being mounted at /29/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 86.677085][ T5229] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 86.692587][ T5231] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 86.911351][ T931] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 87.092811][ T931] usb 6-1: Using ep0 maxpacket: 32 [ 87.100796][ T931] usb 6-1: too many configurations: 30, using maximum allowed: 8 [ 87.110633][ T931] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 87.163343][ T931] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 87.301061][ T1168] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 87.319427][ T931] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 87.353737][ T931] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 87.379816][ T931] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 87.427739][ T931] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 87.615884][ T931] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 87.628089][ T1168] usb 4-1: Using ep0 maxpacket: 16 [ 87.648199][ T931] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 87.674940][ T1168] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 87.687437][ T1168] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 87.698654][ T1168] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 87.708033][ T1168] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 87.729422][ T931] usb 6-1: string descriptor 0 read error: -71 [ 87.735916][ T931] usb 6-1: New USB device found, idVendor=05ac, idProduct=0214, bcdDevice= 0.40 [ 87.745180][ T931] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 87.757664][ T1168] usb 4-1: config 0 descriptor?? [ 87.764863][ T931] usb 6-1: rejected 8 configurations due to insufficient available bus power [ 87.774035][ T931] usb 6-1: no configuration chosen from 8 choices [ 87.815202][ T931] usb 6-1: USB disconnect, device number 3 [ 88.263546][ T1168] savu 0003:1E7D:2D5A.0004: hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.3-1/input0 [ 88.498188][ T1168] usb 4-1: USB disconnect, device number 3 [ 88.656803][ T5803] loop0: detected capacity change from 0 to 1024 [ 88.724794][ T5803] ext4: Unknown parameter 'smackfstransmute' [ 88.766902][ T5798] loop5: detected capacity change from 0 to 4096 [ 88.849470][ T5780] loop1: detected capacity change from 0 to 32768 [ 88.936854][ T5798] NILFS (loop5): invalid segment: Checksum error in segment payload [ 88.950998][ T5798] NILFS (loop5): trying rollback from an earlier position [ 88.984224][ T5798] NILFS (loop5): recovery complete [ 89.004210][ T5814] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 89.090055][ T5780] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 89.302606][ T29] audit: type=1326 audit(1729117327.700:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5829 comm="syz.2.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8de9f7dff9 code=0x7ffc0000 [ 89.325761][ T29] audit: type=1326 audit(1729117327.700:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5829 comm="syz.2.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8de9f7dff9 code=0x7ffc0000 [ 89.348669][ T29] audit: type=1326 audit(1729117327.700:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5829 comm="syz.2.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=131 compat=0 ip=0x7f8de9f7dff9 code=0x7ffc0000 [ 89.370901][ T29] audit: type=1326 audit(1729117327.700:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5829 comm="syz.2.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8de9f7dff9 code=0x7ffc0000 [ 89.393359][ T29] audit: type=1326 audit(1729117327.700:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5829 comm="syz.2.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8de9f7dff9 code=0x7ffc0000 [ 89.415547][ T29] audit: type=1326 audit(1729117327.700:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5829 comm="syz.2.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f8de9f7cadf code=0x7ffc0000 [ 89.438467][ T29] audit: type=1326 audit(1729117327.700:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5829 comm="syz.2.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8de9f7dff9 code=0x7ffc0000 [ 89.461528][ T29] audit: type=1326 audit(1729117327.700:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5829 comm="syz.2.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8de9f7dff9 code=0x7ffc0000 [ 89.666901][ T5238] ocfs2: Unmounting device (7,1) on (node local) [ 89.904901][ T5840] loop0: detected capacity change from 0 to 40427 [ 89.925221][ T5846] loop2: detected capacity change from 0 to 256 [ 90.323135][ T5853] loop5: detected capacity change from 0 to 32768 [ 90.345289][ T5840] F2FS-fs (loop0): invalid crc value [ 90.384290][ T5840] F2FS-fs (loop0): Found nat_bits in checkpoint [ 90.481856][ T5853] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 90.601438][ T5840] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 90.607717][ T5870] netlink: 24 bytes leftover after parsing attributes in process `syz.1.197'. [ 90.660729][ T5870] netlink: 32 bytes leftover after parsing attributes in process `syz.1.197'. [ 90.705441][ T5224] ocfs2: Unmounting device (7,5) on (node local) [ 91.031923][ T5880] loop4: detected capacity change from 0 to 1024 [ 91.092805][ T5880] hfsplus: Filesystem is marked locked, mounting read-only. [ 91.543040][ T5895] mmap: syz.2.205 (5895) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 91.544177][ T29] audit: type=1326 audit(1729117329.990:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5894 comm="syz.2.205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8de9f7dff9 code=0x7ffc0000 [ 91.648533][ T29] audit: type=1326 audit(1729117329.990:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5894 comm="syz.2.205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8de9f7dff9 code=0x7ffc0000 [ 91.797303][ T5841] loop3: detected capacity change from 0 to 32768 [ 91.987418][ T5907] netlink: 'syz.0.211': attribute type 30 has an invalid length. [ 92.013876][ T5841] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 92.037224][ T5841] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 92.313929][ T5892] loop5: detected capacity change from 0 to 32768 [ 92.327947][ T5922] loop0: detected capacity change from 0 to 64 [ 92.418615][ T5841] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms [ 92.499992][ T5892] XFS (loop5): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 92.630189][ T5892] XFS (loop5): Ending clean mount [ 92.708140][ T5288] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 92.803472][ T5224] XFS (loop5): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 92.806436][ T5841] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 92.939733][ T5945] loop1: detected capacity change from 0 to 16 [ 92.946649][ T5288] usb 5-1: Using ep0 maxpacket: 16 [ 93.116298][ T5945] erofs: (device loop1): mounted with root inode @ nid 36. [ 93.165260][ T5288] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 93.176331][ T5288] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 93.186205][ T5288] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 93.199185][ T5288] usb 5-1: New USB device found, idVendor=0458, idProduct=0087, bcdDevice= 0.00 [ 93.199699][ T5935] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 93.209240][ T5288] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 93.328180][ T5956] nbd: socks must be embedded in a SOCK_ITEM attr [ 93.350537][ T5288] usb 5-1: config 0 descriptor?? [ 93.421630][ T5935] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -11 in[46, 4050] out[1851] [ 93.511344][ T5935] erofs: (device loop1): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 93.768609][ T5288] kye 0003:0458:0087.0005: unknown main item tag 0x0 [ 93.818249][ T5288] kye 0003:0458:0087.0005: hidraw0: USB HID v0.00 Device [HID 0458:0087] on usb-dummy_hcd.4-1/input0 [ 93.892947][ T5969] loop5: detected capacity change from 0 to 8 [ 93.958982][ T5966] loop3: detected capacity change from 0 to 32768 [ 94.057604][ T5966] syz.3.224: attempt to access beyond end of device [ 94.057604][ T5966] loop14: rw=0, sector=8, nr_sectors = 8 limit=0 [ 94.088034][ T5966] lbmIODone: I/O error in JFS log [ 94.096066][ T5966] *** Log Format Error ! *** [ 94.111969][ T5332] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 94.129730][ T931] usb 5-1: USB disconnect, device number 2 [ 94.140194][ T5966] lmLogInit: exit(-22) [ 94.148230][ T5966] lmLogOpen: exit(-22) [ 94.281325][ T5332] usb 3-1: Using ep0 maxpacket: 8 [ 94.323452][ T5332] usb 3-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=18.37 [ 94.338765][ T5332] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 94.378478][ T5332] usb 3-1: Product: syz [ 94.392554][ T5332] usb 3-1: Manufacturer: syz [ 94.397179][ T5332] usb 3-1: SerialNumber: syz [ 94.399573][ T5975] loop5: detected capacity change from 0 to 4096 [ 94.443723][ T5975] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 94.467763][ T5332] usb 3-1: config 0 descriptor?? [ 94.561708][ T5332] radio-si470x 3-1:0.0: could not find interrupt in endpoint [ 94.569186][ T5332] radio-si470x 3-1:0.0: probe with driver radio-si470x failed with error -5 [ 94.683146][ T5224] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.751725][ T5332] radio-raremono 3-1:0.0: Thanko's Raremono connected: (10C4:818A) [ 94.972541][ T5332] radio-raremono 3-1:0.0: V4L2 device registered as radio32 [ 95.171621][ T931] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 95.184255][ T5332] usb 3-1: USB disconnect, device number 6 [ 95.210843][ T5990] loop4: detected capacity change from 0 to 8192 [ 95.213064][ T5332] radio-raremono 3-1:0.0: Thanko's Raremono disconnected [ 95.341433][ T931] usb 6-1: Using ep0 maxpacket: 16 [ 95.378734][ T931] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 95.429575][ T931] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 95.476304][ T931] usb 6-1: New USB device found, idVendor=056e, idProduct=00ff, bcdDevice= 0.00 [ 95.496202][ T931] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 95.527594][ T931] usb 6-1: config 0 descriptor?? [ 95.561874][ T5976] loop0: detected capacity change from 0 to 32768 [ 95.644538][ T5976] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 95.655914][ T5978] loop1: detected capacity change from 0 to 32768 [ 95.816335][ T5978] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 95.873681][ T6023] loop3: detected capacity change from 0 to 512 [ 95.919539][ T6023] EXT4-fs: Ignoring removed oldalloc option [ 96.064951][ T6023] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.244: corrupted in-inode xattr: overlapping e_value [ 96.134217][ T6023] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.244: couldn't read orphan inode 15 (err -117) [ 96.157266][ T5978] XFS (loop1): Ending clean mount [ 96.161181][ T931] elecom 0003:056E:00FF.0006: item fetching failed at offset 2/5 [ 96.170858][ T931] elecom 0003:056E:00FF.0006: probe with driver elecom failed with error -22 [ 96.214075][ T6023] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 96.239801][ T5225] ocfs2: Unmounting device (7,0) on (node local) [ 96.269789][ T6023] EXT4-fs error (device loop3): htree_dirblock_to_tree:1083: inode #2: comm syz.3.244: Directory hole found for htree leaf block 0 [ 96.368140][ T5290] usb 6-1: USB disconnect, device number 4 [ 96.376034][ T5238] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 96.459462][ T6042] loop0: detected capacity change from 0 to 1024 [ 96.514755][ T6043] loop4: detected capacity change from 0 to 64 [ 96.566888][ T5235] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.620291][ T6047] loop2: detected capacity change from 0 to 1024 [ 96.625064][ T6043] hfs: small file entry [ 96.653583][ T6042] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 96.747647][ T5225] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.142340][ T5290] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 97.240049][ T6065] Bluetooth: MGMT ver 1.23 [ 97.265913][ T6067] loop5: detected capacity change from 0 to 8 [ 97.325056][ T5290] usb 3-1: too many configurations: 9, using maximum allowed: 8 [ 97.356214][ T5290] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 97.375561][ T5290] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 97.427531][ T5290] usb 3-1: config 0 interface 0 has no altsetting 0 [ 97.467524][ T5290] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 97.486871][ T5290] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 97.516278][ T5290] usb 3-1: config 0 interface 0 has no altsetting 0 [ 97.545546][ T5290] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 97.563112][ T6067] SQUASHFS error: xz decompression failed, data probably corrupt [ 97.576484][ T5290] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 97.598502][ T6067] SQUASHFS error: Failed to read block 0xa8: -5 [ 97.605166][ T5290] usb 3-1: config 0 interface 0 has no altsetting 0 [ 97.626953][ T5290] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 97.642184][ T6067] SQUASHFS error: xz decompression failed, data probably corrupt [ 97.659400][ T5290] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 97.681168][ T6067] SQUASHFS error: Failed to read block 0xa8: -5 [ 97.688666][ T5290] usb 3-1: config 0 interface 0 has no altsetting 0 [ 97.699044][ T29] kauditd_printk_skb: 2 callbacks suppressed [ 97.699060][ T29] audit: type=1800 audit(1729117336.140:15): pid=6067 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.259" name="file0" dev="loop5" ino=3 res=0 errno=0 [ 97.707244][ T5290] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 97.809255][ T5290] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 97.911346][ T5290] usb 3-1: config 0 interface 0 has no altsetting 0 [ 97.981446][ T5290] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 98.010902][ T5290] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 98.061475][ T5290] usb 3-1: config 0 interface 0 has no altsetting 0 [ 98.062542][ T6069] loop4: detected capacity change from 0 to 32768 [ 98.109378][ T5290] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 98.141412][ T6069] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.260 (6069) [ 98.165302][ T5290] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 98.183417][ T6058] loop3: detected capacity change from 0 to 32768 [ 98.229321][ T5290] usb 3-1: config 0 interface 0 has no altsetting 0 [ 98.240604][ T6063] loop0: detected capacity change from 0 to 32768 [ 98.278894][ T5290] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 98.289688][ T6058] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.256 (6058) [ 98.319587][ T6069] BTRFS info (device loop4): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 98.321807][ T5290] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 98.333391][ T6069] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm [ 98.350617][ T6069] BTRFS info (device loop4): using free-space-tree [ 98.391552][ T6058] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 98.402053][ T6058] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 98.410554][ T6058] BTRFS info (device loop3): using free-space-tree [ 98.419191][ T5290] usb 3-1: config 0 interface 0 has no altsetting 0 [ 98.431624][ T5290] usb 3-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 98.504587][ T6087] netlink: 60 bytes leftover after parsing attributes in process `syz.5.265'. [ 98.558812][ T5290] usb 3-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 98.597953][ T5290] usb 3-1: Product: syz [ 98.606513][ T5290] usb 3-1: Manufacturer: syz [ 98.613905][ T5290] usb 3-1: SerialNumber: syz [ 98.639427][ T29] audit: type=1326 audit(1729117337.080:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6103 comm="syz.1.267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d5a17dff9 code=0x7ffc0000 [ 98.668343][ T29] audit: type=1326 audit(1729117337.110:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6103 comm="syz.1.267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=213 compat=0 ip=0x7f0d5a17dff9 code=0x7ffc0000 [ 98.743827][ T5290] usb 3-1: config 0 descriptor?? [ 98.765529][ T5290] yurex 3-1:0.0: USB YUREX device now attached to Yurex #0 [ 98.778674][ T29] audit: type=1326 audit(1729117337.220:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6103 comm="syz.1.267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d5a17dff9 code=0x7ffc0000 [ 98.909870][ T29] audit: type=1326 audit(1729117337.220:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6103 comm="syz.1.267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d5a17dff9 code=0x7ffc0000 [ 99.050825][ T5229] BTRFS info (device loop4): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 99.101854][ T29] audit: type=1326 audit(1729117337.220:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6103 comm="syz.1.267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=232 compat=0 ip=0x7f0d5a17dff9 code=0x7ffc0000 [ 99.140008][ T5235] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 99.239019][ T29] audit: type=1326 audit(1729117337.230:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6103 comm="syz.1.267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d5a17dff9 code=0x7ffc0000 [ 99.302405][ T5288] usb 3-1: USB disconnect, device number 7 [ 99.324365][ T29] audit: type=1326 audit(1729117337.230:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6103 comm="syz.1.267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d5a17dff9 code=0x7ffc0000 [ 99.348941][ T5288] yurex 3-1:0.0: USB YUREX #0 now disconnected [ 99.576786][ T5290] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 99.752237][ T5290] usb 6-1: Using ep0 maxpacket: 16 [ 99.812420][ T5290] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 99.855905][ T5290] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 99.874011][ T5290] usb 6-1: New USB device found, idVendor=0c70, idProduct=f00d, bcdDevice= 0.00 [ 99.883339][ T5290] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 99.906669][ T5290] usb 6-1: config 0 descriptor?? [ 100.293300][ T6101] loop0: detected capacity change from 0 to 32768 [ 100.318600][ T6101] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.266 (6101) [ 100.346729][ T5290] aquacomputer_d5next 0003:0C70:F00D.0007: unknown main item tag 0x0 [ 100.378443][ T5290] aquacomputer_d5next 0003:0C70:F00D.0007: unknown main item tag 0x0 [ 100.401060][ T6101] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 100.424368][ T5290] aquacomputer_d5next 0003:0C70:F00D.0007: unknown main item tag 0x0 [ 100.437100][ T6101] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [ 100.454081][ T5290] aquacomputer_d5next 0003:0C70:F00D.0007: unknown main item tag 0x0 [ 100.472244][ T6101] BTRFS info (device loop0): using free-space-tree [ 100.481953][ T931] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 100.489570][ T5290] aquacomputer_d5next 0003:0C70:F00D.0007: unknown main item tag 0x0 [ 100.512121][ T5290] aquacomputer_d5next 0003:0C70:F00D.0007: hidraw0: USB HID v0.00 Device [HID 0c70:f00d] on usb-dummy_hcd.5-1/input0 [ 100.628246][ T5290] usb 6-1: USB disconnect, device number 5 [ 100.669771][ T931] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 100.693557][ T5332] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 100.737213][ T931] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 100.773983][ T931] usb 5-1: New USB device found, idVendor=1e7d, idProduct=3138, bcdDevice= 0.00 [ 100.805352][ T931] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 100.844577][ T931] usb 5-1: config 0 descriptor?? [ 100.861415][ T5332] usb 3-1: Using ep0 maxpacket: 16 [ 100.872560][ T5332] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 100.896485][ T5332] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 100.932172][ T5225] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 100.943213][ T5332] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 100.983775][ T5332] usb 3-1: New USB device found, idVendor=056a, idProduct=2022, bcdDevice= 0.00 [ 100.994943][ T5332] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 101.035908][ T5332] usb 3-1: config 0 descriptor?? [ 101.239797][ T6153] loop3: detected capacity change from 0 to 40427 [ 101.247068][ T6150] loop1: detected capacity change from 0 to 32768 [ 101.254066][ T6153] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 101.261943][ T6153] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 101.302334][ T6153] F2FS-fs (loop3): invalid crc value [ 101.318651][ T931] ryos 0003:1E7D:3138.0008: unknown main item tag 0x0 [ 101.338677][ T931] ryos 0003:1E7D:3138.0008: hidraw0: USB HID v0.00 Device [HID 1e7d:3138] on usb-dummy_hcd.4-1/input0 [ 101.353612][ T6150] read_mapping_page failed! [ 101.389076][ T6153] F2FS-fs (loop3): Found nat_bits in checkpoint [ 101.490895][ T5332] wacom 0003:056A:2022.0009: ignoring exceeding usage max [ 101.515627][ T5332] wacom 0003:056A:2022.0009: Unknown device_type for 'HID 056a:2022'. Ignoring. [ 101.540434][ T1168] usb 5-1: USB disconnect, device number 3 [ 101.559458][ T6153] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 101.566996][ T6153] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 101.691040][ T6180] loop0: detected capacity change from 0 to 1024 [ 101.700271][ T6180] EXT4-fs: Ignoring removed nomblk_io_submit option [ 101.740608][ T5289] usb 3-1: USB disconnect, device number 8 [ 101.880839][ T6180] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 102.084164][ T5225] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.205807][ T6193] usb usb8: usbfs: process 6193 (syz.4.290) did not claim interface 0 before use [ 102.446808][ T6199] tipc: Enabling of bearer rejected, failed to enable media [ 102.534992][ T6205] loop5: detected capacity change from 0 to 128 [ 102.628780][ T6205] affs: No valid root block on device loop5 [ 102.725535][ T6209] loop1: detected capacity change from 0 to 8 [ 102.868520][ T6207] loop2: detected capacity change from 0 to 32768 [ 103.007892][ T6205] loop5: detected capacity change from 0 to 32768 [ 103.025646][ T6205] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.296 (6205) [ 103.049208][ T6205] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 103.049291][ T6205] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [ 103.049328][ T6205] BTRFS info (device loop5): using free-space-tree [ 103.271660][ T6220] netlink: 24 bytes leftover after parsing attributes in process `syz.3.300'. [ 103.575435][ T6207] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 103.600391][ T6245] capability: warning: `syz.1.308' uses 32-bit capabilities (legacy support in use) [ 103.960110][ T6205] BTRFS info (device loop5): device stats zeroed by syz.5.296 (6205) [ 104.047729][ T5224] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 104.150803][ T6207] XFS (loop2): Ending clean mount [ 104.159972][ T6207] XFS (loop2): Quotacheck needed: Please wait. [ 104.238356][ T6207] XFS (loop2): Quotacheck: Done. [ 104.246328][ T6276] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 104.432101][ T6286] process 'syz.0.322' launched './file0' with NULL argv: empty string added [ 104.561983][ T5231] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 104.790167][ T6300] loop5: detected capacity change from 0 to 1024 [ 104.842296][ T6300] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 104.993949][ T6300] EXT4-fs: Ignoring sb option on remount [ 104.999676][ T6300] EXT4-fs: Ignoring removed orlov option [ 105.021516][ T6300] EXT4-fs: Ignoring removed bh option [ 105.159879][ T6300] EXT4-fs error (device loop5): __ext4_remount:6522: comm syz.5.327: Abort forced by user [ 105.172815][ T6300] EXT4-fs (loop5): Remounting filesystem read-only [ 105.327506][ T5224] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.366000][ T6318] netlink: 28 bytes leftover after parsing attributes in process `syz.0.335'. [ 105.518975][ T29] audit: type=1326 audit(1729117343.960:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6320 comm="syz.5.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66b6f7dff9 code=0x7ffc0000 [ 105.583555][ T29] audit: type=1326 audit(1729117343.960:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6320 comm="syz.5.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f66b6f7dff9 code=0x7ffc0000 [ 105.668501][ T29] audit: type=1326 audit(1729117344.090:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6320 comm="syz.5.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66b6f7dff9 code=0x7ffc0000 [ 105.811462][ T29] audit: type=1326 audit(1729117344.090:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6320 comm="syz.5.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66b6f7dff9 code=0x7ffc0000 [ 105.862962][ T6307] loop1: detected capacity change from 0 to 32768 [ 105.920430][ T29] audit: type=1326 audit(1729117344.090:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6327 comm="syz.5.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f66b6fb00e5 code=0x7ffc0000 [ 105.921120][ T6307] syz.1.330: attempt to access beyond end of device [ 105.921120][ T6307] loop1: rw=34817, sector=2621792, nr_sectors = 24 limit=32768 [ 106.033492][ T29] audit: type=1326 audit(1729117344.250:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6327 comm="syz.5.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f66b6f7dff9 code=0x7ffc0000 [ 106.038253][ T110] blkno = 5002c, nblocks = 3 [ 106.086600][ T6334] loop5: detected capacity change from 0 to 4096 [ 106.111296][ T110] ERROR: (device loop1): dbFree: block to be freed is outside the map [ 106.111296][ T110] [ 106.152461][ T29] audit: type=1800 audit(1729117344.360:29): pid=6307 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.330" name="file1" dev="loop1" ino=4 res=0 errno=0 [ 106.176499][ T6334] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 106.201862][ T110] ERROR: (device loop1): remounting filesystem as read-only [ 106.276339][ T6334] ntfs3(loop5): Inode r=19 is not in use! [ 106.321113][ T6334] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 106.365296][ T6334] ntfs3(loop5): Failed to initialize $Extend/$Reparse. [ 106.411925][ T6334] ntfs3(loop5): ino=5, "/" attr_set_size [ 106.589803][ T6350] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 106.591056][ T6308] loop3: detected capacity change from 0 to 32768 [ 106.598832][ T6350] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 106.598891][ T6350] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 106.598929][ T6350] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 106.661151][ T6350] Zero length message leads to an empty skb [ 107.213498][ T6365] loop1: detected capacity change from 0 to 64 [ 107.643515][ T6375] loop5: detected capacity change from 0 to 64 [ 107.693281][ T6375] hfs: unable to locate alternate MDB [ 107.699084][ T6375] hfs: continuing without an alternate MDB [ 107.900795][ T6348] loop0: detected capacity change from 0 to 65536 [ 107.997752][ T6348] XFS (loop0): Mounting V5 filesystem 4194cad6-cad4-4798-ac4c-c2118f686eb1 in no-recovery mode. Filesystem will be inconsistent. [ 108.083163][ T6348] XFS (loop0): Quotacheck needed: Please wait. [ 108.275631][ T6348] XFS (loop0): Quotacheck: Done. [ 108.419965][ T5225] XFS (loop0): Unmounting Filesystem 4194cad6-cad4-4798-ac4c-c2118f686eb1 [ 108.531768][ T6412] loop4: detected capacity change from 0 to 256 [ 108.618426][ T6412] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 109.665591][ T6448] loop2: detected capacity change from 0 to 128 [ 109.945565][ T6457] ieee802154 phy0 wpan0: encryption failed: -22 [ 109.952793][ T6459] netlink: 60 bytes leftover after parsing attributes in process `syz.4.395'. [ 109.991363][ T6459] Êü: entered promiscuous mode [ 110.013160][ T6458] netlink: zone id is out of range [ 110.068617][ T6458] netlink: set zone limit has 4 unknown bytes [ 110.093823][ T6462] loop4: detected capacity change from 0 to 512 [ 110.176195][ T6465] hugetlbfs: Bad value for 'uid' [ 110.181169][ T6465] hugetlbfs: Bad value for 'uid' [ 110.357687][ T6425] loop1: detected capacity change from 0 to 32768 [ 110.378923][ T6477] loop0: detected capacity change from 0 to 256 [ 110.392328][ T6425] XFS: noikeep mount option is deprecated. [ 110.436021][ T6477] FAT-fs (loop0): Directory bread(block 64) failed [ 110.443013][ T6477] FAT-fs (loop0): Directory bread(block 65) failed [ 110.449719][ T6477] FAT-fs (loop0): Directory bread(block 66) failed [ 110.457192][ T6477] FAT-fs (loop0): Directory bread(block 67) failed [ 110.464362][ T6477] FAT-fs (loop0): Directory bread(block 68) failed [ 110.470991][ T6477] FAT-fs (loop0): Directory bread(block 69) failed [ 110.562913][ T6477] FAT-fs (loop0): Directory bread(block 70) failed [ 110.569478][ T6477] FAT-fs (loop0): Directory bread(block 71) failed [ 110.613314][ T6462] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 110.653819][ T6425] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 110.701469][ T6477] FAT-fs (loop0): Directory bread(block 72) failed [ 110.708034][ T6477] FAT-fs (loop0): Directory bread(block 73) failed [ 110.731455][ T6462] ext4 filesystem being mounted at /81/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 110.858933][ T6425] XFS (loop1): Ending clean mount [ 110.870485][ T6425] XFS (loop1): Quotacheck needed: Please wait. [ 110.883044][ T5229] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.060858][ T5245] Bluetooth: hci4: unexpected cc 0x2007 length: 100 > 2 [ 111.083438][ T6425] XFS (loop1): Quotacheck: Done. [ 111.185842][ T6473] loop5: detected capacity change from 0 to 32768 [ 111.260118][ T5238] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 111.270863][ T6510] loop3: detected capacity change from 0 to 64 [ 111.294748][ T6473] JBD2: Ignoring recovery information on journal [ 111.303242][ T6509] tipc: Started in network mode [ 111.319919][ T6509] tipc: Node identity ., cluster identity 4711 [ 111.347014][ T6509] tipc: Enabling of bearer rejected, failed to enable media [ 111.454959][ T931] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 111.464975][ T6473] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 111.636788][ T931] usb 1-1: Using ep0 maxpacket: 8 [ 111.730441][ T931] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 111.735913][ T6519] loop3: detected capacity change from 0 to 256 [ 111.752242][ T931] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 111.762293][ T931] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 111.771576][ T931] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 111.862458][ T931] usb 1-1: config 0 descriptor?? [ 111.889144][ T6521] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 111.968394][ T6519] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 111.992127][ T6504] loop4: detected capacity change from 0 to 32768 [ 112.031734][ T5224] ocfs2: Unmounting device (7,5) on (node local) [ 112.134990][ T6504] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 112.135608][ T931] iowarrior 1-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 112.245272][ T5245] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 112.254311][ T5245] Bluetooth: hci0: Injecting HCI hardware error event [ 112.263192][ T5245] Bluetooth: hci0: hardware error 0x00 [ 112.274964][ T6533] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.423'. [ 112.284453][ T6533] openvswitch: netlink: IP tunnel attribute has 3052 unknown bytes. [ 112.469426][ T6506] iowarrior 1-1:0.0: Error -90 while submitting URB [ 112.493019][ T5332] usb 1-1: USB disconnect, device number 2 [ 112.527455][ T6541] loop2: detected capacity change from 0 to 512 [ 112.542032][ T6531] loop1: detected capacity change from 0 to 32768 [ 112.553672][ T5332] iowarrior 1-1:0.0: I/O-Warror #0 now disconnected [ 112.645118][ T6541] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 112.648884][ T6504] XFS (loop4): Ending clean mount [ 112.660189][ T6541] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 112.697502][ T6547] loop3: detected capacity change from 0 to 64 [ 112.743799][ T6541] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2863: Unable to expand inode 11. Delete some EAs or run e2fsck. [ 112.762139][ T6541] EXT4-fs (loop2): 1 truncate cleaned up [ 112.781706][ T6504] XFS (loop4): Quotacheck needed: Please wait. [ 112.791820][ T6541] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 112.824576][ T6531] JBD2: Ignoring recovery information on journal [ 112.886388][ T5231] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.906546][ T6531] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 113.054407][ T5238] ocfs2: Unmounting device (7,1) on (node local) [ 113.081162][ T6504] XFS (loop4): Quotacheck: Done. [ 113.326734][ T5229] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 113.382745][ T6566] loop0: detected capacity change from 0 to 128 [ 113.638786][ T6572] loop3: detected capacity change from 0 to 1024 [ 113.833951][ T6560] loop5: detected capacity change from 0 to 32768 [ 114.044532][ T6585] netlink: 64 bytes leftover after parsing attributes in process `syz.4.443'. [ 114.069590][ T6586] loop0: detected capacity change from 0 to 1024 [ 114.112748][ T6572] EXT4-fs: Ignoring removed orlov option [ 114.135994][ T6572] EXT4-fs (loop3): Test dummy encryption mode enabled [ 114.161519][ T6586] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 114.191378][ T6572] EXT4-fs (loop3): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 114.251704][ T6586] ext4 filesystem being mounted at /75/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 114.263255][ T6572] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 114.352572][ T5245] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 114.420845][ T6605] loop1: detected capacity change from 0 to 256 [ 114.443547][ T6605] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 114.459983][ T5225] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.489719][ T5235] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.501195][ T1168] kernel write not supported for file /snd/pcmC0D0p (pid: 1168 comm: kworker/0:3) [ 114.583510][ T6609] program syz.3.453 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 114.773604][ T6615] loop5: detected capacity change from 0 to 2048 [ 114.825919][ T6617] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 115.045478][ T6622] loop2: detected capacity change from 0 to 4096 [ 115.137204][ T6629] loop1: detected capacity change from 0 to 1024 [ 115.152453][ T6622] NILFS (loop2): invalid segment: Checksum error in segment payload [ 115.160533][ T6622] NILFS (loop2): trying rollback from an earlier position [ 115.202047][ T5245] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 115.212025][ T5245] Bluetooth: hci4: Injecting HCI hardware error event [ 115.219856][ T5245] Bluetooth: hci4: hardware error 0x00 [ 115.288630][ T6634] loop3: detected capacity change from 0 to 2048 [ 115.360341][ T6622] NILFS (loop2): recovery complete [ 115.409494][ T6634] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 115.440798][ T6640] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 115.741619][ T5288] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 116.951371][ T5288] usb 6-1: Using ep0 maxpacket: 8 [ 116.965293][ T6649] loop0: detected capacity change from 0 to 256 [ 117.009818][ T5288] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 117.061332][ T5288] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 117.081134][ T5288] usb 6-1: New USB device found, idVendor=0e8f, idProduct=0012, bcdDevice= 0.00 [ 117.099218][ T5288] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 117.132040][ T6657] loop2: detected capacity change from 0 to 1024 [ 117.141932][ T5288] usb 6-1: config 0 descriptor?? [ 117.206427][ T6657] hfsplus: bad catalog entry type [ 117.216080][ T6653] netlink: 8 bytes leftover after parsing attributes in process `syz.1.470'. [ 117.331967][ T1007] hfsplus: b-tree write err: -5, ino 4 [ 117.471620][ T6663] tipc: Started in network mode [ 117.491628][ T5245] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 117.530488][ T6663] tipc: Node identity , cluster identity 4711 [ 117.536746][ T6663] tipc: Failed to set node id, please configure manually [ 117.543952][ T6663] tipc: Enabling of bearer rejected, failed to enable media [ 117.651569][ T5288] greenasia 0003:0E8F:0012.000A: hidraw0: USB HID v0.00 Device [HID 0e8f:0012] on usb-dummy_hcd.5-1/input0 [ 117.663090][ T5288] greenasia 0003:0E8F:0012.000A: no inputs found [ 117.758015][ T6651] loop4: detected capacity change from 0 to 32768 [ 117.785433][ T6651] btrfs: Deprecated parameter 'usebackuproot' [ 117.797842][ T6651] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 117.817484][ T5288] usb 6-1: USB disconnect, device number 6 [ 117.854221][ T6651] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.471 (6651) [ 117.953228][ T6677] netlink: 244 bytes leftover after parsing attributes in process `syz.1.483'. [ 118.031574][ T5332] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 118.049568][ T6651] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 118.119028][ T6651] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 118.149984][ T6651] BTRFS info (device loop4): disk space caching is enabled [ 118.170227][ T6651] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 118.229271][ T5332] usb 1-1: config 0 has an invalid interface number: 175 but max is 0 [ 118.237901][ T5332] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 118.261571][ T5332] usb 1-1: config 0 has no interface number 0 [ 118.267690][ T5332] usb 1-1: config 0 interface 175 altsetting 0 has an endpoint descriptor with address 0xBC, changing to 0x8C [ 118.301708][ T5332] usb 1-1: config 0 interface 175 altsetting 0 endpoint 0x8C has an invalid bInterval 0, changing to 7 [ 118.321494][ T5332] usb 1-1: config 0 interface 175 altsetting 0 endpoint 0x8C has invalid wMaxPacketSize 0 [ 118.346638][ T5332] usb 1-1: config 0 interface 175 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 16 [ 118.435532][ T6697] syz.1.490 (6697): attempted to duplicate a private mapping with mremap. This is not supported. [ 118.458473][ T5332] usb 1-1: New USB device found, idVendor=05e0, idProduct=0600, bcdDevice=f9.9b [ 118.472422][ T5332] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 118.480889][ T5332] usb 1-1: Product: syz [ 118.485381][ T5332] usb 1-1: Manufacturer: syz [ 118.489994][ T5332] usb 1-1: SerialNumber: syz [ 118.511120][ T5332] usb 1-1: config 0 descriptor?? [ 118.572118][ T5332] symbolserial 1-1:0.175: symbol converter detected [ 118.587363][ T5332] usb 1-1: symbol converter now attached to ttyUSB0 [ 118.700840][ T6710] netlink: 12 bytes leftover after parsing attributes in process `syz.2.493'. [ 118.740994][ T6651] BTRFS info (device loop4): rebuilding free space tree [ 118.804511][ T6651] BTRFS info (device loop4): disabling free space tree [ 118.812745][ T6651] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 118.823302][ T6651] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 118.895921][ T5288] usb 1-1: USB disconnect, device number 3 [ 118.931315][ T5332] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 118.947600][ T5288] symbol ttyUSB0: symbol converter now disconnected from ttyUSB0 [ 118.956336][ T5288] symbolserial 1-1:0.175: device disconnected [ 119.171952][ T5229] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 119.192742][ T5332] usb 6-1: Using ep0 maxpacket: 16 [ 119.341083][ T5332] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 119.352176][ T5332] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 119.361971][ T5332] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 119.375219][ T5332] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 119.384603][ T5332] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 119.412281][ T5332] usb 6-1: config 0 descriptor?? [ 119.779632][ T6746] loop3: detected capacity change from 0 to 1024 [ 119.945145][ T5332] microsoft 0003:045E:07DA.000B: ignoring exceeding usage max [ 119.960966][ T5332] microsoft 0003:045E:07DA.000B: No inputs registered, leaving [ 120.002220][ T5332] microsoft 0003:045E:07DA.000B: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0 [ 120.031674][ T5332] microsoft 0003:045E:07DA.000B: no inputs found [ 120.047491][ T5332] microsoft 0003:045E:07DA.000B: could not initialize ff, continuing anyway [ 120.135420][ T6758] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check. [ 120.168381][ T5332] usb 6-1: USB disconnect, device number 7 [ 120.253856][ T6760] loop0: detected capacity change from 0 to 2048 [ 120.320577][ T6760] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 120.442354][ T6772] netlink: 4 bytes leftover after parsing attributes in process `syz.1.520'. [ 120.496338][ T6775] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 121.132195][ T6766] loop4: detected capacity change from 0 to 32768 [ 121.181344][ T1168] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 121.297633][ T6780] loop1: detected capacity change from 0 to 32768 [ 121.338371][ T6766] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 121.351334][ T1168] usb 4-1: Using ep0 maxpacket: 8 [ 121.372291][ T6766] (syz.4.517,6766,1):ocfs2_read_blocks:239 ERROR: status = -12 [ 121.380951][ T6780] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 121.382832][ T1168] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 121.389894][ T6766] (syz.4.517,6766,1):ocfs2_trim_mainbm:7610 ERROR: status = -12 [ 121.458906][ T1168] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 121.481293][ T1168] usb 4-1: New USB device found, idVendor=04d8, idProduct=f372, bcdDevice= 0.00 [ 121.490455][ T1168] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 121.546730][ T1168] usb 4-1: config 0 descriptor?? [ 121.567357][ T5229] ocfs2: Unmounting device (7,4) on (node local) [ 121.629074][ T6780] XFS (loop1): Ending clean mount [ 121.639032][ T6780] XFS (loop1): Quotacheck needed: Please wait. [ 121.762524][ T6780] XFS (loop1): Quotacheck: Done. [ 121.949998][ T5238] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 121.990647][ T6815] loop5: detected capacity change from 0 to 256 [ 122.147983][ T1168] hid-led 0003:04D8:F372.000C: hidraw0: USB HID v0.00 Device [HID 04d8:f372] on usb-dummy_hcd.3-1/input0 [ 122.335162][ T1168] hid-led 0003:04D8:F372.000C: Greynut Luxafor initialized [ 122.434312][ T6792] loop2: detected capacity change from 0 to 32768 [ 122.471463][ T1168] usb 4-1: USB disconnect, device number 4 [ 122.516846][ T931] leds luxafor0:blue:led5: Setting an LED's brightness failed (-38) [ 122.541482][ T931] leds luxafor0:green:led5: Setting an LED's brightness failed (-38) [ 122.573876][ T931] leds luxafor0:red:led5: Setting an LED's brightness failed (-38) [ 122.592189][ T931] leds luxafor0:blue:led4: Setting an LED's brightness failed (-38) [ 122.603316][ T931] leds luxafor0:green:led4: Setting an LED's brightness failed (-38) [ 122.613493][ T931] leds luxafor0:red:led4: Setting an LED's brightness failed (-38) [ 122.622439][ T931] leds luxafor0:blue:led3: Setting an LED's brightness failed (-38) [ 122.631387][ T931] leds luxafor0:green:led3: Setting an LED's brightness failed (-38) [ 122.640554][ T931] leds luxafor0:red:led3: Setting an LED's brightness failed (-38) [ 122.649417][ T931] leds luxafor0:blue:led2: Setting an LED's brightness failed (-38) [ 122.658368][ T931] leds luxafor0:green:led2: Setting an LED's brightness failed (-38) [ 122.776082][ T6811] loop0: detected capacity change from 0 to 32768 [ 122.816672][ T6811] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.534 (6811) [ 122.832248][ T6792] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 123.020602][ T6836] loop5: detected capacity change from 0 to 32768 [ 123.078767][ T6811] BTRFS info (device loop0): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 123.123126][ T6811] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 123.170049][ T931] leds luxafor0:red:led2: Setting an LED's brightness failed (-38) [ 123.171864][ T6836] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 123.178833][ T931] leds luxafor0:blue:led1: Setting an LED's brightness failed (-38) [ 123.219111][ T6811] BTRFS info (device loop0): using free-space-tree [ 123.389515][ T931] leds luxafor0:green:led1: Setting an LED's brightness failed (-38) [ 123.405621][ T5288] leds luxafor0:red:led1: Setting an LED's brightness failed (-38) [ 123.416095][ T5288] leds luxafor0:blue:led0: Setting an LED's brightness failed (-38) [ 123.424952][ T5288] leds luxafor0:green:led0: Setting an LED's brightness failed (-38) [ 123.433843][ T5288] leds luxafor0:red:led0: Setting an LED's brightness failed (-38) [ 123.670889][ T6792] XFS (loop2): Ending clean mount [ 123.684812][ T6836] XFS (loop5): Ending clean mount [ 123.701049][ T6836] XFS (loop5): Quotacheck needed: Please wait. [ 123.713162][ T6792] XFS (loop2): Quotacheck needed: Please wait. [ 123.727458][ T6889] netlink: 8 bytes leftover after parsing attributes in process `syz.1.553'. [ 123.797200][ T6892] loop1: detected capacity change from 0 to 1024 [ 123.818874][ T6890] loop4: detected capacity change from 0 to 1024 [ 123.845032][ T6792] XFS (loop2): Quotacheck: Done. [ 123.845380][ T6836] XFS (loop5): Quotacheck: Done. [ 123.990065][ T3038] hfsplus: b-tree write err: -5, ino 4 [ 124.073989][ T5225] BTRFS info (device loop0): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 124.115614][ T5224] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 124.137735][ T1007] hfsplus: b-tree write err: -5, ino 4 [ 124.218556][ T5231] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 124.568405][ T6910] netlink: 191416 bytes leftover after parsing attributes in process `syz.3.565'. [ 124.804634][ T6917] loop3: detected capacity change from 0 to 128 [ 125.473916][ T6938] warning: `syz.0.578' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 125.952711][ T6958] cgroup: Unexpected value for 'cpuset_v2_mode' [ 125.986462][ T6952] 9pnet: Could not find request transport: f [ 126.195463][ T6966] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 126.394458][ T6971] netlink: 108 bytes leftover after parsing attributes in process `syz.5.591'. [ 126.590236][ T6930] loop4: detected capacity change from 0 to 32768 [ 126.790625][ T6984] netlink: 8 bytes leftover after parsing attributes in process `syz.2.597'. [ 126.849179][ T6960] loop3: detected capacity change from 0 to 32768 [ 126.944567][ T5288] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 126.968425][ T6960] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 127.001913][ T6994] loop4: detected capacity change from 0 to 128 [ 127.092235][ T5229] sysv_free_block: flc_count > flc_size [ 127.099466][ T5229] sysv_free_block: flc_count > flc_size [ 127.112596][ T5229] sysv_free_block: flc_count > flc_size [ 127.126250][ T5229] sysv_free_block: flc_count > flc_size [ 127.133015][ T5229] sysv_free_block: flc_count > flc_size [ 127.138830][ T5229] sysv_free_block: flc_count > flc_size [ 127.146158][ T5229] sysv_free_block: flc_count > flc_size [ 127.151875][ T5229] sysv_free_block: flc_count > flc_size [ 127.160287][ T5229] sysv_free_block: flc_count > flc_size [ 127.183276][ T5229] sysv_free_block: flc_count > flc_size [ 127.194164][ T5288] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 127.210785][ T5229] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 127.219778][ T5288] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 127.270272][ T5288] usb 1-1: New USB device found, idVendor=18d1, idProduct=9400, bcdDevice= 0.00 [ 127.294221][ T6960] XFS (loop3): Ending clean mount [ 127.332747][ T5288] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 127.344424][ T5288] usb 1-1: config 0 descriptor?? [ 127.428616][ T7008] loop5: detected capacity change from 0 to 1024 [ 127.493632][ T5235] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 127.644041][ T35] hfsplus: b-tree write err: -5, ino 4 [ 127.770448][ T5288] stadia 0003:18D1:9400.000D: hidraw0: USB HID v0.00 Device [HID 18d1:9400] on usb-dummy_hcd.0-1/input0 [ 127.838220][ T5288] stadia 0003:18D1:9400.000D: no inputs found [ 127.862416][ T5288] stadia 0003:18D1:9400.000D: force feedback init failed [ 127.992391][ T5288] usb 1-1: USB disconnect, device number 4 [ 128.277604][ T7005] loop4: detected capacity change from 0 to 32768 [ 128.293772][ T7005] XFS: noikeep mount option is deprecated. [ 128.299664][ T7005] XFS: ikeep mount option is deprecated. [ 128.305519][ T7005] XFS: noikeep mount option is deprecated. [ 128.361371][ T5290] usb 2-1: new full-speed USB device number 2 using dummy_hcd [ 128.397247][ T7030] "syz.2.614" (7030) uses obsolete ecb(arc4) skcipher [ 128.405633][ T7005] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 128.510251][ T7005] XFS (loop4): Ending clean mount [ 128.538328][ T7005] XFS (loop4): Quotacheck needed: Please wait. [ 128.595479][ T5290] usb 2-1: New USB device found, idVendor=0c72, idProduct=0013, bcdDevice=ba.be [ 128.604620][ T7005] XFS (loop4): Quotacheck: Done. [ 128.607319][ T7050] loop2: detected capacity change from 0 to 256 [ 128.620231][ T5290] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 128.626914][ T7050] exfat: Deprecated parameter 'namecase' [ 128.645155][ T7050] exfat: Deprecated parameter 'utf8' [ 128.652582][ T29] audit: type=1800 audit(1729117367.100:30): pid=7005 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.602" name="bus" dev="loop4" ino=1067 res=0 errno=0 [ 128.669961][ T5290] usb 2-1: Product: syz [ 128.681044][ T5290] usb 2-1: Manufacturer: syz [ 128.686291][ T7046] loop5: detected capacity change from 0 to 2048 [ 128.697727][ T5290] usb 2-1: SerialNumber: syz [ 128.721541][ T7046] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 128.743197][ T5290] usb 2-1: config 0 descriptor?? [ 128.782637][ T7050] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 128.902425][ T5229] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 128.981637][ T5290] peak_usb 2-1:0.0: PEAK-System PCAN-Chip USB v0 fw v0.0.0 (1 channels) [ 129.011835][ T5332] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 129.180158][ T5290] peak_usb 2-1:0.0 can0: sending command failure: -22 [ 129.202854][ T5290] peak_usb 2-1:0.0 can0: sending command failure: -22 [ 129.226882][ T5290] peak_usb 2-1:0.0 can0: sending command failure: -22 [ 129.234095][ T5332] usb 1-1: Using ep0 maxpacket: 16 [ 129.242902][ T5332] usb 1-1: config 0 has an invalid interface number: 32 but max is 0 [ 129.262561][ T5332] usb 1-1: config 0 has no interface number 0 [ 129.301571][ T5332] usb 1-1: config 0 interface 32 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 129.341273][ T5332] usb 1-1: config 0 interface 32 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 129.351127][ T5332] usb 1-1: New USB device found, idVendor=5543, idProduct=0081, bcdDevice= 0.00 [ 129.391755][ T5290] peak_usb 2-1:0.0: probe with driver peak_usb failed with error -22 [ 129.404521][ T5332] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 129.446749][ T5290] usb 2-1: USB disconnect, device number 2 [ 129.453848][ T5332] usb 1-1: config 0 descriptor?? [ 129.498560][ T7061] loop2: detected capacity change from 0 to 4096 [ 129.528424][ T7063] sp0: Synchronizing with TNC [ 129.533999][ T7065] ieee802154 phy0 wpan0: encryption failed: -22 [ 129.565231][ T7066] sp0: Found TNC [ 129.926258][ T5332] uclogic 0003:5543:0081.000E: interface is invalid, ignoring [ 130.133357][ T931] usb 1-1: USB disconnect, device number 5 [ 130.238182][ T7078] loop2: detected capacity change from 0 to 4096 [ 130.271141][ T7078] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512). [ 130.342789][ T7078] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 130.375007][ T7078] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [ 130.417297][ T7089] loop1: detected capacity change from 0 to 512 [ 130.453820][ T7089] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 130.489311][ T5288] IPVS: starting estimator thread 0... [ 130.533030][ T7089] EXT4-fs (loop1): 1 orphan inode deleted [ 130.549232][ T7089] EXT4-fs (loop1): 1 truncate cleaned up [ 130.560048][ T7089] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 130.805320][ T7083] loop4: detected capacity change from 0 to 32768 [ 130.815796][ T7094] IPVS: using max 16 ests per chain, 38400 per kthread [ 130.836088][ T7100] loop3: detected capacity change from 0 to 4096 [ 130.863438][ T7083] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 130.890356][ T5238] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.902267][ T7104] netlink: 12 bytes leftover after parsing attributes in process `syz.2.640'. [ 131.127902][ T7113] openvswitch: netlink: Actions may not be safe on all matching packets [ 131.202249][ T7083] XFS (loop4): Ending clean mount [ 131.272426][ T7083] XFS (loop4): Quotacheck needed: Please wait. [ 131.343570][ T7083] XFS (loop4): Quotacheck: Done. [ 131.471845][ T7131] syz.3.649: attempt to access beyond end of device [ 131.471845][ T7131] nbd3: rw=0, sector=16, nr_sectors = 8 limit=0 [ 131.522006][ T5229] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 131.561042][ T7131] REISERFS warning (device nbd3): sh-2006 read_super_block: bread failed (dev nbd3, block 2, size 4096) [ 131.581586][ T7131] syz.3.649: attempt to access beyond end of device [ 131.581586][ T7131] nbd3: rw=0, sector=128, nr_sectors = 8 limit=0 [ 131.651783][ T7131] REISERFS warning (device nbd3): sh-2006 read_super_block: bread failed (dev nbd3, block 16, size 4096) [ 131.684051][ T7131] REISERFS warning (device nbd3): sh-2021 reiserfs_fill_super: can not find reiserfs on nbd3 [ 132.074107][ T7149] loop3: detected capacity change from 0 to 64 [ 132.166916][ T7151] loop4: detected capacity change from 0 to 256 [ 132.172415][ T931] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 132.186268][ T7151] exfat: Deprecated parameter 'namecase' [ 132.290975][ T7151] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 132.351637][ T931] usb 1-1: Using ep0 maxpacket: 8 [ 132.358413][ T1261] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.367553][ T1261] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.403566][ T931] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 132.415948][ T931] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 132.441455][ T931] usb 1-1: New USB device found, idVendor=172f, idProduct=0034, bcdDevice= 0.00 [ 132.457407][ T931] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 132.472991][ T931] usb 1-1: config 0 descriptor?? [ 132.499040][ T7130] loop1: detected capacity change from 0 to 32768 [ 132.593279][ T29] audit: type=1800 audit(1729117371.020:31): pid=7130 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.651" name="file1" dev="loop1" ino=4 res=0 errno=0 [ 132.907454][ T931] waltop 0003:172F:0034.000F: item fetching failed at offset 2/5 [ 132.941850][ T931] waltop 0003:172F:0034.000F: probe with driver waltop failed with error -22 [ 133.186294][ T5332] usb 1-1: USB disconnect, device number 6 [ 133.216879][ T7182] loop2: detected capacity change from 0 to 164 [ 133.532573][ T7193] sp0: Synchronizing with TNC [ 133.544854][ T7189] loop4: detected capacity change from 0 to 2048 [ 133.573729][ T7189] EXT4-fs: Ignoring removed bh option [ 133.636740][ T7189] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 133.953521][ T5229] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 134.270006][ T931] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 134.432867][ T7225] loop3: detected capacity change from 0 to 512 [ 134.439836][ T7225] EXT4-fs: Ignoring removed bh option [ 134.491288][ T931] usb 3-1: Using ep0 maxpacket: 8 [ 134.498333][ T931] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 134.516524][ T931] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid maxpacket 26056, setting to 1024 [ 134.523162][ T7225] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 134.573250][ T7225] EXT4-fs (loop3): 1 truncate cleaned up [ 134.580626][ T7225] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 134.581141][ T931] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 134.671412][ T29] audit: type=1800 audit(1729117373.110:32): pid=7225 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.694" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 134.672224][ T7202] loop1: detected capacity change from 0 to 32768 [ 134.721363][ T931] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 134.741345][ T931] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 134.761300][ T931] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0 [ 134.771118][ T931] usb 3-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8d.58 [ 134.792143][ T931] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 134.835366][ T5235] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 134.846547][ T7208] loop0: detected capacity change from 0 to 40427 [ 134.857589][ T931] usb 3-1: config 0 descriptor?? [ 134.858880][ T7202] XFS (loop1): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 134.886211][ T7208] F2FS-fs (loop0): Small segment_count (9 < 1 * 24) [ 134.896907][ T7208] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 134.931942][ T7207] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 135.001111][ T5245] Bluetooth: hci6: urb ffff88802f5a1800 submission failed (90) [ 135.165438][ T7208] F2FS-fs (loop0): Found nat_bits in checkpoint [ 135.299097][ T5290] usb 3-1: USB disconnect, device number 9 [ 135.343937][ T7202] XFS (loop1): Ending clean mount [ 135.430104][ T7208] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 135.451335][ T7208] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 135.497725][ T5238] XFS (loop1): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 135.580695][ T5225] syz-executor: attempt to access beyond end of device [ 135.580695][ T5225] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 135.672502][ T5225] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 135.754368][ T7233] loop4: detected capacity change from 0 to 32768 [ 135.828028][ T7241] loop3: detected capacity change from 0 to 32768 [ 135.866856][ T7241] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.698 (7241) [ 136.050145][ T7241] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 136.095378][ T7241] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 136.127821][ T7241] BTRFS info (device loop3): disk space caching is enabled [ 136.135146][ T7241] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 136.385264][ T7251] loop5: detected capacity change from 0 to 32768 [ 136.406700][ T7251] XFS: ikeep mount option is deprecated. [ 136.886692][ T7281] loop1: detected capacity change from 0 to 4096 [ 136.943559][ T7275] loop2: detected capacity change from 0 to 32768 [ 136.948419][ T7281] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512). [ 136.968660][ T7273] netlink: 12 bytes leftover after parsing attributes in process `syz.0.703'. [ 137.049431][ T7251] XFS (loop5): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 137.089279][ T7275] XFS (loop2): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 137.214290][ T7312] loop0: detected capacity change from 0 to 128 [ 137.258318][ T7241] BTRFS info (device loop3): rebuilding free space tree [ 137.310495][ T7312] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 137.327573][ T7241] BTRFS info (device loop3): disabling free space tree [ 137.339225][ T7241] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 137.350390][ T7251] XFS (loop5): Ending clean mount [ 137.367985][ T7241] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 137.393466][ T7251] XFS (loop5): Quotacheck needed: Please wait. [ 137.415383][ T7312] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 137.523544][ T7251] XFS (loop5): Quotacheck: Done. [ 137.580566][ T7275] XFS (loop2): Ending clean mount [ 137.600728][ T5235] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 137.620926][ T7275] XFS (loop2): Quotacheck needed: Please wait. [ 137.765146][ T7275] XFS (loop2): Quotacheck: Done. [ 137.858953][ T5224] XFS (loop5): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 137.981330][ T931] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 138.177734][ T931] usb 1-1: Using ep0 maxpacket: 16 [ 138.196918][ T931] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 138.218286][ T931] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 138.241248][ T931] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 138.243334][ T5231] XFS (loop2): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 138.266227][ T931] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 138.286597][ T931] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 138.321401][ T5290] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 138.346118][ T931] usb 1-1: config 0 descriptor?? [ 138.421400][ T5289] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 138.512622][ T5290] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 138.541675][ T5290] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 138.605048][ T5290] usb 5-1: config 0 descriptor?? [ 138.644839][ T5290] cp210x 5-1:0.0: cp210x converter detected [ 138.656909][ T5289] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 138.688983][ T5289] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 138.713781][ T5289] usb 2-1: config 0 descriptor?? [ 138.807056][ T931] microsoft 0003:045E:07DA.0010: ignoring exceeding usage max [ 138.821048][ T7338] loop5: detected capacity change from 0 to 512 [ 138.874632][ T931] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.0010/input/input11 [ 138.962435][ T7320] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 139.021858][ T7338] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 139.030494][ T7347] netlink: 'syz.2.723': attribute type 10 has an invalid length. [ 139.034790][ T7338] ext4 filesystem being mounted at /121/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 139.073124][ T7320] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 139.085506][ T931] microsoft 0003:045E:07DA.0010: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0 [ 139.112720][ T5289] [drm] vendor descriptor length:6 data:06 5f 01 05 41 00 00 00 00 00 00 [ 139.121300][ T5289] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 139.153960][ T931] usb 1-1: USB disconnect, device number 7 [ 139.207021][ T7349] loop2: detected capacity change from 0 to 512 [ 139.272314][ T5290] cp210x 5-1:0.0: failed to get vendor val 0x3711 size 2: -71 [ 139.279999][ T5290] cp210x 5-1:0.0: GPIO initialisation failed: -71 [ 139.288700][ T5289] [drm:udl_init] *ERROR* Selecting channel failed [ 139.315803][ T5289] [drm] Initialized udl 0.0.1 for 2-1:0.0 on minor 2 [ 139.331467][ T5289] [drm] Initialized udl on minor 2 [ 139.340975][ T5289] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 139.362333][ T5289] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 139.380811][ T5290] usb 5-1: cp210x converter now attached to ttyUSB0 [ 139.396868][ T1177] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 139.410587][ T1177] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 139.419084][ T1177] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 139.426860][ T7349] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.730: invalid indirect mapped block 256 (level 2) [ 139.446859][ T5289] usb 2-1: USB disconnect, device number 3 [ 139.454591][ T5224] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 139.467369][ T5290] usb 5-1: USB disconnect, device number 4 [ 139.503890][ T5290] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 139.512102][ T5290] cp210x 5-1:0.0: device disconnected [ 139.530067][ T7349] EXT4-fs (loop2): 2 truncates cleaned up [ 139.547399][ T7349] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 139.570037][ T7354] loop3: detected capacity change from 0 to 64 [ 139.604527][ T7354] BFS-fs: bfs_fill_super(): loop3 is unclean, continuing [ 139.704104][ T5231] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 140.071342][ T5289] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 140.232188][ T5289] usb 1-1: Using ep0 maxpacket: 8 [ 140.253755][ T5289] usb 1-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 140.281683][ T5289] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 140.293598][ T7378] loop5: detected capacity change from 0 to 512 [ 140.311355][ T5289] usb 1-1: Product: syz [ 140.315543][ T5289] usb 1-1: Manufacturer: syz [ 140.338489][ T5289] usb 1-1: SerialNumber: syz [ 140.375827][ T5289] usb 1-1: config 0 descriptor?? [ 140.395626][ T5289] gspca_main: sq930x-2.14.0 probing 2770:930c [ 140.407024][ T7378] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 140.445133][ T7378] ext4 filesystem being mounted at /124/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 140.671154][ T5224] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 140.702572][ T7374] loop3: detected capacity change from 0 to 32768 [ 140.709753][ T7374] XFS: attr2 mount option is deprecated. [ 140.715546][ T7374] XFS: ikeep mount option is deprecated. [ 140.721570][ T7374] XFS: noikeep mount option is deprecated. [ 140.758166][ T7374] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 141.061518][ T5289] gspca_sq930x: reg_w 0305 fd00 failed -71 [ 141.070486][ T5289] sq930x 1-1:0.0: probe with driver sq930x failed with error -71 [ 141.092071][ T5289] usb 1-1: USB disconnect, device number 8 [ 141.201343][ T7374] XFS (loop3): Ending clean mount [ 141.209705][ T7374] XFS (loop3): Quotacheck needed: Please wait. [ 141.258533][ T7374] XFS (loop3): Quotacheck: Done. [ 141.281335][ T1168] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 141.390953][ T7410] sock: sock_set_timeout: `syz.5.753' (pid 7410) tries to set negative timeout [ 141.410261][ T7380] loop4: detected capacity change from 0 to 32768 [ 141.419293][ T5235] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 141.434649][ T1168] usb 3-1: Using ep0 maxpacket: 16 [ 141.445648][ T1168] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 141.456690][ T7380] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.744 (7380) [ 141.471294][ T1168] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 141.479312][ T1168] usb 3-1: Product: syz [ 141.507797][ T1168] usb 3-1: Manufacturer: syz [ 141.526341][ T1168] usb 3-1: SerialNumber: syz [ 141.534076][ T7380] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 141.535844][ T1168] r8152-cfgselector 3-1: Unknown version 0x0000 [ 141.563901][ T1168] r8152-cfgselector 3-1: config 0 descriptor?? [ 141.571351][ T7380] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 141.613634][ T7380] BTRFS info (device loop4): using free-space-tree [ 141.942684][ T931] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 142.040261][ T5289] IPVS: starting estimator thread 0... [ 142.141382][ T7439] IPVS: using max 16 ests per chain, 38400 per kthread [ 142.154280][ T931] usb 6-1: Using ep0 maxpacket: 32 [ 142.179535][ T931] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 142.191085][ T931] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 142.201925][ T931] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 142.227971][ T5229] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 142.246887][ T931] usb 6-1: New USB device found, idVendor=0c45, idProduct=760b, bcdDevice= 0.00 [ 142.267509][ T1177] r8152-cfgselector 3-1: USB disconnect, device number 10 [ 142.302396][ T931] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 142.363292][ T931] usb 6-1: config 0 descriptor?? [ 142.405269][ T7448] 9p: Unknown Cache mode or invalid value [ 142.481409][ T5289] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 142.657041][ T5289] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 142.691236][ T5289] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 142.722675][ T5289] usb 4-1: New USB device found, idVendor=0079, idProduct=0006, bcdDevice= 0.00 [ 142.750029][ T5289] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 142.779033][ T931] hid (null): report_id 0 is invalid [ 142.790408][ T5289] usb 4-1: config 0 descriptor?? [ 142.794630][ T931] redragon 0003:0C45:760B.0011: report_id 0 is invalid [ 142.861251][ T931] redragon 0003:0C45:760B.0011: item 0 1 1 8 parsing failed [ 142.869110][ T931] redragon 0003:0C45:760B.0011: probe with driver redragon failed with error -22 [ 142.997160][ T7463] loop2: detected capacity change from 0 to 128 [ 143.067108][ T7463] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 143.087999][ T931] usb 6-1: USB disconnect, device number 8 [ 143.264377][ T5289] dragonrise 0003:0079:0006.0012: item fetching failed at offset 2/5 [ 143.264900][ T5289] dragonrise 0003:0079:0006.0012: parse failed [ 143.264960][ T5289] dragonrise 0003:0079:0006.0012: probe with driver dragonrise failed with error -22 [ 143.561100][ T1177] usb 4-1: USB disconnect, device number 5 [ 144.058017][ T7481] loop0: detected capacity change from 0 to 2048 [ 144.131330][ T7485] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 144.383421][ T7481] NILFS error (device loop0): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 144.428525][ T7487] loop1: detected capacity change from 0 to 1024 [ 144.500450][ T7481] Remounting filesystem read-only [ 144.837746][ T5225] NILFS (loop0): disposed unprocessed dirty file(s) when detaching log writer [ 144.892390][ T1811] hfsplus: b-tree write err: -5, ino 4 [ 145.028799][ T7499] sg_write: data in/out 45479/14 bytes for SCSI command 0x0-- guessing data in; [ 145.028799][ T7499] program syz.5.788 not setting count and/or reply_len properly [ 145.918440][ T7517] pim6reg: entered allmulticast mode [ 146.087784][ T7519] loop5: detected capacity change from 0 to 256 [ 146.283862][ T7519] exFAT-fs (loop5): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d) [ 146.788137][ T7529] loop2: detected capacity change from 0 to 64 [ 146.949138][ T29] audit: type=1800 audit(1729117385.380:33): pid=7529 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.803" name="file1" dev="loop2" ino=18 res=0 errno=0 [ 147.591220][ C0] sched: DL replenish lagged too much [ 147.593374][ T7538] netlink: zone id is out of range [ 147.717423][ T7506] loop0: detected capacity change from 0 to 32768 [ 147.727300][ T7538] netlink: zone id is out of range [ 147.820103][ T7538] netlink: set zone limit has 4 unknown bytes [ 147.830856][ T7506] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 148.172312][ T7506] syz.0.789 (7506) used greatest stack depth: 17240 bytes left [ 148.204074][ T7514] loop1: detected capacity change from 0 to 32768 [ 148.211537][ T5289] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 148.297442][ T7514] debugfs: Directory 'B1DE653C5FFC4D88B33B244AAB9EB3E9' with parent 'ocfs2' already present! [ 148.386111][ T7554] loop4: detected capacity change from 0 to 512 [ 148.411389][ T5289] usb 3-1: Using ep0 maxpacket: 16 [ 148.440949][ T5289] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 148.485096][ T7514] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 148.523077][ T7554] EXT4-fs: Ignoring removed mblk_io_submit option [ 148.551481][ T5289] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 148.588358][ T7554] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 148.627513][ T5225] ocfs2: Unmounting device (7,0) on (node local) [ 148.664484][ T5289] usb 3-1: New USB device found, idVendor=1e7d, idProduct=3232, bcdDevice= 0.00 [ 148.726741][ T7514] (syz.1.795,7514,1):ocfs2_file_write_iter:2433 ERROR: status = -27 [ 148.754115][ T7554] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002] [ 148.769158][ T5289] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 148.832492][ T7554] System zones: 1-12 [ 148.860085][ T5289] usb 3-1: config 0 descriptor?? [ 148.891646][ T7554] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.813: corrupted in-inode xattr: e_value size too large [ 149.072410][ T7554] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.813: couldn't read orphan inode 15 (err -117) [ 149.160726][ T5238] ocfs2: Unmounting device (7,1) on (node local) [ 149.184018][ T7554] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 149.425790][ T5289] ryos 0003:1E7D:3232.0013: unknown main item tag 0x0 [ 149.502746][ T5289] ryos 0003:1E7D:3232.0013: hidraw0: USB HID v0.00 Device [HID 1e7d:3232] on usb-dummy_hcd.2-1/input0 [ 149.679173][ T5289] usb 3-1: USB disconnect, device number 11 [ 149.707431][ T5229] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 150.541403][ T5290] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 150.748503][ T7577] netlink: 'syz.1.823': attribute type 15 has an invalid length. [ 150.771655][ T5290] usb 1-1: Using ep0 maxpacket: 8 [ 150.787838][ T5290] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 150.847156][ T5290] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 150.927793][ T5290] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 150.999841][ T5290] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 151.121319][ T5290] usb 1-1: New USB device found, idVendor=2179, idProduct=0077, bcdDevice= 0.00 [ 151.189597][ T5290] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 151.241341][ T7581] binder: 7580:7581 ioctl c0306201 20000580 returned -22 [ 151.297363][ T5290] usb 1-1: config 0 descriptor?? [ 151.481503][ T7584] loop3: detected capacity change from 0 to 512 [ 151.654829][ T7584] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 151.771930][ T5290] hid (null): report_id 0 is invalid [ 151.788441][ T7584] ext4 filesystem being mounted at /149/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 151.835847][ T5290] uclogic 0003:2179:0077.0014: interface is invalid, ignoring [ 151.904295][ T7592] netlink: 'syz.4.829': attribute type 3 has an invalid length. [ 152.020179][ T5290] usb 1-1: USB disconnect, device number 9 [ 152.116908][ T7584] EXT4-fs: Cannot change quota options when quota turned on [ 152.455638][ T5235] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 152.584790][ T7600] loop2: detected capacity change from 0 to 512 [ 152.748358][ T7600] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 152.821729][ T7600] EXT4-fs (loop2): orphan cleanup on readonly fs [ 152.940002][ T7600] EXT4-fs warning (device loop2): ext4_enable_quotas:7097: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 153.150141][ T7600] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 153.231583][ T7600] EXT4-fs error (device loop2): ext4_ext_check_inode:524: inode #13: comm syz.2.833: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 153.438717][ T7600] EXT4-fs error (device loop2): ext4_orphan_get:1393: comm syz.2.833: couldn't read orphan inode 13 (err -117) [ 153.543801][ T7600] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 153.721915][ T25] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 153.734991][ T7600] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 153.735439][ T7600] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 153.802545][ T7600] EXT4-fs warning (device loop2): ext4_enable_quotas:7097: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 153.864129][ T7600] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended [ 153.881453][ T7600] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 153.910341][ T7600] EXT4-fs warning (device loop2): ext4_enable_quotas:7097: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 153.921365][ T25] usb 4-1: New USB device found, idVendor=0830, idProduct=0060, bcdDevice=13.2b [ 153.921402][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 153.921429][ T25] usb 4-1: Product: syz [ 153.921449][ T25] usb 4-1: Manufacturer: syz [ 153.921469][ T25] usb 4-1: SerialNumber: syz [ 154.144735][ T25] visor 4-1:1.0: Handspring Visor / Palm OS converter detected [ 154.146727][ T25] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 154.148909][ T25] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 154.210207][ T5231] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 154.305604][ T5290] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 154.371456][ T25] usb 4-1: USB disconnect, device number 6 [ 154.419990][ T25] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 154.437925][ T25] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 154.438393][ T25] visor 4-1:1.0: device disconnected [ 154.489317][ T5290] usb 1-1: Using ep0 maxpacket: 8 [ 154.509109][ T5290] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 154.509155][ T5290] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 154.509197][ T5290] usb 1-1: New USB device found, idVendor=886d, idProduct=db3f, bcdDevice= 0.69 [ 154.509228][ T5290] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 154.512353][ T5290] usb 1-1: config 0 descriptor?? [ 154.614729][ T7621] loop2: detected capacity change from 0 to 512 [ 154.621624][ T7621] EXT4-fs: inline encryption not supported [ 154.673369][ T7621] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 154.674846][ T7621] EXT4-fs (loop2): 1 truncate cleaned up [ 154.710426][ T7621] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 154.976384][ T5290] hid-generic 0003:886D:DB3F.0015: unbalanced delimiter at end of report description [ 154.978623][ T5290] hid-generic 0003:886D:DB3F.0015: probe with driver hid-generic failed with error -22 [ 155.042382][ T5231] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 155.168239][ T5290] usb 1-1: USB disconnect, device number 10 [ 155.570618][ T7607] loop1: detected capacity change from 0 to 32768 [ 155.614795][ T7605] loop4: detected capacity change from 0 to 32768 [ 155.615592][ T7605] XFS: noikeep mount option is deprecated. [ 155.621956][ T1177] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 155.674540][ T7607] JBD2: Ignoring recovery information on journal [ 155.726976][ T7605] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 155.801421][ T1177] usb 4-1: Using ep0 maxpacket: 32 [ 155.806537][ T1177] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 155.806579][ T1177] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 155.806623][ T1177] usb 4-1: New USB device found, idVendor=057e, idProduct=201e, bcdDevice= 0.00 [ 155.806653][ T1177] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 155.808933][ T1177] usb 4-1: config 0 descriptor?? [ 155.903694][ T7607] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 156.035131][ T7605] XFS (loop4): Ending clean mount [ 156.056096][ T7605] XFS (loop4): Quotacheck needed: Please wait. [ 156.294135][ T5238] ocfs2: Unmounting device (7,1) on (node local) [ 156.303905][ T1177] nintendo 0003:057E:201E.0016: unknown main item tag 0x0 [ 156.303943][ T1177] nintendo 0003:057E:201E.0016: unknown main item tag 0x0 [ 156.303972][ T1177] nintendo 0003:057E:201E.0016: unknown main item tag 0x0 [ 156.303999][ T1177] nintendo 0003:057E:201E.0016: collection stack underflow [ 156.304024][ T1177] nintendo 0003:057E:201E.0016: item 0 1 0 12 parsing failed [ 156.327761][ T1177] nintendo 0003:057E:201E.0016: HID parse failed [ 156.336498][ T7605] XFS (loop4): Quotacheck: Done. [ 156.342734][ T1177] nintendo 0003:057E:201E.0016: probe - fail = -22 [ 156.342827][ T1177] nintendo 0003:057E:201E.0016: probe with driver nintendo failed with error -22 [ 156.490028][ T1177] usb 4-1: USB disconnect, device number 7 [ 156.686720][ T5229] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 157.832408][ T1177] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 157.982244][ T1177] usb 2-1: Using ep0 maxpacket: 8 [ 157.994399][ T1177] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 253, changing to 11 [ 157.994442][ T1177] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 157.994473][ T1177] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 157.994521][ T1177] usb 2-1: New USB device found, idVendor=1223, idProduct=3f07, bcdDevice= 0.00 [ 157.994555][ T1177] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 157.996716][ T1177] usb 2-1: config 0 descriptor?? [ 158.200404][ T7626] loop2: detected capacity change from 0 to 32768 [ 158.299178][ T7626] XFS (loop2): Mounting V5 Filesystem bc2378ed-6193-40d5-9d59-7ebcb787b415 [ 158.377923][ T7660] netlink: 'syz.3.852': attribute type 58 has an invalid length. [ 158.438331][ T1177] ortek 0003:1223:3F07.0017: report_id 0 is invalid [ 158.438366][ T1177] ortek 0003:1223:3F07.0017: item 0 1 1 8 parsing failed [ 158.438977][ T1177] ortek 0003:1223:3F07.0017: probe with driver ortek failed with error -22 [ 158.476191][ T7626] XFS (loop2): Ending clean mount [ 158.637893][ T25] usb 2-1: USB disconnect, device number 4 [ 158.690944][ T5231] XFS (loop2): Unmounting Filesystem bc2378ed-6193-40d5-9d59-7ebcb787b415 [ 160.106498][ T7671] loop2: detected capacity change from 0 to 1024 [ 160.460978][ T25] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 160.681229][ T25] usb 1-1: config 0 has an invalid interface number: 117 but max is 0 [ 160.751276][ T25] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 160.847050][ T25] usb 1-1: config 0 has no interface number 0 [ 160.884935][ T7682] Bluetooth: MGMT ver 1.23 [ 160.896732][ T25] usb 1-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 160.977475][ T25] usb 1-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 161.108414][ T25] usb 1-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0 [ 161.191164][ T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 161.299203][ T25] usb 1-1: Product: syz [ 161.317586][ T25] usb 1-1: Manufacturer: syz [ 161.372930][ T25] usb 1-1: SerialNumber: syz [ 161.419190][ T25] usb 1-1: config 0 descriptor?? [ 161.451140][ T7689] tipc: New replicast peer: 0000:0000:0000:0000:0000:0001:0000:0000 [ 161.532855][ T7689] tipc: Enabled bearer , priority 10 [ 161.575516][ T7664] loop3: detected capacity change from 0 to 32768 [ 161.724794][ T7691] netlink: 332 bytes leftover after parsing attributes in process `syz.1.866'. [ 161.835289][ T7691] netlink: 104 bytes leftover after parsing attributes in process `syz.1.866'. [ 161.909328][ T7691] netlink: 32 bytes leftover after parsing attributes in process `syz.1.866'. [ 162.201932][ T25] usb 1-1: USB disconnect, device number 11 [ 162.551478][ T1177] tipc: Node number set to 771752031 [ 162.901434][ T7705] netlink: 36 bytes leftover after parsing attributes in process `syz.5.874'. [ 163.371365][ T25] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 163.571428][ T25] usb 2-1: Using ep0 maxpacket: 8 [ 163.607601][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 163.685229][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 163.767455][ T25] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 8 [ 163.880863][ T25] usb 2-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00 [ 163.910273][ T7727] netlink: 'syz.3.884': attribute type 6 has an invalid length. [ 163.980487][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 164.069800][ T25] usb 2-1: config 0 descriptor?? [ 164.496995][ T7736] netlink: 256 bytes leftover after parsing attributes in process `syz.5.888'. [ 164.589031][ T7736] netlink: 64 bytes leftover after parsing attributes in process `syz.5.888'. [ 164.613590][ T25] sony 0003:054C:0268.0018: item fetching failed at offset 6/70 [ 164.683982][ T25] sony 0003:054C:0268.0018: parse failed [ 164.745393][ T25] sony 0003:054C:0268.0018: probe with driver sony failed with error -22 [ 164.866516][ T25] usb 2-1: USB disconnect, device number 5 [ 164.989378][ T7743] netlink: 12 bytes leftover after parsing attributes in process `syz.3.892'. [ 165.868483][ T7762] loop1: detected capacity change from 0 to 512 [ 165.966873][ T7762] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 166.041629][ T7762] EXT4-fs (loop1): orphan cleanup on readonly fs [ 166.102203][ T7762] EXT4-fs error (device loop1): ext4_orphan_get:1414: comm syz.1.901: bad orphan inode 16 [ 166.180953][ T7762] ext4_test_bit(bit=15, block=18) = 1 [ 166.243522][ T7762] is_bad_inode(inode)=0 [ 166.268119][ T7762] NEXT_ORPHAN(inode)=256 [ 166.308590][ T7762] max_ino=32 [ 166.336257][ T7762] i_nlink=2 [ 166.355011][ T7762] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 166.744562][ T5238] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 167.251803][ T7786] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.912'. [ 167.321629][ T7786] openvswitch: netlink: IP tunnel attribute has 3052 unknown bytes. [ 167.582754][ T7787] loop0: detected capacity change from 0 to 4096 [ 167.660247][ T7787] ntfs3(loop0): Different NTFS sector size (2048) and media sector size (512). [ 167.742375][ T7791] netlink: 8 bytes leftover after parsing attributes in process `syz.2.915'. [ 167.779512][ T7760] loop5: detected capacity change from 0 to 32768 [ 167.786773][ T7787] ntfs3(loop0): Failed to initialize $Extend/$ObjId. [ 167.898255][ T7760] JBD2: Ignoring recovery information on journal [ 168.102270][ T7760] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 168.508240][ T5224] ocfs2: Unmounting device (7,5) on (node local) [ 168.678610][ T7803] loop4: detected capacity change from 0 to 512 [ 168.778005][ T7803] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 168.898205][ T7803] ext4 filesystem being mounted at /149/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 169.242416][ T5229] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 169.520184][ T7816] loop0: detected capacity change from 0 to 256 [ 169.546634][ T7816] exfat: Deprecated parameter 'namecase' [ 169.633591][ T7816] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xf794f3fa, utbl_chksum : 0xe619d30d) [ 169.840896][ T7821] netlink: 8 bytes leftover after parsing attributes in process `syz.4.924'. [ 170.731375][ T25] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 170.913702][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 170.937620][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 170.952487][ T25] usb 1-1: New USB device found, idVendor=046d, idProduct=c534, bcdDevice= 0.00 [ 170.969595][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 170.981016][ T25] usb 1-1: config 0 descriptor?? [ 171.454739][ T25] logitech-djreceiver 0003:046D:C534.0019: hidraw0: USB HID v0.00 Device [HID 046d:c534] on usb-dummy_hcd.0-1/input0 [ 171.651883][ T5289] usb 1-1: USB disconnect, device number 12 [ 172.816883][ T7839] loop0: detected capacity change from 0 to 256 [ 172.835096][ T7839] exfat: Deprecated parameter 'namecase' [ 172.854781][ T7839] exfat: Deprecated parameter 'utf8' [ 172.876538][ T7839] exfat: Deprecated parameter 'namecase' [ 172.907275][ T7839] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 173.652940][ T25] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 173.824814][ T25] usb 1-1: Using ep0 maxpacket: 32 [ 173.832912][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 173.850817][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 173.863451][ T25] usb 1-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 173.881547][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 173.898512][ T25] usb 1-1: config 0 descriptor?? [ 174.382244][ T25] ft260 0003:0403:6030.001A: unknown main item tag 0x0 [ 174.586605][ T25] ft260 0003:0403:6030.001A: failed to retrieve chip version [ 174.609975][ T25] ft260 0003:0403:6030.001A: probe with driver ft260 failed with error -71 [ 174.637394][ T25] usb 1-1: USB disconnect, device number 13 [ 175.491397][ T1177] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 175.675653][ T1177] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 175.691243][ T1177] usb 1-1: New USB device found, idVendor=046d, idProduct=c626, bcdDevice= 0.00 [ 175.701048][ T1177] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 175.718916][ T1177] usb 1-1: config 0 descriptor?? [ 176.193060][ T1177] logitech 0003:046D:C626.001B: unbalanced delimiter at end of report description [ 176.216622][ T1177] logitech 0003:046D:C626.001B: parse failed [ 176.226204][ T1177] logitech 0003:046D:C626.001B: probe with driver logitech failed with error -22 [ 176.438053][ T1177] usb 1-1: USB disconnect, device number 14 [ 177.338729][ T5244] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 177.355105][ T5244] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 177.363466][ T5244] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 177.372323][ T5244] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 177.383376][ T5244] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 177.391013][ T5244] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 178.669726][ T5245] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 178.687668][ T5245] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 178.698436][ T5245] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 178.712657][ T5245] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 178.720696][ T5245] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 178.728515][ T5245] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 179.461699][ T5245] Bluetooth: hci6: command tx timeout [ 180.768886][ T5244] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 180.779430][ T5244] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 180.791088][ T5244] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 180.804139][ T5244] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 180.813889][ T5244] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 180.821538][ T5244] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 180.832106][ T5245] Bluetooth: hci7: command tx timeout [ 180.970595][ T5245] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 180.984434][ T5245] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 180.994801][ T5245] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 181.005118][ T5245] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 181.024483][ T5244] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 181.032673][ T5244] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 181.077300][ T5244] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 181.088276][ T5244] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 181.102524][ T5244] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 181.112215][ T5244] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 181.125748][ T5244] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 181.133413][ T5244] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 181.547356][ T5245] Bluetooth: hci6: command tx timeout [ 182.901524][ T5245] Bluetooth: hci8: command tx timeout [ 182.909123][ T5245] Bluetooth: hci7: command tx timeout [ 183.061438][ T5245] Bluetooth: hci9: command tx timeout [ 183.221677][ T5245] Bluetooth: hci10: command tx timeout [ 183.621377][ T5245] Bluetooth: hci6: command tx timeout [ 184.981528][ T5244] Bluetooth: hci8: command tx timeout [ 184.987846][ T5245] Bluetooth: hci7: command tx timeout [ 185.141456][ T5245] Bluetooth: hci9: command tx timeout [ 185.301768][ T5245] Bluetooth: hci10: command tx timeout [ 185.701614][ T5245] Bluetooth: hci6: command tx timeout [ 187.061745][ T5245] Bluetooth: hci7: command tx timeout [ 187.067227][ T5245] Bluetooth: hci8: command tx timeout [ 187.221653][ T5245] Bluetooth: hci9: command tx timeout [ 187.383858][ T5245] Bluetooth: hci10: command tx timeout [ 188.765803][ T53] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 188.778140][ T53] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 188.786289][ T53] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 188.794585][ T53] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 188.802961][ T53] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 188.810449][ T53] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 189.141416][ T53] Bluetooth: hci8: command tx timeout [ 189.301462][ T53] Bluetooth: hci9: command tx timeout [ 189.462169][ T53] Bluetooth: hci10: command tx timeout [ 190.771799][ T53] Bluetooth: hci3: command 0x0406 tx timeout [ 190.777901][ T53] Bluetooth: hci2: command 0x0406 tx timeout [ 190.791037][ T5242] Bluetooth: hci1: command 0x0406 tx timeout [ 190.834705][ T5248] Bluetooth: hci5: command 0x0406 tx timeout [ 190.901609][ T5234] Bluetooth: hci11: command tx timeout [ 192.981483][ T5245] Bluetooth: hci11: command tx timeout [ 193.801803][ T1261] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.808156][ T1261] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.061599][ T5245] Bluetooth: hci11: command tx timeout [ 197.143520][ T5245] Bluetooth: hci11: command tx timeout [ 208.614288][ T7818] netlink: 'syz.5.927': attribute type 8 has an invalid length. [ 212.350780][ T1007] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.818461][ T1007] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 215.197650][ T1007] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 237.949486][ T5245] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 237.959334][ T5245] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 237.967701][ T5245] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 237.975722][ T5245] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 237.993573][ T5245] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 238.004721][ T5245] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 239.551920][ T5244] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 239.571549][ T5244] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 239.584799][ T5244] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 239.594957][ T5244] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 239.604434][ T5244] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 239.611962][ T5244] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 240.101458][ T5244] Bluetooth: hci0: command tx timeout [ 241.226994][ T5245] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 241.241270][ T5245] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 241.249809][ T5245] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 241.257941][ T5245] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 241.266180][ T5245] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 241.281950][ T5245] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 241.372403][ T5244] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 241.385250][ T5244] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 241.393475][ T5244] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 241.405233][ T5244] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 241.415352][ T5244] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 241.423182][ T5244] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 241.494496][ T5245] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 241.511716][ T5245] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 241.524563][ T5245] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 241.534670][ T5245] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 241.545448][ T5245] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 241.552996][ T5245] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 241.701724][ T5244] Bluetooth: hci3: command tx timeout [ 242.181573][ T5244] Bluetooth: hci0: command tx timeout [ 243.381733][ T5244] Bluetooth: hci4: command tx timeout [ 243.461488][ T5244] Bluetooth: hci5: command tx timeout [ 243.621618][ T5244] Bluetooth: hci12: command tx timeout [ 243.781584][ T5244] Bluetooth: hci3: command tx timeout [ 244.261538][ T5244] Bluetooth: hci0: command tx timeout [ 245.461445][ T5244] Bluetooth: hci4: command tx timeout [ 245.549105][ T5244] Bluetooth: hci5: command tx timeout [ 245.701499][ T5244] Bluetooth: hci12: command tx timeout [ 245.861669][ T5244] Bluetooth: hci3: command tx timeout [ 246.341598][ T5244] Bluetooth: hci0: command tx timeout [ 247.541598][ T5245] Bluetooth: hci4: command tx timeout [ 247.621566][ T5244] Bluetooth: hci5: command tx timeout [ 247.781359][ T5244] Bluetooth: hci12: command tx timeout [ 247.941477][ T5244] Bluetooth: hci3: command tx timeout [ 248.893347][ T5245] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 248.920522][ T5245] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 248.929668][ T5245] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 248.938326][ T5245] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 248.946367][ T5245] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 248.954470][ T5245] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 249.622003][ T5244] Bluetooth: hci4: command tx timeout [ 249.701509][ T5244] Bluetooth: hci5: command tx timeout [ 249.861418][ T5244] Bluetooth: hci12: command tx timeout [ 251.061885][ T5244] Bluetooth: hci13: command tx timeout [ 253.141752][ T5244] Bluetooth: hci13: command tx timeout [ 255.223773][ T5244] Bluetooth: hci13: command tx timeout [ 255.231379][ T1261] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.237683][ T1261] ieee802154 phy1 wpan1: encryption failed: -22 [ 257.301638][ T5244] Bluetooth: hci13: command tx timeout [ 300.461947][ T5245] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 300.473135][ T5245] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 300.482790][ T5245] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 300.490849][ T5245] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 300.499232][ T5245] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3 [ 300.506945][ T5245] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 300.918905][ T5244] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 300.928787][ T5244] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 300.938861][ T5244] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 300.947263][ T5244] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 300.959032][ T5244] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3 [ 300.966686][ T5244] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 302.512125][ T5244] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1 [ 302.521820][ T5244] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9 [ 302.529768][ T5244] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9 [ 302.539630][ T5244] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4 [ 302.547455][ T5244] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3 [ 302.555433][ T5244] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2 [ 302.582450][ T5244] Bluetooth: hci14: command tx timeout [ 302.619234][ T5234] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1 [ 302.628045][ T5234] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9 [ 302.636145][ T5234] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9 [ 302.645255][ T5234] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4 [ 302.657419][ T5234] Bluetooth: hci17: unexpected cc 0x0c25 length: 249 > 3 [ 302.671386][ T5234] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2 [ 302.737676][ T5244] Bluetooth: hci18: unexpected cc 0x0c03 length: 249 > 1 [ 302.746499][ T5244] Bluetooth: hci18: unexpected cc 0x1003 length: 249 > 9 [ 302.754655][ T5244] Bluetooth: hci18: unexpected cc 0x1001 length: 249 > 9 [ 302.764672][ T5244] Bluetooth: hci18: unexpected cc 0x0c23 length: 249 > 4 [ 302.772817][ T5244] Bluetooth: hci18: unexpected cc 0x0c25 length: 249 > 3 [ 302.780389][ T5244] Bluetooth: hci18: unexpected cc 0x0c38 length: 249 > 2 [ 303.061530][ T5234] Bluetooth: hci15: command tx timeout [ 303.408553][ T5234] Bluetooth: hci7: command 0x0406 tx timeout [ 303.414665][ T5244] Bluetooth: hci10: command 0x0406 tx timeout [ 303.420794][ T5244] Bluetooth: hci9: command 0x0406 tx timeout [ 303.426949][ T5237] Bluetooth: hci6: command 0x0406 tx timeout [ 303.433622][ T5230] Bluetooth: hci8: command 0x0406 tx timeout [ 304.581554][ T5245] Bluetooth: hci16: command tx timeout [ 304.662272][ T5245] Bluetooth: hci14: command tx timeout [ 304.741442][ T5245] Bluetooth: hci17: command tx timeout [ 304.821437][ T5245] Bluetooth: hci18: command tx timeout [ 305.142535][ T5245] Bluetooth: hci15: command tx timeout [ 306.661516][ T5241] Bluetooth: hci16: command tx timeout [ 306.741559][ T5241] Bluetooth: hci14: command tx timeout [ 306.821404][ T5241] Bluetooth: hci17: command tx timeout [ 306.901327][ T5241] Bluetooth: hci18: command tx timeout [ 307.223006][ T5241] Bluetooth: hci15: command tx timeout [ 308.757979][ T5241] Bluetooth: hci16: command tx timeout [ 308.821474][ T5241] Bluetooth: hci14: command tx timeout [ 308.912438][ T5241] Bluetooth: hci17: command tx timeout [ 308.981434][ T5241] Bluetooth: hci18: command tx timeout [ 309.231789][ T5245] Bluetooth: hci19: unexpected cc 0x0c03 length: 249 > 1 [ 309.240930][ T5245] Bluetooth: hci19: unexpected cc 0x1003 length: 249 > 9 [ 309.249438][ T5245] Bluetooth: hci19: unexpected cc 0x1001 length: 249 > 9 [ 309.271283][ T5245] Bluetooth: hci19: unexpected cc 0x0c23 length: 249 > 4 [ 309.279021][ T5245] Bluetooth: hci19: unexpected cc 0x0c25 length: 249 > 3 [ 309.286868][ T5245] Bluetooth: hci19: unexpected cc 0x0c38 length: 249 > 2 [ 309.306921][ T5245] Bluetooth: hci15: command tx timeout [ 310.821315][ T5245] Bluetooth: hci16: command tx timeout [ 310.981393][ T5245] Bluetooth: hci17: command tx timeout [ 311.061418][ T5245] Bluetooth: hci18: command tx timeout [ 311.381660][ T5245] Bluetooth: hci19: command tx timeout [ 313.461572][ T5245] Bluetooth: hci19: command tx timeout [ 313.635632][ T5245] Bluetooth: hci11: command 0x0406 tx timeout [ 315.541643][ T5248] Bluetooth: hci19: command tx timeout [ 316.670966][ T1261] ieee802154 phy0 wpan0: encryption failed: -22 [ 316.681230][ T1261] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.621474][ T5248] Bluetooth: hci19: command tx timeout [ 325.622657][ T30] INFO: task syz.0.946:7860 blocked for more than 143 seconds. [ 325.630334][ T30] Not tainted 6.12.0-rc3-syzkaller-00087-gc964ced77262 #0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 325.679486][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 325.741296][ T30] task:syz.0.946 state:D stack:27392 pid:7860 tgid:7859 ppid:5225 flags:0x00000004 [ 325.845559][ T30] Call Trace: [ 325.848911][ T30] [ 325.901390][ T30] __schedule+0x1895/0x4b30 [ 325.906036][ T30] ? __pfx___schedule+0x10/0x10 [ 325.910953][ T30] ? __pfx_lock_release+0x10/0x10 [ 326.011336][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 326.016921][ T30] ? schedule+0x90/0x320 [ 326.072236][ T30] schedule+0x14b/0x320 [ 326.076504][ T30] schedule_preempt_disabled+0x13/0x30 [ 326.131410][ T30] __mutex_lock+0x6a7/0xd70 [ 326.136028][ T30] ? __mutex_lock+0x52a/0xd70 [ 326.140747][ T30] ? genl_rcv_msg+0x121/0xec0 [ 326.210803][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 326.241363][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 326.247118][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 326.304100][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 326.309849][ T30] ? __local_bh_enable_ip+0x168/0x200 [ 326.370909][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 326.391432][ T30] ? radix_tree_lookup+0x238/0x290 [ 326.396669][ T30] genl_rcv_msg+0x121/0xec0 [ 326.438245][ T30] ? mark_lock+0x9a/0x360 [ 326.460741][ T30] ? __lock_acquire+0x1384/0x2050 [ 326.473556][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 326.478766][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 326.526918][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 326.550903][ T30] ? __pfx___might_resched+0x10/0x10 [ 326.564905][ T30] netlink_rcv_skb+0x1e5/0x430 [ 326.569734][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 326.579636][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 326.591042][ T30] ? __netlink_deliver_tap+0x77e/0x7c0 [ 326.601460][ T30] genl_rcv+0x28/0x40 [ 326.606888][ T30] netlink_unicast+0x7f8/0x990 [ 326.619833][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 326.627481][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 326.639373][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 326.646539][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 326.658205][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 326.666679][ T30] ? __check_object_size+0x48e/0x900 [ 326.679517][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 326.687746][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 326.699106][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 326.710587][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 326.721400][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 326.727087][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 326.742121][ T30] __sock_sendmsg+0x223/0x270 [ 326.746884][ T30] __sys_sendto+0x39b/0x4f0 [ 326.758717][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 326.764098][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 326.769779][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 326.780351][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 326.791906][ T30] ? exc_page_fault+0x590/0x8c0 [ 326.796829][ T30] __x64_sys_sendto+0xde/0x100 [ 326.810688][ T30] do_syscall_64+0xf3/0x230 [ 326.818317][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 326.830439][ T30] RIP: 0033:0x7f72ffb7fe8c [ 326.836413][ T30] RSP: 002b:00007f730097fec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 326.851166][ T30] RAX: ffffffffffffffda RBX: 00007f730097ffc0 RCX: 00007f72ffb7fe8c [ 326.859188][ T30] RDX: 000000000000001c RSI: 00007f7300980010 RDI: 0000000000000004 [ 326.874036][ T30] RBP: 0000000000000000 R08: 00007f730097ff14 R09: 000000000000000c [ 326.886857][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 326.899262][ T30] R13: 00007f730097ff68 R14: 00007f7300980010 R15: 0000000000000000 [ 326.925632][ T30] [ 326.928800][ T30] [ 326.928800][ T30] Showing all locks held in the system: [ 326.944717][ T30] 3 locks held by kworker/u8:0/11: [ 326.949865][ T30] #0: ffff88802e0b9148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 326.971479][ T30] #1: ffffc90000107d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 326.994770][ T30] #2: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30 [ 327.007752][ T30] 1 lock held by khungtaskd/30: [ 327.018745][ T30] #0: ffffffff8e937de0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 327.040646][ T30] 3 locks held by kworker/0:2/931: [ 327.054000][ T30] 7 locks held by kworker/u8:5/1007: [ 327.059330][ T30] #0: ffff88801bae5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 327.077621][ T30] #1: ffffc90003c7fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 327.094627][ T30] #2: ffffffff8fcc6110 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 327.110019][ T30] #3: ffff8880600fa0e8 (&dev->mutex){....}-{3:3}, at: devlink_pernet_pre_exit+0x13b/0x440 [ 327.123470][ T30] #4: ffff8880600fb250 (&devlink->lock_key#2){+.+.}-{3:3}, at: devlink_pernet_pre_exit+0x14d/0x440 [ 327.140842][ T30] #5: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: nsim_destroy+0x71/0x5c0 [ 327.170624][ T30] #6: ffffffff8e7d1dd0 (cpu_hotplug_lock){++++}-{0:0}, at: unregister_netdevice_many_notify+0x5ea/0x1da0 [ 327.190354][ T30] 3 locks held by kworker/u8:8/3038: [ 327.198459][ T30] #0: ffff88801ac81148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 327.215139][ T30] #1: ffffc9000a717d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 327.231796][ T30] #2: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 327.240873][ T30] 2 locks held by getty/4980: [ 327.253026][ T30] #0: ffff88802ea150a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 327.270600][ T30] #1: ffffc90002efe2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00 [ 327.291508][ T30] 6 locks held by kworker/0:9/5404: [ 327.298051][ T30] 1 lock held by syz.2.918/7799: [ 327.315339][ T30] #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0 [ 327.330593][ T30] 1 lock held by syz.1.925/7813: [ 327.337017][ T30] #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0 [ 327.351436][ T30] 1 lock held by syz.5.927/7818: [ 327.356409][ T30] #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0 [ 327.374068][ T30] 3 locks held by syz.4.924/7821: [ 327.379149][ T30] #0: ffffffff8fd38970 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 327.392617][ T30] #1: ffffffff8fd38828 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0 [ 327.410069][ T30] #2: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: ieee80211_register_hw+0x312b/0x3e10 [ 327.423609][ T30] 1 lock held by syz-executor/7851: [ 327.428838][ T30] #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 327.446734][ T30] 2 locks held by syz.0.946/7860: [ 327.455600][ T30] #0: ffffffff8fd38970 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 327.467924][ T30] #1: ffffffff8fd38828 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0 [ 327.482900][ T30] 1 lock held by syz-executor/7863: [ 327.488271][ T30] #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_newlink+0xab7/0x20a0 [ 327.506206][ T30] 1 lock held by syz-executor/7868: [ 327.517570][ T30] #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 327.534089][ T30] 1 lock held by syz-executor/7870: [ 327.539326][ T30] #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 327.558170][ T30] 1 lock held by syz-executor/7871: [ 327.567541][ T30] #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 327.580880][ T30] 1 lock held by syz-executor/7875: [ 327.590576][ T30] #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 327.605096][ T30] 1 lock held by syz-executor/7892: [ 327.610335][ T30] #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 327.626687][ T30] 1 lock held by syz-executor/7898: [ 327.639119][ T30] #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 327.653791][ T30] 1 lock held by syz-executor/7903: [ 327.659032][ T30] #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 327.672824][ T30] 1 lock held by syz-executor/7905: [ 327.678067][ T30] #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 327.694208][ T30] 1 lock held by syz-executor/7907: [ 327.699457][ T30] #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 327.716620][ T30] 1 lock held by syz-executor/7910: [ 327.727113][ T30] #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 327.743193][ T30] 1 lock held by syz-executor/7916: [ 327.748441][ T30] #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 327.769046][ T30] 1 lock held by syz-executor/7921: [ 327.776240][ T30] #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 327.793104][ T30] 1 lock held by syz-executor/7926: [ 327.798358][ T30] #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 327.816226][ T30] 1 lock held by syz-executor/7928: [ 327.826512][ T30] #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 327.841227][ T30] 1 lock held by syz-executor/7930: [ 327.846481][ T30] #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 327.861402][ T30] 1 lock held by syz-executor/7933: [ 327.866653][ T30] #0: ffffffff8fcd2c08 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 327.885548][ T30] [ 327.887933][ T30] ============================================= [ 327.887933][ T30] [ 327.901731][ T30] NMI backtrace for cpu 1 [ 327.906101][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc3-syzkaller-00087-gc964ced77262 #0 [ 327.916632][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 327.926715][ T30] Call Trace: [ 327.930013][ T30] [ 327.932968][ T30] dump_stack_lvl+0x241/0x360 [ 327.937688][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 327.942940][ T30] ? __pfx__printk+0x10/0x10 [ 327.947573][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 327.952556][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 327.958053][ T30] ? _printk+0xd5/0x120 [ 327.962325][ T30] ? __pfx__printk+0x10/0x10 [ 327.966948][ T30] ? __wake_up_klogd+0xcc/0x110 [ 327.971840][ T30] ? __pfx__printk+0x10/0x10 [ 327.976466][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 327.982143][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 327.987212][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 327.993232][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 327.999255][ T30] watchdog+0xff4/0x1040 [ 328.003540][ T30] ? watchdog+0x1ea/0x1040 [ 328.008003][ T30] ? __pfx_watchdog+0x10/0x10 [ 328.012715][ T30] kthread+0x2f2/0x390 [ 328.016814][ T30] ? __pfx_watchdog+0x10/0x10 [ 328.021534][ T30] ? __pfx_kthread+0x10/0x10 [ 328.026155][ T30] ret_from_fork+0x4d/0x80 [ 328.030614][ T30] ? __pfx_kthread+0x10/0x10 [ 328.035230][ T30] ret_from_fork_asm+0x1a/0x30 [ 328.040064][ T30] [ 328.044065][ T30] Sending NMI from CPU 1 to CPUs 0: [ 328.049345][ C0] NMI backtrace for cpu 0 [ 328.049361][ C0] CPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.12.0-rc3-syzkaller-00087-gc964ced77262 #0 [ 328.049387][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 328.049401][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x70 [ 328.049437][ C0] Code: 89 fb e8 23 00 00 00 48 8b 3d 04 fb 9c 0c 48 89 de 5b e9 83 ca 5d 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 48 8b 04 24 65 48 8b 0c 25 c0 d7 03 00 65 8b 15 60 f0 [ 328.049456][ C0] RSP: 0018:ffffc90000157138 EFLAGS: 00000246 [ 328.049477][ C0] RAX: 0000000000000002 RBX: 0000000000000002 RCX: 1ffff9200002ae40 [ 328.049493][ C0] RDX: 0000000000000004 RSI: ffffffff8fd5be90 RDI: 0000000000000002 [ 328.049509][ C0] RBP: ffffc90000157390 R08: 0000000000000001 R09: ffffffff89e985e5 [ 328.049525][ C0] R10: 0000000000000004 R11: ffff88801c29da00 R12: ffff88802fc33f80 [ 328.049542][ C0] R13: 1ffff11005f867f2 R14: 1ffff11005f867f2 R15: 0000000000000000 [ 328.049564][ C0] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 328.049583][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 328.049600][ C0] CR2: 000000110c2bf40e CR3: 000000000e734000 CR4: 0000000000350ef0 [ 328.049619][ C0] Call Trace: [ 328.049627][ C0] [ 328.049635][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 328.049668][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 328.049706][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 328.049736][ C0] ? nmi_handle+0x2a/0x5a0 [ 328.049770][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 328.049803][ C0] ? nmi_handle+0x151/0x5a0 [ 328.049828][ C0] ? nmi_handle+0x2a/0x5a0 [ 328.049853][ C0] ? __pfx___sanitizer_cov_trace_pc+0x10/0x10 [ 328.049884][ C0] ? default_do_nmi+0x63/0x160 [ 328.049916][ C0] ? exc_nmi+0x123/0x1f0 [ 328.049945][ C0] ? end_repeat_nmi+0xf/0x53 [ 328.049974][ C0] ? nft_do_chain+0x1825/0x1da0 [ 328.050000][ C0] ? __pfx___sanitizer_cov_trace_pc+0x10/0x10 [ 328.050031][ C0] ? __pfx___sanitizer_cov_trace_pc+0x10/0x10 [ 328.050064][ C0] ? __pfx___sanitizer_cov_trace_pc+0x10/0x10 [ 328.050095][ C0] [ 328.050103][ C0] [ 328.050111][ C0] nft_do_chain+0x1aa9/0x1da0 [ 328.050176][ C0] ? __pfx_nft_do_chain+0x10/0x10 [ 328.050202][ C0] ? __local_bh_enable_ip+0x168/0x200 [ 328.050238][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 328.050277][ C0] ? __pfx_nf_nat_inet_fn+0x10/0x10 [ 328.050306][ C0] nft_do_chain_inet+0x418/0x6b0 [ 328.050344][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 328.050379][ C0] ? ipt_do_table+0x312/0x1860 [ 328.050426][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 328.050460][ C0] nf_hook_slow+0xc5/0x220 [ 328.050493][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 328.050523][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 328.050552][ C0] NF_HOOK+0x29e/0x450 [ 328.050578][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 328.050607][ C0] ? NF_HOOK+0x9a/0x450 [ 328.050633][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 328.050662][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 328.050694][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 328.050720][ C0] ? ip_rcv_finish+0x406/0x560 [ 328.050749][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 328.050777][ C0] NF_HOOK+0x3a6/0x450 [ 328.050802][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 328.050828][ C0] ? __lock_acquire+0x1384/0x2050 [ 328.050865][ C0] ? NF_HOOK+0x9a/0x450 [ 328.050891][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 328.050917][ C0] ? ip_rcv_core+0x801/0xd10 [ 328.050945][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 328.050978][ C0] ? __pfx_ip_rcv+0x10/0x10 [ 328.051006][ C0] __netif_receive_skb+0x2bf/0x650 [ 328.051039][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 328.051075][ C0] ? __pfx___netif_receive_skb+0x10/0x10 [ 328.051104][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 328.051150][ C0] ? __pfx_lock_release+0x10/0x10 [ 328.051189][ C0] ? _raw_spin_lock_irq+0xdf/0x120 [ 328.051233][ C0] process_backlog+0x662/0x15b0 [ 328.051270][ C0] ? process_backlog+0x33b/0x15b0 [ 328.051309][ C0] ? __pfx_process_backlog+0x10/0x10 [ 328.051343][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 328.051383][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 328.051425][ C0] __napi_poll+0xcd/0x490 [ 328.051459][ C0] net_rx_action+0x89b/0x1240 [ 328.051507][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 328.051541][ C0] ? __pfx_tmigr_handle_remote+0x10/0x10 [ 328.051597][ C0] handle_softirqs+0x2c7/0x980 [ 328.051633][ C0] ? run_ksoftirqd+0xca/0x130 [ 328.051669][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 328.051700][ C0] ? preempt_schedule+0xe1/0xf0 [ 328.051738][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 328.051767][ C0] run_ksoftirqd+0xca/0x130 [ 328.051801][ C0] ? __pfx_run_ksoftirqd+0x10/0x10 [ 328.051836][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 328.051863][ C0] ? __pfx_ksoftirqd_should_run+0x10/0x10 [ 328.051898][ C0] ? smpboot_thread_fn+0x2d3/0xa30 [ 328.051931][ C0] ? smpboot_thread_fn+0x4fb/0xa30 [ 328.051962][ C0] ? smpboot_thread_fn+0x656/0xa30 [ 328.051995][ C0] ? __pfx_run_ksoftirqd+0x10/0x10 [ 328.052029][ C0] smpboot_thread_fn+0x546/0xa30 [ 328.052061][ C0] ? smpboot_thread_fn+0x4e/0xa30 [ 328.052098][ C0] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 328.052136][ C0] kthread+0x2f2/0x390 [ 328.052158][ C0] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 328.052191][ C0] ? __pfx_kthread+0x10/0x10 [ 328.052214][ C0] ret_from_fork+0x4d/0x80 [ 328.052248][ C0] ? __pfx_kthread+0x10/0x10 [ 328.052270][ C0] ret_from_fork_asm+0x1a/0x30 [ 328.052314][ C0] [ 328.630569][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 328.637499][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc3-syzkaller-00087-gc964ced77262 #0 [ 328.648045][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 328.658142][ T30] Call Trace: [ 328.661446][ T30] [ 328.664403][ T30] dump_stack_lvl+0x241/0x360 [ 328.669128][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 328.674368][ T30] ? __pfx__printk+0x10/0x10 [ 328.678997][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 328.685039][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 328.690718][ T30] ? vscnprintf+0x5d/0x90 [ 328.695116][ T30] panic+0x349/0x880 [ 328.699057][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 328.704747][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 328.710964][ T30] ? __pfx_panic+0x10/0x10 [ 328.715471][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 328.720896][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 328.726568][ T30] ? __irq_work_queue_local+0x137/0x410 [ 328.732167][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 328.737844][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 328.743278][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 328.749485][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 328.755696][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 328.761369][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 328.767584][ T30] watchdog+0x1033/0x1040 [ 328.771966][ T30] ? watchdog+0x1ea/0x1040 [ 328.776458][ T30] ? __pfx_watchdog+0x10/0x10 [ 328.781202][ T30] kthread+0x2f2/0x390 [ 328.785314][ T30] ? __pfx_watchdog+0x10/0x10 [ 328.790040][ T30] ? __pfx_kthread+0x10/0x10 [ 328.794680][ T30] ret_from_fork+0x4d/0x80 [ 328.799151][ T30] ? __pfx_kthread+0x10/0x10 [ 328.803785][ T30] ret_from_fork_asm+0x1a/0x30 [ 328.808618][ T30] [ 328.811909][ T30] Kernel Offset: disabled [ 328.816239][ T30] Rebooting in 86400 seconds..