last executing test programs: 4.970430159s ago: executing program 0 (id=4253): bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) openat$uinput(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000200)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r0, @ANYBLOB="05", @ANYRES16], 0x0) 3.292456952s ago: executing program 4 (id=4272): r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='freezer.self_freezing\x00', 0x26e1, 0x0) r2 = dup3(r0, r1, 0x0) ioctl$SOUND_OLD_MIXER_INFO(r2, 0x80304d65, &(0x7f0000000040)) 3.140154561s ago: executing program 0 (id=4275): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000180)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(r0, 0x40082102, &(0x7f0000000080)=r1) 2.982160502s ago: executing program 4 (id=4278): syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000500)='./file0\x00', 0x18008, &(0x7f0000000200)=ANY=[@ANYRES8=0x0, @ANYRESDEC], 0xfe, 0x4b1, &(0x7f0000001d00)="$eJzs201sVNUbx/HfM3c6TIf+/5YXCxgCTTSxgkBfsEBqYnix0YQXLVQj8SWVTrHSdkinKCUgLNWdC5Yu3bpwZdwaEpfGhcEYFibIxs2sxB3m3LlvM5TOjG1nKP1+CJx7zzx3OOc8c+ecM5kRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQjrx6uLfPWt0KAADQTCdPj/QOMP8DALCmnGH/DwAAsJaYPP0u054LJTvhn5dlj0/OXLo8emx44cvaTaaUPD/e/c329Q/sf2nwwMGwXPz65bZNp06fOdx9tDB9cTZfLObHu0dnJs8VxvN1P8NSr6+2yx+A7ukLl8YnJord/XsHKh6+3Hlv3fquzqHB945mwtjRY8PDpxMx6bb//L8/5FEr/Iw8vSDTx99/ayclpbT0sajx2llp7X4ndvmdGD027HdkanJsZs49aKkgKlU5JplwjJqQiyVJSa5dllmePVubPP0g05F9JTslyQvHYbf/wXBd7WmFtNu6SurRKsjZY2ydPH0g0619nXojGFc//xnpaqsbhxWXDu7/gpXsTf/9wN1P7m3z+Fvdr89MFBKxlgruqNU+PzTTY/7elJWnU/4dX7IR7Wx1c9Bk7fI0LVPmq0/8dYX8delTQwd27DyUXGFsqfE8LnZvcHPVMye3BUsHS7k/y98v1Cdrnv6U6f5vWf+8J5wDpBsPFrvwj6Y0DyvNPE3J9M+1klnVvtRL7O8jq33uX9n2t2ePFi7Oz06e/2huwcdz2cMfFudmx84t/HB57+ola2rtY6ulGtuS5ay84/v801J0XbAH+F/5LG7NN1fj10JPVRlKvn7qOa57F9vAOsq1yczTXZkm3t9anmeUa3hs1gKX/2GZiqWfLcx0kP90+SyR/5fj8ctaZRnxc/v/8uda4Vpi29nNj6pfify7Nrn8vyPTkb+3Bp9plPPvVcW6uC6Z3r25PYhLZVxcOuxO+RknJqfyvS72gUwbfwpj5cfmgthNcWyfiy3K9MWtytj1QezmOLbfxd6W6c6vC8c+HccOuNh5l6873WFszsXuCGK74ti95wpT47WG1eW/X6a3r79mYZ8fmf/E/X+jqow8lPPFj5cr/52JuhtBXs8G+U/XyP+XMs3/tT3stz/24ctqg/9vnH+3Vv7uZmVsuKHcGMf21dutVnP53yDTvVduR30O+hacxhlK5v+ZdGUZjWuL8r8hUdcZtCvT4FisRcX5KxfGpqbysxxwwAEH0UGr35nQDG7+H3Gz+qBn4TommP87ymfxiun+Z/H8P1RVRlo0/29M1A0Fq5a2tJSdm77YtkXKFuev7JmcHjufP5+fGdg/2Nt/aH/vwMG2TLi4i4/qHrsngcv/bpmu/fhLtI+pXP8tvP7PVZWRFuV/U7JPFeuauodiTXL575Bp8O7taL+52Po/3P/3PFtZRvdfi/K/OVHXGbSro8GxAAAAAAAAAAAAAAAAAIDVJGeenpPp8siLFv6GqJ7v/41XlZHl//5X+YfJNb7/1ZWoG2/S7xoaGmgAAAAAAAAAAIAmScnT1zI9r5JddxUd0olkiSfavwEAAP//G6xIAA==") r0 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0) lseek(r0, 0x7, 0x0) getdents(r0, 0x0, 0x22) 2.786056027s ago: executing program 2 (id=4279): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@bridge_dellink={0x3c, 0x13, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x18, 0x5, 0x0, 0x1, {0x14, 0x1, 0x0, 0x1, [{0x8, 0x2}, {0x8, 0x1}]}}]}]}, 0x3c}}, 0x0) 2.607093335s ago: executing program 2 (id=4283): r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000140), 0x8, 0x0) io_setup(0x1, &(0x7f0000000b80)=0x0) io_submit(r1, 0x1, &(0x7f0000000000)=[&(0x7f0000001a80)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) signalfd4(r0, &(0x7f0000000140), 0x8, 0x0) 2.559289053s ago: executing program 4 (id=4284): madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000008640)=[{0x0}], 0x1, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) 2.336536471s ago: executing program 2 (id=4287): r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) connect$llc(r0, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @multicast}, 0x10) recvmmsg(r0, &(0x7f00000050c0)=[{{0x0, 0x0, &(0x7f0000001540)=[{0x0}, {&(0x7f00000002c0)=""/59, 0x3b}], 0x2}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x3, 0x2, 0x0) sendmmsg(r0, &(0x7f0000001380), 0x3fffffffffffeed, 0x0) 2.197190585s ago: executing program 1 (id=4288): mq_open(0x0, 0x0, 0x0, &(0x7f0000000180)={0x0, 0x80000000001}) mq_notify(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x8000, 0x0, @thr={0x0, 0x0}}) r0 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000280)={r0, r0, r0}, &(0x7f00000000c0)=""/83, 0x53, 0x0) 2.141378397s ago: executing program 3 (id=4289): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha384-generic\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f7", 0x1}], 0x1}], 0x1, 0x0) 2.03776415s ago: executing program 5 (id=4290): r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x4}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000140)={&(0x7f0000ba1000/0x3000)=nil, &(0x7f0000732000/0x3000)=nil, 0x3000, 0x3}) 1.954615285s ago: executing program 0 (id=4291): r0 = socket(0x840000000002, 0x3, 0xff) setsockopt$inet_int(r0, 0x0, 0x16, &(0x7f0000000000)=0x9, 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10) sendmmsg$inet(r0, &(0x7f0000000440)=[{{&(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001980)=[{&(0x7f0000000200)="a9050000000074640000000000003552bde5c064c6", 0x15}, {&(0x7f0000000340)="174640b6d80fb2eedc81ba60ccbb9d", 0xf}], 0x2}}, {{&(0x7f00000004c0)={0x2, 0x0, @multicast1}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000140)="5825be57aff9352b356be67ca2746357d17879358b394762d6a5387374ccf333", 0x20}], 0x1}}], 0x2, 0x0) 1.82235342s ago: executing program 1 (id=4292): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = syz_pidfd_open(r0, 0x0) process_madvise(r1, 0x0, 0x0, 0x15, 0x0) 1.768742711s ago: executing program 3 (id=4293): r0 = socket$key(0xf, 0x3, 0x2) recvmmsg(r0, &(0x7f0000000440), 0x6f5, 0x2000000022, &(0x7f0000000480)={0x77359400}) sendmsg$key(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0216000002"], 0x10}}, 0x0) close(r0) 1.687704718s ago: executing program 1 (id=4294): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) sendmmsg$inet6(r0, &(0x7f0000000400)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000040)="18", 0x1}], 0x1}}, {{&(0x7f00000000c0)={0xa, 0x0, 0x0, @private0}, 0x1c, &(0x7f0000000240)=[{&(0x7f00000001c0)="02", 0x1}], 0x1}}], 0x2, 0x0) shutdown(r0, 0x1) setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) 1.550103393s ago: executing program 0 (id=4295): r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0) close(r0) syz_open_procfs$pagemap(0x0, &(0x7f0000000080)) ioctl$PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f0000000c00)={0x60, 0x0, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, 0x0, 0x0}) 1.548348725s ago: executing program 4 (id=4296): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64-generic\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$unix(r1, &(0x7f0000007ec0)=[{{0x0, 0x0, &(0x7f0000001480)=[{&(0x7f0000000100)="45372579928639cfde75b0139bc511e8e82daa15af585caf96f511e31f7d83f03047f885263fd3e769c073f02a904cdd3a5de644dba2cb58bdbf7d95bc0364b41e8705750ae5f8cf6a4a9d802c0153bb8a8ebab27d", 0x55}, {&(0x7f0000000200)="a36b0d65bc589e3a33", 0x9}, {&(0x7f0000000240)="8542deb16e030e04be5fd83d56898f23d859d060b9e6ddde247bdde959180bed177a9bc3f767c58ea288dc4aede579ed55dce6e597618e63217de610c28b23b97c20cd4a2f30c8fdaa59fdbcf7474af8b34d20c8d0832728ce1ea19584d950050b8375e1c0d294a19a1ab0339e59acc6738351a5679327b816c249f7b6a51e89c13a329ff48f963e937308dad2f256c8af5c", 0x92}, {&(0x7f0000000340)="fd2c98016bd3316aedf8c6c9df3901bd7e12a7893c0ea5d751e3a0f58636df3847ef835d5d66e40f8d0c44b6f7c5ef89ff5e120c8a68", 0x36}, {&(0x7f0000000440)="7d1373672bba4ca1a186e59b67d2f2084df27f4c890e7265ba81e9b73b1a6a1db1ca07e747f2edd1c7ce955eae37e5e667166999", 0x34}], 0x5}}], 0x1, 0x0) 1.547580714s ago: executing program 5 (id=4297): sendmsg$NLBL_UNLABEL_C_STATICADD(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4040}, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000340)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001400000018000180140002006e657464657673696d3000000000000008001b"], 0x34}}, 0x0) 1.269953857s ago: executing program 5 (id=4299): syz_mount_image$udf(&(0x7f0000000f00), &(0x7f00000000c0)='./file0\x00', 0xa00000, &(0x7f0000002c00)={[{@adinicb}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@uid}, {@umask={'umask', 0x3d, 0x3b}}, {@adinicb}, {@partition={'partition', 0x3d, 0xffff}}, {@shortad}, {@uid_forget}, {@unhide}]}, 0x1, 0xc54, &(0x7f00000037c0)="$eJzs3U9sHNd9B/DfGy3FldJWTJwqThoHm7ZIZcVy9S+iYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQIWMzsW3FJkbYskiIlfz42+d2deW/mvZn1DE3wzQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xr58+kzaYsWhfWgMAPBIXB396umzW93/AYAn1rXt/v8fAAAAAAAAAAAAAAA4KFIU8VSkmL26msar9x31K+2+O3fHhoa3rnYkVTUPVeXLr/qZs+fOf+nC4MVuXmlPv0/93faZeHX02uXGSzO3Z+cm5+cnJxpj0+0bMxOTD7yFndbf7GR1ABq3X7szcfPmfOPs8+c2rL478F7/x44PXBp89tQz3bJjQ8PDo+tF6r3law/dkI7tRngcjiJORYrnvvfT1IqIInZ+LOqP9txvdqTqxMmqE2NDw1VHptqt6YVy5Uj3QBQRjZ5Kze4x2vpcRK3vkfZhe82IxbL5ZYNPlt0bnW3Nta5PTTZGWnML7YX2zPRI6rS27E8jiriYIpYiYqX//s31RRG1SPGdY6vpen7qR3UcvlgNDN6+HcUe9vEBlO1s9EUsFY/BOTvA+qOIVyLFz94+ETfydaa61nwh4pUyfxDxZpkvRqTyg3E+4t0tPkc8nmpRxJ+X5//Sapqorgfd68qVrzW+Mn1zpqds97ryIe8P910p9un+cGRTPhoH/NpUjyJa1RV/NT38DzsAAAAAAAAAAAAAAAAA7LYjUcSnI8XL//ZH1bjiqMalH7s0+PsDv9w7ZvzpD9hOWfb5iFgsHmxM7uE8MHAkjaS0z2OJP8rqUcQf5/F/39rvxgAAAAAAAAAAAAAAAAAAAHykFfGTSPHCOyfSUvTOKd6evtW41ro+1ZkVtjv3b3fO9LW1tbVG6mQz53jOxZxLOZdzrqQ8v3C3fpHr5xzPuZhzKedyzpWccSjXz9nMOZ5zMedSzuWcKzmjluvnbOYcz7mYcynncs6VnHFA5u4FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHiSFFHELyLFt7+xmiJFRDNiPDq53L/frQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAASv2piO9HisYfNO8tq0VEqv7tOFF+Ox/Nw2V+IpqDZb4Yzcs5W1XWmt/ah/azM32piB9Hiv76W/dOeD7/fZ139z4G8eY31999ptbJQ92VA+/1f+z4sUuDw597ervXaasGnLzSnr5ztzE2NDw82rO4lvf+iZ5lA3m/xe50nYiYf/2N11pTU5NzD/+i/Ag8ZPXumdzB3h/li1R7bJq6Ky+idiCasX8vonYgmrE/fd+gvh8XJ/Zcef9/N1L89jv/3r3hd+7/9filzrt7d/j4+Z+s3/9f2LyhB7z/1zbXy/f/8k6w1f3/qZ5lL+SfRvpqEfWF27N9xyPq86+/cap9u3Vr8tbk9PnTp788OPjlc6f7DkfUb7anJnte7crhAgAAAAAAAAAAAAAAAHh0UhG/GylaP15NjYi4W43XGrg0+OypZw7FoWq81YZx26+OXrvceGnm9uzc5Pz85ERjbLp9Y2Zi8kF3V6+Ge40NDe9JZz7QkT1u/5H6SzOzr8+1b/3hwpbrj9YvX59fmGvd2Hp1HIkiotm75GTV4LGh4arRU+3WdFV1ZMvB9B9eXyriPyLFjfON9Pm8LI//3zzCf8P4/8XNG9rF8f+fO7o+/u/jPUXLfaZUxM8jxW/9xdPx+aqdR+O+Y5bL/U2kOHnxs7lcHC7LddvQea5AZ2RgWfZ/IsU//GJj2e54yKfWy575UAf3MVCe/2OR4vt/9t349bxs4/Mftj7/RzdvaI+e//DJnmVHNzyvYMddJ5//U5Hixafeit+olvzf+z7/o/vEhhOdwuvP59ij8/+rPcsG8n5/c7c6DwAAAAAAAAAA8BjrS0X8baT44XAtXcjLHuTv/yY2b2iP/v7rUz3LJnZnvqIPnvYGAAAAAJ4QfamIn0SKWwtv3RtDvXH8d8/4z99ZH/85lDatrX7P9yvVcwN28/d/vQbyfsd33m0AAAAAAAAAAAAAAAAAAAA4UFIq4kKeT328Gs8/se186suR4uX/ei6XS8fLct154Aeq7/Wra9OnLk9NzdRjoXV9arIxOtu6MVnW/WSkWP3rz+a6RTW/ene++c4c7+tzsc9FiuG/65btzMXenZu8Mx94fW0t4kxZ9uOR4j//fmPZPDV1nju62u7ZsuxfRYqv/9PWZY+vlz1Xlv1upPjR1xvdskfLshfyw1A/tV72+Rszxd6cGAAAAAAAAAAAAAAAAAAAAD5S+lIRfxop/vv20r2x/Hn+/76et5U3v9kz3/8md6t5/geq+f+3e/0w8/9XzxVY3G6vAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwZEpRxBuRYvbqalruL9931K+0p+/cHRsa3rrakVTVPFSVL7/qZ86eO/+lC4MXu/n+9Xfbp+PV0WuXGy/N3J6dm5yfn5xojE23b8xMTD7wFnZaf7OT1QFo3H7tzsTNm/ONs8+f27D67sB7/R87PnBp8NlTz3TLjg0ND4/2lKn1PfTe75O2WX44ivjLSPHc936aftgfUcTOj8UHfHb22pGqEyerTowNDVcdmWq3phfKlSPdA1FENHoqNbvH6BGcix1pRiyWzS8bfLLs3uhsa651fWqyMdKaW2gvtGemR1KntWV/GlHExRSxFBEr/fdvri+KeC1SfOfYavrn/ohD3ePwxaujXz19dvt2FHvYxwdQtrPRF7FUPAbn7ADrjyL+MVL87O0T8S/9EbXofMUXIl4p8wcRb0bnfKfyg3E+4t0tPkc8nmpRxP+W5//Sanq7v7wedK8rV77W+Mr0zZmest3rymN/f3iUDvi1qR5F/Ki64q+mf/XfNQAAAAAAAAAAAAAAAMABUsSvRYoX3jmRqvHB98YUt6dvNa61rk91hvV1x/51x0yvra2tNVInmznHcy7mXMq5nHMlZxS5fs5mmfW1tfH8fjHnUs7lnCs541Cun7OZczznYs6lnMs5V3JGLdfP2cw5nnMx51LO5ZwrOeOAjN0DAAAAAAAAAAAAAAAAAACeLEX1T4pvf2M1rfV35pcej04umw/0iff/AQAA//+M5PG4") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f00000007c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) 1.217652423s ago: executing program 1 (id=4300): r0 = socket$inet6(0xa, 0x2, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, '\x00', 0x25}, 0x10000}, 0x1c) sendto$inet6(r0, &(0x7f0000000100)="799f237f6c3f492e7318e2f8a77b4dca26bebfab00b56160baaafce4cdec2c636d6b915cad4e14f68afa3b884cf96e935fc2d9a2cc11af134daf261d6a1443327c69dc09d85f6c04c70bc1df1692c39e63d3fafb0fc698d2a666dd52edf937916e93ad8378fa374db5b57616bb393b7907ca9530908f8e16e93d4721247944556ee37bcb654d07b3edb2df8905607e4ad66226e251686d77dc916033ee280ccd5d1330ca4c13b2a05c0318ddaa510419fae539fb48d2f2fe550b99b96b277776fa4c2ebf00ebb045e8de03c2c6573342ceddefc1c269a9ca741e", 0xda, 0x4044, &(0x7f0000000000)={0xa, 0x4e23, 0x6, @loopback}, 0x1c) setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000400)=ANY=[@ANYBLOB="020c020000000000fc000000000000000000000000000001fe880000000000000000000000000001fe800000000000000000000000000018ff0100000000000000000000000000010000000000000000000010ffac141442fc0000000000"], 0x68) 1.157956569s ago: executing program 3 (id=4301): r0 = add_key$user(&(0x7f0000000200), &(0x7f0000000300)={'syz', 0x2}, &(0x7f00000002c0)="f5", 0x30, 0xfffffffffffffffe) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f0000000180)=0x10) r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xd3, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) 1.128134682s ago: executing program 4 (id=4302): r0 = syz_io_uring_setup(0x3d1a, &(0x7f0000000480), &(0x7f0000000080), &(0x7f0000000040)) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0) io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r0, 0x13, &(0x7f0000000000), 0x2) 1.028124492s ago: executing program 0 (id=4303): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x1, 0x178, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="000000000000f8ffffff000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000f00c0000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000182c20000000000000000000000b8000000b8000000e80000006970000000000000000000000000000000000000000000a823c565625b8d720020000000000000007f0000e1ab14140000000000000000000084300400000000000000000000000041554449540000bcb92dfff07fca000000466ef58f5dc8438b000000000000000800"/376]}, 0x1f0) r1 = socket$igmp(0x2, 0x3, 0x2) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000ac0)=@nat={'nat\x00', 0x19, 0x0, 0xc0, [0x20000a00, 0x0, 0x0, 0x20000a30, 0x20000a60], 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000"]}, 0x138) 842.322593ms ago: executing program 5 (id=4304): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0xfff) syz_emit_ethernet(0x4a, &(0x7f0000000140)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0180f2", 0x14, 0x6, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) 831.273465ms ago: executing program 1 (id=4305): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0xf, 0x0, 0x0, 0x0, 0x0, 0xb08e, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 822.365116ms ago: executing program 2 (id=4306): r0 = socket$inet6(0xa, 0x3, 0xff) setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000002e40)=ANY=[@ANYBLOB="00020201"], 0x18) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) sendto$inet6(r0, &(0x7f0000000040)="ab9bcfbd850ccbb3aad7ffc90f0aeb0af5dbce120d555f32fc1d1d16df579c8b7c20aeda96fbd665", 0x28, 0x0, 0x0, 0x0) 799.974539ms ago: executing program 3 (id=4307): mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x0, 0x0, 0x0) mbind(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2, &(0x7f0000000000)=0xfffffffffffffffb, 0x2e5, 0x0) set_mempolicy_home_node(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x0) mlock(&(0x7f0000ffd000/0x2000)=nil, 0x2000) 698.987491ms ago: executing program 0 (id=4308): r0 = epoll_create1(0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) writev(r1, &(0x7f0000000180)=[{&(0x7f0000000000)="9c", 0xffffff7d}], 0x1) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)) 533.294619ms ago: executing program 5 (id=4309): bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="eacb18"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8) 509.436127ms ago: executing program 2 (id=4310): r0 = socket(0x11, 0x800000003, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000680)=@newqdisc={0xac, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x7c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [], 0x0, [0x8, 0x4], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x10000}]}]}, @TCA_TAPRIO_ATTR_TXTIME_DELAY={0x8}]}}]}, 0xac}}, 0x0) 468.67919ms ago: executing program 3 (id=4311): r0 = socket$kcm(0x2, 0x200000000000001, 0x106) setsockopt$sock_attach_bpf(r0, 0x1, 0x7, &(0x7f0000000340), 0x4) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000040)={0x1}, 0x8) sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x30004001) 259.945138ms ago: executing program 3 (id=4312): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000010000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000003200)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10) ioctl$TIOCMGET(r0, 0x5415, &(0x7f0000000040)) 48.224586ms ago: executing program 2 (id=4313): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0x2, 0x4e21, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {0xa, 0x0, 0x0, @mcast2, 0x7fff}, r1}}, 0x48) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f00000000c0), r1, 0x0, 0x1, 0x4}}, 0x20) 41.14708ms ago: executing program 5 (id=4314): syz_mount_image$squashfs(&(0x7f0000000040), &(0x7f0000000240)='./file0\x00', 0x840, &(0x7f00000013c0)=ANY=[@ANYBLOB="00a3d9feb86e02e3b0bd5e574a822aa033060829d9f570706daaf7e64385f4c757c8c1509cbd06003c6d03000000ffdde116534a3e539068b679565b35a5982a243682d93c646500b71c53966a788a93af70a9e8378a4dff15e4a14b5a4b6c14d2feff8ec15164ffffba586557115ae1b2470a06d956cae4ea3b76e646ef7b00f8bcbad4030fa2f87bae1c91858fdee78fd19866212b8aedf818fea039932b8d5f454cf4fa9f9c1c0bd1c3f8c02f1bc702d7359eb8bef54e10c2b4d66fb887ed9e56e2fbf982ea3443c9c30d40c4dd067682187e224173e49a3d0700efeb8fc6570ce5feb7d4c9ab5c4cc09ba9ae6276845f065c7fdaab25776edddef50000000064dadb122182564d38cae5597ef4d5a2bf63415fdfe0867dee339da4a49e99fcf977e3be588fb6a8e4ee0d5395982f374f3802e1cf12c5849a07af1ad1e9f1f52725eab00af283cbfbd18fdc8e1951ba26508eb3781117b3a5263e3671d0b9e5aedd4e9261654e7cd5213600a77f55f0ab706a787ac204fff298dc72be1e80389d8f55f42c3b92acaee0df6b6bea8459d98d7bdc8e99b33022a2474d5527b68ba085ce52bf894f86c0f0f2f76c1ffe1e7ecbf2f1d7f8de553ebd38a1ad1f67e43da56f853f594b16be3822b97389b248dd3079e41ce185206267e9f174fd6ba01f9cc52c465608000048d0ad524a70f1688d1f30ca729963f14d140bf06f606065187fef9b44e884699a5bda981b07000000000000009a74a84388dc82ed1ba29aba106b9f6e11ea249e4870494ede40f7bc48dc2a14669c1b94b32209f16b423a9274740b8f4e641d46a6f14f44e26c4b7d5422322a2f8d967532b133014da9c571ffc2664e0838391e0242bcacaa0c00358bdefaf2bc51dcf4a7674b03b89cf213c3325c64493f3ed9866c4994c119363dec364813d2a1f3732323d6fde44b8178d35f936200a96118889bc34d1800779c82b877ba24d7aadec4abe72a3b5e9280cc12d3f3b60fa0163fc3ccdce18ced9a8ccf33122055f8870f804fb91d9f91ba8db505d020c01f532c9307117f34693dd535e1df52ccc94ba178aaf524117c214fa858d6da2f91c14ab5ea3080500366075694cf317cdad3e61d17bfa4490124e3616a0d581cf05cf2cecc0a9b83fe000000000000000000000000ed9111e3396fea123d15ff825b66e25945cb3fd6d31773af0634a155fe85159a643b064fba1135ff23d713431f3cf8587d8778f7eb1a02d155fb6185d105d26844d111c85fd6321fc4a9a368c04cd3f29a8badfb8a0152e7bb8b10a8e680292eb9ab00d3efd86111ca430dcfbf1910b235e636e99b615163989a3779e520b59d2e7db309a3710d5b11ae9c21ad7e4c7d000000000000000000000024aafb0479e8ea0ab8bfd97c2186a3a784ce996d63c42c31e3a211c284f7c0187429d7f01748d6f04519921b9d81a510de2ff2f21e7423328036d45adf7df57a0572a6dfba1e0e7dbed9aeebb7cd806f3685459be46dc69d314fd3ea633b1539f466c8d32a2e9392d1620656958900ffbf0c3f5139c03580f83516f02c1adbb6e16040f273456e982741fe40b3f6a3e9c8237f9da13572c209968b40dd6bf4fbb056d303698c74cdbd4c38c54e945e8e93ff946aa2a1fc940646fc7dbcb3455221cf6192c986eb7a087af45e68868f8495fe245d23f695e5295bc593eefe919cb7a522eb622614df5e02afdf12f7a8eb2edd583ca6fd3e1503836bc547a54d35f0d14dbad7ae02aaba65f732f8433e240611639af8d8c41da291f9f227329c0484c9c9b11300c2b9d5d92fa86c45afac025b406e897cc32f6db18837f8ec0f8ca4c5d4411bdf9b39b61d192c29d1e5c84a048ebb00"/1339], 0x1, 0x1cf, &(0x7f0000000780)="$eJzKKC4sZmdgYPj7sSaZQYABDBgZeBguMDAysDAwMKgzQsQYmCDUeij/BZSeCZW2gfKbofRCKF1xS3vdmlN+Z0566motk2VmaPXUlkcWk0vtMXKTXMwjwcwQmnpkUXFlVXZiTk5qUfFChopbyUkVp08wsFy3v6bSLMHp8EeewyFJ00GH6YiPR9aMxhLOSVKaYmxsmQpnz3yQX8emcYTh0QrmjXWeeY11halT89LykqqyqrLmTZy4cWZjZ2Pjyol1UWl+qxhbUlw2NXUyMjlsURPYzGyoPslGe8K79lUPkxxYezz8mk8ZK71OZb5kvLBI6tSKqpkTvijNZjT8znCHp2yFhIaGk8QVCYsGE4YjdbYNriAnpjQwpCmEMSapsYm1bTkzJ4SZn81tgUJL8gmm0KMcS2dKWBwQqjr501LzrUOi24xtTx3YzvAcPs6zpqBP0Oi4BIPTQsH/MiBjEhoayjTWMi21XfClSOOvhNdqY6cMBnd7pmWwAGVpAJEroTxZsJ6E5BUeOpqaRinJCQ2bJBKS3AoMlRm27uFcLdDAgBRtKgwMDNsZYXELAddgjFEwCkbBKBgFo2AUjIJRMApGwSgYBSMCAAIAAP//QJCYyw==") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) r1 = fanotify_init(0xf00, 0x0) fanotify_mark(r1, 0x105, 0x4800003a, r0, 0x0) 20.297246ms ago: executing program 4 (id=4315): r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0) close(r0) syz_open_procfs$pagemap(0x0, &(0x7f0000000080)) ioctl$PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f0000000c00)={0x60, 0x0, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, 0x0, 0x0}) 0s ago: executing program 1 (id=4316): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): ][ T5241] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 443.198116][ T5241] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 443.208031][ T5241] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 443.434392][T12982] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 443.666026][T12985] netlink: 428 bytes leftover after parsing attributes in process `syz.4.2902'. [ 443.731057][T12985] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2902'. [ 443.793006][T12972] loop5: detected capacity change from 0 to 40427 [ 443.810386][T12972] F2FS-fs (loop5): invalid crc value [ 443.880721][T12972] F2FS-fs (loop5): Found nat_bits in checkpoint [ 444.075466][T12972] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 444.154121][T12976] chnl_net:caif_netlink_parms(): no params data found [ 444.335875][T11536] syz-executor: attempt to access beyond end of device [ 444.335875][T11536] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 444.383780][T11536] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 444.555955][T12976] bridge0: port 1(bridge_slave_0) entered blocking state [ 444.578714][T12976] bridge0: port 1(bridge_slave_0) entered disabled state [ 444.598685][T12976] bridge_slave_0: entered allmulticast mode [ 444.619749][T12976] bridge_slave_0: entered promiscuous mode [ 444.646986][T12976] bridge0: port 2(bridge_slave_1) entered blocking state [ 444.690772][T12976] bridge0: port 2(bridge_slave_1) entered disabled state [ 444.725316][T12976] bridge_slave_1: entered allmulticast mode [ 444.765592][T12976] bridge_slave_1: entered promiscuous mode [ 444.841821][ T1268] ieee802154 phy0 wpan0: encryption failed: -22 [ 444.848188][ T1268] ieee802154 phy1 wpan1: encryption failed: -22 [ 444.977793][T12976] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 445.042779][T12976] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 445.259973][T12976] team0: Port device team_slave_0 added [ 445.297399][T12976] team0: Port device team_slave_1 added [ 445.313571][ T5241] Bluetooth: hci4: command tx timeout [ 445.459376][T12976] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 445.502119][T12976] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 445.528072][ C0] vkms_vblank_simulate: vblank timer overrun [ 445.613231][T12976] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 445.654643][T12976] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 445.680361][T12976] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 445.706352][ C0] vkms_vblank_simulate: vblank timer overrun [ 445.798872][T12976] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 445.870052][T13037] netlink: 'syz.3.2922': attribute type 10 has an invalid length. [ 445.891440][T13037] netlink: 55 bytes leftover after parsing attributes in process `syz.3.2922'. [ 446.278259][T12976] hsr_slave_0: entered promiscuous mode [ 446.372428][T12976] hsr_slave_1: entered promiscuous mode [ 446.423747][T13048] loop1: detected capacity change from 0 to 1024 [ 446.493119][T13048] hfsplus: bad catalog entry type [ 446.616195][ T11] hfsplus: b-tree write err: -5, ino 4 [ 446.780256][T13059] netlink: 'syz.4.2932': attribute type 1 has an invalid length. [ 446.810903][T13059] netlink: 9380 bytes leftover after parsing attributes in process `syz.4.2932'. [ 447.183485][T13075] loop3: detected capacity change from 0 to 1024 [ 447.333269][T12976] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 447.394435][ T5241] Bluetooth: hci4: command tx timeout [ 447.404088][ T25] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 447.494410][T13085] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 447.615792][ T25] usb 2-1: Using ep0 maxpacket: 8 [ 447.641036][T12976] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 447.667748][ T25] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 447.697935][ T25] usb 2-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 447.712565][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 447.737568][ T25] usb 2-1: config 0 descriptor?? [ 447.960234][T12976] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 447.973704][T13094] loop3: detected capacity change from 0 to 64 [ 448.020491][ T5295] usb 2-1: USB disconnect, device number 17 [ 448.057142][T13071] loop5: detected capacity change from 0 to 32768 [ 448.079757][T13071] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2936 (13071) [ 448.099874][T13071] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 448.111582][T13071] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm [ 448.121214][T13071] BTRFS info (device loop5): using free-space-tree [ 448.231036][T12976] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 448.417615][T13122] vlan2: entered promiscuous mode [ 448.423261][T13122] vlan2: entered allmulticast mode [ 448.512463][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 448.555006][T13124] team0: invalid flags given to default FDB implementation [ 448.648921][T12976] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 448.675732][T11536] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 448.746718][T12976] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 448.837912][T12976] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 448.890580][T12976] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 449.308425][T13139] bond_slave_0: entered promiscuous mode [ 449.358920][T13138] bond_slave_0: left promiscuous mode [ 449.472251][ T5241] Bluetooth: hci4: command tx timeout [ 449.499038][T12976] 8021q: adding VLAN 0 to HW filter on device bond0 [ 449.564516][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 449.641908][T12976] 8021q: adding VLAN 0 to HW filter on device team0 [ 449.689616][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 449.696919][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 449.759481][T13130] loop4: detected capacity change from 0 to 32768 [ 449.814749][ T954] bridge0: port 2(bridge_slave_1) entered blocking state [ 449.821962][ T954] bridge0: port 2(bridge_slave_1) entered forwarding state [ 450.177320][T13157] trusted_key: syz.5.2968 sent an empty control message without MSG_MORE. [ 450.705586][T12976] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 450.906522][T12976] veth0_vlan: entered promiscuous mode [ 450.969259][T12976] veth1_vlan: entered promiscuous mode [ 451.128341][T12976] veth0_macvtap: entered promiscuous mode [ 451.168389][T12976] veth1_macvtap: entered promiscuous mode [ 451.261515][T12976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 451.283706][T12976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 451.316316][T12976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 451.352581][T12976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 451.380584][T12976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 451.402225][T12976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 451.434765][T12976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 451.464942][T13190] No memory to map [ 451.468657][T12976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 451.512411][T12976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 451.536326][T12976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 451.552868][ T5241] Bluetooth: hci4: command tx timeout [ 451.564363][T12976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 451.593250][T12976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 451.603621][T12976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 451.616359][T12976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 451.631961][T12976] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 451.695915][T12976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 451.740720][T12976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 451.782100][T12976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 451.821816][T12976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 451.848768][T12976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 451.881432][T12976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 451.922557][T12976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 451.954784][T12976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 451.980214][T12976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 451.998653][T12976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 452.027149][T12976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 452.055077][T12976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 452.088034][T12976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 452.126169][T12976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 452.159064][T12976] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 452.228100][T12976] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 452.273114][T12976] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 452.312932][T12976] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 452.354618][T12976] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 452.461436][T13201] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2989'. [ 452.488338][T13201] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2989'. [ 452.799751][T13177] loop3: detected capacity change from 0 to 32768 [ 452.814151][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 452.859192][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 452.891488][T13177] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 452.929680][T13177] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 453.014004][T13177] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms [ 453.026598][ T954] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 453.048812][ T5239] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 453.064687][ T5239] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 453.066515][ T954] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 453.240408][ T5239] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 175ms [ 453.255167][ T5239] gfs2: fsid=syz:syz.0: jid=0: Done [ 453.272430][T13177] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 453.375002][T13220] sp0: Synchronizing with TNC [ 454.535572][T13243] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3006'. [ 454.810881][ T29] audit: type=1400 audit(1726042852.348:80): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=26260A3A0CCA7C2B08C9DFF78977F306B457C51CCA93031D371D06D2E59E880583300E11E8 pid=13250 comm="syz.3.3008" [ 454.864967][T13256] loop5: detected capacity change from 0 to 8 [ 454.892586][ T8] IPVS: starting estimator thread 0... [ 454.975439][T13254] IPVS: lc: SCTP 127.0.0.1:0 - no destination available [ 455.012986][T13257] IPVS: using max 17 ests per chain, 40800 per kthread [ 455.392486][T13271] openvswitch: netlink: Missing key (keys=40, expected=2000) [ 456.356710][T13303] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 456.604375][T13312] bridge0: port 2(bridge_slave_1) entered disabled state [ 456.693459][ T8] usb 4-1: new high-speed USB device number 24 using dummy_hcd [ 456.891078][ T8] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 456.913145][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 456.925360][T13322] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 456.966679][ T8] usb 4-1: config 0 descriptor?? [ 456.998938][ T8] cp210x 4-1:0.0: cp210x converter detected [ 457.605432][ T8] cp210x 4-1:0.0: failed to get vendor val 0x000e size 678: -71 [ 457.632115][ T8] cp210x 4-1:0.0: GPIO initialisation failed: -71 [ 457.700970][ T8] usb 4-1: cp210x converter now attached to ttyUSB0 [ 457.743583][ T8] usb 4-1: USB disconnect, device number 24 [ 457.775364][T13343] netlink: 312 bytes leftover after parsing attributes in process `syz.5.3050'. [ 457.797345][ T8] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 457.814374][ T8] cp210x 4-1:0.0: device disconnected [ 458.244158][T13359] program syz.0.3058 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 458.757483][T13375] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3065'. [ 459.234724][T13393] loop3: detected capacity change from 0 to 8192 [ 459.259660][T13393] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 459.319159][ T29] audit: type=1800 audit(1726042856.857:81): pid=13393 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3073" name="file0" dev="loop3" ino=1048724 res=0 errno=0 [ 459.397556][T13393] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 459.429072][T13393] FAT-fs (loop3): Filesystem has been set read-only [ 460.283721][ T9] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 460.300660][T13432] loop1: detected capacity change from 0 to 128 [ 460.389708][T13432] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 460.403742][T13432] ext4 filesystem being mounted at /309/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 460.495642][ T9] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 460.513418][ T9] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 460.522480][ T9] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 460.573457][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 460.605019][ T9] usb 6-1: config 0 descriptor?? [ 460.680695][ T9436] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 460.749146][T13447] bridge: RTM_NEWNEIGH with invalid state 0x4 [ 460.905311][ T9] usb 6-1: USB disconnect, device number 18 [ 460.940884][T13453] loop1: detected capacity change from 0 to 64 [ 460.957873][T13452] loop4: detected capacity change from 0 to 1024 [ 461.020750][T13452] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 461.098956][T13453] hfs: keylen 94 too large [ 461.123946][T13453] hfs: inconsistency in B*Tree (1,0,1,0,3) [ 461.128885][T13463] input: syz1 as /devices/virtual/input/input33 [ 461.183873][T13452] fscrypt (loop4, inode 18): Unsupported encryption flags (0x10) [ 461.338471][T10127] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 461.444372][T13470] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 461.644195][T13478] loop5: detected capacity change from 0 to 64 [ 461.796338][T13483] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3113'. [ 462.737723][ T52] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 463.089090][ T52] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 463.454715][ T5295] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 463.497338][ T52] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 463.708593][ T5295] usb 4-1: config 0 interface 0 has no altsetting 0 [ 463.737270][ T5295] usb 4-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75 [ 463.785727][ T5295] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 463.792525][ T52] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 463.846689][ T5295] usb 4-1: config 0 descriptor?? [ 463.894379][ T5234] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 463.937129][ T5234] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 463.960171][ T5234] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 463.968943][ T5234] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 463.978806][ T5234] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 463.987466][ T5234] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 463.988326][T13536] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3140'. [ 464.007756][T13534] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3139'. [ 464.507898][ T52] bridge_slave_1: left allmulticast mode [ 464.526370][ T52] bridge_slave_1: left promiscuous mode [ 464.535470][ T52] bridge0: port 2(bridge_slave_1) entered disabled state [ 464.605962][ T52] bridge_slave_0: left allmulticast mode [ 464.618485][ T52] bridge_slave_0: left promiscuous mode [ 464.634224][ T52] bridge0: port 1(bridge_slave_0) entered disabled state [ 464.707660][ T5295] video4linux radio32: keene_cmd_main failed (-71) [ 464.754044][ T5295] radio-keene 4-1:0.0: V4L2 device registered as radio32 [ 464.792231][ T5295] usb 4-1: USB disconnect, device number 25 [ 465.751443][T13572] loop1: detected capacity change from 0 to 4096 [ 465.788514][T13572] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 465.841152][T13572] ntfs3: loop1: Failed to initialize $Extend/$Reparse. [ 465.915222][T13572] ntfs3: loop1: ino=1b, "file0" attr_set_size [ 465.921364][T13572] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 466.115085][ T5234] Bluetooth: hci0: command tx timeout [ 466.505597][ T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 466.550423][ T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 466.590394][ T52] bond0 (unregistering): Released all slaves [ 467.455457][T13531] chnl_net:caif_netlink_parms(): no params data found [ 467.677179][T13627] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3180'. [ 467.686671][T13627] netlink: 'syz.1.3180': attribute type 3 has an invalid length. [ 467.717304][T13629] @: renamed from vlan0 (while UP) [ 467.830675][ T52] hsr_slave_0: left promiscuous mode [ 467.917366][ T52] hsr_slave_1: left promiscuous mode [ 467.967118][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 467.982714][ T52] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 467.999744][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 468.012563][ T52] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 468.131963][ T52] veth1_macvtap: left promiscuous mode [ 468.142554][ T52] veth0_macvtap: left promiscuous mode [ 468.148632][ T52] veth1_vlan: left promiscuous mode [ 468.154134][ T52] veth0_vlan: left promiscuous mode [ 468.194646][ T5234] Bluetooth: hci0: command tx timeout [ 469.123198][T13666] netlink: 68 bytes leftover after parsing attributes in process `syz.0.3199'. [ 469.591626][ T52] team0 (unregistering): Port device team_slave_1 removed [ 469.689145][ T52] team0 (unregistering): Port device team_slave_0 removed [ 470.284736][ T5234] Bluetooth: hci0: command tx timeout [ 470.686510][T13681] netlink: 'syz.2.3206': attribute type 11 has an invalid length. [ 470.990313][T13531] bridge0: port 1(bridge_slave_0) entered blocking state [ 471.047526][T13531] bridge0: port 1(bridge_slave_0) entered disabled state [ 471.075134][T13531] bridge_slave_0: entered allmulticast mode [ 471.085176][ T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!! [ 471.098198][T13531] bridge_slave_0: entered promiscuous mode [ 471.138875][T13531] bridge0: port 2(bridge_slave_1) entered blocking state [ 471.168016][T13531] bridge0: port 2(bridge_slave_1) entered disabled state [ 471.189877][T13531] bridge_slave_1: entered allmulticast mode [ 471.211436][T13531] bridge_slave_1: entered promiscuous mode [ 471.301748][T13695] mkiss: ax0: crc mode is auto. [ 471.448566][T13531] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 471.541982][T13531] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 471.565026][ T5295] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 471.793449][ T5295] usb 3-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 471.814291][T13531] team0: Port device team_slave_0 added [ 471.820847][ T5295] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 471.849262][ T5295] usb 3-1: Product: syz [ 471.853472][ T5295] usb 3-1: Manufacturer: syz [ 471.863933][T13531] team0: Port device team_slave_1 added [ 471.893067][ T5295] usb 3-1: SerialNumber: syz [ 471.941718][ T5295] usb 3-1: config 0 descriptor?? [ 472.118685][T13531] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 472.156969][T13531] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 472.225345][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 472.334941][T13531] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 472.364880][ T5234] Bluetooth: hci0: command tx timeout [ 472.383932][T13531] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 472.411287][ T5295] usb 3-1: USB disconnect, device number 18 [ 472.439217][T13531] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 472.552323][T13531] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 472.700614][T13531] hsr_slave_0: entered promiscuous mode [ 472.719178][T13531] hsr_slave_1: entered promiscuous mode [ 472.729548][T13531] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 472.747340][T13531] Cannot create hsr debugfs directory [ 472.975075][ T9] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 473.192865][ T9] usb 4-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5 [ 473.204945][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 473.243667][ T9] usb 4-1: Product: syz [ 473.253847][ T9] usb 4-1: Manufacturer: syz [ 473.274215][ T9] usb 4-1: SerialNumber: syz [ 473.278664][T13727] loop1: detected capacity change from 0 to 1024 [ 473.288156][ T9] usb 4-1: config 0 descriptor?? [ 473.307910][ T9] gspca_main: sq905c-2.14.0 probing 2770:9052 [ 473.348699][T13727] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 473.415167][ T8] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 473.556063][T13727] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback. [ 473.648523][ T8] usb 1-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 473.678265][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 473.700459][ T9436] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 473.710095][ T8] usb 1-1: Product: syz [ 473.714326][ T8] usb 1-1: Manufacturer: syz [ 473.760469][ T8] usb 1-1: SerialNumber: syz [ 473.786551][ T8] usb 1-1: config 0 descriptor?? [ 473.985639][T13716] loop4: detected capacity change from 0 to 40427 [ 474.028075][T13716] F2FS-fs (loop4): Found nat_bits in checkpoint [ 474.089196][T13531] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 474.116845][ T9] usb 4-1: USB disconnect, device number 26 [ 474.124761][T13531] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 474.157981][T13531] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 474.191267][T13716] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 474.205966][T13531] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 474.227095][T13716] syz.4.3218: attempt to access beyond end of device [ 474.227095][T13716] loop4: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 474.248858][ T8] usb 1-1: Firmware: major: 0, minor: 0, hardware type: ATUSB (0) [ 474.267759][T13716] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 474.281156][ T8] usb 1-1: Firmware version (0.0) predates our first public release. [ 474.292700][ T8] usb 1-1: Please update to version 0.2 or newer [ 474.517904][ T8] usb 1-1: USB disconnect, device number 20 [ 474.809439][T13531] 8021q: adding VLAN 0 to HW filter on device bond0 [ 474.868002][T13531] 8021q: adding VLAN 0 to HW filter on device team0 [ 474.904984][ T967] bridge0: port 1(bridge_slave_0) entered blocking state [ 474.912285][ T967] bridge0: port 1(bridge_slave_0) entered forwarding state [ 474.974966][ T967] bridge0: port 2(bridge_slave_1) entered blocking state [ 474.982423][ T967] bridge0: port 2(bridge_slave_1) entered forwarding state [ 475.105309][ T5333] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 475.305970][ T5333] usb 4-1: Using ep0 maxpacket: 32 [ 475.332604][ T5333] usb 4-1: config 0 has an invalid descriptor of length 185, skipping remainder of the config [ 475.359718][ T5333] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 475.402538][ T5333] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 475.433288][ T5333] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 475.466491][ T5333] usb 4-1: config 0 descriptor?? [ 475.478757][ T5333] hub 4-1:0.0: bad descriptor, ignoring hub [ 475.507250][ T5333] hub 4-1:0.0: probe with driver hub failed with error -5 [ 475.616730][T13745] loop1: detected capacity change from 0 to 32768 [ 475.665342][ T5294] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 475.761205][T13531] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 475.855846][ T9] usb 4-1: USB disconnect, device number 27 [ 475.870672][ T5294] usb 3-1: New USB device found, idVendor=0fd9, idProduct=002c, bcdDevice=51.8f [ 475.886358][ T5294] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 475.924936][ T5294] usb 3-1: Product: syz [ 475.940524][ T5294] usb 3-1: Manufacturer: syz [ 475.956926][ T5294] usb 3-1: SerialNumber: syz [ 475.979333][ T5294] usb 3-1: config 0 descriptor?? [ 476.020792][ T5294] as10x_usb: device has been detected [ 476.042577][ T5294] dvbdev: DVB: registering new adapter (Elgato EyeTV DTT Deluxe) [ 476.089996][ T5294] usb 3-1: DVB: registering adapter 1 frontend 0 (Elgato EyeTV DTT Deluxe)... [ 476.226485][ T9] usb 4-1: new high-speed USB device number 28 using dummy_hcd [ 476.271865][ T5294] as10x_usb: error during firmware upload part1 [ 476.310312][ T5294] Registered device Elgato EyeTV DTT Deluxe [ 476.317924][ T5294] usb 3-1: USB disconnect, device number 19 [ 476.432598][ T5294] Unregistered device Elgato EyeTV DTT Deluxe [ 476.438755][ T9] usb 4-1: config 0 has an invalid descriptor of length 185, skipping remainder of the config [ 476.446092][ T5294] as10x_usb: device has been disconnected [ 476.487888][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 476.540778][ T9] usb 4-1: New USB device found, idVendor=0b48, idProduct=2003, bcdDevice= 0.40 [ 476.573551][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 476.624976][ T9] usb 4-1: config 0 descriptor?? [ 476.632611][T13531] veth0_vlan: entered promiscuous mode [ 476.663092][ T9] ttusbir 4-1:0.0: cannot find expected altsetting [ 476.693075][T13531] veth1_vlan: entered promiscuous mode [ 476.843193][T13531] veth0_macvtap: entered promiscuous mode [ 476.864332][T13531] veth1_macvtap: entered promiscuous mode [ 476.885304][ T5294] usb 4-1: USB disconnect, device number 28 [ 476.979966][T13780] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3242'. [ 477.017629][T13531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 477.069781][T13531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.109237][T13531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 477.135848][T13531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.160130][T13531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 477.184187][T13531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.202833][T13531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 477.213859][T13531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.232078][T13531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 477.243462][T13531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.254762][T13531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 477.271125][T13531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.282045][T13531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 477.294918][T13531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.316272][T13531] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 477.399730][T13531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 477.419225][T13531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.472569][T13531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 477.519629][T13531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.555930][T13531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 477.594873][T13531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.631441][T13531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 477.664657][T13531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.698606][T13531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 477.736651][T13531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.760761][T13531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 477.784663][T13531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.806366][T13531] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 477.832793][T13531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.862498][T13531] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 477.928669][T13531] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 477.986606][T13531] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 478.035959][T13531] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 478.044733][T13531] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 478.214347][T13807] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3255'. [ 478.368077][ T967] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 478.422970][ T967] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 478.562564][T13815] tap0: tun_chr_ioctl cmd 2147767521 [ 478.582551][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 478.602139][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 478.891898][T13823] loop3: detected capacity change from 0 to 128 [ 479.129799][T13828] veth1_macvtap: left promiscuous mode [ 479.140286][T13828] macsec0: entered allmulticast mode [ 479.181392][T13828] A link change request failed with some changes committed already. Interface macsec0 may have been left with an inconsistent configuration, please check. [ 479.425804][ T8] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 479.620338][ T8] usb 6-1: config 0 has no interfaces? [ 479.638517][ T8] usb 6-1: New USB device found, idVendor=eb1a, idProduct=e350, bcdDevice=f8.fa [ 479.676066][ T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 479.708194][ T8] usb 6-1: config 0 descriptor?? [ 480.018314][ T9] usb 6-1: USB disconnect, device number 19 [ 480.708849][T13840] loop1: detected capacity change from 0 to 32768 [ 480.726631][T13840] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3268 (13840) [ 480.770290][T13846] loop3: detected capacity change from 0 to 32768 [ 480.777157][T13840] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 480.797517][T13840] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [ 480.806501][T13846] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.3270 (13846) [ 480.836460][T13840] BTRFS info (device loop1): using free-space-tree [ 480.869262][T13846] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 480.911036][T13846] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 480.926548][T13846] BTRFS info (device loop3): using free-space-tree [ 481.226794][ T9436] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 481.347087][ T9937] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 482.723181][T13929] loop4: detected capacity change from 0 to 512 [ 482.785799][T13929] EXT4-fs: Ignoring removed i_version option [ 482.853633][T13899] loop5: detected capacity change from 0 to 32768 [ 482.882070][T13929] EXT4-fs (loop4): 1 truncate cleaned up [ 482.901194][T13929] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 483.293218][T13942] loop3: detected capacity change from 0 to 164 [ 483.363859][T10127] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 483.379033][T13942] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet. [ 483.399393][T13944] netlink: 56 bytes leftover after parsing attributes in process `syz.2.3301'. [ 484.136539][ T5294] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 484.340711][ T5294] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 484.375003][ T5294] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 484.433504][ T5294] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 484.489331][ T5294] usb 3-1: config 0 descriptor?? [ 484.921162][ T5294] ath6kl: Unsupported hardware version: 0x0 [ 484.958548][ T5294] ath6kl: Failed to init ath6kl core: -22 [ 484.985338][ T5294] ath6kl_usb 3-1:0.0: probe with driver ath6kl_usb failed with error -22 [ 485.175828][ T5295] usb 3-1: USB disconnect, device number 20 [ 485.515536][T13985] loop3: detected capacity change from 0 to 128 [ 485.584704][T13985] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 485.645308][T13985] ext4 filesystem being mounted at /243/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 485.677159][ C1] vkms_vblank_simulate: vblank timer overrun [ 485.820668][T13991] loop1: detected capacity change from 0 to 512 [ 485.898853][T13991] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 486.017713][T13991] EXT4-fs (loop1): 1 truncate cleaned up [ 486.025135][T13991] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 486.188209][ T9937] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 486.389694][ T9436] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 486.530697][T13982] loop4: detected capacity change from 0 to 32768 [ 486.585854][T13982] btrfs: Deprecated parameter 'usebackuproot' [ 486.615382][T13982] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 486.692911][T13982] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3317 (13982) [ 486.721600][T13978] loop5: detected capacity change from 0 to 32768 [ 486.799432][ T5241] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 486.811938][ T5241] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 486.832585][ T5241] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 486.846966][T13978] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3314 (13978) [ 486.876703][T13982] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 486.896934][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 486.912922][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 486.925252][ T5241] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 486.941001][ T5241] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 486.949709][ T5241] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 487.016523][T13982] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 487.025660][T13982] BTRFS info (device loop4): disk space caching is enabled [ 487.063006][T13982] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 487.129073][T13978] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 487.176092][T13978] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [ 487.241577][T13982] btrfs: Deprecated parameter 'usebackuproot' [ 487.260264][T13982] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 487.275576][T13982] BTRFS warning (device loop4 state M): remount supports changing free space tree only from RO to RW [ 487.291353][T13982] BTRFS info (device loop4 state M): enabling free space tree [ 487.304114][T13982] BTRFS info (device loop4 state M): force clearing of disk cache [ 487.352028][T13982] BTRFS info (device loop4 state M): trying to use backup root at mount time [ 487.364514][T13982] BTRFS info (device loop4 state M): disabling disk space caching [ 487.434107][T13978] BTRFS info (device loop5): rebuilding free space tree [ 487.454768][T10127] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 487.538514][T13978] BTRFS info (device loop5): disabling free space tree [ 487.597292][T13978] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 487.607722][T13978] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 487.670571][ T52] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 487.736765][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 487.797027][ T29] audit: type=1800 audit(1726042885.314:82): pid=13978 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3314" name="file2" dev="loop5" ino=261 res=0 errno=0 [ 488.419376][T13999] loop3: detected capacity change from 0 to 32768 [ 488.440494][T13531] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 488.575656][ T52] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 488.653755][T14046] loop4: detected capacity change from 0 to 256 [ 488.730403][T14046] exFAT-fs (loop4): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 488.806339][ C1] hrtimer: interrupt took 828691 ns [ 489.000839][ T5241] Bluetooth: hci8: command tx timeout [ 489.812086][ T52] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 489.868436][T14048] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 489.879174][T14048] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 489.889949][T14048] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 489.920239][T14048] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 490.265369][ T52] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 490.349510][T14070] netlink: 'syz.4.3342': attribute type 12 has an invalid length. [ 490.384162][T14070] netlink: 'syz.4.3342': attribute type 10 has an invalid length. [ 490.899446][T14097] netlink: 'syz.2.3354': attribute type 1 has an invalid length. [ 491.078562][ T5241] Bluetooth: hci8: command tx timeout [ 491.266150][T14104] program syz.3.3357 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 491.310827][T14005] chnl_net:caif_netlink_parms(): no params data found [ 491.370922][ T52] bridge_slave_1: left allmulticast mode [ 491.376619][ T52] bridge_slave_1: left promiscuous mode [ 491.408385][T14110] binder: 14108:14110 ioctl c018620c 200005c0 returned -1 [ 491.415892][ T52] bridge0: port 2(bridge_slave_1) entered disabled state [ 491.456385][ T52] bridge_slave_0: left allmulticast mode [ 491.480372][ T52] bridge_slave_0: left promiscuous mode [ 491.491625][ T52] bridge0: port 1(bridge_slave_0) entered disabled state [ 491.517918][T14114] loop4: detected capacity change from 0 to 164 [ 491.654575][ T5294] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 491.786500][ T29] audit: type=1326 audit(1726042889.323:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14121 comm="syz.4.3366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f196b97def9 code=0x7ffc0000 [ 491.841704][ T29] audit: type=1326 audit(1726042889.353:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14121 comm="syz.4.3366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f196b97def9 code=0x7ffc0000 [ 491.890008][ T5294] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 491.920365][ T5294] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 491.944534][ T29] audit: type=1326 audit(1726042889.363:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14121 comm="syz.4.3366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f196b97def9 code=0x7ffc0000 [ 491.946319][ T5294] usb 3-1: Product: syz [ 491.980483][ T5333] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 492.020713][ T5294] usb 3-1: Manufacturer: syz [ 492.036763][ T29] audit: type=1326 audit(1726042889.363:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14121 comm="syz.4.3366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f196b97def9 code=0x7ffc0000 [ 492.041633][ T5294] usb 3-1: SerialNumber: syz [ 492.105961][ T8] hid-generic 000D:0000:0000.001D: unknown main item tag 0x0 [ 492.118093][ T29] audit: type=1326 audit(1726042889.373:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14121 comm="syz.4.3366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f196b97def9 code=0x7ffc0000 [ 492.153407][ T8] hid-generic 000D:0000:0000.001D: unknown main item tag 0x0 [ 492.160117][ T5294] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 492.206955][ T8] hid-generic 000D:0000:0000.001D: hidraw0: HID v0.00 Device [syz1] on syz1 [ 492.220571][T14128] loop1: detected capacity change from 0 to 256 [ 492.237372][ T29] audit: type=1326 audit(1726042889.373:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14121 comm="syz.4.3366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f196b97def9 code=0x7ffc0000 [ 492.267612][ T5333] usb 6-1: Using ep0 maxpacket: 8 [ 492.274812][T14128] exfat: Deprecated parameter 'utf8' [ 492.303144][ T29] audit: type=1326 audit(1726042889.373:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14121 comm="syz.4.3366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f196b97def9 code=0x7ffc0000 [ 492.329442][T14128] exfat: Deprecated parameter 'namecase' [ 492.329484][T14128] exfat: Deprecated parameter 'utf8' [ 492.341879][T14128] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 492.392176][ T5333] usb 6-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 492.397851][ T29] audit: type=1326 audit(1726042889.373:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14121 comm="syz.4.3366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=437 compat=0 ip=0x7f196b97def9 code=0x7ffc0000 [ 492.410192][T14128] exFAT-fs (loop1): hint_cluster is invalid (1), rewind to the first cluster [ 492.431856][ T5293] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 492.436173][ T5333] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 492.478827][ T5333] usb 6-1: Product: syz [ 492.483050][ T5333] usb 6-1: Manufacturer: syz [ 492.509345][ T29] audit: type=1326 audit(1726042889.373:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14121 comm="syz.4.3366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f196b97def9 code=0x7ffc0000 [ 492.521284][ T5333] usb 6-1: SerialNumber: syz [ 492.564060][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 492.596928][ T5333] usb 6-1: config 0 descriptor?? [ 492.632541][T14130] exFAT-fs (loop1): error, failed to bmap (inode : ffff88805c2eaee8 iblock : 0, err : -5) [ 492.680220][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 492.696740][ T5333] gspca_main: se401-2.14.0 probing 047d:5003 [ 492.744136][T14130] exFAT-fs (loop1): error, failed to bmap (inode : ffff88805c2eaee8 iblock : 0, err : -5) [ 492.758352][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 492.771965][T14130] exFAT-fs (loop1): error, failed to bmap (inode : ffff88805c2eaee8 iblock : 1, err : -5) [ 492.783329][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 492.793161][T14130] exFAT-fs (loop1): error, failed to bmap (inode : ffff88805c2eaee8 iblock : 2, err : -5) [ 492.817738][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 492.857884][T14130] exFAT-fs (loop1): error, failed to bmap (inode : ffff88805c2eaee8 iblock : 3, err : -5) [ 492.902608][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 492.945660][T14130] exFAT-fs (loop1): error, failed to bmap (inode : ffff88805c2eaee8 iblock : 4, err : -5) [ 493.004533][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 493.051062][T14130] exFAT-fs (loop1): error, failed to bmap (inode : ffff88805c2eaee8 iblock : 5, err : -5) [ 493.089669][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 493.102048][T14130] exFAT-fs (loop1): error, failed to bmap (inode : ffff88805c2eaee8 iblock : 6, err : -5) [ 493.117821][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 493.131398][T14130] exFAT-fs (loop1): error, failed to bmap (inode : ffff88805c2eaee8 iblock : 7, err : -5) [ 493.158237][ T5241] Bluetooth: hci8: command tx timeout [ 493.158890][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 493.175216][T14130] exFAT-fs (loop1): error, failed to bmap (inode : ffff88805c2eaee8 iblock : 8, err : -5) [ 493.186652][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 493.196447][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 493.214832][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 493.225203][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 493.238842][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 493.278437][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 493.288970][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 493.319461][T14136] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 493.332383][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 493.343207][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 493.362309][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 493.372412][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 493.387916][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 493.388144][T14136] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 493.405272][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 493.452408][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 493.481243][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 493.507256][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 493.524949][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 493.552938][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 493.561330][ T5333] usb 6-1: reset high-speed USB device number 20 using dummy_hcd [ 493.565465][ T5293] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive [ 493.591272][ T5293] ath9k_htc: Failed to initialize the device [ 493.598832][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 493.625205][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 493.648353][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 493.667284][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 493.691704][T14130] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 493.715493][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 493.715729][ T29] audit: type=1800 audit(1726042891.253:93): pid=14130 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3369" name="file1" dev="loop1" ino=1048730 res=0 errno=0 [ 493.731900][T14139] loop4: detected capacity change from 0 to 4096 [ 493.813472][T14139] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 493.897116][ T5293] usb 3-1: ath9k_htc: USB layer deinitialized [ 493.906093][T14139] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 493.947797][T14139] ntfs3: loop4: Failed to load $MFT (-22). [ 494.009964][ T5295] usb 3-1: USB disconnect, device number 21 [ 494.038392][ T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 494.088258][ T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 494.114304][ T52] bond0 (unregistering): Released all slaves [ 494.282959][ T5333] gspca_se401: write req failed req 0x57 val 0x00 error -71 [ 494.307867][ T5333] se401 6-1:0.0: probe with driver se401 failed with error -71 [ 494.328046][ T5333] usb 6-1: USB disconnect, device number 20 [ 494.641620][ T52] IPVS: stopping master sync thread 11932 ... [ 494.728767][T14005] bridge0: port 1(bridge_slave_0) entered blocking state [ 494.744010][T14005] bridge0: port 1(bridge_slave_0) entered disabled state [ 494.764433][T14005] bridge_slave_0: entered allmulticast mode [ 494.783640][T14005] bridge_slave_0: entered promiscuous mode [ 494.825017][T14154] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 494.960230][T14155] loop1: detected capacity change from 0 to 4096 [ 494.970647][T14155] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 494.984212][T14005] bridge0: port 2(bridge_slave_1) entered blocking state [ 495.021030][T14005] bridge0: port 2(bridge_slave_1) entered disabled state [ 495.043311][T14005] bridge_slave_1: entered allmulticast mode [ 495.081302][T14005] bridge_slave_1: entered promiscuous mode [ 495.227702][ T29] audit: type=1800 audit(1726042892.753:94): pid=14155 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3378" name="file1" dev="loop1" ino=29 res=0 errno=0 [ 495.237926][ T5241] Bluetooth: hci8: command tx timeout [ 495.487971][T14171] loop5: detected capacity change from 0 to 164 [ 495.540931][T14171] rock: corrupted directory entry. extent=41, offset=65536, size=8 [ 495.633872][T14171] rock: corrupted directory entry. extent=41, offset=65536, size=8 [ 495.678757][T14005] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 495.749100][T14005] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 496.013365][ T52] hsr_slave_0: left promiscuous mode [ 496.024455][ T52] hsr_slave_1: left promiscuous mode [ 496.106512][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 496.147838][ T52] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 496.185895][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 496.224935][ T52] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 496.360058][ T52] veth1_macvtap: left promiscuous mode [ 496.386057][ T52] veth0_macvtap: left promiscuous mode [ 496.400274][ T52] veth1_vlan: left promiscuous mode [ 496.412113][ T52] veth0_vlan: left promiscuous mode [ 498.136489][ T5241] Bluetooth: hci3: command 0x0406 tx timeout [ 498.184051][ T52] team0 (unregistering): Port device team_slave_1 removed [ 498.276144][ T52] team0 (unregistering): Port device team_slave_0 removed [ 499.023726][T14208] tap0: tun_chr_ioctl cmd 1074025681 [ 499.109694][T14005] team0: Port device team_slave_0 added [ 499.147693][T14005] team0: Port device team_slave_1 added [ 499.465165][T14005] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 499.520692][T14005] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 499.653434][T14005] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 499.731793][T14005] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 499.763182][T14005] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 499.851887][T14005] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 500.147319][T14234] program syz.2.3415 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 500.253231][T14005] hsr_slave_0: entered promiscuous mode [ 500.328886][T14005] hsr_slave_1: entered promiscuous mode [ 500.345722][T14005] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 500.378270][T14005] Cannot create hsr debugfs directory [ 501.908892][T14238] loop4: detected capacity change from 0 to 32768 [ 501.956400][T14238] BTRFS: device fsid 34a2da50-e117-4d40-8878-8e0fb0127b5f devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3417 (14238) [ 501.990882][T14005] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 502.009731][T14238] BTRFS info (device loop4): first mount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f [ 502.024976][T14238] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm [ 502.036078][T14238] BTRFS info (device loop4): using free-space-tree [ 502.047669][T14005] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 502.080188][T14005] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 502.137610][T14005] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 502.414949][T10127] BTRFS info (device loop4): last unmount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f [ 502.491548][T14281] loop5: detected capacity change from 0 to 1024 [ 502.588679][T14281] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 502.639537][T14281] ext4 filesystem being mounted at /18/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 502.750762][T14005] 8021q: adding VLAN 0 to HW filter on device bond0 [ 502.762188][T14289] netlink: 830 bytes leftover after parsing attributes in process `syz.2.3431'. [ 502.887769][T14005] 8021q: adding VLAN 0 to HW filter on device team0 [ 503.016251][ T63] bridge0: port 1(bridge_slave_0) entered blocking state [ 503.023504][ T63] bridge0: port 1(bridge_slave_0) entered forwarding state [ 503.067497][T13531] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 503.081483][ T63] bridge0: port 2(bridge_slave_1) entered blocking state [ 503.088732][ T63] bridge0: port 2(bridge_slave_1) entered forwarding state [ 503.509779][T14301] binder: BC_ACQUIRE_RESULT not supported [ 503.525095][T14301] binder: 14299:14301 ioctl c0306201 20000480 returned -22 [ 503.899282][ T29] audit: type=1326 audit(1726042901.432:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14309 comm="syz.3.3438" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6286b7def9 code=0x0 [ 503.993122][T14306] loop5: detected capacity change from 0 to 4096 [ 504.084028][T14318] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 504.379717][T14005] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 504.488214][T14324] loop4: detected capacity change from 0 to 256 [ 504.594744][T14005] veth0_vlan: entered promiscuous mode [ 504.608347][T14282] loop1: detected capacity change from 0 to 40427 [ 504.650997][T14324] FAT-fs (loop4): Directory bread(block 64) failed [ 504.654742][T14005] veth1_vlan: entered promiscuous mode [ 504.672357][T14282] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 504.692137][T14324] FAT-fs (loop4): Directory bread(block 65) failed [ 504.719326][T14324] FAT-fs (loop4): Directory bread(block 66) failed [ 504.725920][T14324] FAT-fs (loop4): Directory bread(block 67) failed [ 504.741593][T14282] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 504.782135][T14324] FAT-fs (loop4): Directory bread(block 68) failed [ 504.819524][T14324] FAT-fs (loop4): Directory bread(block 69) failed [ 504.826140][T14282] F2FS-fs (loop1): invalid crc value [ 504.852696][T14324] FAT-fs (loop4): Directory bread(block 70) failed [ 504.884097][T14282] F2FS-fs (loop1): Found nat_bits in checkpoint [ 504.895570][T14005] veth0_macvtap: entered promiscuous mode [ 504.904616][T14324] FAT-fs (loop4): Directory bread(block 71) failed [ 504.926171][T14324] FAT-fs (loop4): Directory bread(block 72) failed [ 504.959397][T14324] FAT-fs (loop4): Directory bread(block 73) failed [ 504.988087][T14005] veth1_macvtap: entered promiscuous mode [ 505.147320][T14005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 505.191347][T14005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 505.222095][T14282] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 505.237410][T14005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 505.255746][T14282] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 505.286338][T14005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 505.331425][T14005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 505.362113][ T29] audit: type=1800 audit(1726042902.902:96): pid=14282 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3427" name="bus" dev="loop1" ino=10 res=0 errno=0 [ 505.368845][T14005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 505.453746][T14005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 505.497664][T14005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 505.497830][T14005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 505.497853][T14005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 505.497914][T14005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 505.497958][T14005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 505.524574][T14005] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 505.608171][T14005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 505.608222][T14005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 505.608238][T14005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 505.608277][T14005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 505.608292][T14005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 505.608330][T14005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 505.608345][T14005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 505.608361][T14005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 505.608494][T14005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 505.608540][T14005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 505.608559][T14005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 505.608602][T14005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 505.612158][T14005] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 505.652668][T14005] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 505.652775][T14005] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 505.652838][T14005] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 505.652898][T14005] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 505.843242][T14342] loop4: detected capacity change from 0 to 2048 [ 505.932224][T14342] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 506.199384][ T967] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 506.199444][ T967] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 506.270473][T14347] (unnamed net_device) (uninitialized): (slave veth0_to_bridge): Device is not bonding slave [ 506.270532][T14347] (unnamed net_device) (uninitialized): option active_slave: invalid value (veth0_to_bridge) [ 506.299554][ T1268] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.299725][ T1268] ieee802154 phy1 wpan1: encryption failed: -22 [ 506.388845][ T3838] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 506.388876][ T3838] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 506.830407][T14356] input: syz0 as /devices/virtual/input/input36 [ 508.242759][T14385] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 508.546899][T14398] loop1: detected capacity change from 0 to 128 [ 508.589402][T14402] vxcan2: entered allmulticast mode [ 508.632489][T14398] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 508.660822][T14398] ext4 filesystem being mounted at /369/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 509.065277][ T9436] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 509.145959][T14416] loop5: detected capacity change from 0 to 1024 [ 509.172796][T14416] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 509.266536][T14416] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 509.384733][T14421] Bluetooth: hci3: too big key_count value 34945 [ 509.473253][T14416] EXT4-fs error (device loop5): ext4_read_inline_dir:1564: inode #12: block 16: comm syz.5.3480: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=40, inode=301989902, rec_len=0, size=80 fake=0 [ 509.725676][T14432] bridge_slave_0: default FDB implementation only supports local addresses [ 509.847478][T13531] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 509.909491][ T8] usb 4-1: new high-speed USB device number 29 using dummy_hcd [ 510.120302][ T8] usb 4-1: Using ep0 maxpacket: 16 [ 510.131258][ T8] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 510.149615][ T8] usb 4-1: config 0 interface 0 has no altsetting 0 [ 510.161390][ T8] usb 4-1: New USB device found, idVendor=0458, idProduct=0138, bcdDevice= 0.00 [ 510.171429][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 510.183027][ T8] usb 4-1: config 0 descriptor?? [ 510.307221][T14403] loop4: detected capacity change from 0 to 32768 [ 510.463680][T14403] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 510.547087][T14453] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3494'. [ 510.608689][T14403] XFS (loop4): Ending clean mount [ 510.626300][T14403] XFS (loop4): Quotacheck needed: Please wait. [ 510.637148][ T8] kye 0003:0458:0138.001E: unknown main item tag 0x0 [ 510.645511][ T8] kye 0003:0458:0138.001E: unknown main item tag 0x0 [ 510.652983][ T8] kye 0003:0458:0138.001E: unexpected long global item [ 510.662470][ T8] kye 0003:0458:0138.001E: parse failed [ 510.668170][ T8] kye 0003:0458:0138.001E: probe with driver kye failed with error -22 [ 510.764396][T14461] netlink: 'syz.5.3498': attribute type 1 has an invalid length. [ 510.782104][T14461] netlink: 'syz.5.3498': attribute type 2 has an invalid length. [ 510.816836][T14461] A link change request failed with some changes committed already. Interface macvlan0 may have been left with an inconsistent configuration, please check. [ 510.866592][T14403] XFS (loop4): Quotacheck: Done. [ 510.882221][T14463] netlink: 'syz.2.3497': attribute type 32 has an invalid length. [ 510.936431][ T5295] usb 4-1: USB disconnect, device number 29 [ 511.033360][T10127] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 512.038557][T14492] netlink: 'syz.0.3512': attribute type 1 has an invalid length. [ 512.074372][T14492] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3512'. [ 512.649982][ T8] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 512.888320][ T8] usb 2-1: New USB device found, idVendor=0fd9, idProduct=002c, bcdDevice=51.8f [ 512.915717][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 512.942448][ T8] usb 2-1: Product: syz [ 512.959278][ T8] usb 2-1: Manufacturer: syz [ 512.969456][ T8] usb 2-1: SerialNumber: syz [ 512.992825][ T8] usb 2-1: config 0 descriptor?? [ 513.036314][ T8] as10x_usb: device has been detected [ 513.047150][ T8] dvbdev: DVB: registering new adapter (Elgato EyeTV DTT Deluxe) [ 513.138031][T14507] netdevsim netdevsim5: loading /lib/firmware/. failed with error -22 [ 513.157339][ T8] usb 2-1: DVB: registering adapter 1 frontend 0 (Elgato EyeTV DTT Deluxe)... [ 513.198050][ T8] as10x_usb: error during firmware upload part1 [ 513.206053][T14507] netdevsim netdevsim5: Direct firmware load for . failed with error -22 [ 513.241607][ T8] Registered device Elgato EyeTV DTT Deluxe [ 513.249989][T14507] netdevsim netdevsim5: Falling back to sysfs fallback for: . [ 513.268896][ T8] usb 2-1: USB disconnect, device number 18 [ 513.367347][ T8] Unregistered device Elgato EyeTV DTT Deluxe [ 513.386107][ T8] as10x_usb: device has been disconnected [ 513.627758][T14513] program syz.0.3521 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 513.926800][T14521] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 515.260989][T14556] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3540'. [ 515.553142][T14562] program syz.0.3543 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 516.017906][T14575] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 516.052554][ T954] Bluetooth: hci6: Frame reassembly failed (-84) [ 516.381217][T14588] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3555'. [ 516.534886][T14595] Bluetooth: hci3: invalid len left 7, exp >= 35 [ 516.680578][T14597] binder: 14596:14597 ioctl c00c620f 20000340 returned -22 [ 516.987395][T14607] loop1: detected capacity change from 0 to 1024 [ 517.212614][T14614] loop5: detected capacity change from 0 to 8 [ 517.220457][ T967] hfsplus: b-tree write err: -5, ino 4 [ 517.393144][T14618] loop4: detected capacity change from 0 to 1024 [ 517.399173][T14620] netlink: 'syz.2.3572': attribute type 1 has an invalid length. [ 517.413838][T14622] loop1: detected capacity change from 0 to 16 [ 517.442321][T14620] netlink: 'syz.2.3572': attribute type 2 has an invalid length. [ 517.453112][T14622] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 517.470802][T14620] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3572'. [ 517.554374][T14622] cramfs: Error -3 while decompressing! [ 517.599782][T14622] cramfs: ffffffff9a46c688(27)->ffff888076f38000(4096) [ 517.665889][ T35] hfsplus: b-tree write err: -5, ino 4 [ 517.674127][T14622] cramfs: Error -3 while decompressing! [ 517.713105][T14622] cramfs: ffffffff9a470688(27)->ffff888076f38000(4096) [ 517.718359][ T5333] kernel write not supported for file /media0 (pid: 5333 comm: kworker/0:5) [ 517.760065][ T29] audit: type=1800 audit(1726042915.290:97): pid=14622 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3571" name="file2" dev="loop1" ino=348 res=0 errno=0 [ 518.041067][ T5234] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 518.396567][T14645] vxcan2: entered allmulticast mode [ 518.941905][T14655] loop4: detected capacity change from 0 to 8 [ 519.159288][T14655] SQUASHFS error: Unable to read directory block [631:26] [ 519.750838][T14677] netlink: 68 bytes leftover after parsing attributes in process `syz.5.3598'. [ 519.941951][T14677] Êü: entered promiscuous mode [ 520.061029][T14685] loop4: detected capacity change from 0 to 1024 [ 520.156284][T14685] hfsplus: walked past end of dir [ 520.426526][T14695] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3605'. [ 520.565755][T14700] loop1: detected capacity change from 0 to 128 [ 521.022055][T14709] loop4: detected capacity change from 0 to 1024 [ 521.066466][T14709] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 521.152396][T14709] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 521.295029][T10127] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 521.687495][T14727] netlink: 'syz.3.3619': attribute type 1 has an invalid length. [ 521.718124][T14727] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3619'. [ 522.308096][T14693] loop5: detected capacity change from 0 to 32768 [ 522.435513][T14693] [ 522.435513][T14693] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 522.435513][T14693] [ 522.467604][T14742] loop3: detected capacity change from 0 to 512 [ 522.522543][T14742] EXT4-fs: Ignoring removed nobh option [ 522.556630][T14742] fscrypt (loop3, inode 2): Error -61 getting encryption context [ 522.582707][T14742] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -61 [ 522.691925][T14742] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #13: comm syz.3.3626: casefold flag without casefold feature [ 522.717740][T14693] read_mapping_page failed! [ 522.761323][T14693] ERROR: (device loop5): txCommit: [ 522.761323][T14693] [ 522.763941][T14742] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.3626: couldn't read orphan inode 13 (err -117) [ 522.836464][T14742] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 522.856633][T14746] jfs_unlink: dtDelete returned -116 [ 522.932766][T14746] jfs_unlink: dtDelete returned -116 [ 523.023996][T14742] EXT4-fs error (device loop3): __ext4_remount:6491: comm syz.3.3626: Abort forced by user [ 523.059155][T14742] EXT4-fs (loop3): Remounting filesystem read-only [ 523.077043][T14731] loop4: detected capacity change from 0 to 32768 [ 523.129129][T14742] fscrypt (loop3, inode 2): Error -5 getting encryption context [ 523.173781][T14731] XFS (loop4): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 523.224191][ T3838] [ 523.224191][ T3838] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 523.224191][ T3838] [ 523.261251][ T3838] [ 523.261251][ T3838] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 523.261251][ T3838] [ 523.305471][ T111] [ 523.305471][ T111] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 523.305471][ T111] [ 523.362876][ T9937] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 523.384471][ T3838] [ 523.384471][ T3838] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 523.384471][ T3838] [ 523.429341][T14731] XFS (loop4): Starting recovery (logdev: internal) [ 523.440785][ T3838] [ 523.440785][ T3838] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 523.440785][ T3838] [ 523.484272][ T111] [ 523.484272][ T111] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 523.484272][ T111] [ 523.531591][T13531] [ 523.531591][T13531] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 523.531591][T13531] [ 523.592525][T13531] [ 523.592525][T13531] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 523.592525][T13531] [ 523.670542][T14731] XFS (loop4): Ending recovery (logdev: internal) [ 524.028915][T10127] XFS (loop4): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 524.248108][T14772] loop1: detected capacity change from 0 to 2048 [ 524.486823][T14772] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 524.736789][ T9436] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 525.298611][T14786] loop4: detected capacity change from 0 to 1024 [ 525.360421][T14786] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 525.807578][T10127] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 526.098988][T14802] netem: incorrect ge model size [ 526.124843][T14802] netem: change failed [ 526.242078][T14810] loop1: detected capacity change from 0 to 64 [ 526.370510][T14810] hfs: request for non-existent node 237 in B*Tree [ 526.427362][T14810] hfs: request for non-existent node 237 in B*Tree [ 526.473088][T14810] hfs: request for non-existent node 237 in B*Tree [ 526.506836][T14810] hfs: request for non-existent node 237 in B*Tree [ 526.540102][T14810] hfs: request for non-existent node 237 in B*Tree [ 526.561507][T14810] hfs: request for non-existent node 237 in B*Tree [ 526.632290][T14819] hfs: request for non-existent node 237 in B*Tree [ 526.681804][T14819] hfs: request for non-existent node 237 in B*Tree [ 526.741778][T14826] netlink: 'syz.4.3658': attribute type 1 has an invalid length. [ 526.781829][T14826] netlink: 9312 bytes leftover after parsing attributes in process `syz.4.3658'. [ 526.857063][T14826] netlink: 'syz.4.3658': attribute type 1 has an invalid length. [ 526.878751][ T967] hfs: request for non-existent node 237 in B*Tree [ 526.901667][ T967] hfs: request for non-existent node 237 in B*Tree [ 527.044590][T14834] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3662'. [ 527.785210][T14861] netlink: 'syz.0.3676': attribute type 15 has an invalid length. [ 528.257507][T14881] loop5: detected capacity change from 0 to 2048 [ 528.264892][T14882] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3683'. [ 528.336100][T14887] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 528.554557][T14887] NILFS (loop5): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 528.573824][T14893] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3688'. [ 528.583452][T14887] NILFS error (device loop5): nilfs_bmap_propagate: broken bmap (inode number=4) [ 528.593819][ T5333] usb 4-1: new high-speed USB device number 30 using dummy_hcd [ 528.630663][T14887] Remounting filesystem read-only [ 528.658794][T13531] NILFS (loop5): discard dirty page: offset=0, ino=5 [ 528.674902][T13531] NILFS (loop5): discard dirty block: blocknr=41, size=1024 [ 528.693092][T13531] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024 [ 528.726973][T13531] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024 [ 528.756684][T13531] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024 [ 528.783063][T13531] NILFS (loop5): discard dirty page: offset=0, ino=4 [ 528.805414][T13531] NILFS (loop5): discard dirty block: blocknr=40, size=1024 [ 528.812462][ T5295] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 528.818848][ T5333] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 528.846465][T13531] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024 [ 528.865413][ T29] audit: type=1326 audit(1726042926.389:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14870 comm="syz.4.3678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f196b97def9 code=0x7fc00000 [ 528.892133][ T5333] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 528.922403][T13531] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024 [ 528.931301][T13531] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024 [ 528.941230][ T5333] usb 4-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00 [ 528.971593][ T5333] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 529.011897][ T5295] usb 3-1: Using ep0 maxpacket: 16 [ 529.022631][ T5295] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 529.023686][ T5333] usb 4-1: config 0 descriptor?? [ 529.107287][ T5295] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 529.164483][ T5295] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 529.183617][ T5295] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 529.195285][ T5295] usb 3-1: Product: syz [ 529.199956][ T5295] usb 3-1: Manufacturer: syz [ 529.210632][ T5295] usb 3-1: SerialNumber: syz [ 529.250476][ T5295] usb 3-1: config 0 descriptor?? [ 529.283975][ T5295] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 529.307765][ T5295] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class) [ 529.542222][ T5333] steelseries 0003:1038:12B6.001F: hidraw0: USB HID v0.00 Device [HID 1038:12b6] on usb-dummy_hcd.3-1/input0 [ 529.641984][ T5241] Bluetooth: hci8: command 0x0405 tx timeout [ 529.715121][ T5333] steelseries 0003:1038:12B6.001F: hid_hw_raw_request() failed with -71 [ 529.730751][ T5333] usb 4-1: USB disconnect, device number 30 [ 529.948569][ T5295] em28xx 3-1:0.0: chip ID is em2800 [ 530.151643][ T5295] em28xx 3-1:0.0: Config register raw data: 0xfffffffb [ 530.191235][ T5295] em28xx 3-1:0.0: AC97 chip type couldn't be determined [ 530.211566][ T5295] em28xx 3-1:0.0: No AC97 audio processor [ 530.257345][ T5295] usb 3-1: USB disconnect, device number 22 [ 530.324091][ T5295] em28xx 3-1:0.0: Disconnecting em28xx [ 530.365639][ T5295] em28xx 3-1:0.0: Freeing device [ 530.544530][T14924] loop5: detected capacity change from 0 to 4096 [ 530.554265][T14895] loop1: detected capacity change from 0 to 32768 [ 530.588558][T14895] XFS: ikeep mount option is deprecated. [ 530.597607][T14924] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512). [ 530.618086][T14895] XFS: ikeep mount option is deprecated. [ 530.695453][T14895] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 530.858658][T14924] overlayfs: invalid redirect ((null)) [ 531.065987][T14895] XFS (loop1): Ending clean mount [ 531.304671][ T5333] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 531.377751][ T9436] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 531.525120][ T5333] usb 4-1: Using ep0 maxpacket: 16 [ 531.545235][ T5333] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 531.566475][ T5333] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint descriptor of length 5, skipping [ 531.611738][ T5333] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 531.662852][ T5333] usb 4-1: New USB device found, idVendor=0763, idProduct=1015, bcdDevice=15.7a [ 531.677675][ T5333] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 531.721683][ T5333] usb 4-1: Product: syz [ 531.736552][ T5333] usb 4-1: Manufacturer: syz [ 531.751072][ T5333] usb 4-1: SerialNumber: syz [ 531.776374][ T5333] usb 4-1: config 0 descriptor?? [ 531.825551][ T5333] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 532.014918][ T5333] snd-usb-audio 4-1:0.0: probe with driver snd-usb-audio failed with error -2 [ 532.056595][ T5333] usb 4-1: USB disconnect, device number 31 [ 534.548629][T15015] loop3: detected capacity change from 0 to 8 [ 534.965720][T14989] loop5: detected capacity change from 0 to 32768 [ 535.012215][T14989] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 535.049888][T14988] loop4: detected capacity change from 0 to 32768 [ 535.133108][T14988] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 535.222711][ T1182] usb 4-1: new high-speed USB device number 32 using dummy_hcd [ 535.318333][T14989] XFS (loop5): Ending clean mount [ 535.415390][T13531] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 535.432515][ T1182] usb 4-1: Using ep0 maxpacket: 32 [ 535.449819][ T1182] usb 4-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 535.481663][T14988] XFS (loop4): Ending clean mount [ 535.491486][ T1182] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 535.568015][ T1182] usb 4-1: config 0 descriptor?? [ 535.586557][ T1182] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 535.609753][T14988] XFS (loop4): Quotacheck needed: Please wait. [ 535.881881][T14988] XFS (loop4): Quotacheck: Done. [ 536.316945][T10127] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 536.500841][ T1182] gspca_nw80x: reg_r err -71 [ 536.512871][ T1182] nw80x 4-1:0.0: probe with driver nw80x failed with error -71 [ 536.563004][ T1182] usb 4-1: USB disconnect, device number 32 [ 536.978214][T15067] netlink: 'syz.5.3759': attribute type 3 has an invalid length. [ 537.026650][T15067] netlink: 130984 bytes leftover after parsing attributes in process `syz.5.3759'. [ 537.692987][T15086] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3768'. [ 537.766975][T15086] xfrm1: entered promiscuous mode [ 537.791750][T15089] loop3: detected capacity change from 0 to 512 [ 537.799606][T15086] xfrm1: entered allmulticast mode [ 537.903259][T15089] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 537.935947][T15095] netlink: 'syz.4.3771': attribute type 9 has an invalid length. [ 538.016945][T15089] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended [ 538.195532][T15089] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.3769: bg 0: block 18: invalid block bitmap [ 538.275868][T15106] netlink: 209840 bytes leftover after parsing attributes in process `syz.1.3776'. [ 538.297983][T15089] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 538.344659][T15089] EXT4-fs (loop3): 1 truncate cleaned up [ 538.376828][T15089] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 538.431939][T15108] usb usb8: usbfs: process 15108 (syz.4.3777) did not claim interface 0 before use [ 538.439707][T15089] ext2 filesystem being mounted at /307/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 538.549231][T15113] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 538.589448][T15089] EXT4-fs error (device loop3): ext4_map_blocks:609: inode #2: block 3: comm syz.3.3769: lblock 0 mapped to illegal pblock 3 (length 1) [ 538.949770][ T9937] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 539.333055][ T9] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 539.376673][T15118] could not allocate digest TFM handle sha512-neon [ 539.566864][ T9] usb 6-1: Using ep0 maxpacket: 16 [ 539.604266][ T9] usb 6-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=a4.8f [ 539.623589][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 539.640389][ T9] usb 6-1: Product: syz [ 539.645501][ T9] usb 6-1: Manufacturer: syz [ 539.650156][ T9] usb 6-1: SerialNumber: syz [ 539.656680][T15132] loop3: detected capacity change from 0 to 1024 [ 539.667849][ T9] usb 6-1: config 0 descriptor?? [ 539.997085][T15140] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3790'. [ 540.032250][T15115] loop1: detected capacity change from 0 to 32768 [ 540.051679][T15140] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3790'. [ 540.065734][ T5295] usb 6-1: USB disconnect, device number 21 [ 540.089930][T15115] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3780 (15115) [ 540.178622][T15115] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 540.220842][T15115] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 540.259961][T15115] BTRFS info (device loop1): using free-space-tree [ 540.694824][ T9436] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 540.715485][ T5294] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 540.983351][ T29] audit: type=1326 audit(1726042938.507:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15180 comm="syz.3.3803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6286b7def9 code=0x7ffc0000 [ 540.985727][ T5294] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 541.110185][ T29] audit: type=1326 audit(1726042938.507:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15180 comm="syz.3.3803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6286b7def9 code=0x7ffc0000 [ 541.133193][ T5294] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 541.133257][ T5294] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 541.190350][T15183] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3804'. [ 541.251439][ T5294] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 541.261430][ T29] audit: type=1326 audit(1726042938.507:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15180 comm="syz.3.3803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7f6286b7def9 code=0x7ffc0000 [ 541.261500][ T29] audit: type=1326 audit(1726042938.507:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15180 comm="syz.3.3803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6286b7def9 code=0x7ffc0000 [ 541.423293][ T5294] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 541.489692][ T5294] usb 3-1: config 0 descriptor?? [ 541.942073][ T5294] plantronics 0003:047F:FFFF.0020: unbalanced collection at end of report description [ 541.986769][T15200] loop4: detected capacity change from 0 to 256 [ 542.020797][ T5294] plantronics 0003:047F:FFFF.0020: parse failed [ 542.051535][ T5294] plantronics 0003:047F:FFFF.0020: probe with driver plantronics failed with error -22 [ 542.071652][T15200] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 542.150367][ T5294] usb 3-1: USB disconnect, device number 23 [ 542.502218][T15211] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3816'. [ 542.812756][T15187] loop3: detected capacity change from 0 to 32768 [ 542.915975][T15220] loop1: detected capacity change from 0 to 512 [ 542.988289][T15220] EXT4-fs error (device loop1): ext4_init_orphan_info:586: comm syz.1.3819: inode #0: comm syz.1.3819: iget: illegal inode # [ 543.045009][T15220] EXT4-fs (loop1): get orphan inode failed [ 543.084281][T15220] EXT4-fs (loop1): mount failed [ 543.921778][T15251] loop1: detected capacity change from 0 to 2048 [ 543.949753][T15251] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 544.016106][T15255] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 544.068261][ T29] audit: type=1326 audit(1726042941.597:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15256 comm="syz.4.3835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f196b97def9 code=0x7ffc0000 [ 544.177905][ T29] audit: type=1326 audit(1726042941.597:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15256 comm="syz.4.3835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f196b97def9 code=0x7ffc0000 [ 544.305884][ T29] audit: type=1326 audit(1726042941.617:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15256 comm="syz.4.3835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f196b97def9 code=0x7ffc0000 [ 544.433826][ T29] audit: type=1326 audit(1726042941.617:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15256 comm="syz.4.3835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f196b97def9 code=0x7ffc0000 [ 544.536794][ T29] audit: type=1326 audit(1726042941.617:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15256 comm="syz.4.3835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f196b97def9 code=0x7ffc0000 [ 544.609432][T15269] loop4: detected capacity change from 0 to 2048 [ 544.646529][ T29] audit: type=1326 audit(1726042941.637:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15256 comm="syz.4.3835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f196b97def9 code=0x7ffc0000 [ 544.682659][T15274] loop1: detected capacity change from 0 to 128 [ 544.702305][T15269] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found! [ 544.745309][T15274] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 544.747519][T15269] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 544.855557][T15274] ext4 filesystem being mounted at /435/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 545.188164][ T9436] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 545.452290][T15288] loop4: detected capacity change from 0 to 4096 [ 545.491179][T15289] loop5: detected capacity change from 0 to 4096 [ 545.564896][T15289] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512). [ 545.696877][T15289] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 545.863403][T15304] loop3: detected capacity change from 0 to 64 [ 546.223650][T15312] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3859'. [ 546.390285][T15318] loop3: detected capacity change from 0 to 512 [ 546.412126][T15315] loop5: detected capacity change from 0 to 4096 [ 546.433087][T15315] ntfs3: loop5: Different NTFS sector size (2048) and media sector size (512). [ 546.475696][T15318] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 546.491100][T15318] ext4 filesystem being mounted at /320/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 546.578575][T15315] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 546.586521][T15315] ntfs3: loop5: Failed to load $Extend (-22). [ 546.592846][T15315] ntfs3: loop5: Failed to initialize $Extend. [ 546.818798][ T9937] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 547.130978][T15335] hsr0: entered promiscuous mode [ 547.297795][T15337] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3869'. [ 547.429178][T15347] bridge0: port 2(bridge_slave_1) entered disabled state [ 547.477566][T15346] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3874'. [ 547.636071][T15350] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 548.125058][ T5241] Bluetooth: hci8: command 0x0405 tx timeout [ 548.552836][T15376] loop5: detected capacity change from 0 to 1024 [ 549.046097][ T0] NOHZ tick-stop error: local softirq work is pending, handler #04!!! [ 549.149694][T15389] loop5: detected capacity change from 0 to 512 [ 549.190068][T15389] EXT4-fs: Ignoring removed i_version option [ 549.234459][T15389] ext4: Unknown parameter 'measure' [ 549.318158][ T29] kauditd_printk_skb: 19 callbacks suppressed [ 549.318181][ T29] audit: type=1326 audit(1726042946.846:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15390 comm="syz.1.3894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f3d97def9 code=0x7ffc0000 [ 549.457261][ T29] audit: type=1326 audit(1726042946.856:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15390 comm="syz.1.3894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f3d97def9 code=0x7ffc0000 [ 549.480938][ C0] vkms_vblank_simulate: vblank timer overrun [ 549.591864][T15397] netlink: 'syz.5.3897': attribute type 11 has an invalid length. [ 549.601661][ T29] audit: type=1326 audit(1726042946.886:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15390 comm="syz.1.3894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6f3d97def9 code=0x7ffc0000 [ 549.721060][ T29] audit: type=1326 audit(1726042946.886:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15390 comm="syz.1.3894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f3d97def9 code=0x7ffc0000 [ 549.743834][ C0] vkms_vblank_simulate: vblank timer overrun [ 549.904471][ T29] audit: type=1326 audit(1726042946.886:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15390 comm="syz.1.3894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6f3d97def9 code=0x7ffc0000 [ 549.962116][T15404] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3899'. [ 550.005589][ T29] audit: type=1326 audit(1726042946.886:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15390 comm="syz.1.3894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f3d97def9 code=0x7ffc0000 [ 550.118701][ T29] audit: type=1326 audit(1726042946.886:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15390 comm="syz.1.3894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6f3d974ea7 code=0x7ffc0000 [ 550.123542][T15407] netlink: 'syz.3.3900': attribute type 6 has an invalid length. [ 550.141259][ C0] vkms_vblank_simulate: vblank timer overrun [ 550.251587][ T29] audit: type=1326 audit(1726042946.886:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15390 comm="syz.1.3894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6f3d919869 code=0x7ffc0000 [ 550.383894][ T29] audit: type=1326 audit(1726042946.886:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15390 comm="syz.1.3894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6f3d974ea7 code=0x7ffc0000 [ 550.507997][ T29] audit: type=1326 audit(1726042946.886:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15390 comm="syz.1.3894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6f3d919869 code=0x7ffc0000 [ 551.014491][ T5293] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 551.131649][T15429] loop4: detected capacity change from 0 to 4096 [ 551.228058][ T5293] usb 2-1: Using ep0 maxpacket: 32 [ 551.252378][ T5293] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 551.284613][ T5293] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 551.318220][ T5293] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 551.339620][ T5293] usb 2-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 551.364421][ T5293] usb 2-1: Product: syz [ 551.374533][ T5293] usb 2-1: Manufacturer: syz [ 551.405672][ T5293] hub 2-1:4.0: USB hub found [ 551.630027][ T5293] hub 2-1:4.0: 2 ports detected [ 552.051520][ T5293] hub 2-1:4.0: set hub depth failed [ 552.079570][ T5293] usb 2-1: USB disconnect, device number 19 [ 552.255446][T15445] loop5: detected capacity change from 0 to 4096 [ 552.623077][T15455] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3921'. [ 552.645158][T15455] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3921'. [ 552.698041][T15455] vlan0: entered allmulticast mode [ 552.734870][T15455] team0: entered allmulticast mode [ 552.749201][T15455] team_slave_0: entered allmulticast mode [ 552.773529][T15455] team_slave_1: entered allmulticast mode [ 552.825103][ T5293] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 552.935410][T15461] ptrace attach of "./syz-executor exec"[9436] was attempted by "./syz-executor exec"[15461] [ 553.061357][ T5293] usb 1-1: Using ep0 maxpacket: 32 [ 553.128671][ T5293] usb 1-1: config index 0 descriptor too short (expected 64630, got 27) [ 553.164815][ T5293] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 553.214601][ T5293] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 553.261135][ T5293] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 553.281728][ T5293] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 553.306724][ T5293] usb 1-1: Product: syz [ 553.324928][ T5293] usb 1-1: Manufacturer: syz [ 553.340444][ T5293] usb 1-1: SerialNumber: syz [ 553.523733][ T5294] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 553.598828][T15474] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3930'. [ 553.622749][ T5293] usblp 1-1:1.0: usblp0: USB Unidirectional printer dev 21 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 553.744684][ T5294] usb 6-1: Using ep0 maxpacket: 8 [ 553.757760][ T5294] usb 6-1: config 179 has an invalid interface number: 65 but max is 0 [ 553.777286][ T5294] usb 6-1: config 179 has no interface number 0 [ 553.804257][ T5294] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 553.858964][ T5294] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 553.890638][ T5293] kernel write not supported for file [eventfd] (pid: 5293 comm: kworker/1:5) [ 553.915058][ T5294] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 553.937737][ T5293] usb 1-1: USB disconnect, device number 21 [ 553.939619][T15477] loop1: detected capacity change from 0 to 4096 [ 553.966220][ T5293] usblp0: removed [ 553.983124][ T5294] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 554.024937][ T5294] usb 6-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 554.065898][T15482] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 554.073554][ T5294] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 554.129150][ T5294] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 554.172983][T15470] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 554.730246][ T5293] input: Generic X-Box pad as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:179.65/input/input39 [ 554.911393][T15494] loop3: detected capacity change from 0 to 128 [ 554.929677][ C1] xpad 6-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 554.929687][ T9] usb 6-1: USB disconnect, device number 22 [ 554.945654][ T9] xpad 6-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 555.016116][T15494] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 555.057192][T15494] ext4 filesystem being mounted at /326/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 555.207189][T15492] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 555.319495][ T9937] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 555.500049][T15506] sch_tbf: burst 32769 is lower than device lo mtu (65550) ! [ 555.800790][T15510] loop3: detected capacity change from 0 to 1024 [ 556.149612][ T52] hfsplus: b-tree write err: -5, ino 4 [ 556.211212][T15524] loop1: detected capacity change from 0 to 128 [ 556.246593][T15524] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 556.280304][T15524] ext4 filesystem being mounted at /454/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 556.546404][ T9436] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 556.571019][T15535] sch_fq: defrate 0 ignored. [ 556.975914][T15546] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3960'. [ 557.191451][T15552] team_slave_0: entered promiscuous mode [ 557.198500][T15552] team_slave_1: entered promiscuous mode [ 557.242300][T15552] 8021q: adding VLAN 0 to HW filter on device macvlan3 [ 557.282766][T15552] team0: Device macvlan3 is already an upper device of the team interface [ 557.309741][T15552] team_slave_0: left promiscuous mode [ 557.316004][T15552] team_slave_1: left promiscuous mode [ 557.864094][T15568] [U]  [ 559.316904][T15606] netlink: 'syz.5.3985': attribute type 1 has an invalid length. [ 559.324801][T15606] netlink: 9372 bytes leftover after parsing attributes in process `syz.5.3985'. [ 559.385608][T15606] netlink: 'syz.5.3985': attribute type 1 has an invalid length. [ 559.777130][T15621] loop5: detected capacity change from 0 to 64 [ 560.086298][T15629] netlink: 'syz.5.3996': attribute type 1 has an invalid length. [ 560.332616][T15634] loop5: detected capacity change from 0 to 128 [ 560.446136][ T29] kauditd_printk_skb: 29 callbacks suppressed [ 560.446184][ T29] audit: type=1800 audit(1726042957.975:167): pid=15634 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3998" name="file1" dev="loop5" ino=1048740 res=0 errno=0 [ 560.925916][ T1182] usb 6-1: new high-speed USB device number 23 using dummy_hcd [ 561.115882][ T1182] usb 6-1: Using ep0 maxpacket: 32 [ 561.140523][ T1182] usb 6-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 561.165712][ T1182] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 561.193138][ T1182] usb 6-1: Product: syz [ 561.205688][ T1182] usb 6-1: Manufacturer: syz [ 561.222090][ T1182] usb 6-1: SerialNumber: syz [ 561.246674][ T1182] usb 6-1: config 0 descriptor?? [ 561.897408][ T1182] (unnamed net_device) (uninitialized): Assigned a random MAC address: 96:f4:ff:76:54:69 [ 561.979001][ T1182] rtl8150 6-1:0.0: eth1: rtl8150 is detected [ 561.994881][ T1182] usb 6-1: USB disconnect, device number 23 [ 562.016972][T15661] loop4: detected capacity change from 0 to 1024 [ 562.246694][ T954] hfsplus: b-tree write err: -5, ino 4 [ 562.304704][T15650] loop3: detected capacity change from 0 to 32768 [ 562.307773][T15666] loop1: detected capacity change from 0 to 512 [ 562.328398][T15666] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 562.350093][T15650] XFS: ikeep mount option is deprecated. [ 562.363985][T15666] EXT4-fs (loop1): 1 truncate cleaned up [ 562.381545][T15666] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 562.444792][T15650] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 562.550704][T15650] XFS (loop3): Ending clean mount [ 562.588953][T15650] XFS (loop3): Quotacheck needed: Please wait. [ 562.836568][T15650] XFS (loop3): Quotacheck: Done. [ 563.292367][ T9937] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 563.311715][T15688] bridge0: port 1(bridge_slave_0) entered disabled state [ 563.320583][ T9436] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 564.665437][T15715] netlink: 44 bytes leftover after parsing attributes in process `syz.4.4030'. [ 565.107840][T15726] loop1: detected capacity change from 0 to 128 [ 565.221707][T15726] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 565.346715][T15726] ext4 filesystem being mounted at /471/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 565.716201][ T9] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 565.797920][ T9436] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 565.893857][T15723] loop5: detected capacity change from 0 to 32768 [ 565.926878][T15723] BTRFS: device fsid 92aec1fe-fee8-4e05-92dc-790b47b871d9 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.4034 (15723) [ 565.956836][ T9] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 565.998141][T15723] BTRFS info (device loop5): first mount of filesystem 92aec1fe-fee8-4e05-92dc-790b47b871d9 [ 565.999589][ T9] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 566.067944][T15723] BTRFS info (device loop5): using xxhash64 (xxhash64-generic) checksum algorithm [ 566.075049][ T9] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 566.108309][T15723] BTRFS info (device loop5): using free-space-tree [ 566.125490][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 566.195508][T15733] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 566.252166][ T9] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 566.577080][ T29] audit: type=1800 audit(1726042964.104:168): pid=15723 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.4034" name="bus" dev="loop5" ino=263 res=0 errno=0 [ 566.900379][ T1192] usb 5-1: USB disconnect, device number 14 [ 566.901775][T13531] BTRFS info (device loop5): last unmount of filesystem 92aec1fe-fee8-4e05-92dc-790b47b871d9 [ 567.750336][ T1268] ieee802154 phy1 wpan1: encryption failed: -22 [ 568.516598][ T1192] usb 6-1: new high-speed USB device number 24 using dummy_hcd [ 568.732684][T15800] netlink: 104 bytes leftover after parsing attributes in process `syz.4.4063'. [ 568.748650][ T1192] usb 6-1: config 0 has no interfaces? [ 568.776795][ T1192] usb 6-1: New USB device found, idVendor=046d, idProduct=20ee, bcdDevice= 0.00 [ 568.836900][ T1192] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 568.911210][ T1192] usb 6-1: config 0 descriptor?? [ 569.143240][ T5295] usb 6-1: USB disconnect, device number 24 [ 569.369531][T15809] macsec2: entered promiscuous mode [ 569.392012][T15809] macvlan0: entered promiscuous mode [ 569.438201][T15809] macvlan0: left promiscuous mode [ 569.696664][ T1192] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 569.760026][T15815] loop1: detected capacity change from 0 to 1024 [ 569.806826][ T5234] Bluetooth: hci4: command 0x0406 tx timeout [ 569.895127][ T1192] usb 4-1: Using ep0 maxpacket: 32 [ 569.903679][ T1192] usb 4-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7 [ 569.966300][ T1192] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 570.003509][ T1192] usb 4-1: config 0 descriptor?? [ 570.040326][ T1192] gspca_main: sq930x-2.14.0 probing 041e:403c [ 570.173043][T15784] Process accounting resumed [ 570.938170][ T1192] gspca_sq930x: reg_w 0105 bf00 failed -71 [ 571.036946][ T1192] sq930x 4-1:0.0: probe with driver sq930x failed with error -71 [ 571.058026][ T1192] usb 4-1: USB disconnect, device number 33 [ 571.381698][T15846] mkiss: ax0: crc mode is auto. [ 571.384771][T15848] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4085'. [ 571.400970][T15850] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4086'. [ 571.881712][ T29] audit: type=1326 audit(1726042969.414:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15858 comm="syz.1.4090" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6f3d97def9 code=0x0 [ 573.018946][T15895] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4104'. [ 573.400700][T15905] sctp: [Deprecated]: syz.1.4112 (pid 15905) Use of int in maxseg socket option. [ 573.400700][T15905] Use struct sctp_assoc_value instead [ 573.867893][ T29] audit: type=1326 audit(1726042971.393:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15921 comm="syz.2.4121" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f632057def9 code=0x0 [ 574.071668][T15931] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4125'. [ 574.403856][T15940] netlink: 'syz.3.4128': attribute type 6 has an invalid length. [ 574.813704][ T1182] kernel write not supported for file /dsp (pid: 1182 comm: kworker/0:2) [ 575.449374][T15964] loop3: detected capacity change from 0 to 64 [ 575.485680][T15966] Bluetooth: MGMT ver 1.23 [ 575.605367][T15926] loop5: detected capacity change from 0 to 40427 [ 575.632418][T15926] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 575.664308][T15926] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 575.693835][T15926] F2FS-fs (loop5): invalid crc value [ 575.719518][T15974] netlink: 44 bytes leftover after parsing attributes in process `syz.4.4144'. [ 575.731353][T15926] F2FS-fs (loop5): Found nat_bits in checkpoint [ 575.739299][T15974] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4144'. [ 575.754201][T15974] bridge0: port 2(bridge_slave_1) entered disabled state [ 575.769283][T15974] bridge0: port 2(bridge_slave_1) entered blocking state [ 575.777504][T15974] bridge0: port 2(bridge_slave_1) entered forwarding state [ 575.793371][ T9937] Trying to free block not in datazone [ 575.798422][ T5295] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 575.876753][ T9937] Trying to free block not in datazone [ 575.892443][ T9937] Trying to free block not in datazone [ 575.908677][ T9937] Trying to free block not in datazone [ 575.930249][ T9937] Trying to free block not in datazone [ 575.942051][T15926] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 575.960680][T15926] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 575.975126][ T9937] Trying to free block not in datazone [ 575.992233][ T9937] minix_free_inode: bit 6 already cleared [ 576.006664][ T9937] Trying to free block not in datazone [ 576.011860][ T5295] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 576.041556][ T9937] minix_free_inode: bit 7 already cleared [ 576.046933][ T5295] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 576.079164][ T5295] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00 [ 576.129485][ T5295] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 576.163477][ T1182] kernel write not supported for file /amidi2 (pid: 1182 comm: kworker/0:2) [ 576.178711][ T5295] usb 3-1: config 0 descriptor?? [ 576.551874][ T967] F2FS-fs (loop5): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 576.646907][ T967] F2FS-fs (loop5): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 576.698432][ T5295] pyra 0003:1E7D:2CF6.0021: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.2-1/input0 [ 576.789193][T16000] netlink: 188 bytes leftover after parsing attributes in process `syz.0.4152'. [ 576.826676][T16000] netlink: 56 bytes leftover after parsing attributes in process `syz.0.4152'. [ 577.053456][ T5295] pyra 0003:1E7D:2CF6.0021: couldn't init struct pyra_device [ 577.079687][ T5295] pyra 0003:1E7D:2CF6.0021: couldn't install mouse [ 577.114671][ T5295] pyra 0003:1E7D:2CF6.0021: probe with driver pyra failed with error -71 [ 577.176180][ T5295] usb 3-1: USB disconnect, device number 24 [ 578.940826][T16035] overlayfs: workdir and upperdir must reside under the same mount [ 579.440494][T16047] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4176'. [ 579.898674][T16056] loop1: detected capacity change from 0 to 1024 [ 579.902720][T16060] (syz.5.4182,16060,0):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options [ 579.957927][T16060] (syz.5.4182,16060,1):ocfs2_fill_super:1178 ERROR: status = -22 [ 580.061340][T16056] hfsplus: bad catalog entry type [ 580.100345][T16020] loop4: detected capacity change from 0 to 40427 [ 580.137524][T16020] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 580.177864][T16020] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 580.211045][T16020] F2FS-fs (loop4): invalid crc value [ 580.235759][T16020] F2FS-fs (loop4): Found nat_bits in checkpoint [ 580.282488][ T52] hfsplus: b-tree write err: -5, ino 4 [ 580.592557][T16020] F2FS-fs (loop4): Start checkpoint disabled! [ 580.681147][T16020] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 580.703691][T16020] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 580.903348][T16020] syz.4.4165: attempt to access beyond end of device [ 580.903348][T16020] loop4: rw=2049, sector=53248, nr_sectors = 8 limit=40427 [ 581.084023][T16041] loop3: detected capacity change from 0 to 40427 [ 581.200010][T16041] F2FS-fs (loop3): Found nat_bits in checkpoint [ 581.441773][T16094] loop1: detected capacity change from 0 to 512 [ 581.453515][ T52] kworker/u8:3: attempt to access beyond end of device [ 581.453515][ T52] loop4: rw=2049, sector=40960, nr_sectors = 32 limit=40427 [ 581.502834][T16094] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 581.528213][ T52] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 581.543311][T16041] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 581.586015][T16094] EXT4-fs (loop1): 1 truncate cleaned up [ 581.607253][ T52] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 581.631252][ T9937] syz-executor: attempt to access beyond end of device [ 581.631252][ T9937] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 581.680781][T16094] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 581.700832][ T52] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 581.700954][ T9937] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 581.748092][ T52] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 582.012337][ T9436] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 583.479953][T16128] team_slave_1: mtu greater than device maximum [ 583.566937][T16128] team0: Device team_slave_1 failed to change mtu [ 583.798344][ T0] NOHZ tick-stop error: local softirq work is pending, handler #04!!! [ 584.258295][ T1192] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 584.515871][ T1192] usb 2-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 584.572031][ T1192] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 584.640667][ T1192] usb 2-1: Product: syz [ 584.644917][ T1192] usb 2-1: Manufacturer: syz [ 584.658346][ T0] NOHZ tick-stop error: local softirq work is pending, handler #206!!! [ 584.689609][ T1192] usb 2-1: SerialNumber: syz [ 584.739140][ T1192] usb 2-1: config 0 descriptor?? [ 584.780264][ T1192] ch341 2-1:0.0: ch341-uart converter detected [ 585.004156][T16141] loop3: detected capacity change from 0 to 4096 [ 585.058632][T16145] batman_adv: batadv0: Adding interface: gretap1 [ 585.074693][T16145] batman_adv: batadv0: Interface activated: gretap1 [ 585.365475][T16152] loop4: detected capacity change from 0 to 22 [ 585.407133][T16152] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 585.468759][T16152] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 585.615830][ T1192] usb 2-1: failed to send control message: -71 [ 585.629624][ T1192] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71 [ 585.676129][ T1192] usb 2-1: USB disconnect, device number 20 [ 585.700210][ T1192] ch341 2-1:0.0: device disconnected [ 585.977526][T16173] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4224'. [ 586.053497][T16165] loop4: detected capacity change from 0 to 1024 [ 586.157569][T16177] netlink: 'syz.5.4227': attribute type 8 has an invalid length. [ 586.212897][T16177] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4227'. [ 586.241439][T16165] hfsplus: bad catalog entry type [ 586.895951][T16194] loop5: detected capacity change from 0 to 2048 [ 586.955565][T16199] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 587.011074][T16201] loop4: detected capacity change from 0 to 16 [ 587.080754][T16201] erofs: (device loop4): mounted with root inode @ nid 36. [ 587.302121][T16208] loop3: detected capacity change from 0 to 64 [ 587.530396][T16218] loop1: detected capacity change from 0 to 256 [ 587.615537][T16218] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 588.016251][T16225] netlink: 232 bytes leftover after parsing attributes in process `syz.5.4247'. [ 588.051329][T16225] netlink: 72 bytes leftover after parsing attributes in process `syz.5.4247'. [ 588.769240][ T1192] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 588.998234][ T1192] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 589.042982][ T1192] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 589.087578][ T1192] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 589.118398][ T1192] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 589.156940][ T1192] usb 1-1: SerialNumber: syz [ 589.163890][T16258] netlink: 3068 bytes leftover after parsing attributes in process `syz.5.4262'. [ 589.192162][T16258] netlink: 'syz.5.4262': attribute type 1 has an invalid length. [ 589.215373][T16258] netlink: 193500 bytes leftover after parsing attributes in process `syz.5.4262'. [ 589.317109][T16263] loop4: detected capacity change from 0 to 764 [ 589.418565][ T1192] usb 1-1: 0:2 : does not exist [ 589.515463][ T1192] usb 1-1: USB disconnect, device number 22 [ 589.740611][T16270] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4266'. [ 590.471391][T16294] loop4: detected capacity change from 0 to 128 [ 590.533194][T16294] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 590.653932][T16302] loop5: detected capacity change from 0 to 16 [ 590.690499][T16302] erofs: (device loop5): mounted with root inode @ nid 36. [ 590.948554][T16307] netlink: 112 bytes leftover after parsing attributes in process `syz.1.4285'. [ 591.134033][ T29] audit: type=1326 audit(1726042988.651:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16282 comm="syz.0.4275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bdbb7def9 code=0x7fc00000 [ 591.252764][ T29] audit: type=1326 audit(1726042988.651:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16282 comm="syz.0.4275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f8bdbb7def9 code=0x7fc00000 [ 591.376835][ T29] audit: type=1326 audit(1726042988.651:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16282 comm="syz.0.4275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bdbb7def9 code=0x7fc00000 [ 591.548870][ T29] audit: type=1326 audit(1726042988.651:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16282 comm="syz.0.4275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bdbb7def9 code=0x7fc00000 [ 591.629631][ T29] audit: type=1326 audit(1726042988.651:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16282 comm="syz.0.4275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bdbb7def9 code=0x7fc00000 [ 591.751842][ T29] audit: type=1326 audit(1726042988.651:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16282 comm="syz.0.4275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bdbb7def9 code=0x7fc00000 [ 591.826763][ T29] audit: type=1326 audit(1726042988.651:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16282 comm="syz.0.4275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bdbb7def9 code=0x7fc00000 [ 591.970785][ T29] audit: type=1326 audit(1726042988.651:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16282 comm="syz.0.4275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bdbb7def9 code=0x7fc00000 [ 592.079437][ T29] audit: type=1326 audit(1726042988.651:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16282 comm="syz.0.4275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bdbb7def9 code=0x7fc00000 [ 592.116552][ T29] audit: type=1326 audit(1726042988.651:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16282 comm="syz.0.4275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bdbb7def9 code=0x7fc00000 [ 592.232047][T16340] loop5: detected capacity change from 0 to 2048 [ 592.293596][T16340] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 593.334295][ T30] INFO: task syz.2.2820:12752 blocked for more than 143 seconds. [ 593.343265][ T30] Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0 [ 593.369234][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 593.399631][ T30] task:syz.2.2820 state:D stack:23840 pid:12752 tgid:12751 ppid:11493 flags:0x00004004 [ 593.432674][ T30] Call Trace: [ 593.449367][ T30] [ 593.465882][ T30] __schedule+0x1800/0x4a60 [ 593.490541][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 593.505638][ T30] ? __pfx___schedule+0x10/0x10 [ 593.519053][ T30] ? __blk_flush_plug+0x449/0x500 [ 593.537811][ T30] ? __pfx_lock_release+0x10/0x10 [ 593.557128][T16376] loop5: detected capacity change from 0 to 8 [ 593.576143][ T30] ? __blk_flush_plug+0x449/0x500 [ 593.588357][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 593.606404][ T30] ? __pfx___blk_flush_plug+0x10/0x10 [ 593.623304][ T30] ? schedule+0x90/0x320 [ 593.635386][ T30] schedule+0x14b/0x320 [ 593.652027][ T30] io_schedule+0x8d/0x110 [ 593.665959][ T30] folio_wait_bit_common+0x882/0x12b0 [ 593.693606][ T30] ? __pfx_folio_wait_bit_common+0x10/0x10 [ 593.714700][ T30] ? __pfx_wake_page_function+0x10/0x10 [ 593.724558][ T30] ? do_raw_spin_unlock+0x13c/0x8b0 [ 593.735796][ T30] z_erofs_runqueue+0xa8c/0x2010 [ 593.746722][ T30] ? __pfx_z_erofs_runqueue+0x10/0x10 [ 593.758738][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 593.768168][ T30] ? _raw_spin_unlock+0x28/0x50 [ 593.781011][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 593.791892][ T30] ? lockref_put_or_lock+0x75/0xc0 [ 593.797329][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 593.810486][ T30] z_erofs_readahead+0xbae/0xf00 [ 593.818016][ T30] ? __pfx_z_erofs_readahead+0x10/0x10 [ 593.830099][ T30] ? __pfx_lock_release+0x10/0x10 [ 593.837681][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 593.849155][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 593.858095][ T30] ? blk_start_plug+0x70/0x1b0 [ 593.870644][ T30] read_pages+0x180/0x840 [ 593.880830][ T30] ? __pfx_lru_add_fn+0x10/0x10 [ 593.885938][ T30] ? __pfx_read_pages+0x10/0x10 [ 593.896031][ T30] ? filemap_add_folio+0x26d/0x650 [ 593.906224][ T30] ? __pfx_filemap_add_folio+0x10/0x10 [ 593.918052][ T30] page_cache_ra_unbounded+0x6ce/0x7f0 [ 593.924723][ T30] force_page_cache_ra+0x280/0x2f0 [ 593.930236][ T30] generic_fadvise+0x528/0x840 [ 593.935155][ T30] ? __pfx_generic_fadvise+0x10/0x10 [ 593.940717][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 593.946484][ T30] ? __fget_files+0x3f6/0x470 [ 593.951858][ T30] ? __fget_files+0x29/0x470 [ 593.956588][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 593.965697][ T30] __x64_sys_fadvise64+0x145/0x190 [ 593.973717][ T30] do_syscall_64+0xf3/0x230 [ 593.988130][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 593.999216][ T30] RIP: 0033:0x7f3a8297def9 [ 594.007373][ T30] RSP: 002b:00007f3a836f9038 EFLAGS: 00000246 ORIG_RAX: 00000000000000dd [ 594.021909][ T30] RAX: ffffffffffffffda RBX: 00007f3a82b35f80 RCX: 00007f3a8297def9 [ 594.042105][ T30] RDX: 0000000000004101 RSI: 0000000000e0ffff RDI: 0000000000000004 [ 594.056046][ T30] RBP: 00007f3a829f0b56 R08: 0000000000000000 R09: 0000000000000000 [ 594.068417][ T30] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 594.083985][ T30] R13: 0000000000000000 R14: 00007f3a82b35f80 R15: 00007ffff0f61df8 [ 594.094497][ T30] [ 594.097720][ T30] [ 594.097720][ T30] Showing all locks held in the system: [ 594.106015][ T30] 1 lock held by khungtaskd/30: [ 594.120687][ T30] #0: ffffffff8e938320 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 594.143931][ T30] 3 locks held by kworker/u8:4/63: [ 594.154906][ T30] 2 locks held by getty/4985: [ 594.165957][ T30] #0: ffff88803066e0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 594.190065][ T30] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6ac/0x1e00 [ 594.205515][ T30] 1 lock held by syz.2.2820/12752: [ 594.211114][ T30] #0: ffff88805c361870 (mapping.invalidate_lock#6){.+.+}-{3:3}, at: page_cache_ra_unbounded+0xf7/0x7f0 [ 594.223321][ T30] 1 lock held by syz-executor/13531: [ 594.229195][ T30] #0: ffffffff8e93d6f8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830 [ 594.243671][ T30] 1 lock held by syz.1.4316/16372: [ 594.249007][ T30] #0: ffff88805a281e18 (&mm->mmap_lock){++++}-{3:3}, at: vm_mmap_pgoff+0x17c/0x3d0 [ 594.267202][ T30] 2 locks held by syz.1.4316/16375: [ 594.275351][ T30] #0: ffff8880b893e9d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 594.288337][ T30] #1: ffff8880b8928948 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x441/0x770 [ 594.301898][ T30] 2 locks held by syz.1.4316/16378: [ 594.308138][ T30] [ 594.311253][ T30] ============================================= [ 594.311253][ T30] [ 594.324526][ T30] NMI backtrace for cpu 1 [ 594.328904][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0 [ 594.339492][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 594.349596][ T30] Call Trace: [ 594.352901][ T30] [ 594.355859][ T30] dump_stack_lvl+0x241/0x360 [ 594.360582][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 594.365812][ T30] ? __pfx__printk+0x10/0x10 [ 594.370415][ T30] ? vprintk_emit+0x667/0x7c0 [ 594.375109][ T30] ? __pfx_vprintk_emit+0x10/0x10 [ 594.380167][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 594.385151][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 594.390633][ T30] ? _printk+0xd5/0x120 [ 594.394793][ T30] ? __pfx__printk+0x10/0x10 [ 594.399387][ T30] ? __wake_up_klogd+0xcc/0x110 [ 594.404255][ T30] ? __pfx__printk+0x10/0x10 [ 594.408848][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 594.414498][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 594.419535][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 594.425531][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 594.431534][ T30] watchdog+0xff4/0x1040 [ 594.435796][ T30] ? watchdog+0x1ea/0x1040 [ 594.440237][ T30] ? __pfx_watchdog+0x10/0x10 [ 594.444931][ T30] kthread+0x2f2/0x390 [ 594.449006][ T30] ? __pfx_watchdog+0x10/0x10 [ 594.453698][ T30] ? __pfx_kthread+0x10/0x10 [ 594.458289][ T30] ret_from_fork+0x4d/0x80 [ 594.462719][ T30] ? __pfx_kthread+0x10/0x10 [ 594.467321][ T30] ret_from_fork_asm+0x1a/0x30 [ 594.472639][ T30] [ 594.491703][ T30] Sending NMI from CPU 1 to CPUs 0: [ 594.497876][ C0] NMI backtrace for cpu 0 [ 594.497894][ C0] CPU: 0 UID: 0 PID: 63 Comm: kworker/u8:4 Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0 [ 594.497922][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 594.497938][ C0] Workqueue: bat_events batadv_nc_worker [ 594.497981][ C0] RIP: 0010:mark_lock+0xa2/0x350 [ 594.498022][ C0] Code: 00 8b 1b 81 e3 ff 1f 00 00 48 89 d8 48 c1 e8 06 48 8d 3c c5 40 48 1e 94 be 08 00 00 00 e8 e6 96 8a 00 48 0f a3 1d 4e 08 ae 12 <73> 10 48 69 c3 c8 00 00 00 48 8d 98 40 c7 ba 93 eb 68 48 c7 c0 c0 [ 594.498043][ C0] RSP: 0018:ffffc900015e78a8 EFLAGS: 00000057 [ 594.498063][ C0] RAX: 0000000000000001 RBX: 0000000000000021 RCX: ffffffff81703fea [ 594.498080][ C0] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff941e4840 [ 594.498097][ C0] RBP: 0000000000000009 R08: ffffffff941e4847 R09: 1ffffffff283c908 [ 594.498115][ C0] R10: dffffc0000000000 R11: fffffbfff283c909 R12: ffff88801df60000 [ 594.498133][ C0] R13: dffffc0000000000 R14: 0000000000000200 R15: ffff88801df60b30 [ 594.498155][ C0] FS: 0000000000000000(0000) GS:ffff8880b8800000(0000) knlGS:0000000000000000 [ 594.498176][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 594.498193][ C0] CR2: 00007feeacf08178 CR3: 000000000e734000 CR4: 0000000000350ef0 [ 594.498213][ C0] Call Trace: [ 594.498223][ C0] [ 594.498233][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 594.498267][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 594.498304][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 594.498348][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 594.498381][ C0] ? nmi_handle+0x151/0x5a0 [ 594.498406][ C0] ? nmi_handle+0x2a/0x5a0 [ 594.498431][ C0] ? mark_lock+0xa2/0x350 [ 594.498467][ C0] ? default_do_nmi+0x63/0x160 [ 594.498506][ C0] ? exc_nmi+0x123/0x1f0 [ 594.498538][ C0] ? end_repeat_nmi+0xf/0x53 [ 594.498577][ C0] ? mark_lock+0x9a/0x350 [ 594.498615][ C0] ? mark_lock+0xa2/0x350 [ 594.498651][ C0] ? mark_lock+0xa2/0x350 [ 594.498690][ C0] ? mark_lock+0xa2/0x350 [ 594.498726][ C0] [ 594.498735][ C0] [ 594.498744][ C0] ? __pfx_lock_release+0x10/0x10 [ 594.498780][ C0] __lock_acquire+0xc35/0x2040 [ 594.498827][ C0] lock_acquire+0x1ed/0x550 [ 594.498861][ C0] ? batadv_nc_worker+0xcb/0x610 [ 594.498902][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 594.498937][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 594.498974][ C0] ? batadv_nc_worker+0xcb/0x610 [ 594.499010][ C0] ? __pfx_lock_release+0x10/0x10 [ 594.499047][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 594.499088][ C0] batadv_nc_worker+0xec/0x610 [ 594.499123][ C0] ? batadv_nc_worker+0xcb/0x610 [ 594.499158][ C0] ? batadv_nc_worker+0xcb/0x610 [ 594.499196][ C0] ? process_scheduled_works+0x945/0x1830 [ 594.499229][ C0] process_scheduled_works+0xa2e/0x1830 [ 594.499282][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 594.499321][ C0] ? assign_work+0x364/0x3d0 [ 594.499357][ C0] worker_thread+0x86d/0xd10 [ 594.499406][ C0] ? __kthread_parkme+0x169/0x1d0 [ 594.499443][ C0] ? __pfx_worker_thread+0x10/0x10 [ 594.499477][ C0] kthread+0x2f2/0x390 [ 594.499504][ C0] ? __pfx_worker_thread+0x10/0x10 [ 594.499537][ C0] ? __pfx_kthread+0x10/0x10 [ 594.499560][ C0] ret_from_fork+0x4d/0x80 [ 594.499595][ C0] ? __pfx_kthread+0x10/0x10 [ 594.499617][ C0] ret_from_fork_asm+0x1a/0x30 [ 594.499664][ C0] [ 594.554518][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 594.554550][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0 [ 594.554584][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 594.554602][ T30] Call Trace: [ 594.554616][ T30] [ 594.554629][ T30] dump_stack_lvl+0x241/0x360 [ 594.554671][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 594.554705][ T30] ? __pfx__printk+0x10/0x10 [ 594.554731][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 594.554789][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 594.554831][ T30] ? vscnprintf+0x5d/0x90 [ 594.554871][ T30] panic+0x349/0x860 [ 594.554897][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 594.554941][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 594.554981][ T30] ? __pfx_panic+0x10/0x10 [ 594.555006][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 594.555040][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 594.555080][ T30] ? __irq_work_queue_local+0x137/0x410 [ 594.929906][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 594.935747][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 594.941135][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 594.947313][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 594.953695][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 594.959370][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 594.965556][ T30] watchdog+0x1033/0x1040 [ 594.969925][ T30] ? watchdog+0x1ea/0x1040 [ 594.974371][ T30] ? __pfx_watchdog+0x10/0x10 [ 594.979067][ T30] kthread+0x2f2/0x390 [ 594.983146][ T30] ? __pfx_watchdog+0x10/0x10 [ 594.987845][ T30] ? __pfx_kthread+0x10/0x10 [ 594.992464][ T30] ret_from_fork+0x4d/0x80 [ 594.996944][ T30] ? __pfx_kthread+0x10/0x10 [ 595.001655][ T30] ret_from_fork_asm+0x1a/0x30 [ 595.006581][ T30] [ 595.009873][ T30] Kernel Offset: disabled [ 595.014197][ T30] Rebooting in 86400 seconds..