last executing test programs: 8.432713714s ago: executing program 3 (id=2711): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000600)=ANY=[@ANYBLOB="12010000a3b370086d04ae08581101020301090212000d000000000904"], 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000040)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$hid(r0, 0x0, 0x0) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) waitid(0x0, 0x0, 0x0, 0x4, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) 8.294021203s ago: executing program 0 (id=2712): r0 = userfaultfd(0x80001) close_range(r0, 0xffffffffffffffff, 0x0) 8.16537384s ago: executing program 0 (id=2714): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0xf, {[@main=@item_4={0x3, 0x0, 0x0, "a8407a73"}, @local=@item_4={0x3, 0x2, 0x0, "93bf0280"}, @main=@item_4={0x3, 0x0, 0x0, "7488dffc"}]}}, 0x0}, 0x0) r1 = syz_open_dev$hiddev(&(0x7f0000000100), 0x0, 0x0) ioctl$HIDIOCSUSAGES(r1, 0x501c4814, &(0x7f0000000140)={{0x1, 0x2, 0x8, 0x6, 0x2b53}, 0x1c5, [0x7, 0x7, 0x8001, 0x5, 0xc, 0x6, 0x5, 0x1, 0xffffffff, 0x6, 0x10, 0x8001, 0xba, 0x4, 0x8, 0x321, 0x14, 0x2c, 0x8, 0xffff, 0x0, 0x10001, 0xffffffff, 0x9d3, 0x9, 0x1, 0x8, 0xffffffb3, 0x7fffffff, 0x6, 0x9, 0x80, 0xa5, 0x9, 0x2, 0xfffffffb, 0xb, 0x7f, 0x0, 0x5, 0xe7f, 0x5, 0x3, 0x5, 0xe3d, 0x4, 0x7, 0x19, 0xfffff531, 0x8, 0x4, 0x7, 0x4, 0xe, 0x10000, 0xfffffffe, 0x4, 0x0, 0x6, 0x8, 0x2, 0x6, 0x3, 0x151, 0x7, 0xc9d4, 0xfffffff8, 0x8, 0x3, 0x57, 0x100, 0x0, 0x3228, 0x2, 0x9, 0x1, 0x1, 0x5, 0x2bf1, 0x4, 0xff, 0x8, 0x3, 0x10001, 0x3, 0x2, 0x7, 0x5, 0x4, 0x1, 0xf, 0x2, 0x8, 0xd227, 0x8000, 0x8, 0x3, 0x100, 0x4, 0x10001, 0x9, 0x7fffffff, 0xc, 0x7, 0xfffffff8, 0x3, 0x3ff, 0x3, 0x1, 0x2, 0x3, 0x3, 0x3, 0xbd67d2, 0x8, 0x4, 0x28, 0x6, 0x0, 0x8, 0xffffffff, 0x5, 0x1dc, 0xa, 0x0, 0xe45, 0x5, 0x9, 0x2, 0x2, 0x3, 0x3, 0xa74, 0x0, 0x3d2f, 0x3, 0xdd, 0x4, 0x9, 0x1, 0x6, 0xb, 0x9, 0x2, 0x5, 0x7, 0x9, 0xe18, 0x7ff, 0xffffccb9, 0x81, 0xfffffffe, 0x5, 0x6, 0x6, 0x1d85, 0x9, 0x3, 0xd59b, 0x0, 0x4, 0x1, 0x7, 0x4, 0x6, 0x6, 0x9, 0x3, 0x3, 0x4, 0x2, 0x9, 0x10, 0xf, 0x4, 0x1, 0x800, 0x7f, 0x0, 0x800, 0x3, 0xfffffff9, 0x3, 0x3, 0x2, 0x10000, 0x6, 0x4, 0xfffff800, 0xc0000, 0x1, 0x40, 0x10001, 0x3ff, 0x0, 0x6, 0x10001, 0x4, 0x1, 0x8, 0x28, 0x4, 0xffff, 0x5, 0xff, 0x1, 0x0, 0x2, 0x3ff, 0x2, 0xd85, 0x7fff, 0x41ab, 0xffffffff, 0x4, 0x0, 0x5, 0x31e, 0x0, 0x8001, 0x3, 0x0, 0x0, 0xddf, 0x1ce0, 0x1, 0x4, 0xafa, 0x6, 0x40, 0x7, 0x1, 0x3, 0x4, 0x3, 0xfffffffc, 0x0, 0x7, 0x8, 0x1, 0x1, 0xfffff800, 0x4, 0x4, 0xc7, 0x0, 0x2, 0xb88, 0x40, 0x3, 0x8001, 0xfff, 0x1, 0x4, 0x8, 0x5, 0x4, 0x400, 0x6, 0x1, 0x0, 0x401, 0xc49, 0x0, 0x4, 0x0, 0x2, 0x8000, 0x4, 0x7, 0x1, 0x416f1ced, 0xcd, 0x0, 0xffffffff, 0x8, 0x1, 0xa5e, 0x1, 0x80000000, 0x2, 0x5a480000, 0xa37, 0x7ff, 0xf6, 0x5, 0x7ff, 0x80, 0xffffffff, 0x0, 0xc6, 0x8, 0xfffffa54, 0x4, 0x2, 0x4, 0x4, 0xea0, 0x6, 0xb2b, 0x81, 0x9, 0x0, 0x7, 0x40, 0x1, 0x2, 0x940, 0x3, 0x8, 0xd, 0x5, 0x369, 0x9, 0x7, 0x2, 0x5, 0x4, 0x419, 0x4, 0x1, 0x5, 0xac2, 0x7, 0x101, 0x5, 0x4, 0x7, 0xac, 0x0, 0x7, 0x6, 0x8001, 0x6, 0x35, 0x80000001, 0xc, 0x9, 0xffffffff, 0xdbf, 0x1000, 0x6, 0x3, 0x8, 0xf8b8, 0x7f, 0x5, 0xa22, 0x7, 0x8, 0x7, 0x1, 0x256, 0x1ff, 0x400, 0x2, 0x8, 0x57c00000, 0x7, 0x7, 0x8000, 0xfffff1b7, 0x3ff, 0x2, 0xfff, 0x4, 0x818, 0x1000, 0x199b, 0x6, 0x0, 0x7, 0x5, 0x0, 0x0, 0x489, 0x7, 0x1, 0x4, 0xde9, 0x35000000, 0xf81, 0x243, 0x2c, 0x4990fabb, 0x3b8, 0x9, 0x3, 0x10001, 0x8001, 0xc7, 0x4, 0x8000, 0x4, 0x3, 0x2, 0xd, 0x2, 0x6, 0x104, 0x8, 0x1, 0x200, 0x5, 0xd, 0x7, 0x4, 0x4, 0x6, 0x7, 0x7, 0x200, 0x7fff, 0x2, 0xfc9, 0x1, 0x2, 0x3, 0x7fffffff, 0x9, 0x10001, 0x3, 0xdf4, 0x4, 0xb07, 0x1, 0x5, 0x401, 0x7, 0x0, 0x9, 0x9, 0xfd0, 0x9, 0xfffffff7, 0x10001, 0x5, 0x6, 0x5, 0x1, 0x9, 0x0, 0x1, 0x7, 0x8000, 0x49, 0x7fffffff, 0xffffff01, 0x0, 0x100, 0xafca, 0x1, 0x18, 0x6, 0x2bbc, 0x7, 0x5, 0x1, 0x5, 0xd, 0x8, 0x5, 0x4, 0x1, 0xfffffff8, 0xb9, 0x10000, 0x3, 0x4, 0x3bc, 0x3, 0x3ff, 0x2, 0x3ff, 0xffffff7f, 0x46, 0x4, 0x9, 0x1, 0x4, 0x2, 0x8, 0x6, 0x6, 0x4f08, 0x9b, 0x1, 0x40000, 0x1ff, 0xec, 0x4, 0x8, 0x6c3ad364, 0xc, 0xf1, 0x0, 0x5, 0x80, 0x5400, 0x6, 0x40, 0x5, 0x8, 0x3, 0x2, 0x3, 0x0, 0x5, 0x1, 0x9, 0x6, 0x2, 0xc, 0x1, 0x200, 0x200, 0xfffffffc, 0x7f, 0x10000, 0x5, 0x2, 0x0, 0x4, 0x3, 0x1, 0x0, 0x8f63, 0x9, 0x1, 0x10, 0x8, 0x80000001, 0x7, 0xffff, 0x6, 0x9, 0x401, 0x30, 0xfffffff9, 0x9, 0x0, 0xb, 0x9, 0x5, 0x6, 0xc, 0xfffffffc, 0xffff534f, 0x2a, 0x6, 0x0, 0x0, 0x1, 0x5, 0x5b1, 0x3, 0x800, 0x7, 0x6, 0x8, 0x7, 0xe, 0x1, 0xb, 0x9d, 0xc8082c7c, 0xf4, 0x2, 0x2, 0x6, 0x9, 0x9, 0x1, 0x404, 0x0, 0x1a, 0x7, 0x1, 0x4, 0xfffffc00, 0x3, 0x7, 0xe7, 0x9a, 0x6, 0x6, 0x1, 0x8bf, 0x7, 0x2, 0x5, 0x100, 0x6, 0x0, 0x9, 0x8, 0x2, 0x7, 0x9, 0x400, 0x0, 0x100, 0x1, 0x5, 0x8, 0xffffffff, 0x9, 0x3, 0xb17b, 0x0, 0x9, 0x7f0, 0x6, 0x8, 0xd27, 0xf, 0x340000, 0x5, 0xdb, 0x6, 0x0, 0x401, 0x6, 0x6, 0x101, 0x2cf6, 0x0, 0x80000001, 0x9, 0x1, 0x8, 0xad9, 0x200, 0x1, 0x4635, 0x1, 0x4, 0xc, 0x6, 0x80000000, 0x6, 0x7ff, 0x1, 0x85, 0x400, 0x6, 0xffff1ce3, 0xc0000000, 0x64f, 0x1, 0x0, 0x23, 0x0, 0x8000, 0xf, 0x6, 0x0, 0x5, 0x0, 0x4, 0x6, 0x6, 0x0, 0x1, 0x4352, 0x3, 0x15e, 0x6, 0x61, 0xff, 0x2, 0x32, 0x6, 0x5, 0x4, 0x9, 0x9, 0xfffffff3, 0x8, 0xfffffff8, 0x40, 0xffffffff, 0x1, 0x3, 0x160, 0x100, 0x31c, 0x63, 0x1573, 0x100, 0xb22a, 0x40, 0x3ff, 0x9, 0x3, 0xbd5, 0xfffffffe, 0x5, 0x1, 0x2, 0x2, 0x57, 0x3ff, 0x7fff, 0x8, 0x9, 0x5, 0x2, 0xa, 0x7, 0x3, 0x7a37, 0x7, 0xffffffff, 0x6, 0x6, 0x3dc, 0xe, 0x87, 0x800, 0x0, 0x8, 0x4, 0x1, 0x8, 0x5, 0x3, 0x5, 0x5c2, 0x4, 0x2, 0x40, 0xb212, 0x3ff, 0x4, 0xfffffe00, 0xf, 0x7, 0xc993, 0x8, 0xa2, 0x1, 0x9, 0x2, 0xfffffff9, 0x0, 0x1000, 0x80000001, 0x4, 0x1ff, 0x7f, 0x200, 0x627f, 0xb1, 0x2, 0x3, 0x9, 0xff, 0x5, 0xffff, 0x0, 0x9, 0x5, 0x0, 0x5, 0x5, 0x605852d, 0x7, 0xc, 0x0, 0x1ff, 0x3, 0x4000, 0x9, 0x1, 0x0, 0x7f, 0xae680fa0, 0x0, 0xffffffff, 0x620b, 0x1, 0x10001, 0x1, 0x0, 0x0, 0xa5, 0x4, 0x4, 0x3ff, 0x21, 0xffffff7f, 0x5, 0xfff, 0x10001, 0x8, 0xfffffeff, 0x401, 0x4, 0x8, 0xba8, 0x6, 0xffffbc58, 0x3ff, 0x0, 0x306, 0x4, 0x1ff, 0x50f80431, 0x6, 0x10, 0x0, 0x6, 0x9, 0x2, 0x3, 0x6, 0x1, 0x0, 0x6, 0xfffffffb, 0x5b768d91, 0x80, 0x2, 0x2, 0x6, 0x6, 0x9, 0x5, 0x7, 0x7fff, 0x6, 0x2, 0x8, 0x80, 0x124, 0x0, 0x1, 0x7b400000, 0x7, 0x6, 0x8, 0x10000, 0x80, 0xfffff801, 0x1000, 0x900c, 0x2, 0x800, 0x0, 0x2, 0x0, 0x0, 0x9, 0x4, 0x5, 0x1, 0xc, 0x6, 0x2, 0x8, 0xffffffff, 0x4, 0x10, 0xee, 0x4, 0x573, 0x7, 0x9, 0x10000, 0x7, 0x2, 0x81, 0x200, 0x8, 0xd8, 0x9, 0x3cf, 0x8, 0xce24, 0xc6, 0x3c7d, 0x3, 0x0, 0x96a, 0x3, 0x9, 0xfffffbff, 0xffff, 0x7, 0x4, 0x0, 0x1, 0x9, 0x1, 0x7ff, 0x9, 0x3, 0x401, 0xe2c, 0x1ff, 0x0, 0x3d, 0x5, 0x7fffffff, 0xe1f8, 0x6, 0x8, 0x55d, 0x6, 0x6, 0x6, 0x40, 0x40, 0x57, 0x3, 0x10000, 0x5, 0x2, 0x8, 0xd, 0x101, 0x9, 0x7, 0xca, 0xc, 0x9, 0x1, 0x7d, 0x7, 0x3, 0x8, 0x800, 0x1000, 0x7, 0x7ff, 0xf, 0xc, 0x800, 0xfffffffc, 0xce, 0x6, 0x630, 0x7, 0x101, 0xa3, 0x7b1, 0x10, 0x0, 0x5, 0xfffff867, 0x1, 0x5e47, 0xfffffffd, 0x1000, 0xc, 0x3ff, 0x83dd, 0x9, 0x6, 0x0, 0x2, 0x4, 0x1, 0x8, 0x7f, 0x6, 0xfffffffe, 0x9, 0xff, 0x3ff, 0xb, 0x213, 0x5, 0x1, 0x8, 0x4, 0x7, 0x3, 0xa, 0x7fffffff, 0x9, 0x2, 0x3, 0x177, 0x1, 0x80000000, 0x0, 0x5, 0x7fffffff, 0xfffff47c, 0x8, 0x5, 0x5, 0x6, 0xff, 0x3, 0x5, 0x1, 0xd, 0x7, 0x7, 0x9, 0x4, 0x4, 0xfffffffc, 0x6, 0x7cdb, 0x9, 0x3, 0x3, 0x7, 0x7fffffff, 0x7, 0x3, 0x40, 0xd, 0xfff, 0x60000000, 0x1, 0x1, 0x7, 0x3]}) 6.012941077s ago: executing program 2 (id=2717): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x80000001, 0x0, 0x0, 0x200, 0x2004c8, 0x8000000, 0x7, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x96], 0x0, 0x202800}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 5.990773657s ago: executing program 4 (id=2718): r0 = open(&(0x7f0000000140)='./file0\x00', 0x60102, 0x0) timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) ppoll(&(0x7f0000000000)=[{r0, 0x2440}], 0x1, 0x0, &(0x7f00000000c0)={[0x8000]}, 0x8) 5.879169275s ago: executing program 4 (id=2719): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000600), 0x0, 0x0) r1 = syz_open_dev$vim2m(&(0x7f0000000680), 0x8, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1}) ioctl$vim2m_VIDIOC_QBUF(r1, 0xc058560f, &(0x7f00000002c0)=@multiplanar_mmap={0x0, 0x2, 0x0, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "fafc00"}, 0x0, 0x1, {0x0}}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000000000000021000040"]) close_range(r0, 0xffffffffffffffff, 0x0) 5.801031789s ago: executing program 2 (id=2720): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a3000000000090003007379"], 0x7c}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETCHAIN(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="2c000000040a01040000000000000000020000000900010073797a30"], 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x24000000) 5.740489052s ago: executing program 2 (id=2721): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xe8381, 0x0) ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000040)={0x4, 0x1000, 0x0, {0xa, @pix_mp={0x0, 0xffffffff, 0x0, 0x9, 0xa, [{0xfffffffa, 0x117}, {0xfffffffc, 0x1000}, {}, {}, {}, {}, {0x215, 0x5}, {0xfffffffd}], 0x7, 0x2, 0x0, 0x0, 0x1}}, 0xffffffbc}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xe, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil}) r3 = dup(r2) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000)=@arm64={0x9, 0xfc, 0x2, '\x00', 0x8001}) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f00000002c0)=0x10000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 5.686547975s ago: executing program 0 (id=2722): r0 = syz_open_dev$swradio(&(0x7f00000000c0), 0x0, 0x2) syz_open_procfs(0x0, 0x0) openat$dsp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) socket$alg(0x26, 0x5, 0x0) socket$tipc(0x1e, 0x2, 0x0) socket$tipc(0x1e, 0x2, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000000)={0x4000200a}) ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xf0f041}) 5.628137609s ago: executing program 4 (id=2723): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000001800)='/sys/kernel/uevent_seqnum', 0x40000, 0x0) read$FUSE(r3, &(0x7f0000002340)={0x2020}, 0x78) r4 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00') writev(r4, &(0x7f0000000380)=[{&(0x7f0000000000)='4', 0x1}, {0x0}], 0x2) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f00000001c0)={{&(0x7f0000224000/0x4000)=nil, 0x4000}, 0xf}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00'}, 0x18) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0x3, &(0x7f00000006c0)=ANY=[], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x64, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) openat$ptmx(0xffffffffffffff9c, 0x0, 0x41, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r5 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_int(r5, 0x29, 0x19, &(0x7f0000000000)=0x84, 0xfde1) recvmmsg(r5, &(0x7f0000002480)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2000, 0x0) 5.566978043s ago: executing program 0 (id=2724): timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) io_uring_setup(0x64ff, &(0x7f0000000100)={0x0, 0x5f3, 0x7b474f79173a12b1, 0x2, 0x3ae}) 4.753677621s ago: executing program 1 (id=2726): r0 = add_key$keyring(0x0, &(0x7f0000000500)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$setperm(0x5, r0, 0x1c303911) keyctl$read(0xb, r0, &(0x7f00000001c0)=""/32, 0x20) 4.697169124s ago: executing program 2 (id=2727): socket$packet(0x11, 0x2, 0x300) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) syz_open_dev$vcsa(&(0x7f0000000080), 0x7, 0x600) write$binfmt_script(r0, &(0x7f0000000340), 0x4) openat$uinput(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, &(0x7f0000000240)={"4ed53c21a0e371d637458b309525bd9b08ae8adaf6e958866bdd1aaa6b19d9ce"}) lstat(&(0x7f0000000100)='./file0\x00', 0x0) sendmsg$ETHTOOL_MSG_RINGS_GET(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, 0x0}, 0x0) syz_open_procfs(0x0, &(0x7f00000001c0)='net/netlink\x00') prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x3) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) futex(&(0x7f000000cffc)=0x1, 0xd, 0x0, 0x0, 0x0, 0x0) capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffffb}) 3.692933293s ago: executing program 2 (id=2728): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904000001faf40d000905820349"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_disconnect(r0) 3.342942643s ago: executing program 1 (id=2729): accept4(0xffffffffffffffff, 0x0, 0x0, 0x80000) openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = dup(r2) syz_kvm_setup_cpu$x86(r1, r3, &(0x7f000043f000/0x18000)=nil, &(0x7f0000000500)=[@text32={0x20, 0x0}], 0x1, 0x1d, 0x0, 0x0) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000024d564b000000eccd"]) 3.273351417s ago: executing program 3 (id=2730): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x50}}, 0x0) syz_open_dev$dri(0x0, 0x1ff, 0x0) r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x101001) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) r1 = syz_io_uring_setup(0x10d2, &(0x7f0000000240)={0x0, 0x7734, 0x81, 0x0, 0x34b}, &(0x7f00000000c0)=0x0, &(0x7f0000000140)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4) io_uring_enter(r1, 0x47bc, 0x0, 0x0, 0x0, 0x0) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={0x0}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, 0x0) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(0xffffffffffffffff, 0xc02064b9, 0x0) 2.916987589s ago: executing program 3 (id=2731): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014"], 0x7c}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETCHAIN(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="2c000000040a01040000000000000000020000000900010073797a30"], 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x24000000) 2.839423503s ago: executing program 1 (id=2732): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000600), 0x204100, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) bind$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x2710}, 0x10) io_setup(0x7, 0x0) listen(r1, 0x0) r2 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r2, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB='.\x00\x00'], 0x20) r3 = dup(r2) write$6lowpan_enable(r3, &(0x7f0000000000)='1', 0x1) close_range(r0, 0xffffffffffffffff, 0x0) 2.745265228s ago: executing program 3 (id=2733): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000047000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a876d839240d29c035055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7e8dc34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bb4"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r2 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="2001", @ANYRES16=r1, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32=r3, @ANYBLOB="47000e00800000000802110000000802110000015050505050500000000000000000000064000000000602020202020204060000000000000602000025030034003c040106b80400080026006c09000008000c006400000008000d0000000000a2000f00329c"], 0x120}, 0x1, 0x0, 0x0, 0x90}, 0x0) 2.616979706s ago: executing program 1 (id=2734): r0 = syz_open_dev$swradio(&(0x7f00000000c0), 0x0, 0x2) syz_open_procfs(0x0, 0x0) openat$dsp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) socket$alg(0x26, 0x5, 0x0) socket$tipc(0x1e, 0x2, 0x0) socket$tipc(0x1e, 0x2, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000000)={0x4000200a}) ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xf0f041}) 2.55982915s ago: executing program 4 (id=2735): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@newtaction={0x2d8, 0x30, 0x300, 0x70bd2d, 0x25dfdbff, {}, [{0x2c4, 0x1, [@m_skbedit={0x84, 0x19, 0x0, 0x0, {{0xc}, {0x14, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x5}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0xfff1}}]}, {0x45, 0x6, "de616dd9ce3b892bb6fafca061bed3e644dcf9151f4527045657b89def02bb9cad6c62f8293cff1e7df3eb0803889f2fd92b151ed17ab9f17c47463bf4e7afe47a"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_gact={0xfc, 0xc, 0x0, 0x0, {{0x9}, {0x34, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0xbf1, 0x8001, 0x4, 0xae5a, 0x1}}, @TCA_GACT_PARMS={0x18, 0x2, {0x80000000, 0x5, 0xe, 0x466e, 0x80000001}}]}, {0x9d, 0x6, "0f617356f0a663079ab7576a2846e5b3b3d9b048dc90bac2c3b40552dc14f7774371c98d6e2763d4fda783e36f45e224484cc6a0e6a530d841c87c70bbf3448d6187a58197fa3ffb0b318a51cc59415ac311a355fe1d08f8de9966d8ba89a56bfbc37c6af7d37dcdeb618f98f29bf3b05a23cefbbf51193614c08c162352d9eaad342b2f307dd8babd71ab8a1c4f80bbbbccc8ce4d369a33f9"}, {0xc}, {0xc}}}, @m_sample={0xb0, 0x1e, 0x0, 0x0, {{0xb}, {0x54, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x1000}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x3ff}, @TCA_SAMPLE_RATE={0x8, 0x3, 0xff}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0xef3}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x3}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x2}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x40000009}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x1, 0x8001, 0x1, 0x0, 0x8c75}}]}, {0x31, 0x6, "4d11ef01da7337625695ddc3d5012aa6f3638794346943b9ee757a1a4ac5f8ce5f6016d63b9db431952a32c8ea"}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}, @m_ctinfo={0x30, 0x33, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x3, 0x3}}}}, @m_nat={0x60, 0x1a, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0xfffc, 0x2, 0x3, 0x7f, 0x8}, @remote, @rand_addr=0x64010101, 0x0, 0x3}}]}, {0xf, 0x6, "86fe02a44120c13541d04a"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x2}}}}]}]}, 0x2d8}}, 0x0) listen(0xffffffffffffffff, 0x100101) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 2.507141823s ago: executing program 3 (id=2736): socket$packet(0x11, 0x2, 0x300) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) syz_open_dev$vcsa(&(0x7f0000000080), 0x7, 0x600) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x21, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) write$binfmt_script(r0, &(0x7f0000000340), 0x4) ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, &(0x7f0000000240)={"4ed53c21a0e371d637458b309525bd9b08ae8adaf6e958866bdd1aaa6b19d9ce"}) lstat(&(0x7f0000000100)='./file0\x00', 0x0) sendmsg$ETHTOOL_MSG_RINGS_GET(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, 0x0}, 0x0) syz_open_procfs(0x0, &(0x7f00000001c0)='net/netlink\x00') prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x3) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) futex(&(0x7f000000cffc)=0x1, 0xd, 0x0, 0x0, 0x0, 0x0) capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffffb}) pipe2(&(0x7f0000000040), 0x880) 2.432982697s ago: executing program 0 (id=2737): r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x141842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x3) syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) rename(0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) write$FUSE_NOTIFY_INVAL_ENTRY(r1, &(0x7f0000000340)=ANY=[], 0x21) sendfile(r1, r0, 0x0, 0x40001) mount(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000000)='hfsplus\x00', 0x401, 0x0) 2.424395577s ago: executing program 1 (id=2738): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xe8381, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xe, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x40f00, 0x22, '\x00', 0x0, @sk_skb=0x4, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil}) r3 = dup(r2) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000)=@arm64={0x9, 0xfc, 0xff, '\x00', 0x8001}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f00000002c0)=0x10000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2.37908873s ago: executing program 4 (id=2739): socket(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_netfilter(0x10, 0x3, 0xc) syz_open_dev$radio(&(0x7f0000000200), 0x3, 0x2) socket(0x10, 0x803, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) socket$netlink(0x10, 0x3, 0x0) r0 = creat(&(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x4, r0}, 0x38) sendmsg$inet6(r1, &(0x7f0000000600)={&(0x7f0000000080)={0xa, 0x4e20, 0x1000000080000, @dev={0xfe, 0x80, '\x00', 0x3f}}, 0x1c, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000029000000040000002b00000000000007100000000000000029"], 0x30}, 0x0) 1.165097811s ago: executing program 3 (id=2740): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000a000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x6, 0x8, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 189.756649ms ago: executing program 0 (id=2741): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x1c, &(0x7f0000000080)=[@in6={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}]}, &(0x7f0000000180)=0x10) socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, &(0x7f00000001c0)=0x9c) 100.612484ms ago: executing program 2 (id=2742): accept4(0xffffffffffffffff, 0x0, 0x0, 0x80000) openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = dup(r2) syz_kvm_setup_cpu$x86(r1, r3, &(0x7f000043f000/0x18000)=nil, &(0x7f0000000500)=[@text32={0x20, 0x0}], 0x1, 0x1d, 0x0, 0x0) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000024d564b000000eccd"]) 58.428526ms ago: executing program 4 (id=2743): r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0) preadv(r0, &(0x7f0000000cc0)=[{&(0x7f0000000680)=""/146, 0x92}], 0x1, 0xd1, 0x9) 0s ago: executing program 1 (id=2744): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014"], 0x7c}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETCHAIN(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="2c000000040a01040000000000000000020000000900010073797a30"], 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x24000000) kernel console output (not intermixed with test programs): 57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.954 (7227) [ 161.642710][ T7227] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 161.673644][ T7227] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 161.737951][ T7227] BTRFS info (device loop0): use no compression [ 161.770125][ T7227] BTRFS info (device loop0): turning on sync discard [ 161.804520][ T7227] BTRFS info (device loop0): force clearing of disk cache [ 161.821924][ T7227] BTRFS info (device loop0): enabling auto defrag [ 161.853199][ T7227] BTRFS info (device loop0): turning off discard [ 161.872705][ T7227] BTRFS info (device loop0): using free space tree [ 162.126783][ T7227] BTRFS info (device loop0): enabling ssd optimizations [ 162.140117][ T7227] BTRFS info (device loop0): rebuilding free space tree [ 162.259058][ T27] audit: type=1800 audit(1740005871.588:44): pid=7227 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.954" name="bus" dev="loop0" ino=264 res=0 errno=0 [ 162.319291][ T27] audit: type=1800 audit(1740005871.618:45): pid=7227 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.954" name="bus" dev="loop0" ino=264 res=0 errno=0 [ 162.455273][ T27] audit: type=1800 audit(1740005871.788:46): pid=7227 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.954" name="bus" dev="loop0" ino=264 res=0 errno=0 [ 162.476165][ T7227] BTRFS error (device loop0): balance: mixed groups data and metadata options must be the same [ 162.632279][ T7284] device syz_tun entered promiscuous mode [ 162.698296][ T7284] device batadv_slave_0 entered promiscuous mode [ 162.806871][ T31] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared) [ 162.966370][ T4245] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 163.207791][ T7278] loop3: detected capacity change from 0 to 32768 [ 163.230300][ T7278] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.968 (7278) [ 163.280095][ T7271] loop1: detected capacity change from 0 to 32768 [ 163.297411][ T7296] __nla_validate_parse: 6 callbacks suppressed [ 163.297428][ T7296] netlink: 4 bytes leftover after parsing attributes in process `syz.4.976'. [ 163.316890][ T7296] netlink: 12 bytes leftover after parsing attributes in process `syz.4.976'. [ 163.327016][ T7278] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 163.348645][ T7278] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 163.365800][ T7278] BTRFS info (device loop3): use no compression [ 163.382498][ T7278] BTRFS info (device loop3): turning on sync discard [ 163.390173][ T7278] BTRFS info (device loop3): force clearing of disk cache [ 163.397012][ T7271] XFS (loop1): Mounting V5 Filesystem [ 163.398001][ T7278] BTRFS info (device loop3): enabling auto defrag [ 163.410345][ T7278] BTRFS info (device loop3): turning off discard [ 163.418195][ T7278] BTRFS info (device loop3): using free space tree [ 163.452090][ T7278] BTRFS info (device loop3): enabling ssd optimizations [ 163.461959][ T7278] BTRFS info (device loop3): rebuilding free space tree [ 163.556254][ T7271] XFS (loop1): Ending clean mount [ 163.567020][ T27] audit: type=1800 audit(1740005872.898:47): pid=7278 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.968" name="bus" dev="loop3" ino=264 res=0 errno=0 [ 163.601292][ T7271] XFS (loop1): Quotacheck needed: Please wait. [ 163.667863][ T7271] XFS (loop1): Quotacheck: Done. [ 163.667866][ T27] audit: type=1800 audit(1740005872.928:48): pid=7278 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.968" name="bus" dev="loop3" ino=264 res=0 errno=0 [ 163.742323][ T27] audit: type=1800 audit(1740005873.068:49): pid=7278 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.968" name="bus" dev="loop3" ino=264 res=0 errno=0 [ 163.806407][ T7278] BTRFS info (device loop3): balance: start -d -m [ 163.875474][ T4252] XFS (loop1): Unmounting Filesystem [ 163.901340][ T7278] BTRFS info (device loop3): relocating block group 8519680 flags data|metadata [ 164.144556][ T7278] BTRFS info (device loop3): relocating block group 6881280 flags data|metadata [ 164.155116][ T11] BTRFS info (device loop3): qgroup scan completed (inconsistency flag cleared) [ 164.381745][ T7278] BTRFS info (device loop3): relocating block group 5242880 flags data|metadata [ 164.570767][ T7325] loop0: detected capacity change from 0 to 32768 [ 164.604552][ T7342] netlink: 4 bytes leftover after parsing attributes in process `syz.2.982'. [ 164.618600][ T7278] BTRFS info (device loop3): found 19 extents, stage: move data extents [ 164.697539][ T7325] XFS (loop0): Mounting V5 Filesystem [ 164.774936][ T7278] BTRFS info (device loop3): found 10 extents, stage: update data pointers [ 164.811419][ T7325] XFS (loop0): Ending clean mount [ 164.827457][ T7325] XFS (loop0): Quotacheck needed: Please wait. [ 164.829616][ T7352] netlink: 'syz.2.983': attribute type 1 has an invalid length. [ 164.885954][ T7352] device bond5 entered promiscuous mode [ 164.891785][ T7352] 8021q: adding VLAN 0 to HW filter on device bond5 [ 164.907107][ T7325] XFS (loop0): Quotacheck: Done. [ 164.954816][ T7278] BTRFS info (device loop3): 1 enospc errors during balance [ 165.009377][ T7278] BTRFS info (device loop3): balance: ended with status: -28 [ 165.093810][ T4245] XFS (loop0): Unmounting Filesystem [ 165.565620][ T7362] netlink: 4 bytes leftover after parsing attributes in process `syz.2.987'. [ 165.592325][ T7362] netlink: 12 bytes leftover after parsing attributes in process `syz.2.987'. [ 165.729729][ T4257] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 165.935390][ T7372] netlink: 4 bytes leftover after parsing attributes in process `syz.4.993'. [ 166.641913][ T7367] loop1: detected capacity change from 0 to 32768 [ 166.748059][ T7367] XFS (loop1): Mounting V5 Filesystem [ 166.875684][ T7367] XFS (loop1): Ending clean mount [ 166.902677][ T7367] XFS (loop1): Quotacheck needed: Please wait. [ 166.980226][ T7367] XFS (loop1): Quotacheck: Done. [ 167.155908][ T4252] XFS (loop1): Unmounting Filesystem [ 167.265885][ T7377] loop4: detected capacity change from 0 to 32768 [ 167.423158][ T7377] XFS (loop4): Mounting V5 Filesystem [ 167.563828][ T7377] XFS (loop4): Ending clean mount [ 167.570932][ T7377] XFS (loop4): Quotacheck needed: Please wait. [ 167.638069][ T7377] XFS (loop4): Quotacheck: Done. [ 167.772516][ T4253] XFS (loop4): Unmounting Filesystem [ 167.874450][ T7414] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1002'. [ 167.903831][ T7414] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1002'. [ 168.097953][ T7404] loop2: detected capacity change from 0 to 32768 [ 168.134559][ T7404] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.1001 (7404) [ 168.228923][ T7404] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 168.268064][ T7404] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 168.317750][ T7404] BTRFS info (device loop2): use no compression [ 168.348064][ T7404] BTRFS info (device loop2): turning on sync discard [ 168.378392][ T7404] BTRFS info (device loop2): force clearing of disk cache [ 168.423552][ T7404] BTRFS info (device loop2): enabling auto defrag [ 168.442434][ T7422] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1005'. [ 168.442669][ T7404] BTRFS info (device loop2): turning off discard [ 168.507325][ T7404] BTRFS info (device loop2): using free space tree [ 168.764078][ T7404] BTRFS info (device loop2): enabling ssd optimizations [ 168.779050][ T7404] BTRFS info (device loop2): rebuilding free space tree [ 168.905882][ T27] audit: type=1800 audit(1740005878.238:50): pid=7404 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1001" name="bus" dev="loop2" ino=264 res=0 errno=0 [ 168.994744][ T27] audit: type=1800 audit(1740005878.258:51): pid=7404 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1001" name="bus" dev="loop2" ino=264 res=0 errno=0 [ 169.061259][ T7444] loop0: detected capacity change from 0 to 4096 [ 169.104216][ T7448] BTRFS info (device loop2): balance: start -d -m [ 169.117704][ T27] audit: type=1800 audit(1740005878.378:52): pid=7448 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1001" name="bus" dev="loop2" ino=264 res=0 errno=0 [ 169.118711][ T7449] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 169.148789][ T7448] BTRFS info (device loop2): relocating block group 8519680 flags data|metadata [ 169.305043][ T4315] BTRFS info (device loop2): qgroup scan completed (inconsistency flag cleared) [ 169.330926][ T7448] BTRFS info (device loop2): 2 enospc errors during balance [ 169.363293][ T7448] BTRFS info (device loop2): balance: ended with status: -28 [ 170.279247][ T4246] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 170.314557][ T7473] device ipip0 entered promiscuous mode [ 170.557710][ T7476] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1016'. [ 170.740310][ T7380] Set syz1 is full, maxelem 65536 reached [ 170.873515][ T7463] loop4: detected capacity change from 0 to 32768 [ 171.035661][ T7463] XFS (loop4): Mounting V5 Filesystem [ 171.063523][ T7493] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1022'. [ 171.260861][ T7499] loop2: detected capacity change from 0 to 4096 [ 171.267204][ T7463] XFS (loop4): Ending clean mount [ 171.327822][ T7463] XFS (loop4): Quotacheck needed: Please wait. [ 171.377731][ T7501] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 171.414003][ T7463] XFS (loop4): Quotacheck: Done. [ 171.587135][ T4253] XFS (loop4): Unmounting Filesystem [ 172.256653][ T7518] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1030'. [ 172.354345][ T7522] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 172.423512][ T7522] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1032'. [ 172.535606][ T4315] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 172.572696][ T4315] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 172.843354][ T7539] loop3: detected capacity change from 0 to 4096 [ 172.916745][ T7546] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 173.207195][ T7556] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1046'. [ 173.358596][ T7559] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1044'. [ 173.496850][ T7530] loop2: detected capacity change from 0 to 32768 [ 173.587906][ T7571] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 173.604272][ T7530] XFS (loop2): Mounting V5 Filesystem [ 173.649110][ T7530] XFS (loop2): Ending clean mount [ 173.657218][ T7575] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1050'. [ 173.755075][ T7530] XFS (loop2): Quotacheck needed: Please wait. [ 173.800110][ T4300] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 173.811512][ T4300] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 173.910086][ T7530] XFS (loop2): Quotacheck: Done. [ 174.073945][ T4246] XFS (loop2): Unmounting Filesystem [ 174.444342][ T7595] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1060'. [ 174.464201][ T7595] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1060'. [ 174.538059][ T7598] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1059'. [ 174.842867][ T7605] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 174.861230][ T7605] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1064'. [ 175.051775][ T4335] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 175.097887][ T4335] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 175.478940][ T7628] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1074'. [ 175.662350][ T7636] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 175.696326][ T7636] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1078'. [ 175.931631][ T7647] device ipip0 entered promiscuous mode [ 176.250171][ T7660] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1089'. [ 176.455189][ T7668] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 176.508410][ T7667] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 176.559135][ T7667] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1092'. [ 177.031951][ T7695] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1105'. [ 177.072786][ T14] usb 4-1: new full-speed USB device number 14 using dummy_hcd [ 177.333822][ T14] usb 4-1: config 0 has an invalid interface number: 94 but max is 0 [ 177.341959][ T14] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 177.353200][ T14] usb 4-1: config 0 has no interface number 0 [ 177.361681][ T14] usb 4-1: New USB device found, idVendor=1546, idProduct=1342, bcdDevice=10.b0 [ 177.396954][ T7673] loop4: detected capacity change from 0 to 32768 [ 177.401785][ T14] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 177.437192][ T14] usb 4-1: Product: syz [ 177.441417][ T14] usb 4-1: Manufacturer: syz [ 177.455406][ T14] usb 4-1: SerialNumber: syz [ 177.464016][ T14] usb 4-1: config 0 descriptor?? [ 177.483981][ T14] option 4-1:0.94: GSM modem (1-port) converter detected [ 177.544729][ T7673] XFS (loop4): Mounting V5 Filesystem [ 177.585595][ T7714] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 177.751942][ T7686] loop3: detected capacity change from 0 to 2048 [ 177.778182][ T7673] XFS (loop4): Ending clean mount [ 177.789777][ T7673] XFS (loop4): Quotacheck needed: Please wait. [ 177.815694][ T5298] usb 4-1: USB disconnect, device number 14 [ 177.832430][ T5298] option 4-1:0.94: device disconnected [ 177.885345][ T7673] XFS (loop4): Quotacheck: Done. [ 178.173858][ T4253] XFS (loop4): Unmounting Filesystem [ 179.186900][ T7756] __nla_validate_parse: 2 callbacks suppressed [ 179.186917][ T7756] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1130'. [ 179.717905][ T7757] loop1: detected capacity change from 0 to 32768 [ 179.877866][ T7757] XFS (loop1): Mounting V5 Filesystem [ 180.045943][ T7757] XFS (loop1): Ending clean mount [ 180.065659][ T7757] XFS (loop1): Quotacheck needed: Please wait. [ 180.136444][ T7757] XFS (loop1): Quotacheck: Done. [ 180.526665][ T4252] XFS (loop1): Unmounting Filesystem [ 180.686896][ T7799] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1142'. [ 181.111249][ T7811] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1141'. [ 181.137525][ T7814] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1145'. [ 181.186036][ T7690] Set syz1 is full, maxelem 65536 reached [ 181.692134][ T7830] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1153'. [ 181.711442][ T7830] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1153'. [ 183.986302][ T7840] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1155'. [ 184.064964][ T7857] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1161'. [ 184.341469][ T7867] wg1 speed is unknown, defaulting to 1000 [ 184.500532][ T7875] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 184.524182][ T7875] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1169'. [ 184.848487][ T7891] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1174'. [ 185.560866][ T7910] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 185.594762][ T7910] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1184'. [ 185.686321][ T7893] loop2: detected capacity change from 0 to 32768 [ 185.740309][ T7893] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.1176 (7893) [ 185.814628][ T7915] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1186'. [ 185.855171][ T7893] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 185.873279][ T7893] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 185.882053][ T7893] BTRFS info (device loop2): use no compression [ 185.903134][ T7915] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1186'. [ 185.953641][ T7893] BTRFS info (device loop2): turning on sync discard [ 185.964481][ T7893] BTRFS info (device loop2): force clearing of disk cache [ 185.995468][ T7893] BTRFS info (device loop2): enabling auto defrag [ 186.001954][ T7893] BTRFS info (device loop2): turning off discard [ 186.008662][ T4247] Bluetooth: hci1: command 0x0406 tx timeout [ 186.012785][ T4255] Bluetooth: hci3: command 0x0406 tx timeout [ 186.020743][ T4255] Bluetooth: hci0: command 0x0406 tx timeout [ 186.027223][ T4247] Bluetooth: hci2: command 0x0406 tx timeout [ 186.038842][ T7893] BTRFS info (device loop2): using free space tree [ 186.281506][ T7893] BTRFS info (device loop2): enabling ssd optimizations [ 186.296944][ T7893] BTRFS info (device loop2): rebuilding free space tree [ 186.394802][ T27] audit: type=1800 audit(1740005895.728:53): pid=7893 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1176" name="bus" dev="loop2" ino=264 res=0 errno=0 [ 186.395082][ T7919] device syzkaller1 entered promiscuous mode [ 186.462216][ T27] audit: type=1800 audit(1740005895.748:54): pid=7893 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1176" name="bus" dev="loop2" ino=264 res=0 errno=0 [ 186.528960][ T7946] BTRFS error (device loop2): balance: mixed groups data and metadata options must be the same [ 186.723781][ T4315] BTRFS info (device loop2): qgroup scan completed (inconsistency flag cleared) [ 186.977053][ T4246] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 187.007716][ T7952] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1193'. [ 187.417571][ T7960] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1195'. [ 187.627819][ T7964] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 187.685388][ T7964] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1197'. [ 187.779434][ T7966] wg1 speed is unknown, defaulting to 1000 [ 188.951780][ T7977] loop3: detected capacity change from 0 to 32768 [ 189.025972][ T7994] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1208'. [ 189.151948][ T7977] XFS (loop3): Mounting V5 Filesystem [ 189.314635][ T7977] XFS (loop3): Ending clean mount [ 189.321632][ T7977] XFS (loop3): Quotacheck needed: Please wait. [ 189.387213][ T7977] XFS (loop3): Quotacheck: Done. [ 189.405917][ T8009] loop2: detected capacity change from 0 to 128 [ 189.532398][ T8009] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 189.549569][ T8009] ext4 filesystem being mounted at /259/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 189.741993][ T4257] XFS (loop3): Unmounting Filesystem [ 189.887040][ T4246] EXT4-fs (loop2): unmounting filesystem. [ 190.070584][ T8018] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 190.200314][ T8020] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1214'. [ 190.502140][ T4446] usb 1-1: new full-speed USB device number 8 using dummy_hcd [ 190.697372][ T4446] usb 1-1: config 0 has an invalid interface number: 94 but max is 0 [ 190.708652][ T4446] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 190.729815][ T4446] usb 1-1: config 0 has no interface number 0 [ 190.751504][ T8032] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1219'. [ 190.763102][ T4446] usb 1-1: New USB device found, idVendor=1546, idProduct=1342, bcdDevice=10.b0 [ 190.793008][ T4446] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 190.813457][ T4446] usb 1-1: Product: syz [ 190.817709][ T4446] usb 1-1: Manufacturer: syz [ 190.833248][ T4446] usb 1-1: SerialNumber: syz [ 190.844254][ T4446] usb 1-1: config 0 descriptor?? [ 190.970604][ T4446] option 1-1:0.94: GSM modem (1-port) converter detected [ 191.183938][ T8023] loop0: detected capacity change from 0 to 2048 [ 191.261030][ T4446] usb 1-1: USB disconnect, device number 8 [ 191.278683][ T4446] option 1-1:0.94: device disconnected [ 191.367650][ T7908] Set syz1 is full, maxelem 65536 reached [ 192.017635][ T8025] loop4: detected capacity change from 0 to 32768 [ 192.070784][ T8049] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1226'. [ 192.147870][ T8045] loop2: detected capacity change from 0 to 32768 [ 192.219627][ T8045] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.1224 (8045) [ 192.285301][ T8045] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 192.310099][ T8060] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 192.354474][ T8045] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 192.356343][ T8025] XFS (loop4): Mounting V5 Filesystem [ 192.365543][ T8060] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1228'. [ 192.425289][ T8047] loop1: detected capacity change from 0 to 32768 [ 192.464198][ T8045] BTRFS info (device loop2): use no compression [ 192.470505][ T8045] BTRFS info (device loop2): turning on sync discard [ 192.508450][ T8045] BTRFS info (device loop2): force clearing of disk cache [ 192.545852][ T8045] BTRFS info (device loop2): enabling auto defrag [ 192.552334][ T8045] BTRFS info (device loop2): turning off discard [ 192.611064][ T8047] XFS (loop1): Mounting V5 Filesystem [ 192.633868][ T8045] BTRFS info (device loop2): using free space tree [ 192.634789][ T8025] XFS (loop4): Ending clean mount [ 192.668820][ T8076] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1231'. [ 192.692972][ T8025] XFS (loop4): Quotacheck needed: Please wait. [ 192.854142][ T8025] XFS (loop4): Quotacheck: Done. [ 192.868845][ T8047] XFS (loop1): Ending clean mount [ 192.913092][ T8047] XFS (loop1): Quotacheck needed: Please wait. [ 192.949926][ T8047] XFS (loop1): Quotacheck: Done. [ 192.962329][ T8045] BTRFS info (device loop2): enabling ssd optimizations [ 192.989406][ T8045] BTRFS info (device loop2): rebuilding free space tree [ 193.102429][ T8104] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1232'. [ 193.151433][ T27] audit: type=1800 audit(1740005902.478:55): pid=8045 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1224" name="bus" dev="loop2" ino=264 res=0 errno=0 [ 193.247159][ T4253] XFS (loop4): Unmounting Filesystem [ 193.290929][ T27] audit: type=1800 audit(1740005902.508:56): pid=8045 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1224" name="bus" dev="loop2" ino=264 res=0 errno=0 [ 193.494197][ T8045] BTRFS error (device loop2): balance: mixed groups data and metadata options must be the same [ 193.521173][ T4252] XFS (loop1): Unmounting Filesystem [ 193.540121][ T27] audit: type=1800 audit(1740005902.818:57): pid=8109 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1224" name="bus" dev="loop2" ino=264 res=0 errno=0 [ 193.758218][ T4294] usb 1-1: new full-speed USB device number 9 using dummy_hcd [ 193.910644][ T4315] BTRFS info (device loop2): qgroup scan completed (inconsistency flag cleared) [ 193.967735][ T4294] usb 1-1: config 0 has an invalid interface number: 94 but max is 0 [ 193.987720][ T4294] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 194.010849][ T4294] usb 1-1: config 0 has no interface number 0 [ 194.041968][ T4294] usb 1-1: New USB device found, idVendor=1546, idProduct=1342, bcdDevice=10.b0 [ 194.169418][ T1272] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.177346][ T1272] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.187274][ T4294] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 194.223230][ T4294] usb 1-1: Product: syz [ 194.229243][ T4294] usb 1-1: Manufacturer: syz [ 194.238765][ T4294] usb 1-1: SerialNumber: syz [ 194.265019][ T4294] usb 1-1: config 0 descriptor?? [ 194.281972][ T8118] binder: 8114:8118 ioctl 4018620d 0 returned -22 [ 194.292320][ T4294] option 1-1:0.94: GSM modem (1-port) converter detected [ 195.065417][ T8111] loop0: detected capacity change from 0 to 2048 [ 195.121120][ T4451] usb 1-1: USB disconnect, device number 9 [ 195.128417][ T4246] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 195.148173][ T4451] option 1-1:0.94: device disconnected [ 195.556622][ T8129] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 195.623798][ T8131] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1243'. [ 195.644695][ T8133] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1239'. [ 195.668307][ T8129] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1242'. [ 195.911263][ T8142] loop2: detected capacity change from 0 to 512 [ 195.934948][ T8142] EXT4-fs: Invalid commit interval -1, must be smaller than 21474836 [ 195.996351][ T8151] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1244'. [ 196.126721][ T8142] loop2: detected capacity change from 0 to 1024 [ 196.157449][ T8142] EXT4-fs: Ignoring removed nobh option [ 196.180797][ T8142] EXT4-fs: Ignoring removed bh option [ 196.199251][ T8142] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 196.324406][ T8142] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 196.497899][ T8142] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3841: comm syz.2.1247: Allocating blocks 497-513 which overlap fs metadata [ 196.543160][ T8142] EXT4-fs (loop2): pa ffff8880740cc540: logic 256, phys. 385, len 8 [ 196.551565][ T8142] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1 [ 196.591013][ T8139] loop0: detected capacity change from 0 to 32768 [ 196.659168][ T8139] XFS (loop0): Mounting V5 Filesystem [ 196.792100][ T8175] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1253'. [ 196.823597][ T4246] EXT4-fs (loop2): unmounting filesystem. [ 196.864053][ T8139] XFS (loop0): Ending clean mount [ 196.875906][ T8159] loop3: detected capacity change from 0 to 32768 [ 196.884049][ T8159] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.1250 (8159) [ 196.944986][ T8139] XFS (loop0): Quotacheck needed: Please wait. [ 196.948859][ T8159] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 196.992398][ T8159] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 197.042011][ T8159] BTRFS info (device loop3): use no compression [ 197.070613][ T8159] BTRFS info (device loop3): turning on sync discard [ 197.077187][ T8139] XFS (loop0): Quotacheck: Done. [ 197.098474][ T8159] BTRFS info (device loop3): force clearing of disk cache [ 197.144823][ T8185] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1256'. [ 197.168686][ T8159] BTRFS info (device loop3): enabling auto defrag [ 197.207677][ T8159] BTRFS info (device loop3): turning off discard [ 197.210937][ T4245] XFS (loop0): Unmounting Filesystem [ 197.237802][ T8187] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1254'. [ 197.261426][ T8159] BTRFS info (device loop3): using free space tree [ 197.353182][ T4451] usb 3-1: new full-speed USB device number 4 using dummy_hcd [ 197.946605][ T4451] usb 3-1: config 0 has an invalid interface number: 94 but max is 0 [ 198.334319][ T8159] BTRFS info (device loop3): enabling ssd optimizations [ 198.435155][ T4451] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 198.446628][ T4451] usb 3-1: config 0 has no interface number 0 [ 198.465291][ T4451] usb 3-1: New USB device found, idVendor=1546, idProduct=1342, bcdDevice=10.b0 [ 198.482769][ T4451] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 198.490807][ T4451] usb 3-1: Product: syz [ 198.493465][ T8159] BTRFS info (device loop3): rebuilding free space tree [ 198.495722][ T4451] usb 3-1: Manufacturer: syz [ 198.506831][ T4451] usb 3-1: SerialNumber: syz [ 198.516146][ T4451] usb 3-1: config 0 descriptor?? [ 198.524233][ T4451] option 3-1:0.94: GSM modem (1-port) converter detected [ 198.586897][ T27] audit: type=1800 audit(1740005907.918:58): pid=8159 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1250" name="bus" dev="loop3" ino=264 res=0 errno=0 [ 198.708075][ T27] audit: type=1800 audit(1740005907.938:59): pid=8159 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1250" name="bus" dev="loop3" ino=264 res=0 errno=0 [ 198.794805][ T27] audit: type=1800 audit(1740005908.038:60): pid=8159 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1250" name="bus" dev="loop3" ino=264 res=0 errno=0 [ 198.816777][ T8159] BTRFS info (device loop3): balance: start -d -m [ 198.817220][ T8222] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1260'. [ 198.875261][ T8183] loop2: detected capacity change from 0 to 2048 [ 198.973905][ T14] usb 3-1: USB disconnect, device number 4 [ 198.988767][ T14] option 3-1:0.94: device disconnected [ 199.046487][ T8159] BTRFS info (device loop3): relocating block group 6881280 flags data|metadata [ 199.111764][ T8226] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1257'. [ 199.515480][ T4335] BTRFS info (device loop3): qgroup scan completed (inconsistency flag cleared) [ 199.520253][ T8159] BTRFS info (device loop3): relocating block group 5242880 flags data|metadata [ 199.574207][ T8231] loop1: detected capacity change from 0 to 128 [ 199.696085][ T8231] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 199.783086][ T8231] ext4 filesystem being mounted at /266/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 199.904956][ T8242] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1266'. [ 200.023832][ T8159] BTRFS info (device loop3): found 19 extents, stage: move data extents [ 200.175647][ T4252] EXT4-fs (loop1): unmounting filesystem. [ 200.182001][ T8159] BTRFS info (device loop3): found 10 extents, stage: update data pointers [ 200.291127][ T8159] BTRFS info (device loop3): balance: ended with status: 0 [ 200.361642][ T8251] loop0: detected capacity change from 0 to 512 [ 200.396354][ T8251] EXT4-fs: Ignoring removed orlov option [ 200.421376][ T8251] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 200.464956][ T8251] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.1270: casefold flag without casefold feature [ 200.484909][ T8251] EXT4-fs (loop0): Remounting filesystem read-only [ 200.501860][ T8251] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.1270: couldn't read orphan inode 15 (err -117) [ 200.636537][ T8251] EXT4-fs (loop0): Remounting filesystem read-only [ 200.653939][ T8251] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 201.487157][ T8262] __nla_validate_parse: 1 callbacks suppressed [ 201.487175][ T8262] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1272'. [ 201.544131][ T4245] EXT4-fs (loop0): unmounting filesystem. [ 201.615318][ T4257] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 201.664503][ T8245] loop2: detected capacity change from 0 to 32768 [ 201.877858][ T8265] loop1: detected capacity change from 0 to 256 [ 202.011073][ T8284] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1274'. [ 202.192333][ T27] audit: type=1326 audit(1740005911.488:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8280 comm="syz.4.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f613dd8cde9 code=0x7ffc0000 [ 202.417365][ T8245] XFS (loop2): Mounting V5 Filesystem [ 202.936930][ T4239] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 203.007559][ T27] audit: type=1326 audit(1740005911.488:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8280 comm="syz.4.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f613dd8cde9 code=0x7ffc0000 [ 203.085456][ T8245] XFS (loop2): Ending clean mount [ 203.106941][ T8245] XFS (loop2): Quotacheck needed: Please wait. [ 203.190693][ T8245] XFS (loop2): Quotacheck: Done. [ 203.243059][ T27] audit: type=1326 audit(1740005911.498:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8280 comm="syz.4.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f613dd8cde9 code=0x7ffc0000 [ 203.269999][ T4246] XFS (loop2): Unmounting Filesystem [ 203.382979][ T27] audit: type=1326 audit(1740005911.498:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8280 comm="syz.4.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f613dd8cde9 code=0x7ffc0000 [ 203.506363][ T27] audit: type=1326 audit(1740005911.498:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8280 comm="syz.4.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f613dd8cde9 code=0x7ffc0000 [ 203.643145][ T27] audit: type=1326 audit(1740005911.498:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8280 comm="syz.4.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f613dd8cde9 code=0x7ffc0000 [ 203.703028][ T27] audit: type=1326 audit(1740005911.508:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8280 comm="syz.4.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f613dd8cde9 code=0x7ffc0000 [ 203.770924][ T8295] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1280'. [ 203.832119][ T27] audit: type=1326 audit(1740005911.508:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8280 comm="syz.4.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f613dd8cde9 code=0x7ffc0000 [ 203.928107][ T27] audit: type=1326 audit(1740005911.518:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8280 comm="syz.4.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=209 compat=0 ip=0x7f613dd8cde9 code=0x7ffc0000 [ 204.053234][ T27] audit: type=1326 audit(1740005911.518:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8280 comm="syz.4.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f613dd8cde9 code=0x7ffc0000 [ 204.120317][ T8300] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1278'. [ 204.160163][ T27] audit: type=1326 audit(1740005911.518:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8280 comm="syz.4.1276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f613dd8cde9 code=0x7ffc0000 [ 204.167186][ T8302] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 204.996001][ T8318] capability: warning: `syz.2.1285' uses deprecated v2 capabilities in a way that may be insecure [ 205.831438][ T8315] loop3: detected capacity change from 0 to 512 [ 205.946509][ T8315] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 205.990325][ T8315] ext4 filesystem being mounted at /196/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 206.170175][ T4257] EXT4-fs (loop3): unmounting filesystem. [ 206.308219][ T8331] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1292'. [ 206.498257][ T8312] loop1: detected capacity change from 0 to 32768 [ 206.549377][ T8312] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.1286 (8312) [ 206.604965][ T8312] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 206.606960][ T8337] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1295'. [ 206.632641][ T8312] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 206.672058][ T8312] BTRFS info (device loop1): use no compression [ 206.713458][ T8312] BTRFS info (device loop1): turning on sync discard [ 206.720862][ T8312] BTRFS info (device loop1): force clearing of disk cache [ 206.751270][ T8312] BTRFS info (device loop1): enabling auto defrag [ 206.773548][ T8312] BTRFS info (device loop1): turning off discard [ 206.779939][ T8312] BTRFS info (device loop1): using free space tree [ 208.190185][ T8365] loop0: detected capacity change from 0 to 1024 [ 208.221536][ T8365] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 208.239476][ T8312] BTRFS error (device loop1): open_ctree failed [ 209.175722][ T8373] loop4: detected capacity change from 0 to 1024 [ 210.291788][ T8373] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 210.805708][ T4253] EXT4-fs (loop4): unmounting filesystem. [ 211.044237][ T8401] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1307'. [ 211.070631][ T8403] loop2: detected capacity change from 0 to 512 [ 211.100478][ T8403] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 211.163683][ T8403] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 211.185113][ T8403] EXT4-fs (loop2): orphan cleanup on readonly fs [ 211.199915][ T8403] EXT4-fs (loop2): 1 truncate cleaned up [ 211.206175][ T8403] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 211.263568][ T4246] EXT4-fs (loop2): unmounting filesystem. [ 211.432669][ T14] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 211.595588][ T8412] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 211.772891][ T14] usb 5-1: Using ep0 maxpacket: 16 [ 212.380585][ T14] usb 5-1: config 0 has an invalid interface number: 251 but max is 0 [ 212.458754][ T14] usb 5-1: config 0 has no interface number 0 [ 212.485742][ T14] usb 5-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 212.564914][ T14] usb 5-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 212.591121][ T14] usb 5-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 212.610611][ T14] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 212.632792][ T14] usb 5-1: Product: syz [ 212.639201][ T14] usb 5-1: Manufacturer: syz [ 212.645148][ T14] usb 5-1: SerialNumber: syz [ 212.661667][ T14] usb 5-1: config 0 descriptor?? [ 212.680569][ T8405] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 212.689167][ T8405] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 212.754462][ T8408] loop1: detected capacity change from 0 to 32768 [ 212.794022][ T8408] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.1311 (8408) [ 212.874805][ T8422] Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 212.878136][ T8408] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 212.943935][ T8405] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 212.961394][ T8408] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 212.981726][ T8405] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 213.018526][ T8408] BTRFS info (device loop1): use no compression [ 213.045654][ T8408] BTRFS info (device loop1): turning on sync discard [ 213.059738][ T8408] BTRFS info (device loop1): force clearing of disk cache [ 213.083485][ T8408] BTRFS info (device loop1): enabling auto defrag [ 213.090077][ T8408] BTRFS info (device loop1): turning off discard [ 213.111618][ T8408] BTRFS info (device loop1): using free space tree [ 213.301020][ T8408] BTRFS info (device loop1): enabling ssd optimizations [ 213.315956][ T8408] BTRFS info (device loop1): rebuilding free space tree [ 213.384136][ T27] audit: type=1800 audit(1740005922.718:72): pid=8408 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1311" name="bus" dev="loop1" ino=264 res=0 errno=0 [ 213.450834][ T27] audit: type=1800 audit(1740005922.748:73): pid=8408 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1311" name="bus" dev="loop1" ino=264 res=0 errno=0 [ 213.560966][ T27] audit: type=1800 audit(1740005922.888:74): pid=8408 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1311" name="bus" dev="loop1" ino=264 res=0 errno=0 [ 213.620947][ T8408] BTRFS info (device loop1): balance: start -d -m [ 213.717632][ T8459] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1320'. [ 213.742167][ T14] asix 5-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 213.773303][ T14] asix 5-1:0.251 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 213.847720][ T14] asix: probe of 5-1:0.251 failed with error -71 [ 213.848212][ T8408] BTRFS info (device loop1): relocating block group 6881280 flags data|metadata [ 213.903112][ T14] usb 5-1: USB disconnect, device number 9 [ 213.958413][ T8462] loop2: detected capacity change from 0 to 1024 [ 214.064269][ T8466] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1322'. [ 214.138052][ T27] audit: type=1800 audit(1740005923.468:75): pid=8462 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1321" name="bus" dev="loop2" ino=26 res=0 errno=0 [ 214.227890][ T8213] BTRFS info (device loop1): qgroup scan completed (inconsistency flag cleared) [ 214.247711][ T8408] BTRFS info (device loop1): relocating block group 5242880 flags data|metadata [ 214.370892][ T8213] hfsplus: b-tree write err: -5, ino 4 [ 214.402668][ T4453] usb 1-1: new full-speed USB device number 10 using dummy_hcd [ 214.524094][ T8408] BTRFS info (device loop1): found 18 extents, stage: move data extents [ 214.609127][ T8408] BTRFS info (device loop1): found 9 extents, stage: update data pointers [ 214.671602][ T8408] BTRFS info (device loop1): balance: ended with status: 0 [ 214.755808][ T4453] usb 1-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 214.766355][ T4453] usb 1-1: config 0 interface 0 has no altsetting 0 [ 214.775275][ T4453] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 214.785372][ T4453] usb 1-1: New USB device strings: Mfr=23, Product=2, SerialNumber=3 [ 214.797887][ T4453] usb 1-1: Product: syz [ 214.806646][ T4453] usb 1-1: Manufacturer: syz [ 214.816080][ T4453] usb 1-1: SerialNumber: syz [ 216.844360][ T4453] usb 1-1: config 0 descriptor?? [ 216.958333][ T4453] usb 1-1: selecting invalid altsetting 0 [ 216.980297][ T4252] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 217.099630][ T8494] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1332'. [ 217.222248][ T4453] usb 1-1: USB disconnect, device number 10 [ 217.412215][ T4255] Bluetooth: hci4: link tx timeout [ 217.418009][ T4255] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 217.439566][ T8503] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1334'. [ 218.755590][ T6255] udevd[6255]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 219.224311][ T8520] loop4: detected capacity change from 0 to 1024 [ 219.246192][ T8520] EXT4-fs: Ignoring removed nomblk_io_submit option [ 219.272729][ T8527] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1340'. [ 219.273161][ T8520] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 219.374136][ T8520] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 219.402197][ T8520] EXT4-fs (loop4): Test dummy encryption mode enabled [ 219.435090][ T8520] EXT4-fs (loop4): Cannot use DAX on a filesystem that may contain inline data [ 219.445094][ T4255] Bluetooth: hci4: command 0x0406 tx timeout [ 220.604170][ T8523] loop3: detected capacity change from 0 to 32768 [ 220.648490][ T8523] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.1342 (8523) [ 221.417340][ T8523] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 221.483169][ T8523] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 221.485429][ T8549] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1348'. [ 221.492033][ T8523] BTRFS info (device loop3): use no compression [ 221.508103][ T4255] Bluetooth: hci4: link tx timeout [ 221.513293][ T4255] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 221.513900][ T8523] BTRFS info (device loop3): turning on sync discard [ 221.540938][ T4255] Bluetooth: hci4: link tx timeout [ 221.546453][ T4255] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 221.555404][ T8523] BTRFS info (device loop3): force clearing of disk cache [ 221.563324][ T8523] BTRFS info (device loop3): enabling auto defrag [ 221.570605][ T8523] BTRFS info (device loop3): turning off discard [ 221.577356][ T8523] BTRFS info (device loop3): using free space tree [ 222.713793][ T8553] loop1: detected capacity change from 0 to 128 [ 222.931300][ T8523] BTRFS error (device loop3): open_ctree failed [ 222.938484][ T8578] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1354'. [ 223.271147][ T8585] loop2: detected capacity change from 0 to 8 [ 224.954645][ T8599] device bond2 entered promiscuous mode [ 225.025271][ T8599] 8021q: adding VLAN 0 to HW filter on device bond2 [ 225.136871][ T4255] Bluetooth: hci4: link tx timeout [ 225.142079][ T4255] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 227.058717][ T8628] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1368'. [ 227.396498][ T8632] wg1 speed is unknown, defaulting to 1000 [ 229.256430][ T8645] I/O error, dev loop4, sector 2 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 1 [ 229.267422][ T8645] hfsplus: unable to find HFS+ superblock [ 229.778834][ T8653] device bond2 entered promiscuous mode [ 229.804770][ T8653] 8021q: adding VLAN 0 to HW filter on device bond2 [ 231.908074][ T8687] device bond3 entered promiscuous mode [ 231.975330][ T8692] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 231.994738][ T8687] 8021q: adding VLAN 0 to HW filter on device bond3 [ 232.072049][ T8701] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1387'. [ 232.304935][ T8692] loop4: detected capacity change from 0 to 2048 [ 232.372678][ T8692] loop4: p1 < > p3 p4 < > [ 232.409882][ T8692] loop4: p3 start 4284289 is beyond EOD, truncated [ 232.844964][ T8697] loop2: detected capacity change from 0 to 32768 [ 232.963311][ T8697] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.1390 (8697) [ 233.050622][ T8697] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 233.089705][ T8697] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 233.147855][ T8697] BTRFS info (device loop2): use no compression [ 233.276265][ T8697] BTRFS info (device loop2): turning on sync discard [ 233.453717][ T8697] BTRFS info (device loop2): force clearing of disk cache [ 234.123067][ T8697] BTRFS info (device loop2): enabling auto defrag [ 234.172668][ T8697] BTRFS info (device loop2): turning off discard [ 234.179064][ T8697] BTRFS info (device loop2): using free space tree [ 234.590274][ T8744] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1400'. [ 234.660576][ T8697] BTRFS info (device loop2): enabling ssd optimizations [ 234.679478][ T8697] BTRFS info (device loop2): rebuilding free space tree [ 234.741011][ T8748] device bond2 entered promiscuous mode [ 234.781615][ T8748] 8021q: adding VLAN 0 to HW filter on device bond2 [ 234.815391][ T27] audit: type=1800 audit(1740005944.148:76): pid=8697 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1390" name="bus" dev="loop2" ino=264 res=0 errno=0 [ 234.898907][ T27] audit: type=1800 audit(1740005944.168:77): pid=8697 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1390" name="bus" dev="loop2" ino=264 res=0 errno=0 [ 235.031626][ T27] audit: type=1800 audit(1740005944.318:78): pid=8697 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1390" name="bus" dev="loop2" ino=264 res=0 errno=0 [ 235.341756][ T8387] BTRFS info (device loop2): qgroup scan completed (inconsistency flag cleared) [ 235.357526][ T8723] loop4: detected capacity change from 0 to 32768 [ 235.466187][ T8723] XFS (loop4): Mounting V5 Filesystem [ 235.488809][ T8772] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1405'. [ 235.623778][ T8723] XFS (loop4): Ending clean mount [ 235.654498][ T8723] XFS (loop4): Quotacheck needed: Please wait. [ 235.716819][ T8723] XFS (loop4): Quotacheck: Done. [ 236.131931][ T4253] XFS (loop4): Unmounting Filesystem [ 236.177323][ T4246] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 236.537071][ T8794] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1413'. [ 238.415328][ T8805] device bond4 entered promiscuous mode [ 238.421166][ T8805] 8021q: adding VLAN 0 to HW filter on device bond4 [ 238.846179][ T8820] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1419'. [ 240.482113][ T8826] loop4: detected capacity change from 0 to 32768 [ 240.631995][ T8826] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.1421 (8826) [ 240.705931][ T8826] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 240.727129][ T8826] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 240.744614][ T8826] BTRFS info (device loop4): use no compression [ 240.753456][ T8826] BTRFS info (device loop4): turning on sync discard [ 240.760190][ T8826] BTRFS info (device loop4): force clearing of disk cache [ 240.792104][ T8847] device bond6 entered promiscuous mode [ 240.832725][ T8826] BTRFS info (device loop4): enabling auto defrag [ 240.839198][ T8826] BTRFS info (device loop4): turning off discard [ 240.846381][ T8847] 8021q: adding VLAN 0 to HW filter on device bond6 [ 240.868873][ T8826] BTRFS info (device loop4): using free space tree [ 241.547189][ T8826] BTRFS info (device loop4): enabling ssd optimizations [ 241.611728][ T8869] loop2: detected capacity change from 0 to 512 [ 241.619606][ T8826] BTRFS info (device loop4): rebuilding free space tree [ 241.693547][ T8869] EXT4-fs: Invalid commit interval -1, must be smaller than 21474836 [ 241.817487][ T27] audit: type=1800 audit(1740005951.148:79): pid=8826 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1421" name="bus" dev="loop4" ino=264 res=0 errno=0 [ 241.903795][ T27] audit: type=1800 audit(1740005951.178:80): pid=8826 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1421" name="bus" dev="loop4" ino=264 res=0 errno=0 [ 241.960536][ T8869] loop2: detected capacity change from 0 to 1024 [ 242.023294][ T8869] EXT4-fs: Ignoring removed nobh option [ 242.064461][ T8869] EXT4-fs: Ignoring removed bh option [ 242.070546][ T27] audit: type=1800 audit(1740005951.398:81): pid=8882 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1421" name="bus" dev="loop4" ino=264 res=0 errno=0 [ 242.091278][ T8869] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 242.107373][ T8885] BTRFS error (device loop4): balance: mixed groups data and metadata options must be the same [ 242.139450][ T8869] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 242.271332][ T8869] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3841: comm syz.2.1431: Allocating blocks 497-513 which overlap fs metadata [ 242.341362][ T8869] EXT4-fs (loop2): pa ffff888074365b60: logic 256, phys. 385, len 8 [ 242.349531][ T8869] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1 [ 242.438653][ T8877] EXT4-fs error (device loop2): mb_free_blocks:1815: group 0, inode 15: block 129:freeing already freed block (bit 8); block bitmap corrupt. [ 242.439600][ T4315] BTRFS info (device loop4): qgroup scan completed (inconsistency flag cleared) [ 242.630235][ T8898] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1436'. [ 242.707859][ T4246] EXT4-fs (loop2): unmounting filesystem. [ 243.015543][ T8908] netlink: 'syz.2.1441': attribute type 1 has an invalid length. [ 243.054896][ T4253] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 243.104636][ T8908] device bond7 entered promiscuous mode [ 243.139238][ T8908] 8021q: adding VLAN 0 to HW filter on device bond7 [ 245.899803][ T8938] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1448'. [ 245.964628][ T8938] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1448'. [ 246.168445][ T8939] loop3: detected capacity change from 0 to 512 [ 246.260328][ T8939] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 246.269971][ T8939] ext4 filesystem being mounted at /228/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 246.762249][ T8951] loop4: detected capacity change from 0 to 512 [ 246.808422][ T8951] EXT4-fs: Invalid commit interval -1, must be smaller than 21474836 [ 246.826639][ T8953] netlink: 'syz.2.1449': attribute type 5 has an invalid length. [ 246.861556][ T8953] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1449'. [ 246.934266][ T8951] loop4: detected capacity change from 0 to 1024 [ 246.966072][ T8951] EXT4-fs: Ignoring removed nobh option [ 246.971687][ T8951] EXT4-fs: Ignoring removed bh option [ 247.031078][ T8951] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 247.032881][ T4257] EXT4-fs (loop3): unmounting filesystem. [ 247.127759][ T8957] netlink: 'syz.2.1455': attribute type 1 has an invalid length. [ 247.136321][ T8951] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 247.176581][ T4255] Bluetooth: hci4: link tx timeout [ 247.181798][ T4255] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 248.384717][ T8957] device bond8 entered promiscuous mode [ 248.390653][ T8957] 8021q: adding VLAN 0 to HW filter on device bond8 [ 248.681745][ T8951] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3841: comm syz.4.1452: Allocating blocks 497-513 which overlap fs metadata [ 249.392983][ T8976] I/O error, dev loop1, sector 2 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 1 [ 249.402325][ T8976] hfsplus: unable to find HFS+ superblock [ 250.144228][ T8951] EXT4-fs (loop4): pa ffff888074365e00: logic 256, phys. 385, len 8 [ 250.152341][ T8951] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1 [ 251.090163][ T8967] EXT4-fs error (device loop4): mb_free_blocks:1815: group 0, inode 15: block 129:freeing already freed block (bit 8); block bitmap corrupt. [ 251.490979][ T8998] netlink: 'syz.3.1462': attribute type 3 has an invalid length. [ 251.569217][ T4253] EXT4-fs (loop4): unmounting filesystem. [ 251.696791][ T9002] netlink: 'syz.3.1465': attribute type 5 has an invalid length. [ 251.720020][ T9002] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1465'. [ 251.916215][ T9008] loop4: detected capacity change from 0 to 1024 [ 252.019068][ T9012] loop0: detected capacity change from 0 to 512 [ 252.047267][ T9011] netlink: 'syz.3.1469': attribute type 1 has an invalid length. [ 252.325108][ T9011] device bond1 entered promiscuous mode [ 252.401567][ T9011] 8021q: adding VLAN 0 to HW filter on device bond1 [ 252.713610][ T9012] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 252.738724][ T9012] ext4 filesystem being mounted at /301/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 253.722756][ T952] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 253.912747][ T952] usb 3-1: Using ep0 maxpacket: 16 [ 253.919751][ T952] usb 3-1: config 0 has an invalid interface number: 251 but max is 0 [ 253.972619][ T952] usb 3-1: config 0 has no interface number 0 [ 254.009940][ T952] usb 3-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 254.027837][ T952] usb 3-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 254.050756][ T952] usb 3-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 254.071343][ T952] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 254.080813][ T952] usb 3-1: Product: syz [ 254.086795][ T952] usb 3-1: Manufacturer: syz [ 254.101728][ T952] usb 3-1: SerialNumber: syz [ 254.116649][ T952] usb 3-1: config 0 descriptor?? [ 254.123367][ T9020] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 254.131284][ T9020] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 254.254506][ T4245] EXT4-fs (loop0): unmounting filesystem. [ 254.415080][ T9020] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 254.456976][ T9020] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 255.657047][ T1272] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.663480][ T1272] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.889549][ T9042] loop1: detected capacity change from 0 to 512 [ 255.933719][ T9042] EXT4-fs: Invalid commit interval -1, must be smaller than 21474836 [ 255.969471][ T952] asix 3-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 256.001205][ T952] asix 3-1:0.251 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 256.032698][ T952] asix: probe of 3-1:0.251 failed with error -71 [ 256.073261][ T952] usb 3-1: USB disconnect, device number 5 [ 256.265878][ T9042] loop1: detected capacity change from 0 to 1024 [ 256.699560][ T9042] EXT4-fs: Ignoring removed nobh option [ 257.062687][ T9042] EXT4-fs: Ignoring removed bh option [ 257.146863][ T9042] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 257.293467][ T9042] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 257.312944][ T9058] wg1 speed is unknown, defaulting to 1000 [ 257.670996][ T9042] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3841: comm syz.1.1475: Allocating blocks 497-513 which overlap fs metadata [ 258.460078][ T9042] EXT4-fs (loop1): pa ffff8880183d6380: logic 256, phys. 385, len 8 [ 258.468268][ T9042] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1 [ 258.584650][ T9048] EXT4-fs error (device loop1): mb_free_blocks:1815: group 0, inode 15: block 129:freeing already freed block (bit 8); block bitmap corrupt. [ 258.615859][ T9070] Bluetooth: MGMT ver 1.22 [ 258.657521][ T9072] loop0: detected capacity change from 0 to 1024 [ 258.692991][ T9072] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 258.735199][ T9072] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 259.872122][ T9072] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #11: comm syz.0.1483: missing EA_INODE flag [ 259.890350][ T9072] EXT4-fs (loop0): Remounting filesystem read-only [ 259.952163][ T9072] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.1483: error while reading EA inode 11 err=-117 [ 260.009061][ T9072] EXT4-fs (loop0): Remounting filesystem read-only [ 260.022734][ T9072] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2809: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 260.219633][ T4245] EXT4-fs (loop0): unmounting filesystem. [ 260.259640][ T4252] EXT4-fs (loop1): unmounting filesystem. [ 262.489073][ T27] audit: type=1326 audit(1740005971.818:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9094 comm="syz.4.1491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f613dd8cde9 code=0x7fc00000 [ 262.607453][ T27] audit: type=1326 audit(1740005971.848:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9094 comm="syz.4.1491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f613dd8cde9 code=0x7fc00000 [ 262.758689][ T27] audit: type=1326 audit(1740005971.848:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9094 comm="syz.4.1491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f613dd8cde9 code=0x7fc00000 [ 263.727506][ T4255] Bluetooth: hci4: link tx timeout [ 263.732781][ T4255] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa [ 263.741755][ T4255] Bluetooth: hci4: link tx timeout [ 263.747050][ T4255] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 265.470752][ T9125] loop1: detected capacity change from 0 to 128 [ 265.496748][ T9108] loop3: detected capacity change from 0 to 32768 [ 265.528694][ T9108] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.1495 (9108) [ 265.553647][ T9125] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 265.645821][ T9129] wg1 speed is unknown, defaulting to 1000 [ 265.660381][ T9108] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 265.671654][ T9125] ext4 filesystem being mounted at /313/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 265.694740][ T9108] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 265.759576][ T9108] BTRFS info (device loop3): use no compression [ 265.766240][ T4255] Bluetooth: hci4: command 0x0406 tx timeout [ 265.778032][ T9108] BTRFS info (device loop3): turning on sync discard [ 265.792647][ T9108] BTRFS info (device loop3): force clearing of disk cache [ 265.799883][ T9108] BTRFS info (device loop3): enabling auto defrag [ 265.863288][ T9108] BTRFS info (device loop3): turning off discard [ 265.869719][ T9108] BTRFS info (device loop3): using free space tree [ 266.012149][ T9125] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1500'. [ 266.029311][ T9125] syz.1.1500 (pid 9125) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 266.261841][ T9125] fscrypt (loop1, inode 12): Missing crypto API support for Adiantum (API name: "adiantum(xchacha12,aes)") [ 266.464309][ T9108] BTRFS info (device loop3): enabling ssd optimizations [ 266.466325][ T4252] EXT4-fs (loop1): unmounting filesystem. [ 266.482226][ T9108] BTRFS info (device loop3): rebuilding free space tree [ 266.615811][ T9158] loop4: detected capacity change from 0 to 16 [ 266.637226][ T4257] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 266.667136][ T9158] erofs: (device loop4): mounted with root inode @ nid 36. [ 266.712175][ T9158] erofs: (device loop4): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 266.761194][ T9158] erofs: (device loop4): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0 [ 266.790082][ T9158] erofs: (device loop4): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 266.825050][ T9158] erofs: (device loop4): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0 [ 266.878927][ T9158] erofs: (device loop4): z_erofs_read_folio: failed to read, err [-117] [ 266.964121][ T9161] netlink: 'syz.1.1502': attribute type 1 has an invalid length. [ 267.211065][ T9161] device bond3 entered promiscuous mode [ 267.217915][ T9161] 8021q: adding VLAN 0 to HW filter on device bond3 [ 267.249268][ T9164] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1505'. [ 267.511369][ T9175] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1508'. [ 267.527167][ T9176] loop0: detected capacity change from 0 to 512 [ 267.680956][ T9176] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 267.703091][ T9176] ext4 filesystem being mounted at /312/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 267.972797][ T4451] usb 5-1: new full-speed USB device number 10 using dummy_hcd [ 268.070569][ T9186] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1509'. [ 268.201280][ T4451] usb 5-1: config 0 has an invalid interface number: 94 but max is 0 [ 268.333452][ T4451] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 268.382288][ T4451] usb 5-1: config 0 has no interface number 0 [ 268.432468][ T4451] usb 5-1: New USB device found, idVendor=1546, idProduct=1342, bcdDevice=10.b0 [ 268.459833][ T4451] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 268.491989][ T9196] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1513'. [ 268.544329][ T4451] usb 5-1: Product: syz [ 268.548619][ T4451] usb 5-1: Manufacturer: syz [ 268.660312][ T4451] usb 5-1: SerialNumber: syz [ 268.681885][ T4451] usb 5-1: config 0 descriptor?? [ 268.738759][ T4451] hub 5-1:0.94: bad descriptor, ignoring hub [ 268.772353][ T4451] hub: probe of 5-1:0.94 failed with error -5 [ 268.784533][ T4245] EXT4-fs (loop0): unmounting filesystem. [ 268.787356][ T4451] option 5-1:0.94: GSM modem (1-port) converter detected [ 268.983890][ T9187] loop4: detected capacity change from 0 to 2048 [ 269.123134][ T4289] usb 5-1: USB disconnect, device number 10 [ 269.141896][ T4289] option 5-1:0.94: device disconnected [ 270.830797][ T9211] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1518'. [ 271.050204][ T9217] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1521'. [ 271.111233][ T9219] wg1 speed is unknown, defaulting to 1000 [ 271.246779][ T9205] loop0: detected capacity change from 0 to 32768 [ 271.272954][ T9222] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1523'. [ 271.287671][ T9205] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.1515 (9205) [ 271.337678][ T9205] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 271.372833][ T9205] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 271.381654][ T9205] BTRFS info (device loop0): use no compression [ 271.392665][ T9205] BTRFS info (device loop0): turning on sync discard [ 271.399389][ T9205] BTRFS info (device loop0): force clearing of disk cache [ 271.432541][ T9205] BTRFS info (device loop0): enabling auto defrag [ 271.463792][ T9205] BTRFS info (device loop0): turning off discard [ 271.474215][ T9205] BTRFS info (device loop0): using free space tree [ 271.730860][ T9205] BTRFS info (device loop0): enabling ssd optimizations [ 271.748860][ T9205] BTRFS info (device loop0): rebuilding free space tree [ 271.808755][ T27] audit: type=1800 audit(1740005981.138:85): pid=9205 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1515" name="bus" dev="loop0" ino=264 res=0 errno=0 [ 271.854338][ T27] audit: type=1800 audit(1740005981.138:86): pid=9205 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1515" name="bus" dev="loop0" ino=264 res=0 errno=0 [ 271.883596][ T9252] BTRFS error (device loop0): balance: mixed groups data and metadata options must be the same [ 272.150674][ T8213] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared) [ 272.269907][ T9264] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1532'. [ 272.335469][ T4453] usb 3-1: new full-speed USB device number 6 using dummy_hcd [ 272.353243][ T5296] usb 2-1: new full-speed USB device number 9 using dummy_hcd [ 272.362141][ T9267] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1533'. [ 272.477420][ T9273] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1531'. [ 272.534287][ T4453] usb 3-1: config 0 has an invalid interface number: 94 but max is 0 [ 272.555585][ T5296] usb 2-1: config 0 has an invalid interface number: 94 but max is 0 [ 272.568736][ T4453] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 272.597833][ T5296] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 272.603288][ T4453] usb 3-1: config 0 has no interface number 0 [ 272.636508][ T5296] usb 2-1: config 0 has no interface number 0 [ 272.647424][ T5296] usb 2-1: New USB device found, idVendor=1546, idProduct=1342, bcdDevice=10.b0 [ 272.671033][ T5296] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 272.691963][ T5296] usb 2-1: Product: syz [ 272.710682][ T4453] usb 3-1: New USB device found, idVendor=1546, idProduct=1342, bcdDevice=10.b0 [ 272.735272][ T5296] usb 2-1: Manufacturer: syz [ 272.740136][ T5296] usb 2-1: SerialNumber: syz [ 272.756829][ T4453] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 272.757997][ T4245] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 272.793424][ T5296] usb 2-1: config 0 descriptor?? [ 272.799701][ T4453] usb 3-1: Product: syz [ 272.808121][ T5296] hub 2-1:0.94: bad descriptor, ignoring hub [ 272.814738][ T5296] hub: probe of 2-1:0.94 failed with error -5 [ 272.826487][ T5296] option 2-1:0.94: GSM modem (1-port) converter detected [ 272.872166][ T4453] usb 3-1: Manufacturer: syz [ 272.940211][ T4453] usb 3-1: SerialNumber: syz [ 273.006727][ T4453] usb 3-1: config 0 descriptor?? [ 273.084121][ T4453] hub 3-1:0.94: bad descriptor, ignoring hub [ 273.107508][ T4453] hub: probe of 3-1:0.94 failed with error -5 [ 273.113270][ T9258] loop1: detected capacity change from 0 to 2048 [ 273.123642][ T4453] option 3-1:0.94: GSM modem (1-port) converter detected [ 273.289347][ T5298] usb 2-1: USB disconnect, device number 9 [ 273.297204][ T5298] option 2-1:0.94: device disconnected [ 273.374693][ T9259] loop2: detected capacity change from 0 to 2048 [ 273.573443][ T4453] usb 3-1: USB disconnect, device number 6 [ 273.580348][ T4453] option 3-1:0.94: device disconnected [ 274.333090][ T5298] usb 4-1: new full-speed USB device number 15 using dummy_hcd [ 274.642713][ T5298] usb 4-1: not running at top speed; connect to a high speed hub [ 274.711334][ T5298] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 274.920366][ T5298] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 274.986344][ T9297] wg1 speed is unknown, defaulting to 1000 [ 275.010539][ T5298] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 2015, setting to 64 [ 275.064830][ T5298] usb 4-1: language id specifier not provided by device, defaulting to English [ 275.120342][ T5298] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 275.150907][ T5298] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 275.177053][ T9305] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1543'. [ 275.188406][ T5298] usb 4-1: Product: syz [ 275.196089][ T5298] usb 4-1: Manufacturer: syz [ 275.200784][ T5298] usb 4-1: SerialNumber: syz [ 275.227197][ T9287] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 275.404662][ T9309] loop0: detected capacity change from 0 to 256 [ 275.453197][ T9309] exfat: Unknown parameter 'ÿÿÿÿÿÿÿÿ1844674407370955161501777777777777777777777ÿ' [ 275.455609][ T5298] cdc_ncm 4-1:1.0: bind() failure [ 275.495620][ T5298] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found [ 275.545608][ T5298] cdc_ncm 4-1:1.1: bind() failure [ 275.585643][ T5298] usb 4-1: USB disconnect, device number 15 [ 281.240259][ T9348] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1558'. [ 281.252847][ T9348] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1558'. [ 282.097390][ T9360] wg1 speed is unknown, defaulting to 1000 [ 282.994072][ T9370] I/O error, dev loop0, sector 2 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 1 [ 283.004407][ T9370] hfsplus: unable to find HFS+ superblock [ 284.165265][ T9375] loop3: detected capacity change from 0 to 512 [ 284.377789][ T9375] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 284.411592][ T9375] ext4 filesystem being mounted at /244/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 284.721631][ T4257] EXT4-fs (loop3): unmounting filesystem. [ 284.882263][ T9388] loop3: detected capacity change from 0 to 256 [ 285.012647][ T9388] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 285.140340][ T9388] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 285.421673][ T9388] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 288.196160][ T9424] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1579'. [ 288.723148][ T9430] loop4: detected capacity change from 0 to 2048 [ 289.036543][ T9430] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 289.848700][ T4253] EXT4-fs (loop4): unmounting filesystem. [ 290.114289][ T9447] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1583'. [ 290.352846][ T9452] loop2: detected capacity change from 0 to 512 [ 290.359660][ T9452] EXT4-fs: Invalid commit interval -1, must be smaller than 21474836 [ 290.593020][ T9452] loop2: detected capacity change from 0 to 1024 [ 290.625457][ T9452] EXT4-fs: Ignoring removed nobh option [ 290.631071][ T9452] EXT4-fs: Ignoring removed bh option [ 290.669212][ T9452] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 291.268648][ T9452] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 291.551134][ T9478] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1591'. [ 291.672288][ T9452] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3841: comm syz.2.1586: Allocating blocks 497-513 which overlap fs metadata [ 291.734732][ T9452] EXT4-fs (loop2): pa ffff8880183d6540: logic 256, phys. 385, len 8 [ 291.743522][ T9452] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1 [ 292.817881][ T9500] loop4: detected capacity change from 0 to 512 [ 292.881371][ T4246] EXT4-fs (loop2): unmounting filesystem. [ 293.017305][ T9500] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 293.168013][ T9500] ext4 filesystem being mounted at /341/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 294.328061][ T9523] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1607'. [ 295.276265][ T9532] I/O error, dev loop1, sector 2 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 1 [ 295.286815][ T9532] hfsplus: unable to find HFS+ superblock [ 296.221294][ T9534] loop0: detected capacity change from 0 to 32768 [ 296.252261][ T9534] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.1610 (9534) [ 296.296508][ T9534] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 296.332123][ T9534] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 296.357199][ T9534] BTRFS info (device loop0): use no compression [ 296.382040][ T9534] BTRFS info (device loop0): turning on sync discard [ 296.400330][ T9534] BTRFS info (device loop0): force clearing of disk cache [ 296.428856][ T9534] BTRFS info (device loop0): enabling auto defrag [ 296.442389][ T9534] BTRFS info (device loop0): turning off discard [ 296.456732][ T9534] BTRFS info (device loop0): using free space tree [ 296.849908][ T4253] EXT4-fs (loop4): unmounting filesystem. [ 296.861271][ T9534] BTRFS info (device loop0): enabling ssd optimizations [ 296.893285][ T9534] BTRFS info (device loop0): rebuilding free space tree [ 297.017226][ T27] audit: type=1800 audit(1740006006.348:87): pid=9534 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1610" name="bus" dev="loop0" ino=264 res=0 errno=0 [ 297.092255][ T27] audit: type=1800 audit(1740006006.348:88): pid=9534 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1610" name="bus" dev="loop0" ino=264 res=0 errno=0 [ 297.173544][ T9567] BTRFS error (device loop0): balance: mixed groups data and metadata options must be the same [ 297.266394][ T27] audit: type=1800 audit(1740006006.598:89): pid=9566 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1610" name="bus" dev="loop0" ino=264 res=0 errno=0 [ 298.209997][ T8590] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared) [ 298.825223][ T4245] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 301.036205][ T9599] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1622'. [ 301.300440][ T9608] loop2: detected capacity change from 0 to 1024 [ 302.086056][ T9604] bridge0: port 2(bridge_slave_1) entered disabled state [ 302.095741][ T9604] bridge0: port 1(bridge_slave_0) entered disabled state [ 304.089198][ T9604] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 304.139684][ T9604] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 304.497151][ T9604] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 304.506545][ T9604] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 304.516399][ T9604] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 304.525625][ T9604] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 304.770291][ T9645] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1635'. [ 307.954416][ T9663] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1643'. [ 307.974467][ T9663] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1643'. [ 308.371629][ T9689] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1651'. [ 309.664677][ T9705] sch_tbf: burst 6 is lower than device lo mtu (65550) ! [ 310.681393][ T9717] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1660'. [ 310.719574][ T9717] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1660'. [ 310.751405][ T9721] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1664'. [ 310.879482][ T9724] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1662'. [ 310.896987][ T9695] loop0: detected capacity change from 0 to 32768 [ 310.913855][ T9695] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.1653 (9695) [ 310.959920][ T9695] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 311.071674][ T9695] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 311.132995][ T9695] BTRFS info (device loop0): use no compression [ 311.199701][ T9695] BTRFS info (device loop0): turning on sync discard [ 311.310134][ T9695] BTRFS info (device loop0): force clearing of disk cache [ 311.364915][ T9695] BTRFS info (device loop0): enabling auto defrag [ 311.404005][ T9695] BTRFS info (device loop0): turning off discard [ 311.410602][ T9695] BTRFS info (device loop0): using free space tree [ 312.987881][ T9695] BTRFS error (device loop0): open_ctree failed [ 313.369608][ T9772] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1676'. [ 313.379691][ T9772] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1676'. [ 313.454378][ T9774] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1677'. [ 313.468939][ T9774] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1677'. [ 315.584259][ T9802] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1688'. [ 315.622614][ T9802] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1688'. [ 316.999902][ T9819] loop4: detected capacity change from 0 to 256 [ 317.088677][ T1272] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.095062][ T1272] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.123690][ T9819] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 317.186240][ T9819] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 317.235115][ T9819] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 317.783365][ T9829] loop1: detected capacity change from 0 to 512 [ 317.819396][ T9829] EXT4-fs: Invalid commit interval -1, must be smaller than 21474836 [ 317.977249][ T9829] loop1: detected capacity change from 0 to 1024 [ 317.990054][ T9829] EXT4-fs: Ignoring removed nobh option [ 318.115761][ T9829] EXT4-fs: Ignoring removed bh option [ 318.183820][ T9829] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 318.987954][ T9829] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 319.970379][ T9864] loop0: detected capacity change from 0 to 256 [ 320.033614][ T9864] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 320.056020][ T9864] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 320.074842][ T9864] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 320.463744][ T4252] EXT4-fs (loop1): unmounting filesystem. [ 323.955416][ T9905] loop2: detected capacity change from 0 to 256 [ 323.974135][ T9907] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1722'. [ 324.012563][ T9905] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 324.072537][ T9905] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 324.127859][ T9905] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 324.552931][ T9914] sch_tbf: burst 6 is lower than device lo mtu (65550) ! [ 324.751933][ T9916] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1726'. [ 326.379894][ T9929] sched: RT throttling activated [ 327.987388][ T9948] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1735'. [ 328.466015][ T9962] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1739'. [ 328.604163][ T9960] wg1 speed is unknown, defaulting to 1000 [ 329.154270][ T9971] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1736'. [ 330.488282][ T9985] sch_tbf: burst 6 is lower than device lo mtu (65550) ! [ 332.900214][T10000] tipc: Started in network mode [ 332.933227][T10000] tipc: Node identity 92cade74a3f1, cluster identity 4711 [ 332.954802][T10000] tipc: Enabled bearer , priority 0 [ 332.962618][T10004] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1754'. [ 333.210410][T10007] device syzkaller0 entered promiscuous mode [ 333.249037][T10007] tipc: Resetting bearer [ 333.989113][ T5295] tipc: Node number set to 826007156 [ 334.077033][ T9999] tipc: Resetting bearer [ 338.211341][ T9999] tipc: Disabling bearer [ 338.232794][T10045] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1762'. [ 338.276371][T10045] device macsec1 entered promiscuous mode [ 338.282143][T10045] device macvlan1 entered promiscuous mode [ 339.247341][T10052] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1766'. [ 339.314423][T10053] wg1 speed is unknown, defaulting to 1000 [ 343.242318][T10109] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1785'. [ 343.373213][T10113] netlink: 'syz.1.1789': attribute type 1 has an invalid length. [ 343.458739][T10113] 8021q: adding VLAN 0 to HW filter on device bond4 [ 344.254572][T10109] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1785'. [ 344.267735][T10109] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1785'. [ 344.983903][T10128] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1793'. [ 345.911668][T10152] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1801'. [ 345.949060][T10152] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1801'. [ 345.999135][T10152] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1801'. [ 346.082897][T10160] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1805'. [ 347.900864][T10166] loop1: detected capacity change from 0 to 32768 [ 347.920310][T10166] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.1807 (10166) [ 347.981901][T10166] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 348.001255][T10166] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 348.051223][T10166] BTRFS info (device loop1): use no compression [ 348.072760][T10166] BTRFS info (device loop1): turning on sync discard [ 348.122749][T10166] BTRFS info (device loop1): force clearing of disk cache [ 348.129932][T10166] BTRFS info (device loop1): enabling auto defrag [ 348.160341][T10166] BTRFS info (device loop1): turning off discard [ 348.398637][T10166] BTRFS info (device loop1): using free space tree [ 348.459772][T10197] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1819'. [ 349.256258][T10166] BTRFS error (device loop1): open_ctree failed [ 350.931460][T10248] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1831'. [ 351.163467][T10255] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1833'. [ 351.591712][T10272] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1839'. [ 352.238588][T10271] loop1: detected capacity change from 0 to 32768 [ 352.246989][T10271] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.1840 (10271) [ 352.299565][T10271] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 352.349123][T10271] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 352.368746][T10271] BTRFS info (device loop1): use no compression [ 352.400248][T10271] BTRFS info (device loop1): turning on sync discard [ 352.474355][T10271] BTRFS info (device loop1): force clearing of disk cache [ 352.481952][T10271] BTRFS info (device loop1): enabling auto defrag [ 352.521523][T10271] BTRFS info (device loop1): turning off discard [ 352.533436][T10271] BTRFS info (device loop1): using free space tree [ 352.718322][T10292] netlink: 'syz.4.1845': attribute type 1 has an invalid length. [ 354.046779][T10292] device bond3 entered promiscuous mode [ 354.079788][T10271] BTRFS info (device loop1): enabling ssd optimizations [ 354.090193][T10271] BTRFS info (device loop1): rebuilding free space tree [ 354.139146][T10292] 8021q: adding VLAN 0 to HW filter on device bond3 [ 354.157928][ T27] audit: type=1800 audit(1740006063.488:90): pid=10271 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1840" name="bus" dev="loop1" ino=264 res=0 errno=0 [ 354.189789][ T27] audit: type=1800 audit(1740006063.518:91): pid=10271 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1840" name="bus" dev="loop1" ino=264 res=0 errno=0 [ 354.359887][ T27] audit: type=1800 audit(1740006063.688:92): pid=10271 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1840" name="bus" dev="loop1" ino=264 res=0 errno=0 [ 354.434721][T10271] BTRFS info (device loop1): balance: start -d -m [ 354.507979][T10271] BTRFS info (device loop1): relocating block group 8519680 flags data|metadata [ 354.653254][T10271] BTRFS info (device loop1): relocating block group 6881280 flags data|metadata [ 354.946457][T10340] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1854'. [ 355.174445][T10271] BTRFS info (device loop1): relocating block group 5242880 flags data|metadata [ 355.174697][ T8590] BTRFS info (device loop1): qgroup scan completed (inconsistency flag cleared) [ 355.466534][T10356] netlink: 'syz.4.1859': attribute type 1 has an invalid length. [ 355.498036][T10271] BTRFS info (device loop1): found 19 extents, stage: move data extents [ 355.522573][T10356] device bond4 entered promiscuous mode [ 355.573261][T10356] 8021q: adding VLAN 0 to HW filter on device bond4 [ 355.666985][T10271] BTRFS info (device loop1): found 10 extents, stage: update data pointers [ 355.810349][T10271] BTRFS info (device loop1): 1 enospc errors during balance [ 355.849942][T10271] BTRFS info (device loop1): balance: ended with status: -28 [ 356.002232][T10375] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1866'. [ 356.521407][ T4252] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 356.873881][T10393] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1870'. [ 356.944885][T10405] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1878'. [ 356.974574][T10405] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1878'. [ 356.986065][T10404] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1878'. [ 357.001584][T10407] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1879'. [ 357.019459][T10408] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1878'. [ 357.218009][T10415] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1882'. [ 357.279085][T10415] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1882'. [ 357.302725][T10415] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1882'. [ 357.482836][T10420] netlink: 'syz.4.1884': attribute type 21 has an invalid length. [ 358.950730][ T4335] tipc: Subscription rejected, illegal request [ 360.606448][T10477] I/O error, dev loop1, sector 2 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 360.616573][T10477] hfsplus: unable to find HFS+ superblock [ 362.189595][T10497] __nla_validate_parse: 4 callbacks suppressed [ 362.189613][T10497] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1913'. [ 362.281458][T10497] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1913'. [ 362.408913][T10504] netlink: 'syz.3.1914': attribute type 29 has an invalid length. [ 362.473026][T10504] netlink: 'syz.3.1914': attribute type 29 has an invalid length. [ 362.506653][T10505] netlink: 'syz.3.1914': attribute type 29 has an invalid length. [ 362.897028][T10524] netlink: 'syz.3.1923': attribute type 1 has an invalid length. [ 362.946930][T10524] device bond2 entered promiscuous mode [ 362.964368][T10524] 8021q: adding VLAN 0 to HW filter on device bond2 [ 365.511027][T10572] loop1: detected capacity change from 0 to 1024 [ 365.940893][T10585] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1942'. [ 370.311074][T10585] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1942'. [ 371.480321][T10628] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1951'. [ 374.057511][T10657] loop1: detected capacity change from 0 to 256 [ 374.097335][T10657] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 374.135945][T10657] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 374.170824][T10657] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 378.484446][ T1272] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.490786][ T1272] ieee802154 phy1 wpan1: encryption failed: -22 [ 381.713677][ T27] audit: type=1326 audit(1740006091.048:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10728 comm="syz.2.1988" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ffb3518cde9 code=0x0 [ 382.920244][T10747] netlink: 'syz.1.1994': attribute type 1 has an invalid length. [ 383.025172][T10747] device bond5 entered promiscuous mode [ 383.102925][T10747] 8021q: adding VLAN 0 to HW filter on device bond5 [ 386.858272][T10809] netlink: 260 bytes leftover after parsing attributes in process `syz.2.2018'. [ 390.266599][T10828] block nbd2: shutting down sockets [ 391.886618][ T27] audit: type=1326 audit(1740006101.218:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10895 comm="syz.0.2052" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcced58cde9 code=0x0 [ 401.619921][T11014] netlink: 180 bytes leftover after parsing attributes in process `syz.0.2088'. [ 404.524295][T11050] netlink: 180 bytes leftover after parsing attributes in process `syz.1.2100'. [ 411.362249][T11135] netlink: 40227 bytes leftover after parsing attributes in process `syz.4.2129'. [ 413.218430][T11147] netlink: 180 bytes leftover after parsing attributes in process `syz.3.2120'. [ 413.851733][T11160] netlink: 'syz.2.2139': attribute type 10 has an invalid length. [ 413.914024][T11160] team0: Port device wlan1 added [ 413.934054][T11162] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2140'. [ 414.199244][T11168] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2142'. [ 414.208544][T11168] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2142'. [ 414.238356][T11169] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2143'. [ 414.268103][T11169] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2143'. [ 414.324216][T11166] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2143'. [ 414.405824][T11170] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2143'. [ 414.509493][T11174] netlink: 164 bytes leftover after parsing attributes in process `syz.3.2145'. [ 416.588270][T11213] netlink: 164 bytes leftover after parsing attributes in process `syz.1.2157'. [ 421.833720][T11278] netlink: 'syz.0.2178': attribute type 1 has an invalid length. [ 422.088401][T11278] device bond5 entered promiscuous mode [ 422.098043][T11278] 8021q: adding VLAN 0 to HW filter on device bond5 [ 425.391837][T11339] netlink: 164 bytes leftover after parsing attributes in process `syz.0.2199'. [ 435.412613][T11493] netlink: 'syz.2.2261': attribute type 10 has an invalid length. [ 437.653187][ T4446] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 437.883435][ T4446] usb 1-1: Using ep0 maxpacket: 16 [ 437.932612][ T4446] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 437.943710][ T4446] usb 1-1: config 0 has no interfaces? [ 437.949396][ T4446] usb 1-1: New USB device found, idVendor=1044, idProduct=7a4d, bcdDevice= 0.00 [ 437.962498][ T4446] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 437.992613][ T4446] usb 1-1: config 0 descriptor?? [ 438.315287][ T4290] usb 1-1: USB disconnect, device number 11 [ 440.033516][ T1272] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.039873][ T1272] ieee802154 phy1 wpan1: encryption failed: -22 [ 441.378755][T11578] netlink: 164 bytes leftover after parsing attributes in process `syz.2.2288'. [ 442.492842][ T4290] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 442.689074][T11494] syz.3.2257 (11494): drop_caches: 3 [ 442.697434][ T4290] usb 5-1: config 0 interface 0 has no altsetting 0 [ 442.712960][ T4290] usb 5-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75 [ 442.732242][ T4290] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 442.758446][ T4290] usb 5-1: config 0 descriptor?? [ 443.158514][T11604] udevd[11604]: failed to execute '/lib/udev/v4l_id' 'v4l_id /dev/radio48': No such file or directory [ 443.621828][ T4290] video4linux radio48: keene_cmd_main failed (-71) [ 443.640821][ T4290] radio-keene 5-1:0.0: V4L2 device registered as radio48 [ 443.696228][ T4290] usb 5-1: USB disconnect, device number 11 [ 447.846090][ T4446] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 448.054888][ T4446] usb 3-1: config 0 interface 0 has no altsetting 0 [ 448.066255][ T4446] usb 3-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75 [ 448.099165][ T4446] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 448.174876][ T4446] usb 3-1: config 0 descriptor?? [ 448.890085][ T4446] video4linux radio48: keene_cmd_set failed (-71) [ 448.914253][ T4446] radio-keene 3-1:0.0: V4L2 device registered as radio48 [ 448.955880][ T4446] usb 3-1: USB disconnect, device number 7 [ 449.000923][T11681] udevd[11681]: failed to execute '/lib/udev/v4l_id' 'v4l_id /dev/radio48': No such file or directory [ 452.545138][T11740] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2344'. [ 455.576058][T11776] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2357'. [ 457.397704][T11804] vivid-008: disconnect [ 457.407615][T11805] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2368'. [ 457.418460][T11799] vivid-008: reconnect [ 460.858591][T11844] vivid-008: disconnect [ 460.863490][T11843] vivid-008: reconnect [ 461.038405][ T4446] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 461.243220][ T4446] usb 4-1: Using ep0 maxpacket: 16 [ 461.255683][ T4446] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 461.281978][ T4446] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 461.309851][ T4446] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 461.330834][ T4446] usb 4-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00 [ 461.341300][ T4446] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 461.368078][ T4446] usb 4-1: config 0 descriptor?? [ 461.386037][ T4446] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input7 [ 461.409277][ T3607] pxrc 4-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 461.442833][ T3607] pxrc 4-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 461.500638][ T3607] pxrc 4-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 461.550560][ T3607] pxrc 4-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 461.574635][ T3607] pxrc 4-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 461.591463][T11842] pxrc 4-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 461.608812][ T4237] pxrc 4-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 461.627777][ T4487] usb 4-1: USB disconnect, device number 16 [ 465.154467][ T4487] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 465.198263][ T27] audit: type=1326 audit(1740006174.528:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11876 comm="syz.0.2391" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcced58cde9 code=0x0 [ 465.233409][T11879] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2394'. [ 465.248533][T11882] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2393'. [ 465.373455][ T4487] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 465.407725][ T4487] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 465.425227][ T4487] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 465.450345][ T4487] usb 5-1: config 0 descriptor?? [ 465.474370][ T4487] pwc: Askey VC010 type 2 USB webcam detected. [ 466.665730][ T4487] pwc: recv_control_msg error -71 req 02 val 2700 [ 466.678697][ T4487] pwc: recv_control_msg error -71 req 02 val 2c00 [ 466.698682][ T4487] pwc: recv_control_msg error -71 req 04 val 1000 [ 466.707018][ T4487] pwc: recv_control_msg error -71 req 04 val 1300 [ 466.735585][ T4487] pwc: recv_control_msg error -71 req 04 val 1400 [ 467.192669][ T4487] pwc: recv_control_msg error -71 req 02 val 2000 [ 467.200151][ T4487] pwc: recv_control_msg error -71 req 02 val 2100 [ 467.217064][ T4487] pwc: recv_control_msg error -71 req 04 val 1500 [ 467.264057][ T4487] pwc: recv_control_msg error -71 req 02 val 2500 [ 467.273470][ T4487] pwc: recv_control_msg error -71 req 02 val 2400 [ 467.282146][ T4487] pwc: recv_control_msg error -71 req 02 val 2600 [ 467.298718][ T4487] pwc: recv_control_msg error -71 req 02 val 2900 [ 467.325555][ T4487] pwc: recv_control_msg error -71 req 02 val 2800 [ 467.354837][ T4487] pwc: recv_control_msg error -71 req 04 val 1100 [ 467.373088][ T4487] pwc: recv_control_msg error -71 req 04 val 1200 [ 467.392209][ T4487] pwc: Registered as video103. [ 467.399348][ T4487] input: PWC snapshot button as /devices/platform/dummy_hcd.4/usb5/5-1/input/input8 [ 467.479134][ T4487] usb 5-1: USB disconnect, device number 12 [ 467.535604][T11914] udevd[11914]: failed to execute '/lib/udev/v4l_id' 'v4l_id /dev/video103': No such file or directory [ 467.570003][T11915] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2405'. [ 467.908524][T11918] vivid-008: disconnect [ 467.915878][T11916] vivid-008: reconnect [ 468.020722][T11925] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2407'. [ 470.195246][ T27] audit: type=1326 audit(1740006179.528:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11940 comm="syz.2.2412" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ffb3518cde9 code=0x0 [ 473.235188][T11981] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2428'. [ 473.442598][ T4487] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 473.634946][ T4487] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 473.646322][ T27] audit: type=1326 audit(1740006182.978:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11993 comm="syz.2.2424" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ffb3518cde9 code=0x0 [ 473.669021][ T4487] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 473.683827][T11992] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2432'. [ 473.698799][ T4487] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 473.716940][ T4487] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 473.726411][ T4487] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 473.747543][ T4487] usb 1-1: config 0 descriptor?? [ 474.176778][ T4487] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 474.195839][ T4487] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 474.220683][ T4487] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving [ 474.310921][ T4487] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 475.088570][ T5295] usb 1-1: USB disconnect, device number 12 [ 475.279533][T12003] loop6: detected capacity change from 0 to 524287999 [ 475.376481][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 [ 475.401026][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 475.410534][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 475.420811][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 475.430033][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 476.897249][ T27] audit: type=1326 audit(1740006186.228:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12035 comm="syz.0.2446" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcced58cde9 code=0x0 [ 477.329468][T12043] tipc: Started in network mode [ 477.334455][T12043] tipc: Node identity 4a6df9892379, cluster identity 4711 [ 477.381400][T12043] tipc: Enabled bearer , priority 0 [ 477.532476][T12044] device syzkaller0 entered promiscuous mode [ 477.559765][T12044] tipc: Resetting bearer [ 477.606015][T12042] tipc: Resetting bearer [ 477.641998][T12049] vivid-002: disconnect [ 477.669738][T12048] vivid-002: reconnect [ 478.203652][T12057] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2453'. [ 478.474072][ T5295] tipc: Node number set to 1762982281 [ 479.350804][ T27] audit: type=1326 audit(1740006188.678:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12065 comm="syz.2.2457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ffb35128fb9 code=0x7ffc0000 [ 479.438913][ T27] audit: type=1326 audit(1740006188.708:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12065 comm="syz.2.2457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb3518cde9 code=0x7ffc0000 [ 479.543631][ T27] audit: type=1326 audit(1740006188.708:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12065 comm="syz.2.2457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb3518cde9 code=0x7ffc0000 [ 479.652952][ T27] audit: type=1326 audit(1740006188.708:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12065 comm="syz.2.2457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ffb35128fb9 code=0x7ffc0000 [ 479.758714][ T27] audit: type=1326 audit(1740006188.708:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12065 comm="syz.2.2457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ffb35128fb9 code=0x7ffc0000 [ 479.849371][ T27] audit: type=1326 audit(1740006188.708:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12065 comm="syz.2.2457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb3518cde9 code=0x7ffc0000 [ 479.928626][ T27] audit: type=1326 audit(1740006188.708:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12065 comm="syz.2.2457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ffb35128fb9 code=0x7ffc0000 [ 479.975965][ T27] audit: type=1326 audit(1740006188.708:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12065 comm="syz.2.2457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb3518cde9 code=0x7ffc0000 [ 480.019647][ T27] audit: type=1326 audit(1740006188.708:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12065 comm="syz.2.2457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ffb35128fb9 code=0x7ffc0000 [ 480.066009][ T27] audit: type=1326 audit(1740006188.708:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12065 comm="syz.2.2457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb3518cde9 code=0x7ffc0000 [ 482.060999][T12089] syz.4.2465 (12089): /proc/12088/oom_adj is deprecated, please use /proc/12088/oom_score_adj instead. [ 483.605060][T12099] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2467'. [ 484.940783][ T4487] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 485.160962][ T4487] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 485.172535][ T4487] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 485.183168][ T4487] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 485.196448][ T4487] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 485.205834][ T4487] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 485.229095][ T4487] usb 5-1: config 0 descriptor?? [ 485.605376][T12042] tipc: Disabling bearer [ 485.643565][ T4487] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 485.651018][ T4487] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 485.711093][ T4487] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving [ 485.775583][ T4487] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 485.984119][ T4487] usb 5-1: USB disconnect, device number 13 [ 488.572175][T12157] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2485'. [ 492.901705][T12196] tipc: Started in network mode [ 492.927129][T12196] tipc: Node identity fe5364e049ff, cluster identity 4711 [ 492.972708][T12196] tipc: Enabled bearer , priority 0 [ 492.989479][T12195] tipc: Disabling bearer [ 494.267451][T12226] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2508'. [ 498.642720][T12252] device syzkaller0 entered promiscuous mode [ 501.375493][ T1272] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.385879][ T1272] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.722156][T12289] bridge0: port 2(bridge_slave_1) entered disabled state [ 501.729615][T12289] bridge0: port 1(bridge_slave_0) entered disabled state [ 502.656821][T12316] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2537'. [ 503.056726][T12325] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2540'. [ 507.923079][ T4487] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 508.234375][ T4487] usb 5-1: Using ep0 maxpacket: 8 [ 508.264173][ T4487] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 508.339300][ T4487] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 508.391259][ T4487] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 508.951580][ T4487] usb 5-1: config 0 descriptor?? [ 509.227766][ T4487] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 509.433920][ T5295] usb 5-1: USB disconnect, device number 14 [ 509.439900][ C0] iowarrior 5-1:0.0: iowarrior_callback - usb_submit_urb failed with result -19 [ 510.029706][T12405] use of bytesused == 0 is deprecated and will be removed in the future, [ 510.040406][T12405] use the actual size instead. [ 510.882640][ T4487] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 511.173489][ T4487] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 511.211849][ T4487] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 511.292444][ T4487] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 511.307719][ T4487] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 511.319147][ T4487] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 511.395429][ T4487] usb 4-1: config 0 descriptor?? [ 511.922800][ T4487] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 511.930339][ T4487] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 511.963378][ T4487] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 511.970967][ T4487] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 511.979738][ T4487] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 511.987570][ T4487] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 511.995801][ T4487] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 512.004824][ T4487] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 512.012340][ T4487] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 512.025645][ T4487] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 512.038224][ T4487] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving [ 512.083379][ T4487] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 512.172980][T12432] netlink: 260 bytes leftover after parsing attributes in process `syz.4.2575'. [ 512.239750][ T4487] usb 4-1: USB disconnect, device number 17 [ 516.533113][ T4290] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 516.754029][ T4290] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 516.777192][ T4290] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 516.794526][ T4290] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 516.816253][ T4290] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 516.826517][ T4290] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 516.840149][ T4290] usb 2-1: config 0 descriptor?? [ 517.712207][ T4290] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving [ 517.731481][ T4290] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 518.038352][ T4290] usb 2-1: USB disconnect, device number 10 [ 518.759016][ T27] kauditd_printk_skb: 286 callbacks suppressed [ 518.759031][ T27] audit: type=1326 audit(1740006228.088:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12528 comm="syz.3.2610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe61f8cde9 code=0x7ffc0000 [ 518.876790][ T27] audit: type=1326 audit(1740006228.088:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12528 comm="syz.3.2610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7efe61f8cde9 code=0x7ffc0000 [ 518.904308][ T27] audit: type=1326 audit(1740006228.088:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12528 comm="syz.3.2610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe61f8cde9 code=0x7ffc0000 [ 519.530108][ T4446] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 519.723348][ T4446] usb 2-1: Using ep0 maxpacket: 8 [ 519.736254][ T4446] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 519.777333][ T4446] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 519.787276][ T4446] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 519.831957][ T4446] usb 2-1: config 0 descriptor?? [ 520.048685][ T4446] iowarrior 2-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 520.135173][ T27] audit: type=1326 audit(1740006229.468:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12552 comm="syz.2.2621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb3518cde9 code=0x7ffc0000 [ 520.197795][ T27] audit: type=1326 audit(1740006229.468:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12552 comm="syz.2.2621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb3518cde9 code=0x7ffc0000 [ 520.251169][ T4446] usb 2-1: USB disconnect, device number 11 [ 520.257776][ C1] iowarrior 2-1:0.0: iowarrior_callback - usb_submit_urb failed with result -19 [ 520.330418][ T27] audit: type=1326 audit(1740006229.468:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12552 comm="syz.2.2621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7ffb3518cde9 code=0x7ffc0000 [ 520.382196][ T27] audit: type=1326 audit(1740006229.468:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12552 comm="syz.2.2621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb3518cde9 code=0x7ffc0000 [ 520.566024][ T27] audit: type=1326 audit(1740006229.468:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12552 comm="syz.2.2621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb3518cde9 code=0x7ffc0000 [ 521.782723][ T27] audit: type=1326 audit(1740006231.108:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12581 comm="syz.3.2633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe61f8cde9 code=0x7ffc0000 [ 521.885327][ T27] audit: type=1326 audit(1740006231.108:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12581 comm="syz.3.2633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe61f8cde9 code=0x7ffc0000 [ 521.922760][ T5295] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 522.274685][ T5295] usb 2-1: Using ep0 maxpacket: 32 [ 522.699362][ T5295] usb 2-1: config 0 has an invalid interface number: 9 but max is 0 [ 522.719150][ T5295] usb 2-1: config 0 has no interface number 0 [ 522.736505][ T5295] usb 2-1: New USB device found, idVendor=06a2, idProduct=0003, bcdDevice=b4.8c [ 522.785732][ T5295] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 522.836352][ T5295] usb 2-1: Product: syz [ 522.875409][ T5295] usb 2-1: Manufacturer: syz [ 522.907961][ T5295] usb 2-1: SerialNumber: syz [ 522.946050][ T5295] usb 2-1: config 0 descriptor?? [ 523.167515][ T5295] gspca_main: gspca_topro-2.14.0 probing 06a2:0003 [ 524.409855][ T5295] gspca_topro: reg_r err -71 [ 524.414727][ T5295] gspca_topro: Sensor soi763a [ 524.451950][ T5295] usb 2-1: USB disconnect, device number 12 [ 524.538611][T12641] udevd[12641]: failed to execute '/lib/udev/v4l_id' 'v4l_id /dev/video103': No such file or directory [ 525.142330][ T27] kauditd_printk_skb: 8 callbacks suppressed [ 525.142345][ T27] audit: type=1326 audit(1740006234.468:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12661 comm="syz.1.2666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6cf38cde9 code=0x7ffc0000 [ 525.237460][ T27] audit: type=1326 audit(1740006234.508:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12661 comm="syz.1.2666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe6cf38cde9 code=0x7ffc0000 [ 525.317023][ T27] audit: type=1326 audit(1740006234.508:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12661 comm="syz.1.2666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6cf38cde9 code=0x7ffc0000 [ 525.380516][ T27] audit: type=1326 audit(1740006234.508:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12661 comm="syz.1.2666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe6cf38cde9 code=0x7ffc0000 [ 525.413089][ T4446] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 525.471419][ T27] audit: type=1326 audit(1740006234.508:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12661 comm="syz.1.2666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6cf38cde9 code=0x7ffc0000 [ 525.504230][ T27] audit: type=1326 audit(1740006234.508:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12661 comm="syz.1.2666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fe6cf38cde9 code=0x7ffc0000 [ 525.533504][ T27] audit: type=1326 audit(1740006234.508:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12661 comm="syz.1.2666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6cf38cde9 code=0x7ffc0000 [ 525.571646][ T27] audit: type=1326 audit(1740006234.508:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12661 comm="syz.1.2666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fe6cf38cde9 code=0x7ffc0000 [ 525.638054][ T27] audit: type=1326 audit(1740006234.508:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12661 comm="syz.1.2666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6cf38cde9 code=0x7ffc0000 [ 525.640930][ T4446] usb 1-1: config index 0 descriptor too short (expected 65183, got 72) [ 525.740979][ T4446] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 525.776080][ T4446] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 525.796474][ T4446] usb 1-1: Product: syz [ 525.800678][ T4446] usb 1-1: Manufacturer: syz [ 525.814815][ T4446] usb 1-1: SerialNumber: syz [ 525.846895][ T4446] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 526.203293][ T4446] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 527.183381][T12660] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 527.288185][T12660] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 527.297013][ T4446] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive [ 527.312273][ T4446] ath9k_htc: Failed to initialize the device [ 527.400759][ T4446] usb 1-1: ath9k_htc: USB layer deinitialized [ 527.415169][T12660] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 527.452933][T12660] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 527.499637][T12660] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 527.684224][T12660] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 528.503345][ T5295] usb 1-1: USB disconnect, device number 13 [ 528.882553][ T5295] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 529.722904][ T5295] usb 1-1: Using ep0 maxpacket: 32 [ 529.825991][ T5295] usb 1-1: device descriptor read/all, error -71 [ 533.178112][ T4290] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 533.412481][ T4290] usb 5-1: Using ep0 maxpacket: 8 [ 533.421637][ T4290] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 533.448151][ T4290] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 533.476605][ T4290] usb 5-1: Product: syz [ 533.494077][ T4290] usb 5-1: Manufacturer: syz [ 533.498721][ T4290] usb 5-1: SerialNumber: syz [ 533.533394][ T4290] usb 5-1: config 0 descriptor?? [ 534.248163][ T4446] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 534.343486][ T4290] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 534.543032][ T4487] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 534.573069][ T4446] usb 4-1: Using ep0 maxpacket: 8 [ 534.579953][ T4446] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 13 [ 534.612022][ T4446] usb 4-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58 [ 534.631564][ T4446] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 534.651613][ T4446] usb 4-1: Product: syz [ 534.661702][ T4446] usb 4-1: Manufacturer: syz [ 534.671761][ T4446] usb 4-1: SerialNumber: syz [ 534.689687][ T4446] usb 4-1: config 0 descriptor?? [ 534.709005][ T4446] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae [ 534.734241][ T4487] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 534.755381][ T4487] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 534.782436][ T4487] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 534.816407][ T4487] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 534.842440][ T4487] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 534.873411][ T4487] usb 1-1: config 0 descriptor?? [ 535.289539][ T4487] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0 [ 535.307952][ T4487] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0 [ 535.321330][ T4290] dvb_usb_rtl28xxu: probe of 5-1:0.0 failed with error -71 [ 535.331011][ T4487] plantronics 0003:047F:FFFF.0005: No inputs registered, leaving [ 535.351286][ T4290] usb 5-1: USB disconnect, device number 15 [ 535.401875][ T4487] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 535.609255][ T4487] usb 1-1: USB disconnect, device number 16 [ 536.067064][T12807] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2720'. [ 536.208334][T12811] vivid-000: disconnect [ 536.223264][T12810] vivid-000: reconnect [ 537.096044][ T4446] gspca_zc3xx: reg_w_i err -110 [ 537.753140][ T4446] gspca_zc3xx: Unknown sensor - set to TAS5130C [ 537.760290][ T4446] gspca_zc3xx: probe of 4-1:0.0 failed with error -110 [ 538.482671][ T4290] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 538.560152][ T4446] usb 4-1: USB disconnect, device number 18 [ 538.694842][ T4290] usb 3-1: Using ep0 maxpacket: 8 [ 538.701605][ T4290] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 538.738381][ T4290] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 538.757833][ T4290] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 538.799824][ T4290] usb 3-1: config 0 descriptor?? [ 538.998939][T12843] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2731'. [ 539.023044][ T4290] iowarrior 3-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 539.241968][ T4290] usb 3-1: USB disconnect, device number 8 [ 539.316983][T12849] vivid-002: disconnect [ 539.324770][T12848] vivid-002: reconnect SYZFAIL: posix_spawnp failed (errno 2: No such file or directory) [ 542.019456][T12876] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2744'. [ 542.843663][T12633] device syz_tun left promiscuous mode [ 544.072067][ T4315] bond1: (slave gretap1): Releasing active interface [ 544.499708][ T4315] device hsr_slave_0 left promiscuous mode [ 544.506634][ T4315] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 544.515845][ T4315] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 544.523665][ T4315] device bridge_slave_1 left promiscuous mode [ 544.531853][ T4315] bridge0: port 2(bridge_slave_1) entered disabled state [ 544.540765][ T4315] device bridge_slave_0 left promiscuous mode [ 544.547392][ T4315] bridge0: port 1(bridge_slave_0) entered disabled state [ 544.684926][ T4315] bond5 (unregistering): Released all slaves [ 544.834286][ T4315] bond4 (unregistering): Released all slaves [ 544.961392][ T4315] bond3 (unregistering): Released all slaves [ 545.084892][ T4315] bond2 (unregistering): Released all slaves [ 545.591843][ T4315] bond1 (unregistering): Released all slaves [ 545.948563][ T4315] team0 (unregistering): Port device team_slave_1 removed [ 545.998115][ T4315] team0 (unregistering): Port device team_slave_0 removed [ 546.044131][ T4315] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 546.090785][ T4315] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 546.540963][ T4315] bond0 (unregistering): Released all slaves [ 547.179809][ T4315] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 547.259615][ T4315] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 547.311020][ T4315] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 547.380477][ T4315] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 547.486343][ T4315] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 547.558892][ T4315] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 547.607138][ T4315] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 547.675958][ T4315] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 547.842907][ T4315] tipc: Left network mode [ 548.542950][ T4315] bond1: (slave ipip0): Releasing backup interface [ 548.550284][ T4315] bond1: Destroying bond [ 548.666322][ T4315] bond1 (unregistering): Released all slaves [ 548.965368][ T4315] team0: Port device wlan1 removed [ 549.193032][ T4315] device hsr_slave_0 left promiscuous mode [ 549.200388][ T4315] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 549.208520][ T4315] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 549.216701][ T4315] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 549.224200][ T4315] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 549.231722][ T4315] device bridge_slave_1 left promiscuous mode [ 549.238606][ T4315] bridge0: port 2(bridge_slave_1) entered disabled state [ 549.248414][ T4315] device bridge_slave_0 left promiscuous mode [ 549.254721][ T4315] bridge0: port 1(bridge_slave_0) entered disabled state [ 549.268401][ T4315] device hsr_slave_0 left promiscuous mode [ 549.275366][ T4315] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 549.283000][ T4315] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 549.290541][ T4315] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 549.298114][ T4315] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 549.306980][ T4315] device bridge_slave_1 left promiscuous mode [ 549.313273][ T4315] bridge0: port 2(bridge_slave_1) entered disabled state [ 549.321228][ T4315] device bridge_slave_0 left promiscuous mode [ 549.327499][ T4315] bridge0: port 1(bridge_slave_0) entered disabled state [ 549.371207][ T4315] device veth1_macvtap left promiscuous mode [ 549.377717][ T4315] device veth0_macvtap left promiscuous mode [ 549.384117][ T4315] device veth1_vlan left promiscuous mode [ 549.391614][ T4315] device veth0_vlan left promiscuous mode [ 549.404220][ T4315] device veth1_macvtap left promiscuous mode [ 549.410265][ T4315] device veth0_macvtap left promiscuous mode [ 549.418387][ T4315] device veth1_vlan left promiscuous mode [ 549.424665][ T4315] device veth0_vlan left promiscuous mode [ 549.742074][ T4315] bond5 (unregistering): Released all slaves [ 549.871463][ T4315] bond4 (unregistering): Released all slaves [ 550.008742][ T4315] bond3 (unregistering): Released all slaves [ 550.145079][ T4315] bond2 (unregistering): Released all slaves [ 550.269789][ T4315] bond1 (unregistering): Released all slaves [ 550.839219][ T4315] team0 (unregistering): Port device team_slave_1 removed [ 550.881405][ T4315] team0 (unregistering): Port device team_slave_0 removed [ 550.928599][ T4315] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 550.971015][ T4315] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 551.406314][ T4315] bond0 (unregistering): Released all slaves [ 551.609119][ T4315] bond8 (unregistering): Released all slaves [ 551.736203][ T4315] bond7 (unregistering): Released all slaves [ 551.860534][ T4315] bond6 (unregistering): Released all slaves