last executing test programs: 2m37.575866719s ago: executing program 3 (id=864): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x11, 0x80a, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=r2, @ANYBLOB="00000000000000001c00128009000100626f6e64000000000c0002800800070003"], 0x3c}}, 0x0) 2m37.332153522s ago: executing program 3 (id=865): socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000fc0)=ANY=[@ANYBLOB="12000000030000000400000002"], 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r1}, &(0x7f0000000580)=0x2, &(0x7f00000005c0)=r0}, 0x20) 2m37.153106904s ago: executing program 3 (id=866): syz_mount_image$udf(&(0x7f00000004c0), &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='shortad,partition=00000000000000000005,noadinicb,uid=', @ANYRESDEC=0x0, @ANYBLOB=',gid=', @ANYRESDEC=0x0, @ANYBLOB=',volume=0000000000000006,\x00\x00\x00\x00\x00'], 0x1, 0x489, &(0x7f0000000580)="$eJzs29trHOUfx/HPd7K72Wz7+3XbpmmVgquCSsWaQ4/Gix5iqNCkOTQiRYWYbOLSnMimkhTR4o233ngjIgoKUkULIt54pb3zD1AQBL3wQgT3wgMIgszszM5ks2nS7iHd9v2CdifPfGfmOewzz7M7zwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEinnjrZ2WVbnQsAANBIg6Mjnd2M/wAA3FXO8/kfAADgbmJy9L1MfSMFG/D+Lkqezc1dWh7r6698WJt5R7Z48e6/ZFd3z6HDR44eC15vfHyt3aNzo+dPZk7Pzy4sZvP57GRmbC43MT+Z3fQZqj2+3AGvAjKzFy9NTk3lM90He1btXk7/0rqtI917tOOEE8SO9fX3j0ZiYvFbvvoa683wE3K0T6bfHvrUBiU5qr4uNnjv1FubV4gDXiHG+vq9gszkxueW3J1DQUU4fll9iaCOGtAWVWmX3HxZojaf2eJydEKmjp8Ldk5SS1APj3pfDK9/YKwml79lbj6fl/SAmqDNbmOtcvSjTLM7khra+mZFg8XkaFmmP3oLNuzdD9z+5N42zz6TeXpuaj4SO2R+j2r28aGRbvN7U1KOBr07fsFGtjozaDh3svSWTHs+ftmbV8ibl+7oPfrEcE90hrF3g/O4sQf9+eNmxuS4HztkQ2ZO7csFAAAAAAAAQGo1R9/JVPgqEyamTU7kkXFSxQdDma3JIoB6MUdvyzQ8UvC+ho+uS2mJrO8pafZnf/XNf1vy9PzCymJu+qWlivtTyZMv5pcWxycq71abe59tiaZstI6lSnFzlJDpuT8/stJ1i/d/fylAmJsPnwzXzCTLr++9b/5fXM8UPEM6fmFvdLtilm/i+ah7TTNHSzKd2rXPX6uS0po6UzHuc5l+f2+/H+ck3MwHp00XzziVm8l2urFfy/T+v0GstyxK2/zY3WFslxtrMr05sDp2ux/bHsZ2u7H9Ml1/oXLsnjC2x419XaaFXzNBbMqNvc+P7QhjD07Mz0xWqkrgZrn9/yeZ3m3PWNA3YsX339r+/0o4FlwpP9E6fb7a/p+OpF3x+/UFt///tc/ry17/dyr3/zdk+uSL/X5cse8l/P07vf/D/v+sTNPfro5N+bG7wtiuTVdsk3Dbf79MZ/ZcK9WN3/5+C4StFm3/e8vfHXVq/52RtLR/3dbaFB2S8iuXL47PzGQX2WCDDTZKG1t9Z0IjuOP/Z+4s6ssfSvMdf/z3P6aEM6u/Xw3H/97yE9Vp/N8VSev1ZyPxmJRcml2I75WS+ZXLj+Vmx6ez09m5Q51HOg8fOt51/Fg8EUzuwq2q6+pO5Lb/NzL9s+1q6fPu6vlf5fl/qvxEdWr/3ZG01Kr5StVFh9/+V2W6//q10vcSN5r/B9//PPJg8bXUP+vU/u2RtLR/3f/VpugAAAAAAAAAAAAAAAAA0NTi5ugDmc48HrPgt2abWf+35gdodVr/1RFJm2zQ7xWqrlQAaAKOHL0j08Mq2GtuwnZpIPqKO9p/AQAA//9HASOO") r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0) getdents64(r0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000040)='./bus\x00', 0x223c1b, 0x0, 0x1, 0x0, &(0x7f00000000c0)) 2m36.915313338s ago: executing program 3 (id=868): r0 = syz_io_uring_setup(0x110, &(0x7f00000000c0)={0x0, 0x1b00, 0x0, 0x3, 0x100080}, &(0x7f0000000180)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x1, 0x0, 0x0, 0xffffffffffffffff, 0x0}) io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0) 2m36.599067582s ago: executing program 3 (id=871): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x48, 0x83, 0x0, 0x10}, {0x6, 0x0, 0x0, 0x1000000}]}, 0x10) syz_emit_ethernet(0x46, &(0x7f0000001600)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xd}, @void, {@ipv6={0x86dd, @dccp_packet={0x1, 0x6, "bb30c2", 0x10, 0x21, 0x0, @local, @private0, {[], {{0x4e23, 0x4e21, 0x4, 0x1, 0x9, 0x0, 0x0, 0x0, 0x7, "f9c8e7", 0x0, "7f243d"}}}}}}}, 0x0) 2m36.348087056s ago: executing program 3 (id=874): syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000180)='./file1\x00', 0x4040, &(0x7f00000015c0)=ANY=[], 0x2, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir") sync() r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) 2m21.271323659s ago: executing program 32 (id=874): syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000180)='./file1\x00', 0x4040, &(0x7f00000015c0)=ANY=[], 0x2, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir") sync() r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) 1m40.788638731s ago: executing program 1 (id=1345): r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000240)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4f3, 0x755, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x40, 0xb1, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x101, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0xc}}}}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000340)={0x2c, &(0x7f0000000040)={0x20, 0xa, 0x7, {0x7, 0x35, "00f4000000"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_open_dev$hidraw(&(0x7f0000000280), 0x82, 0x2) 1m38.925838398s ago: executing program 1 (id=1358): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000740)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010026bd7000000000000200000008000300", @ANYRES32=r2, @ANYBLOB="0c0099000900000074000000080026008009000008009f0004"], 0x38}}, 0x20000000) 1m38.834896649s ago: executing program 1 (id=1361): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xb, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000180)=r2, 0x4) sendmsg$unix(r0, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0) 1m38.75994465s ago: executing program 1 (id=1362): r0 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000000c0)={[{@noinit_itable}, {@dax_inode}, {@nolazytime}, {@abort}, {@dax_inode}, {@lazytime}, {@noload}, {}, {@noauto_da_alloc}]}, 0xfe, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy") mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}], [], 0x2c}) syz_mount_image$msdos(&(0x7f0000000400), &(0x7f0000001cc0)='.\x00', 0x1aca4b8, &(0x7f0000000480)=ANY=[@ANYRES32=r0, @ANYRESHEX=r0, @ANYBLOB="29ab3b30df7d75af6a66b0358c15235889ce2a0584d8b2ef4a21a27c9af13b6657ff207e1c5d58aea9c00a00ca049d3d367df0c23e00000000fdff00000639e695cecd9d0c27f3bd893e78c469110da7a3f6e2a787693f16be9dccc8aa22db6946d10cc6f04f5ca3a1a1d4a66bf1109fb12822f5e2a37bdd6dfdc5a2a86a95ba2a86dc0f5b5567f70a01d8aa78820a5dfb853c8562ce313972cf4af2e04803755d0068705559237f9a063c2c24ed23c25b8f4aab53efd1c9ced5045e9b88cfe32f33119a4bc01d3d73afd037dedde8aa4600c93c71e78ab732db07cba921af5f6b88c9b5ceccf4c71a4e74dca34e9c482904efbc2ea3d7ec2ec12cdae77d039aa63a344714995b27f961e81b2a68e073361ac1380aa8a2f3298c0807e1fe47f57e88e1a7ed753c1afbdda398eb521c9bc74429", @ANYRESHEX=r0, @ANYRES8=r0, @ANYRES32=r0], 0xb, 0x0, &(0x7f0000000000)) utimes(&(0x7f0000000000)='./file0\x00', 0x0) 1m38.452286624s ago: executing program 1 (id=1367): r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000000)=0xffb) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000001180)={{0x3, 0x2, 0x80000000, 0x100, 'syz1\x00', 0xffffffff}, 0x0, [0x6ba74c59, 0x85, 0xf, 0x1, 0x9, 0x6, 0x5, 0xdb, 0x0, 0xf0, 0x3, 0x5, 0x8001, 0xfffffffffffffffb, 0x4, 0x2938, 0x100, 0xfffffffffffffff8, 0xfffffffffffffff9, 0xfffffffffffffffb, 0x6, 0x9025, 0x5, 0x5, 0x7, 0x100000001, 0x40, 0x9, 0x9, 0x2, 0x100, 0x9, 0xb, 0x1a7427c9, 0x7, 0x8, 0x7, 0x6, 0x5, 0x10001, 0xffffffff, 0xffffffffffffff3d, 0x800, 0x9, 0xe4e, 0x9, 0x6, 0xa8, 0x659, 0x5, 0xfff, 0x2, 0xffff, 0xffffffffffffff53, 0x0, 0x101, 0x7f, 0x4, 0x9, 0x10, 0x2, 0xd1c, 0x80000001, 0x9, 0x8001, 0x0, 0x1, 0xfffffffffffff3a0, 0x4, 0x4, 0x4, 0x1, 0x9, 0xe5, 0xfa0, 0x9, 0x1, 0x401, 0x8, 0x7fffffffffffffff, 0x101, 0xffffffffffffff2f, 0xe, 0x4, 0x4040000, 0xffffffff, 0x1, 0x7, 0x5, 0x1ff, 0xa46, 0xfffffffffffffb27, 0x100, 0x5, 0x7, 0x5, 0x7, 0xfffffffffffffff9, 0x6, 0x5, 0x3, 0x4, 0x9, 0x27ee, 0x0, 0x0, 0x0, 0x4, 0x6, 0x8, 0x6, 0x8000000000000001, 0x4, 0xd27, 0x0, 0x4, 0x3ff, 0x3, 0x9, 0x87, 0x80, 0x3, 0x2, 0x2c, 0xa, 0x1, 0x1, 0x8]}) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000c80)={{0x3, 0x1, 0x1, 0x3557, 'syz1\x00', 0x5}, 0x1, [0x2, 0x84, 0x1c00000000000000, 0x7fffffffffffffff, 0x3, 0x3896, 0x5, 0x1, 0x8, 0xffffffff, 0xfffffffffffffff7, 0x9, 0x7ff, 0x80, 0x2fc2f8ae, 0x2, 0x101, 0xa71, 0x7fffffffffffffff, 0xa1, 0xfffffffffffffff8, 0x40, 0x2, 0x2, 0x10, 0xd, 0x8, 0x2, 0x6, 0x6, 0x6, 0x5, 0x2, 0x8, 0xffff, 0x144be44d, 0xc3b, 0x400000000003, 0x0, 0x12, 0x2, 0x8, 0xbb9, 0x2, 0x6, 0x9, 0xb1e, 0x8, 0xf, 0x651, 0x8, 0x8000, 0xc, 0xffffffffffffffff, 0x4, 0x0, 0x400, 0x1, 0x5, 0x80000000, 0x5, 0xb9b, 0x5, 0x1, 0x6, 0x80, 0x4, 0xc4, 0x8001, 0x5, 0xffff, 0x8, 0x1, 0x100000001, 0x81, 0x3, 0x1, 0x800, 0xf5, 0x7, 0x1, 0x401, 0xf, 0x4, 0x2c, 0x5, 0x8, 0x2, 0x3, 0x5, 0x80000000, 0xed, 0x9, 0x7, 0x3, 0x7, 0x500000000000000, 0x100, 0xfffffffffffffffb, 0xd05, 0xf, 0xf95, 0x4, 0x4, 0x8, 0x61, 0x1, 0xe, 0x8, 0x1, 0x2, 0x0, 0x400000000, 0x13ff, 0xa, 0xd3, 0x80, 0x6, 0x1000, 0x401, 0xe51b, 0x9, 0x7, 0x3, 0x9, 0x5, 0x9, 0x1ff]}) 1m37.910122192s ago: executing program 1 (id=1373): io_setup(0x2278, &(0x7f0000000180)=0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = eventfd(0x80000000) io_submit(r0, 0x2, &(0x7f00000002c0)=[&(0x7f00000001c0)={0x0, 0x4, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x2, r2}, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x5, 0x2, r1, 0x0, 0x300, 0x0, 0x0, 0x1, r2}]) 1m37.611041827s ago: executing program 33 (id=1373): io_setup(0x2278, &(0x7f0000000180)=0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = eventfd(0x80000000) io_submit(r0, 0x2, &(0x7f00000002c0)=[&(0x7f00000001c0)={0x0, 0x4, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x2, r2}, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x5, 0x2, r1, 0x0, 0x300, 0x0, 0x0, 0x1, r2}]) 20.662611514s ago: executing program 0 (id=2248): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, 0x0}], 0x1, 0x1, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x5, 0x1, 0x8080000, 0x1000, &(0x7f0000fed000/0x1000)=nil}) 20.29277058s ago: executing program 0 (id=2253): r0 = msgget$private(0x0, 0x5bd) msgsnd(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="030000"], 0x2f, 0x0) msgrcv(r0, 0x0, 0x0, 0x2, 0x1000) msgrcv(r0, 0x0, 0x0, 0x3, 0x1800) 19.230413124s ago: executing program 0 (id=2268): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000e4c5ad101d0620c0159c01020301090212e700000000000904"], 0x0) syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000040)={0x44, &(0x7f00000000c0)=ANY=[@ANYRES16=r0, @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) 17.214869593s ago: executing program 0 (id=2282): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c) setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, &(0x7f0000000080)='wg2\x00', 0x4) sendmmsg(r0, &(0x7f0000000440)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000001c0)="82816bf5e64186c0c391e094b8764e0e8fa233c8708da88cc98db18f62a624c97ea5995355554f943fe65f6fbc2229b434fbf599be53eb133be3c34719dbe3835443412ff98023dc54a5fb175dfeeb1e0407fc06efdedc89af37e7f4f0e279c10ffe78ed392252418e820f7aeb975539dad8b496d15f1fd5bdfd1c1f61928a6f354d283a6b52552f817e78c93cfb1afe47fc2cb432ec17996874de00ae131d4f1e10cec2fb948bad31ee4e49e461fc10039aa36732f293d486bb3d4dd07a2313c0ccb716a17a5d932d090a89189a32e55817943d8d57e99097eb52614008d200630cbb0647e93d6aad11", 0xea}, {&(0x7f0000001700)="53c1e2be0cd5b02571e66ad16b0085c714a8da74d122e45511c94d4320bbd0b08ae318649c0081bd276ca050b03cf27a23c9a9e01d3d1fa6dd816621758dd542ad1128d91036974e6fafec17eb6d5dd9fd241182965d7f8e7db7297fe524eb1ba3e1204f2abe9b8c4408fd05547cbb7253ac7b953aef4c5a7641b34847d349b7a27e8e9e78ab584b6f2fa62df6c1d5c521d26761e7ed285ba29b44e229d884db78bb205bc8639f6931b6d6e29929f1bf2e8f652fe1268645f797c841e83fc7f134c1375847162848909805658c831e8bba0ecc4b119de9b0f03763d88a516cebbfc69f4c7885c003e2b1790512162908e08e6fcda21a708200470d4870b0949a5f6b52ad9f745381a577c66b49d9694cff208d1e460a8b26b8ca511c7652f9cbe3eba22a1c1643a928747dfb23ddbe201d986df05103583cde8bbcac72caaefa40ac249e85c2fe8266db3969af9b9a4527d90d33cb6cea0ebcc37525f64ab2b95eb8580d3831334fd14e60b3d5fc6579598e64a2ba1fa5dd1304cb8fe5e93432c0613b1dc90260da02030a41fad635efdb6cfd3338cc01ae9a046e8c8d657ef7efd606635680ab7c47b6d728a671f15fbefb10649df75c208c0d0b7cddb187f0aa4d936c2ce716642280460029dd30a96bf5d136d034504a9bd2278875066fb6e1f3e8a400a86e48cfc6f560f5aab3fe752ffcec75b3f113581233f77ddc522523ded66bf9574c5d9999af8226705ea7b7ae89627c626fe80d53a9b4ba93bdca48102328c2ae3c7db98d500c59c42373eff6ab6fe233b8bd07bca28606adf6595203f084858e91af266f23a7ffd30ab6cd410f305a8c09e7c0d1894a8fbe91ee07099719087c925bf42694e0267b12c661382c2a301d8744181e92806fa5acef5c71f200a23cddcc49b3547bcbd86458fb6a42595be8a93e5b69247fcecf18e30104450d6ad01b705e871c5afaeb3f7b1c01589dc1d60f28337035bd4c928c9541df4b3a223984a0288a135ff89823da9c26e2cd5c78418ca5d5c98ed37394d228f9944ae12980bf7941ff1e4a4bcc90884955d091290311e413a81f397a862bba958bc44f151c23ca2ff4cd216f9b80b4880eb791809d43f462db98c2ee629269ef07d078a4ab008013b93538d91f77d8155c35c5ab5e2cb41c65db5ec5afe33a8e4324f4a3379b6f80c1b49c2fb6d6e8c1d0939ef61091f633b79357946e692120efafa5ad0eaf5e863dd224f80a910e9528dd2393a24a2645420b331f47f5b20463494173c7b0b9951ab65e2ec6c988c9624404fb78bc580660c74579d3a4041f08c81b596b101995d3d41b681540bc0e37117a55ded733d3ad12a5aca49d33740e91cff425e17794240bb9b10be523a581055ac71697a5f319f8492ccbe43cd743abd0bc53448faf17c4640963703f262dcc16e2d71ac4e8ce8d83c842bc668facab503da54ac8bc3b4f902ada4427cafa28bcac35a931d5abd17ea85f45cd47f53a9ea8e4c0c43b620576f297cd873b25d805c8ef46d3a89b2f3ca78f006bc1ba5cdd34f42df3aa7d5b8511c32412377bb9d7e6b68fada278", 0x45b}], 0x2}}], 0x1, 0x0) 17.125255914s ago: executing program 0 (id=2283): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100009dea7840b418fbff7bdc010203010902"], 0x0) r2 = gettid() sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000005f00)=ANY=[@ANYBLOB="2800000010000100"/20, @ANYRES32=r1, @ANYBLOB="6d3082610000000008001300", @ANYRES32=r2], 0x28}}, 0x0) 15.705579344s ago: executing program 0 (id=2296): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x1}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x18) r1 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0) ioctl$NBD_CLEAR_SOCK(r1, 0x1261) 3.06200977s ago: executing program 4 (id=2435): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000300)='devices.deny\x00', 0x2, 0x0) write$cgroup_devices(r1, &(0x7f0000000200)=ANY=[@ANYBLOB='b 122'], 0xa) 2.969259381s ago: executing program 4 (id=2437): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10) syz_clone(0x1802000, 0x0, 0x0, 0x0, 0x0, 0x0) 2.810682343s ago: executing program 4 (id=2439): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00'}, 0xe3) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r0}, 0x10) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000200), 0x480, 0x0) ioctl$RTC_WKALM_SET(r1, 0x40187013, 0x0) 2.766773383s ago: executing program 4 (id=2440): syz_mount_image$nilfs2(&(0x7f0000000040), &(0x7f0000000300)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x1, 0xaa6, &(0x7f0000001bc0)="$eJzs3U2MW0cBAOCxd73JJilxSkKXNLQJhbb8dNNslvATQVIlQiJqKsSlUsUlStMSEYJEkYCqEklO3GhVBYkTP+LUS1UQEr2gqCculWikCqmnwoEDURCVOEAgcRXvjNee2H22s+tnx98njcfz5j3PvOfn5/c7E4CpVW2+Li8vVEK4+PrLR//x4N/nbw451Bqj3nydbUvVQgiVmJ7NPu/dmZX4+nsvnOwWV8JS8zWlwxNXW9NuDiGcC7vDpVAPOy9efunNpcePnz92Yc9brxy8sj5zDwAA0+Xrlw4u7/jrn+/ddu3V+w6HDa3haf+8HtNb4n7/4bjjn/b/q6EzXWkL7eay8WZjqM53jjfTZbz2cmrZeLM9yp/Lyq/1GG9D+ODyZ9qGdZtvmGRpPa6HSnWxI12tLi6uHJOH5nH9XGXx7OkzzzxXUkWBNffv+0MIu9vCkQud6XELh8agDkOGxhjUYSLD4dGVda2xovR5HlFobC17CwSwIr9eeItz+ZmF29P6tNn+yr/6WLX79LAGRr3+D1T+XMnlB+X/5rwtDmvnTl2b0nyl39GWmM6vI+T3L/X+/eVXOjqH5tcjan3Ws9d1hEm5vtCrnjMjrsewetU/Xy/uVF+OcVoOX8ny238/+Xc6Kd8x0N1/8vP/giCMdwgd6drtfFaj5O0PML7y++Ya6fpolN/Xl+dvKMjfWJA/X5C/qSB/c0E+TLPfff+n4cXK6nF+fkw/6PnwdJ7trhh/aMD65OcjBy0/v+93ULdbfn4/MYyzP5x48tQXnn7q8sr9/5XW+n8jru/pcKMef1uX4gjpfGF+Xr1173+9s5xqj/HuzupzV5fxm++3d45X2b76OaFtO3NLPRY6p9vaa7xdnePVs/HmY9iY1TffP9mUTZf2P9J2NS2v2Wx+a9l8zGX1SNuVbTHO6wHDSOtjr/v/0/q5EGqVZ06fOfVoTKf19E8ztQ03h+8bcb2B29fv8z8LofP5ny2t4bVq+3Zh6+rwysp24bX4eZ3Dl1rldA7fH9Ppf+5bM/PN4Ysnv3vm6bWffZhqz/3o+W+fOHPm1Pe8GfrNV8ejGoO8SYct41Ifb8buTckbJmDd7f3xyk7AI6e/c+LZU8+eOrv/wIH9S0sHvrh/eW9zv35v+959u3Ml1BZYS6t/+mXXBAAAAAAAAAAAAOjXD44dvfz2G59/Z+X5/9Xn/9Lz/+nO3/T8/0+y5//z5+TTc/DpOcBtXfKb42QNrM5l49Vi+HBW3+1ZOTuy6T4S41Y/fvH5/1Rc3q5rqs892fBaj2TWnMAt7aXMZW2Q5P0FfjzGF2L86wAlqsx3Hxzjovat07qe2qdoa5eioX3gyZG+t7Q2pHZM0vPfXdt1avuyt42gjqy9UTxOWPY8At39c6ra//7X6oyXXhehd5gdbXk/n951otFzL73fHmwA1kbZ/X+m854pPvvHr228GdJoVx/r3F7m7ZfCIP7ydmd63PufXO/y8377Rl1+2fM/6v4/W/3f9b39y3rMqw9X7n9/ceWdtmLDzn7Lz+c/tQO9fbDyr8Xy09w8FPorv/GrrPz8glCf/peVv6nP8m+Z/13Dlf//WH5abA8/0G/5KzWuVDvrkZ83Ttf/8vPGyfVs/lPbnh9Q/jee7zb/Q3bUeCOWD9NsUvqZHVS2H9HaaR++/9/o3Nr2/9uqbLZZy+/D+FxMpw1xus8h7+9k0Pqn+yvS/8CO7PMrBf9v+v+dbF+KcdHvIfX/m9bHevzLb0s3l2VK17os2zt1WwOT6t2puv43EWHjGNRB6D80ZoaYrtVPXMn1bzQa63tCq0CphVP68i/7OKHs8ste/kXy/n/zffi8/988P+//N8/P+//N8+fjN9QrP+//N1+eef+/ef492efm/QMvFOR/tCB/Z/f81mH7vQXT7yrI/1hB/p5W/qGOMVL+fQXT31+Qf3dB/gMF+Z8oyP9kQf6DBfkPt+W39wGd8j9VMP2dLj2PMq3zD9Msfz7P7x+mR7r+0+v3v70gH5hcP3t135GnfvvN+srz/3Ot8yHpOt7hmK7F46cfxnR+3Tu0pW/mvRHTf8vyx/18B0yTvP2M/P/9oYJ8YHKl+7z8vmEKVTZ2Hxzjonareu3nM1k+HePPxPizMX4kxosx3hvjfTFeGlH9WB9HXvv9wRcrq8f7W7P8fu8nz58H6mgnKoSwv8/65OcHBr2fPW/Hb1C3W/6Qj4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACUptp8XV5eqIRw8fWXjz55/PTem0MOtcaoN19n21K11nQhPBrjmRj/Mr65/t4LJ9vjGzGuhKVQCZXW8PDE1VZJm0MI58LucCnUw86Ll196c+nx4+ePXdjz1isHr6zfEgAAAIA73/sBAAD//weuDxQ=") capset(&(0x7f0000000dc0)={0x20080522}, &(0x7f0000000e00)={0x0, 0x4, 0x4, 0x0, 0x80000, 0xffffffff}) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='.\x00', 0x0, 0x0) ioctl$FITRIM(r0, 0x40186e8d, 0x0) 2.422497326s ago: executing program 4 (id=2443): bpf$MAP_CREATE(0x0, 0x0, 0x48) tgkill(0x0, 0x0, 0x21) wait4(0x0, 0x0, 0x40000000, 0x0) syz_usb_connect(0x2, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x141, 0xfb, 0xb7, 0xf3, 0x20, 0x3859, 0x4c65, 0x906f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x1a0, 0x0, [{{0x9, 0x4, 0x53, 0x2, 0x0, 0x8, 0x1, 0x1}}]}}]}}, 0x0) 1.642258404s ago: executing program 5 (id=2449): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_JOIN_OCB(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000600)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010028bd700003dcdf256c00000008000300", @ANYRES32=r1], 0x3c}, 0x1, 0x0, 0x0, 0x4000880}, 0x448d0) 1.560133255s ago: executing program 5 (id=2450): timer_create(0xfffffffffffffffc, 0x0, &(0x7f0000001400)) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x1}]}) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}}, 0x0) 1.01582628s ago: executing program 4 (id=2456): r0 = syz_usb_connect(0x3, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0) syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x8, &(0x7f0000000980)=ANY=[@ANYBLOB="bcea"]) r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0x0) ioctl$EVIOCSFF(r1, 0x40304580, &(0x7f00000001c0)={0x51, 0x3, 0x560c, {0x803, 0x5d5}, {0xfffa, 0x2}, @cond=[{0x1, 0x3, 0x0, 0x6, 0x0, 0x8}, {0x6, 0x1, 0xa2dd, 0x6, 0x0, 0x8}]}) 908.135091ms ago: executing program 2 (id=2458): socket$inet_icmp_raw(0x2, 0x3, 0x1) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x28}}, 0x10) syz_emit_ethernet(0x6a, &(0x7f00000006c0)={@broadcast, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x5c, 0x64, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x2c}}, @time_exceeded={0x5, 0xea452954ff7d0934, 0x0, 0x12, 0x0, 0x3f18, {0x10, 0x2, 0x0, 0x0, 0x0, 0x0, 0xfffd, 0xd, 0x1, 0x0, @dev={0xac, 0x14, 0x14, 0x9a}, @empty, {[@lsrr={0x83, 0x17, 0x99, [@dev={0xac, 0x14, 0x14, 0x30}, @private=0xa010100, @private=0xa010102, @private=0xa010100, @dev={0xac, 0x14, 0x14, 0x3a}]}, @timestamp_prespec={0x44, 0x14, 0x82, 0x3, 0x1, [{@local, 0x2}, {@rand_addr=0x64010101, 0xc00000}]}]}}}}}}}, 0x0) 865.825832ms ago: executing program 2 (id=2459): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) syz_emit_ethernet(0x2e, &(0x7f0000000980)={@multicast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1}, {0x0, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x1, 0x2, 0x81, 0x0, @void}}}}}}}, 0x0) recvmmsg(r0, &(0x7f00000039c0)=[{{0x0, 0x0, &(0x7f0000000540)=[{0x0, 0x20}, {&(0x7f0000001940)=""/4096, 0x1000}], 0x2}, 0x7061ab3a}], 0x1, 0x0, 0x0) 825.363632ms ago: executing program 2 (id=2460): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000006040), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000006080)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000006180)={0x0, 0x0, &(0x7f0000006140)={&(0x7f0000000000)={0x48, r1, 0x11, 0x70bd2b, 0x25dfdbfd, {{}, {@void, @val={0x8, 0x3, r2}, @val={0xc, 0x99, {0xfffffffb, 0xfffffffc}}}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'pimreg\x00'}, @NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0x48}, 0x1, 0x0, 0x0, 0x4}, 0x10) 720.144653ms ago: executing program 2 (id=2461): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000040)='contention_end\x00', r0}, 0x18) r1 = socket$netlink(0x10, 0x3, 0x4) writev(r1, &(0x7f0000000140)=[{&(0x7f0000000200)="580000001400add4275a1bf00c45b45602067fffffff81005e22000d00ff0028925aa8002000eaa57b00090080000efffeffe809000000ff0000f03a0200f0ffffffffffffffffffffffffe7ee0000000000000000020000", 0x58}], 0x1) 646.026504ms ago: executing program 34 (id=2296): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x1}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x18) r1 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0) ioctl$NBD_CLEAR_SOCK(r1, 0x1261) 639.154493ms ago: executing program 5 (id=2463): r0 = socket$key(0xf, 0x3, 0x2) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0xc) getsockopt$sock_buf(r0, 0x1, 0x38, 0xffffffffffffffff, &(0x7f0000000000)) 635.942244ms ago: executing program 2 (id=2464): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000003880)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-ssse3\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg(r1, &(0x7f0000000340)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000004c00)="35b78a259c3d306dedbc8d57d8c01078a4dd14fd58c260c512c386d87551f18513e8b66626c8ad409a8ab83313b561a46f857ff0f17f6e18f5f37fdc57fe91ae9be5e427bde7e705a5998fe6c7e81613c7750078aa39ca3950011baca521f3d9c9acf8e3bfbb0e5485f1bc4934f5ffd9ceef098f7ab6adae48f5a275c3d4c09f1ec3fddde01d2257b8e71ef4250198cf630763f021c0a9345d25adaead684f2b59664bad71b8d5ae00a0e83e9734ba65390dfadea91820fa32163f4e0aa80949755f0b337c6bfe47a71e0f7a8492f675381ab13b161f2169ea2cdceed60177b5", 0xe0}, {&(0x7f0000004d00)="2e8f01702f94fde65d9d351be63d69be781cfe819b9603e82489b6d996aef081a6bebc529e724ea6ab554b7e18cb1ba69474b3961c30efbeb8a09ee4f18d5d617507a03077e3f0121e347f63fa409968c94a5ae6d261fe17a4c123d2a5cbbf", 0x5f}, {&(0x7f00000002c0)="d4", 0xfffffe1d}, {&(0x7f0000000380)="4017f417a8547ccfd00e7f45276c6b0ec9e54f05e5d3d6e101245297cddb7117372f9d866cf1417b4329c52ad58395ac11aa38ca1a3408716c0f5515b118d6d146b6f34cce9fad370d035b1cb265641c3d5397fa352c7a500f540e149f943aa3f7d2aeb3cdc7337f57e11e0fe52c17cbd45f38b395d51a286280ab6d7049adc2597038f232907cfcac93e3bc8b71faf762646154579513e691781039fd", 0x9d}], 0x4}}], 0x1, 0x0) 499.898535ms ago: executing program 5 (id=2465): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1) sendmsg$NFC_CMD_START_POLL(r0, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010029bd7000fbdbdf250600000008000e00800000000800010010"], 0x2c}, 0x1, 0x0, 0x0, 0x20008010}, 0x24000000) 285.658717ms ago: executing program 5 (id=2466): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe511195418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f000010000000000000905ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400bee3dfc8fb24f67c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74abaa7c95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595270fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f76dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99f0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d164118e4cbe02400000000ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a4867217373934bbd42dcb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000001700d6d5210d7560eb92d6a97a27602b81f76386f1535b1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946932d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1fc8df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be2f5656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28de0bbc76d58dd92606b1ef6486c85fa3e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6968d12418a4d2a0d086d8438d415d713acebc5b014e61a543a5a391f03daca80f08f0e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e112645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c000000000000000000000000000000a1c3da144589dcaddb71cf9374843e23f992a237a9040747e0434a8a643990b4059a98411ce867d1af7e8ea89f49e6f564d4dce8a7d6939a9214a7f39e83bd247e03a09dba000000000000000000000000aaf033d47249c8444bc13844cbf1be617d82b269e5ea0c0d525603c0ec543ea581f63893ae414a6683e941fdbdff03cfc5f8744583c0aa766a65321f907927a59d75b47f06895e8471ebc2840ce5bd054df223fb09b9c739ad64cfcfd2d498b0f11056f6c40874cb977c99b6bc1a8732198a17e610082b7ce0365f271b11d4b4a3d4c7d0bb273f406ecd4b26c93151c30f5a269991402d109becb1b9bafcb2b47e940000000000e540d8b0db3774effb7469a21f96e2594b2973ebf7a1bd9ace2ed4d6eb1735f85885be5be74dc2ea5d7d499bd28271b98f187f5879b16b409a04d78175cc8d0f707c822805d7011ed4b22419186dd2b22aadf15828db2ca19d79e1bf2f7989237ee5cb2e1eb7b2bfc92d3aa95a26f060935c4fee8b2d7d0bf3c6d82d04329164bd4ee0b8060183f36762b0440d9082d7c8b06e4c2024f77e1018758d28e7ee290f32a48bfc2aa10b3dba9bff00d2410f3477a8e0df689c880dc9a677cfaa16603527c06625a3363744cea5f2d350224cc0fea76c72ca08507235c67346722f20690fde0790f040f5fd3eff75f9b291cc5e9c686ebaadbe756c6fa039ff441e427ed12578d5cb041ebf729cfaa575cc852fbdb54e60435e6d62b9d270433b220ed9ff1ff042b8d3d866231c460765"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x1f) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r0}, 0x10) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1) mount(&(0x7f00000001c0)=@filename='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000001200)='vfat\x00', 0x0, 0x0) 98.196049ms ago: executing program 2 (id=2467): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181040, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000500)=ANY=[@ANYBLOB="01000000000000004503"]) 0s ago: executing program 5 (id=2468): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000079190000000000007a0000000000000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94) r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x27}, 0x74) setsockopt$nfc_llcp_NFC_LLCP_RW(r0, 0x118, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): 0: iget: bad i_size value: 12154757448730 [ 250.072512][ T9858] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 250.171649][T10463] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.1630: couldn't read orphan inode 13 (err -117) [ 250.205694][T10463] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 250.283612][T10463] fscrypt (loop4, inode 2): Error -61 getting encryption context [ 250.410367][ T8771] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 250.446508][T10476] loop0: detected capacity change from 0 to 2048 [ 250.532783][T10476] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 250.554714][T10476] ext4 filesystem being mounted at /404/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 250.736388][ T5793] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 251.101103][T10483] loop4: detected capacity change from 0 to 32768 [ 251.197374][T10483] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 251.259727][T10508] loop0: detected capacity change from 0 to 1024 [ 251.337967][T10508] hfsplus: xattr searching failed [ 251.347079][T10514] input: syz1 as /devices/virtual/input/input27 [ 251.408285][ T8771] ocfs2: Unmounting device (7,4) on (node local) [ 251.419641][ T1025] hfsplus: b-tree write err: -5, ino 3 [ 251.476009][T10516] loop2: detected capacity change from 0 to 1024 [ 251.484357][T10516] EXT4-fs: Ignoring removed nomblk_io_submit option [ 251.520407][T10518] loop0: detected capacity change from 0 to 512 [ 251.533505][T10516] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 251.575911][T10516] EXT4-fs (loop2): shut down requested (2) [ 251.582975][T10518] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 251.603715][ T2128] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 251.638153][T10518] ext4 filesystem being mounted at /408/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 251.662619][ T5795] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 251.728888][ T27] audit: type=1800 audit(1752055516.260:187): pid=10518 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1654" name="file1" dev="loop0" ino=18 res=0 errno=0 [ 251.783558][ T2128] usb 6-1: Using ep0 maxpacket: 8 [ 251.795567][ T2128] usb 6-1: config 0 has no interfaces? [ 251.805976][ T2128] usb 6-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 251.833546][ T2128] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 251.848392][ T5793] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 251.855646][ T2128] usb 6-1: config 0 descriptor?? [ 251.911652][T10532] loop4: detected capacity change from 0 to 256 [ 251.933860][T10532] exfat: Deprecated parameter 'utf8' [ 251.956596][T10534] loop2: detected capacity change from 0 to 1024 [ 251.957292][T10532] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d) [ 252.075886][ T28] usb 6-1: USB disconnect, device number 5 [ 252.235075][T10545] netlink: 'syz.4.1665': attribute type 4 has an invalid length. [ 252.599179][T10540] loop0: detected capacity change from 0 to 32768 [ 252.688912][T10540] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 252.993287][ T5793] ocfs2: Unmounting device (7,0) on (node local) [ 253.495480][T10559] loop5: detected capacity change from 0 to 32768 [ 253.747955][T10572] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode [ 253.781132][T10572] macsec1: entered promiscuous mode [ 253.791408][T10572] macsec1: entered allmulticast mode [ 253.803428][T10572] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode [ 253.810739][T10581] loop4: detected capacity change from 0 to 1024 [ 253.843998][T10581] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 253.927517][T10581] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 254.115994][ T8771] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 254.155001][T10577] loop2: detected capacity change from 0 to 32768 [ 254.192090][T10577] ocfs2: Slot 0 on device (7,2) was already allocated to this node! [ 254.250158][T10577] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 254.488200][ T5795] ocfs2: Unmounting device (7,2) on (node local) [ 255.102429][T10615] loop4: detected capacity change from 0 to 4096 [ 255.345373][T10628] netlink: 'syz.2.1703': attribute type 1 has an invalid length. [ 255.515044][T10632] program syz.2.1697 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 255.817410][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.824078][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.157889][T10649] veth0_to_team: entered promiscuous mode [ 256.173417][T10649] veth0_to_team: entered allmulticast mode [ 256.316194][T10651] loop4: detected capacity change from 0 to 8192 [ 256.405021][T10657] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1709'. [ 256.473717][ T24] block nbd0: Possible stuck request ffff8880220a8000: control (read@0,1024B). Runtime 150 seconds [ 256.484551][ T24] block nbd0: Possible stuck request ffff8880220a8200: control (read@1024,1024B). Runtime 150 seconds [ 256.495727][ T24] block nbd0: Possible stuck request ffff8880220a8400: control (read@2048,1024B). Runtime 150 seconds [ 256.506834][ T24] block nbd0: Possible stuck request ffff8880220a8600: control (read@3072,1024B). Runtime 150 seconds [ 256.508032][T10636] loop2: detected capacity change from 0 to 32768 [ 256.562908][T10636] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 256.751269][T10636] XFS (loop2): Ending clean mount [ 256.761976][T10636] XFS (loop2): Quotacheck needed: Please wait. [ 256.899693][T10636] XFS (loop2): Quotacheck: Done. [ 256.993416][ T785] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 257.140337][ T5795] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 257.193718][ T785] usb 1-1: Using ep0 maxpacket: 16 [ 257.217981][ T785] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 257.242163][ T785] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 257.254963][ T785] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 257.264764][ T785] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 257.274967][ T785] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 257.291707][ T785] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 257.302167][ T785] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 257.311083][ T785] usb 1-1: Manufacturer: syz [ 257.331784][ T785] usb 1-1: config 0 descriptor?? [ 257.363512][T10686] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1720'. [ 257.663501][ T785] rc_core: IR keymap rc-hauppauge not found [ 257.669438][ T785] Registered IR keymap rc-empty [ 257.693751][ T785] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 257.748662][ T785] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 257.804454][ T785] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0 [ 257.836960][ T785] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input28 [ 257.872396][ T785] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 257.952666][ T785] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 257.969479][T10698] loop5: detected capacity change from 0 to 1024 [ 257.994587][ T785] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 257.997101][T10698] EXT4-fs: Ignoring removed oldalloc option [ 258.012530][T10698] EXT4-fs: Ignoring removed orlov option [ 258.022456][T10698] EXT4-fs (loop5): stripe (1570) is not aligned with cluster size (16), stripe is disabled [ 258.033737][ T785] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 258.083968][ T785] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 258.099459][T10692] loop2: detected capacity change from 0 to 32768 [ 258.111580][T10698] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 258.152205][ T785] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 258.171197][T10698] EXT4-fs error (device loop5): ext4_xattr_inode_iget:445: comm syz.5.1723: error while reading EA inode 32 err=-116 [ 258.193403][ T27] audit: type=1800 audit(1752055522.720:188): pid=10692 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1719" name="file1" dev="loop2" ino=4 res=0 errno=0 [ 258.195084][T10698] EXT4-fs (loop5): Remounting filesystem read-only [ 258.223702][ T785] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 258.235741][T10698] EXT4-fs warning (device loop5): ext4_xattr_inode_inc_ref_all:1146: inode #18: comm syz.5.1723: cleanup dec ref error -5 [ 258.248894][T10698] EXT4-fs warning (device loop5): ext4_xattr_block_set:2202: inode #18: comm syz.5.1723: dec ref error=-5 [ 258.276077][ T785] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 258.334090][ T785] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 258.359559][ T9858] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 258.387359][ T785] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 258.435411][ T785] mceusb 1-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 258.462192][ T785] mceusb 1-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 258.506831][ T785] usb 1-1: USB disconnect, device number 19 [ 258.581507][T10712] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 259.085639][T10736] loop0: detected capacity change from 0 to 64 [ 259.103504][ T2128] usb 3-1: new full-speed USB device number 14 using dummy_hcd [ 259.304367][ T2128] usb 3-1: config 0 has no interfaces? [ 259.312015][ T2128] usb 3-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae [ 259.338995][ T2128] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 259.361694][ T2128] usb 3-1: Product: syz [ 259.369528][ T2128] usb 3-1: Manufacturer: syz [ 259.381747][ T2128] usb 3-1: SerialNumber: syz [ 259.389134][ T2128] usb 3-1: config 0 descriptor?? [ 259.620529][T10732] loop4: detected capacity change from 0 to 32768 [ 259.666983][T10722] netlink: 136 bytes leftover after parsing attributes in process `syz.2.1731'. [ 259.695123][T10722] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 259.728031][T10732] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 259.758340][T10741] loop0: detected capacity change from 0 to 32768 [ 259.765754][T10741] XFS: noikeep mount option is deprecated. [ 259.793967][T10741] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 259.802966][ T9] usb 3-1: USB disconnect, device number 14 [ 259.868698][T10732] XFS (loop4): Ending clean mount [ 259.886794][T10741] XFS (loop0): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 259.907058][T10732] XFS (loop4): Quotacheck needed: Please wait. [ 259.934667][T10741] XFS (loop0): Starting recovery (logdev: internal) [ 259.993526][T10741] XFS (loop0): Ending recovery (logdev: internal) [ 260.043912][T10732] XFS (loop4): Quotacheck: Done. [ 260.075881][T10764] loop5: detected capacity change from 0 to 2048 [ 260.094215][T10765] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 260.124781][ T5793] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 260.212436][ T8771] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 260.575576][T10773] Bluetooth: MGMT ver 1.22 [ 260.751857][T10775] loop0: detected capacity change from 0 to 4096 [ 260.974149][T10785] loop4: detected capacity change from 0 to 1024 [ 260.991158][T10785] EXT4-fs: Ignoring removed orlov option [ 261.033518][T10785] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 261.092426][T10790] sctp: [Deprecated]: syz.0.1754 (pid 10790) Use of struct sctp_assoc_value in delayed_ack socket option. [ 261.092426][T10790] Use struct sctp_sack_info instead [ 261.147100][T10785] EXT4-fs error (device loop4): ext4_expand_extra_isize_ea:2797: inode #2: comm syz.4.1762: corrupted in-inode xattr: bad e_name length [ 261.380451][ T8771] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 261.544451][T10800] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1758'. [ 261.712748][T10805] loop0: detected capacity change from 0 to 1024 [ 261.762271][T10805] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 262.111717][T10818] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1766'. [ 262.140134][T10820] loop5: detected capacity change from 0 to 16 [ 262.156333][T10820] erofs: (device loop5): mounted with root inode @ nid 36. [ 262.343679][T10822] loop2: detected capacity change from 0 to 2048 [ 262.360109][T10822] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 262.373645][ T28] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 262.446113][ T5793] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 262.580113][ T28] usb 5-1: Using ep0 maxpacket: 8 [ 262.611635][ T28] usb 5-1: config 0 has no interfaces? [ 262.619537][ T28] usb 5-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 262.629174][ T28] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 262.641200][ T28] usb 5-1: config 0 descriptor?? [ 262.711783][T10824] loop5: detected capacity change from 0 to 32768 [ 262.720295][T10824] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.1769 (10824) [ 262.735073][T10824] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 262.745667][T10824] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm [ 262.754735][T10824] BTRFS info (device loop5): force clearing of disk cache [ 262.761856][T10824] BTRFS info (device loop5): enabling auto defrag [ 262.768386][T10824] BTRFS info (device loop5): max_inline at 0 [ 262.774796][T10824] BTRFS info (device loop5): enabling disk space caching [ 262.782707][T10824] BTRFS info (device loop5): disk space caching is enabled [ 262.809280][T10824] BTRFS info (device loop5): enabling ssd optimizations [ 262.819128][T10824] BTRFS info (device loop5): rebuilding free space tree [ 262.832039][T10824] BTRFS info (device loop5): disabling free space tree [ 262.839150][T10824] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 262.848918][T10824] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 262.873926][ T785] usb 5-1: USB disconnect, device number 10 [ 262.992178][ T9858] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 263.612418][T10862] loop4: detected capacity change from 0 to 4096 [ 263.672831][T10862] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 263.715105][T10868] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1783'. [ 263.782392][ T27] audit: type=1800 audit(1752055528.310:189): pid=10862 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1778" name="file2" dev="overlay" ino=31 res=0 errno=0 [ 263.829907][T10872] loop5: detected capacity change from 0 to 1024 [ 263.850513][T10872] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 263.915034][ T8771] ntfs3: loop4: ino=9, ntfs_sync_fs failed, -22. [ 263.935858][T10872] EXT4-fs error (device loop5): ext4_clear_blocks:883: inode #14: comm syz.5.1784: attempt to clear invalid blocks 1886221359 len 1 [ 264.074389][ T9858] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 264.104995][ T27] audit: type=1326 audit(1752055528.630:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10879 comm="syz.2.1789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa0a18e929 code=0x7ffc0000 [ 264.203808][ T27] audit: type=1326 audit(1752055528.660:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10879 comm="syz.2.1789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa0a18e929 code=0x7ffc0000 [ 264.226777][T10882] loop5: detected capacity change from 0 to 1024 [ 264.283882][ T27] audit: type=1326 audit(1752055528.660:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10879 comm="syz.2.1789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faa0a18e929 code=0x7ffc0000 [ 264.367965][ T27] audit: type=1326 audit(1752055528.660:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10879 comm="syz.2.1789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa0a18e929 code=0x7ffc0000 [ 264.413419][ T27] audit: type=1326 audit(1752055528.660:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10879 comm="syz.2.1789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa0a18e929 code=0x7ffc0000 [ 264.473779][ T27] audit: type=1326 audit(1752055528.680:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10879 comm="syz.2.1789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faa0a18e929 code=0x7ffc0000 [ 264.534785][T10890] loop4: detected capacity change from 0 to 512 [ 264.541172][ T27] audit: type=1326 audit(1752055528.680:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10879 comm="syz.2.1789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa0a18e929 code=0x7ffc0000 [ 264.574293][T10890] EXT4-fs: Ignoring removed i_version option [ 264.593484][T10890] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 264.603812][ T27] audit: type=1326 audit(1752055528.690:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10879 comm="syz.2.1789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7faa0a1858e7 code=0x7ffc0000 [ 264.643022][ T27] audit: type=1326 audit(1752055528.690:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10879 comm="syz.2.1789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7faa0a12ab19 code=0x7ffc0000 [ 264.677174][T10890] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 264.679788][T10892] loop5: detected capacity change from 0 to 4096 [ 264.698696][T10890] EXT4-fs (loop4): 1 truncate cleaned up [ 264.705727][T10890] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 264.727567][T10892] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512). [ 264.797703][T10876] loop0: detected capacity change from 0 to 32768 [ 264.827308][T10897] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1797'. [ 264.842473][ T8771] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 264.851954][T10876] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 264.874283][T10892] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 264.881588][T10876] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 264.922207][T10876] gfs2: fsid=syz:syz.0: journal 0 mapped with 7 extents in 0ms [ 264.947394][ T2128] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 264.954748][ T2128] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 265.012847][ T2128] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 58ms [ 265.030293][ T2128] gfs2: fsid=syz:syz.0: jid=0: Done [ 265.042865][T10876] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 265.491357][T10916] loop2: detected capacity change from 0 to 2048 [ 265.517055][T10921] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 265.565865][T10923] loop5: detected capacity change from 0 to 512 [ 265.573131][T10923] EXT4-fs: Ignoring removed i_version option [ 265.580471][T10923] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 265.634368][T10923] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 265.652407][T10923] EXT4-fs (loop5): 1 truncate cleaned up [ 265.660295][T10923] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 265.758096][ T9858] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 265.942208][T10936] loop2: detected capacity change from 0 to 4096 [ 265.961076][T10936] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 266.008552][T10938] loop5: detected capacity change from 0 to 128 [ 266.041830][T10936] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 266.083371][T10938] FAT-fs (loop5): error, corrupted directory (invalid i_start) [ 266.090978][T10938] FAT-fs (loop5): Filesystem has been set read-only [ 266.198723][T10944] team_slave_0: entered promiscuous mode [ 266.204462][T10944] team_slave_1: entered promiscuous mode [ 266.212117][T10944] macsec1: entered promiscuous mode [ 266.227450][T10944] team0: entered promiscuous mode [ 266.235505][T10944] team0: Device macsec1 is already an upper device of the team interface [ 266.245920][T10944] team0: left promiscuous mode [ 266.251224][T10944] team_slave_0: left promiscuous mode [ 266.256743][T10944] team_slave_1: left promiscuous mode [ 266.293913][ T9] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 266.418018][T10950] loop2: detected capacity change from 0 to 2048 [ 266.446593][T10951] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 266.493695][ T9] usb 1-1: Using ep0 maxpacket: 16 [ 266.510996][ T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 266.524777][ T9] usb 1-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=7b.55 [ 266.542051][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 266.560511][ T9] usb 1-1: Product: syz [ 266.565160][T10953] loop4: detected capacity change from 0 to 256 [ 266.581492][ T9] usb 1-1: Manufacturer: syz [ 266.596403][ T9] usb 1-1: SerialNumber: syz [ 266.601585][T10953] FAT-fs (loop4): Directory bread(block 64) failed [ 266.611866][T10953] FAT-fs (loop4): Directory bread(block 65) failed [ 266.622082][T10953] FAT-fs (loop4): Directory bread(block 66) failed [ 266.629511][ T9] usb 1-1: config 0 descriptor?? [ 266.633113][T10953] FAT-fs (loop4): Directory bread(block 67) failed [ 266.641200][T10953] FAT-fs (loop4): Directory bread(block 68) failed [ 266.648109][T10953] FAT-fs (loop4): Directory bread(block 69) failed [ 266.656522][T10953] FAT-fs (loop4): Directory bread(block 70) failed [ 266.663131][T10953] FAT-fs (loop4): Directory bread(block 71) failed [ 266.671925][T10953] FAT-fs (loop4): Directory bread(block 72) failed [ 266.674084][ T9] usb 1-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 266.690569][T10953] FAT-fs (loop4): Directory bread(block 73) failed [ 266.859882][T10948] loop5: detected capacity change from 0 to 32768 [ 266.885836][T10948] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop5 scanned by syz.5.1817 (10948) [ 266.929458][ T9] usb 1-1: USB disconnect, device number 20 [ 266.933435][ T11] usb 1-1: Failed to submit usb control message: -71 [ 266.942755][T10948] BTRFS info (device loop5): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 266.954121][ T11] usb 1-1: unable to send the bmi data to the device: -71 [ 266.961260][ T11] usb 1-1: unable to get target info from device [ 266.979724][T10948] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm [ 266.993593][ T11] usb 1-1: could not get target info (-71) [ 266.995599][T10948] BTRFS info (device loop5): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 266.999413][ T11] usb 1-1: could not probe fw (-71) [ 267.020085][T10948] BTRFS info (device loop5): use zstd compression, level 3 [ 267.042877][T10948] BTRFS info (device loop5): using free space tree [ 267.182139][T10948] BTRFS info (device loop5): enabling ssd optimizations [ 267.204056][T10948] BTRFS info (device loop5): auto enabling async discard [ 267.432431][ T9858] BTRFS info (device loop5): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 267.613854][ T5831] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 267.813780][ T5831] usb 3-1: Using ep0 maxpacket: 8 [ 267.836515][ T5831] usb 3-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 267.853662][ T5831] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 267.877936][ T5831] usb 3-1: Product: syz [ 267.911533][ T5831] usb 3-1: Manufacturer: syz [ 267.923492][ T5831] usb 3-1: SerialNumber: syz [ 267.944463][ T5831] usb 3-1: config 0 descriptor?? [ 267.966266][ T5831] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state. [ 267.985422][ T5831] usb 3-1: setting power ON [ 267.990465][ T5831] dvb-usb: bulk message failed: -22 (2/0) [ 268.009106][ T5831] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 268.023845][ T5831] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID)) [ 268.041417][ T5831] usb 3-1: media controller created [ 268.065589][ T5831] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 268.096225][ T5831] usb 3-1: selecting invalid altsetting 6 [ 268.113716][ T5831] usb 3-1: digital interface selection failed (-22) [ 268.123508][ T5831] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)' [ 268.143277][ T5831] usb 3-1: setting power OFF [ 268.152450][ T5831] dvb-usb: bulk message failed: -22 (2/0) [ 268.171033][T10985] dvb-usb: bulk message failed: -22 (3/0) [ 268.178234][ T5831] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected. [ 268.188290][T10985] cxusb: i2c wr: len=80 is too big! [ 268.188290][T10985] [ 268.196484][ T5831] (NULL device *): no alternate interface [ 268.258042][ T5831] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected. [ 268.297298][ T5831] usb 3-1: USB disconnect, device number 15 [ 268.378158][T10998] loop5: detected capacity change from 0 to 32768 [ 268.403695][T10998] ocfs2: Slot 0 on device (7,5) was already allocated to this node! [ 268.421406][T10998] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 268.493664][ T2128] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 268.594903][ T9858] ocfs2: Unmounting device (7,5) on (node local) [ 268.628517][T11008] loop4: detected capacity change from 0 to 32768 [ 268.644172][T11008] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop4 scanned by syz.4.1838 (11008) [ 268.663464][T11008] BTRFS info (device loop4): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 268.677769][T11008] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm [ 268.690767][T11008] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 268.700766][T11008] BTRFS info (device loop4): use zstd compression, level 3 [ 268.708357][T11008] BTRFS info (device loop4): using free space tree [ 268.724080][ T2128] usb 1-1: Using ep0 maxpacket: 16 [ 268.755686][ T2128] usb 1-1: config 0 has no interfaces? [ 268.780604][T11008] BTRFS info (device loop4): enabling ssd optimizations [ 268.795647][T11008] BTRFS info (device loop4): auto enabling async discard [ 268.808193][ T2128] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 268.830902][ T2128] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 268.851024][T11029] netlink: 'syz.5.1840': attribute type 10 has an invalid length. [ 268.859063][ T2128] usb 1-1: Product: syz [ 268.859083][ T2128] usb 1-1: Manufacturer: syz [ 268.859096][ T2128] usb 1-1: SerialNumber: syz [ 268.861508][ T2128] usb 1-1: config 0 descriptor?? [ 268.961193][ T27] kauditd_printk_skb: 8 callbacks suppressed [ 268.961207][ T27] audit: type=1800 audit(1752055533.490:207): pid=11008 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1838" name="file1" dev="loop4" ino=260 res=0 errno=0 [ 269.048415][T11035] C: renamed from team_slave_0 (while UP) [ 269.065960][T11035] netlink: 'syz.5.1842': attribute type 1 has an invalid length. [ 269.077218][ T8771] BTRFS info (device loop4): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 269.081871][T11035] netlink: 128 bytes leftover after parsing attributes in process `syz.5.1842'. [ 269.102863][T11035] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 269.186662][ T5862] usb 1-1: USB disconnect, device number 21 [ 269.501465][ T2128] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 269.682416][T11053] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1852'. [ 269.692058][ T2128] usb 6-1: Using ep0 maxpacket: 16 [ 269.703986][ T2128] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 269.716050][ T2128] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 269.727076][ T2128] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 269.757158][ T2128] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 269.803418][ T2128] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 269.845240][ T2128] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 269.863692][ T2128] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 269.875616][ T2128] usb 6-1: Manufacturer: syz [ 269.889834][ T2128] usb 6-1: config 0 descriptor?? [ 270.153447][ T5862] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 270.211646][T11055] loop2: detected capacity change from 0 to 32768 [ 270.212857][T11066] loop4: detected capacity change from 0 to 4096 [ 270.223138][T11055] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 scanned by syz.2.1853 (11055) [ 270.242552][T11055] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 270.253158][ T2128] rc_core: IR keymap rc-hauppauge not found [ 270.259337][ T2128] Registered IR keymap rc-empty [ 270.264903][T11055] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 270.274561][ T2128] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 270.281910][T11055] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 270.291770][T11055] BTRFS info (device loop2): use zstd compression, level 3 [ 270.299208][T11055] BTRFS info (device loop2): using free space tree [ 270.306000][ T2128] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 270.334582][ T2128] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0 [ 270.348894][ T2128] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input29 [ 270.365131][ T2128] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 270.373524][ T5862] usb 1-1: Using ep0 maxpacket: 16 [ 270.379908][T11055] BTRFS info (device loop2): enabling ssd optimizations [ 270.387794][ T5862] usb 1-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 270.399168][ T2128] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 270.403777][T11055] BTRFS info (device loop2): auto enabling async discard [ 270.407660][ T5862] usb 1-1: config 0 interface 0 has no altsetting 0 [ 270.420564][ T5862] usb 1-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00 [ 270.438468][ T5862] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 270.446744][ T2128] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 270.471774][ T5862] usb 1-1: config 0 descriptor?? [ 270.477803][ T27] audit: type=1800 audit(1752055535.010:208): pid=11055 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1853" name="file1" dev="loop2" ino=260 res=0 errno=0 [ 270.504172][ T2128] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 270.562699][ T2128] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 270.575374][T11086] loop4: detected capacity change from 0 to 1024 [ 270.603590][ T2128] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 270.611496][ T5795] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 270.643798][ T2128] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 270.682989][ T2128] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 270.745893][ T2128] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 270.803485][ T2128] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 270.857515][ T2128] mceusb 6-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 270.891879][ T2128] mceusb 6-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 270.940416][ T2128] usb 6-1: USB disconnect, device number 6 [ 270.946678][ T5862] nzxt-smart2 0003:1E71:2009.0014: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.0-1/input0 [ 271.217004][T11096] C: entered promiscuous mode [ 271.221781][T11096] team_slave_1: entered promiscuous mode [ 271.235355][T11096] macsec1: entered promiscuous mode [ 271.240665][T11096] team0: entered promiscuous mode [ 271.253275][T11096] team0: Device macsec1 is already an upper device of the team interface [ 271.271830][T11096] team0: left promiscuous mode [ 271.279545][T11096] C: left promiscuous mode [ 271.284082][T11096] team_slave_1: left promiscuous mode [ 271.400391][ T8] usb 1-1: USB disconnect, device number 22 [ 271.833606][ T2128] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 272.026930][ T2128] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 272.120116][T11118] loop0: detected capacity change from 0 to 4096 [ 272.140248][ T2128] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 272.150177][ T2128] usb 6-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00 [ 272.159579][ T2128] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 272.170081][ T2128] usb 6-1: config 0 descriptor?? [ 272.193150][T11118] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 272.283018][T11118] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 272.302980][T11118] ntfs3: loop0: Failed to load $Extend (-22). [ 272.313814][T11118] ntfs3: loop0: Failed to initialize $Extend. [ 272.366442][T11120] loop4: detected capacity change from 0 to 512 [ 272.404304][T11120] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 272.434429][T11120] EXT4-fs (loop4): invalid journal inode [ 272.440347][T11120] EXT4-fs (loop4): can't get journal size [ 272.480619][T11120] EXT4-fs (loop4): 1 truncate cleaned up [ 272.489145][T11120] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 272.606672][ T8771] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 273.002511][ T2128] hid-led: probe of 0003:0FC5:B080.0015 failed with error -71 [ 273.012236][ T2128] usb 6-1: USB disconnect, device number 7 [ 273.628181][T11131] C: entered promiscuous mode [ 273.632965][T11131] team_slave_1: entered promiscuous mode [ 273.643802][T11131] macsec2: entered promiscuous mode [ 273.650876][T11131] team0: entered promiscuous mode [ 273.661174][T11131] team0: Device macsec2 is already an upper device of the team interface [ 273.676582][T11131] team0: left promiscuous mode [ 273.681995][T11131] C: left promiscuous mode [ 273.686532][T11131] team_slave_1: left promiscuous mode [ 273.691363][T11134] loop0: detected capacity change from 0 to 256 [ 273.712880][T11134] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 273.750381][T11133] netlink: 'syz.4.1876': attribute type 10 has an invalid length. [ 273.944726][ T8] kernel read not supported for file /usbmon0 (pid: 8 comm: kworker/0:0) [ 274.111479][T11149] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1884'. [ 274.172788][T11151] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1885'. [ 274.213974][ T9] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 274.403540][ T9] usb 5-1: Using ep0 maxpacket: 32 [ 274.415236][ T9] usb 5-1: config 0 has an invalid interface number: 51 but max is 0 [ 274.443585][ T9] usb 5-1: config 0 has no interface number 0 [ 274.456304][ T9] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 274.468044][T11163] loop5: detected capacity change from 0 to 2048 [ 274.481126][T11163] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=18881, location=18881 [ 274.481360][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 274.507217][ T9] usb 5-1: Product: syz [ 274.511486][ T9] usb 5-1: Manufacturer: syz [ 274.516339][ T9] usb 5-1: SerialNumber: syz [ 274.520014][T11165] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1892'. [ 274.525296][ T9] usb 5-1: config 0 descriptor?? [ 274.534890][T11165] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1892'. [ 274.540202][ T27] audit: type=1800 audit(1752055539.070:209): pid=11163 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1891" name="bus" dev="loop5" ino=1367 res=0 errno=0 [ 274.548708][ T9] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 274.793860][ T9] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 274.820930][ T9] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 274.857938][ T9] kernel write not supported for file /radio1 (pid: 9 comm: kworker/0:1) [ 275.035335][T11181] vlan2: entered promiscuous mode [ 275.040415][T11181] mac80211_hwsim hwsim4 wlan1: entered promiscuous mode [ 275.124021][ C0] quatech-serial ttyUSB0: qt2_process_read_urb - xmit_empty message too short [ 275.327229][ T5878] usb 5-1: USB disconnect, device number 11 [ 275.328715][ C0] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 275.351429][ T5878] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 275.384191][ T5878] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 275.427399][ T5878] quatech2 5-1:0.51: device disconnected [ 275.472111][T11195] netlink: 256 bytes leftover after parsing attributes in process `syz.5.1907'. [ 276.065292][T11218] loop0: detected capacity change from 0 to 256 [ 276.084289][T11218] exfat: Deprecated parameter 'utf8' [ 276.103437][T11218] exfat: Deprecated parameter 'utf8' [ 276.109182][T11218] exfat: Deprecated parameter 'namecase' [ 276.129202][T11218] exfat: Deprecated parameter 'utf8' [ 276.139302][T11218] exfat: Deprecated parameter 'utf8' [ 276.181140][T11218] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e8072e, utbl_chksum : 0xe619d30d) [ 276.731034][T11212] loop5: detected capacity change from 0 to 32768 [ 277.128933][T11239] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1927'. [ 277.360439][T11242] loop0: detected capacity change from 0 to 2048 [ 277.383730][T11242] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=18881, location=18881 [ 277.438568][ T27] audit: type=1800 audit(1752055541.970:210): pid=11242 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1928" name="bus" dev="loop0" ino=1367 res=0 errno=0 [ 277.483110][T11234] loop2: detected capacity change from 0 to 40427 [ 277.493000][T11234] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x7ffff [ 277.520108][T11234] F2FS-fs (loop2): build fault injection attr: rate: 0, type: 0x2 [ 277.536003][T11234] F2FS-fs (loop2): Image doesn't support compression [ 277.554260][T11234] F2FS-fs (loop2): Image doesn't support compression [ 277.572638][T11234] F2FS-fs (loop2): invalid crc value [ 277.611025][T11234] F2FS-fs (loop2): Found nat_bits in checkpoint [ 277.655193][T11255] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1934'. [ 277.674359][T11255] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1934'. [ 277.734942][T11234] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 277.859335][T11234] syz.2.1924: attempt to access beyond end of device [ 277.859335][T11234] loop2: rw=2049, sector=77824, nr_sectors = 960 limit=40427 [ 278.025305][ T5795] syz-executor: attempt to access beyond end of device [ 278.025305][ T5795] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 278.047620][ T5795] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 278.454915][T11272] loop4: detected capacity change from 0 to 32768 [ 278.493925][T11272] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 278.538301][ T27] audit: type=1800 audit(1752055543.070:211): pid=11272 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1941" name="file1" dev="loop4" ino=17058 res=0 errno=0 [ 278.662164][T11280] loop2: detected capacity change from 0 to 2048 [ 278.672272][T11280] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=18881, location=18881 [ 278.717736][ T27] audit: type=1800 audit(1752055543.240:212): pid=11280 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1942" name="bus" dev="loop2" ino=1367 res=0 errno=0 [ 278.783997][ T9] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 278.914605][ T8771] ocfs2: Unmounting device (7,4) on (node local) [ 279.001716][ T9] usb 1-1: Using ep0 maxpacket: 8 [ 279.030352][ T9] usb 1-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 279.050170][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 279.072862][ T9] usb 1-1: Product: syz [ 279.078920][ T9] usb 1-1: Manufacturer: syz [ 279.084865][ T9] usb 1-1: SerialNumber: syz [ 279.091926][ T9] usb 1-1: config 0 descriptor?? [ 279.100071][ T9] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state. [ 279.108310][ T9] usb 1-1: setting power ON [ 279.112837][ T9] dvb-usb: bulk message failed: -22 (2/0) [ 279.123172][ T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 279.154333][ T9] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID)) [ 279.182287][ T9] usb 1-1: media controller created [ 279.185652][T11292] loop5: detected capacity change from 0 to 512 [ 279.196885][T11294] loop4: detected capacity change from 0 to 24 [ 279.204242][T11294] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 279.212775][T11292] EXT4-fs: Ignoring removed nobh option [ 279.223083][T11292] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 279.230521][ T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 279.234576][T11294] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 279.258346][T11292] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 279.283194][ T9] usb 1-1: selecting invalid altsetting 6 [ 279.289755][ T9] usb 1-1: digital interface selection failed (-22) [ 279.302351][T11292] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c018, mo2=0002] [ 279.305924][T11277] dvb-usb: bulk message failed: -22 (3/0) [ 279.316470][ T9] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)' [ 279.323587][T11277] cxusb: i2c wr: len=80 is too big! [ 279.323587][T11277] [ 279.325836][ T9] usb 1-1: setting power OFF [ 279.337269][ T9] dvb-usb: bulk message failed: -22 (2/0) [ 279.343133][T11292] System zones: 1-2, 4-12, 8-8 [ 279.345561][ T9] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected. [ 279.357585][ T9] (NULL device *): no alternate interface [ 279.386948][T11292] EXT4-fs error (device loop5): ext4_orphan_get:1399: inode #15: comm syz.5.1950: iget: bad i_size value: 38620345925642 [ 279.387924][ T9] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected. [ 279.416763][T11292] EXT4-fs error (device loop5): ext4_orphan_get:1404: comm syz.5.1950: couldn't read orphan inode 15 (err -117) [ 279.420368][ T9] usb 1-1: USB disconnect, device number 23 [ 279.470746][T11292] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 279.596641][T11301] netlink: 830 bytes leftover after parsing attributes in process `syz.4.1952'. [ 279.620522][T11302] EXT4-fs error (device loop5): ext4_validate_block_bitmap:430: comm syz.5.1950: bg 0: block 5: invalid block bitmap [ 279.667973][T11302] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 440 with error 28 [ 279.686501][T11302] EXT4-fs (loop5): This should not happen!! Data will be lost [ 279.686501][T11302] [ 279.697505][T11302] EXT4-fs (loop5): Total free blocks count 0 [ 279.704714][T11302] EXT4-fs (loop5): Free/Dirty block details [ 279.710696][T11302] EXT4-fs (loop5): free_blocks=0 [ 279.715991][T11302] EXT4-fs (loop5): dirty_blocks=440 [ 279.737733][T11302] EXT4-fs (loop5): Block reservation details [ 279.748842][T11302] EXT4-fs (loop5): i_reserved_data_blocks=440 [ 279.779850][T11304] loop4: detected capacity change from 0 to 1024 [ 279.848869][T11304] hfsplus: request for non-existent node 33554434 in B*Tree [ 279.867975][T11304] hfsplus: request for non-existent node 33554434 in B*Tree [ 279.870113][ T9858] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 279.895516][T11304] hfsplus: request for non-existent node 33554434 in B*Tree [ 279.902831][T11304] hfsplus: request for non-existent node 33554434 in B*Tree [ 279.920119][T11306] hfsplus: request for non-existent node 33554434 in B*Tree [ 279.930792][T11306] hfsplus: request for non-existent node 33554434 in B*Tree [ 280.013041][ T3493] hfsplus: request for non-existent node 33554434 in B*Tree [ 280.028625][ T3493] hfsplus: request for non-existent node 33554434 in B*Tree [ 280.198599][T11319] loop5: detected capacity change from 0 to 256 [ 280.216086][T11319] exfat: Deprecated parameter 'utf8' [ 280.221518][T11319] exfat: Deprecated parameter 'utf8' [ 280.250597][T11319] exfat: Deprecated parameter 'namecase' [ 280.264114][T11319] exfat: Deprecated parameter 'utf8' [ 280.269432][T11319] exfat: Deprecated parameter 'utf8' [ 280.289536][T11319] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e8072e, utbl_chksum : 0xe619d30d) [ 280.603082][T11339] tap0: tun_chr_ioctl cmd 1074025681 [ 280.728054][T11345] loop4: detected capacity change from 0 to 2048 [ 280.761951][T11345] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 280.793209][T11350] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 280.803272][T11349] loop2: detected capacity change from 0 to 256 [ 280.814639][T11349] exfat: Deprecated parameter 'utf8' [ 280.819986][T11349] exfat: Deprecated parameter 'utf8' [ 280.842781][T11349] exfat: Deprecated parameter 'namecase' [ 280.852233][T11349] exfat: Deprecated parameter 'utf8' [ 280.862743][T11352] netlink: 277 bytes leftover after parsing attributes in process `syz.5.1983'. [ 280.865453][T11349] exfat: Deprecated parameter 'utf8' [ 280.893201][T11349] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e8072e, utbl_chksum : 0xe619d30d) [ 281.032557][T11357] vivid-000: disconnect [ 281.041757][T11354] vivid-000: reconnect [ 281.053887][ T8] usb 1-1: new full-speed USB device number 24 using dummy_hcd [ 281.171371][T11362] mkiss: ax0: crc mode is auto. [ 281.255876][ T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 281.281816][ T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 281.312698][ T8] usb 1-1: New USB device found, idVendor=28bd, idProduct=0075, bcdDevice= 0.00 [ 281.334185][ T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 281.351787][ T8] usb 1-1: config 0 descriptor?? [ 281.445936][T11367] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1981'. [ 281.463022][T11355] loop4: detected capacity change from 0 to 32768 [ 281.469972][T11367] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1981'. [ 281.485536][T11366] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1981'. [ 281.495161][T11367] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1981'. [ 281.631638][T11369] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1982'. [ 281.642545][T11369] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1982'. [ 281.716760][T11364] loop5: detected capacity change from 0 to 32768 [ 281.742138][T11364] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 281.781936][ T8] uclogic 0003:28BD:0075.0016: interface is invalid, ignoring [ 281.801640][T11364] XFS (loop5): Ending clean mount [ 281.809372][T11364] XFS (loop5): Quotacheck needed: Please wait. [ 281.879498][T11364] XFS (loop5): Quotacheck: Done. [ 281.990804][ T9] usb 1-1: USB disconnect, device number 24 [ 282.020054][T11382] loop4: detected capacity change from 0 to 512 [ 282.031725][T11382] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 282.032446][ T9858] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 282.083684][T11382] EXT4-fs (loop4): 1 truncate cleaned up [ 282.090494][T11382] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 282.146023][T11388] loop2: detected capacity change from 0 to 4096 [ 282.205071][T11382] EXT4-fs error (device loop4): ext4_read_inline_dir:1565: inode #12: block 7: comm syz.4.1984: path /248/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=40, inode=2085390, rec_len=0, size=80 fake=0 [ 282.272418][T11388] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 282.346830][ T8771] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 282.366158][ T27] audit: type=1800 audit(1752055546.900:213): pid=11388 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1987" name="file2" dev="overlay" ino=31 res=0 errno=0 [ 282.381462][ T8] IPVS: starting estimator thread 0... [ 282.459661][ T5795] ntfs3: loop2: ino=9, ntfs_sync_fs failed, -22. [ 282.503892][T11391] IPVS: using max 18 ests per chain, 43200 per kthread [ 282.667293][ T27] audit: type=1326 audit(1752055547.200:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11402 comm="syz.0.1993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f244538e929 code=0x7ffc0000 [ 282.747639][ T27] audit: type=1326 audit(1752055547.200:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11402 comm="syz.0.1993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f244538e929 code=0x7ffc0000 [ 282.804078][ T27] audit: type=1326 audit(1752055547.240:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11402 comm="syz.0.1993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f244538e929 code=0x7ffc0000 [ 282.881987][T11410] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 282.894917][ T27] audit: type=1326 audit(1752055547.240:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11402 comm="syz.0.1993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f244538e929 code=0x7ffc0000 [ 282.943410][ T27] audit: type=1326 audit(1752055547.240:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11402 comm="syz.0.1993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f244538e929 code=0x7ffc0000 [ 283.011889][ T27] audit: type=1326 audit(1752055547.240:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11402 comm="syz.0.1993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f244538e929 code=0x7ffc0000 [ 283.055973][ T27] audit: type=1326 audit(1752055547.240:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11402 comm="syz.0.1993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f244538e929 code=0x7ffc0000 [ 283.119448][ T27] audit: type=1326 audit(1752055547.240:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11402 comm="syz.0.1993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f244538e929 code=0x7ffc0000 [ 283.188409][ T27] audit: type=1326 audit(1752055547.240:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11402 comm="syz.0.1993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f244538e929 code=0x7ffc0000 [ 283.829336][T11416] loop0: detected capacity change from 0 to 32768 [ 283.874083][T11416] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode. [ 284.078227][ T5793] ocfs2: Unmounting device (7,0) on (node local) [ 284.310420][T11427] loop4: detected capacity change from 0 to 40427 [ 284.363516][T11427] F2FS-fs (loop4): build fault injection attr: rate: 690, type: 0x7ffff [ 284.371976][T11427] F2FS-fs (loop4): build fault injection attr: rate: 0, type: 0x2 [ 284.398787][T11427] F2FS-fs (loop4): Image doesn't support compression [ 284.423477][T11427] F2FS-fs (loop4): Image doesn't support compression [ 284.438719][T11427] F2FS-fs (loop4): invalid crc value [ 284.450162][T11435] loop2: detected capacity change from 0 to 40427 [ 284.460046][T11435] F2FS-fs (loop2): Small segment_count (9 < 1 * 24) [ 284.474014][T11435] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 284.489645][T11427] F2FS-fs (loop4): Found nat_bits in checkpoint [ 284.527512][T11435] F2FS-fs (loop2): Found nat_bits in checkpoint [ 284.569432][T11427] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 284.639950][T11435] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 284.649443][T11435] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 284.731060][ T5795] syz-executor: attempt to access beyond end of device [ 284.731060][ T5795] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 284.753297][T11427] syz.4.2004: attempt to access beyond end of device [ 284.753297][T11427] loop4: rw=2049, sector=77824, nr_sectors = 960 limit=40427 [ 284.763478][ T5795] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 284.964096][T11445] loop0: detected capacity change from 0 to 32768 [ 284.993956][ T8771] syz-executor: attempt to access beyond end of device [ 284.993956][ T8771] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 285.032554][ T8771] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 285.458727][T11466] loop5: detected capacity change from 0 to 512 [ 285.475820][T11466] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 285.518557][T11466] EXT4-fs (loop5): 1 truncate cleaned up [ 285.525522][T11466] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 285.549335][T11466] fscrypt (loop5, inode 18): Mutually exclusive encryption flags (0x0c) [ 285.639934][T11472] loop4: detected capacity change from 0 to 512 [ 285.657910][T11472] EXT4-fs: Ignoring removed nobh option [ 285.687197][ T9858] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 285.695866][T11472] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 285.723439][T11472] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 285.771887][T11472] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c018, mo2=0002] [ 285.785271][T11472] System zones: 1-2, 4-12, 8-8 [ 285.801016][T11472] EXT4-fs error (device loop4): ext4_orphan_get:1399: inode #15: comm syz.4.2018: iget: bad i_size value: 38620345925642 [ 285.836392][T11472] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.2018: couldn't read orphan inode 15 (err -117) [ 285.880684][T11472] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 285.898540][T11486] loop0: detected capacity change from 0 to 256 [ 286.002681][T11489] EXT4-fs error (device loop4): ext4_validate_block_bitmap:430: comm syz.4.2018: bg 0: block 5: invalid block bitmap [ 286.013459][ T2128] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 286.029193][T11489] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 724 with error 28 [ 286.045516][T11489] EXT4-fs (loop4): This should not happen!! Data will be lost [ 286.045516][T11489] [ 286.096513][T11489] EXT4-fs (loop4): Total free blocks count 0 [ 286.102536][T11489] EXT4-fs (loop4): Free/Dirty block details [ 286.119130][T11489] EXT4-fs (loop4): free_blocks=0 [ 286.132158][T11489] EXT4-fs (loop4): dirty_blocks=724 [ 286.145466][T11489] EXT4-fs (loop4): Block reservation details [ 286.151503][T11489] EXT4-fs (loop4): i_reserved_data_blocks=724 [ 286.203698][ T2128] usb 3-1: Using ep0 maxpacket: 8 [ 286.235256][ T2128] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 286.258244][ T2128] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 286.283495][ T2128] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 286.303287][ T2128] usb 3-1: New USB device found, idVendor=046d, idProduct=c293, bcdDevice= 0.00 [ 286.315044][ T2128] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 286.327092][ T2128] usb 3-1: config 0 descriptor?? [ 286.338047][ T8771] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 286.347660][ T5878] hid-generic 00A0:0008:0003.0017: unknown main item tag 0x0 [ 286.355319][ T5878] hid-generic 00A0:0008:0003.0017: unknown main item tag 0x0 [ 286.372103][ T5878] hid-generic 00A0:0008:0003.0017: unknown main item tag 0x0 [ 286.381940][ T5878] hid-generic 00A0:0008:0003.0017: unknown main item tag 0x0 [ 286.393649][ T5878] hid-generic 00A0:0008:0003.0017: unknown main item tag 0x0 [ 286.401201][ T5878] hid-generic 00A0:0008:0003.0017: unknown main item tag 0x0 [ 286.412781][ T5878] hid-generic 00A0:0008:0003.0017: unknown main item tag 0x0 [ 286.431833][T11502] netlink: 212 bytes leftover after parsing attributes in process `syz.5.2036'. [ 286.450403][ T5878] hid-generic 00A0:0008:0003.0017: unknown main item tag 0x0 [ 286.459969][ T5878] hid-generic 00A0:0008:0003.0017: unknown main item tag 0x0 [ 286.483541][ T5878] hid-generic 00A0:0008:0003.0017: unknown main item tag 0x0 [ 286.491004][ T5878] hid-generic 00A0:0008:0003.0017: unknown main item tag 0x0 [ 286.508079][ T5878] hid-generic 00A0:0008:0003.0017: unknown main item tag 0x0 [ 286.515955][ T5878] hid-generic 00A0:0008:0003.0017: unknown main item tag 0x0 [ 286.523834][ T5878] hid-generic 00A0:0008:0003.0017: unknown main item tag 0x0 [ 286.531272][ T5878] hid-generic 00A0:0008:0003.0017: unknown main item tag 0x0 [ 286.547064][ T24] block nbd0: Possible stuck request ffff8880220a8000: control (read@0,1024B). Runtime 180 seconds [ 286.557929][ T24] block nbd0: Possible stuck request ffff8880220a8200: control (read@1024,1024B). Runtime 180 seconds [ 286.569267][ T24] block nbd0: Possible stuck request ffff8880220a8400: control (read@2048,1024B). Runtime 180 seconds [ 286.580392][ T24] block nbd0: Possible stuck request ffff8880220a8600: control (read@3072,1024B). Runtime 180 seconds [ 286.597536][ T5878] hid-generic 00A0:0008:0003.0017: hidraw0: HID v0.00 Device [syz1] on syz0 [ 286.797615][ T2128] logitech 0003:046D:C293.0018: nested delimiters [ 286.810059][ T2128] logitech 0003:046D:C293.0018: item 0 4 2 10 parsing failed [ 286.824150][ T2128] logitech 0003:046D:C293.0018: parse failed [ 286.830248][ T2128] logitech: probe of 0003:046D:C293.0018 failed with error -22 [ 286.907070][T11514] loop0: detected capacity change from 0 to 1024 [ 286.915543][T11516] netlink: 'syz.4.2043': attribute type 3 has an invalid length. [ 286.975015][T11514] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 287.024373][ T9] usb 3-1: USB disconnect, device number 16 [ 287.059214][T11508] loop5: detected capacity change from 0 to 32768 [ 287.099575][ T5793] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 287.109554][T11508] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 287.171772][T11525] loop4: detected capacity change from 0 to 128 [ 287.197855][T11525] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 287.210807][T11525] ext4 filesystem being mounted at /262/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 287.321247][ T8771] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 287.389820][T11532] loop4: detected capacity change from 0 to 512 [ 287.405698][T11532] EXT4-fs (loop4): orphan cleanup on readonly fs [ 287.451565][T11532] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm syz.4.2047: bg 0: block 248: padding at end of block bitmap is not set [ 287.483018][T11532] __quota_error: 2 callbacks suppressed [ 287.483033][T11532] Quota error (device loop4): write_blk: dquota write failed [ 287.512498][T11532] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 287.526246][T11532] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.2047: Failed to acquire dquot type 1 [ 287.579080][T11532] EXT4-fs (loop4): 1 truncate cleaned up [ 287.580726][ T9858] ocfs2: Unmounting device (7,5) on (node local) [ 287.596844][T11532] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 287.664507][T11532] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 287.717987][T11532] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 287.736129][T11536] Quota error (device loop4): do_check_range: Getting block 1536 out of range 0-5 [ 287.846847][ T8771] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 287.898794][T11541] loop5: detected capacity change from 0 to 512 [ 287.942355][T11541] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 288.003657][T11541] ext4 filesystem being mounted at /169/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 288.091460][ T27] audit: type=1800 audit(1752055552.620:225): pid=11541 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2048" name="file2" dev="loop5" ino=16 res=0 errno=0 [ 288.124018][T11551] loop0: detected capacity change from 0 to 512 [ 288.151242][ T9858] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 288.313950][ T9] usb 5-1: new full-speed USB device number 12 using dummy_hcd [ 288.522772][ T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 288.536632][ T9] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 288.555878][ T9] usb 5-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 288.572571][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 288.585219][ T9] usb 5-1: config 0 descriptor?? [ 288.594109][ T9] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 288.600846][ T9] dvb-usb: bulk message failed: -22 (3/0) [ 288.631367][ T9] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 288.652490][ T9] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 288.663240][ T9] usb 5-1: media controller created [ 288.670707][ T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 288.688372][ T9] dvb-usb: bulk message failed: -22 (6/0) [ 288.696578][ T9] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 288.711590][ T9] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input30 [ 288.726559][ T9] dvb-usb: schedule remote query interval to 150 msecs. [ 288.737177][ T9] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 288.897683][ T9] dvb-usb: bulk message failed: -22 (1/0) [ 288.904892][ T9] dvb-usb: error while querying for an remote control event. [ 289.031293][ T5878] usb 5-1: USB disconnect, device number 12 [ 289.055020][ T5878] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 289.164987][T11575] loop2: detected capacity change from 0 to 512 [ 289.172565][T11575] EXT4-fs: Ignoring removed nobh option [ 289.190796][T11575] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 289.206542][T11575] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 289.223478][T11575] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c018, mo2=0002] [ 289.239753][T11575] System zones: 1-2, 4-12, 8-8 [ 289.246569][T11575] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.2064: iget: bad i_size value: 38620345925642 [ 289.252274][T11578] loop5: detected capacity change from 0 to 512 [ 289.276567][T11575] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.2064: couldn't read orphan inode 15 (err -117) [ 289.290560][T11575] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 289.310050][T11580] syzkaller0: tun_chr_ioctl cmd 2147767520 [ 289.317769][T11578] EXT4-fs error (device loop5): ext4_orphan_get:1399: inode #15: comm syz.5.2065: casefold flag without casefold feature [ 289.336236][T11578] EXT4-fs error (device loop5): ext4_orphan_get:1404: comm syz.5.2065: couldn't read orphan inode 15 (err -117) [ 289.366657][T11578] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 289.409937][T11582] EXT4-fs error (device loop2): ext4_validate_block_bitmap:430: comm syz.2.2064: bg 0: block 5: invalid block bitmap [ 289.440103][T11582] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 780 with error 28 [ 289.452720][T11582] EXT4-fs (loop2): This should not happen!! Data will be lost [ 289.452720][T11582] [ 289.464913][T11582] EXT4-fs (loop2): Total free blocks count 0 [ 289.475057][T11582] EXT4-fs (loop2): Free/Dirty block details [ 289.491250][T11582] EXT4-fs (loop2): free_blocks=0 [ 289.501383][T11582] EXT4-fs (loop2): dirty_blocks=792 [ 289.517769][T11582] EXT4-fs (loop2): Block reservation details [ 289.531300][ T9858] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 289.547077][T11582] EXT4-fs (loop2): i_reserved_data_blocks=792 [ 289.794316][ T3445] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 780 with max blocks 12 with error 28 [ 290.302418][T11614] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2080'. [ 290.420491][T11610] loop0: detected capacity change from 0 to 32768 [ 290.438351][T11610] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 290.485472][T11610] XFS (loop0): Ending clean mount [ 290.569304][ T5793] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 290.624497][T11624] loop2: detected capacity change from 0 to 164 [ 290.829775][T11628] loop0: detected capacity change from 0 to 512 [ 290.876407][T11628] EXT4-fs: Ignoring removed nobh option [ 290.903520][T11628] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 290.929883][T11628] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 290.974767][T11628] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c018, mo2=0002] [ 290.983975][T11628] System zones: 1-2, 4-12, 8-8 [ 291.011376][T11628] EXT4-fs error (device loop0): ext4_orphan_get:1399: inode #15: comm syz.0.2081: iget: bad i_size value: 38620345925642 [ 291.082886][T11628] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.2081: couldn't read orphan inode 15 (err -117) [ 291.144229][T11628] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 291.247279][T11652] loop4: detected capacity change from 0 to 256 [ 291.320889][T11652] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 291.347142][T11654] EXT4-fs error (device loop0): ext4_validate_block_bitmap:430: comm syz.0.2081: bg 0: block 5: invalid block bitmap [ 291.377080][ T27] audit: type=1800 audit(1752055555.900:226): pid=11652 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2093" name="file1" dev="loop4" ino=1048663 res=0 errno=0 [ 291.386587][T11652] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008) [ 291.409528][T11654] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 532 with error 28 [ 291.430252][T11654] EXT4-fs (loop0): This should not happen!! Data will be lost [ 291.430252][T11654] [ 291.442649][T11654] EXT4-fs (loop0): Total free blocks count 0 [ 291.457735][T11654] EXT4-fs (loop0): Free/Dirty block details [ 291.463510][T11652] exFAT-fs (loop4): Filesystem has been set read-only [ 291.470803][T11654] EXT4-fs (loop0): free_blocks=0 [ 291.481279][T11654] EXT4-fs (loop0): dirty_blocks=540 [ 291.490515][T11654] EXT4-fs (loop0): Block reservation details [ 291.490698][T11652] exFAT-fs (loop4): error, failed to bmap (inode : ffff8880777e3560 iblock : 8, err : -5) [ 291.500801][T11654] EXT4-fs (loop0): i_reserved_data_blocks=540 [ 291.513951][T11652] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008) [ 291.532696][T11652] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008) [ 291.542123][T11652] exFAT-fs (loop4): error, failed to bmap (inode : ffff8880777e3560 iblock : 8, err : -5) [ 291.563983][T11652] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008) [ 291.742259][T11657] loop4: detected capacity change from 0 to 128 [ 291.756133][ T3493] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 532 with max blocks 8 with error 28 [ 291.804074][T11657] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 291.859101][T11649] loop2: detected capacity change from 0 to 32768 [ 291.910598][T11657] UDF-fs: error (device loop4): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40) [ 292.040145][T11649] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 292.121818][T11649] (syz.2.2092,11649,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=16, inode=65, rec_len=12, name_len=0 [ 292.155187][T11667] loop4: detected capacity change from 0 to 16 [ 292.172442][T11667] erofs: (device loop4): mounted with root inode @ nid 36. [ 292.265652][ T5795] ocfs2: Unmounting device (7,2) on (node local) [ 292.837025][T11677] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2104'. [ 293.000763][T11663] loop5: detected capacity change from 0 to 131072 [ 293.013043][T11663] F2FS-fs (loop5): invalid crc value [ 293.039395][T11663] F2FS-fs (loop5): Found nat_bits in checkpoint [ 293.082161][T11663] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 293.388619][T11697] loop2: detected capacity change from 0 to 64 [ 293.437630][T11699] loop0: detected capacity change from 0 to 2048 [ 293.464496][T11699] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 293.493918][T11701] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2113'. [ 294.279423][T11727] loop4: detected capacity change from 0 to 512 [ 294.294367][T11727] EXT4-fs: Ignoring removed orlov option [ 294.311767][T11727] EXT4-fs: Ignoring removed oldalloc option [ 294.333564][T11727] ext4: Unknown parameter 'defcontext' [ 295.048142][T11736] loop4: detected capacity change from 0 to 32768 [ 295.052801][T11748] loop5: detected capacity change from 0 to 512 [ 295.061919][T11748] EXT4-fs: Ignoring removed nobh option [ 295.069118][T11748] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 295.089832][T11748] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 295.118905][ T27] audit: type=1800 audit(1752055559.650:227): pid=11736 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2128" name="file1" dev="loop4" ino=7 res=0 errno=0 [ 295.150832][T11748] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c018, mo2=0002] [ 295.159844][T11748] System zones: 1-2, 4-12, 8-8 [ 295.193533][T11748] EXT4-fs error (device loop5): ext4_orphan_get:1399: inode #15: comm syz.5.2133: iget: bad i_size value: 38620345925642 [ 295.247362][T11753] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2135'. [ 295.257822][T11753] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2135'. [ 295.263743][T11748] EXT4-fs error (device loop5): ext4_orphan_get:1404: comm syz.5.2133: couldn't read orphan inode 15 (err -117) [ 295.329645][T11755] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2136'. [ 295.337394][T11748] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 295.534502][T11762] EXT4-fs error (device loop5): ext4_validate_block_bitmap:430: comm syz.5.2133: bg 0: block 5: invalid block bitmap [ 295.595419][T11762] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 336 with error 28 [ 295.608862][T11762] EXT4-fs (loop5): This should not happen!! Data will be lost [ 295.608862][T11762] [ 295.628900][T11762] EXT4-fs (loop5): Total free blocks count 0 [ 295.640576][T11762] EXT4-fs (loop5): Free/Dirty block details [ 295.648324][T11762] EXT4-fs (loop5): free_blocks=0 [ 295.655211][T11762] EXT4-fs (loop5): dirty_blocks=336 [ 295.662437][T11762] EXT4-fs (loop5): Block reservation details [ 295.668710][T11762] EXT4-fs (loop5): i_reserved_data_blocks=336 [ 295.765786][ T9858] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 295.833416][ T2128] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 295.866978][T11774] loop5: detected capacity change from 0 to 1024 [ 295.915492][T11774] hfsplus: xattr searching failed [ 295.947666][T11778] tap0: tun_chr_ioctl cmd 1074025677 [ 295.955407][T11778] tap0: linktype set to 825 [ 295.961891][ T48] hfsplus: bad catalog file entry [ 295.968472][ T48] hfsplus: b-tree write err: -5, ino 3 [ 296.054714][ T2128] usb 1-1: config 0 interface 0 has no altsetting 0 [ 296.062003][ T2128] usb 1-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75 [ 296.079186][ T2128] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 296.092282][ T2128] usb 1-1: config 0 descriptor?? [ 296.183545][ T5878] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 296.366501][ T5878] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 296.377829][ T5878] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 296.387791][ T5878] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 296.396897][ T5878] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 296.415511][T11776] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 296.426748][ T5878] usb 3-1: Quirk or no altest; falling back to MIDI 1.0 [ 296.496530][T11784] loop4: detected capacity change from 0 to 32768 [ 296.507736][T11784] (syz.4.2148,11784,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 296.523946][T11784] (syz.4.2148,11784,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 296.548557][T11784] JBD2: Ignoring recovery information on journal [ 296.597686][T11784] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 296.687069][ T785] usb 3-1: USB disconnect, device number 17 [ 296.764668][ T8771] ocfs2: Unmounting device (7,4) on (node local) [ 296.925447][ T2128] video4linux radio48: keene_cmd_main failed (-71) [ 296.932794][ T2128] radio-keene 1-1:0.0: V4L2 device registered as radio48 [ 296.941747][ T2128] usb 1-1: USB disconnect, device number 25 [ 297.567788][T11796] loop5: detected capacity change from 0 to 4096 [ 297.631938][T11802] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 297.663021][T11804] loop0: detected capacity change from 0 to 64 [ 298.019559][T11810] IPv6: NLM_F_CREATE should be specified when creating new route [ 298.073980][T11794] loop4: detected capacity change from 0 to 32768 [ 298.118236][T11794] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 298.153520][ T785] usb 1-1: new full-speed USB device number 26 using dummy_hcd [ 298.175697][ T5862] kernel write not supported for file /1200/loginuid (pid: 5862 comm: kworker/1:5) [ 298.314036][ T8771] ocfs2: Unmounting device (7,4) on (node local) [ 298.367073][ T785] usb 1-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 298.397193][ T785] usb 1-1: config 0 interface 0 has no altsetting 0 [ 298.454151][ T785] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 298.463218][ T785] usb 1-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 298.493433][ T785] usb 1-1: Product: syz [ 298.497631][ T785] usb 1-1: Manufacturer: syz [ 298.502238][ T785] usb 1-1: SerialNumber: syz [ 298.534901][ T785] usb 1-1: config 0 descriptor?? [ 298.556785][ T785] usb 1-1: selecting invalid altsetting 0 [ 298.691339][T11820] loop5: detected capacity change from 0 to 32768 [ 298.726272][ T27] audit: type=1800 audit(1752055563.260:228): pid=11820 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2162" name="file2" dev="loop5" ino=7 res=0 errno=0 [ 298.769523][ T785] usb 1-1: USB disconnect, device number 26 [ 298.893979][T11833] loop2: detected capacity change from 0 to 8192 [ 298.913678][T11833] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 298.953565][T11833] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 298.962872][T11833] REISERFS (device loop2): using ordered data mode [ 298.972155][T11833] reiserfs: using flush barriers [ 298.984005][T11833] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 299.008564][T11833] REISERFS (device loop2): checking transaction log (loop2) [ 299.019659][T11833] REISERFS (device loop2): Using r5 hash to sort names [ 299.030392][T11833] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 299.168190][T11841] loop5: detected capacity change from 0 to 4096 [ 299.178666][T11841] ntfs: (device loop5): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 299.200511][T11841] ntfs: (device loop5): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 299.214231][T11841] ntfs: (device loop5): read_ntfs_boot_sector(): Hot-fix: Recovery of primary boot sector failed: Read-only mount. [ 299.232073][T11841] ntfs: (device loop5): read_ntfs_boot_sector(): Using backup boot sector. [ 299.248557][T11841] ntfs: (device loop5): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 299.263463][T11841] ntfs: (device loop5): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 299.284048][T11841] ntfs: (device loop5): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 299.293113][T11841] ntfs: (device loop5): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 299.326095][T11841] ntfs: volume version 3.1. [ 299.893282][T11861] loop4: detected capacity change from 0 to 512 [ 300.014974][T11861] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 300.040744][T11861] ext4 filesystem being mounted at /291/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 300.133971][T11853] loop0: detected capacity change from 0 to 32768 [ 300.144142][T11853] (syz.0.2178,11853,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 300.159083][T11853] (syz.0.2178,11853,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 300.164826][T11861] EXT4-fs error (device loop4): __ext4_new_inode:1284: comm syz.4.2181: failed to insert inode 16: doubly allocated? [ 300.220611][T11853] JBD2: Ignoring recovery information on journal [ 300.241628][T11855] loop5: detected capacity change from 0 to 40427 [ 300.253461][T11855] F2FS-fs (loop5): heap/no_heap options were deprecated [ 300.285988][T11855] F2FS-fs (loop5): invalid crc value [ 300.295817][T11853] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 300.322054][ T8771] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 300.492618][T11855] F2FS-fs (loop5): Start checkpoint disabled! [ 300.504627][T11855] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6 [ 300.575532][ T5793] ocfs2: Unmounting device (7,0) on (node local) [ 300.705144][ T3445] kworker/u4:10: attempt to access beyond end of device [ 300.705144][ T3445] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 300.727863][ T3445] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 300.937443][T11886] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2188'. [ 300.952068][T11886] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2188'. [ 301.023459][ T5805] Bluetooth: hci0: command tx timeout [ 301.342047][T11897] loop0: detected capacity change from 0 to 4096 [ 301.370778][T11897] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 301.443754][ T5878] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 301.504283][ T27] kauditd_printk_skb: 13 callbacks suppressed [ 301.504297][ T27] audit: type=1800 audit(1752055566.040:229): pid=11897 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2195" name="file1" dev="loop0" ino=33 res=0 errno=0 [ 301.664408][ T5878] usb 3-1: config 0 has no interfaces? [ 301.670165][ T5878] usb 3-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 301.693419][ T5878] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 301.728966][ T5878] usb 3-1: config 0 descriptor?? [ 301.792590][T11907] loop0: detected capacity change from 0 to 4096 [ 301.837162][T11913] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 301.956933][ T28] usb 3-1: USB disconnect, device number 18 [ 301.990230][ T27] audit: type=1326 audit(1752055566.520:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11918 comm="syz.5.2204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72f598e929 code=0x7ffc0000 [ 302.051067][ T27] audit: type=1326 audit(1752055566.520:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11918 comm="syz.5.2204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72f598e929 code=0x7ffc0000 [ 302.104386][ T27] audit: type=1326 audit(1752055566.550:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11918 comm="syz.5.2204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f72f598e929 code=0x7ffc0000 [ 302.143494][ T27] audit: type=1326 audit(1752055566.550:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11918 comm="syz.5.2204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72f598e929 code=0x7ffc0000 [ 302.190283][ T27] audit: type=1326 audit(1752055566.550:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11918 comm="syz.5.2204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f72f598e929 code=0x7ffc0000 [ 302.240430][ T27] audit: type=1326 audit(1752055566.550:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11918 comm="syz.5.2204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72f598e929 code=0x7ffc0000 [ 302.248529][T11928] loop5: detected capacity change from 0 to 1024 [ 302.283217][ T27] audit: type=1326 audit(1752055566.560:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11918 comm="syz.5.2204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72f598e929 code=0x7ffc0000 [ 302.333398][ T27] audit: type=1326 audit(1752055566.560:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11918 comm="syz.5.2204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f72f598e929 code=0x7ffc0000 [ 302.354357][ T785] usb 1-1: new high-speed USB device number 27 using dummy_hcd [ 302.371889][ T3445] hfsplus: bad catalog file entry [ 302.377218][ T3445] hfsplus: b-tree write err: -5, ino 3 [ 302.383522][ T27] audit: type=1326 audit(1752055566.560:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11918 comm="syz.5.2204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000 [ 302.575575][ T785] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 302.603589][ T785] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 302.630383][ T785] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 302.649952][ T785] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 302.669656][T11922] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 302.691723][ T785] usb 1-1: Quirk or no altest; falling back to MIDI 1.0 [ 303.025746][ T785] usb 1-1: USB disconnect, device number 27 [ 303.180500][T11932] loop5: detected capacity change from 0 to 32768 [ 303.583476][ T785] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 303.634935][ T5862] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 303.715962][T11959] loop5: detected capacity change from 0 to 40427 [ 303.724919][T11959] F2FS-fs (loop5): invalid crc value [ 303.732022][T11959] F2FS-fs (loop5): Found nat_bits in checkpoint [ 303.783562][ T785] usb 5-1: Using ep0 maxpacket: 16 [ 303.784483][T11959] F2FS-fs (loop5): Start checkpoint disabled! [ 303.793782][ T785] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 303.797131][T11959] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6 [ 303.823670][ T785] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 303.843544][ T5862] usb 3-1: Using ep0 maxpacket: 16 [ 303.850739][ T5862] usb 3-1: config index 0 descriptor too short (expected 59154, got 18) [ 303.853745][ T785] usb 5-1: config 0 interface 0 has no altsetting 0 [ 303.859379][ T5862] usb 3-1: config 0 has an invalid interface number: 0 but max is -1 [ 303.873401][ T785] usb 5-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 303.886721][ T785] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 303.903890][ T5862] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 303.915342][ T785] usb 5-1: config 0 descriptor?? [ 303.925313][ T5862] usb 3-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15 [ 303.934886][ T5862] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 303.943638][ T5862] usb 3-1: Product: syz [ 303.948428][ T5862] usb 3-1: Manufacturer: syz [ 303.955385][ T5862] usb 3-1: SerialNumber: syz [ 303.962682][ T5862] usb 3-1: config 0 descriptor?? [ 303.970266][ T5862] ssu100 3-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected [ 304.055357][ T1025] kworker/u4:5: attempt to access beyond end of device [ 304.055357][ T1025] loop5: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 304.069992][ T1025] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 304.078462][ T1025] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 304.343926][T11953] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 304.378102][T11953] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 304.613023][T11976] loop5: detected capacity change from 0 to 4096 [ 304.645058][T11976] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512). [ 304.673749][ T785] usb 5-1: USB disconnect, device number 13 [ 304.799042][ T5862] ssu100: probe of 3-1:0.0 failed with error -71 [ 304.817042][ T5862] usb 3-1: USB disconnect, device number 19 [ 305.003057][T11978] loop0: detected capacity change from 0 to 32768 [ 305.011652][T11978] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.2228 (11978) [ 305.036175][T11978] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 305.047504][T11978] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 305.062547][T11978] BTRFS info (device loop0): turning on sync discard [ 305.078145][T11978] BTRFS info (device loop0): enabling ssd optimizations [ 305.085395][T11978] BTRFS info (device loop0): using spread ssd allocation scheme [ 305.093051][T11978] BTRFS info (device loop0): doing ref verification [ 305.100711][T11978] BTRFS info (device loop0): force clearing of disk cache [ 305.115036][T11978] BTRFS info (device loop0): setting nodatacow, compression disabled [ 305.123140][T11978] BTRFS info (device loop0): doing ref verification [ 305.133456][T11978] BTRFS info (device loop0): using free space tree [ 305.206998][T11978] BTRFS info (device loop0): rebuilding free space tree [ 305.427141][ T5793] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 306.092758][T12016] loop0: detected capacity change from 0 to 8 [ 306.517443][T12032] loop4: detected capacity change from 0 to 64 [ 306.676450][T12034] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2246'. [ 306.748569][T12036] loop5: detected capacity change from 0 to 1024 [ 306.763433][ T9] usb 3-1: new full-speed USB device number 20 using dummy_hcd [ 306.825560][T12038] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2255'. [ 306.966199][ T9] usb 3-1: unable to get BOS descriptor or descriptor too short [ 306.983772][ T9] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 1023, setting to 64 [ 307.007275][ T9] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 307.045344][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 307.069478][ T9] usb 3-1: Product: syz [ 307.080032][ T9] usb 3-1: Manufacturer: syz [ 307.103549][ T9] usb 3-1: SerialNumber: syz [ 307.402336][ T9] cdc_ncm 3-1:1.0: bind() failure [ 307.415372][ T9] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found [ 307.433578][ T9] cdc_ncm 3-1:1.1: bind() failure [ 307.442606][ T9] usb 3-1: USB disconnect, device number 20 [ 307.588030][T12056] loop4: detected capacity change from 0 to 32768 [ 307.598630][T12056] XFS (loop4): DAX unsupported by block device. Turning off DAX. [ 307.607625][T12056] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 307.636553][T12056] XFS (loop4): Ending clean mount [ 307.647485][T12056] XFS (loop4): Quotacheck needed: Please wait. [ 307.685577][T12056] XFS (loop4): Quotacheck: Done. [ 307.722558][T12056] XFS (loop4): Metadata CRC error detected at xfs_refcountbt_read_verify+0x42/0xd0, xfs_refcountbt block 0x28 [ 307.736792][T12056] XFS (loop4): Unmount and run xfs_repair [ 307.742537][T12056] XFS (loop4): First 128 bytes of corrupted metadata buffer: [ 307.753618][T12056] 00000000: 52 ff ff ff 7f 00 00 00 ff ff ff ff ff ff ff ff R............... [ 307.762586][T12056] 00000010: 00 00 00 00 00 00 00 28 00 00 00 00 00 00 00 00 .......(........ [ 307.771585][T12056] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb ...^T.Lr......N. [ 307.780610][T12056] 00000030: 00 00 00 00 bd e7 de 5d 00 00 00 00 00 00 00 00 .......]........ [ 307.789621][T12056] 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 307.798572][T12056] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 307.807577][T12056] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 307.817176][T12056] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 307.826235][T12056] XFS (loop4): metadata I/O error in "xfs_btree_read_buf_block+0x1d7/0x2d0" at daddr 0x28 len 8 error 74 [ 307.846894][T12056] XFS (loop4): Corruption of in-memory data (0x8) detected at xfs_defer_finish_noroll+0x182e/0x1e00 (fs/xfs/libxfs/xfs_defer.c:598). Shutting down filesystem. [ 307.863041][T12056] XFS (loop4): Please unmount the filesystem and rectify the problem(s) [ 307.914208][ T8771] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 307.938381][T12067] netlink: 428 bytes leftover after parsing attributes in process `syz.5.2264'. [ 307.951041][T12067] netlink: 104 bytes leftover after parsing attributes in process `syz.5.2264'. [ 308.533992][ T9] usb 1-1: new high-speed USB device number 28 using dummy_hcd [ 308.561973][T12090] netlink: 256 bytes leftover after parsing attributes in process `syz.4.2265'. [ 308.571513][T12090] netlink: 'syz.4.2265': attribute type 5 has an invalid length. [ 308.611092][ T28] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 308.723522][ T9] usb 1-1: Using ep0 maxpacket: 16 [ 308.735824][ T9] usb 1-1: config index 0 descriptor too short (expected 59154, got 18) [ 308.749879][T12096] loop4: detected capacity change from 0 to 2048 [ 308.761585][ T9] usb 1-1: config 0 has an invalid interface number: 0 but max is -1 [ 308.771424][ T9] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 308.785772][ T9] usb 1-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15 [ 308.795544][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 308.804080][ T9] usb 1-1: Product: syz [ 308.808672][ T9] usb 1-1: Manufacturer: syz [ 308.814105][ T9] usb 1-1: SerialNumber: syz [ 308.821411][ T9] usb 1-1: config 0 descriptor?? [ 308.829704][ T9] ssu100 1-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected [ 308.838339][T12096] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 308.849916][ T28] usb 6-1: config 0 interface 0 has no altsetting 0 [ 308.863562][ T28] usb 6-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75 [ 308.872616][ T28] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 308.906777][ T28] usb 6-1: config 0 descriptor?? [ 309.100866][ T5805] Bluetooth: hci4: command 0x0406 tx timeout [ 309.144656][T12099] loop4: detected capacity change from 0 to 8192 [ 309.161779][T12099] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 309.191546][T12099] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 309.203541][T12099] REISERFS (device loop4): using ordered data mode [ 309.210694][T12099] reiserfs: using flush barriers [ 309.229889][T12099] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 309.253951][T12099] REISERFS (device loop4): checking transaction log (loop4) [ 309.424254][T12099] REISERFS (device loop4): Using tea hash to sort names [ 309.432861][T12099] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 309.551338][T12099] REISERFS warning (device loop4): vs-13060 reiserfs_update_sd_size: stat data of object [2 5 0x0 SD] (nlink == 1) not found (pos 2) [ 309.570341][T12110] loop2: detected capacity change from 0 to 64 [ 309.666741][ T9] ssu100: probe of 1-1:0.0 failed with error -71 [ 309.682605][ T9] usb 1-1: USB disconnect, device number 28 [ 309.744301][ T28] video4linux radio48: keene_cmd_main failed (-71) [ 309.763579][ T28] radio-keene 6-1:0.0: V4L2 device registered as radio48 [ 309.787453][ T28] usb 6-1: USB disconnect, device number 8 [ 309.822917][T12114] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2277'. [ 309.832438][T12114] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2277'. [ 310.149859][T12121] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2280'. [ 310.193464][ T9] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 310.373982][ T9] usb 5-1: Using ep0 maxpacket: 32 [ 310.385267][ T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 310.403461][ T9] usb 5-1: New USB device found, idVendor=d5ff, idProduct=0066, bcdDevice=d8.b0 [ 310.423019][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 310.434456][ T9] usb 5-1: config 0 descriptor?? [ 310.441490][ T9] usb 5-1: bad CDC descriptors [ 310.463180][T12136] loop5: detected capacity change from 0 to 512 [ 310.498901][T12136] EXT4-fs error (device loop5): ext4_orphan_get:1399: comm syz.5.2287: inode #15: comm syz.5.2287: iget: illegal inode # [ 310.520962][T12136] EXT4-fs error (device loop5): ext4_orphan_get:1404: comm syz.5.2287: couldn't read orphan inode 15 (err -117) [ 310.543818][T12136] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 310.607716][ T8] usb 1-1: new high-speed USB device number 29 using dummy_hcd [ 310.672221][ T9858] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 310.691882][ T9] usb 5-1: USB disconnect, device number 14 [ 310.826335][ T8] usb 1-1: config 0 has no interfaces? [ 310.844967][ T8] usb 1-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 310.863551][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 310.879171][ T8] usb 1-1: Product: syz [ 310.886375][ T8] usb 1-1: Manufacturer: syz [ 310.890987][ T8] usb 1-1: SerialNumber: syz [ 310.908126][ T8] usb 1-1: config 0 descriptor?? [ 311.144992][ T8] usb 1-1: USB disconnect, device number 29 [ 311.387391][T12134] loop2: detected capacity change from 0 to 131072 [ 311.396118][T12134] F2FS-fs (loop2): Wrong CP boundary, start(512) end(1536) blocks(0) [ 311.404297][T12134] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 311.428896][T12134] F2FS-fs (loop2): invalid crc value [ 311.455634][T12134] F2FS-fs (loop2): Found nat_bits in checkpoint [ 311.513982][T12134] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 311.521690][T12134] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 311.683594][ T8] usb 5-1: new full-speed USB device number 15 using dummy_hcd [ 311.875445][ T8] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 311.894063][ T8] usb 5-1: config 0 interface 0 has no altsetting 0 [ 311.903714][ T8] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 311.912772][ T8] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 311.933414][ T8] usb 5-1: Product: syz [ 311.937602][ T8] usb 5-1: Manufacturer: syz [ 311.942204][ T8] usb 5-1: SerialNumber: syz [ 311.965671][ T8] usb 5-1: config 0 descriptor?? [ 311.975734][ T8] usb 5-1: selecting invalid altsetting 0 [ 312.225146][ T8] usb 5-1: USB disconnect, device number 15 [ 312.538303][T12162] loop5: detected capacity change from 0 to 32768 [ 312.547016][T12162] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz.5.2297 (12162) [ 312.562386][T12162] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 312.572810][T12162] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm [ 312.581589][T12162] BTRFS info (device loop5): enabling auto defrag [ 312.591996][T12162] BTRFS info (device loop5): doing ref verification [ 312.593698][ T785] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 312.598707][T12162] BTRFS info (device loop5): use no compression [ 312.612647][T12162] BTRFS info (device loop5): force clearing of disk cache [ 312.620015][T12162] BTRFS info (device loop5): setting nodatacow, compression disabled [ 312.628346][T12162] BTRFS info (device loop5): disabling free space tree [ 312.654391][T12162] BTRFS info (device loop5): enabling ssd optimizations [ 312.661437][T12162] BTRFS info (device loop5): auto enabling async discard [ 312.671672][T12162] BTRFS info (device loop5): rebuilding free space tree [ 312.687805][T12162] BTRFS info (device loop5): disabling free space tree [ 312.695365][T12162] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 312.705165][T12162] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 312.795265][ T785] usb 3-1: config 0 interface 0 has no altsetting 0 [ 312.804702][ T785] usb 3-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75 [ 312.814093][ T785] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 312.824892][ T785] usb 3-1: config 0 descriptor?? [ 312.883089][ T9858] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 313.145704][ T28] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 313.199188][T12185] netlink: 'syz.5.2300': attribute type 21 has an invalid length. [ 313.207848][T12185] netlink: 'syz.5.2300': attribute type 1 has an invalid length. [ 313.221144][T12185] netlink: 144 bytes leftover after parsing attributes in process `syz.5.2300'. [ 313.329138][T12189] loop5: detected capacity change from 0 to 128 [ 313.347708][T12189] FAT-fs (loop5): error, corrupted file size (i_pos 548, 512) [ 313.356106][T12189] FAT-fs (loop5): Filesystem has been set read-only [ 313.358085][ T28] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 313.372232][T12189] FAT-fs (loop5): error, corrupted file size (i_pos 548, 512) [ 313.373266][ T28] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0 [ 313.393770][ T28] usb 5-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 313.403110][ T28] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 313.411251][ T28] usb 5-1: Product: syz [ 313.423475][ T28] usb 5-1: Manufacturer: syz [ 313.428703][ T28] usb 5-1: SerialNumber: syz [ 313.440084][ T28] usb 5-1: config 0 descriptor?? [ 313.449305][ T28] usb 5-1: Quirk or no altest; falling back to MIDI 1.0 [ 313.670561][ T785] video4linux radio48: keene_cmd_main failed (-71) [ 313.677446][ T785] radio-keene 3-1:0.0: V4L2 device registered as radio48 [ 313.688293][ T785] usb 3-1: USB disconnect, device number 21 [ 313.717491][T12195] input: syz1 as /devices/virtual/input/input31 [ 313.740665][ T28] snd-usb-audio: probe of 5-1:0.0 failed with error -12 [ 313.850411][T12200] loop5: detected capacity change from 0 to 1024 [ 313.911387][ T48] hfsplus: b-tree write err: -5, ino 4 [ 313.935123][ T28] usb 5-1: USB disconnect, device number 16 [ 314.114252][T12208] loop5: detected capacity change from 0 to 2048 [ 314.125134][T12208] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 314.379174][T12216] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2314'. [ 314.437499][T12218] bridge0: adding interface bridge0 with same address as a received packet (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 314.464292][T12218] bridge0: entered allmulticast mode [ 314.494103][T12220] program syz.5.2317 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 315.032087][ T28] hid-generic 0000:0004:0000.001A: unknown main item tag 0x0 [ 315.040171][ T28] hid-generic 0000:0004:0000.001A: unknown main item tag 0x0 [ 315.047725][ T28] hid-generic 0000:0004:0000.001A: unknown main item tag 0x0 [ 315.063607][ T28] hid-generic 0000:0004:0000.001A: hidraw0: HID v0.00 Device [syz0] on syz1 [ 315.130716][T12232] loop5: detected capacity change from 0 to 32768 [ 315.143532][ T5831] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 315.165683][T12232] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 315.243272][T12232] XFS (loop5): Ending clean mount [ 315.260867][T12232] XFS (loop5): Quotacheck needed: Please wait. [ 315.331831][T12232] XFS (loop5): Quotacheck: Done. [ 315.363588][ T5831] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 315.407153][ T5831] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0 [ 315.440944][ T9858] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 315.466147][ T5831] usb 3-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 315.490084][ T5831] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 315.498480][ T5831] usb 3-1: Product: syz [ 315.549247][ T5831] usb 3-1: Manufacturer: syz [ 315.578877][ T5831] usb 3-1: SerialNumber: syz [ 315.606609][ T5831] usb 3-1: config 0 descriptor?? [ 315.617735][ T5831] usb 3-1: Quirk or no altest; falling back to MIDI 1.0 [ 315.858907][ T5831] snd-usb-audio: probe of 3-1:0.0 failed with error -12 [ 316.076280][ T8] usb 3-1: USB disconnect, device number 22 [ 316.077230][T12271] loop4: detected capacity change from 0 to 512 [ 316.094917][T12271] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz.4.2337: inode #15: comm syz.4.2337: iget: illegal inode # [ 316.108335][T12271] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.2337: couldn't read orphan inode 15 (err -117) [ 316.121504][T12271] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 316.145170][ T5831] usb 6-1: new full-speed USB device number 9 using dummy_hcd [ 316.170369][ T8771] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 316.254648][T12275] loop4: detected capacity change from 0 to 4096 [ 316.261972][T12275] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 316.305100][T12275] ntfs3: loop4: failed to convert "c46c" to maccyrillic [ 316.336584][ T5831] usb 6-1: unable to get BOS descriptor or descriptor too short [ 316.347468][ T5831] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 1023, setting to 64 [ 316.360963][ T5831] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 316.370150][ T5831] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 316.378740][ T5831] usb 6-1: Product: syz [ 316.382913][ T5831] usb 6-1: Manufacturer: syz [ 316.387562][ T5831] usb 6-1: SerialNumber: syz [ 316.532055][T12279] loop4: detected capacity change from 0 to 764 [ 316.543084][T12279] rock: directory entry would overflow storage [ 316.550190][T12279] rock: sig=0x4654, size=5, remaining=4 [ 316.633671][ T24] block nbd0: Possible stuck request ffff8880220a8000: control (read@0,1024B). Runtime 210 seconds [ 316.645094][ T24] block nbd0: Possible stuck request ffff8880220a8200: control (read@1024,1024B). Runtime 210 seconds [ 316.656696][ T24] block nbd0: Possible stuck request ffff8880220a8400: control (read@2048,1024B). Runtime 210 seconds [ 316.668780][ T24] block nbd0: Possible stuck request ffff8880220a8600: control (read@3072,1024B). Runtime 210 seconds [ 316.705002][T12283] loop2: detected capacity change from 0 to 16 [ 316.714259][T12283] erofs: (device loop2): mounted with root inode @ nid 36. [ 316.733916][ T5831] cdc_ncm 6-1:1.0: bind() failure [ 316.762936][ T5831] cdc_ncm 6-1:1.1: CDC Union missing and no IAD found [ 316.793850][ T5831] cdc_ncm 6-1:1.1: bind() failure [ 316.813624][ T5831] usb 6-1: USB disconnect, device number 9 [ 317.233855][T12293] loop2: detected capacity change from 0 to 32768 [ 317.241174][T12293] XFS: attr2 mount option is deprecated. [ 317.277374][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.283767][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.311662][T12293] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 317.370935][T12293] XFS (loop2): Ending clean mount [ 317.382151][T12293] XFS (loop2): Quotacheck needed: Please wait. [ 317.446192][T12293] XFS (loop2): Quotacheck: Done. [ 317.588842][ T5795] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 317.703235][T12314] loop4: detected capacity change from 0 to 4096 [ 317.732515][T12314] NILFS (loop4): invalid segment: Checksum error in segment payload [ 317.767301][T12314] NILFS (loop4): trying rollback from an earlier position [ 317.802397][T12314] NILFS (loop4): recovery complete [ 317.820847][T12315] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 318.129749][T12322] loop2: detected capacity change from 0 to 128 [ 318.141437][T12322] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 318.159123][T12322] ext4 filesystem being mounted at /620/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 318.202190][ T5795] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 318.753575][T12338] loop2: detected capacity change from 0 to 512 [ 318.773964][T12338] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 318.798077][T12327] loop5: detected capacity change from 0 to 40427 [ 318.804867][T12338] EXT4-fs (loop2): 1 truncate cleaned up [ 318.811719][T12338] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 318.826554][T12327] F2FS-fs (loop5): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 318.835149][T12327] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 318.844105][T12327] F2FS-fs (loop5): build fault injection attr: rate: 18446, type: 0x7ffff [ 318.862317][T12327] F2FS-fs (loop5): invalid crc value [ 318.886761][T12327] F2FS-fs (loop5): Found nat_bits in checkpoint [ 318.905485][ T5795] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 318.968851][T12327] F2FS-fs (loop5): Start checkpoint disabled! [ 318.985940][T12327] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 318.992994][T12327] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6 [ 319.041353][T12349] netlink: 'syz.2.2364': attribute type 9 has an invalid length. [ 319.049253][T12349] netlink: 61951 bytes leftover after parsing attributes in process `syz.2.2364'. [ 319.121238][T12351] loop2: detected capacity change from 0 to 256 [ 319.137733][T12351] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 319.161581][T12351] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 319.188448][T12351] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xce89e5da, utbl_chksum : 0xe619d30d) [ 319.222272][T12355] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2369'. [ 319.292533][ T58] kworker/u4:4: attempt to access beyond end of device [ 319.292533][ T58] loop5: rw=2049, sector=40960, nr_sectors = 24 limit=40427 [ 319.308025][ T58] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 319.318991][ T58] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 319.326509][ T58] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 319.868386][ T27] kauditd_printk_skb: 4 callbacks suppressed [ 319.868400][ T27] audit: type=1326 audit(1752055584.390:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12375 comm="syz.5.2378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72f598e929 code=0x7ffc0000 [ 319.953775][ T27] audit: type=1326 audit(1752055584.390:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12375 comm="syz.5.2378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72f598e929 code=0x7ffc0000 [ 320.005111][ T27] audit: type=1326 audit(1752055584.390:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12375 comm="syz.5.2378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f72f598e929 code=0x7ffc0000 [ 320.039542][ T27] audit: type=1326 audit(1752055584.390:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12375 comm="syz.5.2378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72f598e929 code=0x7ffc0000 [ 320.101551][ T27] audit: type=1326 audit(1752055584.390:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12375 comm="syz.5.2378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f72f59858e7 code=0x7ffc0000 [ 320.128673][ T27] audit: type=1326 audit(1752055584.390:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12375 comm="syz.5.2378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f72f592ab19 code=0x7ffc0000 [ 320.170294][ T27] audit: type=1326 audit(1752055584.390:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12375 comm="syz.5.2378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f72f59858e7 code=0x7ffc0000 [ 320.227880][ T27] audit: type=1326 audit(1752055584.390:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12375 comm="syz.5.2378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f72f592ab19 code=0x7ffc0000 [ 320.251134][ T27] audit: type=1326 audit(1752055584.390:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12375 comm="syz.5.2378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f72f59858e7 code=0x7ffc0000 [ 320.274641][ T27] audit: type=1326 audit(1752055584.390:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12375 comm="syz.5.2378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f72f592ab19 code=0x7ffc0000 [ 320.763703][ T28] usb 3-1: new full-speed USB device number 23 using dummy_hcd [ 320.795137][T12403] loop4: detected capacity change from 0 to 512 [ 320.809240][T12403] EXT4-fs (loop4): orphan cleanup on readonly fs [ 320.818532][T12403] EXT4-fs error (device loop4): ext4_orphan_get:1425: comm syz.4.2390: bad orphan inode 13 [ 320.831928][T12403] ext4_test_bit(bit=12, block=18) = 1 [ 320.832195][T12406] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2391'. [ 320.844354][T12403] is_bad_inode(inode)=0 [ 320.851259][T12403] NEXT_ORPHAN(inode)=2130706432 [ 320.864756][T12403] max_ino=32 [ 320.868019][T12403] i_nlink=1 [ 320.872388][T12403] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 320.950387][ T8771] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 320.984544][ T28] usb 3-1: unable to get BOS descriptor or descriptor too short [ 320.998149][ T28] usb 3-1: no configurations [ 321.002771][ T28] usb 3-1: can't read configurations, error -22 [ 321.030255][T12412] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2393'. [ 321.044427][T12412] A link change request failed with some changes committed already. Interface veth0_to_batadv may have been left with an inconsistent configuration, please check. [ 321.122790][T12415] loop4: detected capacity change from 0 to 512 [ 321.142322][T12415] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 321.169495][T12415] ext4 filesystem being mounted at /359/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 321.278922][ T8771] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 322.095387][T12449] loop4: detected capacity change from 0 to 2048 [ 322.132271][T12449] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 322.152555][T12449] ext4 filesystem being mounted at /368/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 322.187009][T12449] fs-verity: sha512 using implementation "sha512-avx2" [ 322.212780][T12449] fs-verity (loop4, inode 13): Error -22 reading file data [ 322.220337][T12449] fs-verity (loop4, inode 13): Error -22 building Merkle tree [ 322.291669][ T8771] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 322.377711][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 323.359310][T12489] loop4: detected capacity change from 0 to 4096 [ 323.370210][T12478] loop5: detected capacity change from 0 to 32768 [ 323.376932][T12489] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 323.401274][T12478] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 323.456549][T12478] XFS (loop5): Ending clean mount [ 323.470272][T12478] XFS (loop5): Quotacheck needed: Please wait. [ 323.520916][T12478] XFS (loop5): Quotacheck: Done. [ 323.589739][T12499] loop4: detected capacity change from 0 to 128 [ 323.613485][ T9858] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 323.948397][T12503] loop2: detected capacity change from 0 to 1024 [ 324.001094][T12503] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 324.142724][ T5795] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 324.252823][T12509] loop2: detected capacity change from 0 to 256 [ 324.265232][T12509] exfat: Bad value for 'uid' [ 324.469970][T12519] loop2: detected capacity change from 0 to 512 [ 324.511464][T12519] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 324.526041][T12519] ext4 filesystem being mounted at /647/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 324.657806][ T5795] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 324.811444][T12528] loop4: detected capacity change from 0 to 2048 [ 324.927091][T12533] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 325.086606][T12539] loop5: detected capacity change from 0 to 2048 [ 325.119108][T12539] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 325.131291][ T5862] usb 3-1: new high-speed USB device number 25 using dummy_hcd [ 325.131463][T12539] ext4 filesystem being mounted at /268/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 325.172899][ T27] kauditd_printk_skb: 16 callbacks suppressed [ 325.172912][ T27] audit: type=1800 audit(1752055589.700:269): pid=12539 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2442" name="file0" dev="loop5" ino=13 res=0 errno=0 [ 325.199836][ C0] vkms_vblank_simulate: vblank timer overrun [ 325.207430][T12539] fs-verity (loop5, inode 13): Error -22 reading file data [ 325.215058][T12539] fs-verity (loop5, inode 13): Error -22 building Merkle tree [ 325.244368][ T9858] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 325.325257][ T5862] usb 3-1: config 0 has no interfaces? [ 325.342663][ T5862] usb 3-1: New USB device found, idVendor=10d6, idProduct=2200, bcdDevice= 0.02 [ 325.353703][ T8] usb 5-1: new full-speed USB device number 17 using dummy_hcd [ 325.361963][T12545] loop5: detected capacity change from 0 to 512 [ 325.368507][ T5862] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 325.376660][ T5862] usb 3-1: SerialNumber: syz [ 325.377700][T12545] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 325.395472][T12545] EXT4-fs (loop5): 1 truncate cleaned up [ 325.395556][ T5862] usb 3-1: config 0 descriptor?? [ 325.408851][T12545] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 325.439580][T12545] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2244: inode #15: comm syz.5.2445: corrupted in-inode xattr: overlapping e_value [ 325.458924][T12545] EXT4-fs (loop5): Remounting filesystem read-only [ 325.466550][T12545] EXT4-fs warning (device loop5): ext4_xattr_set_entry:1781: inode #15: comm syz.5.2445: unable to update i_inline_off [ 325.501204][ T9858] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 325.540832][ T8] usb 5-1: config 0 has an invalid interface number: 83 but max is 0 [ 325.551752][ T8] usb 5-1: config 0 has no interface number 0 [ 325.558116][ T8] usb 5-1: config 0 interface 83 has no altsetting 0 [ 325.568661][ T8] usb 5-1: New USB device found, idVendor=3859, idProduct=4c65, bcdDevice=90.6f [ 325.577942][ T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 325.586085][ T8] usb 5-1: Product: syz [ 325.590325][ T8] usb 5-1: Manufacturer: syz [ 325.596408][ T8] usb 5-1: SerialNumber: syz [ 325.603771][ T8] usb 5-1: config 0 descriptor?? [ 325.611184][ T8] usb-storage 5-1:0.83: USB Mass Storage device detected [ 325.633461][ T9] usb 3-1: USB disconnect, device number 25 [ 325.731117][T12554] loop5: detected capacity change from 0 to 4096 [ 325.739726][T12554] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512). [ 325.766346][T12554] ntfs3: loop5: Failed to initialize $Extend/$Reparse. [ 325.857249][T12556] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2449'. [ 325.859768][ T9] usb 5-1: USB disconnect, device number 17 [ 325.913521][ T27] audit: type=1326 audit(1752055590.440:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12557 comm="syz.5.2450" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f72f598e929 code=0x0 [ 326.763781][ T5862] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 326.963434][ T5862] usb 5-1: Using ep0 maxpacket: 8 [ 326.974994][ T5862] usb 5-1: config 179 has an invalid interface number: 65 but max is 0 [ 326.996806][ T5862] usb 5-1: config 179 has no interface number 0 [ 327.003108][ T5862] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 327.046767][ T5862] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 327.068810][T12588] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2465'. [ 327.072818][ T5862] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 327.103987][ T5862] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 327.125552][ T5862] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 327.174837][ T5862] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 327.194066][ T5862] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 327.226189][T12571] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 327.265285][T12590] syz.5.2466: attempt to access beyond end of device [ 327.265285][T12590] loop11: rw=0, sector=0, nr_sectors = 1 limit=0 [ 327.307914][T12590] FAT-fs (loop11): unable to read boot sector [ 327.344425][ T5805] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 327.357752][ T5805] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 327.366469][ T5805] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 327.376420][ T5805] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 327.392650][ T5805] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 327.400251][ T5805] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 327.501843][ T29] INFO: task syz.3.874:8412 blocked for more than 143 seconds. [ 327.510958][ T29] Not tainted 6.6.96-syzkaller #0 [ 327.516649][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 327.525542][ T29] task:syz.3.874 state:D stack:25480 pid:8412 ppid:5794 flags:0x00004004 [ 327.534883][ T29] Call Trace: [ 327.538296][ T29] [ 327.541262][ T29] __schedule+0x14e2/0x4580 [ 327.545872][ T29] ? asan.module_dtor+0x20/0x20 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 327.550878][ T29] ? __mutex_lock+0x6b2/0xcc0 [ 327.556156][ T29] ? __mutex_trylock_common+0x84/0x250 [ 327.562063][ T29] ? trace_raw_output_contention_end+0xd0/0xd0 [ 327.568316][ T29] schedule+0xbd/0x170 [ 327.572533][ T29] schedule_preempt_disabled+0x13/0x20 [ 327.578093][ T29] __mutex_lock+0x6b7/0xcc0 [ 327.582734][ T29] ? __mutex_lock+0x4e8/0xcc0 [ 327.614678][ T29] ? sync_bdevs+0x1af/0x330 [ 327.623458][ T29] ? mutex_lock_nested+0x20/0x20 [ 327.643498][ T29] ? _atomic_dec_and_lock+0x93/0x120 [ 327.663400][ T29] ? do_raw_spin_unlock+0x121/0x230 [ 327.690659][ T29] sync_bdevs+0x1af/0x330 [ 327.703036][ T29] ksys_sync+0xba/0x150 [ 327.733384][ T29] ? sync_filesystem+0x220/0x220 [ 327.738562][ T29] ? syscall_enter_from_user_mode+0x25/0x80 [ 327.809003][ T29] ? lockdep_hardirqs_on+0x98/0x150 [ 327.814382][ T29] __ia32_sys_sync+0xe/0x20 [ 327.818901][ T29] do_syscall_64+0x55/0xb0 [ 327.823589][ T29] ? clear_bhb_loop+0x40/0x90 [ 327.828292][ T29] ? clear_bhb_loop+0x40/0x90 [ 327.832987][ T29] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 327.838987][ T29] RIP: 0033:0x7fc208d8e929 [ 327.843478][ T29] RSP: 002b:00007fc209c32038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a2 [ 327.851910][ T29] RAX: ffffffffffffffda RBX: 00007fc208fb5fa0 RCX: 00007fc208d8e929 [ 327.859959][ T29] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 327.867995][ T29] RBP: 00007fc208fb5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 327.876051][ T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 327.884124][ T29] R13: 0000000000000000 R14: 00007fc208fb5fa0 R15: 00007ffed3c57d48 [ 327.892124][ T29] [ 327.909867][ T29] [ 327.909867][ T29] Showing all locks held in the system: [ 327.930946][ T29] 2 locks held by kworker/0:0/8: [ 327.936236][ T29] #0: ffff888017872538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 327.983383][ T29] #1: ffff8880b8e288c8 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x39c/0x6d0 [ 328.003357][ T29] 2 locks held by kworker/0:1/9: [ 328.009386][ T29] #0: ffff888017872538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 328.020610][ T29] #1: ffffc900000e7d00 ((work_completion)(&rew->rew_work)){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 328.041379][ T29] 1 lock held by khungtaskd/29: [ 328.046515][ T29] #0: ffffffff8cd2f760 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x290 [ 328.066052][ T29] 2 locks held by getty/5554: [ 328.070757][ T29] #0: ffff88803251a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 328.088387][ T29] #1: ffffc900015c02f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x425/0x1380 [ 328.100850][ T29] 1 lock held by udevd/6035: [ 328.119088][ T29] #0: ffff8880220034c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev+0x121/0x600 [ 328.131428][ T29] 1 lock held by syz.3.874/8412: [ 328.142416][ T29] #0: ffff8880220034c8 (&disk->open_mutex){+.+.}-{3:3}, at: sync_bdevs+0x1af/0x330 [ 328.183619][ T29] 1 lock held by syz-executor/9858: [ 328.189004][ T29] #0: ffffffff8cd35738 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x360/0x830 [ 328.241168][ T29] 1 lock held by syz.0.2296/12158: [ 328.257115][ T29] #0: ffff8880220034c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev+0x121/0x600 [ 328.267452][ T29] 4 locks held by syz-executor/12591: [ 328.272836][ T29] #0: ffff88805be1ce30 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x1fe/0x500 [ 328.282955][ T29] #1: ffff88805be1c078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x4c9/0xfb0 [ 328.292693][ T29] #2: ffffffff8e128c28 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xa1/0x220 [ 328.303121][ T29] #3: ffff88802e103b38 (&conn->lock#2){+.+.}-{3:3}, at: l2cap_conn_del+0x70/0x660 [ 328.321064][ T29] 1 lock held by syz.2.2467/12593: [ 328.328122][ T29] #0: ffffffff8cd35738 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x360/0x830 [ 328.345070][ T29] [ 328.347492][ T29] ============================================= [ 328.347492][ T29] [ 328.356089][ T29] NMI backtrace for cpu 1 [ 328.360442][ T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.6.96-syzkaller #0 [ 328.368254][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 328.378317][ T29] Call Trace: [ 328.381600][ T29] [ 328.384533][ T29] dump_stack_lvl+0x16c/0x230 [ 328.389224][ T29] ? preempt_count_add+0x91/0x1a0 [ 328.394264][ T29] ? show_regs_print_info+0x20/0x20 [ 328.399472][ T29] ? load_image+0x3b0/0x3b0 [ 328.403996][ T29] nmi_cpu_backtrace+0x39b/0x3d0 [ 328.408948][ T29] ? nmi_trigger_cpumask_backtrace+0x2f0/0x2f0 [ 328.415116][ T29] ? _printk+0xd0/0x110 [ 328.419285][ T29] ? load_image+0x3b0/0x3b0 [ 328.423798][ T29] ? load_image+0x3b0/0x3b0 [ 328.428314][ T29] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 328.434394][ T29] nmi_trigger_cpumask_backtrace+0x17a/0x2f0 [ 328.440394][ T29] watchdog+0xf41/0xf80 [ 328.444568][ T29] ? watchdog+0x1e1/0xf80 [ 328.448909][ T29] kthread+0x2fa/0x390 [ 328.452979][ T29] ? hungtask_pm_notify+0x90/0x90 [ 328.458006][ T29] ? kthread_blkcg+0xd0/0xd0 [ 328.462582][ T29] ret_from_fork+0x48/0x80 [ 328.466987][ T29] ? kthread_blkcg+0xd0/0xd0 [ 328.471560][ T29] ret_from_fork_asm+0x11/0x20 [ 328.476321][ T29] [ 328.480336][ T29] Sending NMI from CPU 1 to CPUs 0: [ 328.485796][ C0] NMI backtrace for cpu 0 [ 328.485816][ C0] CPU: 0 PID: 9858 Comm: syz-executor Not tainted 6.6.96-syzkaller #0 [ 328.485832][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 328.485841][ C0] RIP: 0010:check_preemption_disabled+0x47/0x110 [ 328.485862][ C0] Code: 95 75 65 8b 0d c2 3c 95 75 f7 c1 ff ff ff 7f 74 1f 65 48 8b 0c 25 28 00 00 00 48 3b 4c 24 08 0f 85 c4 00 00 00 48 83 c4 10 5b <41> 5e 41 5f 5d c3 48 c7 04 24 00 00 00 00 9c 8f 04 24 f7 04 24 00 [ 328.485876][ C0] RSP: 0018:ffffc90004457600 EFLAGS: 00000082 [ 328.485890][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0eb4c6e692410100 [ 328.485902][ C0] RDX: 0000000000000000 RSI: ffffffff8afc6ce0 RDI: ffffffff8afc6ca0 [ 328.485913][ C0] RBP: ffffc90004457750 R08: ffffffff8e4a7faf R09: 1ffffffff1c94ff5 [ 328.485925][ C0] R10: dffffc0000000000 R11: fffffbfff1c94ff6 R12: ffffffff8426951f [ 328.485937][ C0] R13: dffffc0000000000 R14: ffffffff9716de98 R15: 1ffff9200088aed4 [ 328.485949][ C0] FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 328.485962][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 328.485973][ C0] CR2: 000000110c38fb03 CR3: 000000000cb30000 CR4: 00000000003506f0 [ 328.485987][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 328.485996][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 328.486006][ C0] Call Trace: [ 328.486011][ C0] [ 328.486017][ C0] rcu_is_watching+0x15/0xb0 [ 328.486038][ C0] lock_release+0xba/0x8b0 [ 328.486057][ C0] ? do_raw_spin_lock+0x121/0x2c0 [ 328.486076][ C0] ? __lock_acquire+0x7c80/0x7c80 [ 328.486095][ C0] ? __rwlock_init+0x150/0x150 [ 328.486120][ C0] _raw_spin_unlock_irqrestore+0x71/0x110 [ 328.486138][ C0] ? _raw_spin_unlock+0x40/0x40 [ 328.486159][ C0] debug_check_no_obj_freed+0x51f/0x540 [ 328.486194][ C0] free_unref_page_prepare+0x1de/0x8e0 [ 328.486214][ C0] free_unref_page+0x32/0x2e0 [ 328.486230][ C0] vfree+0x1a6/0x320 [ 328.486253][ C0] ? kcov_open+0x90/0x90 [ 328.486271][ C0] kcov_close+0x2b/0x50 [ 328.486288][ C0] __fput+0x234/0x970 [ 328.486311][ C0] task_work_run+0x1ce/0x250 [ 328.486332][ C0] ? task_work_cancel+0x240/0x240 [ 328.486351][ C0] ? do_exit+0x906/0x23c0 [ 328.486370][ C0] ? kmem_cache_free+0xf8/0x280 [ 328.486386][ C0] do_exit+0x90b/0x23c0 [ 328.486410][ C0] ? put_task_struct+0xc0/0xc0 [ 328.486431][ C0] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 328.486449][ C0] ? get_signal+0x1068/0x1400 [ 328.486473][ C0] ? lock_chain_count+0x20/0x20 [ 328.486490][ C0] ? _raw_spin_lock_irq+0xaf/0xe0 [ 328.486506][ C0] do_group_exit+0x21b/0x2d0 [ 328.486526][ C0] ? lockdep_hardirqs_on+0x98/0x150 [ 328.486542][ C0] get_signal+0x12fc/0x1400 [ 328.486573][ C0] arch_do_signal_or_restart+0x96/0x780 [ 328.486595][ C0] ? __remove_hrtimer+0x470/0x470 [ 328.486613][ C0] ? get_sigframe_size+0x20/0x20 [ 328.486641][ C0] ? __se_sys_clock_nanosleep+0x2ea/0x370 [ 328.486658][ C0] ? exit_to_user_mode_loop+0x3b/0x110 [ 328.486680][ C0] exit_to_user_mode_loop+0x70/0x110 [ 328.486699][ C0] exit_to_user_mode_prepare+0xb1/0x140 [ 328.486719][ C0] syscall_exit_to_user_mode+0x1a/0x50 [ 328.486734][ C0] do_syscall_64+0x61/0xb0 [ 328.486751][ C0] ? clear_bhb_loop+0x40/0x90 [ 328.486768][ C0] ? clear_bhb_loop+0x40/0x90 [ 328.486785][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 328.486803][ C0] RIP: 0033:0x7f72f59c11e5 [ 328.486816][ C0] Code: Unable to access opcode bytes at 0x7f72f59c11bb. [ 328.486824][ C0] RSP: 002b:00007ffed81f3520 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6 [ 328.486839][ C0] RAX: fffffffffffffdfc RBX: 0000000000000256 RCX: 00007f72f59c11e5 [ 328.486850][ C0] RDX: 00007ffed81f3560 RSI: 0000000000000000 RDI: 0000000000000000 [ 328.486860][ C0] RBP: 00007ffed81f35cc R08: 0000000000000000 R09: 0000000000000000 [ 328.486869][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000001388 [ 328.486878][ C0] R13: 00000000000927c0 R14: 0000000000050032 R15: 00007ffed81f3620 [ 328.486896][ C0] [ 328.891482][ T29] Kernel panic - not syncing: hung_task: blocked tasks [ 328.898356][ T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.6.96-syzkaller #0 [ 328.906163][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 328.916219][ T29] Call Trace: [ 328.919495][ T29] [ 328.922423][ T29] dump_stack_lvl+0x16c/0x230 [ 328.927118][ T29] ? show_regs_print_info+0x20/0x20 [ 328.932331][ T29] ? load_image+0x3b0/0x3b0 [ 328.936852][ T29] panic+0x2c0/0x710 [ 328.940751][ T29] ? schedule_preempt_disabled+0x20/0x20 [ 328.946393][ T29] ? bpf_jit_dump+0xd0/0xd0 [ 328.951340][ T29] ? __irq_work_queue_local+0x13a/0x3b0 [ 328.956905][ T29] ? nmi_trigger_cpumask_backtrace+0x2a4/0x2f0 [ 328.963075][ T29] watchdog+0xf80/0xf80 [ 328.967242][ T29] ? watchdog+0x1e1/0xf80 [ 328.971584][ T29] kthread+0x2fa/0x390 [ 328.975652][ T29] ? hungtask_pm_notify+0x90/0x90 [ 328.980684][ T29] ? kthread_blkcg+0xd0/0xd0 [ 328.985281][ T29] ret_from_fork+0x48/0x80 [ 328.989694][ T29] ? kthread_blkcg+0xd0/0xd0 [ 328.994287][ T29] ret_from_fork_asm+0x11/0x20 [ 328.999074][ T29] [ 329.002323][ T29] Kernel Offset: disabled [ 329.006633][ T29] Rebooting in 86400 seconds..