last executing test programs: 2m40.729674634s ago: executing program 4 (id=2878): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000400)={0x0, 0x9, 0x2, 0x9, 0xf8d6, 0x101}, &(0x7f0000000440)=0x14) 2m40.516990192s ago: executing program 4 (id=2882): capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000ac0)=ANY=[@ANYBLOB="b700000001000000bfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff000000003f040000000000002d400300000000006504000001ed00007b130000000000006c440000000000007b0a00fe000000007b13000000000000b5000000000000009500000000000000023bc865b7a379d17cf9333379fc9e94af69912435f1a864a710aad58db6a621a464a3778433e6e393002e7f3be361957adef6ee1c8a2a4f8ef1e50bec919bc461e91a7168c5181554a090f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec5dd6fcd82e4fee5bef7af9aa0d7d600c095090000100000000031eaebbdbd732c9cc00eec363e4a8f645679c294392cf538b07ce2646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75d80000000eda88c658d42ecbf28bf7005005b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fc152b7b9da074e1320060d0b11008e59a5923906f88b53987ad1714e72ba7a5b74f0c33290933896a59ff61622cfd9aa58fe8d485f062ae2c0cc65c2a36aaec2477584b6a89adaf17b0a6041bdef728d236619074d6ebdf098bc908f523d228a40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03fb8a63e089679216da18ec0ae564162a27afea62d84f3a10746443d64364f56e24e6d2105bd901204a1deeed415561c459565b1cd17572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f98928d5e9b94ff9ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cff538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d710b651f898ba749e40bc6980fe78683ac5c0c31030699ddd71063be9261b2e1aab1675b34a220488c126aeef5f510a8f1aded94a129e4aec6f8c3a13596c2ea3e2e04cfe0e669e51731b2875353193f82ade69d0540059fe6c7fe7c00007502c7596566d674e425da5e87e59602a9f6590521d31d381eb3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c95300000000010000003baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2e454da0c052427d14c37960242b104e20dc2d9b0c3567aea26454a47b0f0797a7308d402ccdd9069bd50b994fda7a9de54022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed82641687f3b3a70bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c03987d198899b212c53c18294270a1ad10c80fef7c24b78b4ad83238273f4fc87afce829ba0f85da6d888f18ea40ab959f6074ab2a4009b9e5f07ab513cdc6c0e57fb1c1ca57138000b4ead35a385e0b4a26b702396df7e0cbe02b6e4114f244a9bf93f04beb72f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a9b702cc1b6912a1e717d29135753208165b9cdbae037f27feeb744ddcc536cbae315c7d951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91114a6b244f9acf41ac5d73a008364e0602a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844cea001ddeb6dc5f6a9037d2283c42efc54fa84323a3c3e6e4fd2e078b796a825b3dad9ce7b37507e0b83c3ecd01549bca6a016b3e18a00c748894dc3bfe5efda8b0a477d6a6562fdee45eb16e276dee992094ba9830f6c164179e7d532d86060bea930118d3cae1bb5916b9671b7000000000040f4bee5ad2dea2d070095265504c05bba38b095e1679f96ddef65ba5de9c8cfb6465ae4165c0689a314a6eb6b36aa705b957edef3035e14b879c8e7dc00624726042e00bf9a7f7ae5f308744770759558e4fcb99c0dc957521ef255362bf2f3966f3754e81fb9bdef22c19f5a49147b25393f7536bcda9f64b7c5640bf89d4a74d51dc233dee628c1dfbb55669f84784174b34eb234481547e484c6af101396b6977dd668b401391c1d2e242edccf1cabe6be9868d383ebf1db5aee9b73e92bb82c164ab14bb25189817742e054886ed6d7abbacf6319f3c050e7d53df64633eafcb64291b81188fab69b5a06fe029ce46c5cac1bb1ea8ea98aee207fa4c9618a9ce80bd8b530f4b9ba8860bf1e887ec670312ef0502e3d0a0e30dbaf38c042b7fd207c61e6b73d3b61d194acb4bf4d3e0187d62ee27cbee175eb2312209f68747eeeea30c1634d54799f42753df8e7462c6f5331ea8e56b5c4a373dfe9f111d0206f4e90f71c03bc24960dd84345e59e1289d47a929158babfb331f27370928198d2cd367e928e98c54c67b6382cb958fec947d2ece3695755bc71d55a84bb0a0da43cb9f526a20566e9d00cf9fe6be3adf3e0a05771d66664239d199ce84aa7f684c0ce4c342a85d654624736a3b9b067e2bd298ae8a2527ce59fba9448b13655281431335496da08ac626fe0b57ebb4ad0b9495a183587108b4308bc68eeca9062873703ed0ee726a7867436e01dcd6edf1583e7e17043afda8f46fdd688d461125d724404a310"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000080), 0xfffffffffffffdbb, 0x0, 0xffffffffffffffff, 0xffb9}, 0x48) 2m40.318792187s ago: executing program 4 (id=2885): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x50, 0x10, 0x401, 0x4, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0xb29}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_UPDELAY={0x8, 0x4, 0x7fffffff}]}}}, @IFLA_ALT_IFNAME={0x14, 0x35, 'bond0\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) 2m40.244344514s ago: executing program 4 (id=2886): syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000280)='./file0\x00', 0xc0, &(0x7f00000002c0)={[{@iocharset={'iocharset', 0x3d, 'ascii'}}, {@utf8}, {@uni_xlateno}, {@uni_xlateno}, {@uni_xlateno}, {@shortname_mixed}, {@fat=@allow_utime={'allow_utime', 0x3d, 0xb98}}, {@fat=@nfs}, {@uni_xlate}]}, 0x1, 0x271, &(0x7f0000000980)="$eJzs2s9rHGUYB/BnksamLelG/EUL4ose1MvQ5OyhQVoQA4o2QhWkUzPRJeNu2FkCK2Jz0qtXwYNn8ehNkB695KL/gAdvAcnNHsSRZJM2MVsxNGlt+Xwu+zDv+33nfZlheFnejVe+/Hh5qc6Xin6MZVmMXYy1uJXFdIzFrrV4+cWrPz379tV3X5+bn7/0VkqX567MzKaUzj7343uffvf8zf6Zd74/+8PJWJ9+f2Nz9rf1p9fPbfx15aN2ndp16nT7qUjXu91+cb0q02K7Xs5TerMqi7pM7U5d9va1L1XdlZVBKjqLU6dXemVdp6IzSMvlIPW7qd8bpOLDot1JeZ6nqdPB3Uz+hz4L395qmthsJq5F0zSnvokzN2Pq12hF9njKnriYPXUte2YtO7fZNK2t7iePf9bcX4d6/jxy9nzUJyOqL1YXVheGvxFffxUxtxTtWIsyLkQr/oyt12THsL782vylC5FFpDQdn1c3dvI3VhfGt8ffzldRxky0Ynp0fiYN7c8/tjvFYX42WvHk6PzsyPxkvPTCnvvn0YqfP4huVLEYW9k7+c9mUnr1jfl/5M9v9wMAeNTk6baR+7c8v1v7MH97f/Vv+8OR+7MTcf7Eg107EfXgk+WiqsreERW/77+SxZGNfLD4ZeLwqYmddR/HfPYXYxFxzLc42uLUPY6z+0r9T5ZzyOKPpmkONGUP7XLuvXhw3yTunzsPfeeCf/oAAAAAAAAAAAAeCnsO/Y0f5SnC8d6Bk2UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAj/R0AAP//4drNbQ==") renameat2(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000480)='./file7\x00', 0x0) 2m39.972230786s ago: executing program 4 (id=2889): syz_mount_image$squashfs(&(0x7f0000000200), &(0x7f0000000000)='./file0\x00', 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="005901e3fd18fb9c322293c67dcde48bfeffd1843c336e09b34af65ad26aafded7da5cfeeda2b8d8d900c2195f00f646f699eeb47813177405a6a6baf786c0d14f2079a9efa9db8973bcca25eb2973856c6760a483c41d0980c78a4cb096a5affa6b980600000000000000a1eacd2c820176737d4eb55dca564820dd769d8742f6d9ab243775a67afcdf845f978e95365cdf6f30aa43423b381881433e00ccbe6353b21300d8f0ca972589398eef9487db78486fcf174990c488031f8b39cc01bb509f3ea4bcde33d4c9e305ecb4dd88204c5d7bb5e469cabfda0feca3ce70c0acbc34d13e5a5c796eab23abfe3b717834f8e9d7120e1e925c4e210b4152c75210b3e979fbe8ddf23eef2d53733209b22206e0a4afc354c33d7ca2a00116a14d686e4aa86b6ec6a4130178c3ad8c723c0d8506bd7bff780000000000000000004b2ec61cfde813cc124715aaaf5508b93d8cf0860042108b660b74f94b1e4851eeec09fdb7a617eabeeeff8ce8bb99f4b1f9c2896cf31e19c3c24155b0ea7dc3cae1b56acb1946830cad94af3f1caf43ea03b38fc08a7e19480e283a4c0d", @ANYRESDEC, @ANYRESHEX, @ANYRESOCT, @ANYRES16, @ANYRES8, @ANYBLOB="eae535d4c5cd41b584d3bdb8d3fb3e37666220165c8aec9c235bc9af137d4058a50551a5b228bbbcf6cd1275ef3732adfeaebdf711988cbe9d1da671f8bbaac371392e227f548006163fc9aaf3d55e97410ccacb7df3444c03ac4170da3fbc69ae1c8a590318a7a33a774debbcc54bb6d6025bc65458b94791d5a8bcd898b75cce569e2c6fd55928c5084aab22c8196fb436916cff76302fd8c4b69ca674271f5db630ffad103ad9286287759d0d5470d0b54f701a713e8803665b87799065f31bb0cff21d9c109c1fbfffb640facdacd569f158f694c34ffb4c405b186aa90e8be7b47c56e6e439ae953605d89c131c711ff56f0adb96e5ee0d269b4cfc9d089794f60bdd06e845b5ffdccfefee032ecfd92f6cba5920130f685e807f88de4a2e595ea37f39a92dcbaeb2de15dab62a5a199d4666578eb1707e88ebb0b98140fdb62d60005fd6721f18a2054b2ba2ed308813164f8dbc7e1d26a11a707adc6978a25cca2fca5d62e51794447f656b92f8372ebf98934a0bc057b901080da81ef02ccfa18a29c9b82c90fd38eb554b83428948f3608cd8fd5845bed25a0d96b146f09bd4cce20efc1ecc7bf64bd88e7a460b372a298cb776eb1d78cc334da71dc6056b2d1119cdad3af9092a42c184e9d487076399f0be65a442fdc06901089e6b5178ecb57aa4b98ff1f538696e8510551dbb5cbd36b125efa2a3e719f22b96eeec80a178dae9c894a7dd170419c33817baedfc132cde868a1c55192b9c8a332772fc40fed9f6fee1aea0e2001752caeb58afb55ea7c421cd0eb5e6ea301f8e2f6b68484849f5d3e7bd1b4aa865d2cd049dfc773bb4281f5f8dd2a3f1563c8cd3655dd9e391424151dadf7415afb242cb99b9b9541b6780beafc6a8c2c0bd109749dde1e8535040d8d2cda8393abaa6cdae24e13917e867d6d301f6f39619bcbd70acc747e093ef3c22f0b1a8b8a4d8bd11bc19c7102e11a8603d563507423c96d1653a42d02ff1ee390934927f037d2022cbbf86cb605e82e2b6e2c2fa1d523f72b47738f318836defed1f898271bdd4fcbe7863e5aa7c7e468d9bad908de3c6851c696df710da87771840f46e63fc4c3d5d9b13b663ed2fef2e56a8690cdee9e6ac0a9824c9fe458ad29614f9485f9c18caf2d5c229f24a220ab84daa26ddb2a0d4059b43e073b703148d82fe4d91ae24db7224df2ee4e10d596846466d6a62faa9da7d24f9dd1e3b5cc291f4840b6603d1173204a452a9b05a5efcf4f9e09c2a3c38f2fd49322e718ddc8278ea182a359043387705c0be61be7e62ba7bb85dfa0f24400f89087f78d84d2296844944d186fb55045eb016dd3d602c85211d7b19dbebe3247313283da5bcbba09a3a74c590fdce8cdbef49a73b11413a9df4aaefc356e94f838cef801ba2380d7e5fdc8865140311f071c82bc1482c2033b8ad70d08a5a71e1c949f93cd8743b0bd4eefdaf45f5246efcf800444c8e9b8c2a01b76b6eb4e0639ee7381971172c53e165f14946fb56896e40424a3b981d97b4b01504806d797bb9e3405a7326d2ba7bfa6efc923c4c68d0165aea2d80ae953c7e2ec6534d0da7c28bbe255d81097e84254ff7bd065caa84fa7455885e1b28ab7d6243d0f02903860049935a764ebfe5384bdf9ae0b71f1641e457780da2071a84937dd88d2e4aec7ddaab66e335887f555a724ad9692ee996521ccaa35e2358aea1ab6a8c9845af8af552520fdec7ecb635d230074aa532c3efe6677c79b1328451a779501eccb4c11750744cfce16ba2ced0fc6dd2b75a5ff1770f3851c93bcf8850adf496012d94b8dd6a00d1f9f0c96989979b89838a29875072e0b678a2a55338f21625165c350134d7cb9119ac4dcc77f13a153fe6819d1bdc6b357e93531a68813913daf65d2e62d4bd09da6bb16e8d686518f6faff70dc0804b4b6810117d8698a4d27f0482f9adf9be3aae179dbcad90ab1fbd6b1ba15cdc78ee7686bd15a8fe1cf5af00fcc0a6981a77ac5c3485518921a1b4ea90b02e0059c2c71850d517bddc12bd61a5571da765a34b53e5f06a2b8bb122bf9d642f1ad50a0eb7afe34ef6fd2474d25f314adbf276a895b80b8de6e31eaee5fe4544f4709bf6416f26ec52d517dd3a350cb68df6791dc671495e0f056de8b158095b32ec8b43f65b1f3110cf7da37d2383e99a5bd9a0e0d5684a5b15246170bd11909ef22ee740aa5556dbc0f9dacc8ce440c137bf0ec673651067ef1146004701376116986c49b10226141bea12f679c3f53eaea945b1bb92e6c922a85a2221f768ff4f1c188dc82f9e8d947e140f43c4950430f88a47fb15dcd8ef8491ff08d7b287b280eab99e44a7fba6d4fe20fcb2c2cfa1a6f4d59b51755e66a3d9a325a08a286185c2bdac8c8c2910ed3ff8e047f28b2bf1827e0829f8ec8459241300583f1880c96b2e405b253af5f7e9ee91e34c3fa2cd5c53a71bc3b4b1a5741c17a7b73c8e7d3e8ec9e51a90772b8eb38f23fcb9e07eff8b0f68d4f7d4d68bfb8fbc8d90be681166fe5ed220e3a425c65c0e678e8b7470a99d7fccc7a3be07189ee02e1f8c81549b0b8c0113ef602d10d5d2429e8b60fa5aaddd55cb86141609bae35c185c5ad743d0fb0a1244ba6d67755e46073f3d428926c0d9033f8180120deab78a4b42664e36b6723039457195bff897760ede28bf2661a95715dd20bc744ae2a06bcb12ef8b7a373f3a5557f20256446ba95d45b7810d68494f954d1802aa8986279adc368c2365168c0619bc8952ec6ac60840d9968302edb8809d36f6b0c83dc6941193fb8eb2adcef36db70cbe51fd533ee108eaedebc05ab363058feecfb51e294419695019d0ba50a660ecbe3fd1b43ac973141b7e4c423c062f63ad24468ca79740502716b10a823821429d53f34409cc0757587a5de21663c33a8b194c988a3c209cec76b9fc18805649d9cc109635271c968972f4328e561b562ad6c32a71b269718a303ae3635e5b06717152817a11589d3efa0f803d7bb560c08132827333ada867d1a870e2feb3a5e7851363fc333bb681018764aab63eb740978994f62ec3147d4d6a40e099ada0c50c1a5f6a8196549be226508055aef349c76af40596f6c9b7217423628bb6dc07d9382f6d4c87c962ec97bee6384ba3e2522b76ee8619093500a75bcc8fd0fb9bb5093650ec0ca9c867a22260e2668ecf46047e3df87f5d82d992a558e45fb852be616c030edf6aeeae70848403dc1166e6a16776e8660f90449f297224f667563850480f259f6a59039b1a3ea5488971b5e4bcbf380c527c937055dbf4f5a676bacc09f4dde33c50a1286f6024980df1064a9dc4b3f101b129fa1fc141e54f52d4b7322a0cb1c2567205016f5ede0794122fcaa2d11fa77f5fddb3a5f3c7b3d85f0cb6f32cd11d752f755687fb8d93d40711a4c8873ec7c794f0f781bb9c10f9df22fa8f40cca06a48c37e66ea4480fcdd686526be62915ebe36e0bdf7dafd3940f698469ecdc792ca6105a37499a19382247a85bb734e4ba325dd307be8444b5860f99f9dbc7aa28c26747c89041bde3c10c459406786e10792078a52f4bcc32aff61b3f5798cb5dc2927f260f70a41d8e5fc38498b02d0053a86ae408d2efdc1aca9a8508ef9128dfd1fc6a92ba72f940ee469a3111e2cf6c28e77e5a206db6f09139db812fa4e4cfe33c8d184e4763bd8e54e0e473346215b8905d101463dd2ca855747c81c7ffd6c2625e0b59273a9516ec96a5cd8d9078c974980a16b6b87563986ba287821cd41f417792e42dd24e796e313b9cd943f1b9dd6ee35676ff4ad46dbd52db83abbc78f5dad11b6e7bd09a4ace8c246d0a52c36dcb1f0c6025f6ed2868f4b918b6e4e645c63689b7e7bc369dbe44725993b3b43f4572a7136b6e610adc161f45fc307c0937f2338ebc4fd571852b229b80ccd071e1a29c927f88b8b45efa503691758125d29463e742e2ef508babf30ae39ff8bb3a94cfee379f84348c002fdef77b410bee9f47f8119388b3fc159b409b9d9c9af97a4b75c38ca5fc0665cd975df293370de64714cefdd470c1d05a5d3e0f257182889d7a2d797ebf42d6935d1c6b5ef8cd1e2783cef3a316dbd4768510f26ee5b1c481bcac3e1608458d4b5ec6411cb3c921a131140440561931ca51b92231de91d1f950d992eec74c6500a6ecc9e8bc26eec367dba82720accd6dee234db88c132ec649baeef23a16ebb18c8e5b68b95aac984d8322a01b39636baf16911e458242730ea8b22c686bd01bc451e91c34f81fafe88485bbe97ec99299940ca897c3f802d080ecf8ca7e5032c728b8b33f162ab26a6805db239b88103c19ff8160a28268f8f7ac66593c67251fb0f3fa3004d5ad08107f48e0ecc1e4e910554f49ca72e3fd7e212d828fc3c0c40203e4642a3a372f36cfd13a037fd4dd107d6b386659b379c4c41813c8599cb71fd08e4b80f22dbb088d3d0257f30493b1c4d54201a00e049d998d291ecb659e65e2eed9776b367afc9b84b03957701bcbef289b0eea8e5722a63e1bd748d5af209c5ebff7df185d0d68e7ceabbf9a63bba55946cd3b52a09383fd9b9d2d956dc4e5af16986c5600dfd0db89e0e478420557d001c3716350c3e6ba0bbec1e5888435d296d8666f455d22205ea407a95eb60bc68a184e95ae3259f3783c594d3e550c018369df677ea11a37c757a3bd3c19eb257f5e228ad760562e431754a0c620004548962c3a4fb42d49259dafc1b9d365323fa2ace81876728a24f70b06e1198d5f863bfd00a04d5393b3adb15f4191d374c607c7ccb6b7ef84303454b6655392a23dccca41f55cb314a3bfbb637f57178cc9df4fe0645a8dc1ca0386d1fb0ff2cfc3e149991f97264d893fba0b013c027ce753c3e1f907a2988b1507eecd0e5e26368155ff5c55f616ffec31a613be450ee048955a46d68c272aa53f1db6ce199e2765f4be20933799d96f13b3a65f33cb60da1929023ff5d820172c423f83210a992264a37854033cd43c88129fabb5146367d2b748d84be96dc3a4ad95279ec7ed78dcb57056597a9f46a948708b0e9915b22f28216d94554db2082f4b9782a5802bf6700ef9017168a68304b6573f46c78a0a3be302e096b4f5b87313a2ef9a2b5f51956d9e315b08ee89a59aeec225227f3ece808c451e1103df7887f944138af1b93235bc93121fb84591d065d5f245c035c238a1c30d510be5db14725148919e8d57f1e3a36ead8be870e2505e3c9935c4461741c4a8dc4dff7e0e042167a7228bf218c9d8dd9c0be9e5ff4a79968d8f34cfc3206e0ade5889e9c5e44c918ed3755063d4148e7f1da9d2ce7aa45b9fc873f85cb92160b8a4d5b219884d0c43cc1194259ec4a6127887470d2fabbc1983b1bcc51e931f131d1238333c09740b43802fc5b1c01a942c5d08693b81e59429cb7d49f454f517cddc160d563a243182083008f2481e35312b4b35a2688468f18f4733f4b40d2f298c0b88ec2ad51e2efa509905233e3bbb9e172a1e697ab379f500c8c791aa97623bc8faa7f0468e02e6bc6f9bc40c75b4c01b92731fc371ad7c90928bead62a74580bb2d0aa1d8972fa857766ebe8aa00cd9eae79a591ea3e87a5ce636dc865b992c98a6fafe478973665936ad477558dac400fe179e86e6fef41aa074d0812f0c14f3992edb76358d02a2b763512ca9abc0940dd711670deb4d9abf196de9106efa5e1c14a673de86193908206ab9f72afd6ef1b05355f06ad0b9bc83750bb196654566b56e13e6e820d12bc34920b45c3"], 0xfd, 0x200, &(0x7f00000002c0)="$eJzskr9rFEEUx7+zO3fuaUIOORBFEDVoLJLbbDT+KBRsDCoIohADgsfdJS5u/JE90DsOXKsUNoIiJIiFIElhIf4DLqiN2CgEuxBJnSKFjSSsvNm3mwnY28ynuO/NvLfvve/M3A4fhDsAbK5360AZhEQF338JSAAHhNpCw07VYb3MWuT4BSvVmPUP6+bJzvgEIPxDy6NWvKdxUJTRU/n9dQV19N3E6deX3v24WnixtHvt7UfKv3i9/QHiaKPvzav3z87P9ary4saEXseO9887VAjA843x5RW5165ktfxoiVoXkPFyEsKddwAMfR6cO+v2PrW4Ztju3KkFQXMmPPfEwppq9XO9W6c/twAkBPsbA6DnkP1FzqG9fRK4BsBGkudIbFFtTd+vhu3OoD9dm2pONe963sioe9x1T3jVST9ouvQLcDf1OZ8gSI8BoGsq0QhCxXdRbINzdmI7VIfmivK496XE45fQrRe1qxs4jHRb65fZylQgZluOmgPKKlk+Ajrah5HQdvtVFQllbAwCNi+GpTZf2stRgaFP94LGLMgbf7YAmdcYXkUhX3j6YuRU5hCzrP3YujFigXWVNXvR2UuVqoLF73kgAop4VGu1kiR5jMUeXPmWRmhvxivm/8qRfmDUtWxvN3fG/setGAwGg8FgMBgMBsN/4m8AAAD//4Hjlpw=") open(&(0x7f0000000140)='./file2\x00', 0x0, 0x0) 2m38.805520291s ago: executing program 4 (id=2900): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000540)={@empty, @ipv4={'\x00', '\xff\xff', @broadcast}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0xfffd, 0x400, 0x0, 0x4001c}) 2m23.721521909s ago: executing program 32 (id=2900): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000540)={@empty, @ipv4={'\x00', '\xff\xff', @broadcast}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0xfffd, 0x400, 0x0, 0x4001c}) 1.583557781s ago: executing program 3 (id=5378): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@newtaction={0x74, 0x30, 0x1, 0x0, 0x0, {}, [{0x60, 0x1, [@m_vlan={0x5c, 0x1, 0x0, 0x0, {{0x9}, {0x30, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{0x0, 0x0, 0x0, 0xfffffffc}, 0x3}}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x63d}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x9a8}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x74}}, 0x0) 1.543516944s ago: executing program 5 (id=5380): r0 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0xa41) ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000000200)={"0d8d00", 0x8, 0x5, 0x1, 0x207fe, 0x0, "0400b7e7a2aac9779bf500000000f3", "1f8a5a00", "41cb01fb", "e8cc1304", ["8bbb00fda8e45cfe00000900", "ab5286400300000008008516"]}) 1.542787024s ago: executing program 2 (id=5381): r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$VHOST_GET_FEATURES(r0, 0x4008af25, &(0x7f0000000180)) 1.378120787s ago: executing program 0 (id=5383): r0 = syz_open_procfs(0x0, &(0x7f0000002a00)='net/fib_trie\x00') preadv(r0, &(0x7f0000002240)=[{&(0x7f0000001180)=""/4096, 0x1000}], 0x1, 0x37, 0x0) 1.311720303s ago: executing program 3 (id=5384): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x48, 0x0, 0x0) 1.264430517s ago: executing program 2 (id=5385): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newlink={0x44, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x50a10, 0x33822}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xffffffffffffff40, 0x2, 0x0, 0x1, [@IFLA_BR_STP_STATE={0x8, 0x5, 0x1}, @IFLA_BR_FORWARD_DELAY={0x8, 0x1, 0x8000011}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x480c1}, 0x240408d0) 1.240777229s ago: executing program 5 (id=5386): r0 = openat$vicodec0(0xffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$VIDIOC_S_PARM(r0, 0xc0cc5616, &(0x7f0000000280)={0x8, @capture={0x0, 0x1, {0x0, 0x8}, 0xf45, 0x6}}) 1.22436875s ago: executing program 1 (id=5387): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_buf(r0, 0x107, 0x13, 0x0, 0x4) 1.22196276s ago: executing program 0 (id=5388): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1400000027000919000000000000000003"], 0x14}}, 0x0) 1.063471823s ago: executing program 3 (id=5389): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="d80000001c0081044e81f782db44b904021d0802010000004000f0a1180002000000000000000e1208000f0100810401a8001600200001400300000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c11503c6bbace8017cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef3d93452a00"/216, 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0) 1.040548115s ago: executing program 5 (id=5390): r0 = socket(0x2b, 0x80801, 0x1) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, 0x0, 0x0) 969.86578ms ago: executing program 2 (id=5391): rt_sigaction(0x40, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0, 0x8, &(0x7f0000000640)) syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 960.003541ms ago: executing program 1 (id=5392): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x16, 0x0, 0x4, 0xffff, 0x0, 0x1}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xd, 0x4, 0x4, 0x3, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x50) 906.211386ms ago: executing program 0 (id=5393): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_async', 0x2202, 0x0) sendfile(r0, r0, 0x0, 0x1) 764.003718ms ago: executing program 5 (id=5394): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@newtaction={0x74, 0x30, 0x1, 0x0, 0x0, {}, [{0x60, 0x1, [@m_vlan={0x5c, 0x1, 0x0, 0x0, {{0x9}, {0x30, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{0x0, 0x0, 0x0, 0xfffffffc}, 0x3}}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x63d}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x9a8}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x74}}, 0x0) 759.491348ms ago: executing program 3 (id=5395): r0 = add_key(&(0x7f0000001bc0)='big_key\x00', &(0x7f0000001c00)={'syz', 0x0}, &(0x7f0000001c40)="f8", 0x1, 0xfffffffffffffffe) keyctl$KEYCTL_MOVE(0x1e, r0, r0, r0, 0x0) 687.273274ms ago: executing program 1 (id=5396): r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$VHOST_GET_FEATURES(r0, 0x4008af25, &(0x7f0000000180)) 654.039947ms ago: executing program 2 (id=5397): r0 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) sendmsg(r0, &(0x7f0000001740)={0x0, 0x0, 0x0}, 0x200080c8) 653.497347ms ago: executing program 0 (id=5407): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) fstat(r0, 0x0) 553.735565ms ago: executing program 3 (id=5398): r0 = syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_ADDFB2(r0, 0xc06864b8, &(0x7f0000000580)={0x0, 0xc2, 0x80, 0x34325241, 0x3, [0x2], [0x80ffff], [0x0, 0x0, 0xfffffffc], [0x400000000000001, 0x0, 0x0, 0x4000]}) 495.46308ms ago: executing program 1 (id=5399): syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x800000, &(0x7f000000cf00)=ANY=[@ANYBLOB='nls=cp949,barrier,uid=', @ANYRESHEX=0x0, @ANYBLOB="000800139e6ec30b2b99f47f097f267d35dc81666a63e7768c00aeecc11e3d8dd215e24988d111429ce29e60b1481b4454b6c882e8b9de8fa5ff541d3f0470f9a71ac6e14f74c9c65ca943b2e922748c5955a3428550d6fdae754bea64db124b811d06bda34e3f366148a417d90f5120", @ANYBLOB="430d76b2a3a8a45bf91f7dd47325436e81cc16066d5f65a8889719b5430abd0ed1a9b132a573a9cdbab70e678daeede0826c76057559831505352707f466167da3f02a2b8537e7cbb5610818a66a16173c488d0398a0c2e38e06bd168a107cd7f3656c26bc446c2a1c38defe149ad7acc87376bfddb5b270ee1e78072999ccee86dda0422fb89b412e258c88a55fa3f42ab1f3c78e476d7b8e36810f8bdad2f25ef7d8db4a7958f77cfdb6baf816f197ad1467986bd780f84b620ef300b73fed2ca92d22818d51b78bb83881c6bed14cd98e7f00a60350be1d048627a334d985a806367be6be637b84c8b7d08d25573debaa57c5dcdf83828751fa415b9dc6ca5b64200ed42b740358dacba9d7f3bacf8b8c1e35a548a5252b00f85f2cfc4ae2ce5314ee9278c79b407bc396951f0b21311f7fa2d15096f74204add5b32c6c88933b1ec576f619b55df538e3ae228eab7e8c7d2cb7ae4d60210f097912896741b512e0671a26d2e40c57197a8bfc00a5528bac1064061644a711d61942e8ec44a1f3b7550527a8d26f9a347f2bf87738653677be6af6fa6fc8f2349b7ec15d0cfeb7b0bc2c9a2301062755e70bd83fc3288152a3102b7a259a09955823f421131d24a9d484b7f0b01968ad0b30326fa73eb4170b6bc20e8f17afab1596a2a40b6ffff527af84ded2c4da65cba7d34f3c1ab96db4bac52f0b501f748532bd450b7803683d224df843275178d27535a6009e36cfd10bfa1fa4abc1dc5477e08cff848a8541a9f4fad0183a0b8425664b19a5454751d34469bd84e39b070908d6074e8d3106bb4cd09725ea87cb8bf5f084cf3e26d0d98a9437fe7b45778c04dbd2b9f53f21d45b0a46809ee37c9e56f7e90ecb194dc680cf5b7b260d5c84480ad24e04be52840ed4d0fcb57864c82fc86eb117f92daf893dae0797a228e541751b288f62fcf651c1b0d0d10ada0695d99a548cbb485cee7db108c33ddff788af332995a70ee77c55975d7908aaf2faa0ea8793e486893727decf916fd6a5fc20f597dff647c407033db5a43750753997cfbd62c6836f1dff6c0846e9f0a67ac5ae34f295b82e13bdab0807d96d9c2355f220df9cd415a24644a536457989b522d3a9cb59515f5cb200000000a312482c668d038b2b45fab218d49f62afb9ffebf320dcc12e0f37c0ee863cb4292d6046c1b2a6520de63fce58e8202ce36951c04be9f04cfbfc4e8eed11ca251c6b47d3665ed72ae56a7980364778fe0f79e938c63d22baabc68d1b0fd63fbca37c906a3cf2cea68fa31a0516d5a98b2c9034b85baacfdd7023c83f9aa3407a504a73ecf4a7a60820f8f1b1e3bfd94a1c636ed78eac35f3d56e2fd28a09213dc8dcf82d01bed6a60c14fdc1fca833934a92de3f41de3ee9e9ae3209977903109ace1d35862c0f9d603dbf76cc2fe940b612d34596876d1ff31d921e05935d2df4c8e53eee2f8796a6e3a83858b59e5ffc62be377217cab4218b055360ac524176abf85c6087c1d7c5136decca5a08fad845b7549c66822b3aaf23cc77f33a6a0a82083c05ad8e917bf43f42110dfac1e6e6726cbfc51be4755bde82f5aa61f2a1180f515e82b8c257f51bf33aaeee1e9cfdf74658f0e319d4d9644a997052fc2475c402de0c85748ef0304ba0f37246c6ab5398b8c923d462db73b12b015d75162180b98799d1a0b6fab8ff3d15e9b707552545a5eae7c89075b5893182a256e8735b57e55ac682ba553e8b4eb0167ec210e7ca7b057c282a1be9cebeb221975b7a5a4df159d76c9873ebe0112e1b2cf6dc44385e168e0b93b2ff6f469e3ac3464beb6d9a2242b57ce19b4426c9d13d257c77186784d7957d23383f95d1bd4852f703a8be06fb503d58b3e423f11b28e773cceef43f7e089bcc17aaa16e91596f12dd8611ff2d059a57af90d5bedc2a118448b670f84346bf8eb2eb4b18e6685e0a3b658d9f62eff918a222272cefda7c563ae3fb2adc0a21b4a8c5501ef09131e4295dd35c7b0e5fcf8c7d1f38d302b52361b823bacdb483c5b01ed2dca79b7327f1154a5e1b31baa1a9cc994b2d40de68e2cca278e6cc9c0489a510083b06224e298ca47d15cc320af6ecd0aa80b2cfd1ab21950715714948714d628d6db9fb527a23bd49ac0ccc4420ffa3683e4d289032b5f7c136478f61b2858451a96c776ac838e005d1a8b7d664e22e20e85726b4227a1acf161824abb4254d480799191da979d73d2ae3aa7be435e7c96408da31364486fdf0e4ff70624a5e2702b6f704a9521b03dd5b42e4da8aaf476b4258730d7e1e20232d76b52433ecd1f3f6c237e6f78ee92a67c60ba0ea78e2ca1c41ae7c5753837bff6b02ce7a6e668575b39b6bbc01a11d8fa0721f5818c9d7e839c5c45687b6be829c047059a3dd84be5f6666b14c48a8c208c22ccc9e8e82e694b0db6542908c99239f76fa3ecf59eeba404f5b3a3ec2b7f7c353ff26d7031a94817c8796eaa69754905d23a6a42893d4892d1a7ba36179941241d4d434644fea33ece11e0ee73ff54c0100dd546fa949ba4fc861ed414860f09b6d09b0c19db06e23c7cd621e6d609665d176d0ca810c07d5e052d06e623702d663c7c9aa01e8257f566654fe9349a3e70861c082347e289e5e6a8858ea5073787a53f9923b3c0768aa0f719245ca8882144df59356aff29550339b02bf719d7ff570114e6b0f2abcbd8d0c0d62a65cdc5e32cbdacdc500b477a890db2ee48ff3eaa255d95163a8dbe9c59d6d353941e1b1b288dbb56e4bc4f15b220e6e1372c24d84b461cd74d05fa9f80bd65bad53db1335fc99be4b22503d553ca92fbb4bcc66d4ba2693d1b56b2b655cf26a7d48e2449158bc2d7768def896f5ba321573c830255cc7894cf844faceff69129866eee970475c566435920812d9b0910b8e982e41bcbd5176eb333595fdf2caed71f8d6732bffea2954eb3894ff6c15593140e58445a276a3a10eea519b19e0af9990431dc21b2524a66f2b6032991f93ed0b25568a50b5ea76e9d4a5fae90a70d5c521e6ca635b741c0c3a52c648f628f9a96a6c74aab5d1c9c2ab695847b6e5bfe5868f8a2ff8e5e667e6a13888f1988e2541660dfc10124cfea45ca7003d7842b6f6a19a5983a37eabb8c90bf8b01914cb90f91dca33287cc9e3117f4f842337a5af1e78ab24045ac8ee9322729d664e3d53f60018db6cc779a3c1d03b14318ac53acc5930d92f3d726dcd82eb92dd9da1fb0d6940f5f33cbe65ae5578563685cd6c0daa1a27f0b2aa904377c271d4c5338c77f32ef007409ad4989f73d3318289d6fd9aaa7792c5476e7357b5ea8e40711fae7745946ca5db82223a97c1a5b654e789acd97700d1bc8a8db315aef2f16e64778211065810878e3a48728e6b94ede97ac533996f3a3e4ac1e7424afb0c42ced2a86713ca97e4da9c7133a88d8dcb1f3b37f5b7bca6a9147cd8ba7eb9bb23ac4f3a8b181d653ace3ba0ccd29580978601e9427b38b0aa682db49251b1f1bc09ef34d5968a0c28ba2a5b51c3399c2919868d747a26beccfd7e143fc121a22d16c06de3ba4ec01856fba08519f943ac701fd0cddddb213f22349cfe1fa42575678fa6ab93810a26370a3ab825d4be4f5383e81eaf40b72d1a87bcc38bc8f9d351206f778ff7505ca29c19d370c5b0d8688910b17913577df01041ce2e1ffde85d91242e7c2cfdf1acca66c23232708402776aa4bdfd4a9d7178dc6dac356ee67a445136266f44cb8a8af6c6ae14e0dadeacd4d8763bea189968eada7e1d03c32ea53716aa85a270d448b4b22fbcf3e2b6fad2939068b6d078da09878cd9ce734f65dead9958cb90fbb096b86a174afe406f6b5fb0be8d909b01d4bf5fbfa0a6ed11529e2df122854f6217bf02277613a2d453904ab297467b8172527abde206958d31424643e8693555c5cb24800729bca1f065c9a0b6a7b98e83921ea81e84137e1ce1e02adac69bc935da77625a1b1602e9294e122dc3ef4303ebd139a04e49714e1c462b0a9b3f9ad741e7c36ea8f2c9cb937ceac03eefc50fb639be0304ce69a2eb1e418cfa3ec04c56ffb9e437b5b7c1fd5db99f6abe2fb6f99fd0d36b926bb76097fabbb04cc6f033a33202daf4245f7826d819d50e024c689b73486d51d2dac5e0b6d6bfb138dbbe0b00a6dac1c950aea86fcd11e42bfd9e40702d13912e4066ff364438f3b371cb2d422eb5fcfc3f55ad6a14561eaec544aa5b85ae76c28171b8c0451bcbe473632bf4ad8920b244ec0e67306c4737a462ba0e6945e54b3b675ae29772e3edb41bdf08880242cc83e8ffecedfce60e0f4485dfa3b479f72c08832edb84e2595a56279e3fa586fcc0971991d442f34f5c868c681e640b4ad77fb45b3be8ed4b95c7246d62b9d4d6e6c84204f8081a54d998628af084695fad86e13c02163a8f4b29b07c6b73239e3680c73f80ae2fdbbf6cfb242e4cc75b62557f67e0d775f8e7dbcd5e1f26ef7b8966a14f27d637098a7bfc9d0554fb639bee707734bc7128d5bc2d4b4bb1f7628354d83734c6d0f3070add09e8046ce5f7cddba66079db4aee30d0b1f52f8afbd2fe634ad4b6b1d0211d019b29a8fa4d3266c5f2359fe0157574588b35645b4b9bf7ada3d9df83b6bef1802fb7dc2f58c9ee72b1d804b5fbe9d41eaef12040b7decccf10b2104ced7541f5ad7bd86820791d41ca7de9ac7cc6795bcfdee323e456ddc710bf7786b719ba15c8442db6d89bed883c1624a50b0e5ead037bc1385edb21324ca1b769609d0f840674f74705182c0c2a6e2e5de01ffd1969b3ad2559c4762697e4bca5bd2169d1ce017ff13f7f17aaa1061c7864b636ce5540454eb085b168ad2ad01a79e4b9146dac68983d97d092abea67710f4a713f6a45f71ec7f618d930b5248281df0e7b304f1a1a994ea296643272861d4a06c3c2409dbc2de354877b101ea891438e00a31d879b425c6af81ffa207ca104c54f03761dcd59c5593fdec744a22c7d10e7a1f9873635107bae83638b185f75c9f1270a79a57f07715e3fc2bc2fb2992a444bc1834f801ede021349a6c4bdb8a284236377d4a876278756209b9872c171d5e17d55a6a5560f9d0c2b8a5bfa1b45afc35165dffbc5aa55b8a85e5b4a6dc86d1749610c73c53503c9be85a51e7b7c170d09b7c4cbee1719fa27553c6d24a4ddbc1e2ca4526247a5021cc716001448071174887cb2d699a87ee4f96bd4eb439eecb94b9025303a0ca495181caf4008277727813e7e05dad48ab305bb4aa7adfb2feeae57cb4dd854db47efb3cdaa8f8be7a472b8511915e21613624e4689452bf20e08f91f8363bc68528617906d11ec1fca0c0224a9fdb920f5322a071d006254587180694836d0749b396d77e9ab5b3352f0e9ba8ae8b3e24a337e1f6953d2da2c765e9c4de318bfb89e061ee36adb397a4c7e217e8128d6c9fb76e5dbb93dadcc5dc5060e3b19bdf501b10de61afc0a46d9a0419d03b277ecaf4119ec9c75679f81bda9ea375b2dbc5d5a451e8b775f388919ea3f9546b6d90a721a5f712a92e571d83ee82fe196e3d3d202e77f73bba04111fb2f29586479a27e30bb29104b3f2b6117a05fd5bfa28a057a3399461aadf1a96b476286ae5bfe78b9bfc50f9b6f6f8756aa110443b811e5db48c017afdd14071b4274703998ecadd5367b5e8d6696b23868c3b7e8328cc6057c579b6b385cb87ed1eb10e6386dfffb49827f998763499af43ba8a487674174785c6ba74c76387781216686981dba4c8664dcab4d6c8a385c204de655d000008b76a122f7469c7aaa2abdb3ca99b78b5f4d1ae102982d2f1dcdbbf6917d0eb0bd4b871502040fb6e3dec37fe04401c51b48761de9ec10f36f63d638e2880937c842a8905c9ec82bbce4958d0ab91a4e65708502327b469373bc61f11046e6670acd3684eed59d9a756aed62b01f2726c1f5187e1efed47243a1b18f7bb9656fa14b", @ANYRESHEX=0x0, @ANYBLOB="70295065aa161a472b2a945bcf449aa1a5ab5a35ee0c76ee2b050356b522d6fbe68d7d294b25ebf5be0ec2fc83b9d03ac46f308c26361ba37461607fcc9820ce9b1be81e8bee0f4ea1ead8f3c22ce506e52861fff765227932d8cfb5b75ea02a6fffbafbb8603b50a05e4586bc921f5732489401599a90698812797a40412bcf3b882234aa5656c4b1b7630859c496ca5bf3801a15e7ad43ca9885f7e54e80ac40f6042283b245e2d433acf9c6746f7aa756", @ANYRES16], 0x5, 0x6bd, &(0x7f0000000cc0)="$eJzs3U+IXVcdB/DvfZm8mRchnf5LowgZGijaYDKTR00EoVFEsggSdNPtkEyaIZO0TKaSFjEvahVcuZIuXFQkLroSEaGuxLoWBDeusg+4c5GFOnL/vJk3b14mM51k3rT9fODOPfeee8753R/3z3v3JdwAn1nnX8vBXoqcP3HhVrl872536d7d7vV+OclkklYyUc9SdJLio+Rc6imfL1c23RUPG+eV+x8WE+990K2XJpqp2r61VbtNRm7ZS6bWFg4kmamL/9lGh63R/VVT1c+l9f4a7W1HWyvW4i4TdryfOBi31U1665WjTo2Ntn/eAvvW7fq+ucl0cij13bX8HJDm6vDoK8P4bXlt6u1dHAAAAPCkjPwuP+ipB3mQWzm8N+EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAp0NRvzOwaKZWvzyTov/+//bAO/XbYw53l969Us2++9S4AwEAAAAAAACAXTn2IA9yK4f7y6tF9Zv/i9XCc9Xfz+Wt3MxClnMytzKflaxkOXNJpgc6at+aX1lZntvc8pcpW66urt5uWp4e2fL0xrh6w4GO+pcGmzYCAAAAAAAAgM+sH+X8+u//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwHxTJgXpWTc/1y9NpTSSZStIuZtY2b4812Mfgz+MOAAAAAJ68TjM/XPyvLqwW1Xf+I9X3/qm8lRtZyWJWspSFXK6eBdTf+lt/73WX7t3tXi+nzR1/4187iqPqMfWzh9Ejz1ZbPL/W4ny+ne/lRGZyMctZzPczn5UsZCbfqkrzKTLdPL2Yvne3k36sm+M9t2Hp4nBsxwbKZXxHq0g6uZLFKraTudTuh95qtjs6MNof28nQiHfK7BSvNraZo8vNvNyjXzTz/WG62vODaxmZbXJfZuPpwbxvzv0Oj5PhkebSWnsG9dz6KOXi8EgfK+eHmnmZ658+2Zzv8FHaxkz0fl4u9Y++I1vnPPnyP/5y8WrrxrWrV26e2D+H0cc0fEx0BzLxwrYysVRmoreLTEztJv7Hp91ko76K7uxq+WLV9nAW8528kctZyJnMZi5nM5uv5XS6OT2Q1+e3zmt1rrV2dq4d/1JTKO9JPxu4N+2ZyYdVlHl9eiCvg1e66apucM16lp7ZRpaKdkZn6Z8jQ7nzhaZQjvHjgTvO+A1nYm4gE89unYlf/3c1yc2lG9eWr86/uc3xXmrm5Wn77sZr828eyw7tXLO75fHyTJKJ1LeNwaOjrHu2XzeUr3bzi8tE09mGunaq87mue9SZWvZ05M6onuq6F0aO0q3qjg7UbfiUkzeytPYppLHnJykA23Do5UPtzv3O3zrvd37Sudq5MPXNybOTX2zn4F8n/nTgd63ftr5evJz388McHnekAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwaXDz7XeuzS8tLSwPFg5keM1YCmk95g7vjKzqp6Je0x6xzbHscvSpJGNO5qMLad6ltKt+Jrdq/vskWzRvj2PfO0nGnfmqkIk9GGsyI6ourK3pJK21eJJc2ycvuAOehFMr1988dfPtd76yeH3+9YXXF26cPnvm1TPdr87dPnVlcWlhtv477iiBJ2Hjxz8AAAAAAAAAAADgk2Cv/mPJkKI3hn0FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPpnOv5aDvRSZmz05Wy7fu9tdKqd+eX3LiSStJMUPkuKj5FzqKdMD3RUPG+eV+x/+6qX3Puiu9zXR37411O4P/15d3eFe9JopM0kONPNHm9xWf5cG+uvtMLBasbaHZcKO9xMH4/b/AAAA//9tywGy") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) 351.214611ms ago: executing program 0 (id=5400): r0 = openat$vicodec0(0xffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$VIDIOC_S_PARM(r0, 0xc0cc5616, &(0x7f0000000280)={0x8, @capture={0x0, 0x1, {0x0, 0x8}, 0xf45, 0x6}}) 351.109961ms ago: executing program 5 (id=5401): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x41}, @call={0x85, 0x0, 0x0, 0x7d}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xe, 0x0, &(0x7f0000000240)="a1be15c49727c0ab6dba307470c0", 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 272.258597ms ago: executing program 3 (id=5402): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newlink={0x44, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x50a10, 0x33822}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xffffffffffffff40, 0x2, 0x0, 0x1, [@IFLA_BR_STP_STATE={0x8, 0x5, 0x1}, @IFLA_BR_FORWARD_DELAY={0x8, 0x1, 0x8000011}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x480c1}, 0x240408d0) 254.858879ms ago: executing program 2 (id=5403): r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40186f40, &(0x7f0000000440)=0xfffffffe) 213.382112ms ago: executing program 1 (id=5404): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x48, 0x0, 0x0) 182.503695ms ago: executing program 5 (id=5405): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="d80000001c0081044e81f782db44b904021d0802010000004000f0a1180002000000000000000e1208000f0100810401a8001600200001400300000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c11503c6bbace8017cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef3d93452a00"/216, 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0) 160.354216ms ago: executing program 0 (id=5406): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x4c, 0x0, 0x8, 0x801, 0x0, 0x0, {0xa}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x21}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_DATA={0x1c, 0x4, 0x0, 0x1, @fccp=[@CTA_TIMEOUT_DCCP_CLOSEREQ={0x8, 0x5, 0x1, 0x0, 0x80}, @CTA_TIMEOUT_DCCP_RESPOND={0x8, 0x2, 0x1, 0x0, 0x1}, @CTA_TIMEOUT_DCCP_CLOSING={0x8, 0x6, 0x1, 0x0, 0x9}]}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x7}]}, 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x24080) 52.05µs ago: executing program 1 (id=5408): rt_sigaction(0x40, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0, 0x8, &(0x7f0000000640)) syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 0s ago: executing program 2 (id=5409): prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) landlock_restrict_self(0xffffffffffffffff, 0x5) kernel console output (not intermixed with test programs): [ T6313] usb 2-1: config 220 interface 1 has no altsetting 0 [ 287.092069][ T6313] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 287.128386][ T6313] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 287.136501][ T6313] usb 2-1: Product: syz [ 287.148072][ T6313] usb 2-1: Manufacturer: syz [ 287.158668][ T6313] usb 2-1: SerialNumber: syz [ 287.213084][T11036] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3033'. [ 287.222212][T11036] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3033'. [ 287.231958][T11036] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3033'. [ 287.398308][ T6313] usb 2-1: selecting invalid altsetting 0 [ 287.404604][ T6313] usb 2-1: Found UVC 7.01 device syz (8086:0b07) [ 287.454277][ T6313] usb 2-1: No valid video chain found. [ 287.460113][ T52] block nbd2: Attempted send on invalid socket [ 287.466398][ T52] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 287.496273][ T6313] usb 2-1: selecting invalid altsetting 0 [ 287.518117][ T6313] usbtest: probe of 2-1:220.1 failed with error -22 [ 287.553906][ T6313] usb 2-1: USB disconnect, device number 14 [ 288.104139][T11059] loop3: detected capacity change from 0 to 64 [ 288.439425][T11047] loop0: detected capacity change from 0 to 32768 [ 288.468163][T11067] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3048'. [ 288.745893][T11071] (unnamed net_device) (uninitialized): option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 288.780601][T11073] netlink: 'syz.3.3050': attribute type 11 has an invalid length. [ 289.325014][T11091] loop1: detected capacity change from 0 to 64 [ 289.753602][T11105] netlink: 'syz.1.3067': attribute type 10 has an invalid length. [ 289.788602][T11105] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3067'. [ 289.829211][T11105] bridge0: port 3(veth0_vlan) entered blocking state [ 289.848259][T11105] bridge0: port 3(veth0_vlan) entered disabled state [ 289.867325][T11105] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check. [ 290.508800][T11131] loop0: detected capacity change from 0 to 1024 [ 290.701289][T11137] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3083'. [ 290.728801][T11137] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3083'. [ 290.832238][T11141] netlink: 'syz.0.3085': attribute type 1 has an invalid length. [ 290.988278][T11145] loop1: detected capacity change from 0 to 128 [ 291.030822][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 291.083667][T11145] FAT-fs (loop1): Filesystem has been set read-only [ 291.108408][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 291.138923][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 291.178536][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 291.187067][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 291.194730][T11149] loop2: detected capacity change from 0 to 8192 [ 291.239073][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 291.254859][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 291.286559][T11153] netlink: 'syz.3.3090': attribute type 2 has an invalid length. [ 291.294561][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 291.331918][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 291.354931][T11149] FAT-fs (loop2): error, corrupted directory (invalid entries) [ 291.364217][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 291.386137][T11149] FAT-fs (loop2): Filesystem has been set read-only [ 291.394714][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 291.418074][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 291.447225][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 291.476440][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 291.535835][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 291.551873][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 291.581984][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 291.607934][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 291.645816][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 291.674448][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 291.710922][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 291.735459][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 291.766729][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 291.820744][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 291.868337][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 291.898132][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 291.906696][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 291.948327][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 291.956847][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 291.994555][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 292.018185][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 292.026699][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 292.094495][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 292.120894][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 292.145286][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 292.175488][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 292.201188][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 292.232231][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 292.258048][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 292.266568][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 292.304773][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 292.323007][T11145] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52) [ 292.360250][ T26] audit: type=1800 audit(293.314:72): pid=11145 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3088" name="file1" dev="loop1" ino=1048628 res=0 errno=0 [ 292.821888][T11197] loop0: detected capacity change from 0 to 256 [ 292.951150][T11197] FAT-fs (loop0): Directory bread(block 64) failed [ 292.957767][T11197] FAT-fs (loop0): Directory bread(block 65) failed [ 293.018216][T11197] FAT-fs (loop0): Directory bread(block 66) failed [ 293.024820][T11197] FAT-fs (loop0): Directory bread(block 67) failed [ 293.041930][T11197] FAT-fs (loop0): Directory bread(block 68) failed [ 293.095235][T11197] FAT-fs (loop0): Directory bread(block 69) failed [ 293.130308][T11197] FAT-fs (loop0): Directory bread(block 70) failed [ 293.137023][T11197] FAT-fs (loop0): Directory bread(block 71) failed [ 293.191423][T11197] FAT-fs (loop0): Directory bread(block 72) failed [ 293.200399][T11197] FAT-fs (loop0): Directory bread(block 73) failed [ 293.331273][T11210] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3119'. [ 293.360709][T11210] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3119'. [ 294.051355][T11226] loop3: detected capacity change from 0 to 4096 [ 294.150531][T11236] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 294.250741][T11226] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 294.579013][ T4276] EXT4-fs (loop3): unmounting filesystem. [ 294.888826][T11256] netlink: zone id is out of range [ 295.001995][T11261] netlink: 144 bytes leftover after parsing attributes in process `syz.1.3143'. [ 295.333325][ T4273] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 295.345488][ T4273] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 295.355182][ T4273] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 295.364011][ T4273] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 295.373283][ T4273] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 295.381268][ T4273] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 295.400252][ T8019] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 295.419661][ T8019] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 295.427045][ T8019] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 295.437749][ T8019] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 295.445903][ T8019] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 295.454275][ T8019] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 295.661500][T11281] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3152'. [ 295.808660][T11270] chnl_net:caif_netlink_parms(): no params data found [ 296.037413][T11270] bridge0: port 1(bridge_slave_0) entered blocking state [ 296.048600][T11270] bridge0: port 1(bridge_slave_0) entered disabled state [ 296.064263][T11297] autofs4:pid:11297:autofs_fill_super: called with bogus options [ 296.069609][T11270] device bridge_slave_0 entered promiscuous mode [ 296.100439][T11270] bridge0: port 2(bridge_slave_1) entered blocking state [ 296.107676][T11270] bridge0: port 2(bridge_slave_1) entered disabled state [ 296.117600][T11270] device bridge_slave_1 entered promiscuous mode [ 296.198600][T11270] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 296.221335][T11270] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 296.403478][T11270] team0: Port device team_slave_0 added [ 296.454884][T11270] team0: Port device team_slave_1 added [ 296.588163][T11270] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 296.595182][T11270] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 296.632436][T11270] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 296.662307][T11317] netlink: 'syz.2.3166': attribute type 2 has an invalid length. [ 296.672272][T11317] netlink: 'syz.2.3166': attribute type 8 has an invalid length. [ 296.692520][T11317] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3166'. [ 296.719596][T11270] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 296.726675][T11270] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 296.807823][T11270] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 297.011790][T11270] device hsr_slave_0 entered promiscuous mode [ 297.041844][T11270] device hsr_slave_1 entered promiscuous mode [ 297.053592][T11270] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 297.074114][T11270] Cannot create hsr debugfs directory [ 297.498075][ T8019] Bluetooth: hci5: command 0x0409 tx timeout [ 297.563867][T11348] netlink: 14 bytes leftover after parsing attributes in process `syz.2.3182'. [ 297.650957][T11270] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 297.689296][T11270] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 297.769425][T11270] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 297.805365][T11358] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3188'. [ 297.827469][T11270] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 298.197827][T11270] 8021q: adding VLAN 0 to HW filter on device bond0 [ 298.261872][T11379] loop0: detected capacity change from 0 to 256 [ 298.322255][ T7230] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 298.334101][ T7230] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 298.375320][T11270] 8021q: adding VLAN 0 to HW filter on device team0 [ 298.415029][ T7230] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 298.441008][ T7230] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 298.469291][ T7230] bridge0: port 1(bridge_slave_0) entered blocking state [ 298.476445][ T7230] bridge0: port 1(bridge_slave_0) entered forwarding state [ 298.528883][ T7230] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 298.537705][ T7230] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 298.547477][ T7230] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 298.560372][ T7230] bridge0: port 2(bridge_slave_1) entered blocking state [ 298.567567][ T7230] bridge0: port 2(bridge_slave_1) entered forwarding state [ 298.586560][ T7230] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 298.656499][ T7230] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 298.682486][T11390] cifs: Unknown parameter 'no'aN[Gzob,er;%j [ 298.682486][T11390] z,@qJ#"h/.W1ȱnNC"C<+`#k' [ 298.689661][ T7230] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 298.730462][ T7230] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 298.778576][ T7230] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 298.804892][ T7230] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 298.826746][T11391] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3199'. [ 298.858300][ T7230] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 298.866595][ T7230] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 298.896089][ T7230] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 298.937784][ T7230] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 298.969015][ T7230] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 298.988697][T11270] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 298.997112][T11399] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3204'. [ 299.011155][T11399] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3204'. [ 299.568395][ T8019] Bluetooth: hci5: command 0x041b tx timeout [ 299.600455][T11419] loop0: detected capacity change from 0 to 4096 [ 299.626430][T11419] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [ 299.635706][ T26] audit: type=1326 audit(300.574:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11421 comm="syz.1.3214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848278eb69 code=0x7ffc0000 [ 299.674882][ T26] audit: type=1326 audit(300.584:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11421 comm="syz.1.3214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7f848278eb69 code=0x7ffc0000 [ 299.717903][ T26] audit: type=1326 audit(300.584:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11421 comm="syz.1.3214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848278eb69 code=0x7ffc0000 [ 299.818158][ T4511] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 299.819306][ T7207] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 299.851115][ T26] audit: type=1326 audit(300.584:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11421 comm="syz.1.3214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848278eb69 code=0x7ffc0000 [ 299.883989][ T7207] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 299.911461][T11270] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 300.020894][ T4511] usb 3-1: config 16 interface 0 altsetting 75 endpoint 0x7 has invalid maxpacket 1032, setting to 1024 [ 300.045161][ T4511] usb 3-1: config 16 interface 0 altsetting 75 endpoint 0x6 has invalid wMaxPacketSize 0 [ 300.075583][ T4511] usb 3-1: config 16 interface 0 has no altsetting 0 [ 300.113106][ T4511] usb 3-1: New USB device found, idVendor=15c2, idProduct=0036, bcdDevice=bb.7a [ 300.148278][ T4511] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 300.198294][T11417] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 300.241967][T11435] ipt_ECN: cannot use operation on non-tcp rule [ 300.433196][ T4511] usb 3-1: string descriptor 0 read error: -71 [ 300.449929][ T4511] imon:imon_find_endpoints: no valid input (IR) endpoint found [ 300.482727][ T4511] imon 3-1:16.0: unable to initialize intf0, err -19 [ 300.522968][ T4511] imon:imon_probe: failed to initialize context! [ 300.568360][ T4511] imon 3-1:16.0: unable to register, err -19 [ 300.598406][ T4511] usb 3-1: USB disconnect, device number 13 [ 300.637580][T11446] loop0: detected capacity change from 0 to 4096 [ 300.685740][T11446] ntfs: (device loop0): ntfs_read_locked_inode(): Corrupt standard information attribute in inode. [ 300.734071][T11446] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 300.755204][T11446] ntfs: (device loop0): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 300.777888][T11446] ntfs: volume version 3.1. [ 300.984007][T11455] loop1: detected capacity change from 0 to 512 [ 301.103835][T11455] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 301.232658][T11455] EXT4-fs (loop1): orphan cleanup on readonly fs [ 301.260656][ T7220] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 301.278571][T11455] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:511: comm syz.1.3227: Block bitmap for bg 0 marked uninitialized [ 301.294604][ T7220] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 301.404316][T11455] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 301.419388][T11470] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3232'. [ 301.437827][T11470] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 301.459421][T11455] EXT4-fs (loop1): 1 orphan inode deleted [ 301.468140][ T7220] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 301.482037][ T7220] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 301.491629][T11455] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 301.505057][T11270] device veth0_vlan entered promiscuous mode [ 301.512753][ T7220] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 301.530145][ T7220] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 301.591827][T11270] device veth1_vlan entered promiscuous mode [ 301.648407][ T8019] Bluetooth: hci5: command 0x040f tx timeout [ 301.694197][ T4266] EXT4-fs (loop1): unmounting filesystem. [ 301.793106][T11270] device veth0_macvtap entered promiscuous mode [ 301.801341][T11481] ieee802154 phy0 wpan0: encryption failed: -22 [ 301.830150][ T7220] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 301.857461][ T7220] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 301.925765][ T7220] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 301.973619][T11486] netlink: 'syz.0.3240': attribute type 1 has an invalid length. [ 301.978969][ T7220] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 302.002715][ T7220] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 302.025568][T11270] device veth1_macvtap entered promiscuous mode [ 302.121275][T11270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 302.133334][T11270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 302.144043][T11270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 302.154784][T11270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 302.165447][T11270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 302.191156][T11270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 302.207037][T11270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 302.217695][T11270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 302.227741][T11270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 302.248039][T11270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 302.259672][T11270] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 302.267560][ T7230] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 302.285892][ T7230] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 302.324872][ T7230] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 302.364653][T11270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 302.393437][T11270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 302.405005][T11270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 302.415759][T11270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 302.427143][T11270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 302.448323][T11270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 302.468368][T11270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 302.493685][T11270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 302.518343][T11270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 302.553646][T11270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 302.582827][T11270] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 302.622576][ T7230] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 302.652247][ T7230] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 302.698756][T11270] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 302.753246][T11270] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 302.783140][T11270] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 302.801258][T11270] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 302.945817][T11506] netlink: 'syz.3.3249': attribute type 1 has an invalid length. [ 303.119428][ T7230] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 303.134007][ T7230] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 303.223590][ T7226] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 303.286986][ T7226] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 303.304487][ T7226] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 303.332640][ T7226] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 303.398277][ T4336] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 303.597922][ T4336] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 303.609658][T11521] loop2: detected capacity change from 0 to 128 [ 303.625532][ T4336] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 303.684218][T11521] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 303.718892][ T4336] usb 2-1: config 0 descriptor?? [ 303.728591][ T8019] Bluetooth: hci5: command 0x0419 tx timeout [ 303.774031][ T4336] cp210x 2-1:0.0: cp210x converter detected [ 303.874835][ T4278] EXT4-fs (loop2): unmounting filesystem. [ 303.932963][ T4336] usb 2-1: cp210x converter now attached to ttyUSB0 [ 304.067029][ T26] audit: type=1326 audit(305.014:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11537 comm="syz.3.3263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf01d8eb69 code=0x7ffc0000 [ 304.139052][ T6313] usb 2-1: USB disconnect, device number 15 [ 304.158158][ T26] audit: type=1326 audit(305.014:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11537 comm="syz.3.3263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf01d8eb69 code=0x7ffc0000 [ 304.169223][ T6313] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 304.229283][ T6313] cp210x 2-1:0.0: device disconnected [ 304.251244][ T26] audit: type=1326 audit(305.044:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11537 comm="syz.3.3263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7fdf01d8eb69 code=0x7ffc0000 [ 304.390503][T11546] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3267'. [ 305.085650][T11575] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3281'. [ 306.006742][T11567] loop2: detected capacity change from 0 to 32768 [ 306.118282][T11613] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3299'. [ 306.186448][T11567] XFS (loop2): DAX unsupported by block device. Turning off DAX. [ 306.229447][T11567] XFS (loop2): Mounting V5 Filesystem [ 306.391572][T11567] XFS (loop2): Ending clean mount [ 306.405292][T11567] XFS (loop2): Quotacheck needed: Please wait. [ 306.528575][T11567] XFS (loop2): Quotacheck: Done. [ 306.694770][ T4278] XFS (loop2): Unmounting Filesystem [ 306.797312][T11609] loop3: detected capacity change from 0 to 32768 [ 306.924745][T11609] JBD2: Ignoring recovery information on journal [ 307.018411][T11609] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 307.024361][T11645] loop0: detected capacity change from 0 to 512 [ 307.122272][T11645] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.3312: casefold flag without casefold feature [ 307.158051][T11645] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.3312: couldn't read orphan inode 15 (err -117) [ 307.238541][T11645] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 307.255184][T11649] loop5: detected capacity change from 0 to 8192 [ 307.312851][T11649] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 307.357553][T11651] netlink: 'syz.1.3314': attribute type 29 has an invalid length. [ 307.387165][T11649] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 307.402584][T11651] netlink: 'syz.1.3314': attribute type 29 has an invalid length. [ 307.422707][ T4276] ocfs2: Unmounting device (7,3) on (node local) [ 307.443366][ T4270] EXT4-fs (loop0): unmounting filesystem. [ 307.455936][T11649] FAT-fs (loop5): Filesystem has been set read-only [ 308.111414][ T26] kauditd_printk_skb: 2 callbacks suppressed [ 308.111431][ T26] audit: type=1326 audit(309.064:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11666 comm="syz.5.3321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93e698eb69 code=0x7ffc0000 [ 308.200662][ T26] audit: type=1326 audit(309.064:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11666 comm="syz.5.3321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=139 compat=0 ip=0x7f93e698eb69 code=0x7ffc0000 [ 308.287842][ T26] audit: type=1326 audit(309.064:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11666 comm="syz.5.3321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93e698eb69 code=0x7ffc0000 [ 308.311634][T11672] loop3: detected capacity change from 0 to 1024 [ 308.327055][T11672] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only. [ 308.363461][ T26] audit: type=1326 audit(309.064:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11666 comm="syz.5.3321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93e698eb69 code=0x7ffc0000 [ 308.385230][ C1] vkms_vblank_simulate: vblank timer overrun [ 308.450453][T11675] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3325'. [ 308.656642][T11681] loop2: detected capacity change from 0 to 8 [ 309.053938][T11692] loop2: detected capacity change from 0 to 512 [ 309.115680][T11692] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 309.181275][T11697] loop5: detected capacity change from 0 to 1024 [ 309.182263][T11692] EXT4-fs (loop2): 1 truncate cleaned up [ 309.261421][T11697] fuse: Bad value for 'fd' [ 309.273533][T11692] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 309.396074][T11692] EXT4-fs error (device loop2): ext4_find_dest_de:2115: inode #2: block 13: comm syz.2.3333: bad entry in directory: '.' directory cannot be the last in data block - offset=0, inode=2, rec_len=1024, size=1024 fake=1 [ 309.480398][T11707] netlink: 'syz.0.3340': attribute type 1 has an invalid length. [ 309.502811][ T7220] hfsplus: b-tree write err: -5, ino 4 [ 309.663864][ T4278] EXT4-fs (loop2): unmounting filesystem. [ 310.208264][ T4513] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 310.285154][T11708] loop3: detected capacity change from 0 to 32768 [ 310.409350][T11708] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 310.410529][ T4513] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 310.441532][ T4513] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 310.451864][ T4513] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 310.462052][ T4513] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0 [ 310.472708][ T4513] usb 2-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 310.482183][ T4513] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 310.492942][ T4513] usb 2-1: config 0 descriptor?? [ 310.511992][T11708] OCFS2: ERROR (device loop3): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #17056 has bit count 2048 but claims that 39166 are free [ 310.608221][T11708] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 310.649004][T11708] OCFS2: File system is now read-only. [ 310.654558][T11708] (syz.3.3341,11708,0):ocfs2_search_chain:1761 ERROR: status = -30 [ 310.706024][ T4513] hdpvr 2-1:0.0: firmware version 0x12 dated [ 310.718153][T11708] (syz.3.3341,11708,0):ocfs2_search_chain:1871 ERROR: status = -30 [ 310.756729][T11708] (syz.3.3341,11708,0):ocfs2_claim_suballoc_bits:1940 ERROR: status = -30 [ 310.776985][T11708] (syz.3.3341,11708,0):ocfs2_claim_suballoc_bits:1983 ERROR: status = -30 [ 310.828021][T11708] (syz.3.3341,11708,0):ocfs2_claim_new_inode:2216 ERROR: status = -30 [ 310.846518][T11708] (syz.3.3341,11708,0):ocfs2_claim_new_inode:2231 ERROR: status = -30 [ 310.879583][T11708] (syz.3.3341,11708,0):ocfs2_mknod_locked:639 ERROR: status = -30 [ 310.887499][T11708] (syz.3.3341,11708,0):ocfs2_mknod:385 ERROR: status = -30 [ 310.895168][T11708] (syz.3.3341,11708,0):ocfs2_mknod:502 ERROR: status = -30 [ 310.902498][T11708] (syz.3.3341,11708,0):ocfs2_create:676 ERROR: status = -30 [ 310.914576][ T4513] hdpvr 2-1:0.0: device init failed [ 310.922315][ T4513] hdpvr: probe of 2-1:0.0 failed with error -12 [ 310.958227][ T4513] usb 2-1: USB disconnect, device number 16 [ 311.003967][ T4276] ocfs2: Unmounting device (7,3) on (node local) [ 311.277357][T11758] netlink: 'syz.0.3366': attribute type 3 has an invalid length. [ 311.323937][T11758] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.3366'. [ 311.661694][T11769] loop1: detected capacity change from 0 to 512 [ 311.776554][T11750] loop5: detected capacity change from 0 to 32768 [ 311.790074][T11769] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 311.914388][T11783] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 311.937713][T11783] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 311.956436][T11783] overlayfs: missing 'lowerdir' [ 311.961193][T11769] EXT4-fs error (device loop1): ext4_validate_block_bitmap:429: comm syz.1.3370: bg 0: block 18: invalid block bitmap [ 311.994973][T11769] Quota error (device loop1): write_blk: dquota write failed [ 312.034168][T11769] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 312.119398][T11769] EXT4-fs error (device loop1): ext4_acquire_dquot:6814: comm syz.1.3370: Failed to acquire dquot type 1 [ 312.381756][T11794] loop0: detected capacity change from 0 to 1024 [ 312.399518][ T4266] EXT4-fs (loop1): unmounting filesystem. [ 312.455851][T11794] hfsplus: failed to load root directory [ 312.950752][T11815] netlink: 'syz.2.3391': attribute type 10 has an invalid length. [ 313.073763][T11819] netlink: 72 bytes leftover after parsing attributes in process `syz.5.3393'. [ 313.289006][T11827] blktrace: Concurrent blktraces are not allowed on sg0 [ 313.808822][T11843] loop5: detected capacity change from 0 to 1764 [ 313.866810][T11811] loop3: detected capacity change from 0 to 32768 [ 313.886583][ T26] audit: type=1326 audit(314.834:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11848 comm="syz.0.3408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa12bd8eb69 code=0x7ffc0000 [ 313.928322][T11811] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.3389 (11811) [ 313.978512][T11811] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 314.008620][T11811] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 314.010983][ T26] audit: type=1326 audit(314.904:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11848 comm="syz.0.3408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa12bd8eb69 code=0x7ffc0000 [ 314.044591][T11811] BTRFS info (device loop3): using free space tree [ 314.172867][ T26] audit: type=1326 audit(314.904:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11848 comm="syz.0.3408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7fa12bd8eb69 code=0x7ffc0000 [ 314.195509][ T26] audit: type=1326 audit(314.904:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11848 comm="syz.0.3408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa12bd8eb69 code=0x7ffc0000 [ 314.217226][ C1] vkms_vblank_simulate: vblank timer overrun [ 314.225507][ T26] audit: type=1326 audit(314.904:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11848 comm="syz.0.3408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa12bd8eb69 code=0x7ffc0000 [ 314.257858][T11863] loop0: detected capacity change from 0 to 2048 [ 314.280646][T11861] netlink: 'syz.5.3409': attribute type 10 has an invalid length. [ 314.298871][T11863] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 314.338151][T11861] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3409'. [ 314.347302][T11861] netlink: 'syz.5.3409': attribute type 10 has an invalid length. [ 314.355682][T11861] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3409'. [ 314.500920][T11811] BTRFS info (device loop3): enabling ssd optimizations [ 314.717172][ T4276] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 315.219681][T11897] netlink: 'syz.5.3424': attribute type 8 has an invalid length. [ 315.392358][T11901] netlink: 'syz.0.3425': attribute type 32 has an invalid length. [ 315.454317][T11905] loop2: detected capacity change from 0 to 512 [ 315.595455][T11905] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 315.631385][T11913] loop1: detected capacity change from 0 to 256 [ 315.721322][T11917] ieee802154 phy0 wpan0: encryption failed: -22 [ 315.727315][T11913] MINIX-fs: mounting file system with errors, running fsck is recommended [ 315.886970][ T4278] EXT4-fs (loop2): unmounting filesystem. [ 316.361938][T11941] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3443'. [ 316.381762][T11941] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3443'. [ 317.022094][T11966] netlink: 'syz.2.3456': attribute type 21 has an invalid length. [ 317.038273][T11966] netlink: 128 bytes leftover after parsing attributes in process `syz.2.3456'. [ 317.052250][T11966] netlink: 'syz.2.3456': attribute type 4 has an invalid length. [ 317.066987][T11966] netlink: 3 bytes leftover after parsing attributes in process `syz.2.3456'. [ 317.086900][T11969] netlink: 'syz.0.3457': attribute type 8 has an invalid length. [ 317.171233][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.177650][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.230164][T11974] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.312184][T11977] loop2: detected capacity change from 0 to 16 [ 317.357321][T11977] erofs: (device loop2): mounted with root inode @ nid 36. [ 317.389220][T11980] x_tables: duplicate underflow at hook 2 [ 317.625921][T11986] loop0: detected capacity change from 0 to 64 [ 318.558590][T12023] loop3: detected capacity change from 0 to 1024 [ 318.598519][T12023] EXT4-fs: Ignoring removed nomblk_io_submit option [ 318.636475][T12023] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 318.685859][T12023] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 318.785003][T12023] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 318.898977][ T4276] EXT4-fs (loop3): unmounting filesystem. [ 319.051573][T12040] xt_CT: You must specify a L4 protocol and not use inversions on it [ 319.423131][T12053] netlink: 52 bytes leftover after parsing attributes in process `syz.3.3498'. [ 319.577369][T12059] netlink: 'syz.0.3501': attribute type 4 has an invalid length. [ 319.649403][T12061] Unknown options in mask 5 [ 320.148678][T12078] loop1: detected capacity change from 0 to 256 [ 320.241050][T12043] loop5: detected capacity change from 0 to 32768 [ 320.316232][T12043] ea_get: invalid extended attribute [ 320.372692][T12043] ffff888073f6b170: 04 00 00 00 .... [ 320.728171][ T1169] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 320.938322][ T1169] usb 2-1: Using ep0 maxpacket: 32 [ 320.943743][T12105] netlink: 96 bytes leftover after parsing attributes in process `syz.5.3523'. [ 320.957217][ T1169] usb 2-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 320.978096][ T1169] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 321.016119][ T1169] usb 2-1: config 0 descriptor?? [ 321.080885][ T1169] as10x_usb: device has been detected [ 321.086744][ T1169] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 321.176349][ T1169] usb 2-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)... [ 321.252666][ T1169] as10x_usb: error during firmware upload part1 [ 321.286192][ T1169] Registered device nBox DVB-T Dongle [ 321.289122][ T1169] usb 2-1: USB disconnect, device number 17 [ 321.401101][ T1169] Unregistered device nBox DVB-T Dongle [ 321.402439][ T1169] as10x_usb: device has been disconnected [ 321.615484][T12125] (unnamed net_device) (uninitialized): option arp_interval: invalid value (18446744073709551615) [ 321.628118][T12125] (unnamed net_device) (uninitialized): option arp_interval: allowed values 0 - 2147483647 [ 322.255172][T12117] loop5: detected capacity change from 0 to 32768 [ 322.276197][T12141] device bridge3 entered promiscuous mode [ 322.379618][T12117] XFS (loop5): Mounting V5 Filesystem [ 322.562857][T12117] XFS (loop5): Ending clean mount [ 322.585359][T12117] XFS (loop5): Quotacheck needed: Please wait. [ 322.757030][T12117] XFS (loop5): Quotacheck: Done. [ 322.814611][T12167] loop2: detected capacity change from 0 to 8 [ 322.933527][T11270] XFS (loop5): Unmounting Filesystem [ 324.015654][T12163] loop3: detected capacity change from 0 to 32768 [ 324.107491][T12200] netlink: 2 bytes leftover after parsing attributes in process `syz.1.3567'. [ 324.126463][T12163] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.3549 (12163) [ 324.200059][T12163] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 324.268175][T12163] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 324.306869][T12163] BTRFS info (device loop3): using free space tree [ 324.537742][T12163] BTRFS info (device loop3): enabling ssd optimizations [ 324.795817][ T4276] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 326.548064][ T6312] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 326.752500][ T6312] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 326.770081][ T6312] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 326.795771][ T6312] usb 1-1: config 0 descriptor?? [ 327.122518][T12321] netlink: 'syz.5.3617': attribute type 6 has an invalid length. [ 327.226331][ T6312] ath6kl: Failed to submit usb control message: -71 [ 327.245033][ T6312] ath6kl: unable to send the bmi data to the device: -71 [ 327.262803][ T6312] ath6kl: Unable to send get target info: -71 [ 327.296385][ T6312] ath6kl: Failed to init ath6kl core: -71 [ 327.400123][ T6312] ath6kl_usb: probe of 1-1:0.0 failed with error -71 [ 327.444294][ T6312] usb 1-1: USB disconnect, device number 5 [ 327.498471][T12335] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3624'. [ 327.630570][T12341] binder: 12340:12341 unknown command 0 [ 327.646684][T12341] binder: 12340:12341 ioctl c0306201 200000000480 returned -22 [ 327.755930][T12342] [U] ^C [ 328.135298][T12358] xt_hashlimit: size too large, truncated to 1048576 [ 328.163169][T12358] xt_hashlimit: max too large, truncated to 1048576 [ 328.189230][T12361] loop0: detected capacity change from 0 to 1024 [ 328.548562][ T7223] hfsplus: b-tree write err: -5, ino 4 [ 329.179418][T12392] loop2: detected capacity change from 0 to 8 [ 329.227917][T12390] loop5: detected capacity change from 0 to 4096 [ 329.273316][T12390] ntfs3: loop5: Different NTFS' sector size (4096) and media sector size (512) [ 329.288498][T12392] SQUASHFS error: Failed to read block 0x636: -5 [ 329.321911][T12392] SQUASHFS error: Unable to read metadata cache entry [634] [ 329.351866][T12392] SQUASHFS error: Unable to read metadata cache entry [634] [ 329.396341][T12390] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 329.419645][T12392] SQUASHFS error: Unable to read directory block [629:0] [ 329.438347][T12390] ntfs3: loop5: mft corrupted [ 329.468360][T12390] ntfs3: loop5: Failed to load $Extend. [ 329.678931][T12406] loop1: detected capacity change from 0 to 256 [ 329.772755][T12406] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 330.438357][T12431] xt_CT: You must specify a L4 protocol and not use inversions on it [ 330.471139][T12433] loop5: detected capacity change from 0 to 8 [ 330.546135][T12433] MTD: Attempt to mount non-MTD device "/dev/loop5" [ 330.555582][ T4260] udevd[4260]: incorrect cramfs checksum on /dev/loop5 [ 330.657890][T12433] cramfs: Error -3 while decompressing! [ 330.698623][T12433] cramfs: ffffffff96d711a8(1306)->ffff88805071a000(4096) [ 330.726155][T12433] cramfs: bad data blocksize 3221485966 [ 330.758210][T12433] cramfs: Error -3 while decompressing! [ 330.776006][T12433] cramfs: ffffffff96d711a8(1306)->ffff88805071a000(4096) [ 330.963792][T12404] loop0: detected capacity change from 0 to 32768 [ 332.262344][T12495] netlink: 56 bytes leftover after parsing attributes in process `syz.1.3692'. [ 332.343424][T12495] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3692'. [ 332.388161][T12495] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3692'. [ 333.203703][T12530] netlink: 'syz.3.3707': attribute type 30 has an invalid length. [ 334.008420][T12562] ieee802154 phy0 wpan0: encryption failed: -22 [ 334.181755][ T26] audit: type=1326 audit(335.134:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12567 comm="syz.2.3726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9e698eb69 code=0x7ffc0000 [ 334.242505][ T26] audit: type=1326 audit(335.154:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12567 comm="syz.2.3726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=160 compat=0 ip=0x7fd9e698eb69 code=0x7ffc0000 [ 334.303599][ T26] audit: type=1326 audit(335.154:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12567 comm="syz.2.3726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9e698eb69 code=0x7ffc0000 [ 334.325322][ C1] vkms_vblank_simulate: vblank timer overrun [ 334.396654][ T26] audit: type=1326 audit(335.154:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12567 comm="syz.2.3726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9e698eb69 code=0x7ffc0000 [ 334.438257][ T4513] usb 2-1: new low-speed USB device number 18 using dummy_hcd [ 334.533395][T12579] netlink: 'syz.3.3731': attribute type 1 has an invalid length. [ 334.557362][T12579] netlink: 'syz.3.3731': attribute type 1 has an invalid length. [ 334.662763][ T4513] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 334.693412][ T4513] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 334.736072][ T4513] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 is Bulk; changing to Interrupt [ 334.766606][ T4513] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 334.810310][ T4513] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 334.848145][ T4513] usb 2-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 334.867591][ T4513] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 334.886063][ T4513] usb 2-1: config 0 descriptor?? [ 334.899517][T12565] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 335.055788][T12600] loop5: detected capacity change from 0 to 2048 [ 335.153480][T12600] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 335.171163][ T1169] usb 2-1: USB disconnect, device number 18 [ 335.361428][T12606] loop0: detected capacity change from 0 to 4096 [ 335.402124][T12606] ntfs3: loop0: Different NTFS' sector size (2048) and media sector size (512) [ 335.477538][T12608] xt_CT: No such helper "pptp" [ 335.478235][T12606] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 335.552652][T12606] ntfs3: loop0: ino=1b, "file0" The size of extended attributes must not exceed 64KiB [ 335.676875][T12617] loop5: detected capacity change from 0 to 16 [ 335.736063][ T4270] ntfs3: loop0: ntfs_evict_inode r=5 failed, -22. [ 335.737609][T12617] erofs: (device loop5): mounted with root inode @ nid 36. [ 335.861860][T12617] erofs: (device loop5): init_inode_xattrs: xattr_isize 12 of nid 86 is not supported yet [ 335.922030][T12620] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3750'. [ 336.126932][T12623] loop1: detected capacity change from 0 to 4096 [ 336.192492][T12623] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 336.382057][T12623] ntfs3: loop1: failed to convert "076c" to cp949 [ 336.417704][T12634] loop5: detected capacity change from 0 to 16 [ 336.462298][T12634] erofs: (device loop5): mounted with root inode @ nid 36. [ 336.510855][T12634] erofs: (device loop5): z_erofs_pcluster_readmore: readmore error at page 1 @ nid 89 [ 336.546603][T12634] erofs: (device loop5): z_erofs_read_folio: failed to read, err [-117] [ 336.631824][T12613] loop2: detected capacity change from 0 to 32768 [ 336.661587][ T26] audit: type=1326 audit(337.614:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12637 comm="syz.1.3759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848278eb69 code=0x7ffc0000 [ 336.735295][ T26] audit: type=1326 audit(337.614:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12637 comm="syz.1.3759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=239 compat=0 ip=0x7f848278eb69 code=0x7ffc0000 [ 336.767609][T12613] ERROR: (device loop2): dbAlloc: the hint is outside the map [ 336.767609][T12613] [ 336.818172][T12613] ialloc: diAlloc returned -5! [ 336.822554][ T26] audit: type=1326 audit(337.614:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12637 comm="syz.1.3759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848278eb69 code=0x7ffc0000 [ 336.937489][ T26] audit: type=1326 audit(337.614:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12637 comm="syz.1.3759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848278eb69 code=0x7ffc0000 [ 336.998038][ T2185] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 337.188131][ T2185] usb 1-1: Using ep0 maxpacket: 32 [ 337.195245][ T2185] usb 1-1: config 0 has an invalid interface number: 111 but max is 1 [ 337.248068][ T2185] usb 1-1: config 0 has no interface number 1 [ 337.308505][ T2185] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 337.344809][T12658] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3771'. [ 337.349590][ T2185] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=4a.83 [ 337.368154][T12660] netlink: 'syz.1.3769': attribute type 1 has an invalid length. [ 337.398073][ T2185] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 337.416515][ T2185] usb 1-1: Product: syz [ 337.421049][ T2185] usb 1-1: Manufacturer: syz [ 337.426412][ T2185] usb 1-1: SerialNumber: syz [ 337.449306][ T2185] usb 1-1: config 0 descriptor?? [ 337.627815][T12666] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3773'. [ 337.665093][ T2185] snd-usb-6fire 1-1:0.111: unable to receive device firmware state. [ 337.677863][T12666] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3773'. [ 337.687372][ T2185] snd-usb-6fire: probe of 1-1:0.111 failed with error -71 [ 337.694863][T12670] netlink: 'syz.1.3775': attribute type 3 has an invalid length. [ 337.762538][ T2185] usb 1-1: USB disconnect, device number 6 [ 338.141151][T12687] netlink: 'syz.5.3782': attribute type 27 has an invalid length. [ 338.366147][T12691] device wlan0 entered promiscuous mode [ 338.827824][T12713] loop2: detected capacity change from 0 to 64 [ 338.943303][T12718] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3799'. [ 339.061777][T12722] loop5: detected capacity change from 0 to 128 [ 339.472986][T12738] comedi comedi4: bad chanlist[0]=0x00240000 chan=0 range length=2 [ 339.745722][T12750] netlink: 'syz.2.3811': attribute type 1 has an invalid length. [ 339.785086][T12750] netlink: 244 bytes leftover after parsing attributes in process `syz.2.3811'. [ 339.894692][T12753] loop0: detected capacity change from 0 to 512 [ 340.019960][T12753] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 340.057278][T12753] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 340.097562][T12753] System zones: 0-1, 15-15, 18-18, 34-34 [ 340.136974][T12753] EXT4-fs (loop0): orphan cleanup on readonly fs [ 340.148102][T12753] Quota error (device loop0): v2_read_header: Failed header read: expected=8 got=0 [ 340.158287][T12753] EXT4-fs warning (device loop0): ext4_enable_quotas:7066: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 340.227688][T12753] EXT4-fs (loop0): Cannot turn on quotas: error -22 [ 340.265637][T12753] EXT4-fs error (device loop0): ext4_orphan_get:1426: comm syz.0.3817: bad orphan inode 16 [ 340.315444][T12753] ext4_test_bit(bit=15, block=18) = 1 [ 340.331216][T12753] is_bad_inode(inode)=0 [ 340.335441][T12753] NEXT_ORPHAN(inode)=0 [ 340.364036][T12753] max_ino=32 [ 340.367334][T12753] i_nlink=2 [ 340.380731][T12753] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 340.431052][T12753] fscrypt (loop0, inode 16): Error -61 getting encryption context [ 341.019552][ T4270] EXT4-fs (loop0): unmounting filesystem. [ 342.888125][T12864] trusted_key: encrypted_key: master key parameter '*' is invalid [ 342.973485][T12828] loop3: detected capacity change from 0 to 32768 [ 343.010079][T12828] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 11 [ 343.366806][T12880] netlink: 'syz.0.3879': attribute type 1 has an invalid length. [ 343.394541][T12882] device netdevsim0 entered promiscuous mode [ 343.441547][ T4260] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 11 [ 343.679175][T12890] x_tables: duplicate underflow at hook 4 [ 343.740599][T12894] binder: 12891:12894 ioctl c018620c 200000000700 returned -22 [ 344.261187][T12914] loop1: detected capacity change from 0 to 128 [ 344.349175][T12914] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 344.405209][T12923] loop2: detected capacity change from 0 to 8 [ 344.560104][ T4266] EXT4-fs (loop1): unmounting filesystem. [ 344.788152][T12937] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3907'. [ 344.956991][T12944] netlink: 1392 bytes leftover after parsing attributes in process `syz.1.3910'. [ 344.966781][T12942] cgroup: Invalid name [ 346.151516][T12994] loop3: detected capacity change from 0 to 128 [ 346.223688][ T4260] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 346.237529][T12994] autofs4:pid:12994:autofs_fill_super: called with bogus options [ 346.944130][T13018] loop3: detected capacity change from 0 to 4096 [ 346.977832][T13018] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512) [ 347.071774][T13029] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3952'. [ 347.110596][T13029] netlink: 148 bytes leftover after parsing attributes in process `syz.2.3952'. [ 347.313991][T13035] netlink: 830 bytes leftover after parsing attributes in process `syz.1.3955'. [ 347.576037][T13048] (unnamed net_device) (uninitialized): up delay (7) is not a multiple of miimon (3), value rounded to 6 ms [ 347.625953][T13048] (unnamed net_device) (uninitialized): down delay (7) is not a multiple of miimon (3), value rounded to 6 ms [ 347.687826][T13048] 8021q: adding VLAN 0 to HW filter on device bond6 [ 347.868375][T13058] netlink: 'syz.5.3966': attribute type 17 has an invalid length. [ 347.876273][T13058] netlink: 5 bytes leftover after parsing attributes in process `syz.5.3966'. [ 347.939811][T13058] A link change request failed with some changes committed already. Interface macvtap0 may have been left with an inconsistent configuration, please check. [ 348.890438][T13101] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3988'. [ 348.920504][T13101] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3988'. [ 348.951778][T13101] netlink: 5 bytes leftover after parsing attributes in process `syz.3.3988'. [ 349.131479][T13106] xt_limit: Overflow, try lower: 65536/2147483648 [ 349.332959][T13112] SET target dimension over the limit! [ 350.366612][T13154] x_tables: unsorted underflow at hook 3 [ 350.628057][ T4511] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 350.828194][ T4511] usb 6-1: Using ep0 maxpacket: 8 [ 350.836385][ T4511] usb 6-1: config 0 has an invalid interface number: 193 but max is 1 [ 350.865661][ T4511] usb 6-1: config 0 has an invalid interface number: 4 but max is 1 [ 350.892976][T13181] netlink: 92 bytes leftover after parsing attributes in process `syz.3.4027'. [ 350.906203][ T4511] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 350.929487][ T4511] usb 6-1: config 0 has no interface number 0 [ 350.936086][ T4511] usb 6-1: config 0 has no interface number 1 [ 350.952571][ T4511] usb 6-1: config 0 interface 193 altsetting 147 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 350.976409][ T4511] usb 6-1: config 0 interface 4 altsetting 2 endpoint 0x6 has invalid wMaxPacketSize 0 [ 351.004407][ T4511] usb 6-1: config 0 interface 4 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 11 [ 351.048259][ T6312] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 351.055800][ T4511] usb 6-1: config 0 interface 193 has no altsetting 0 [ 351.071678][ T4511] usb 6-1: config 0 interface 4 has no altsetting 0 [ 351.084145][T13187] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 351.097455][ T4511] usb 6-1: New USB device found, idVendor=1f38, idProduct=0001, bcdDevice=7d.6a [ 351.188253][ T4511] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 351.196335][ T4511] usb 6-1: Product: syz [ 351.231301][ T4511] usb 6-1: Manufacturer: syz [ 351.236011][ T4511] usb 6-1: SerialNumber: syz [ 351.248226][ T6312] usb 3-1: Using ep0 maxpacket: 8 [ 351.255132][ T6312] usb 3-1: config 179 has an invalid interface number: 65 but max is 0 [ 351.285091][ T4511] usb 6-1: config 0 descriptor?? [ 351.290274][ T6312] usb 3-1: config 179 has no interface number 0 [ 351.314241][ T6312] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 351.327211][ T6312] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 351.348331][ T6312] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 52, changing to 9 [ 351.388778][ T6312] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 8241, setting to 1024 [ 351.448087][ T6312] usb 3-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 351.501987][ T6312] usb 3-1: config 179 interface 65 has no altsetting 0 [ 351.510008][ T6312] usb 3-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 351.519488][ T6312] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 351.540973][ T4511] usb 6-1: unknown interface protocol 0x4f, assuming v1 [ 351.541037][ T4511] usb 6-1: 193:2 : does not exist [ 351.543726][ T4511] usb 6-1: unknown interface protocol 0x5, assuming v1 [ 351.543754][ T4511] usb 6-1: 4:2 : does not exist [ 351.569270][ T4511] usb 6-1: USB disconnect, device number 2 [ 351.634925][ T6312] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input11 [ 351.666339][T13204] loop0: detected capacity change from 0 to 64 [ 351.825753][ T4260] udevd[4260]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.193/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 352.057693][ T4511] usb 3-1: USB disconnect, device number 14 [ 352.057706][ C0] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 352.081654][ T4511] xpad 3-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 352.362058][ T26] audit: type=1326 audit(353.314:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13220 comm="syz.3.4047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf01d8eb69 code=0x7ffc0000 [ 352.424154][ T26] audit: type=1326 audit(353.334:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13220 comm="syz.3.4047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7fdf01d8eb69 code=0x7ffc0000 [ 352.478089][ T26] audit: type=1326 audit(353.334:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13220 comm="syz.3.4047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf01d8eb69 code=0x7ffc0000 [ 352.552561][ T26] audit: type=1326 audit(353.334:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13220 comm="syz.3.4047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf01d8eb69 code=0x7ffc0000 [ 352.598061][T13227] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4049'. [ 352.745722][T13232] loop5: detected capacity change from 0 to 2048 [ 352.795275][T13236] tmpfs: Bad value for 'mpol' [ 352.845086][T13232] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 352.974306][T13232] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.4052: bg 0: block 345: padding at end of block bitmap is not set [ 353.022543][T13232] EXT4-fs (loop5): Remounting filesystem read-only [ 353.084599][T13247] netlink: 194488 bytes leftover after parsing attributes in process `syz.1.4058'. [ 353.137242][T11270] EXT4-fs (loop5): unmounting filesystem. [ 353.652250][T13270] xt_l2tp: invalid flags combination: 8 [ 353.661962][T13271] overlayfs: workdir and upperdir must be separate subtrees [ 354.110385][ T6312] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 354.318078][ T6312] usb 4-1: Using ep0 maxpacket: 16 [ 354.331778][ T6312] usb 4-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 7.79 [ 354.362380][ T6312] usb 4-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0 [ 354.398233][ T6312] usb 4-1: Manufacturer: syz [ 354.413615][ T6312] usb 4-1: config 0 descriptor?? [ 354.560261][T13307] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4088'. [ 354.626008][T13309] netlink: 'syz.1.4089': attribute type 49 has an invalid length. [ 354.645995][ T6312] usb 4-1: Not enough endpoints found in device, aborting! [ 354.864464][ T2185] usb 4-1: USB disconnect, device number 11 [ 355.251147][T13335] ieee802154 phy0 wpan0: encryption failed: -22 [ 356.006524][T13329] loop5: detected capacity change from 0 to 32768 [ 356.053153][T13329] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 356.112141][T13329] OCFS2: ERROR (device loop5): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #17056 has an invalid fs_generation of #131491009 [ 356.138737][T13329] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 356.157735][T13367] loop0: detected capacity change from 0 to 4096 [ 356.171895][T13367] ntfs: (device loop0): check_mft_mirror(): $MFT and $MFTMirr (record 0) do not match. Run ntfsfix or chkdsk. [ 356.190924][T13329] OCFS2: File system is now read-only. [ 356.196615][T13329] (syz.5.4098,13329,1):ocfs2_search_chain:1761 ERROR: status = -30 [ 356.208960][ T6305] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 356.219602][T13329] (syz.5.4098,13329,1):ocfs2_search_chain:1871 ERROR: status = -30 [ 356.228508][T13329] (syz.5.4098,13329,1):ocfs2_claim_suballoc_bits:1940 ERROR: status = -30 [ 356.247860][T13367] ntfs: (device loop0): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 356.261516][T13329] (syz.5.4098,13329,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -30 [ 356.280764][T13329] (syz.5.4098,13329,1):ocfs2_claim_new_inode:2216 ERROR: status = -30 [ 356.290590][T13367] ntfs: volume version 3.1. [ 356.308640][T13367] ntfs: (device loop0): ntfs_read_locked_attr_inode(): Failed with error code -2 while reading attribute inode (mft_no 0x1a, type 0x80, name_len 4). Marking corrupt inode and base inode 0x1a as bad. Run chkdsk. [ 356.344701][T13329] (syz.5.4098,13329,1):ocfs2_claim_new_inode:2231 ERROR: status = -30 [ 356.387401][T13367] ntfs: (device loop0): load_and_init_usnjrnl(): Failed to load $UsnJrnl/$DATA/$Max attribute. [ 356.398352][T13329] (syz.5.4098,13329,1):ocfs2_mknod_locked:639 ERROR: status = -30 [ 356.408352][T13329] (syz.5.4098,13329,1):ocfs2_mknod:385 ERROR: status = -30 [ 356.409265][ T6305] usb 2-1: too many configurations: 241, using maximum allowed: 8 [ 356.415731][T13329] (syz.5.4098,13329,1):ocfs2_mknod:502 ERROR: status = -30 [ 356.438478][T13367] ntfs: (device loop0): load_system_files(): Failed to load $UsnJrnl. Will not be able to remount read-write. Run chkdsk. [ 356.475359][ T6305] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 356.512364][T13329] (syz.5.4098,13329,1):ocfs2_create:676 ERROR: status = -30 [ 356.536541][ T6305] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 356.584382][ T6305] usb 2-1: Product: syz [ 356.598158][ T6305] usb 2-1: Manufacturer: syz [ 356.602993][ T6305] usb 2-1: SerialNumber: syz [ 356.635883][ T6305] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 356.692625][ T6305] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 356.721804][T11270] ocfs2: Unmounting device (7,5) on (node local) [ 356.948138][ T2185] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 356.969762][ C0] usb 2-1: ath9k_htc: over RX MAX_PKT_NUM [ 357.191974][ T7] usb 2-1: USB disconnect, device number 19 [ 357.217711][ T2185] usb 4-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 357.251783][ T2185] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 357.262231][ T2185] usb 4-1: config 0 descriptor?? [ 357.285230][ T2185] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 357.626915][ T26] audit: type=1326 audit(358.574:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13394 comm="syz.0.4130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa12bd8eb69 code=0x7ffc0000 [ 357.663095][ T26] audit: type=1326 audit(358.574:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13394 comm="syz.0.4130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa12bd8eb69 code=0x7ffc0000 [ 357.710179][ T2185] gspca_stv06xx: I2C: Read error writing address: -71 [ 357.745714][ T2185] usb 4-1: USB disconnect, device number 12 [ 357.818168][ T6305] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 357.822606][ T26] audit: type=1326 audit(358.604:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13394 comm="syz.0.4130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=268 compat=0 ip=0x7fa12bd8eb69 code=0x7ffc0000 [ 357.825229][ T6305] ath9k_htc: Failed to initialize the device [ 357.948224][ T26] audit: type=1326 audit(358.604:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13394 comm="syz.0.4130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa12bd8eb69 code=0x7ffc0000 [ 357.971562][ T7] usb 2-1: ath9k_htc: USB layer deinitialized [ 358.048116][ T26] audit: type=1326 audit(358.604:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13394 comm="syz.0.4130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa12bd8eb69 code=0x7ffc0000 [ 358.226481][T13409] netlink: 'syz.1.4137': attribute type 10 has an invalid length. [ 358.279766][T13409] bridge0: port 3(team0) entered blocking state [ 358.296588][T13412] comedi comedi3: comedi_config --init_data is deprecated [ 358.296654][T13409] bridge0: port 3(team0) entered disabled state [ 358.340434][T13409] device team0 entered promiscuous mode [ 358.346063][T13409] device team_slave_0 entered promiscuous mode [ 358.379374][T13409] device team_slave_1 entered promiscuous mode [ 358.404296][T13409] bridge0: port 3(team0) entered blocking state [ 358.410779][T13409] bridge0: port 3(team0) entered forwarding state [ 358.428781][T13414] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4139'. [ 358.446711][T13414] netlink: 108 bytes leftover after parsing attributes in process `syz.0.4139'. [ 358.477006][T13414] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4139'. [ 358.507836][T13414] netlink: 108 bytes leftover after parsing attributes in process `syz.0.4139'. [ 358.558225][T13414] netlink: 84 bytes leftover after parsing attributes in process `syz.0.4139'. [ 358.804617][T13426] program syz.1.4144 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 359.465041][T13453] Bluetooth: hci0: Opcode 0x0c20 failed: -22 [ 359.754911][T13465] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4165'. [ 359.959755][T13473] loop5: detected capacity change from 0 to 2048 [ 360.059854][T13473] Alternate GPT is invalid, using primary GPT. [ 360.094900][T13473] loop5: p2 p3 p7 [ 360.310948][ T4260] I/O error, dev loop5, sector 608 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 360.311043][T11270] __loop_clr_fd: partition scan of loop5 failed (rc=-16) [ 360.320899][ T4258] I/O error, dev loop5, sector 408 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 360.349333][ T4326] I/O error, dev loop5, sector 208 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 360.355868][ T4260] I/O error, dev loop5, sector 608 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 360.375481][ T4258] I/O error, dev loop5, sector 408 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 360.398296][ T4326] I/O error, dev loop5, sector 208 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 360.407672][ T4326] Buffer I/O error on dev loop5p3, logical block 8, async page read [ 360.412131][ T4260] Buffer I/O error on dev loop5p2, logical block 8, async page read [ 360.448213][ T4258] Buffer I/O error on dev loop5p7, logical block 8, async page read [ 360.488107][ T4258] I/O error, dev loop5, sector 409 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 360.497500][ T4258] Buffer I/O error on dev loop5p7, logical block 9, async page read [ 360.498361][ T4326] I/O error, dev loop5, sector 209 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 360.506198][ T4260] I/O error, dev loop5, sector 609 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 360.536623][T13484] loop0: detected capacity change from 0 to 4096 [ 360.548636][ T4258] I/O error, dev loop5, sector 410 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 360.558917][ T4260] Buffer I/O error on dev loop5p2, logical block 9, async page read [ 360.603241][ T4326] Buffer I/O error on dev loop5p3, logical block 9, async page read [ 360.605505][ T4260] Buffer I/O error on dev loop5p2, logical block 10, async page read [ 360.638486][ T4258] Buffer I/O error on dev loop5p7, logical block 10, async page read [ 360.646708][ T4258] Buffer I/O error on dev loop5p7, logical block 11, async page read [ 360.667202][ T4260] Buffer I/O error on dev loop5p2, logical block 11, async page read [ 360.675726][T13484] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 360.793465][T13484] ntfs3: loop0: Failed to load $Extend. [ 360.899741][ T4258] udevd[4258]: inotify_add_watch(7, /dev/loop5p7, 10) failed: No such file or directory [ 360.913375][ T4326] udevd[4326]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory [ 360.913546][T13498] tmpfs: Bad value for 'mpol' [ 360.970941][ T4260] udevd[4260]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory [ 361.298168][T13510] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4185'. [ 361.498301][ T8019] Bluetooth: hci0: command 0x0c20 tx timeout [ 361.525096][T13513] loop3: detected capacity change from 0 to 4096 [ 361.554565][T13513] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 361.600422][T13508] loop2: detected capacity change from 0 to 4096 [ 361.637825][T13508] ntfs: (device loop2): ntfs_read_inode_mount(): Incorrect mft record size 1024 in superblock, should be 2048. [ 361.736880][T13508] ntfs: (device loop2): ntfs_read_inode_mount(): Failed. Marking inode as bad. [ 361.858239][T13508] ntfs: (device loop2): ntfs_fill_super(): Failed to load essential metadata. [ 361.908465][T13508] exFAT-fs (loop2): invalid fs_name [ 361.913744][T13508] exFAT-fs (loop2): failed to read boot sector [ 362.094282][T13508] exFAT-fs (loop2): failed to recognize exfat type [ 362.946380][T13559] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4211'. [ 363.471468][T13581] loop3: detected capacity change from 0 to 256 [ 363.632528][T13589] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4225'. [ 363.668249][T13589] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4225'. [ 363.858234][T13594] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 0 [ 364.989803][T13633] loop0: detected capacity change from 0 to 2048 [ 365.058688][T13633] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 365.142149][T13640] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 365.338849][T13648] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4253'. [ 365.375305][T13648] netlink: 68 bytes leftover after parsing attributes in process `syz.1.4253'. [ 365.562644][T13650] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4255'. [ 365.599842][T13650] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4255'. [ 366.518258][T13690] vivid-002: disconnect [ 366.535074][T13689] vivid-002: reconnect [ 367.109158][T13704] loop0: detected capacity change from 0 to 8192 [ 367.939240][T13732] netlink: 64 bytes leftover after parsing attributes in process `syz.2.4294'. [ 367.979134][T13732] netlink: 64 bytes leftover after parsing attributes in process `syz.2.4294'. [ 368.069742][T13709] loop1: detected capacity change from 0 to 32768 [ 368.145016][T13709] ea_get: invalid extended attribute [ 368.388754][T13740] loop3: detected capacity change from 0 to 4096 [ 368.397289][T13747] netlink: 64 bytes leftover after parsing attributes in process `syz.1.4301'. [ 368.453798][T13740] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 368.745535][T13740] ntfs3: loop3: failed to convert "c46c" to iso8859-2 [ 369.574734][T13789] netlink: 76 bytes leftover after parsing attributes in process `syz.0.4322'. [ 369.625315][T13789] netlink: 76 bytes leftover after parsing attributes in process `syz.0.4322'. [ 370.225023][T13813] loop1: detected capacity change from 0 to 2048 [ 370.307165][T13819] loop5: detected capacity change from 0 to 256 [ 370.352736][T13813] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 370.373088][T13819] FAT-fs (loop5): Directory bread(block 64) failed [ 370.438738][T13819] FAT-fs (loop5): Directory bread(block 65) failed [ 370.506588][T13819] FAT-fs (loop5): Directory bread(block 66) failed [ 370.523782][T13819] FAT-fs (loop5): Directory bread(block 67) failed [ 370.538119][T13819] FAT-fs (loop5): Directory bread(block 68) failed [ 370.539716][ T4266] EXT4-fs (loop1): unmounting filesystem. [ 370.545747][T13819] FAT-fs (loop5): Directory bread(block 69) failed [ 370.567789][T13819] FAT-fs (loop5): Directory bread(block 70) failed [ 370.581600][T13826] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4339'. [ 370.595430][T13819] FAT-fs (loop5): Directory bread(block 71) failed [ 370.602527][T13819] FAT-fs (loop5): Directory bread(block 72) failed [ 370.622307][T13824] loop3: detected capacity change from 0 to 4096 [ 370.627587][T13819] FAT-fs (loop5): Directory bread(block 73) failed [ 370.918207][ T4276] ntfs3: loop3: ntfs_evict_inode r=5 failed, -22. [ 370.938552][ T4276] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 371.069728][T13832] device wlan0 left promiscuous mode [ 371.098221][T13832] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 371.425104][T13807] loop0: detected capacity change from 0 to 40427 [ 371.455013][T13840] loop1: detected capacity change from 0 to 4096 [ 371.455399][T13807] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 371.500376][T13807] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 371.548869][T13840] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c118, mo2=0002] [ 371.612577][T13840] System zones: 0-5 [ 371.617598][T13840] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 371.659604][T13807] F2FS-fs (loop0): Found nat_bits in checkpoint [ 371.876478][T13807] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 371.889555][ T4266] EXT4-fs (loop1): unmounting filesystem. [ 371.896161][T13807] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 372.374455][T13877] xt_CT: You must specify a L4 protocol and not use inversions on it [ 372.661451][T13887] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4368'. [ 372.949734][ T26] audit: type=1326 audit(373.904:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13895 comm="syz.5.4372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93e698eb69 code=0x7ffc0000 [ 372.991649][ T26] audit: type=1326 audit(373.934:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13895 comm="syz.5.4372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93e698eb69 code=0x7ffc0000 [ 373.082892][ T26] audit: type=1326 audit(373.964:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13895 comm="syz.5.4372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=161 compat=0 ip=0x7f93e698eb69 code=0x7ffc0000 [ 373.213374][ T26] audit: type=1326 audit(373.964:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13895 comm="syz.5.4372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93e698eb69 code=0x7ffc0000 [ 373.256869][T13903] x_tables: duplicate underflow at hook 4 [ 373.297012][ T26] audit: type=1326 audit(373.964:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13895 comm="syz.5.4372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93e698eb69 code=0x7ffc0000 [ 373.715809][T13927] netlink: 1 bytes leftover after parsing attributes in process `syz.1.4386'. [ 373.866181][T13931] loop0: detected capacity change from 0 to 8 [ 373.959704][T13935] loop3: detected capacity change from 0 to 128 [ 374.011454][T13935] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 374.259536][ T4276] EXT4-fs (loop3): unmounting filesystem. [ 374.318877][T13949] x_tables: duplicate underflow at hook 4 [ 374.891598][T13972] loop1: detected capacity change from 0 to 8 [ 374.915745][T13974] loop2: detected capacity change from 0 to 128 [ 374.996753][T13976] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4411'. [ 375.021348][T13974] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 375.074902][T13970] loop5: detected capacity change from 0 to 4096 [ 375.300039][ T4278] EXT4-fs (loop2): unmounting filesystem. [ 375.423601][T11270] ntfs3: loop5: ntfs_evict_inode r=5 failed, -22. [ 375.458058][T11270] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 376.071711][T14013] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4427'. [ 376.351289][T14025] loop2: detected capacity change from 0 to 128 [ 376.416878][T14027] netlink: 830 bytes leftover after parsing attributes in process `syz.3.4437'. [ 376.430500][T14025] autofs4:pid:14025:autofs_fill_super: called with bogus options [ 376.550963][T14024] loop5: detected capacity change from 0 to 4096 [ 376.588664][T14024] ntfs3: loop5: Different NTFS' sector size (2048) and media sector size (512) [ 377.201804][T14054] (unnamed net_device) (uninitialized): up delay (7) is not a multiple of miimon (3), value rounded to 6 ms [ 377.234261][T14054] (unnamed net_device) (uninitialized): down delay (7) is not a multiple of miimon (3), value rounded to 6 ms [ 377.310616][T14054] 8021q: adding VLAN 0 to HW filter on device bond1 [ 377.951138][T14084] netlink: 'syz.0.4461': attribute type 17 has an invalid length. [ 377.983633][T14084] netlink: 5 bytes leftover after parsing attributes in process `syz.0.4461'. [ 378.023319][T14084] A link change request failed with some changes committed already. Interface macvtap0 may have been left with an inconsistent configuration, please check. [ 378.221023][T14093] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4465'. [ 378.230289][T14093] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4465'. [ 378.247310][T14093] netlink: 5 bytes leftover after parsing attributes in process `syz.5.4465'. [ 378.362322][T14097] xt_limit: Overflow, try lower: 65536/2147483648 [ 378.620283][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.626932][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.680396][T14152] x_tables: unsorted underflow at hook 3 [ 380.285568][T14177] loop3: detected capacity change from 0 to 128 [ 380.399460][T14182] device netdevsim0 entered promiscuous mode [ 380.425048][T14182] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 380.467606][T14183] netlink: 92 bytes leftover after parsing attributes in process `syz.1.4509'. [ 381.233246][T14217] loop1: detected capacity change from 0 to 128 [ 381.348136][ T4513] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 381.367311][T14219] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 381.498294][ T9792] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 381.559667][ T4513] usb 4-1: Using ep0 maxpacket: 8 [ 381.566606][ T4513] usb 4-1: config 0 has an invalid interface number: 193 but max is 1 [ 381.588383][ T4513] usb 4-1: config 0 has an invalid interface number: 4 but max is 1 [ 381.597464][ T4513] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 381.615543][ T4513] usb 4-1: config 0 has no interface number 0 [ 381.622106][ T4513] usb 4-1: config 0 has no interface number 1 [ 381.662793][ T4513] usb 4-1: config 0 interface 193 altsetting 147 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 381.688010][ T9792] usb 6-1: Using ep0 maxpacket: 8 [ 381.695044][ T9792] usb 6-1: config 179 has an invalid interface number: 65 but max is 0 [ 381.712212][ T4513] usb 4-1: config 0 interface 4 altsetting 2 endpoint 0x6 has invalid wMaxPacketSize 0 [ 381.725496][ T9792] usb 6-1: config 179 has no interface number 0 [ 381.737515][ T9792] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 381.752034][ T4513] usb 4-1: config 0 interface 4 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 11 [ 381.765766][ T9792] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 381.783005][ T4513] usb 4-1: config 0 interface 193 has no altsetting 0 [ 381.793128][ T4513] usb 4-1: config 0 interface 4 has no altsetting 0 [ 381.803271][ T9792] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 52, changing to 9 [ 381.832471][ T9792] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 8241, setting to 1024 [ 381.847393][ T4513] usb 4-1: New USB device found, idVendor=1f38, idProduct=0001, bcdDevice=7d.6a [ 381.856729][ T4513] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 381.865258][ T4513] usb 4-1: Product: syz [ 381.870917][ T9792] usb 6-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 381.884683][ T4513] usb 4-1: Manufacturer: syz [ 381.889922][ T4513] usb 4-1: SerialNumber: syz [ 381.894738][ T9792] usb 6-1: config 179 interface 65 has no altsetting 0 [ 381.909740][ T4513] usb 4-1: config 0 descriptor?? [ 381.925359][ T9792] usb 6-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 381.938016][ T9792] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 382.002267][ T9792] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:179.65/input/input12 [ 382.149162][ T4513] usb 4-1: unknown interface protocol 0x4f, assuming v1 [ 382.156231][ T4513] usb 4-1: 193:2 : does not exist [ 382.231103][ T4513] usb 4-1: unknown interface protocol 0x5, assuming v1 [ 382.248888][ T4513] usb 4-1: 4:2 : does not exist [ 382.287586][ T4513] usb 4-1: USB disconnect, device number 13 [ 382.454925][ T1169] usb 6-1: USB disconnect, device number 3 [ 382.461066][ C1] xpad 6-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 382.486621][ T1169] xpad 6-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 382.570064][ T4260] udevd[4260]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.193/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 382.602515][T14251] netlink: 194488 bytes leftover after parsing attributes in process `syz.0.4543'. [ 382.664223][T14255] loop2: detected capacity change from 0 to 128 [ 383.325090][T14274] loop1: detected capacity change from 0 to 512 [ 383.416787][T14274] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 383.445313][T14274] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 383.458073][T14274] System zones: 0-1, 15-15, 18-18, 34-34 [ 383.465081][T14274] EXT4-fs (loop1): orphan cleanup on readonly fs [ 383.488347][T14274] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=0 [ 383.558053][T14274] EXT4-fs warning (device loop1): ext4_enable_quotas:7066: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 383.601327][T14274] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 383.618895][T14274] EXT4-fs error (device loop1): ext4_orphan_get:1426: comm syz.1.4554: bad orphan inode 16 [ 383.659670][T14274] ext4_test_bit(bit=15, block=18) = 1 [ 383.667664][T14274] is_bad_inode(inode)=0 [ 383.694171][T14274] NEXT_ORPHAN(inode)=0 [ 383.705271][T14274] max_ino=32 [ 383.714980][T14274] i_nlink=2 [ 383.729517][T14274] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 383.811635][T14274] fscrypt (loop1, inode 16): Error -61 getting encryption context [ 383.904048][T14295] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4564'. [ 383.980618][ T4266] EXT4-fs (loop1): unmounting filesystem. [ 384.141986][T14303] netlink: 'syz.0.4567': attribute type 49 has an invalid length. [ 384.308147][ T6305] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 384.318176][ T6312] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 384.436682][T14313] loop0: detected capacity change from 0 to 128 [ 384.538424][ T6312] usb 3-1: Using ep0 maxpacket: 8 [ 384.543631][ T6305] usb 4-1: Using ep0 maxpacket: 8 [ 384.551041][ T6312] usb 3-1: config 0 has an invalid interface number: 193 but max is 1 [ 384.560146][ T6305] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 384.588050][ T6312] usb 3-1: config 0 has an invalid interface number: 4 but max is 1 [ 384.596226][ T6305] usb 4-1: config 179 has no interface number 0 [ 384.638704][ T6305] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 384.658034][ T6312] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 384.680625][ T6312] usb 3-1: config 0 has no interface number 0 [ 384.687281][ T6312] usb 3-1: config 0 has no interface number 1 [ 384.695233][ T6305] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 384.698229][ T26] audit: type=1326 audit(385.644:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14320 comm="syz.5.4577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93e698eb69 code=0x7ffc0000 [ 384.707765][ T6305] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 52, changing to 9 [ 384.748642][ T6312] usb 3-1: config 0 interface 193 altsetting 147 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 384.778044][ T6312] usb 3-1: config 0 interface 4 altsetting 2 endpoint 0x6 has invalid wMaxPacketSize 0 [ 384.783526][ T26] audit: type=1326 audit(385.644:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14320 comm="syz.5.4577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93e698eb69 code=0x7ffc0000 [ 384.807992][ T6312] usb 3-1: config 0 interface 4 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 11 [ 384.827959][ T6305] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 8241, setting to 1024 [ 384.837124][ T26] audit: type=1326 audit(385.694:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14320 comm="syz.5.4577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f93e698eb69 code=0x7ffc0000 [ 384.848136][ T6312] usb 3-1: config 0 interface 193 has no altsetting 0 [ 384.886046][ T6305] usb 4-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 384.908104][ T6305] usb 4-1: config 179 interface 65 has no altsetting 0 [ 384.915301][ T6312] usb 3-1: config 0 interface 4 has no altsetting 0 [ 384.925435][ T6305] usb 4-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 384.935003][ T26] audit: type=1326 audit(385.694:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14320 comm="syz.5.4577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93e698eb69 code=0x7ffc0000 [ 384.959874][ T6312] usb 3-1: New USB device found, idVendor=1f38, idProduct=0001, bcdDevice=7d.6a [ 384.977986][ T6305] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 384.986303][ T6312] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 385.007576][ T6312] usb 3-1: Product: syz [ 385.016006][ T6312] usb 3-1: Manufacturer: syz [ 385.024592][ T6305] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:179.65/input/input13 [ 385.036312][ T26] audit: type=1326 audit(385.694:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14320 comm="syz.5.4577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93e698eb69 code=0x7ffc0000 [ 385.058504][ T6312] usb 3-1: SerialNumber: syz [ 385.079270][ T6312] usb 3-1: config 0 descriptor?? [ 385.322552][ T6312] usb 3-1: unknown interface protocol 0x4f, assuming v1 [ 385.345990][ T6312] usb 3-1: 193:2 : does not exist [ 385.359504][ T6312] usb 3-1: unknown interface protocol 0x5, assuming v1 [ 385.376704][ T6312] usb 3-1: 4:2 : does not exist [ 385.417446][ T6312] usb 3-1: USB disconnect, device number 15 [ 385.542698][ T4260] udevd[4260]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.193/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 385.570832][ T7] usb 4-1: USB disconnect, device number 14 [ 385.576851][ C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 385.587269][ T7] xpad 4-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 386.319344][T14354] ieee802154 phy0 wpan0: encryption failed: -22 [ 386.823595][T14375] overlayfs: workdir and upperdir must be separate subtrees [ 386.850982][ T26] audit: type=1326 audit(387.804:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14377 comm="syz.2.4601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9e698eb69 code=0x7ffc0000 [ 386.887988][ T26] audit: type=1326 audit(387.824:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14377 comm="syz.2.4601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9e698eb69 code=0x7ffc0000 [ 386.917630][ T6305] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 386.937644][ T26] audit: type=1326 audit(387.824:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14377 comm="syz.2.4601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=268 compat=0 ip=0x7fd9e698eb69 code=0x7ffc0000 [ 386.987845][ T26] audit: type=1326 audit(387.824:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14377 comm="syz.2.4601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9e698eb69 code=0x7ffc0000 [ 387.098127][ T1169] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 387.131607][ T6305] usb 2-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 387.151342][ T6305] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 387.189169][ T6305] usb 2-1: config 0 descriptor?? [ 387.207534][ T6305] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 387.309794][ T1169] usb 1-1: too many configurations: 241, using maximum allowed: 8 [ 387.339427][ T1169] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 387.380519][ T1169] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 387.405042][ T1169] usb 1-1: Product: syz [ 387.417600][ T1169] usb 1-1: Manufacturer: syz [ 387.423952][ T1169] usb 1-1: SerialNumber: syz [ 387.445120][ T1169] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 387.513540][ T1169] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 387.615154][ T6305] gspca_stv06xx: I2C: Read error writing address: -71 [ 387.636015][ T6305] usb 2-1: USB disconnect, device number 20 [ 387.695702][T14398] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4616'. [ 387.764516][ C1] usb 1-1: ath9k_htc: over RX MAX_PKT_NUM [ 387.965930][ T6305] usb 1-1: USB disconnect, device number 7 [ 387.985530][T14404] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4619'. [ 388.032355][T14404] netlink: 108 bytes leftover after parsing attributes in process `syz.5.4619'. [ 388.080853][T14404] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4619'. [ 388.146143][T14404] netlink: 108 bytes leftover after parsing attributes in process `syz.5.4619'. [ 388.180228][T14404] netlink: 84 bytes leftover after parsing attributes in process `syz.5.4619'. [ 388.578185][ T7] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 388.608537][ T1169] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive [ 388.615698][ T1169] ath9k_htc: Failed to initialize the device [ 388.641743][ T6305] usb 1-1: ath9k_htc: USB layer deinitialized [ 388.778385][ T7] usb 2-1: Using ep0 maxpacket: 16 [ 388.790815][ T7] usb 2-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 7.79 [ 388.830126][ T7] usb 2-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0 [ 388.849003][ T7] usb 2-1: Manufacturer: syz [ 388.870748][ T7] usb 2-1: config 0 descriptor?? [ 388.953845][T14410] loop2: detected capacity change from 0 to 32768 [ 389.084377][ T7] usb 2-1: Not enough endpoints found in device, aborting! [ 389.133601][T14410] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 389.164486][T14410] OCFS2: ERROR (device loop2): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #17056 has an invalid fs_generation of #131491009 [ 389.218174][T14410] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 389.268048][T14410] OCFS2: File system is now read-only. [ 389.285765][T14410] (syz.2.4622,14410,1):ocfs2_search_chain:1761 ERROR: status = -30 [ 389.314714][T14410] (syz.2.4622,14410,1):ocfs2_search_chain:1871 ERROR: status = -30 [ 389.349770][ T6312] usb 2-1: USB disconnect, device number 21 [ 389.366904][T14410] (syz.2.4622,14410,1):ocfs2_claim_suballoc_bits:1940 ERROR: status = -30 [ 389.406018][T14410] (syz.2.4622,14410,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -30 [ 389.446513][T14410] (syz.2.4622,14410,1):ocfs2_claim_new_inode:2216 ERROR: status = -30 [ 389.495457][T14410] (syz.2.4622,14410,1):ocfs2_claim_new_inode:2231 ERROR: status = -30 [ 389.534782][T14410] (syz.2.4622,14410,1):ocfs2_mknod_locked:639 ERROR: status = -30 [ 389.560409][T14410] (syz.2.4622,14410,1):ocfs2_mknod:385 ERROR: status = -30 [ 389.596616][T14410] (syz.2.4622,14410,1):ocfs2_mknod:502 ERROR: status = -30 [ 389.643528][T14410] (syz.2.4622,14410,1):ocfs2_create:676 ERROR: status = -30 [ 389.799676][ T4278] ocfs2: Unmounting device (7,2) on (node local) [ 390.746841][T14464] loop1: detected capacity change from 0 to 4096 [ 390.823198][T14464] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 390.899538][T14464] ntfs3: loop1: Failed to load $Extend. [ 391.076014][T14478] netlink: 'syz.0.4654': attribute type 10 has an invalid length. [ 391.111356][T14478] bridge0: port 3(team0) entered blocking state [ 391.118467][T14478] bridge0: port 3(team0) entered disabled state [ 391.134430][T14478] device team0 entered promiscuous mode [ 391.140335][T14478] device team_slave_0 entered promiscuous mode [ 391.195634][T14478] device team_slave_1 entered promiscuous mode [ 391.216261][T14478] bridge0: port 3(team0) entered blocking state [ 391.222716][T14478] bridge0: port 3(team0) entered forwarding state [ 392.014088][T14493] loop2: detected capacity change from 0 to 4096 [ 392.062469][T14493] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 392.378938][T14513] netlink: 'syz.5.4671': attribute type 10 has an invalid length. [ 392.389788][T14512] Bluetooth: hci0: Opcode 0x0c20 failed: -22 [ 392.475481][T14513] bridge0: port 3(team0) entered blocking state [ 392.492578][T14513] bridge0: port 3(team0) entered disabled state [ 392.525432][T14513] device team0 entered promiscuous mode [ 392.586383][T14513] device team_slave_0 entered promiscuous mode [ 392.638595][T14513] device team_slave_1 entered promiscuous mode [ 392.664499][T14513] bridge0: port 3(team0) entered blocking state [ 392.670998][T14513] bridge0: port 3(team0) entered forwarding state [ 392.735553][T14525] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4678'. [ 393.459001][T14536] loop5: detected capacity change from 0 to 4096 [ 393.758317][T14536] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 393.876249][T14536] ntfs3: loop5: Failed to load $Extend. [ 393.908171][T14560] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4694'. [ 394.336542][T14565] loop1: detected capacity change from 0 to 4096 [ 394.367237][T14565] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 394.448262][ T4273] Bluetooth: hci0: command 0x0c20 tx timeout [ 395.426911][T14601] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4725'. [ 396.541954][T14644] loop5: detected capacity change from 0 to 256 [ 396.595945][T14648] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 0 [ 396.816183][T14655] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4739'. [ 396.855765][T14655] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4739'. [ 397.674078][T14681] vivid-006: disconnect [ 397.727697][T14680] vivid-006: reconnect [ 398.148187][T14700] xt_CT: You must specify a L4 protocol and not use inversions on it [ 398.272205][T14701] loop3: detected capacity change from 0 to 2048 [ 398.463065][T14701] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 398.584280][T14713] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 398.865422][T14723] netlink: 64 bytes leftover after parsing attributes in process `syz.0.4773'. [ 399.365080][T14735] loop0: detected capacity change from 0 to 4096 [ 399.389552][T14735] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512) [ 399.524719][T14735] ntfs3: loop0: failed to convert "c46c" to iso8859-2 [ 400.253033][T14774] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4798'. [ 400.852195][T14795] netlink: 1 bytes leftover after parsing attributes in process `syz.2.4807'. [ 400.959395][T14791] loop5: detected capacity change from 0 to 8192 [ 401.343336][T14809] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4815'. [ 401.524004][T14815] netlink: 64 bytes leftover after parsing attributes in process `syz.2.4821'. [ 401.537216][T14813] loop1: detected capacity change from 0 to 4096 [ 401.595662][T14813] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 401.720900][T14821] netlink: 76 bytes leftover after parsing attributes in process `syz.5.4833'. [ 401.735124][T14813] ntfs3: loop1: failed to convert "c46c" to iso8859-2 [ 401.772799][ T26] kauditd_printk_skb: 1 callbacks suppressed [ 401.772816][ T26] audit: type=1326 audit(402.724:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14822 comm="syz.2.4823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9e698eb69 code=0x7ffc0000 [ 401.775537][T14821] netlink: 76 bytes leftover after parsing attributes in process `syz.5.4833'. [ 401.812378][ T26] audit: type=1326 audit(402.764:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14822 comm="syz.2.4823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=161 compat=0 ip=0x7fd9e698eb69 code=0x7ffc0000 [ 401.858501][ T26] audit: type=1326 audit(402.784:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14822 comm="syz.2.4823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9e698eb69 code=0x7ffc0000 [ 402.351396][T14837] loop1: detected capacity change from 0 to 256 [ 402.455058][T14837] FAT-fs (loop1): Directory bread(block 64) failed [ 402.471968][T14837] FAT-fs (loop1): Directory bread(block 65) failed [ 402.502380][T14837] FAT-fs (loop1): Directory bread(block 66) failed [ 402.526150][T14837] FAT-fs (loop1): Directory bread(block 67) failed [ 402.548980][T14837] FAT-fs (loop1): Directory bread(block 68) failed [ 402.563139][ T26] audit: type=1326 audit(403.514:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14846 comm="syz.3.4835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf01d8eb69 code=0x7ffc0000 [ 402.574635][T14837] FAT-fs (loop1): Directory bread(block 69) failed [ 402.604193][ T26] audit: type=1326 audit(403.544:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14846 comm="syz.3.4835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=161 compat=0 ip=0x7fdf01d8eb69 code=0x7ffc0000 [ 402.652463][T14837] FAT-fs (loop1): Directory bread(block 70) failed [ 402.685064][ T26] audit: type=1326 audit(403.544:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14846 comm="syz.3.4835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf01d8eb69 code=0x7ffc0000 [ 402.691719][T14837] FAT-fs (loop1): Directory bread(block 71) failed [ 402.791216][ T26] audit: type=1326 audit(403.544:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14846 comm="syz.3.4835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf01d8eb69 code=0x7ffc0000 [ 402.791334][T14837] FAT-fs (loop1): Directory bread(block 72) failed [ 402.966893][T14837] FAT-fs (loop1): Directory bread(block 73) failed [ 403.734341][T14877] loop2: detected capacity change from 0 to 4096 [ 403.770529][T14877] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 403.795697][T14885] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 403.902702][T14877] ntfs3: loop2: failed to convert "c46c" to iso8859-2 [ 403.929974][T14887] loop3: detected capacity change from 0 to 8 [ 403.969086][T14887] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 404.006467][ T4326] udevd[4326]: incorrect cramfs checksum on /dev/loop3 [ 404.046979][T14887] cramfs: Error -3 while decompressing! [ 404.071709][T14863] loop5: detected capacity change from 0 to 32768 [ 404.078179][T14887] cramfs: ffffffff96d711a8(26)->ffff888046b7f000(4096) [ 404.078281][T14887] cramfs: Error -3 while decompressing! [ 404.133235][T14889] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4854'. [ 404.149644][T14863] ea_get: invalid extended attribute [ 404.167003][T14887] cramfs: ffffffff96d711c2(26)->ffff888050438000(4096) [ 404.177181][T14889] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4854'. [ 404.202102][T14887] cramfs: Error -3 while decompressing! [ 404.232032][T14887] cramfs: ffffffff96d711dc(16)->ffff88804fbfb000(4096) [ 404.248108][T14887] cramfs: Error -3 while decompressing! [ 404.257809][T14887] cramfs: ffffffff96d711a8(26)->ffff888046b7f000(4096) [ 404.403642][ T26] audit: type=1326 audit(405.354:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14894 comm="syz.1.4859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848278eb69 code=0x7ffc0000 [ 404.434524][T14881] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 404.528716][ T26] audit: type=1326 audit(405.354:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14894 comm="syz.1.4859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7f848278eb69 code=0x7ffc0000 [ 404.644807][ T26] audit: type=1326 audit(405.354:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14894 comm="syz.1.4859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f848278eb69 code=0x7ffc0000 [ 404.806244][T14905] overlayfs: missing 'lowerdir' [ 405.171362][T14916] netlink: 'syz.5.4870': attribute type 1 has an invalid length. [ 405.230887][T14916] netlink: 220 bytes leftover after parsing attributes in process `syz.5.4870'. [ 405.236758][T14918] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4871'. [ 405.276654][T14918] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4871'. [ 405.284889][T14916] NCSI netlink: No device for ifindex 130997362 [ 405.293392][T14891] loop2: detected capacity change from 0 to 32768 [ 405.307732][T14891] ocfs2: Slot 0 on device (7,2) was already allocated to this node! [ 405.399208][T14891] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 405.442109][T14891] ocfs2: Unmounting device (7,2) on (node local) [ 405.818518][T14937] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 406.376611][T14955] loop2: detected capacity change from 0 to 8 [ 406.403875][T14955] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 406.436430][ T4260] udevd[4260]: incorrect cramfs checksum on /dev/loop2 [ 406.467692][T14955] cramfs: Error -3 while decompressing! [ 406.488111][T14955] cramfs: ffffffff96d751a8(26)->ffff88804d63e000(4096) [ 406.495415][T14955] cramfs: Error -3 while decompressing! [ 406.531150][T14955] cramfs: ffffffff96d751c2(26)->ffff8880502d7000(4096) [ 406.562133][T14955] cramfs: Error -3 while decompressing! [ 406.567771][T14955] cramfs: ffffffff96d751dc(16)->ffff88804fd97000(4096) [ 406.602878][T14955] cramfs: Error -3 while decompressing! [ 406.627975][T14955] cramfs: ffffffff96d751a8(26)->ffff88804d63e000(4096) [ 406.801073][ T26] kauditd_printk_skb: 6 callbacks suppressed [ 406.801089][ T26] audit: type=1326 audit(407.754:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14968 comm="syz.5.4892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93e698eb69 code=0x7ffc0000 [ 406.900284][ T26] audit: type=1326 audit(407.784:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14968 comm="syz.5.4892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7f93e698eb69 code=0x7ffc0000 [ 406.988033][ T26] audit: type=1326 audit(407.784:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14968 comm="syz.5.4892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93e698eb69 code=0x7ffc0000 [ 407.088014][ T26] audit: type=1326 audit(407.784:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14968 comm="syz.5.4892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93e698eb69 code=0x7ffc0000 [ 407.467269][T14959] loop0: detected capacity change from 0 to 32768 [ 407.492996][T14959] ocfs2: Slot 0 on device (7,0) was already allocated to this node! [ 407.512551][T14959] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 407.559860][T14959] ocfs2: Unmounting device (7,0) on (node local) [ 407.628671][ T4260] blk_print_req_error: 17 callbacks suppressed [ 407.628689][ T4260] I/O error, dev loop0, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 407.923723][T15001] loop3: detected capacity change from 0 to 128 [ 408.017219][T15001] FAT-fs (loop3): Directory bread(block 32) failed [ 408.054756][T15001] FAT-fs (loop3): Directory bread(block 33) failed [ 408.096176][T15003] ipt_rpfilter: unknown options [ 408.101643][T15001] FAT-fs (loop3): Directory bread(block 34) failed [ 408.121215][T15005] netlink: 'syz.1.4911': attribute type 1 has an invalid length. [ 408.136263][T15001] FAT-fs (loop3): Directory bread(block 35) failed [ 408.153958][T15005] netlink: 220 bytes leftover after parsing attributes in process `syz.1.4911'. [ 408.160890][T15001] FAT-fs (loop3): Directory bread(block 36) failed [ 408.175916][T15001] FAT-fs (loop3): Directory bread(block 37) failed [ 408.186883][T15001] FAT-fs (loop3): Directory bread(block 38) failed [ 408.198135][T15005] NCSI netlink: No device for ifindex 130997362 [ 408.201947][T15001] FAT-fs (loop3): Directory bread(block 39) failed [ 408.217863][T15001] FAT-fs (loop3): Directory bread(block 40) failed [ 408.233425][T15001] FAT-fs (loop3): Directory bread(block 41) failed [ 408.246055][T14979] loop2: detected capacity change from 0 to 32768 [ 408.325581][T14979] ea_get: invalid extended attribute [ 408.481058][T15001] syz.3.4910: attempt to access beyond end of device [ 408.481058][T15001] loop3: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 408.568398][T15001] FAT-fs (loop3): Filesystem has been set read-only [ 408.588339][T15001] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF [ 408.642507][T15013] loop5: detected capacity change from 0 to 1024 [ 408.969909][ T46] hfsplus: b-tree write err: -5, ino 4 [ 408.997292][T15022] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4920'. [ 409.061282][T15029] xt_NFQUEUE: number of total queues is 0 [ 409.526408][T15042] TCP: TCP_TX_DELAY enabled [ 410.033063][T15059] xt_NFQUEUE: number of total queues is 0 [ 410.053096][T15030] loop1: detected capacity change from 0 to 32768 [ 410.107345][T15030] ocfs2: Slot 0 on device (7,1) was already allocated to this node! [ 410.190640][T15030] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 410.271306][T15030] ocfs2: Unmounting device (7,1) on (node local) [ 410.663518][T15080] loop1: detected capacity change from 0 to 1024 [ 410.938599][ T7207] hfsplus: b-tree write err: -5, ino 4 [ 410.970820][T15086] loop0: detected capacity change from 0 to 4096 [ 411.216211][T15098] xt_NFQUEUE: number of total queues is 0 [ 411.402675][T15102] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4955'. [ 411.856634][T15123] loop3: detected capacity change from 0 to 64 [ 412.467120][T15146] loop2: detected capacity change from 0 to 1024 [ 412.544370][T15143] loop0: detected capacity change from 0 to 4096 [ 412.627481][T15151] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 412.695077][ T7223] hfsplus: b-tree write err: -5, ino 4 [ 412.717092][T15150] device veth1_macvtap left promiscuous mode [ 413.381817][T15170] loop5: detected capacity change from 0 to 4096 [ 413.659818][T15182] loop2: detected capacity change from 0 to 128 [ 413.710986][T15186] loop0: detected capacity change from 0 to 64 [ 413.784908][T15182] FAT-fs (loop2): Directory bread(block 32) failed [ 413.818459][T15182] FAT-fs (loop2): Directory bread(block 33) failed [ 413.886698][T15182] FAT-fs (loop2): Directory bread(block 34) failed [ 413.924322][T15182] FAT-fs (loop2): Directory bread(block 35) failed [ 413.957436][T15182] FAT-fs (loop2): Directory bread(block 36) failed [ 414.008758][T15182] FAT-fs (loop2): Directory bread(block 37) failed [ 414.015551][T15192] device veth1_macvtap left promiscuous mode [ 414.026249][T15182] FAT-fs (loop2): Directory bread(block 38) failed [ 414.067010][T15182] FAT-fs (loop2): Directory bread(block 39) failed [ 414.095053][T15182] FAT-fs (loop2): Directory bread(block 40) failed [ 414.134387][T15182] FAT-fs (loop2): Directory bread(block 41) failed [ 414.488840][T15182] syz.2.4995: attempt to access beyond end of device [ 414.488840][T15182] loop2: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 414.546986][T15182] FAT-fs (loop2): Filesystem has been set read-only [ 414.563737][T15182] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 414.959857][T15221] netlink: 188 bytes leftover after parsing attributes in process `syz.2.5013'. [ 415.203451][T15230] loop5: detected capacity change from 0 to 2048 [ 415.242965][T15230] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 415.601134][T15241] netlink: 44 bytes leftover after parsing attributes in process `syz.5.5022'. [ 415.627836][T15215] loop3: detected capacity change from 0 to 32768 [ 415.714497][T15215] ERROR: (device loop3): dbAllocNext: Corrupt dmap page [ 415.714497][T15215] [ 415.772314][T15244] loop0: detected capacity change from 0 to 64 [ 416.098020][ T2185] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 416.290790][T15260] loop5: detected capacity change from 0 to 64 [ 416.318856][ T2185] usb 3-1: config 220 has an invalid interface number: 76 but max is 2 [ 416.358030][ T2185] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 416.407965][ T2185] usb 3-1: config 220 has no interface number 2 [ 416.414350][ T2185] usb 3-1: config 220 interface 1 altsetting 5 endpoint 0x9 has invalid wMaxPacketSize 0 [ 416.492609][ T2185] usb 3-1: config 220 interface 1 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 12 [ 416.543209][T15264] loop0: detected capacity change from 0 to 2048 [ 416.547995][ T2185] usb 3-1: config 220 interface 0 has no altsetting 0 [ 416.575522][ T2185] usb 3-1: config 220 interface 76 has no altsetting 0 [ 416.600041][ T2185] usb 3-1: config 220 interface 1 has no altsetting 0 [ 416.623396][T15264] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 416.629614][ T2185] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 416.698037][ T2185] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 416.733338][ T2185] usb 3-1: Product: syz [ 416.749793][ T2185] usb 3-1: Manufacturer: syz [ 416.754464][ T2185] usb 3-1: SerialNumber: syz [ 417.001115][ T2185] usb 3-1: selecting invalid altsetting 0 [ 417.007472][ T2185] usb 3-1: Found UVC 7.01 device syz (8086:0b07) [ 417.028489][ T2185] usb 3-1: No valid video chain found. [ 417.061586][ T2185] usb 3-1: selecting invalid altsetting 0 [ 417.067413][ T2185] usbtest: probe of 3-1:220.1 failed with error -22 [ 417.127243][ T2185] usb 3-1: USB disconnect, device number 16 [ 418.498052][ T9792] usb 2-1: new high-speed USB device number 22 using dummy_hcd [ 418.691132][ T9792] usb 2-1: config 220 has an invalid interface number: 76 but max is 2 [ 418.709978][ T9792] usb 2-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 418.746983][ T9792] usb 2-1: config 220 has no interface number 2 [ 418.767287][ T9792] usb 2-1: config 220 interface 1 altsetting 5 endpoint 0x9 has invalid wMaxPacketSize 0 [ 418.802868][ T9792] usb 2-1: config 220 interface 1 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 12 [ 418.839080][ T9792] usb 2-1: config 220 interface 0 has no altsetting 0 [ 418.845939][ T9792] usb 2-1: config 220 interface 76 has no altsetting 0 [ 418.863317][ T9792] usb 2-1: config 220 interface 1 has no altsetting 0 [ 418.895250][ T9792] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 418.914486][ T9792] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 418.936567][ T9792] usb 2-1: Product: syz [ 418.962625][ T9792] usb 2-1: Manufacturer: syz [ 418.967881][ T9792] usb 2-1: SerialNumber: syz [ 419.203419][ T9792] usb 2-1: selecting invalid altsetting 0 [ 419.223394][ T9792] usb 2-1: Found UVC 7.01 device syz (8086:0b07) [ 419.240865][ T9792] usb 2-1: No valid video chain found. [ 419.285197][ T9792] usb 2-1: selecting invalid altsetting 0 [ 419.305296][ T9792] usbtest: probe of 2-1:220.1 failed with error -22 [ 419.330956][ T9792] usb 2-1: USB disconnect, device number 22 [ 419.361694][T15368] loop0: detected capacity change from 0 to 64 [ 419.448151][ T2185] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 419.668174][ T2185] usb 4-1: Using ep0 maxpacket: 32 [ 419.675202][ T2185] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 419.693979][ T2185] usb 4-1: config 0 has no interface number 0 [ 419.713089][ T2185] usb 4-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 419.738058][ T2185] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 419.797039][ T2185] usb 4-1: Product: syz [ 419.801621][ T2185] usb 4-1: Manufacturer: syz [ 419.806570][ T2185] usb 4-1: SerialNumber: syz [ 419.853010][ T2185] usb 4-1: config 0 descriptor?? [ 419.881118][ T2185] usb 4-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 419.918207][ T2185] usb 4-1: selecting invalid altsetting 1 [ 419.938808][ T2185] usb 4-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 419.968307][ T2185] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 420.029057][ T2185] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 420.037435][ T2185] usb 4-1: media controller created [ 420.143240][ T2185] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 420.421765][ T2185] usb 4-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 420.480708][T15400] loop2: detected capacity change from 0 to 4096 [ 420.517566][T15400] ntfs: (device loop2): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk. [ 420.546289][ T2185] usb 4-1: USB disconnect, device number 15 [ 420.578098][T15400] ntfs: (device loop2): ntfs_read_locked_inode(): $DATA attribute is missing. [ 420.609165][T15400] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 420.637634][T15400] ntfs: (device loop2): load_system_files(): Failed to load $MFTMirr. Will not be able to remount read-write. Run ntfsfix and/or chkdsk. [ 420.775042][T15400] ntfs: volume version 3.1. [ 421.648137][ T8019] Bluetooth: hci5: command 0x0406 tx timeout [ 422.046576][T15408] loop0: detected capacity change from 0 to 32768 [ 422.111462][T15408] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 422.155212][T15408] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 422.205093][T15408] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms [ 422.339101][T15408] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 423.850800][T15504] loop2: detected capacity change from 0 to 4096 [ 423.886300][T15504] ntfs3: loop2: ino=3, Correct links count -> 2. [ 423.930725][T15510] xt_nfacct: accounting object `syz0' does not exists [ 424.038110][ T4511] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 424.050508][T15472] loop3: detected capacity change from 0 to 32768 [ 424.099359][T15472] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 424.142987][T15472] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 424.193585][T15472] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms [ 424.248011][ T4511] usb 6-1: Using ep0 maxpacket: 16 [ 424.255087][ T4511] usb 6-1: config 0 has an invalid interface number: 99 but max is 0 [ 424.298011][ T4511] usb 6-1: config 0 has no interface number 0 [ 424.308214][ T4511] usb 6-1: config 0 interface 99 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 424.366217][ T4511] usb 6-1: config 0 interface 99 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32 [ 424.393098][T15472] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 424.404698][ T4511] usb 6-1: New USB device found, idVendor=fff0, idProduct=fff0, bcdDevice=63.0c [ 424.428526][ T4511] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 424.477997][ T4511] usb 6-1: Product: syz [ 424.482273][ T4511] usb 6-1: Manufacturer: syz [ 424.486936][ T4511] usb 6-1: SerialNumber: syz [ 424.548917][ T4511] usb 6-1: config 0 descriptor?? [ 424.554717][T15506] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 424.568949][T15506] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 424.597454][ T4511] usbtest 6-1:0.99: usb test device [ 424.618619][ T4511] usbtest 6-1:0.99: high-speed {control in/out bulk-in bulk-out} tests (+alt) [ 424.816368][ T6312] usb 6-1: USB disconnect, device number 4 [ 425.566892][T15557] loop2: detected capacity change from 0 to 64 [ 426.111790][T15574] Mount JFS Failure: -22 [ 426.126289][T15574] jfs_mount failed w/return code = -22 [ 426.463506][T15589] loop1: detected capacity change from 0 to 64 [ 427.758002][ T6312] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 427.958187][ T6312] usb 3-1: Using ep0 maxpacket: 16 [ 427.965385][ T6312] usb 3-1: config 0 has an invalid interface number: 99 but max is 0 [ 427.982895][ T6312] usb 3-1: config 0 has no interface number 0 [ 427.994807][ T6312] usb 3-1: config 0 interface 99 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 428.005487][ T6312] usb 3-1: config 0 interface 99 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32 [ 428.039932][ T6312] usb 3-1: New USB device found, idVendor=fff0, idProduct=fff0, bcdDevice=63.0c [ 428.062452][ T6312] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 428.087878][ T6312] usb 3-1: Product: syz [ 428.111651][ T6312] usb 3-1: Manufacturer: syz [ 428.120542][ T6312] usb 3-1: SerialNumber: syz [ 428.147041][ T6312] usb 3-1: config 0 descriptor?? [ 428.177130][T15623] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 428.195203][T15623] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 428.229821][ T6312] usbtest 3-1:0.99: usb test device [ 428.235190][ T6312] usbtest 3-1:0.99: high-speed {control in/out bulk-in bulk-out} tests (+alt) [ 428.330132][T15653] netlink: 32 bytes leftover after parsing attributes in process `syz.0.5229'. [ 428.481965][ T6312] usb 3-1: USB disconnect, device number 17 [ 428.761666][T15667] netlink: 2 bytes leftover after parsing attributes in process `syz.0.5236'. [ 429.171812][T15681] netlink: 60 bytes leftover after parsing attributes in process `syz.1.5242'. [ 429.879078][T15705] loop3: detected capacity change from 0 to 764 [ 429.925314][T15710] program syz.0.5256 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 429.952269][T15705] rock: directory entry would overflow storage [ 429.986330][T15705] rock: sig=0x5245, size=8, remaining=5 [ 430.840725][T15747] netlink: 32 bytes leftover after parsing attributes in process `syz.1.5274'. [ 431.678423][T15779] ieee802154 phy0 wpan0: encryption failed: -22 [ 431.715687][T15778] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5288'. [ 432.404346][T15810] xt_CT: You must specify a L4 protocol and not use inversions on it [ 432.522279][T15813] ieee802154 phy0 wpan0: encryption failed: -22 [ 432.580959][T15815] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5306'. [ 434.698948][T15901] x_tables: arp_tables: .0 target: invalid size 8 (kernel) != (user) 0 [ 435.189838][T15917] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5358'. [ 435.223208][T15919] netlink: 'syz.0.5359': attribute type 1 has an invalid length. [ 435.272367][T15919] netlink: 224 bytes leftover after parsing attributes in process `syz.0.5359'. [ 435.535461][T15927] xt_ecn: cannot match TCP bits for non-tcp packets [ 436.051047][T15943] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5370'. [ 436.262060][T15951] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5373'. [ 436.375560][T15955] netlink: 'syz.1.5375': attribute type 1 has an invalid length. [ 436.383767][T15955] netlink: 224 bytes leftover after parsing attributes in process `syz.1.5375'. [ 436.421499][T15954] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5376'. [ 436.461988][ T26] audit: type=1326 audit(437.414:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15956 comm="syz.2.5377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9e698eb69 code=0x7ffc0000 [ 436.506829][ T26] audit: type=1326 audit(437.414:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15956 comm="syz.2.5377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7fd9e698eb69 code=0x7ffc0000 [ 436.617682][ T26] audit: type=1326 audit(437.414:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15956 comm="syz.2.5377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9e698eb69 code=0x7ffc0000 [ 436.717370][ T26] audit: type=1326 audit(437.414:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15956 comm="syz.2.5377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9e698eb69 code=0x7ffc0000 [ 436.998229][T15975] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5385'. [ 437.182803][T15982] netlink: 132 bytes leftover after parsing attributes in process `syz.3.5389'. [ 438.026103][T16012] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5402'. [ 438.097609][T16018] netlink: 132 bytes leftover after parsing attributes in process `syz.5.5405'. [ 438.128176][ T27] INFO: task syz-executor:4271 blocked for more than 143 seconds. [ 438.136071][ T27] Not tainted 6.1.147-syzkaller #0 [ 438.182219][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 438.217547][ T27] task:syz-executor state:D stack:22144 pid:4271 ppid:1 flags:0x00004004 [ 438.255238][ T27] Call Trace: [ 438.281771][ T27] [ 438.293877][ T27] __schedule+0x10ec/0x40b0 [ 438.308860][ T27] ? release_firmware_map_entry+0x18a/0x18a [ 438.328295][ T27] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 438.346126][ T27] ? lock_chain_count+0x20/0x20 [ 438.356970][ T27] ? _raw_spin_lock_irq+0xab/0xe0 [ 438.368222][ T27] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 438.379532][ T27] schedule+0xb9/0x180 [ 438.389388][ T27] io_schedule+0x7c/0xd0 [ 438.398258][ T27] folio_wait_bit_common+0x6e1/0xf60 [ 438.405297][ T27] ? folio_wait_bit+0x30/0x30 [ 438.418515][ T27] ? migration_entry_wait_on_locked+0xe50/0xe50 [ 438.427652][ T27] ? folio_mapping+0x1ba/0x4d0 [ 438.433023][ T27] truncate_inode_pages_range+0x9a2/0xff0 [ 438.439223][ T27] ? mapping_evict_folio+0x520/0x520 [ 438.444785][ T27] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 438.451467][ T27] ? _raw_spin_unlock_irq+0x1f/0x40 [ 438.456950][ T27] ? lockdep_hardirqs_on+0x94/0x140 [ 438.465693][ T27] evict+0x498/0x870 [ 438.469999][ T27] ? proc_nr_inodes+0x2f0/0x2f0 [ 438.475066][ T27] ? do_raw_spin_unlock+0x11d/0x230 [ 438.480821][ T27] ? _raw_spin_unlock+0x24/0x40 [ 438.485847][ T27] ? do_raw_spin_unlock+0x11d/0x230 [ 438.498366][ T27] evict_inodes+0x604/0x690 [ 438.503120][ T27] ? clear_inode+0x150/0x150 [ 438.507795][ T27] ? dput+0x1c9/0x1d0 [ 438.512056][ T27] ? sync_filesystem+0x103/0x220 [ 438.517061][ T27] generic_shutdown_super+0x93/0x340 [ 438.522555][ T27] kill_block_super+0x7c/0xe0 [ 438.527281][ T27] deactivate_locked_super+0x93/0xf0 [ 438.532733][ T27] cleanup_mnt+0x463/0x4f0 [ 438.537198][ T27] ? lockdep_hardirqs_on+0x94/0x140 [ 438.542543][ T27] task_work_run+0x1ca/0x250 [ 438.547413][ T27] ? task_work_cancel+0x230/0x230 [ 438.552615][ T27] ? exit_to_user_mode_loop+0x3b/0x110 [ 438.559493][ T27] exit_to_user_mode_loop+0xe6/0x110 [ 438.564915][ T27] exit_to_user_mode_prepare+0xb1/0x140 [ 438.570605][ T27] syscall_exit_to_user_mode+0x16/0x40 [ 438.576157][ T27] do_syscall_64+0x58/0xa0 [ 438.580718][ T27] ? clear_bhb_loop+0x60/0xb0 [ 438.585447][ T27] ? clear_bhb_loop+0x60/0xb0 [ 438.590312][ T27] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 438.596275][ T27] RIP: 0033:0x7f69ad58fe97 [ 438.600856][ T27] RSP: 002b:00007ffcb47b6e08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 438.609563][ T27] RAX: 0000000000000000 RBX: 00007f69ad611bdd RCX: 00007f69ad58fe97 [ 438.617595][ T27] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcb47b6ec0 [ 438.625791][ T27] RBP: 00007ffcb47b6ec0 R08: 0000000000000000 R09: 0000000000000000 [ 438.633994][ T27] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcb47b7f50 [ 438.642122][ T27] R13: 00007f69ad611bdd R14: 0000000000044278 R15: 00007ffcb47b7f90 [ 438.650531][ T27] [ 438.653737][ T27] [ 438.653737][ T27] Showing all locks held in the system: [ 438.664343][ T27] 1 lock held by rcu_tasks_kthre/12: [ 438.670116][ T27] #0: ffffffff8cb2b7b0 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x33/0xf00 [ 438.681110][ T27] 1 lock held by rcu_tasks_trace/13: [ 438.686457][ T27] #0: ffffffff8cb2bfd0 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x33/0xf00 [ 438.698226][ T27] 1 lock held by khungtaskd/27: [ 438.703129][ T27] #0: ffffffff8cb2ae20 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x51/0x290 [ 438.713497][ T27] 2 locks held by kworker/u4:3/46: [ 438.719164][ T27] 2 locks held by getty/4028: [ 438.723913][ T27] #0: ffff8880309ed098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70 [ 438.733810][ T27] #1: ffffc9000327b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x41b/0x1380 [ 438.744084][ T27] 1 lock held by syz-executor/4271: [ 438.749665][ T27] #0: ffff8880184e40e0 (&type->s_umount_key#57){+.+.}-{3:3}, at: deactivate_super+0xa0/0xd0 [ 438.760163][ T27] [ 438.762521][ T27] ============================================= [ 438.762521][ T27] [ 438.773991][ T27] NMI backtrace for cpu 1 [ 438.778388][ T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 6.1.147-syzkaller #0 [ 438.786283][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 438.796345][ T27] Call Trace: [ 438.799631][ T27] [ 438.802607][ T27] dump_stack_lvl+0x168/0x22e [ 438.807296][ T27] ? irq_work_queue+0xb8/0x140 [ 438.812078][ T27] ? show_regs_print_info+0x12/0x12 [ 438.817282][ T27] ? load_image+0x3b0/0x3b0 [ 438.821813][ T27] ? vprintk_emit+0x571/0x680 [ 438.826538][ T27] ? printk_sprint+0x460/0x460 [ 438.831343][ T27] nmi_cpu_backtrace+0x3f4/0x470 [ 438.836304][ T27] ? nmi_trigger_cpumask_backtrace+0x450/0x450 [ 438.842469][ T27] ? _printk+0xcc/0x110 [ 438.846636][ T27] ? load_image+0x3b0/0x3b0 [ 438.851158][ T27] ? load_image+0x3b0/0x3b0 [ 438.855687][ T27] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 438.861767][ T27] nmi_trigger_cpumask_backtrace+0x1d4/0x450 [ 438.867756][ T27] watchdog+0xeee/0xf30 [ 438.871932][ T27] ? watchdog+0x1ed/0xf30 [ 438.876276][ T27] kthread+0x29d/0x330 [ 438.880358][ T27] ? hungtask_pm_notify+0x40/0x40 [ 438.885407][ T27] ? kthread_blkcg+0xd0/0xd0 [ 438.890028][ T27] ret_from_fork+0x1f/0x30 [ 438.894477][ T27] [ 438.898132][ T27] Sending NMI from CPU 1 to CPUs 0: [ 438.903406][ C0] NMI backtrace for cpu 0 [ 438.903417][ C0] CPU: 0 PID: 4354 Comm: kworker/u4:6 Not tainted 6.1.147-syzkaller #0 [ 438.903434][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 438.903444][ C0] Workqueue: events_unbound toggle_allocation_gate [ 438.903466][ C0] RIP: 0010:smp_call_function_many_cond+0xe7b/0x1270 [ 438.903487][ C0] Code: 00 00 00 41 8b 1f 89 de 83 e6 01 31 ff e8 5d d9 0a 00 83 e3 01 48 bb 00 00 00 00 00 fc ff df 75 07 e8 e9 d5 0a 00 eb 37 f3 90 <41> 0f b6 04 1c 84 c0 75 10 41 f7 07 01 00 00 00 74 1e e8 ce d5 0a [ 438.903501][ C0] RSP: 0018:ffffc900046df800 EFLAGS: 00000293 [ 438.903514][ C0] RAX: ffffffff8175f112 RBX: dffffc0000000000 RCX: ffff88802bce0000 [ 438.903526][ C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 438.903536][ C0] RBP: ffffc900046df960 R08: dffffc0000000000 R09: fffffbfff215ba49 [ 438.903548][ C0] R10: fffffbfff215ba49 R11: 1ffffffff215ba48 R12: 1ffff110171e81c1 [ 438.903560][ C0] R13: ffff8880b8e3bb40 R14: 0000000000000001 R15: ffff8880b8f40e08 [ 438.903573][ C0] FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 438.903586][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 438.903597][ C0] CR2: 00007f7ee9419000 CR3: 000000000c88e000 CR4: 00000000003506f0 [ 438.903612][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 438.903621][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 438.903631][ C0] Call Trace: [ 438.903636][ C0] [ 438.903647][ C0] ? text_poke_sync+0x20/0x20 [ 438.903670][ C0] ? smp_call_function_many+0x30/0x30 [ 438.903686][ C0] ? kmem_cache_alloc_bulk+0x11a/0x4e0 [ 438.903703][ C0] ? text_poke+0x90/0x90 [ 438.903721][ C0] ? trace_raw_output_contention_end+0xd0/0xd0 [ 438.903740][ C0] ? text_poke_loc_init+0xd6/0x570 [ 438.903763][ C0] ? text_poke_sync+0x20/0x20 [ 438.903782][ C0] on_each_cpu_cond_mask+0x3b/0x80 [ 438.903801][ C0] text_poke_bp_batch+0x71b/0x7d0 [ 438.903830][ C0] ? kmem_cache_alloc_bulk+0x11b/0x4e0 [ 438.903847][ C0] ? text_poke_loc_init+0x570/0x570 [ 438.903869][ C0] ? arch_jump_label_transform_queue+0x76/0xd0 [ 438.903892][ C0] text_poke_finish+0x16/0x30 [ 438.903911][ C0] arch_jump_label_transform_apply+0x13/0x20 [ 438.903929][ C0] static_key_enable_cpuslocked+0x11f/0x240 [ 438.903957][ C0] static_key_enable+0x16/0x20 [ 438.903982][ C0] toggle_allocation_gate+0xb4/0x430 [ 438.904010][ C0] ? show_object+0xa0/0xa0 [ 438.904025][ C0] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 438.904048][ C0] ? read_lock_is_recursive+0x10/0x10 [ 438.904072][ C0] ? _raw_spin_unlock_irq+0x1f/0x40 [ 438.904096][ C0] ? process_one_work+0x7a1/0x1160 [ 438.904113][ C0] process_one_work+0x898/0x1160 [ 438.904137][ C0] ? worker_detach_from_pool+0x240/0x240 [ 438.904157][ C0] ? _raw_spin_lock_irq+0xab/0xe0 [ 438.904178][ C0] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 438.904199][ C0] ? kthread_data+0x4b/0xc0 [ 438.904223][ C0] worker_thread+0xaa2/0x1250 [ 438.904249][ C0] ? __kthread_parkme+0x162/0x1c0 [ 438.904273][ C0] kthread+0x29d/0x330 [ 438.904294][ C0] ? worker_clr_flags+0x1a0/0x1a0 [ 438.904310][ C0] ? kthread_blkcg+0xd0/0xd0 [ 438.904334][ C0] ret_from_fork+0x1f/0x30 [ 438.904362][ C0] [ 439.223926][ T27] Kernel panic - not syncing: hung_task: blocked tasks [ 439.230817][ T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 6.1.147-syzkaller #0 [ 439.238751][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 439.248842][ T27] Call Trace: [ 439.252272][ T27] [ 439.255238][ T27] dump_stack_lvl+0x168/0x22e [ 439.259939][ T27] ? memcpy+0x3c/0x60 [ 439.263971][ T27] ? show_regs_print_info+0x12/0x12 [ 439.269208][ T27] ? load_image+0x3b0/0x3b0 [ 439.273767][ T27] panic+0x2c9/0x710 [ 439.277724][ T27] ? schedule_preempt_disabled+0x20/0x20 [ 439.283404][ T27] ? bpf_jit_dump+0xd0/0xd0 [ 439.287943][ T27] ? __irq_work_queue_local+0x12c/0x190 [ 439.293522][ T27] ? nmi_trigger_cpumask_backtrace+0x35b/0x450 [ 439.299875][ T27] ? nmi_trigger_cpumask_backtrace+0x360/0x450 [ 439.306056][ T27] watchdog+0xf2d/0xf30 [ 439.310277][ T27] ? watchdog+0x1ed/0xf30 [ 439.314634][ T27] kthread+0x29d/0x330 [ 439.318766][ T27] ? hungtask_pm_notify+0x40/0x40 [ 439.323812][ T27] ? kthread_blkcg+0xd0/0xd0 [ 439.328432][ T27] ret_from_fork+0x1f/0x30 [ 439.332887][ T27] [ 439.336333][ T27] Kernel Offset: disabled [ 439.340691][ T27] Rebooting in 86400 seconds..