last executing test programs: 42.551273534s ago: executing program 4 (id=1373): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000e8ff0000000000ff000022850000000e0000003f0001000000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x50, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x3c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'vcan0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1}]}]}, 0x50}}, 0x0) 37.334384452s ago: executing program 4 (id=1395): getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) r0 = syz_io_uring_setup(0x3b, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f00000003c0)=0x0, &(0x7f0000000100)=0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, &(0x7f0000003880), 0x63}, 0x0, 0xe3d08660d3cd4684}) io_uring_enter(r0, 0x92, 0x0, 0x0, 0x0, 0x0) 36.13387224s ago: executing program 4 (id=1393): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge0\x00', 0x0}) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4) sendto$packet(r0, &(0x7f00000000c0)="3f030e000300120006001e0089e9aaa911d7c2290f0086dd1327c9167c64114a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0x48, 0x0, &(0x7f0000000540)={0xc9, 0x0, r1, 0x1, 0x0, 0x6, @broadcast}, 0x14) recvfrom(r0, &(0x7f0000000440)=""/113, 0x71, 0x0, 0x0, 0x0) 35.772474458s ago: executing program 4 (id=1397): r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r0, 0x0, 0x0) mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x0, 0x0, 0x0) mmap(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x0, 0x6031, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) 35.052308649s ago: executing program 4 (id=1402): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000001540)='./file0\x00', 0x2000004c, &(0x7f00000004c0)={[{@utf8}, {@discard}, {@dmask={'dmask', 0x3d, 0x7}}, {}, {@utf8}, {@iocharset={'iocharset', 0x3d, 'maccroatian'}}, {@gid}, {@allow_utime={'allow_utime', 0x3d, 0x7}}, {@umask={'umask', 0x3d, 0x96}}]}, 0x1, 0x14f7, &(0x7f0000001580)="$eJzs3HuYjlXbMPB1rrUuxjTpbpLNsM51XtxpsEySZJOQTZIkSZJdQtIkSUJiyC5pSEK2k2QzhGQzjUljv99knzR5pEmSkOzC+g49z/d6nrfnffve7+n7HO875+841nGvc677PO+15pxjrs0f9w89R9VrUb92MyIS/xL460uKECJGCDFMCHGDECIQQlSKrxR/5XgBBSn/2oewP9ej6dd6Bexa4v7nbdz/vI37n7dx//M27n/exv3P27j/eRv3n7G8bPucYjfyyLuDn//nZXz+/x8kt/zkbzaWv7nXfyGF+5+3cf/zNu5/3sb9z9u4/3kb9/9/vlr/yTHuf97G/WcsL7vWz595XNtxrf/+GGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4zlDef8VVoIceU1uNaLYowxxhhjjDHG2J/K57/WK2CMMcYYY4wxxtj/eyCkUEKLQOQT+UWMKCBixXUiTlwvCoobRETcKOLFTaKQuFkUFkVEUVFMJIjiooQwAoUVJEJRUpQSUXGLKC1uFYmijCgrygknyoskcZuoIG4XFcUdopK4U1QWd4kqoqqoJqqLu0UNcY+oKWqJ2uJeUUfUFfVEfXGfaCDuFw3FA6KReFA0Fg+JJuJh0VQ8IpqJR0Vz8ZhoIR4XLcUTopVoLdqItqLd/1X+K6KveFX0E/1FihggBorXxCAxWAwRQ8Uw8boYLt4QI8SbIlWMFKPEW2K0eFuMEe+IsWKcGC/eFRPERDFJTBZTxFSRJt4T08T7Yrr4QMwQM8UsMVukizlirvhQzBPzxQLxkVgoPhaLxGKxRCwVGeITkSmWiSzxqVguPhPZYoVYKVaJ1WKNWCvWifVig9goNonNYovYKraJ7eJzsUPsFLvEbrFH7BX7xBdiv/hSHBBfiRzx9X8x/+y/y+8FAgRIkKBBQz7IBzEQA7EQC3EQBwWhIEQgAvEQD4WgEBSGwlAUikICJEAJKAEICAQEJaEkRCEKpaE0JEIilIWy4MBBEiRBBbgdKkJFqASVoDJUhipQFapCdagONaAG1ISaUBtqQx2oA/WgHtwH98H90BAaQiNoBI2hMTSBJtAUmkIzaAbNoTm0gBbQElpCK2gFbaANtIN20B7aQwfoAJ2gE3SGztAFukAyJENX6ArdoBt0h+7QA3pAT+gJvaA39IZX4BV4FV6F/lBHDoCBMBAGwSAYAkNhKLwOw+ENeAPehFQYCaPgLXgL3oYxcAbGwjgYD+OhhpwIk2AykJwKaZAG02AaTIfpMANmwkyYDekwB+bCXJgH82E+fAQL4WP4GBbDYlgKGZABmbAMsiALlsNZyIYVsBJWwWpYA6thHayHdbARNsFG2AJbYBtsg8/hc9gJO2E37Ia9sBe+gC/gS/gSUiEHcuAgHIRDcAgOw2HIhVw4AkfgKByFY3AMjsNxOAEn4RSchNNwGs7AWTgH5+ACXICL8FLCd833ltmQKuQVWmqZT+aTMTJGxspYGSfjZEFZUEZkRMbLeFlIFpKFZWFZVBaVCTJBlpAlJEqUJENZUpaUURmVpWVpmSgTZVlZVjrpZJJMkhVkBVlRVpSV5J2ysrxLVpFVZUdXXVaXNWQnV1PWkrVlbVlH1pX1ZH1ZXzaQDWRD2VA2ko1kY9lYNpEPy6ZyAAyBR+WVzrSQI6GlHAWtZGvZRraVb8OTsr0cAx1kR9lJPi3HwVjoItu7ZPmc7ConQTf5gpwML8oecir0lC/LXrK37CNfkX1lB9dP9pczYIAcKGfDIDlYDpFD5TyoK690rJ58U6bKkXKUfEsuhbflGPmOHCvHyfHyXTlBTpST5GQ5RU6VafI9OU2+L6fLD+QMOVPOkrNlupwj58oP5Tw5Xy6QH8mF8mO5SC6WS+RSmSE/kZlymcySn8rl8jOZLVfIlXKVXC3XyLVynVwvN8iNcpPcLLfIrXKb3C4/lzvkTrlL7pZ75F65T34h98sv5QH5lcyRX8uD8i/ykPxGHpbfylz5nTwiv5dH5Q/ymPxRHpc/yRPypDwlf5an5S/yjDwrz8nz8oL8VV6Ul+Rl6aVQoKRSSqtA5VP5VYwqoGLVdSpOXa8KqhtURN2o4tVNqpC6WRVWRVRRVUwlqOKqhDIKlVWkQlVSlVJRdYsqrW5ViaqMKqvKKafKqyR1m6qgblcV1R2qkrpTVVZ3qSqqqqqmqqu7VQ11j6qpaqna6l5VR9VV9VR9dZ9qoO5XDdUDqpF6UDVWD6km6mHVVD2imqlHVXP1mGqhHlct1ROqlWqt2qi2qp16UrVXT6kOqqPqpJ5WndUzqot6ViWr51RX9bzqpl5Q3dWLqod6SfVUL6teqrfqoy6py8qrfqq/SlED1ED1mhqkBqshaqgapl5Xw9UbaoR6U6WqkWqUekuNVm+rMeodNVaNU+PVu2qCmqgmqclqipqq0tR7app6X01XH6gZaqaapWardDVHDflbpQX/B/nv/5P8Eb99+ja1XX2udqidapfarfaovWqf2qf2q/3qgDqgclSOOqgOqkPqkDqsDqtclauOqCPqqDqqjqlj6rg6rk6ok+q8+lmdVr+oM+qsOqvOqwvqgrr4t9+B0KClVlrrQOfT+XWMLqBj9XU6Tl+vC+obdETfqOP1TbqQvlkX1kV0UV1MJ+jiuoQ2GrXVpENdUpfSUX2LLq1v1Ym6jC6ry2mny+skfdu/nP9H62un2+n2ur3uoDvoTrqT7qw76y66i07Wybqr7qq76W66u+6ue+geuqfuqXvpXrqP7qP76r66n+6nU3SKHqhf04P0YD1ED9XD9Ot6uB6uR+gROlWn6lF6lB6tR+sxeoweq8fq8Xq8nqAn6El6kp6ip+g0naan6Wl6up6uZ+gZepaepdN1up6r5+p5ep5eoBfohXqhXqQX6SV6ic7QGTpTZ+osnaWX6+U6W6/QK/QqvUqv0Wv0Or1Ob9Ab9Ca9SW/RW3S23q636x16h96ld+k9eo/ep/fp/Xq/PqAP6Bydow/qg/qQPqQP68M6V+fqI/qIPqqP6mP6mD6uj+sT+oQ+pU/p0/q0PqPP6HP6nL6gL+iL+qK+rC9fuewLZCADHeggX5AviAligtggNogL4oKCQcEgEkSC+CA+KBTcHBQOigRFg2JBQlA8KBGYAAMbUBAGJYNSQTS4JSgd3BokBmWCskG5wAXlg6TgtqBCcHtQMbgjqBTcGVQO7gqqBFWDakH14O6gRnBPUDOoFdQO7g3qBHWDekH94L6gQXB/0DB4IGgUPBg0Dh4KmgQPB02DR4JmwaNB8+CxoEXweNAyeCJoFbQO2gRtg3Z/an3vzxR5yvUz/U2KGWAGmtfMIDPYDDFDzTDzuhlu3jAjzJsm1Yw0o8xbZrR524wx75ixZpwZb941E8xEM8lMNlPMVJNm3jPTzPtmuvnAzDAzzSwz26SbOWau+dDMM/PNAvORWWg+NovMYrPELDUZ5hOTaZaZLPOpWW4+M9lmhVlpVpnVZo1Za9aZ9WaD2Wg2mc1mi9lqtpnt5nOzw+w0u8xus8fsNfvMF2a/+dIcMF+ZHPO1OWj+Yg6Zb8xh863JNd+ZI+Z7c9T8YI6ZH81x85M5YU6aU+Znc9r8Ys6Ys+acOW8umF/NRXPJXDb+ysX9ldM7atSYD/NhDMZgLMZiHMZhQSyIEYxgPMZjISyEhbEwFsWimIAJWAJL4BWEhCWxJEYxiqWxNCZiIpbFsujQYRImYQWsgBWxIlbCSlgZK2MVrILVsBrejXfjPXgP1sJaeC/ei3WxLtbH+tgAG2BDbIiNsBE2xsbYBJtgU2yKzbAZNsfm2AJbYEtsia2wFbbBNtgO22F7bI8dsAN2wk7YGTtjF+yCyZiMXbErdsNu2B27Yw/sgT2xJ/bCXtgH+2Bf7Iv9sB+mYAoOxIE4CAfhEByCw3AYDsfhOAJHYCqm4igchaNxNI7BMTgWx+F4fBcn4ESchJNxCk7FNEzDaTgNp+N0nIEzcBbOwnRMx7k4F+fhPFyAC3AhLsRFuAiX4BLMwAzMxEzMwixcjssxG7NxJa7E1bga1+JaXI/rcSNuxM24GbfiVtyO23EH7sBduAv34B7ch/twP+7HA3gAczAHD+JBPISH8DAexlzMxSN4BI/iUTyGx/A4HscTeAJP4Sk8jafxDJ7Bc3gOL+CveBEv4WX0GGOliLXX2Th7vS1ob7AxtoD9+7ioLWYTbHFbwhpb2Bb5hxittYm2jC1ry1lny9ske9vv4iq2qq1mq9u7bQ17j635u7iBvd82tA/YRvZBW9/e9w9xY/uQbWIft03tE7aZbW2b27a2hX3ctrRP2Fa2tW1j29rO9hnbxT5rk+1ztqt9/ndxpl1m19sNdqPdZPfbL+05e94etT/YC/ZX28/2t8Ps63a4fcOOsG/aVDvyd/F4+66dYCfaSXaynWKn/i6eZWfbdDvHzrUf2nl2/u/iDPuJXWiz7CK72C6xS3+Lr6wpy35ql9vPbLZdYVfaVXa1XWPX2nX/ttZVdovdarfZffYLu8PutLvsbrvH7v0tvrKPA/Yrm2O/tkfs9/aQ/cYetsdsrv3ut/jK/o7ZH+1x+5M9YU/aU/Zne9r+Ys/Ys7/t/8ref7aX7GXrrSAgSYo0BZSP8lMMFaBYuo7i6HoqSDdQhG6keLqJCtHNVJiKUFEqRglUnEqQISRLRCGVpFIUpVuoNN1KiVSGylI5clSekug2qkC3U0W6gyrRnVSZ7qIqVJWqUXW6m2rQPVSTalFtupfqUF2qR/XpPmpA91NDeoAa0YPUmB6iJvQwNaVHqBk9Ss3pMWpBj1NLeoJaUWtqQ22pHT1J7ekp6kAdqRM9TZ3pGepCz1IyPUdd6XnqRi9Qd3qRetBL1JNepl7Um/rQK9SXXqV+1J9SaAANpNdoEA2mITSUhtHrNJzeoBH0JqXSSBpFb9FoepvG0Ds0lsbReHqXJtBEmkSTaQpNpTR6j6bR+zSdPqAZNJNm0WxKpzk0lz6keTSfFtBHtJA+pkW0mJbQUsqgTyiTllEWfUrL6TPKphW0klbRalpDa2kdracNtJE20WbaQltpG22nz2kH7aRdtJv20F7aR1/QfvqSDtBXlENf00H6Cx2ib+gwfUu59B0doe/pKP1Ax+hHOk4/0Qk6SafoZzpNv9AZOkvn6DxdoF/pIl2iy+RJhBDKUIU6DMJ8Yf4wJiwQxobXhXHh9WHB8IYwEt4Yxoc3hYXCm8PCYZGwaFgsTAiLhyVCE2JoQwrDsGRYKoyGt4Slw1vDxLBMWDYsF7qwfJgU3hZWCG8PK4Z3hJXCO8PK4V1hlbBq+PiD1cO7wxrhPWHNsFZYO7w3rBPWDeuF9cP7wgbh/WHD8IGwUfhgWDF8KGwSPhw2DR8Jm4WPhs3Dx8IW4eNhy/CJsFXYOmwTtg3bhU+G7cOnwg5hx7BT+HTYOXwm7BI+GyaHz4Vdw+f/8HhKOCAcGL4WvhZ6/4BaEl0azYh+Es2MLotmRT+NLo9+Fs2OroiujK6Kro6uia6Nrouuj26Iboxuim6ObolujW6Lel8/v3DgpFNOu8Dlc/ldjCvgYt11Ls5d7wq6G1zE3eji3U2ukLvZFXZFXFFXzCW44q6EMw6ddeRCV9KVclF3iyvtbnWJrowr68o558q7JNfWtXPtXHv3lOvgOrpO7mn3tHvGPeOedc+651xX97zr5l5w3d2Lrod7yb3kXna9XG/Xx73i+rpXXT/X36W4FDfQDXSD3CA3xA1xw9wwN9wNdyPcCJfqUt0oN8qNdqPdGDfGjXVj3Xg33k1wE9wkN8lNcVNcmktz09w0N91NdzPcDDfLzXLpLt3NdXPdPDfPLXAL3MLEhW6RW+SWuCUuw2W4TJfpslyWW+6Wu2yX7Va6lW61W+3WurVuvVvvNrqNbrPb7La6rW672+52uB1ul9vl9rg9bp/b5/a7/e6AO+ByXI476A66Q+6QO+y+dbnuO3fEfe+Ouh/cMfejO+5+cifcSXfK/exOu1/cGXfWnXPn3QX3q7voLrnLzru0yHuRaZH3I9MjH0RmRGZGZkVmR9IjcyJzIx9G5kXmRxZEPoosjHwcWRRZHFkSWRrJiHwSyYwsi2RFPo0sj3wWyY6siKyMrIqsjqyJeF98R+hL+lI+6m/xpf2tPtGX8WV9Oe98eZ/kb/MV/O2+or/DV/J3+sr+Ll/FV/XV/BO+lW/t2/i2vp1/0rf3T/kOvqPv5J/2nf0zvot/1if753xX/7zv5l/w3f2Lvod/yff0L/tevrfv41/xff2rvp/v71P8AD/Qv+YH+cF+iB/qh/nX/XD/hh/h3/SpfqQf5d/yo/3bfox/x4/14/x4/66f4Cf6SX6yn+Kn+jT/np/m3/fT/Qd+hp/pZ/nZPt3P8XP9h36en+8X+I/8Qv+xX+QX+yV+qc/wn/hMv8xn+U/9cv+Zz/Yr/Eq/yq/2a/xav86v9xv8Rr/Jb/Zb/Fa/zW/3n/sdfqff5Xf7PX6v3+e/8Pv9l/6A/8rn+K/9Qf8Xf8h/4w/7b32u/84f8d/7o/4Hf8z/6I/7n/wJf9Kf8j/70/4Xf8af9ef8eX/B/+ov+kv+svf+Wj9JZ4wxxhj770D9wfEB/+Rn8m/jioFCiOt3Fsv99zU3F/7rfLBM6BwRQjzXv+ej/3vUqZOSkvK392YrEZRaLISIXM3PJ67GK0Qn8YxIFh1FhX+6vsGy9wX6g/rRO4WI/bucGHE1vlr/9v+g/pNPj8+sHJ6L/0/qLxYisdTVnALiany1fsX/oH6R9n+w/gLfpAnR4e9y4sTV+Gr9JPGUeF4k/8M7GWOMMcYYY4yxvxosq3X/o/vnK/fnCfpqTn5xNf6j+3PGGGOMMcYYY4xdey/27vPsk8nJHbvzhCc84cm/Ta71fybGGGOMMcbYn+3qRf+1XgljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMZZ3/f/4OrFrvUfGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGPsWvtfAQAA//9itDg8") mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) getresgid(&(0x7f0000000040), &(0x7f0000000180)=0x0, &(0x7f0000000240)) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=r1]) 32.704610762s ago: executing program 4 (id=1416): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000014c0), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0186129b23a7fd1e22ff6514000008000300", @ANYRES32=r3], 0x2c}}, 0x0) 28.11732643s ago: executing program 1 (id=1437): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000000000)=@newtaction={0x48, 0x30, 0x0, 0x0, 0x0, {}, [{0x34, 0x1, [@m_simple={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x48}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_user\x00', 0x26e1, 0x0) close(r0) socket$can_j1939(0x1d, 0x2, 0x7) ioctl$SIOCSIFHWADDR(r0, 0x8b2b, &(0x7f0000000000)={'wlan1\x00', @random='\x00\x00\\ \x00'}) 27.327325518s ago: executing program 1 (id=1441): openat$rfkill(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) r0 = syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r0, 0x2def, 0x0, 0x0, 0x0, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) 26.928959713s ago: executing program 1 (id=1443): socket$packet(0x11, 0x2, 0x300) socket$packet(0x11, 0x2, 0x300) socket$packet(0x11, 0x2, 0x300) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/packet\x00') preadv(r0, &(0x7f0000000100)=[{&(0x7f0000000180)=""/253, 0xfd}], 0x1, 0x103, 0x0) 26.642298467s ago: executing program 1 (id=1446): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x89901) syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000980)=ANY=[@ANYBLOB='iocharset=maciceland,umask=000000000000000000\x00\x00\x00\x005,gid=', @ANYRESDEC=0x0, @ANYBLOB="2c6572726f72733d636f6e74696e75652c757466382c6572726f72733d636f6e74696e75652c696f636861727365743d69736f383835392d332c6572726f72733d72656d6f776e742d726f2c6572726f72733d636fcff885422ca3aa6e74696e75652c6572726f72733d636f6eeac9ac2674a56a0a423273db71eb95f0096d6612bd441f49616000232365c5b0614aa9de3ee354d1bca518b654a9198442b08cc2a5986e583f1b61dad220de133f025ce6a174fb0cbb360c176889ff97720ecad2834b4377665a3b82c77afd4a97f62dfee81e2b40eea6ee9988b26ddf15bcbea2ba5f8bd5d6e977ab55b8c96b762f9682c475b0fafe9d412e56bc370ba19864c27cad0a8e93aad28b5160ee7b26f066dc4da4a05d59d6856864cdb1a5c3e7677d48b4f598c73ca1275509a9f7b05751e65cd7a865ce01644ebcd0378abdfe9f13b508e0e7b3ee4758c8c0c7d6237b9c4b8a2f7048335455f2664cc9037bab70e63212bbdfa8cec5547b3b7bf228fa403e8fc3868ee6be4816766c0794f49d8c5f84124c4c0cd8de418d7c465e2c41f5843587e4b0ce4c9b12c9e9fcbbbfdbadceb6c2b33cd5c38aec9f46735a4a12a0dc252f3b01ec96c076808bb790f43088d6740f3d9b35133d90661c17f6072ef791b2760c4fc4293a607033b1b874fe8abcd08f659315f2e1eb47aeac83e876e717e97ede0d9032465ffdc539fa34ce3d79938b9dabfc9c565ba1799a4b6e6f182fc55c4fdcc1433e1a3597922f41e59506cb215a4b831f319748e12ab4dc5b929c03924614af2ddbfcff9003", @ANYRESHEX=0x0], 0x1, 0x1524, &(0x7f0000002280)="$eJzs3AuYTlXbOPD7XmvtMSbpaZLDsNa6N09yWCZJckiSQ5IkSZJTQtIkryQkhpyShiQkhyE5DCE5TEwa5/P5kJAkTZKE5JSs/yX8vb31fu/7fm/f67u+uX/XtS/rfva+1773cz+HvbeZ+a7zkBqNalZtQETwb8GL/yQDQCwADACA6wAgAICy8WXjL6zPKTH539sJ+3M9kna1K2BXE/c/e+P+Z2/c/+yN+5+9cf+zN+5/9sb9z964/4xlZ5umFbiel+y78P3/7Iy///8PySo15qs1pW7sAhDzz6Zw/7M37v//WcE/sxH3P3vj/mdXsVe7APa/AL//s4Mcf3cN9z974/4zlp1d7fvPV3uBSPZ+Dq72648xxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWPZw2l+hAODy+GrXxRhjjDHGGGOMsT+Pz3G1K2CMMcYYY4wxxtj/PAQBEhQEEAM5IBZyQhwIALgWcsN1EIHrIR5ugDxwI+SFfJAfCkACFIRCoMGABYIQCkMRiMJNUBRuhmJQHEpASXBQChLhFigNt0IZuA3Kwu1QDu6A8lABKkIluBMqw11QBe6GqnAPVIPqUANqwr1QC+6D2nA/1IEHoC48CPXgIagPD0MDeAQawqPQCB6DxvA4NIGm0AyaQ4v/Vv5L0B1ehh7QE5KhF/SGV6AP9IV+0B8GwKswEF6DQfA6pMBgGAJvwFB4E4bBWzAcRsBIeBtGwTswGsbAWBgHqTAeJsC7MBHeg0kwGabAVEiDaTAd3ocZMBNmwQcwGz6EOTAX5sF8SIePYAEshAz4GBbBJ5AJi2EJLIVlsBxWwEpYBathDayFdbAeNsBG2ASbYQtshW2wHXbAp7ATPoNdsBv2wOewF774F/NP/U1+FwQEFChQocIYjMFYjMU4jMNcmAtzY26MYATjMR7zYB7Mi3kxP+bHBEzAQlgIDRokJCyMhTGKUSyKRbEYFsMSWAIdOkzERCyNt2IZLINlsSyWw3JYHitgBayElbAyVsYqWAWrYlWshtWwBtbAe/Fe7IW1sTbWwTpYF+tevj2FDbABNsSG2AgbYWNsjE2wCTbDZtgCW2BLbImtsBW2wTbYFttiO2yHSZiE7bE9dsAO2BE7YifshJ2xM3bBrtg166UcgC/jy9gTq4le2Bt7Yx9MydEP+2N/fBUH4mv4Gr6OKTgYh+Ab+Aa+icPwJA7HETgSR2Jl8Q6OxjFIYhymYipOwAk4ESfiJJyMk3EqpuE0nI7TcQbOxJn4Ac7GD/FDnItzcT6mYzouwIWYgRm4CE9hJi7GJbgUl+FyXIYrcRWuxDW4FtfgelyPG3EjbsbNuBW34nbcjp+iAsDPcDfuxhTci3txH+7D/bgfD+ABzMIsPIgH8RAewsN4GI/gETyKx/A4HsMTeAJP4ik8jafxLJ7Fc/hCwjcNPy2+OgXEBUooESNiRKyIFXEiTuQSuURukVtERETEi3iRR+QReUVekV/kFwkiQRQShYQRRpAIYwBAREVUFBVFRTFRTJQQJYQTTiSKRFFalBZlRBlRVtwuyok7RHlRQbR2lUQlUVm0cVXE3aKqqCqqieqihqgpaopaopaoLWqLOqKOqCvqinriIVFf9MJ++Ii40JlGYjA2FkOwiWgq5KVPsJZiGLYSrUUb8ZQYgcOxnWjpksSzor0YjR3EX8QYfF50EuOws3hRdBFdRTfxkuguWrkeoqeYhL1EbzEV+4i+op/oL2ZgdfEBzs5ZQ7wuUsRgMUS8Iebjm2KYeEsMFyPESPG2GCXeEaPFGDFWjBOpYryYIN4VE8V7YpKYLKaIqSJNTBPTxftihpgpZokPxGzxoZgj5op5Yr5IFx+JBWKhyBAfi0XiE5EpFoslYqlYJpaLFWKlWCVWizVirVgn1osNYqPYJDaLLWKr2Ca2ix3iU7FTfCZ2id1ij/hc7BVfiH3iS7FffCUOiK9FlvhGHBTfikPiO3FYfC+OiB/EUXFMHBc/ihPiJ3FSnBKnxRlxVvwszolfxHnhBUiUQkqpZCBjZA4ZK3PKOHmNzCWDS8/u9TJe3iDzyBtlXplP5pcFZIIsKAtJLY20kmQoC8siMipvkkXlzbKYLC5LyJLSyVIyUd4iS8tbZRl5mywrb5fl5B2yvKwgK8pK8k5ZWd4lIXJxH9VkdVlD1pT3ymS4T9aW98s68gFZVz4o68mHZH35sGwgH5EN5aOykXxMNpaPyyayqWwmm8sW8gnZUj4pW8nWso18SraVT8t28hmZJJ+V7aW/9BJ5XnaSL8jO8kXZRXaV3eQv8rz0sofsKaEXyN7yFdlH9pX9ZH85QL4qB8rX5CD5ukyRg+UQ+YYcKt+Uw+RbcrgcIUfKt+Uo+Y4cLcfIsXKcTJXj5QT5rpwo35OT5GQ5RU6VaXKa7HdppllS/sP8d/8gf9Cve98oN8nNcovcKrfJ7XKH/FTulDvlLrlL7pF75F65V+6T++R+uV8ekAdklsySB+VBeUgekoflYXlEHpFH5TF5Rv4oT8if5El5Sp6SZ+RZeVaeu/QcgEIllFRKBSpG5VCxKqeKU9eoXOpalVtdpyLqehWvblB51I0qr8qn8qsCKkEVVIWUVkZZRSpUhVURFVU34aUXjCqhSiqnSqlEdcu/kq+KqptVMVX8N/mX60v+O/W1UC1US9VStVKtVBvVRrVVbVU71U4lqSTVXrVXHVQH1VF1VJ1UJ9VZdVZdVBfVTXVT3VV31UP1UMkqWfVWr6g+qq/qp/qrAepVNVANVIPUIJWiUtQQNUQNVUPVMDVMDVfD1Ug1Uo1So9RoNVqNVWNVqkpVE9QENVFNVJPUJDVFTVFpKk1NV9PVDDVDzVKz1Gw1W81Rc9Q8NU+lq3S1QC1QGSpDLVKLVKZarBarpWqpWq6Wq5VqpVqtVqu1aq1ar9arTLVJbVJb1Ba1TW1TO9QOtVPtVLvULrVH7VF71V61T+1T+9V+dUAdUFkqSx1UB9UhdUgdVofVEXVEHVVH1XF1XJ1QJ9RJdVKdVqfVWXVWnVPn1Hl1/sJpXyACEahABTFBTBAbxAZxQVyQK8gV5A5yB5EgEsQH8UGe4MYgb5AvyB8UCBKCgkGhQAcmsIG41PRocFNQNLg5KBYUD0oEJQMXlAoSg1uC0sGtQZngtqBscHtQLrgjKB9UCCoGlYI7g8rBXUGV4O6ganBPUC2oHtQIagb3BrWC+4Lawf1BneCBoG7wYFAveCioHzwcNAgeCRoGjwaNgseCxsHjQZOgadAsaB60+FPn9/5kviddD91TJ+teurd+RffRfXU/3V8P0K/qgfo1PUi/rlP0YD1Ev6GH6jf1MP2WHq5H6JH6bT1Kv6NH6zF6rB6nU/V4PUG/qyfq9/QkPVlP0VN1mp6mp+v39Qw9U8/SH+jZ+kM9R8/V8/R8na4/0gv0Qp2hP9aL9Cc6Uy/WS/RSvUwv1yv0Sr1Kr9Zr9Fq9Tq/XG/RGvUlv1lv0Vr1Nb9c79Kd6p/5M79K79R79ud6rv9D79Jd6v/5KH9Bf6yz9jT6ov9WH9Hf6sP5eH9E/6KP6mD6uf9Qn9E/6pD6lT+sz+qz+WZ/Tv+jz2l84ub/w9W6UUSbGxJhYE2viTJzJZXKZ3Ca3iZiIiTfxJo/JY/KavCa/yW8STIIpZAqZC8iQKWwKm6iJmqKmqClmipkSpoRxxplEk2hKm9KmjCljypqyppwpZ8qb8qaiqWjuNHeau8xd5m5zt7nH3GOqm+qmpqlpaplaprapbeqYOqauqWvqmXqmvqlvGpgGpqFpaBqZRqaxaWyamCammWlmWpgWpqVpaVqZVqaNaWPamramnWlnkkySaW/amw6mg+loOppOppPpbDqbLqaL6Wa6me6mu+lhephkk2x6m96mj+lj+pl+ZoAZYAaagWaQGWRSTIoZYoaYoWaoGWaGmeFmhBl54UTVvGNGmzFmrBlnUk2qmWAmmIlmoplkJpkpZopJM2lmupluZpgZZpaZZWab2WaOmWPmmXkm3aSbBWaByTAZZpFZZDJNpllilphlZplZYVaYVWaVWWPWmHWwzmwwG8wms8lsMVvMNrPN7DA7zE6z0+wyu8wes8fsNXvNPrPP7Df7zQFzwGSZLHPQHDSHzCFz2Bw2R8wRc9QcNcfNcXPCnDAnzUlz2pw2Z02+S9+X3sTanDbOXmNz2Wttbnud/ds4vy1gE2xBW8hqm9fm+01srLXFbHFbwpa0zpayifaW38XlbQVb0Vayd9rK9i5b5XdxLXufrW3vt3XsA7amvfc3cV37oK1nH7P1EQFsU9vQNreN7GO2sX3cNrFNbTPb3La1T9t29hmbZJ+17e1zv4sX2IV2lV1t19i1dpfdbU/bM/aQ/c6etT/bHranHWBftQPta3aQfd2m2MG/i0fat+0o+44dbcfYsXbc7+IpdqpNs9PsdPu+nWFn/i5Otx/Z2TbDzrFz7Tw7/9f4Qk0Z9mO7yH5iM20AS+xSu8wutyvsyv9f61K73m6wG+1O+5ndYrfabXa73XH5RNjutnvs53av/cIetN/a/fYre8Aetln2m1/jC8d32H5vj9gf7FF7zB63P9oT9id1OfvCsf9of7HnrbdASECSFAUUQzkolnJSHF1Duehayk3XUYSup3i6gfLQjZSX8lF+KkAJVJAKkSZDlohCKkxFKEo30eXySlBJclSKEukWKk23Uhm6jcrS7VSO7qDyVIEqUiW6kyrTXVSF7qaqdA9Vo+pUg2rSvVSL7qPadD/VoQeoLj1I9eghqk8PUwN6hBrSo9SIHqPG9Dg1oabUjJpTC3qCWtKT1IpaUxt6itrS09SOnqEkepba03PUgf5CHel56kQvUGd6kbpQV+pGL1F3epl6UE9Kpl7Um16hPtSX+lF/GkCv0kB6jQbR65RCg2kIvUFD6U0aRm/RcBpBI+ltGkXv0GgaQ2NpHKXSeJpA79JEeo8m0WSaQlMpjabRdHqfZtBMmkUf0Gz6kObQXJpH8ymdPqIFtJAy6GNaRJ9QJi2mJbSUltFyWkEraRWtpjW0ltbRetpAG2kTbaYttJW20XbaQZ/STvqMdtFu2kOf0176gvbRl7SfvqID9DVl0Td0kL6lQ/QdHabvfU/6gY7SMTpOP9IJ+olO0ik6TWfoLP1M5+gXOk+eIMRQhDJUYRDGhDnC2DBnGBdeE+YKrw1zh9eFkfD6MD68IcwT3hjmDfOF+cMCYUJYMCwU6tCENqQwDAuHRcJoeFNYNLw5LBYWD0uEJUMXlgoTw1vC0uGtYZnwtrBseHtYLrwjLB9WCB97oFJ4Z1g5vCusEt4dVg3vCauF1cMaYc3w3rBWeF9YO7w/rBM+EJYJHwzrhQ+F9cOHwwbhI2HD8NGwUfhY2Dh8PGwSNg2bhc3DFuETYcvwybBV2DpsEz4Vtg2fDtuFz4RJ4bNh+/C5X9c/uPDvr08Oe4W9w1fCV0Lv75fzovOj6dGPoguiC6MZ0Y+ji6KfRDOji6NLokujy6LLoyuiK6Oroquja6Jro+ui66Mbohuj3tfMAQ6dcNIpF7gYl8PFupwuzl3jcrlrXW53nYu46128u8HlcTe6vC6fy+8KuARX0BVy2hlnHbnQFXZFXNTd5Iq6m10xV9yVcCWdc6VcomvuWrgWrqV70rVyrV0b95R7yj3tnnbPuGfcs669e851cH9xHd3zrpN7wb3gXnRdXFfXzb3kurvxuS++J5Ndb9fb9XF9XD/Xzw1wA9xAN9ANcoNciktxQ9wQN9QNdcPcMDfcDXcj3Ug3yo1yo91oN9aNdaku1U1wE9xEN9FNcpPcFDfFpbk0N91NdzPcDFd55sW9zHFz3Dw3z6W7dLfAXThnzHCL3CKX6TLdErfELXPL3Aq3wq1yq9wat8atc+vcBrfBbXKb3Ba3xW1z29wOt8PtdDvdLn/dxUndXrfP7XP73X53wH3tstw37qD71h1y37nD7nt3xP3gjrpj7rj70Z1wP7mT7pQ77c64s+5nd8794s4771Ij4yMTIu9GJkbei0yKTI5MiUyNpEWmRaZH3o/MiMyMzIp8EJkd+TAyJzI3Mi8yP5Ie+SiyILIwkhH5OLIo8kkkM7I4siSyNLIssjzifcEtoS/si/iov8kX9Tf7Yr64L+FLeudL+UR/iy/tb/Vl/G2+rL/dl/N3+PK+gq/oH/dNfFPfzDf3LfwTvqV/0rfyrX0b/5Rv65/27fwzPsk/69v753wH/xff0T/vO/kXfGf/ou/iu/pu/iXf3b/se/iePtn38r39K76P7+v7+f5+gH/VD/Sv+UH+dZ/iB/sh/g0/1L/ph/m3/HA/wo+MeduPunyJDON8qh/vJ/h3/UT/np/kJ/spfqpP89P8dP++n+Fn+ln+Az/bf+jn+Ll+np/v0/1HfoFf6DP8x36R/8Rn+sWXbyr7FX6lX+VX+zV+rV/n1/sNfqPf5Df7LX6r3+a3+x3+U7/Tf+Z3+d1+j//c7/Vf+H3+S7/ff+UP+K99lv/GH/Tf+kP+O3/Yf++P+B/8UX/MH/c/+hP+J3/Sn/Kn/Rl/1v/sz/lf/Hn+nTXGGGOMsX/K+CtD8ds1F2/n9/qDHPFXG/cGgGu3Fsj66/UXzijX5b047isS2kYA4NmenR+5vFSrlpycfGnbTAlBkbkAl/8n6IIYuBIvhjbwNCRBayj9h/X3FV3P0j+YP3o7QNxf5cTClfjK/F8CYPIfzP/EUyMXlAtPx/8X888FKFbkSk5OuBIvhja/3l9pDWX+Tv35Wv6D+nN+lQrQ6q9ycsGV+Er9ifAkPAdJv9mSMcYYY4wxxhi7qK+o2PHy9efln/j8o+vzBHUlJwdcif/R9TljjDHGGGOMMcauvue7dnvmiaSk1h3/9UGV/1bWPz1oDP9TM/PgDwfeA1x+RAHAvzkhwIWB/E8exeb/yL5SLr11/nbVsjM+gP8drfwzBlf5g4kxxhhjjDH2p7ty0v/bx9XVKogxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMuG/hN/TuxqHyNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2/AAAA//9IVQM5") move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount_setattr(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000080)={0x0, 0x0, 0x20000}, 0x20) 25.955379768s ago: executing program 1 (id=1451): madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000080)={0xc, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r0, 0x3ba0, &(0x7f0000000180)={0x48, 0x2, r1}) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000200)={0x28, 0x0, r1, 0x0, &(0x7f0000ff9000/0x4000)=nil, 0x4000}) 25.379328222s ago: executing program 1 (id=1453): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r0, 0x404c534a, &(0x7f0000000380)) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/timer\x00', 0x0, 0x0) read$char_usb(r1, &(0x7f00000001c0)=""/4068, 0xfe4) 7.591464514s ago: executing program 2 (id=1534): syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000080)='./bus\x00', 0x8000, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00'], 0x2, 0x597, &(0x7f0000000c00)="$eJzs3c1rXWkZAPDnPc1NbzrtzJ22ttaOckHBMmJJ006qpjjWyQSE4oRp04UrY5N2wtwmJelIOwzahejG/8HVbBRkQN0ILnTrQnciA67ErVEGBhWnck7P/Uw0qTc3ySW/H7Q599znvOc9hzbwvJ8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAER89dWr4xfSXtcCAAAAGKSvX399fKIn/x/bq8oAAAAAA3FD/z8AAAAAAAAADLsUWXw/Ujw4tp6OFp+fqF5bWn7rwdz0zOaXjaXiykNFfP6nemHi4qWXJi9/ofnzf1+/087Ea9dvXK2/snL33uri2triQn1ueenWysLitkvo9/peLxYvoH73zbcWbt9eq0+cv9j19YPaXw4/c6o29cVXT15rxs5Nz8xc74gZqfzfd9/ACA8AAICDbTSyuBQpbpz9aToWEVn0nwtv0XYwaGNRy/Pv4iHmpmeKB2kszS/fz7+cbSbCte6ceLSZI+9CLt6XWsTxvK6jMnoAAAC2rxJZfCpSnPloPT0bEYeaefDnioUBty6gtguV3MRIRJyIiHMxBDk7AAAA7LHDkcXrkeJXjVo8V+bVRf7/lYipva4cAAAAsCNGIovLkeKDqfVUK8YDRMSLc9Mz9Ws3619bvr3SETubyh71YZ8fsJuMTQAAAGAfqEYWx4oe//X0/FNf/Y/Hjx8PpFoAAADADhqLLP4ZKT778reLdeWiWJf+uakvHb0y07nC3Oktysljz0fE2W3Oya+Uaw3OptmUsg2lPdqRhwMAAAAK1ZTFnyPFh3+sFp/Plbl5GtnrmgEAAAA7JmXxvUjx5dn1lHr2pT/Usb9/y7DP/R9s/ceqr6zce7i6dOeN+5t+f6R69Vtr91fnb23+9ZO9C7uGQ2y1jyEAAABsQyVl8fdI8dvGe628s9wDoBwB0E40373Szk2rqefbot3g2aLdoDWH4JmJic7jTVPWp1gfr1be91D/jw0AAAAHSkpZjEaKz/zm4+Xe/0diQx90Gfe7SHFl5YUyLhvN45rTBGrF39XbS43F8Tx2OlL8vNGMjSL2cBl7oh17IY/9dV7ufHdstYw9WYRGHjuRx34UKd5Y3Tz2Y+1yL+axq5HiJz+qN2OP5LFHy9hT7djzt1YaC4N7wwAAALD3KimLX0SKH/6r3pry393/3+5tf/eddn//hgX6/kuff7/9/7WOc4/KdojDZXvFyBbtFa9FijPPv9B8nqKtoDms4MleB+32ir9FitVvdMeOlrHH27EXtv1iAQAAYB9pjv///c1ftobclzlw+XHz/P8TvesDDij/79yTML/n2sO335xvNBZXh+nguxHRdSbtk4o5eKqD/B/hPqjGzhyU/6ke7Zf69HvQ169BAAA4EPL8/2akePDB+63+7jL/L4fKt/P/D7/Tzv+negsaUP5/vOPcVLneQGUkonr/7r3K6Yjq2sO3P790d/7O4p3F5YuTL02OT05evjRRGW127reP+n5XAAAAMKzy/H88Uvz1Bz9uzc/fTv//kd6CBpT/n+g4l9+z3emXn/lTv48PAAAAB0Ke//8sUvzh7HutdfS68/+O9f/fac+zP/fpJ6MFWq0DA8r/T3acqxX3jRjboWcHAAAAAAAAAAAAAAAAAACA/aKSsvh3pHi/OpLKBf+3tf7fQm9BA5r/f6rj3ELszv5/fb9UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGFJZZLEUKT55ej29nJ/4ZsTRzp8AAADA0PtPAAAA//81ax1R") chdir(&(0x7f0000000000)='./file0\x00') creat(&(0x7f0000000080)='./file1\x00', 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='.\x00', 0x0, 0x0) unlinkat(r0, &(0x7f0000000280)='./file1\x00', 0x0) 6.93188872s ago: executing program 2 (id=1538): syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000080)='./file0\x00', 0x800090, &(0x7f0000000280)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c726f6469722c756e695f786c6174653d302c006f6e756d7461696c3d302c756e695f786c6174653d3137c9702e761c3d0b74653d302c06de791afbd95bf9d36f73686f72746e614b653d77696e6e742c726f6469722c757466383d312c726f6469722c757466383d302c696f636861727365743d6d61636761656c69632c73686f9b416e616d653d6d697853642c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6d697865642c646d61736b3d30303030303030303030303030303030303030303030312c646d61736b3d30303030303030303030303030309ac0c1c330303030362c756e695f786c6174653d302c696f636861727365743d69736f383835392d342c757466383d302c73686f72746e616d653d6d697865642c73686f6f6469722c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e6e742c73686f72746e616d653d77696e39352c757466383d302c646566636f6e746578743d756e6c6f00"/397], 0x7, 0x2e0, &(0x7f00000011c0)="$eJzs3b9rJFUcAPDvbHZnVy02hZUIDmhhdVyutUmQOxBTeaQ4LTR4OZCbIFwg4g8crxI7G0v/AkHwb7C2sbMUbAU7TzgYebMz2d27yd6e3Eb0Pp9i8/Le+877vjebZJp8970Xj2/fLOLW3c9+jckki8HuOOJeFtsxiM4XsWT36wAA/svu1XX8Uc8sj+Tp5ZevVsRONpwbALAZ5//9XzRsXm+kGT9cXG4AwGZcv/H2m3v7+1ffKopJXDv+8vQgi4j0dTa+dys+iDKO4nJM435E86AwiuZpITWv1XVdDYtkO145rk4PUuTxuz+119/7PaKJ34lpbDddZ08bTfwb+1d3ipnIz+KrlMez7fq7Kf5KTOP5s+Cl+Ctd/Hz9Kg7yePXlhfwvxTR+fv/HD6OMm00S8/jPd4ri9fqbPz99J6WX4rPq9GDczJurt7rFqwu+RwAAAAAAAAAAAAAAAAAAAAAA/P9camvnjKOp35O62vo7W/fTN6MoOov1faquPlDWXWheHygGdV1XdXzb1de5XBRF3U6cxw/jhWFbWBAAAAAAAAAAAAAAAAAAAACecicff3L7sCyP7jyRRlcNYBgRf12P+KfX2V3oeSlWTx63ax6W5aBtLs8ZLvbEVjcni1iZRtrEEzqWRzWeeSjntvHd971RaUcnw+gbmjx60VH/Wo/Z+Gg0O8feOc1IOunDrP8Mx2fJT9KNiwdvXB79q4/igZ78vAy7t+J628l7h6aPfSz5c6mRjubcOZGt+rl47bdZ2gu7WJqTR/Te97I8GrWNOG/1yVrv55jMwh/+XZGp1gEAAAAAAAAAAAAAAAAAABs1/+/fnsG7K0MH9XhjaQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAhZp//v86jeFy8BpRedw5+bf2BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwNPj7wAAAP//KBxUUQ==") timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x42, 0x0) pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8000c61) 5.645212704s ago: executing program 2 (id=1547): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000240)=@filter={'filter\x00', 0xe, 0x1, 0x130, [0x0, 0x20000100, 0x20000130, 0x20000160], 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0000000000002a7b000000000000000000000000030000000023b500000000000100000000000000feffffff0000000000000000000000000012c31aa8b556307b0000160900000000000000000000000000000000000000ffffffff00000000000000000000000000000000000000000000000000ffffff7f000000000000000000000000000000feffffff010000001100000009000000000000000000106cf4aa4ac99e8d000000006c6f00000000000000000000000000e2ffffffffff01000001000000100000fa6215e1c90fed90ac00000010a85f001a4b000000000000000580000000aaaaaabd0000020000000000007000000070000000a000000041554449540000000000000000000000000000000000000000000000000000000800000000000d000000000000000000"]}, 0x1a8) r1 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendto$packet(r1, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14) 5.592588645s ago: executing program 3 (id=1548): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) mq_open(&(0x7f0000000300)='\tsea_\xc8\xff\x126\x81=\x14\xb7\x13|7\x7fW=\xc5c2\xf3\xa3\xc3\xdc~\x14\x91J~\xac.R.\x90\xb6B\xb3\x13\"1\xf1U?\x95\xcdu\xaa\xf5=\xb1\x9dH:\a\x13\x14\x91\a,\xd2\x81u\xc4\xf2\x8b\x06\x8a\xb4\x7fr+\x02\xa5\xfd1D\xc2\xad\xdd\xd7\xda\x9d\xc1a\t\xc5\'@\b|\xdc\xa3\xcf,\xab\xa1\xd3', 0x6e93ebbbcc0884f2, 0x100, &(0x7f0000000380)={0x0, 0x8000000001, 0x7, 0x3}) 5.340250551s ago: executing program 3 (id=1550): syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc802, &(0x7f0000000040)=ANY=[], 0x1, 0x679, &(0x7f0000000640)="$eJzs3c1vHGcdB/DvbDZONi2pmyZtQJVqNRIgIhI7lgvmQkAI+VChqhw4W4nTWNmkxXYrt0LU4fXaQ/+AcvAFcULiHqlw4AK33pC5VULi0gvmtGjGs+v1+iXrtvE65fOJZp9n5pnnmd/zm53ZFyvaAP+35i6n+SBF5i6/vFqub6xPtzfWp+9260lOJVlLmkkaSYr/dDqdD5PrSdEbphgod3l/cfbVjz7Z+HhrrVkv1f6Ng/oNqPdbG9i81t02keREXX4GO8a78ZnHK3qRX09yqS5h5E4m6ezw078+2Wvp09qr9+kjiRF4tIqt183Ur8c948mZ+kIv3wd0X3kbRx/hcE4Nud/gOwgAAAB43AzzGfipzWxmtTh7BOEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAF8La9u//F/XS6NYnUnR//3+s3pa6fry8cLjdHzyqOAAAAAAAAADgSPyzenxhM5tZzdnu1k5R/c3/xWrlfPX4RN7MchaylCtZzXxWspKlTCUZ7xtubHV+ZWVpaoie1/bsee0h4Z6qy9bnMXcAAAAAAAAA+ML5Rea2//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADHQZGc2CpS3O/bPJ5GM8npJGPlhrXk79364+zBqAMAAACAI/DUZjazmrPd9U6R80merb4DOJ03cy8rWcxK2lnIzep7ga1P/Y2N9en2xvr03XLZPe73/n2oMKoRs/Xdw95Hvljt0cqtt7p9buT1tHMzjapn6WIdT3ePgbjulzEV360NGdnNuixn/l5d7vLuoSa7n0N+mTJeZeRkbmWxytFkHVuZjae7Z2bvM3TIszN4pKk0esGeHzjSwCQ+Vc7P1GU5n9/sl/ORGMzEtb5n37MH5zz52p/+8JPJun58pjScE3XZqR5buzMx3ZeJ54bJxO32vTu3by1fftwysctklYkLvfW5/DA/zuVM5JUsZTFvZT4rWchEflDV5uuTX/Rd8vtk6vqOtVceFslY/QzdOlmHi+nFqu/ZLOZHeT03s5CXqn/XMpVvZSYzme07wxcOPsPVVd/Y56rvfGnP4C99va60kvy2Lve0b8OjUub16b689t9zx6u2/i3bWTo3RJYOeW9sfqWulMf4ZV0eD4OZmOrLxDMHZ+J31W1luX3vztLt+TeGO9y59+pKeR39+ljdUsvny7nyZFVrO58dZdszvT135qtsO9/r19jVdqHXVl2pRXPfK3Wsfg+3e6RrVdtze7ZNV20X+9pavbYrvfdbABx7Z75xZqz1r9bfWh+0ftW63Xr59PdPffvU82M5+eeT32lOnvhq4/nij/kgP9/+/A8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHx6y2+/c2e+3V5YGqh0Op1392k66krzIaHuqmTiH0+UHbpbOuk1dX/O7Ahn8eUnk5HncOSV/3Y6nXpLsc8+v//LsUlUp3YsUjeiyujuScDRuLpy942ry2+/883Fu/OvLby2cG92ZmZ2cnbmpemrtxbbC5Nbj6OOEngUtl/0Rx0JAAAAAAAAAAAAMKyj+O8Eo54jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Hibu5zmgxSZmrwyWa5vrE+3y6Vb396zmaSRpPhZUnyYXM/WkvG+4Yr9jvP+4uyrH32y8fH2WM3u/o2D+g1nrV4ykeTEVnn/8xrvRl0eqDhoCkVvhmXCLnUTB6P2vwAAAP//pfYHBg==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) write$cgroup_int(r1, &(0x7f0000000200), 0x43451) write$binfmt_aout(r0, &(0x7f0000003280), 0x20) 4.78468222s ago: executing program 0 (id=1553): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0)) statx(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x20001400) 4.78040285s ago: executing program 2 (id=1554): r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_EXPBUF(r0, 0x2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) r2 = openat$dma_heap(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$DMA_HEAP_IOCTL_ALLOC(r2, 0xc0184800, &(0x7f0000000040)={0x5, r1}) ioctl$DMA_BUF_IOCTL_SYNC(r3, 0x40086200, &(0x7f0000000100)=0x3) 4.477718855s ago: executing program 3 (id=1555): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'rng\x00', 0x0, 0x0, 'ansi_cprng\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="591f30ae5b4912c96d093f15984e7313a652c33749d5e74c26a035b0f838233d466454b7f6e8420cfee66039bfbb4dff", 0x30) r1 = accept$alg(r0, 0x0, 0x0) recvmmsg(r1, &(0x7f0000000900)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000340)=""/49, 0x31}], 0x1}}], 0x1, 0x0, 0x0) 4.242595101s ago: executing program 0 (id=1556): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000001100)='./file1\x00', 0x3014490, &(0x7f0000000100)={[{@nombcache}, {@usrjquota}, {@errors_remount}, {@norecovery}, {@abort}, {@mblk_io_submit}, {@nouid32}, {@barrier_val}, {@grpjquota}, {}]}, 0x45, 0x7ce, &(0x7f0000000500)="$eJzs3c9rHNcdAPDvrFY/7VYqlLYuFBYKrcF4Vbmq3UKhKj2UQg2G5JRDbLFaC0crrdGujCVEYhMCuQSSkFty8Tk/LyHX/IDkkvwfwcZJZBOHHILC7A9pJe/aK0faje3PB8Z6b+fNvPfdN/P2STOeDeCxlUv/yUQciYiXk4jxxutJRAzWUtmImXq5OxvrhXRJYnPzia+TWpnbG+uFaNkmdaiR+V1EfPxCxLHM3fVWVtcWZkul4vKObVfXjl9YnJ0vzheXTk5NT5849bdTJ/cv1m+/WDt845X//vmdme+f/+27L32SxEwcTuOr2Y5jv+Qi14hrMH0Ld/jPflfWN+8/20WhTMTmZj2ZPegGsQfpqTnQ6JUjMR4D9+qf0V62DAA4KM9FOjPrYKDjGgDgoZbUP///1e92AAC90vw7wO2N9UJz6e9fJHrr5r8jYqQef/P6Zn1NtnHNbqR2HXTsdrLjykgSERP7UH8uIt744Om30iV2XU8FOEhXrkbEuYncjvF/IGoj3O57FvbqL+1fnm/N5HatNP5B73yYzn/+3m7+l9ma/0Sb+c9wm3P3Qdz//M9c34dqOkrnf/9subftTkv8DRMDjdwvanO+weT8hVIxHdt+GRFHY3A4zU/Vy7a9Q+borR9udaq/df73zavPvJnWn/7cLpG5nh3euc3cbHX2p8bddPNqxO+z7eJPx//hWv8nHea/Z7qs43//ePH1TuvS+NN4m8vd8R+szWsRf2rb/8lWmTQ1WV28OFlpd3/iZO1wmGweFG28NxNjnerPZbf7P13S+pu/C/RC2v9j945/Imm9X7PS9a63zoXPr41/1KlQ6/HfPv72x/9Q8mQtPdR47fJstbo8FTGU/P/u109sb9vMN8un8R/9Y/vzvzn+tTn+n0r3f67LNyJ746u3Hzz+g5XGP7en/t9zIkbuLAx0qr+7/p/esU0341+3DXzQ9w0AAAAAAAAAAAAAAAAAAAAAAAAA9iITEYcjyeS30plMPl//Du9fx1imVK5Uj50vryzNpetqzz/NNB91Od7yPNSpxvPwm/kTu/J/jYhfRcRrw6O1fL5QLs31O3gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaDjU4fv/U18O7yo80I8WAgAHYsQHOwA8bpJstt9NAAB6baTrkrmIGD3QtgAAvdH95z8A8Kjo/PnvwgAAPKru8/v/7v8GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHt15vTpdNn8bmO9kObnLq2uLJQvHZ8rVhbyiyuFfKG8fDE/Xy7Pl4r5Qnkxsh12dKX+o1QuX5yOpZXLk9VipTpZWV07u1heWaqevbA4O188WxzsYWwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0K3K6trC5nipuJwmZksSPU4sfFbvh59LeyT2logr9f7b1z1/evIPv0l32tcAY2h7lBjty9gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DD4MQAA//+KvR+l") write$cgroup_int(0xffffffffffffffff, &(0x7f0000000000), 0xffffff6a) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.numa_stat\x00', 0x275a, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0x8004587d, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x4}) quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0x0, 0x0) 4.24248545s ago: executing program 2 (id=1557): bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0) r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000a3b370086d04ae085811010203010902d61c17c30000000904000601096e7e0009050c000000000000"], 0x0) syz_usb_disconnect(r0) r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000001c0)=ANY=[], 0x0) syz_usb_control_io$hid(r1, 0x0, 0x0) 4.152677181s ago: executing program 3 (id=1559): r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$EVIOCGMASK(r1, 0x80015b1b, 0x0) 3.839271595s ago: executing program 5 (id=1560): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0xa0, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x69, 0xe, {{{}, {}, @broadcast, @device_b}, 0x0, @default, 0x0, @val={0x0, 0x6, @default_ibss_ssid}, @void, @void, @val={0x4, 0x6, {0x0, 0xff}}, @void, @val={0x5, 0x3}, @val={0x25, 0x3}, @val={0x2a, 0x1}, @void, @val={0x2d, 0x1a}, @void, @void, @val={0x76, 0x6}}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, @random=0x400}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x10000}]}, 0xa0}}, 0x0) 3.553100556s ago: executing program 0 (id=1561): bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x3000490, &(0x7f0000000380), 0x45, 0x7ac, &(0x7f0000000f80)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRiSc2yxWgtHK63RrowlRGITArkEkpBbcvE5Py8h1/w45JL8H8HGSWQThxyCwuwPaWXtyru2tGvHnw+M9d7MG733nTf75mlnvBvAU2sy/ScTcSwiXksixuvrk4gYrKayEbO1cvc2N/LpksTW1jPfJtUydzc38tG0T+pIPfP7iPjs5YgTmb31ltfWF+eKxcJKPT9VWbo8VV5bP3lpaW6hsFBYPj09M3PqzN/OnD64WL//av3ordf/++f3Z3986XcfvPp5ErNxtL6tOY6DMhmT9WMymB7CXf5z0JX1zUcvdFCo6QzIHmZj6FLaMQP1XjkW4zGwX/+M9rJlAMBheTEittoZaLsFAHiiJbXr/7/63Q4AoFca7wPc3dzIN5b+viPRW7f/HREjtfgb9zdrW7L1e3Yj1fugY3eTXXdGkoiYOID6JyPi7Y+fezdd4pDuQwK0cu16RFyYmNw7/id7nlno1l9ar15ozkzet9H4B73zSTr/+Xur+V9me/4TLeY/wy1euw/jwa//zM0DqKatdP73z6Zn2+41xV83MVDP/ao65xtMLl4qFtKx7dcRcTwGh9P89D51HL/z051225rnf9+98fw7af3pz50SmZvZ4d37zM9V5h4l5ma3r0f8Idsq/nT8H672f9Jm/nuuwzr+949X3mq3LY0/jbex7I3/cG3diPhTy/5Ptssk+z6fOFU9HaYaJ0ULH87GWLv6J7M7/Z8uaf2NvwV6Ie3/sf3jn0ian9csd/yrt58W+/LG+KftCjWf/63jb33+DyXPVtND9XVX5yqVlemIoeT/e9ef2tm3kW+UT+M//sfWr//G+Nfq/E//JrzQ4YHI3vrmvYeP/3Cl8c931f9dJ2Lk3uJAu/o76/+ZXft0Mv512sCHPW4AAAAAAAAAAAAAAAAAAAAAAAAA0I1MRByNJJPbTmcyuVztO7x/G2OZYqlcOXGxtLo8H9Xvyp6IwUzjoy7Hmz4Pdbr+efiN/Kn78n+NiN9ExJvDo9V8Ll8qzvc7eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACoO9Lm+/9TXw/3u3UAwKEZGeh3CwCAHkuy2X43AQDotZGuSo8eWjsAgN7p7voPAPwSuP4DwNPnAdd//w0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAR3Xu7Nl02fphcyOf5uevrK0ulq6cnC+UF3NLq/lcvrRyObdQKi0UC7l8aantL7pW+1EslS7PxPLq1alKoVyZKq+tn18qrS5Xzl9amlsonC8M9iwyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOhceW19ca5YLKxI9CWx+EWtHx6X9kh0l4hrtf57XNpzcIkY2hklRvszOAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8AX4OAAD//1N1IyI=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x2000000) close(r0) 3.302991791s ago: executing program 5 (id=1562): mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota') chdir(&(0x7f0000000080)='./file1\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='rdma.current\x00', 0x26e1, 0x0) quotactl_fd$Q_SETINFO(r0, 0xffffffff80000600, 0x0, &(0x7f0000000140)={0x0, 0x0, 0x1, 0x7}) 2.915455185s ago: executing program 5 (id=1563): r0 = socket(0x40000000015, 0x5, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000000)=0x1, 0x4) bind$inet(r0, &(0x7f00008a5ff0)={0x2, 0x0, @loopback}, 0x10) recvmmsg(r0, &(0x7f0000005680)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=""/59, 0x3b}}], 0x1, 0x0, 0x0) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x2, 0x0, @loopback}, 0x10) 2.606430166s ago: executing program 5 (id=1564): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000500), 0x4) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000001, 0x12, r0, 0x0) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) bind$bt_l2cap(r1, &(0x7f00000003c0)={0x1f, 0x8, @none, 0x6022, 0x1}, 0xe) 2.50741294s ago: executing program 0 (id=1565): r0 = userfaultfd(0x801) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000600)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4}) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000199000/0x800000)=nil, 0x800000}) 2.318760701s ago: executing program 5 (id=1566): bpf$PROG_LOAD(0x5, 0x0, 0x0) setrlimit(0x8, &(0x7f0000000080)) mlockall(0x7) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0) 1.959055549s ago: executing program 0 (id=1567): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_int(r0, 0x0, 0x15, &(0x7f0000000040)=0x3, 0x4) bind$inet(r0, &(0x7f0000000380)={0x2, 0x4e22, @empty}, 0x10) listen(r0, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote={0xac, 0x3}, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0) 1.739191674s ago: executing program 5 (id=1568): preadv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) write$UHID_CREATE(r0, &(0x7f00000002c0)={0x0, {'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f0000000240)=""/11, 0xb}}, 0x120) syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000100)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) write$UHID_INPUT2(r0, &(0x7f0000000500)=ANY=[@ANYBLOB="0c000000a9"], 0xaf) 1.678369064s ago: executing program 0 (id=1569): r0 = getpid() prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x3, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000020000000000000000000000850000008700000095"], &(0x7f0000000000)='GPL\x00'}, 0x80) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000680)={r1, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000040)="9e36d448b388dd965f7a3312779a", 0x0, 0xffffff80, 0xe8030000, 0x0, 0x0, 0x0, 0x0}, 0x50) 779.029468ms ago: executing program 3 (id=1570): r0 = open(&(0x7f0000000100)='./file0\x00', 0x80ff, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) fcntl$setlease(r0, 0x400, 0x0) fcntl$setlease(r0, 0x400, 0x2) 256.151608ms ago: executing program 3 (id=1571): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0x0) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000cc0)={0x1, r1}) 0s ago: executing program 2 (id=1572): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="8a", 0x440) r1 = accept4$alg(r0, 0x0, 0x0, 0x0) read$alg(r1, &(0x7f00000002c0)=""/82, 0x52) kernel console output (not intermixed with test programs): wn [ 290.974732][ T1817] bond0: (slave bond_slave_1): interface is now down [ 290.989062][ T1817] bond0: now running without any active interface! [ 291.102062][ T9] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 291.177951][ T1844] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 291.276599][ T7720] loop4: detected capacity change from 0 to 4096 [ 291.305256][ T9] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 291.324083][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 291.371231][ T9] usb 3-1: config 0 descriptor?? [ 291.388162][ T9] cp210x 3-1:0.0: cp210x converter detected [ 291.391754][ T1844] usb 1-1: Using ep0 maxpacket: 8 [ 291.432555][ T1844] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 291.468640][ T1844] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 291.496763][ T1844] usb 1-1: config 0 descriptor?? [ 291.823530][ T9] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 291.931561][ T9] usb 3-1: cp210x converter now attached to ttyUSB0 [ 292.071507][ T9] usb 3-1: USB disconnect, device number 7 [ 292.105917][ T7538] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 292.116374][ T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 292.165007][ T7538] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 292.186035][ T9] cp210x 3-1:0.0: device disconnected [ 292.245637][ T7538] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 292.338474][ T7538] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 292.412572][ T1844] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 292.437281][ T1844] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write GPIO value 0x00b0: ffffffb9 [ 292.492963][ T1844] asix 1-1:0.0: probe with driver asix failed with error -71 [ 292.522955][ T1844] usb 1-1: USB disconnect, device number 6 [ 292.866774][ T7538] 8021q: adding VLAN 0 to HW filter on device bond0 [ 293.050015][ T7538] 8021q: adding VLAN 0 to HW filter on device team0 [ 293.111894][ T1817] bridge0: port 1(bridge_slave_0) entered blocking state [ 293.119200][ T1817] bridge0: port 1(bridge_slave_0) entered forwarding state [ 293.129237][ T5241] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 293.197468][ T1817] bridge0: port 2(bridge_slave_1) entered blocking state [ 293.204797][ T1817] bridge0: port 2(bridge_slave_1) entered forwarding state [ 293.363876][ T5241] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 293.403817][ T5241] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 293.455233][ T5241] usb 5-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00 [ 293.510251][ T5241] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 293.555773][ T7739] loop0: detected capacity change from 0 to 64 [ 293.565891][ T5241] usb 5-1: config 0 descriptor?? [ 294.016188][ T5241] hid (null): global environment stack underflow [ 294.095575][ T5241] uclogic 0003:5543:0522.0009: global environment stack underflow [ 294.116086][ T5241] uclogic 0003:5543:0522.0009: item 0 1 1 11 parsing failed [ 294.156572][ T5241] uclogic 0003:5543:0522.0009: parse failed [ 294.184632][ T5241] uclogic 0003:5543:0522.0009: probe with driver uclogic failed with error -22 [ 294.256794][ T5241] usb 5-1: USB disconnect, device number 11 [ 294.653970][ T8] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 294.736007][ T7538] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 294.798378][ T7768] loop0: detected capacity change from 0 to 128 [ 294.874043][ T8] usb 2-1: Using ep0 maxpacket: 16 [ 294.886606][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 294.893089][ T7768] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 294.909793][ T7768] ext4 filesystem being mounted at /144/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 294.968519][ T8] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 295.024023][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 295.068779][ T8] usb 2-1: Product: syz [ 295.077564][ T8] usb 2-1: Manufacturer: syz [ 295.078180][ T7768] fscrypt (loop0, inode 12): Direct key flag not allowed with different contents and filenames modes [ 295.093053][ T8] usb 2-1: SerialNumber: syz [ 295.143145][ T8] usb 2-1: config 0 descriptor?? [ 295.202305][ T8] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 295.244745][ T8] em28xx 2-1:0.0: DVB interface 0 found: bulk [ 295.305061][ T5775] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 295.472040][ T7781] netlink: 8 bytes leftover after parsing attributes in process `syz.2.968'. [ 295.880908][ T8] em28xx 2-1:0.0: unknown em28xx chip ID (127) [ 296.146521][ T7538] veth0_vlan: entered promiscuous mode [ 296.223934][ T8] em28xx 2-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 296.242439][ T7538] veth1_vlan: entered promiscuous mode [ 296.258737][ T8] em28xx 2-1:0.0: board has no eeprom [ 296.402289][ T8] em28xx 2-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 296.431615][ T8] em28xx 2-1:0.0: dvb set to bulk mode. [ 296.437695][ T5294] em28xx 2-1:0.0: Binding DVB extension [ 296.457973][ T7538] veth0_macvtap: entered promiscuous mode [ 296.489038][ T8] usb 2-1: USB disconnect, device number 12 [ 296.537981][ T7538] veth1_macvtap: entered promiscuous mode [ 296.548538][ T8] em28xx 2-1:0.0: Disconnecting em28xx [ 296.727732][ T5294] em28xx 2-1:0.0: Registering input extension [ 296.740044][ T7538] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 296.785036][ T8] em28xx 2-1:0.0: Closing input extension [ 296.798942][ T7804] netlink: 4 bytes leftover after parsing attributes in process `syz.2.979'. [ 296.833135][ T7538] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 296.872924][ T7538] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 296.929159][ T7538] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 296.948897][ T8] em28xx 2-1:0.0: Freeing device [ 296.971892][ T7538] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 297.002927][ T7538] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.028888][ T7538] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 297.051173][ T7538] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.081544][ T7538] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 297.103988][ T7538] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.137370][ T7538] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 297.214186][ T7538] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 297.265549][ T7538] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.285649][ T7538] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 297.328747][ T7538] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.391486][ T7538] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 297.428525][ T7818] CIFS: VFS: Malformed UNC in devname [ 297.443480][ T7538] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.488971][ T7822] loop4: detected capacity change from 0 to 64 [ 297.495529][ T7538] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 297.551423][ T7538] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.569529][ T7538] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 297.612287][ T7538] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.641493][ T7538] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 297.680316][ T7538] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.735045][ T7824] loop2: detected capacity change from 0 to 2048 [ 297.754745][ T7538] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 297.775059][ T7824] EXT4-fs (loop2): stripe (1025) is not aligned with cluster size (16), stripe is disabled [ 297.839653][ T7538] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 297.881278][ T7538] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 297.918591][ T7824] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 297.935020][ T7538] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 297.951553][ T7538] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 297.990655][ T7832] Invalid/unusable pipe [ 298.235944][ T35] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 298.309997][ T35] EXT4-fs (loop2): Remounting filesystem read-only [ 298.365018][ T5934] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 298.396812][ T7841] loop0: detected capacity change from 0 to 512 [ 298.438091][ T7841] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 298.463680][ T5252] Bluetooth: hci1: command 0x0406 tx timeout [ 298.479640][ T4096] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 298.525187][ T7841] EXT4-fs (loop0): 1 truncate cleaned up [ 298.544715][ T4096] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 298.611809][ T7841] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 298.735211][ T7841] fscrypt (loop0, inode 18): Can't use IV_INO_LBLK_64 policy with contents mode other than AES-256-XTS [ 298.778413][ T4404] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 298.797403][ T4404] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 299.008829][ T5775] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 299.263517][ T7852] mkiss: ax0: crc mode is auto. [ 299.775335][ T7861] loop5: detected capacity change from 0 to 4096 [ 299.806521][ T7861] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512). [ 299.866500][ T5301] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 299.945525][ T7861] ntfs3: loop5: Inode r=b is not in use! [ 299.970672][ T7861] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 300.010805][ T7861] ntfs3: loop5: Failed to load $Extend (-116). [ 300.020913][ T7861] ntfs3: loop5: Failed to initialize $Extend. [ 300.075165][ T5301] usb 1-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65 [ 300.110620][ T5301] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 300.135415][ T5301] usb 1-1: Product: syz [ 300.141437][ T5301] usb 1-1: Manufacturer: syz [ 300.181560][ T5301] usb 1-1: SerialNumber: syz [ 300.197812][ T5301] usb 1-1: config 0 descriptor?? [ 300.496198][ T5301] cx82310_eth 1-1:0.0: probe with driver cx82310_eth failed with error -22 [ 300.842789][ T7884] loop1: detected capacity change from 0 to 2048 [ 300.919187][ T5301] cxacru 1-1:0.0: usbatm_usb_probe: bind failed: -19! [ 300.953446][ T7884] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 300.994625][ T7891] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1014'. [ 301.001430][ T7890] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1009'. [ 301.011789][ T7884] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 301.022591][ T7892] loop4: detected capacity change from 0 to 64 [ 301.230367][ T8] usb 1-1: USB disconnect, device number 7 [ 302.167722][ T7911] loop2: detected capacity change from 0 to 2048 [ 302.239392][ T7911] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found! [ 302.309106][ T7911] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 303.111562][ T1844] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 303.321676][ T1844] usb 1-1: Using ep0 maxpacket: 16 [ 303.359499][ T1844] usb 1-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3 [ 303.427380][ T1844] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 303.439314][ T1844] usb 1-1: Product: syz [ 303.457018][ T1844] usb 1-1: Manufacturer: syz [ 303.466483][ T7934] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1032'. [ 303.481542][ T1844] usb 1-1: SerialNumber: syz [ 303.504986][ T1844] usb 1-1: config 0 descriptor?? [ 303.957466][ T1844] dvb_usb_dtv5100 1-1:0.0: probe with driver dvb_usb_dtv5100 failed with error -71 [ 304.014243][ T1844] usb 1-1: USB disconnect, device number 8 [ 304.285794][ T7943] loop4: detected capacity change from 0 to 2048 [ 304.398498][ T7943] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 304.631636][ T29] audit: type=1800 audit(1724098423.450:8): pid=7943 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1038" name="bus" dev="loop4" ino=18 res=0 errno=0 [ 304.994913][ T5888] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 305.629215][ T7971] IPVS: persistence engine module ip_vs_pe_@ not found [ 306.073440][ T7985] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1054'. [ 306.660620][ T7997] loop1: detected capacity change from 0 to 8 [ 306.830471][ T7966] loop2: detected capacity change from 0 to 32768 [ 306.856845][ T8002] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 307.236980][ T8010] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1066'. [ 307.749997][ T8] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 307.906658][ T5293] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 307.933431][ T8023] loop4: detected capacity change from 0 to 2048 [ 307.993310][ T8] usb 4-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 307.994302][ T8025] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 308.030062][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 308.091427][ T8] usb 4-1: config 0 descriptor?? [ 308.104000][ T5293] usb 6-1: Using ep0 maxpacket: 8 [ 308.125869][ T5293] usb 6-1: New USB device found, idVendor=12d1, idProduct=fae2, bcdDevice=70.8b [ 308.165743][ T5293] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 308.177813][ T8] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 308.195445][ T5293] usb 6-1: Product: syz [ 308.210297][ T5293] usb 6-1: Manufacturer: syz [ 308.216412][ T8025] NILFS (loop4): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 308.237738][ T5293] usb 6-1: SerialNumber: syz [ 308.247242][ T8025] NILFS error (device loop4): nilfs_bmap_propagate: broken bmap (inode number=4) [ 308.283608][ T5293] usb 6-1: config 0 descriptor?? [ 308.292102][ T8025] Remounting filesystem read-only [ 308.300065][ T61] NILFS (loop4): discard dirty page: offset=4096, ino=6 [ 308.311222][ T5293] option 6-1:0.0: GSM modem (1-port) converter detected [ 308.332979][ T61] NILFS (loop4): discard dirty block: blocknr=39, size=1024 [ 308.385251][ T61] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 308.431907][ T61] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 308.440821][ T61] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 308.465723][ T8031] loop2: detected capacity change from 0 to 128 [ 308.490132][ T61] NILFS (loop4): discard dirty page: offset=0, ino=2 [ 308.522081][ T61] NILFS (loop4): discard dirty block: blocknr=18, size=1024 [ 308.532952][ T61] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 308.572083][ T61] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 308.591196][ T61] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 308.611619][ T61] NILFS (loop4): discard dirty page: offset=0, ino=5 [ 308.639200][ T61] NILFS (loop4): discard dirty block: blocknr=41, size=1024 [ 308.652256][ T61] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 308.685772][ T8031] sysv_count_free_blocks: >flc_size entries in free-list block [ 308.697154][ T5293] usb 6-1: USB disconnect, device number 3 [ 308.703083][ T61] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 308.703124][ T61] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 308.703241][ T61] NILFS (loop4): discard dirty page: offset=0, ino=3 [ 308.703276][ T61] NILFS (loop4): discard dirty block: blocknr=42, size=1024 [ 308.703310][ T61] NILFS (loop4): discard dirty block: blocknr=43, size=1024 [ 308.703344][ T61] NILFS (loop4): discard dirty block: blocknr=44, size=1024 [ 308.703390][ T61] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 308.703435][ T61] NILFS (loop4): discard dirty page: offset=196608, ino=3 [ 308.729388][ T5293] option 6-1:0.0: device disconnected [ 308.798781][ T61] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 308.813793][ T61] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 308.825293][ T61] NILFS (loop4): discard dirty block: blocknr=49, size=1024 [ 308.825478][ T8031] sysv_count_free_inodes: unable to read inode table [ 308.833382][ T61] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 308.833989][ T61] NILFS (loop4): discard dirty page: offset=0, ino=4 [ 308.863450][ T61] NILFS (loop4): discard dirty block: blocknr=40, size=1024 [ 308.867723][ T8031] sysv_count_free_blocks: >flc_size entries in free-list block [ 308.875684][ T61] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 308.890008][ T61] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 308.913050][ T8031] sysv_count_free_inodes: unable to read inode table [ 308.925237][ T61] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 308.983176][ T8029] NILFS (loop4): mounting fs with errors [ 309.054919][ T8] usb 4-1: USB disconnect, device number 11 [ 309.098305][ T5934] sysv_free_block: flc_count > flc_size [ 309.144648][ T8025] NILFS (loop4): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 309.155796][ T5934] sysv_free_block: flc_count > flc_size [ 309.174370][ T5934] sysv_free_block: flc_count > flc_size [ 309.183335][ T8025] NILFS error (device loop4): nilfs_bmap_propagate: broken bmap (inode number=4) [ 309.194341][ T8025] Remounting filesystem read-only [ 309.199569][ T4096] NILFS (loop4): discard dirty page: offset=0, ino=5 [ 309.216688][ T4096] NILFS (loop4): discard dirty block: blocknr=41, size=1024 [ 309.218631][ T5934] sysv_free_block: flc_count > flc_size [ 309.229619][ T5934] sysv_free_block: flc_count > flc_size [ 309.238405][ T4096] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 309.252301][ T5934] sysv_free_block: flc_count > flc_size [ 309.257876][ T5934] sysv_free_block: flc_count > flc_size [ 309.266701][ T4096] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 309.271481][ T5934] sysv_free_block: flc_count > flc_size [ 309.294728][ T5934] sysv_free_block: flc_count > flc_size [ 309.300316][ T5934] sysv_free_block: flc_count > flc_size [ 309.307246][ T4096] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 309.307334][ T4096] NILFS (loop4): discard dirty page: offset=0, ino=3 [ 309.307376][ T4096] NILFS (loop4): discard dirty block: blocknr=42, size=1024 [ 309.307409][ T4096] NILFS (loop4): discard dirty block: blocknr=43, size=1024 [ 309.307441][ T4096] NILFS (loop4): discard dirty block: blocknr=44, size=1024 [ 309.307472][ T4096] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 309.307530][ T4096] NILFS (loop4): discard dirty page: offset=0, ino=4 [ 309.307562][ T4096] NILFS (loop4): discard dirty block: blocknr=40, size=1024 [ 309.307593][ T4096] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 309.307627][ T4096] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 309.307660][ T4096] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024 [ 309.382853][ T5888] NILFS (loop4): disposed unprocessed dirty file(s) when stopping log writer [ 309.383531][ T5888] NILFS (loop4): discard dirty page: offset=0, ino=6 [ 309.383568][ T5888] NILFS (loop4): discard dirty block: blocknr=35, size=1024 [ 309.383602][ T5888] NILFS (loop4): discard dirty block: blocknr=36, size=1024 [ 309.383637][ T5888] NILFS (loop4): discard dirty block: blocknr=37, size=1024 [ 309.383671][ T5888] NILFS (loop4): discard dirty block: blocknr=38, size=1024 [ 309.645044][ T5934] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 310.580393][ T8067] loop1: detected capacity change from 0 to 8 [ 310.625159][ T8068] netlink: 'syz.2.1092': attribute type 10 has an invalid length. [ 310.749452][ T8068] team0: Port device netdevsim0 added [ 310.765103][ T8067] SQUASHFS error: zlib decompression failed, data probably corrupt [ 310.819658][ T8071] netlink: 'syz.2.1092': attribute type 10 has an invalid length. [ 310.833738][ T8067] SQUASHFS error: Failed to read block 0x13e: -5 [ 310.867532][ T8075] SQUASHFS error: Unable to read metadata cache entry [13c] [ 310.887504][ T8074] loop0: detected capacity change from 0 to 2048 [ 310.894371][ T8067] SQUASHFS error: Unable to read metadata cache entry [13c] [ 310.921730][ T8075] SQUASHFS error: Unable to read directory block [13c:26] [ 310.961817][ T8067] SQUASHFS error: Unable to read directory block [13c:26] [ 310.981884][ T8076] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 311.079137][ T29] audit: type=1800 audit(1724098429.890:9): pid=8074 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1094" name="bus" dev="loop0" ino=2097152 res=0 errno=0 [ 311.626865][ T8090] loop2: detected capacity change from 0 to 128 [ 311.674181][ T8090] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 311.793484][ T8090] ext4 filesystem being mounted at /150/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 311.865623][ T8096] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1102'. [ 312.091494][ T8102] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1105'. [ 312.159976][ T5934] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 312.331978][ T5301] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 312.436632][ T8113] ip6t_REJECT: ECHOREPLY is not supported [ 312.551619][ T5301] usb 2-1: Using ep0 maxpacket: 8 [ 312.624028][ T5301] usb 2-1: config 0 has an invalid descriptor of length 97, skipping remainder of the config [ 312.647120][ T5301] usb 2-1: New USB device found, idVendor=0e8d, idProduct=2000, bcdDevice=21.c6 [ 312.672887][ T5301] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 312.707899][ T5301] usb 2-1: config 0 descriptor?? [ 312.891345][ T8121] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1114'. [ 312.962037][ T5301] usb 2-1: USB disconnect, device number 13 [ 312.998509][ T8123] mkiss: ax0: crc mode is auto. [ 313.444150][ T8135] loop5: detected capacity change from 0 to 64 [ 313.537968][ T8136] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1119'. [ 313.592505][ T8138] loop0: detected capacity change from 0 to 1024 [ 313.621357][ T8136] openvswitch: netlink: IP tunnel attribute has 3048 unknown bytes. [ 313.711666][ T937] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 313.726865][ T8140] loop1: detected capacity change from 0 to 64 [ 313.945418][ T937] usb 3-1: config 0 has an invalid interface number: 32 but max is 0 [ 313.954096][ T937] usb 3-1: config 0 has no interface number 0 [ 313.965246][ T937] usb 3-1: config 0 interface 32 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 314.023783][ T937] usb 3-1: config 0 interface 32 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 314.062418][ T937] usb 3-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00 [ 314.113688][ T937] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 314.155103][ T937] usb 3-1: config 0 descriptor?? [ 314.625131][ T937] logitech-djreceiver 0003:046D:C71B.000A: hidraw0: USB HID v0.00 Device [HID 046d:c71b] on usb-dummy_hcd.2-1/input32 [ 314.875324][ T937] usb 3-1: USB disconnect, device number 8 [ 314.982484][ T8163] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1134'. [ 315.565657][ T8169] loop0: detected capacity change from 0 to 4096 [ 315.602627][ T8169] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 315.748185][ T8166] mkiss: ax0: crc mode is auto. [ 315.845308][ T8169] ntfs3: loop0: Inode r=b is not in use! [ 315.865215][ T8169] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 315.894553][ T8169] ntfs3: loop0: Failed to load $Extend (-116). [ 315.925860][ T8169] ntfs3: loop0: Failed to initialize $Extend. [ 316.514356][ T8189] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1147'. [ 316.658249][ T8182] loop5: detected capacity change from 0 to 8192 [ 316.697243][ T5294] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 316.737011][ T8182] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 316.902020][ T5294] usb 2-1: Using ep0 maxpacket: 8 [ 316.929054][ T5294] usb 2-1: config 150 has an invalid interface number: 204 but max is 1 [ 316.966941][ T5294] usb 2-1: config 150 has no interface number 0 [ 316.994278][ T5294] usb 2-1: config 150 interface 204 has no altsetting 0 [ 317.023947][ T5294] usb 2-1: config 150 interface 1 has no altsetting 0 [ 317.058326][ T5294] usb 2-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb [ 317.087607][ T5294] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 317.118088][ T5294] usb 2-1: Product: syz [ 317.145786][ T5294] usb 2-1: Manufacturer: syz [ 317.177347][ T5294] usb 2-1: SerialNumber: syz [ 317.465873][ T5294] xr_serial 2-1:150.204: xr_serial converter detected [ 317.565589][ T8208] loop5: detected capacity change from 0 to 512 [ 317.658736][ T8208] EXT4-fs (loop5): 1 truncate cleaned up [ 317.720156][ T8208] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 317.746172][ T8216] loop0: detected capacity change from 0 to 1024 [ 317.931880][ T5424] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 318.018335][ T7538] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 318.073925][ T5294] xr_serial ttyUSB0: Failed to set reg 0x0d: -71 [ 318.080431][ T5294] xr_serial ttyUSB0: probe with driver xr_serial failed with error -71 [ 318.146419][ T5424] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 318.154428][ T5294] usb 2-1: USB disconnect, device number 14 [ 318.182624][ T5424] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 318.207086][ T5294] xr_serial 2-1:150.204: device disconnected [ 318.225454][ T5424] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 318.236220][ T8220] loop2: detected capacity change from 0 to 4096 [ 318.282067][ T5424] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 318.311817][ T5424] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 318.313574][ T8220] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 318.353029][ T5424] usb 5-1: config 0 descriptor?? [ 318.360743][ T8224] netlink: 'syz.0.1161': attribute type 21 has an invalid length. [ 318.409678][ T8224] netlink: 'syz.0.1161': attribute type 16 has an invalid length. [ 318.434844][ T8220] ntfs3: loop2: Inode r=b is not in use! [ 318.450728][ T8224] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1161'. [ 318.460371][ T8220] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 318.468508][ T8220] ntfs3: loop2: Failed to load $Extend (-116). [ 318.481607][ T8220] ntfs3: loop2: Failed to initialize $Extend. [ 318.831683][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 318.861914][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 318.869367][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 318.912961][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 318.956980][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 318.992958][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.019686][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.031756][ T8232] netlink: 'syz.2.1164': attribute type 1 has an invalid length. [ 319.056762][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.074897][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.084560][ T8231] loop1: detected capacity change from 0 to 2048 [ 319.104136][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.122502][ T8234] netlink: 'syz.5.1166': attribute type 10 has an invalid length. [ 319.139204][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.143211][ T8231] EXT4-fs: Ignoring removed orlov option [ 319.178518][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.221104][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.227498][ T8234] team0: Port device netdevsim0 added [ 319.251632][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.259105][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.269992][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.281837][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.289260][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.299142][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.306658][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.317126][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.319878][ T8231] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 319.325887][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.325979][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.326019][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.326059][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.326099][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.326139][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.326179][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.326219][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.326259][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.326299][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.326338][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.326378][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.326418][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.326457][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.326497][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.326537][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.326577][ T5424] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 319.328987][ T5424] plantronics 0003:047F:FFFF.000B: No inputs registered, leaving [ 319.403045][ T8237] netlink: 'syz.5.1166': attribute type 10 has an invalid length. [ 319.461057][ T5424] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw0: USB HID v0.00 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 319.612424][ T5424] usb 5-1: USB disconnect, device number 12 [ 319.796197][ T6034] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 320.058499][ T8253] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1173'. [ 320.084069][ T8253] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1173'. [ 320.551210][ T8263] loop4: detected capacity change from 0 to 64 [ 320.690681][ T8261] loop2: detected capacity change from 0 to 4096 [ 320.804077][ T8261] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 320.930136][ T8261] ntfs3: loop2: Failed to load $Extend (-22). [ 320.959317][ T8261] ntfs3: loop2: Failed to initialize $Extend. [ 321.635813][ T8286] loop4: detected capacity change from 0 to 128 [ 321.674193][ T8286] EXT4-fs: Ignoring removed nobh option [ 321.724107][ T8286] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 321.748284][ T8286] ext4 filesystem being mounted at /157/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 322.145653][ T8297] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1194'. [ 322.157964][ T5888] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 322.203868][ T8301] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1196'. [ 322.463399][ T8306] loop2: detected capacity change from 0 to 512 [ 322.554759][ T8306] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #15: comm syz.2.1198: casefold flag without casefold feature [ 322.611818][ T8314] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1201'. [ 322.636450][ T8306] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.1198: couldn't read orphan inode 15 (err -117) [ 322.639206][ T8306] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 322.754842][ T937] usb 5-1: new full-speed USB device number 13 using dummy_hcd [ 322.960965][ T5934] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 322.982339][ T937] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 520, setting to 64 [ 323.003375][ T937] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 6 [ 323.072598][ T937] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 323.103865][ T937] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 323.145862][ T937] usb 5-1: SerialNumber: syz [ 323.202517][ T8307] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 323.485040][ T8307] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 323.698235][ T8339] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1212'. [ 323.744811][ T8339] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1212'. [ 324.040390][ T8346] loop1: detected capacity change from 0 to 2048 [ 324.125576][ T937] cdc_ether 5-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.4-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 324.133530][ T8351] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 324.175996][ T8350] tipc: Started in network mode [ 324.211570][ T8350] tipc: Node identity ac1414aa, cluster identity 4711 [ 324.226269][ T937] usb 5-1: USB disconnect, device number 13 [ 324.258161][ T8346] NILFS error (device loop1): nilfs_check_folio: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, name_len=0 [ 324.273029][ T8350] tipc: New replicast peer: 100.1.1.1 [ 324.285133][ T8350] tipc: Enabled bearer , priority 10 [ 324.294451][ T937] cdc_ether 5-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.4-1, CDC Ethernet Device [ 324.349997][ T8346] Remounting filesystem read-only [ 324.370156][ T8346] NILFS error (device loop1): nilfs_readdir: bad page in #2 [ 324.711125][ T8357] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1220'. [ 324.740603][ T8357] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1220'. [ 324.747941][ T8361] loop5: detected capacity change from 0 to 64 [ 324.783001][ T5301] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 324.992996][ T5301] usb 3-1: Using ep0 maxpacket: 8 [ 325.007583][ T5301] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 325.029202][ T5301] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 325.053635][ T5301] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 325.075530][ T5301] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 325.086784][ T8363] loop1: detected capacity change from 0 to 256 [ 325.124700][ T5301] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 325.176057][ T8363] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 325.177531][ T5301] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 325.284321][ T5293] tipc: Node number set to 2886997162 [ 325.490590][ T5301] usb 3-1: GET_CAPABILITIES returned 0 [ 325.539776][ T5301] usbtmc 3-1:16.0: can't read capabilities [ 325.735731][ T8] usb 3-1: USB disconnect, device number 9 [ 325.945328][ T937] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 325.963632][ T8375] loop4: detected capacity change from 0 to 4096 [ 326.003074][ T8375] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 326.101177][ T8375] ntfs3: loop4: Inode r=b is not in use! [ 326.118009][ T8375] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 326.141647][ T8375] ntfs3: loop4: Failed to load $Extend (-116). [ 326.147279][ T937] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 326.147875][ T8375] ntfs3: loop4: Failed to initialize $Extend. [ 326.170726][ T937] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 326.230022][ T937] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 326.248174][ T937] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 326.249558][ T8384] binder: 8383:8384 ioctl 40046205 0 returned -22 [ 326.305417][ T937] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 326.337785][ T937] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 326.354104][ T937] usb 2-1: Manufacturer: syz [ 326.388569][ T937] usb 2-1: config 0 descriptor?? [ 326.835968][ T937] appleir 0003:05AC:8243.000C: unknown main item tag 0x0 [ 326.853322][ T937] appleir 0003:05AC:8243.000C: No inputs registered, leaving [ 326.910752][ T937] appleir 0003:05AC:8243.000C: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0 [ 327.031405][ T8390] loop0: detected capacity change from 0 to 512 [ 327.063040][ T8390] EXT4-fs: Ignoring removed bh option [ 327.083964][ T8390] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 327.121293][ T1264] ieee802154 phy0 wpan0: encryption failed: -22 [ 327.129920][ T1264] ieee802154 phy1 wpan1: encryption failed: -22 [ 327.137622][ T937] usb 2-1: USB disconnect, device number 15 [ 327.162410][ T8390] EXT4-fs (loop0): 1 truncate cleaned up [ 327.187273][ T8390] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 327.302773][ T5775] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 327.413593][ T5301] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 327.634637][ T5301] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 327.634824][ T8398] loop0: detected capacity change from 0 to 512 [ 327.671766][ T5301] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 327.693464][ T5301] usb 6-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00 [ 327.725004][ T5301] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 327.752338][ T8398] EXT4-fs error (device loop0): mb_free_blocks:1945: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 327.816091][ T5301] usb 6-1: config 0 descriptor?? [ 327.865072][ T8398] EXT4-fs (loop0): Remounting filesystem read-only [ 327.898184][ T8398] EXT4-fs (loop0): 1 truncate cleaned up [ 327.930843][ T8398] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 328.078075][ T8398] overlayfs: failed to get redirect (-5) [ 328.231852][ T937] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 328.296893][ T5301] hid-steam 0003:28DE:1142.000D: : USB HID v0.40 Device [HID 28de:1142] on usb-dummy_hcd.5-1/input0 [ 328.421593][ T5301] hid-steam 0003:28DE:1142.000D: Steam wireless receiver connected [ 328.461617][ T937] usb 3-1: Using ep0 maxpacket: 8 [ 328.492524][ T937] usb 3-1: New USB device found, idVendor=12d1, idProduct=fae2, bcdDevice=70.8b [ 328.533939][ T937] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 328.550457][ T5301] hid-steam 0003:28DE:1142.000E: hidraw0: USB HID v0.40 Device [HID 28de:1142] on usb-dummy_hcd.5-1/input0 [ 328.565208][ T937] usb 3-1: Product: syz [ 328.569413][ T937] usb 3-1: Manufacturer: syz [ 328.611682][ T937] usb 3-1: SerialNumber: syz [ 328.644904][ T937] usb 3-1: config 0 descriptor?? [ 328.665466][ T5301] usb 6-1: USB disconnect, device number 4 [ 328.677531][ T937] option 3-1:0.0: GSM modem (1-port) converter detected [ 328.726774][ T5301] hid-steam 0003:28DE:1142.000D: Steam wireless receiver disconnected [ 328.824433][ T5775] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 329.057645][ T61] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 329.092449][ T937] usb 3-1: USB disconnect, device number 10 [ 329.115300][ T937] option 3-1:0.0: device disconnected [ 329.193695][ T54] Bluetooth: hci6: command 0x0406 tx timeout [ 329.379934][ T61] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 329.638896][ T61] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 330.078447][ T61] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 330.224853][ T8426] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1252'. [ 330.261932][ T8428] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1252'. [ 330.555350][ T8432] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1252'. [ 330.573386][ T8430] loop2: detected capacity change from 0 to 8192 [ 330.599048][ T8430] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 330.663825][ T29] audit: type=1800 audit(1724098449.490:10): pid=8430 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1255" name="file0" dev="loop2" ino=1048637 res=0 errno=0 [ 330.768557][ T8430] FAT-fs (loop2): error, clusters badly computed (1 != 30720) [ 330.783901][ T29] audit: type=1804 audit(1724098449.510:11): pid=8430 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1255" name="/newroot/172/file0/file0" dev="loop2" ino=1048637 res=1 errno=0 [ 330.840173][ T8430] FAT-fs (loop2): Filesystem has been set read-only [ 330.907577][ T29] audit: type=1800 audit(1724098449.510:12): pid=8430 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1255" name="file0" dev="loop2" ino=1048637 res=0 errno=0 [ 330.921727][ T8430] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 331.009699][ T8439] loop5: detected capacity change from 0 to 256 [ 331.088924][ T8439] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x3419d30c, utbl_chksum : 0xe619d30d) [ 331.331208][ T54] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 331.345400][ T54] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 331.365100][ T61] bridge_slave_1: left allmulticast mode [ 331.370823][ T61] bridge_slave_1: left promiscuous mode [ 331.384737][ T54] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 331.415116][ T54] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 331.441042][ T54] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 331.464131][ T54] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 331.469419][ T61] bridge0: port 2(bridge_slave_1) entered disabled state [ 331.608872][ T61] bridge_slave_0: left allmulticast mode [ 331.653694][ T61] bridge0: port 1(bridge_slave_0) entered disabled state [ 332.074232][ T9] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 332.242939][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 332.309540][ T9] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 332.325634][ T9] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 332.341535][ T9] usb 2-1: config 1 has no interface number 0 [ 332.351532][ T9] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 332.372584][ T9] usb 2-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 332.405355][ T9] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 332.428494][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 332.438903][ T9] usb 2-1: Product: syz [ 332.443389][ T9] usb 2-1: Manufacturer: syz [ 332.448064][ T9] usb 2-1: SerialNumber: syz [ 332.727318][ T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 332.748258][ T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 332.763207][ T61] bond0 (unregistering): Released all slaves [ 332.783932][ T5293] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 333.009425][ T61] tipc: Disabling bearer [ 333.023234][ T61] tipc: Left network mode [ 333.049899][ T5293] usb 5-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 333.072257][ T5293] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 333.090300][ T5293] usb 5-1: Product: syz [ 333.126932][ T5293] usb 5-1: Manufacturer: syz [ 333.137183][ T5293] usb 5-1: SerialNumber: syz [ 333.184880][ T5293] r8152-cfgselector 5-1: Unknown version 0x0000 [ 333.206751][ T5293] r8152-cfgselector 5-1: config 0 descriptor?? [ 333.305231][ T9] cdc_ncm 2-1:1.1: bind() failure [ 333.365015][ T9] usb 2-1: USB disconnect, device number 16 [ 333.475116][ T8463] loop2: detected capacity change from 0 to 1024 [ 333.556156][ T8463] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 333.583532][ T5252] Bluetooth: hci2: command tx timeout [ 333.671364][ T8463] EXT4-fs error (device loop2): ext4_xattr_ibody_list:797: inode #2: comm syz.2.1269: corrupted in-inode xattr: bad e_name length [ 333.723416][ T8463] EXT4-fs (loop2): Remounting filesystem read-only [ 333.824405][ T5241] r8152-cfgselector 5-1: USB disconnect, device number 14 [ 334.528163][ T5934] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 334.581658][ T61] hsr_slave_0: left promiscuous mode [ 334.636813][ T8492] loop4: detected capacity change from 0 to 256 [ 334.654342][ T8492] exFAT-fs (loop4): failed to load alloc-bitmap [ 334.660641][ T61] hsr_slave_1: left promiscuous mode [ 334.667525][ T5424] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 334.675920][ T8492] exFAT-fs (loop4): failed to recognize exfat type [ 334.712204][ T61] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 334.731497][ T61] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 334.765333][ T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 334.795149][ T61] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 334.873018][ T5424] usb 6-1: Using ep0 maxpacket: 16 [ 334.875946][ T61] veth1_macvtap: left promiscuous mode [ 334.886693][ T5424] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 334.907681][ T61] veth0_macvtap: left promiscuous mode [ 334.924182][ T61] veth1_vlan: left promiscuous mode [ 334.927315][ T5424] usb 6-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=90.c4 [ 334.929626][ T61] veth0_vlan: left promiscuous mode [ 334.950701][ T5424] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 334.969528][ T5424] usb 6-1: Product: syz [ 334.974026][ T5424] usb 6-1: Manufacturer: syz [ 334.978731][ T5424] usb 6-1: SerialNumber: syz [ 334.990107][ T5424] usb 6-1: config 0 descriptor?? [ 335.044081][ T9] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 335.240951][ T9] usb 2-1: config 0 has an invalid interface number: 32 but max is 0 [ 335.258970][ T9] usb 2-1: config 0 has no interface number 0 [ 335.298218][ T9] usb 2-1: config 0 interface 32 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 335.340360][ T9] usb 2-1: config 0 interface 32 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 335.374235][ T9] usb 2-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00 [ 335.409094][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 335.436170][ T9] usb 2-1: config 0 descriptor?? [ 335.519569][ T5424] usb 6-1: Found UVC 0.00 device syz (045e:0721) [ 335.541187][ T5424] usb 6-1: No valid video chain found. [ 335.668472][ T5252] Bluetooth: hci2: command tx timeout [ 335.793428][ T5301] usb 6-1: USB disconnect, device number 5 [ 335.938911][ T9] logitech-djreceiver 0003:046D:C71B.000F: hidraw0: USB HID v0.00 Device [HID 046d:c71b] on usb-dummy_hcd.1-1/input32 [ 336.270893][ T8] usb 2-1: USB disconnect, device number 17 [ 336.346373][ T9] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 336.390855][ T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 336.404445][ T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 336.416691][ T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 336.450472][ T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 336.459199][ T54] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 336.477407][ T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 336.573848][ T9] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 336.607722][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 336.649594][ T9] usb 5-1: Product: syz [ 336.656312][ T9] usb 5-1: Manufacturer: syz [ 336.666308][ T9] usb 5-1: SerialNumber: syz [ 336.676886][ T8510] loop5: detected capacity change from 0 to 2048 [ 336.740232][ T9] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 336.768136][ T8510] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 336.888459][ T8509] EXT4-fs error (device loop5): ext4_validate_block_bitmap:440: comm syz.5.1289: bg 0: block 234: padding at end of block bitmap is not set [ 336.890939][ T937] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 336.952200][ T8509] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 117 [ 336.970758][ T8509] EXT4-fs (loop5): This should not happen!! Data will be lost [ 336.970758][ T8509] [ 337.109207][ T7538] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 337.144885][ T61] team0 (unregistering): Port device team_slave_1 removed [ 337.389686][ T61] team0 (unregistering): Port device team_slave_0 removed [ 337.746319][ T5252] Bluetooth: hci2: command tx timeout [ 337.991508][ T937] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 338.012746][ T937] ath9k_htc: Failed to initialize the device [ 338.123811][ T937] usb 5-1: ath9k_htc: USB layer deinitialized [ 338.134958][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 338.545863][ T5252] Bluetooth: hci0: command tx timeout [ 339.316447][ T5241] usb 5-1: USB disconnect, device number 15 [ 339.397761][ T8530] loop1: detected capacity change from 0 to 512 [ 339.403167][ T8442] chnl_net:caif_netlink_parms(): no params data found [ 339.450278][ T8534] loop4: detected capacity change from 0 to 256 [ 339.460619][ T8530] EXT4-fs error (device loop1): ext4_free_branches:1027: inode #11: comm syz.1.1297: invalid indirect mapped block 256 (level 2) [ 339.477857][ T8534] exfat: Deprecated parameter 'namecase' [ 339.484049][ T8534] exfat: Deprecated parameter 'utf8' [ 339.512503][ T8530] EXT4-fs (loop1): 2 truncates cleaned up [ 339.529949][ T8530] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 339.623266][ T8534] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 339.713214][ T6034] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 339.821960][ T5252] Bluetooth: hci2: command tx timeout [ 340.162197][ T8548] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1303'. [ 340.172320][ T8] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 340.314648][ T8442] bridge0: port 1(bridge_slave_0) entered blocking state [ 340.337172][ T8442] bridge0: port 1(bridge_slave_0) entered disabled state [ 340.373163][ T8442] bridge_slave_0: entered allmulticast mode [ 340.384261][ T8] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 340.424823][ T8442] bridge_slave_0: entered promiscuous mode [ 340.430757][ T8] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 340.496414][ T8] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 340.511202][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 340.519894][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 340.608702][ T8] usb 6-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 340.622926][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 340.623135][ T5252] Bluetooth: hci0: command tx timeout [ 340.686833][ T8] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 340.697349][ T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 340.698554][ T8561] loop3: detected capacity change from 0 to 256 [ 340.719195][ T8] usb 6-1: Product: syz [ 340.723494][ T8] usb 6-1: Manufacturer: syz [ 340.728255][ T8] usb 6-1: SerialNumber: syz [ 340.773100][ T8442] bridge0: port 2(bridge_slave_1) entered blocking state [ 340.790613][ T8442] bridge0: port 2(bridge_slave_1) entered disabled state [ 340.817197][ T8442] bridge_slave_1: entered allmulticast mode [ 340.844829][ T8442] bridge_slave_1: entered promiscuous mode [ 340.889028][ T5424] usb 2-1: new full-speed USB device number 18 using dummy_hcd [ 341.007290][ T8563] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 341.136910][ T5424] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 520, setting to 64 [ 341.170295][ T5424] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 6 [ 341.189019][ T8442] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 341.210972][ T5424] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 341.224823][ T5424] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 341.233775][ T5424] usb 2-1: SerialNumber: syz [ 341.248858][ T8442] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 341.267960][ T8559] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 341.485831][ T8442] team0: Port device team_slave_0 added [ 341.544937][ T8559] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 341.590453][ T8442] team0: Port device team_slave_1 added [ 341.630084][ T8505] chnl_net:caif_netlink_parms(): no params data found [ 341.802523][ T61] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 341.820730][ T8] cdc_ncm 6-1:1.0: bind() failure [ 341.851509][ T61] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 341.875852][ T8] cdc_ncm 6-1:1.1: probe with driver cdc_ncm failed with error -71 [ 341.898929][ T8] cdc_mbim 6-1:1.1: probe with driver cdc_mbim failed with error -71 [ 341.920065][ T8] usbtest 6-1:1.1: probe with driver usbtest failed with error -71 [ 341.976986][ T8] usb 6-1: USB disconnect, device number 6 [ 342.129395][ T8580] loop3: detected capacity change from 0 to 256 [ 342.232996][ T61] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 342.245001][ T61] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 342.314793][ T8442] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 342.322410][ T5424] cdc_ether 2-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.1-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 342.343204][ T8442] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 342.394635][ T5424] usb 2-1: USB disconnect, device number 18 [ 342.409485][ T8442] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 342.413304][ T5424] cdc_ether 2-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.1-1, CDC Ethernet Device [ 342.620529][ T61] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 342.643645][ T61] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 342.704836][ T8442] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 342.711728][ T5252] Bluetooth: hci0: command tx timeout [ 342.738215][ T8442] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 342.877144][ T8442] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 343.058200][ T8586] loop4: detected capacity change from 0 to 1024 [ 343.133806][ T8586] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 343.205009][ T8586] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 343.228188][ T61] team0: Port device netdevsim0 removed [ 343.258728][ T61] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 343.281711][ T61] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 343.324407][ T8598] loop1: detected capacity change from 0 to 64 [ 343.444392][ T8602] loop5: detected capacity change from 0 to 64 [ 343.518234][ T5888] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 343.645340][ T8604] netlink: 368 bytes leftover after parsing attributes in process `syz.3.1321'. [ 343.751325][ T8606] loop5: detected capacity change from 0 to 256 [ 343.803076][ T8606] exFAT-fs (loop5): failed to load alloc-bitmap [ 343.809416][ T8606] exFAT-fs (loop5): failed to recognize exfat type [ 343.857264][ T8442] hsr_slave_0: entered promiscuous mode [ 343.932783][ T8442] hsr_slave_1: entered promiscuous mode [ 343.998049][ T8442] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 344.042118][ T8442] Cannot create hsr debugfs directory [ 344.327154][ T8505] bridge0: port 1(bridge_slave_0) entered blocking state [ 344.367236][ T8505] bridge0: port 1(bridge_slave_0) entered disabled state [ 344.391876][ T8505] bridge_slave_0: entered allmulticast mode [ 344.415056][ T8505] bridge_slave_0: entered promiscuous mode [ 344.786403][ T5252] Bluetooth: hci0: command tx timeout [ 344.824144][ T8505] bridge0: port 2(bridge_slave_1) entered blocking state [ 344.847455][ T8505] bridge0: port 2(bridge_slave_1) entered disabled state [ 344.903311][ T8505] bridge_slave_1: entered allmulticast mode [ 344.932239][ T8505] bridge_slave_1: entered promiscuous mode [ 345.168275][ T8635] loop5: detected capacity change from 0 to 64 [ 345.372689][ T8505] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 345.392209][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 345.443486][ T8505] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 345.836392][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 345.913313][ T5424] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 345.987564][ T61] bridge_slave_1: left allmulticast mode [ 346.005662][ T61] bridge_slave_1: left promiscuous mode [ 346.015647][ T61] bridge0: port 2(bridge_slave_1) entered disabled state [ 346.065453][ T61] bridge_slave_0: left allmulticast mode [ 346.077150][ T61] bridge_slave_0: left promiscuous mode [ 346.092588][ T61] bridge0: port 1(bridge_slave_0) entered disabled state [ 346.112454][ T5424] usb 5-1: Using ep0 maxpacket: 16 [ 346.135301][ T61] bridge_slave_1: left allmulticast mode [ 346.150948][ T61] bridge_slave_1: left promiscuous mode [ 346.165999][ T61] bridge0: port 2(bridge_slave_1) entered disabled state [ 346.212974][ T8644] loop3: detected capacity change from 0 to 256 [ 346.213256][ T61] bridge0: port 1(bridge_slave_0) entered disabled state [ 346.238976][ T8644] exFAT-fs (loop3): failed to load alloc-bitmap [ 346.273675][ T8644] exFAT-fs (loop3): failed to recognize exfat type [ 346.362541][ T8639] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 346.474094][ T8639] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 346.569381][ T5424] usb 5-1: unable to get BOS descriptor or descriptor too short [ 346.589712][ T5424] usb 5-1: unable to read config index 0 descriptor/start: -71 [ 346.615718][ T5424] usb 5-1: can't read configurations, error -71 [ 347.262787][ T8655] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1355'. [ 347.597226][ T8663] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.1346'. [ 348.252864][ T5424] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 348.305641][ T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 348.321598][ T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 348.338041][ T61] bond0 (unregistering): Released all slaves [ 348.445161][ T5424] usb 5-1: Using ep0 maxpacket: 32 [ 348.454228][ T5424] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 348.469399][ T5424] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 348.478958][ T5424] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 348.488207][ T5424] usb 5-1: Product: syz [ 348.493303][ T5424] usb 5-1: Manufacturer: syz [ 348.498930][ T5424] usb 5-1: SerialNumber: syz [ 348.520826][ T5424] usb 5-1: config 0 descriptor?? [ 348.527729][ T8668] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 348.558015][ T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 348.573638][ T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 348.586723][ T61] bond0 (unregistering): Released all slaves [ 348.632136][ T8505] team0: Port device team_slave_0 added [ 348.645543][ T8505] team0: Port device team_slave_1 added [ 348.822903][ T5241] usb 5-1: USB disconnect, device number 18 [ 349.223863][ T8505] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 349.230864][ T8505] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 349.280725][ T8505] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 349.345993][ T8679] loop5: detected capacity change from 0 to 256 [ 349.418196][ T8505] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 349.429012][ T8679] FAT-fs (loop5): Directory bread(block 64) failed [ 349.445982][ T8679] FAT-fs (loop5): Directory bread(block 65) failed [ 349.451612][ T8505] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 349.459248][ T8679] FAT-fs (loop5): Directory bread(block 66) failed [ 349.518612][ T8505] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 349.536133][ T8679] FAT-fs (loop5): Directory bread(block 67) failed [ 349.562943][ T8679] FAT-fs (loop5): Directory bread(block 68) failed [ 349.569511][ T8679] FAT-fs (loop5): Directory bread(block 69) failed [ 349.610993][ T8679] FAT-fs (loop5): Directory bread(block 70) failed [ 349.638305][ T8679] FAT-fs (loop5): Directory bread(block 71) failed [ 349.654025][ T8684] loop4: detected capacity change from 0 to 128 [ 349.660603][ T8679] FAT-fs (loop5): Directory bread(block 72) failed [ 349.667890][ T8679] FAT-fs (loop5): Directory bread(block 73) failed [ 349.704060][ T8684] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 349.737816][ T8684] ext4 filesystem being mounted at /185/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 349.980826][ T8690] loop1: detected capacity change from 0 to 1024 [ 350.043772][ T5888] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 350.109635][ T937] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 350.114145][ T8690] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 350.263742][ T8689] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 350.296079][ T937] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 350.302061][ T8689] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 64 with error 28 [ 350.315102][ T937] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 350.328485][ T937] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 350.342485][ T937] usb 4-1: config 0 descriptor?? [ 350.347865][ T8689] EXT4-fs (loop1): This should not happen!! Data will be lost [ 350.347865][ T8689] [ 350.368399][ T8689] EXT4-fs (loop1): Total free blocks count 0 [ 350.376975][ T8689] EXT4-fs (loop1): Free/Dirty block details [ 350.384250][ T8689] EXT4-fs (loop1): free_blocks=68451041280 [ 350.390353][ T8689] EXT4-fs (loop1): dirty_blocks=64 [ 350.400979][ T8689] EXT4-fs (loop1): Block reservation details [ 350.411376][ T8689] EXT4-fs (loop1): i_reserved_data_blocks=4 [ 350.527771][ T6034] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 350.533049][ T8505] hsr_slave_0: entered promiscuous mode [ 350.576927][ T8505] hsr_slave_1: entered promiscuous mode [ 350.603626][ T8505] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 350.611335][ T8505] Cannot create hsr debugfs directory [ 351.076509][ T61] hsr_slave_0: left promiscuous mode [ 351.099845][ T61] hsr_slave_1: left promiscuous mode [ 351.125714][ T61] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 351.153229][ T61] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 351.176692][ T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 351.214190][ T61] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 351.284931][ T61] hsr_slave_0: left promiscuous mode [ 351.310938][ T61] hsr_slave_1: left promiscuous mode [ 351.335437][ T61] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 351.360819][ T61] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 351.362054][ T8705] loop5: detected capacity change from 0 to 32768 [ 351.386981][ T8705] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1364 (8705) [ 351.399217][ T8711] sctp: [Deprecated]: syz.4.1367 (pid 8711) Use of int in max_burst socket option. [ 351.399217][ T8711] Use struct sctp_assoc_value instead [ 351.425702][ T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 351.448208][ T61] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 351.453814][ T8705] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 351.469964][ T8705] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [ 351.478541][ T8705] BTRFS info (device loop5): using free-space-tree [ 351.649964][ T61] veth1_macvtap: left promiscuous mode [ 351.666423][ T61] veth0_macvtap: left promiscuous mode [ 351.709429][ T61] veth1_vlan: left promiscuous mode [ 351.743559][ T61] veth0_vlan: left promiscuous mode [ 351.785192][ T61] veth1_macvtap: left promiscuous mode [ 351.791758][ T8728] syz.4.1368[8728] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 351.792087][ T8728] syz.4.1368[8728] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 351.821115][ T61] veth0_macvtap: left promiscuous mode [ 351.885628][ T61] veth1_vlan: left promiscuous mode [ 351.897810][ T61] veth0_vlan: left promiscuous mode [ 352.166537][ T7538] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 352.432379][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 352.641698][ T937] usbhid 4-1:0.0: can't add hid device: -71 [ 352.647769][ T937] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 352.681973][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 352.738614][ T937] usb 4-1: USB disconnect, device number 12 [ 353.811858][ T8749] loop3: detected capacity change from 0 to 64 [ 354.314660][ T8757] loop5: detected capacity change from 0 to 256 [ 354.361376][ T29] audit: type=1800 audit(1724098473.180:13): pid=8757 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1379" name="file1" dev="loop5" ino=1048643 res=0 errno=0 [ 354.439088][ T61] team0 (unregistering): Port device team_slave_1 removed [ 354.533764][ T61] team0 (unregistering): Port device team_slave_0 removed [ 354.953445][ T5241] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 355.164176][ T5241] usb 2-1: Using ep0 maxpacket: 8 [ 355.177961][ T5241] usb 2-1: config index 0 descriptor too short (expected 7382, got 27) [ 355.190170][ T5241] usb 2-1: config 195 has 1 interface, different from the descriptor's value: 23 [ 355.206271][ T5241] usb 2-1: config 195 interface 0 altsetting 6 endpoint 0xC has invalid wMaxPacketSize 0 [ 355.225682][ T5241] usb 2-1: config 195 interface 0 has no altsetting 0 [ 355.238022][ T5241] usb 2-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58 [ 355.247313][ T5241] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 355.259935][ T5241] usb 2-1: Product: syz [ 355.271813][ T5241] usb 2-1: Manufacturer: syz [ 355.280893][ T5241] usb 2-1: SerialNumber: syz [ 355.299584][ T5241] hub 2-1:195.0: bad descriptor, ignoring hub [ 355.306033][ T5241] hub 2-1:195.0: probe with driver hub failed with error -5 [ 355.315949][ T5241] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae [ 355.525132][ T5241] gspca_zc3xx: reg_w_i err -71 [ 356.091732][ T61] team0 (unregistering): Port device team_slave_1 removed [ 356.149791][ T5241] gspca_zc3xx: Unknown sensor - set to TAS5130C [ 356.156813][ T5241] gspca_zc3xx 2-1:195.0: probe with driver gspca_zc3xx failed with error -71 [ 356.164096][ T61] team0 (unregistering): Port device team_slave_0 removed [ 356.425543][ T5241] usb 2-1: reset high-speed USB device number 19 using dummy_hcd [ 357.050020][ T8735] IPVS: Error joining to the multicast group [ 357.345830][ T9] usb 2-1: USB disconnect, device number 19 [ 357.387523][ T8442] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 357.437414][ T8442] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 357.478334][ T8442] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 357.493775][ T8442] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 357.958407][ T8442] 8021q: adding VLAN 0 to HW filter on device bond0 [ 358.135274][ T8442] 8021q: adding VLAN 0 to HW filter on device team0 [ 358.163571][ T61] IPVS: stop unused estimator thread 0... [ 358.206488][ T4404] bridge0: port 1(bridge_slave_0) entered blocking state [ 358.213906][ T4404] bridge0: port 1(bridge_slave_0) entered forwarding state [ 358.297939][ T4404] bridge0: port 2(bridge_slave_1) entered blocking state [ 358.305311][ T4404] bridge0: port 2(bridge_slave_1) entered forwarding state [ 358.851651][ T8505] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 358.906179][ T8505] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 359.001372][ T8505] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 359.067183][ T8505] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 359.198819][ T8442] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 359.870216][ T8807] loop5: detected capacity change from 0 to 64 [ 359.928663][ T8505] 8021q: adding VLAN 0 to HW filter on device bond0 [ 360.076029][ T8505] 8021q: adding VLAN 0 to HW filter on device team0 [ 360.141300][ T1817] bridge0: port 1(bridge_slave_0) entered blocking state [ 360.148610][ T1817] bridge0: port 1(bridge_slave_0) entered forwarding state [ 360.292813][ T1817] bridge0: port 2(bridge_slave_1) entered blocking state [ 360.300128][ T1817] bridge0: port 2(bridge_slave_1) entered forwarding state [ 360.310577][ T8815] loop4: detected capacity change from 0 to 256 [ 360.327122][ T8816] loop3: detected capacity change from 0 to 16 [ 360.338397][ T8815] exfat: Deprecated parameter 'utf8' [ 360.349953][ T8816] erofs: (device loop3): mounted with root inode @ nid 36. [ 360.361151][ T8815] exfat: Deprecated parameter 'utf8' [ 360.411404][ T8442] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 360.420431][ T8816] syz.3.1401: attempt to access beyond end of device [ 360.420431][ T8816] loop3: rw=0, sector=8, nr_sectors = 16 limit=16 [ 360.440512][ T8815] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 360.488690][ T8818] syz.3.1401: attempt to access beyond end of device [ 360.488690][ T8818] loop3: rw=524288, sector=16, nr_sectors = 16 limit=16 [ 360.553406][ T8818] syz.3.1401: attempt to access beyond end of device [ 360.553406][ T8818] loop3: rw=524288, sector=8, nr_sectors = 16 limit=16 [ 360.645064][ T8816] syz.3.1401: attempt to access beyond end of device [ 360.645064][ T8816] loop3: rw=0, sector=8, nr_sectors = 16 limit=16 [ 360.911347][ T8442] veth0_vlan: entered promiscuous mode [ 361.005679][ T8442] veth1_vlan: entered promiscuous mode [ 361.149568][ T8442] veth0_macvtap: entered promiscuous mode [ 361.236196][ T8442] veth1_macvtap: entered promiscuous mode [ 361.346666][ T8442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 361.373864][ T8442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.401809][ T8442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 361.432109][ T8442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.453641][ T8442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 361.471476][ T8442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.487868][ T8442] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 361.562741][ T8442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 361.586156][ T8442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.598251][ T8442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 361.613621][ T8442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.623530][ T8442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 361.635907][ T8442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.653644][ T8442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 361.681527][ T8442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.705868][ T8442] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 361.765002][ T8442] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 361.783069][ T8442] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 361.799461][ T8442] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 361.808477][ T8442] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 361.980564][ T8505] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 362.155046][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 362.173716][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 362.320674][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 362.361530][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 362.379988][ T8505] veth0_vlan: entered promiscuous mode [ 362.449681][ T8505] veth1_vlan: entered promiscuous mode [ 362.667212][ T8505] veth0_macvtap: entered promiscuous mode [ 362.737311][ T8505] veth1_macvtap: entered promiscuous mode [ 362.892102][ T8505] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 362.922142][ T8832] loop0: detected capacity change from 0 to 4096 [ 362.934278][ T8832] EXT4-fs: Ignoring removed nobh option [ 362.941364][ T8505] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 362.958300][ T5293] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 362.994108][ T8505] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 363.008470][ T8505] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 363.020970][ T8505] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 363.037006][ T8832] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 363.070386][ T8505] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 363.098384][ T8505] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 363.141773][ T8505] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 363.154715][ T8505] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 363.176237][ T5293] usb 2-1: Using ep0 maxpacket: 8 [ 363.204355][ T8505] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 363.218053][ T5293] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 363.222967][ T8505] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 363.239916][ T8832] fs-verity: sha512 using implementation "sha512-avx2" [ 363.248182][ T8505] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 363.248214][ T8505] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 363.248236][ T8505] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 363.248264][ T8505] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 363.248286][ T8505] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 363.248314][ T8505] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 363.248336][ T8505] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 363.248364][ T8505] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 363.255515][ T8505] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 363.276473][ T5293] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 363.314945][ T8505] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 363.402978][ T5293] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 363.421997][ T5293] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 363.455306][ T8505] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 363.459094][ T5293] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 363.479471][ T8505] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 363.499404][ T8505] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 363.526756][ T5293] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 363.565926][ T8442] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 363.887530][ T5293] usb 2-1: GET_CAPABILITIES returned 0 [ 363.908027][ T5293] usbtmc 2-1:16.0: can't read capabilities [ 364.091001][ T1817] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 364.107406][ T1817] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 364.311219][ T46] usb 2-1: USB disconnect, device number 20 [ 364.358573][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 364.399981][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 365.040608][ T8855] __vm_enough_memory: pid: 8855, comm: syz.0.1411, bytes: 549744508928 not enough memory for the allocation [ 365.460681][ T8863] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1419'. [ 365.977655][ T8875] loop2: detected capacity change from 0 to 64 [ 366.205299][ T8877] netlink: 'syz.5.1426': attribute type 1 has an invalid length. [ 366.838433][ T8888] netlink: 'syz.1.1432': attribute type 9 has an invalid length. [ 366.878854][ T8888] netlink: 61951 bytes leftover after parsing attributes in process `syz.1.1432'. [ 367.239043][ T46] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 367.317441][ T8898] loop3: detected capacity change from 0 to 2048 [ 367.339029][ T8898] EXT4-fs: Ignoring removed mblk_io_submit option [ 367.354927][ T29] audit: type=1400 audit(1724098486.170:14): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=8900 comm="syz.5.1438" [ 367.443639][ T46] usb 3-1: Using ep0 maxpacket: 32 [ 367.455647][ T46] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 367.471701][ T46] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 367.480923][ T46] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 367.489442][ T8898] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 367.510319][ T46] usb 3-1: Product: syz [ 367.514656][ T46] usb 3-1: Manufacturer: syz [ 367.519379][ T46] usb 3-1: SerialNumber: syz [ 367.534359][ T46] usb 3-1: config 0 descriptor?? [ 367.555408][ T8892] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 367.574723][ T8898] EXT4-fs (loop3): shut down requested (0) [ 367.740310][ T8907] netlink: 52 bytes leftover after parsing attributes in process `syz.5.1439'. [ 367.771970][ T8907] netlink: 52 bytes leftover after parsing attributes in process `syz.5.1439'. [ 367.811964][ T8907] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 367.861359][ T6311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 367.934753][ T937] usb 3-1: USB disconnect, device number 11 [ 368.846874][ T8927] loop1: detected capacity change from 0 to 256 [ 368.938437][ T8927] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 369.566239][ T8936] loop5: detected capacity change from 0 to 4096 [ 369.589640][ T8936] ntfs3: loop5: Different NTFS sector size (2048) and media sector size (512). [ 369.864000][ T29] audit: type=1800 audit(1724098488.690:15): pid=8936 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1450" name="bus" dev="loop5" ino=33 res=0 errno=0 [ 369.951822][ T29] audit: type=1800 audit(1724098488.730:16): pid=8936 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1450" name="bus" dev="loop5" ino=33 res=0 errno=0 [ 369.971995][ C1] vkms_vblank_simulate: vblank timer overrun [ 370.079839][ T8912] loop3: detected capacity change from 0 to 32768 [ 370.280102][ T1817] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 370.590430][ T1817] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 370.790836][ T8929] loop2: detected capacity change from 0 to 32768 [ 370.869371][ T1817] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 370.930495][ T8929] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 371.246223][ T1817] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 371.414430][ T8929] XFS (loop2): Ending clean mount [ 371.745793][ T8505] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 371.804221][ T8956] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition [ 371.851751][ T8956] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0) [ 371.879195][ T1817] bridge_slave_1: left allmulticast mode [ 371.893998][ T1817] bridge_slave_1: left promiscuous mode [ 371.900020][ T1817] bridge0: port 2(bridge_slave_1) entered disabled state [ 371.946376][ T8959] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1459'. [ 372.013063][ T8959] nbd: socks must be embedded in a SOCK_ITEM attr [ 372.086766][ T1817] bridge_slave_0: left allmulticast mode [ 372.122013][ T1817] bridge_slave_0: left promiscuous mode [ 372.162598][ T1817] bridge0: port 1(bridge_slave_0) entered disabled state [ 372.478736][ T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 372.513952][ T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 372.527125][ T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 372.542664][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 372.565177][ T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 372.585370][ T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 372.594480][ T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 374.090667][ T5252] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 374.109938][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 374.143275][ T5252] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 374.156996][ T5252] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 374.180779][ T5252] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 374.190973][ T5252] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 374.202913][ T5252] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 374.305838][ T8988] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1471'. [ 374.502428][ T5293] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 374.637561][ T1817] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 374.662487][ T1817] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 374.694589][ T1817] bond0 (unregistering): Released all slaves [ 374.703802][ T54] Bluetooth: hci1: command tx timeout [ 374.813533][ T5293] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 374.831763][ T5293] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 374.859340][ T5293] usb 1-1: config 0 descriptor?? [ 374.876827][ T5293] cp210x 1-1:0.0: cp210x converter detected [ 375.361607][ T5293] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 375.648876][ T5293] usb 1-1: cp210x converter now attached to ttyUSB0 [ 375.662357][ T8994] loop2: detected capacity change from 0 to 4096 [ 375.707777][ T8994] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 375.847247][ T5424] usb 1-1: USB disconnect, device number 9 [ 375.873561][ T5424] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 375.934724][ T5424] cp210x 1-1:0.0: device disconnected [ 376.011120][ T8994] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 376.026933][ T1817] hsr_slave_0: left promiscuous mode [ 376.088550][ T1817] hsr_slave_1: left promiscuous mode [ 376.146190][ T1817] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 376.173814][ T29] audit: type=1800 audit(1724098495.000:17): pid=8994 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1473" name="bus" dev="loop2" ino=0 res=0 errno=0 [ 376.215758][ T1817] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 376.279615][ T1817] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 376.301626][ T1817] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 376.308988][ T54] Bluetooth: hci4: command tx timeout [ 376.587547][ T1817] dummy0: left promiscuous mode [ 376.616550][ T1817] veth1_macvtap: left promiscuous mode [ 376.686816][ T1817] veth0_macvtap: left promiscuous mode [ 376.714490][ T1817] veth1_vlan: left promiscuous mode [ 376.735471][ T1817] veth0_vlan: left promiscuous mode [ 376.795845][ T54] Bluetooth: hci1: command tx timeout [ 376.905523][ T9009] netlink: 'syz.2.1479': attribute type 1 has an invalid length. [ 377.124767][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 378.381746][ T54] Bluetooth: hci4: command tx timeout [ 378.865308][ T1817] team0 (unregistering): Port device team_slave_1 removed [ 378.874030][ T54] Bluetooth: hci1: command tx timeout [ 379.004999][ T1817] team0 (unregistering): Port device team_slave_0 removed [ 380.386273][ T9027] loop3: detected capacity change from 0 to 128 [ 380.433747][ T9027] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 380.475044][ T54] Bluetooth: hci4: command tx timeout [ 380.496847][ T9027] FAT-fs (loop3): count of clusters too big (2147922302) [ 380.633078][ T9027] FAT-fs (loop3): Can't find a valid FAT filesystem [ 380.951952][ T54] Bluetooth: hci1: command tx timeout [ 381.044828][ T9044] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 381.451507][ T9] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 381.494577][ T8964] chnl_net:caif_netlink_parms(): no params data found [ 381.703089][ T9] usb 4-1: Using ep0 maxpacket: 32 [ 381.718134][ T9] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 381.769353][ T9] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 381.807602][ T9] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 381.827665][ T9] usb 4-1: Product: syz [ 381.833968][ T9] usb 4-1: Manufacturer: syz [ 381.848775][ T9] usb 4-1: SerialNumber: syz [ 381.865287][ T8983] chnl_net:caif_netlink_parms(): no params data found [ 381.893094][ T9] usb 4-1: config 0 descriptor?? [ 381.899190][ T9049] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 381.958374][ T1817] IPVS: stop unused estimator thread 0... [ 382.091994][ T9066] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1503'. [ 382.307261][ T9] usb 4-1: USB disconnect, device number 13 [ 382.532491][ T8964] bridge0: port 1(bridge_slave_0) entered blocking state [ 382.551549][ T54] Bluetooth: hci4: command tx timeout [ 382.572524][ T8964] bridge0: port 1(bridge_slave_0) entered disabled state [ 382.580006][ T8964] bridge_slave_0: entered allmulticast mode [ 382.589111][ T8964] bridge_slave_0: entered promiscuous mode [ 382.607208][ T8964] bridge0: port 2(bridge_slave_1) entered blocking state [ 382.615160][ T8964] bridge0: port 2(bridge_slave_1) entered disabled state [ 382.623529][ T8964] bridge_slave_1: entered allmulticast mode [ 382.634569][ T8964] bridge_slave_1: entered promiscuous mode [ 382.840651][ T29] audit: type=1326 audit(1724098501.650:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9077 comm="syz.0.1507" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f634a379e79 code=0x0 [ 383.161029][ T8964] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 383.304695][ T8964] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 383.328389][ T8983] bridge0: port 1(bridge_slave_0) entered blocking state [ 383.340518][ T8983] bridge0: port 1(bridge_slave_0) entered disabled state [ 383.353161][ T5293] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 383.359075][ T8983] bridge_slave_0: entered allmulticast mode [ 383.384761][ T8983] bridge_slave_0: entered promiscuous mode [ 383.563662][ T8983] bridge0: port 2(bridge_slave_1) entered blocking state [ 383.574655][ T5293] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 383.580292][ T8983] bridge0: port 2(bridge_slave_1) entered disabled state [ 383.603579][ T8983] bridge_slave_1: entered allmulticast mode [ 383.607523][ T5293] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 383.624706][ T8983] bridge_slave_1: entered promiscuous mode [ 383.645029][ T5293] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 383.663143][ T5293] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 383.698343][ T5293] usb 6-1: SerialNumber: syz [ 383.706571][ T9095] loop2: detected capacity change from 0 to 16 [ 383.765771][ T9095] erofs: (device loop2): mounted with root inode @ nid 36. [ 383.804751][ T5293] usb 6-1: can't set config #1, error -71 [ 383.805659][ T8964] team0: Port device team_slave_0 added [ 383.836875][ T5293] usb 6-1: USB disconnect, device number 7 [ 383.861016][ T9095] syz.2.1513: attempt to access beyond end of device [ 383.861016][ T9095] loop2: rw=524288, sector=16, nr_sectors = 16 limit=16 [ 383.894582][ T8964] team0: Port device team_slave_1 added [ 383.925379][ T9095] syz.2.1513: attempt to access beyond end of device [ 383.925379][ T9095] loop2: rw=524288, sector=8, nr_sectors = 16 limit=16 [ 384.115591][ T8983] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 384.239438][ T8983] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 384.481510][ T9] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 384.519097][ T8964] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 384.592573][ T8964] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 384.739759][ T9] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 384.750881][ T8964] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 384.761933][ T9] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 384.818522][ T9] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 384.853244][ T9] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 384.865744][ T8983] team0: Port device team_slave_0 added [ 384.893792][ T8964] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 384.900814][ T8964] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 384.953481][ T9] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 384.968923][ T9] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 384.982943][ T9] usb 1-1: Product: syz [ 384.987222][ T9] usb 1-1: Manufacturer: syz [ 385.023900][ T8964] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 385.037704][ T9] cdc_wdm 1-1:1.0: skipping garbage [ 385.051469][ T9] cdc_wdm 1-1:1.0: skipping garbage [ 385.092263][ T9] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device [ 385.098237][ T9] cdc_wdm 1-1:1.0: Unknown control protocol [ 385.117807][ T8983] team0: Port device team_slave_1 added [ 385.251036][ T9] usb 1-1: USB disconnect, device number 10 [ 385.435732][ T8983] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 385.482087][ T8983] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 385.533602][ T9113] loop2: detected capacity change from 0 to 2048 [ 385.555520][ T8983] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 385.577275][ T9113] EXT4-fs: Ignoring removed mblk_io_submit option [ 385.677134][ T9113] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 385.779359][ T9113] EXT4-fs (loop2): shut down requested (0) [ 385.793054][ T8964] hsr_slave_0: entered promiscuous mode [ 385.838978][ T8964] hsr_slave_1: entered promiscuous mode [ 385.866539][ T8983] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 385.880034][ T8983] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 385.977842][ T8983] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 386.095060][ T8505] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 386.836410][ T9139] loop2: detected capacity change from 0 to 1024 [ 386.866800][ T8983] hsr_slave_0: entered promiscuous mode [ 386.887527][ T9139] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 386.901976][ T8983] hsr_slave_1: entered promiscuous mode [ 386.918054][ T9139] JBD2: no valid journal superblock found [ 386.918086][ T8983] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 386.934274][ T9139] EXT4-fs (loop2): Could not load journal inode [ 386.961591][ T8983] Cannot create hsr debugfs directory [ 387.261764][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 387.712197][ T9145] loop5: detected capacity change from 0 to 4096 [ 387.755248][ T9147] loop2: detected capacity change from 0 to 512 [ 387.760423][ T9145] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512). [ 387.846656][ T9145] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 387.863629][ T9147] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 387.951271][ T29] audit: type=1800 audit(1724098506.770:19): pid=9145 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1533" name="bus" dev="loop5" ino=0 res=0 errno=0 [ 388.248154][ T937] kernel write not supported for file /uinput (pid: 937 comm: kworker/0:2) [ 388.554876][ T1264] ieee802154 phy0 wpan0: encryption failed: -22 [ 388.561296][ T1264] ieee802154 phy1 wpan1: encryption failed: -22 [ 388.578692][ T9157] loop2: detected capacity change from 0 to 256 [ 388.655724][ T9154] loop5: detected capacity change from 0 to 2048 [ 388.694303][ T9154] EXT4-fs: Ignoring removed mblk_io_submit option [ 388.722169][ T9159] loop3: detected capacity change from 0 to 512 [ 388.768036][ T9159] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.1540: casefold flag without casefold feature [ 388.773125][ T9154] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 388.805302][ T9159] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.1540: couldn't read orphan inode 15 (err -117) [ 388.862305][ T9159] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 388.972165][ T9154] EXT4-fs (loop5): shut down requested (0) [ 389.126302][ T6311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 389.189465][ T8983] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 389.301241][ T7538] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 389.564931][ T11] kworker/u8:0: attempt to access beyond end of device [ 389.564931][ T11] loop2: rw=1, sector=256, nr_sectors = 224 limit=256 [ 389.608102][ T8983] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 389.609381][ T11] kworker/u8:0: attempt to access beyond end of device [ 389.609381][ T11] loop2: rw=1, sector=512, nr_sectors = 32 limit=256 [ 389.692345][ T11] kworker/u8:0: attempt to access beyond end of device [ 389.692345][ T11] loop2: rw=1, sector=608, nr_sectors = 416 limit=256 [ 389.743856][ T11] kworker/u8:0: attempt to access beyond end of device [ 389.743856][ T11] loop2: rw=1, sector=1056, nr_sectors = 1928 limit=256 [ 390.025934][ T8983] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 390.086484][ T9180] loop3: detected capacity change from 0 to 1024 [ 390.089396][ T9182] loop0: detected capacity change from 0 to 512 [ 390.151813][ T9182] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #12: comm syz.0.1551: corrupted in-inode xattr: invalid ea_ino [ 390.279852][ T9182] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.1551: couldn't read orphan inode 12 (err -117) [ 390.324538][ T8983] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 390.353994][ T9182] EXT4-fs (loop0): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 390.507935][ T8442] EXT4-fs (loop0): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 390.553145][ T9190] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 391.064848][ T8964] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 391.148752][ T8964] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 391.195390][ T9202] loop0: detected capacity change from 0 to 2048 [ 391.218032][ T8964] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 391.228341][ T9202] EXT4-fs: Ignoring removed mblk_io_submit option [ 391.269995][ T9202] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 391.285628][ T8964] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 391.401201][ T5241] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 391.487307][ T9202] EXT4-fs (loop0): shut down requested (0) [ 391.503043][ T5293] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 391.632164][ T5241] usb 3-1: Using ep0 maxpacket: 8 [ 391.644580][ T5241] usb 3-1: config index 0 descriptor too short (expected 7382, got 27) [ 391.674523][ T8442] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 391.691656][ T5241] usb 3-1: config 195 has 1 interface, different from the descriptor's value: 23 [ 391.712084][ T5293] usb 4-1: Using ep0 maxpacket: 8 [ 391.723028][ T5241] usb 3-1: config 195 interface 0 altsetting 6 endpoint 0xC has invalid wMaxPacketSize 0 [ 391.727918][ T5293] usb 4-1: config index 0 descriptor too short (expected 301, got 45) [ 391.744234][ T8983] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 391.764085][ T5241] usb 3-1: config 195 interface 0 has no altsetting 0 [ 391.777528][ T5241] usb 3-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58 [ 391.782624][ T5293] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 391.801155][ T8983] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 391.811097][ T5241] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 391.831484][ T5241] usb 3-1: Product: syz [ 391.840554][ T5241] usb 3-1: Manufacturer: syz [ 391.851207][ T5241] usb 3-1: SerialNumber: syz [ 391.855845][ T5293] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 391.855901][ T5293] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 391.855953][ T5293] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 391.856040][ T5293] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 391.856089][ T5293] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 391.990643][ T8983] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 392.022039][ T8983] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 392.078556][ T5241] hub 3-1:195.0: bad descriptor, ignoring hub [ 392.086523][ T5241] hub 3-1:195.0: probe with driver hub failed with error -5 [ 392.099240][ T5241] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae [ 392.149281][ T5293] usb 4-1: usb_control_msg returned -32 [ 392.173325][ T5293] usbtmc 4-1:16.0: can't read capabilities [ 392.265452][ T9212] loop0: detected capacity change from 0 to 2048 [ 392.340585][ T5241] gspca_zc3xx: reg_w_i err -71 [ 392.353614][ T9212] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 392.580880][ T8964] 8021q: adding VLAN 0 to HW filter on device bond0 [ 392.725632][ T8442] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 392.798549][ T8964] 8021q: adding VLAN 0 to HW filter on device team0 [ 392.871227][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 392.878595][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 392.960517][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 392.967895][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 393.003072][ T5241] gspca_zc3xx: Unknown sensor - set to TAS5130C [ 393.009498][ T5241] gspca_zc3xx 3-1:195.0: probe with driver gspca_zc3xx failed with error -71 [ 393.281996][ T5241] usb 3-1: reset high-speed USB device number 12 using dummy_hcd [ 393.534443][ T8983] 8021q: adding VLAN 0 to HW filter on device bond0 [ 393.769197][ T8983] 8021q: adding VLAN 0 to HW filter on device team0 [ 393.777404][ T5293] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 393.833923][ T5293] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 393.876003][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 393.883438][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 393.889257][ T5293] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 393.925648][ T5293] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 393.959901][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 393.967188][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 394.055227][ T5296] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 394.067953][ T5293] hid-generic 0000:0000:0000.0010: hidraw0: HID v0.00 Device [syz0] on syz0 [ 394.298939][ T5296] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 394.332989][ T5296] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 394.423373][ T5296] usb 6-1: Product: syz [ 394.427609][ T5296] usb 6-1: Manufacturer: syz [ 394.479583][ T9] usb 4-1: USB disconnect, device number 14 [ 394.491571][ T5296] usb 6-1: SerialNumber: syz [ 394.552464][ T5296] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 394.615462][ T5293] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 394.624681][ T937] usb 3-1: USB disconnect, device number 12 [ 395.197400][ T8964] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 416.062662][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 424.388272][ T19] rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { 0-.... } 2682 jiffies s: 19853 root: 0x1/. [ 475.586982][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 500.253546][ C0] rcu: INFO: rcu_preempt self-detected stall on CPU [ 500.260162][ C0] rcu: 0-...!: (10324 ticks this GP) idle=419c/1/0x4000000000000000 softirq=32271/32271 fqs=192 [ 500.272535][ C0] rcu: (t=10502 jiffies g=51041 q=716 ncpus=2) [ 500.278779][ C0] rcu: rcu_preempt kthread starved for 10116 jiffies! g51041 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 500.289983][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 500.299952][ C0] rcu: RCU grace-period kthread stack dump: [ 500.305837][ C0] task:rcu_preempt state:R running task stack:27680 pid:17 tgid:17 ppid:2 flags:0x00004000 [ 500.317586][ C0] Call Trace: [ 500.320864][ C0] [ 500.323800][ C0] __schedule+0xe37/0x5490 [ 500.328239][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 500.333466][ C0] ? __entry_text_end+0x1020c5/0x1020c9 [ 500.339041][ C0] ? __pfx___schedule+0x10/0x10 [ 500.343911][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 500.349564][ C0] ? schedule+0x298/0x350 [ 500.353912][ C0] ? __pfx_lock_release+0x10/0x10 [ 500.358964][ C0] ? __pfx___mod_timer+0x10/0x10 [ 500.363934][ C0] ? lock_acquire+0x1b1/0x560 [ 500.368637][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 500.374304][ C0] ? lockdep_init_map_type+0x16d/0x7d0 [ 500.379796][ C0] schedule+0xe7/0x350 [ 500.383888][ C0] schedule_timeout+0x136/0x2a0 [ 500.388754][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 500.394143][ C0] ? __pfx_process_timeout+0x10/0x10 [ 500.399456][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 500.405105][ C0] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 500.410932][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 500.416581][ C0] ? prepare_to_swait_event+0xf0/0x470 [ 500.422076][ C0] rcu_gp_fqs_loop+0x1eb/0xb00 [ 500.426866][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 500.432173][ C0] ? rcu_gp_init+0xc82/0x1630 [ 500.436871][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 500.442548][ C0] ? _raw_spin_unlock_irq+0x2e/0x50 [ 500.447777][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 500.453437][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 500.459375][ C0] rcu_gp_kthread+0x271/0x380 [ 500.464108][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 500.469348][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 500.474570][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 500.480218][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 500.485863][ C0] ? __kthread_parkme+0x148/0x220 [ 500.490906][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 500.496127][ C0] kthread+0x2c4/0x3a0 [ 500.500222][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 500.505440][ C0] ? __pfx_kthread+0x10/0x10 [ 500.510048][ C0] ret_from_fork+0x48/0x80 [ 500.514489][ C0] ? __pfx_kthread+0x10/0x10 [ 500.519096][ C0] ret_from_fork_asm+0x1a/0x30 [ 500.523907][ C0] [ 500.526923][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 500.533237][ C0] Sending NMI from CPU 0 to CPUs 1: [ 500.538454][ C1] NMI backtrace for cpu 1 skipped: idling at acpi_safe_halt+0x1a/0x20 [ 500.539441][ C0] CPU: 0 UID: 0 PID: 9 Comm: kworker/0:1 Not tainted 6.11.0-rc4-syzkaller-00002-gb0da640826ba #0 [ 500.558162][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 500.568221][ C0] Workqueue: events nsim_fib_event_work [ 500.573785][ C0] RIP: 0010:unwind_next_frame+0x206/0x23a0 [ 500.579603][ C0] Code: 4e 00 49 81 fc 00 00 00 81 0f 82 9e 02 00 00 e8 40 e0 4e 00 48 c7 c6 00 00 40 8b 4c 89 e7 e8 e1 e1 4e 00 49 81 fc 00 00 40 8b <0f> 83 7d 02 00 00 e8 1f e0 4e 00 4c 89 e0 48 2d 00 00 00 81 48 c1 [ 500.599217][ C0] RSP: 0018:ffffc90000006dd8 EFLAGS: 00000283 [ 500.605286][ C0] RAX: 0000000000000000 RBX: ffffc90000006e58 RCX: ffffffff813ce0ff [ 500.613254][ C0] RDX: ffff8880176c8000 RSI: ffffffff8150203e RDI: 0000000000000006 [ 500.621225][ C0] RBP: 0000000000000002 R08: 0000000000000006 R09: ffffffff8150203e [ 500.629200][ C0] R10: ffffffff8b400000 R11: ffff8880b9229418 R12: ffffffff8150203e [ 500.637186][ C0] R13: 0000000000000000 R14: ffffc90000006f18 R15: ffffc90000006e8d [ 500.645162][ C0] FS: 0000000000000000(0000) GS:ffff8880b9200000(0000) knlGS:0000000000000000 [ 500.654099][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 500.660687][ C0] CR2: 0000001b31410ff8 CR3: 000000002c798000 CR4: 0000000000350ef0 [ 500.668665][ C0] Call Trace: [ 500.671945][ C0] [ 500.674788][ C0] ? show_regs+0x8c/0xa0 [ 500.679059][ C0] ? rcu_dump_cpu_stacks+0x2a9/0x4c0 [ 500.684373][ C0] ? rcu_sched_clock_irq+0xa1c/0x33e0 [ 500.689790][ C0] ? __pfx_rcu_sched_clock_irq+0x10/0x10 [ 500.695451][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 500.701098][ C0] ? find_held_lock+0x2d/0x110 [ 500.705878][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 500.711539][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 500.717210][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 500.722861][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 500.728513][ C0] ? update_process_times+0x175/0x220 [ 500.733917][ C0] ? __pfx_update_process_times+0x10/0x10 [ 500.739682][ C0] ? tick_nohz_handler+0x376/0x530 [ 500.744826][ C0] ? __pfx_tick_nohz_handler+0x10/0x10 [ 500.750300][ C0] ? __hrtimer_run_queues+0x65a/0xcc0 [ 500.755692][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 500.761431][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 500.767093][ C0] ? ktime_get_update_offsets_now+0x201/0x310 [ 500.773208][ C0] ? hrtimer_interrupt+0x31b/0x800 [ 500.778347][ C0] ? __sysvec_apic_timer_interrupt+0x112/0x450 [ 500.784513][ C0] ? sysvec_apic_timer_interrupt+0x43/0xb0 [ 500.790333][ C0] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 500.796501][ C0] ? tasklet_action_common.constprop.0+0x24e/0x3e0 [ 500.803024][ C0] ? tasklet_action_common.constprop.0+0x24e/0x3e0 [ 500.809553][ C0] ? unwind_next_frame+0x1ff/0x23a0 [ 500.814763][ C0] ? tasklet_action_common.constprop.0+0x24e/0x3e0 [ 500.821284][ C0] ? unwind_next_frame+0x206/0x23a0 [ 500.826506][ C0] ? unwind_next_frame+0x1ff/0x23a0 [ 500.831731][ C0] ? tasklet_action_common.constprop.0+0x24f/0x3e0 [ 500.838269][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 500.843924][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 500.850100][ C0] arch_stack_walk+0x100/0x170 [ 500.854888][ C0] ? tasklet_action_common.constprop.0+0x24f/0x3e0 [ 500.861424][ C0] ? ieee802_11_parse_elems_full+0xea/0x1680 [ 500.867454][ C0] stack_trace_save+0x95/0xd0 [ 500.872152][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 500.877545][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 500.883197][ C0] ? get_stack_info_noinstr+0x18/0x120 [ 500.888671][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 500.894327][ C0] ? get_stack_info+0xc1/0x150 [ 500.899117][ C0] kasan_save_stack+0x33/0x60 [ 500.903823][ C0] ? kasan_save_stack+0x33/0x60 [ 500.908690][ C0] ? kasan_save_track+0x14/0x30 [ 500.913560][ C0] ? __kasan_kmalloc+0xaa/0xb0 [ 500.918332][ C0] ? __kmalloc_noprof+0x1e8/0x400 [ 500.923375][ C0] ? ieee802_11_parse_elems_full+0xea/0x1680 [ 500.929379][ C0] ? ieee80211_inform_bss+0xfd/0x1100 [ 500.934773][ C0] ? cfg80211_inform_single_bss_data+0x8e5/0x1dc0 [ 500.941200][ C0] ? cfg80211_inform_bss_data+0x205/0x39c0 [ 500.947021][ C0] ? cfg80211_inform_bss_frame_data+0x271/0x7a0 [ 500.953277][ C0] ? ieee80211_bss_info_update+0x311/0xab0 [ 500.959105][ C0] ? ieee80211_scan_rx+0x474/0xac0 [ 500.964238][ C0] ? ieee80211_rx_list+0x1be3/0x2e90 [ 500.969542][ C0] ? ieee80211_rx_napi+0xdd/0x400 [ 500.974586][ C0] ? ieee80211_handle_queued_frames+0xd5/0x130 [ 500.980753][ C0] ? tasklet_action_common.constprop.0+0x24f/0x3e0 [ 500.987327][ C0] kasan_save_track+0x14/0x30 [ 500.992029][ C0] __kasan_kmalloc+0xaa/0xb0 [ 500.996640][ C0] __kmalloc_noprof+0x1e8/0x400 [ 501.001524][ C0] ieee802_11_parse_elems_full+0xea/0x1680 [ 501.007352][ C0] ? msleep+0x9c/0xd0 [ 501.011362][ C0] ? nsim_fib_event_work+0x1a11/0x26d0 [ 501.016854][ C0] ? process_one_work+0x9c8/0x1b40 [ 501.021990][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.027638][ C0] ? hlock_class+0x4e/0x130 [ 501.032155][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.037819][ C0] ? mark_lock+0xb5/0xc60 [ 501.042199][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.047849][ C0] ? lock_acquire+0x1b1/0x560 [ 501.052561][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 501.057614][ C0] ? __pfx_ieee802_11_parse_elems_full+0x10/0x10 [ 501.063964][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.069610][ C0] ? cfg80211_update_known_bss+0x39f/0x1150 [ 501.075532][ C0] ? __pfx_lock_release+0x10/0x10 [ 501.080584][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.086232][ C0] ? mark_held_locks+0x9f/0xe0 [ 501.091026][ C0] ieee80211_inform_bss+0xfd/0x1100 [ 501.096251][ C0] ? __pfx_ieee80211_inform_bss+0x10/0x10 [ 501.102011][ C0] ? trace_kmalloc+0x2d/0xe0 [ 501.106632][ C0] ? __kmalloc_noprof+0x207/0x400 [ 501.111684][ C0] ? __pfx_ieee80211_inform_bss+0x10/0x10 [ 501.117421][ C0] cfg80211_inform_single_bss_data+0x8e5/0x1dc0 [ 501.123697][ C0] ? __pfx_cfg80211_inform_single_bss_data+0x10/0x10 [ 501.130412][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.136065][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.141714][ C0] ? find_held_lock+0x2d/0x110 [ 501.146496][ C0] ? cfg80211_inform_bss_data+0x205/0x39c0 [ 501.152317][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.157964][ C0] cfg80211_inform_bss_data+0x205/0x39c0 [ 501.163615][ C0] ? __local_bh_enable_ip+0xa4/0x120 [ 501.168904][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.174544][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 501.179757][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.185407][ C0] ? __local_bh_enable_ip+0xa4/0x120 [ 501.190729][ C0] ? __pfx_cfg80211_inform_bss_data+0x10/0x10 [ 501.196818][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.202469][ C0] ? hlock_class+0x4e/0x130 [ 501.206986][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.212637][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.218282][ C0] ? hlock_class+0x4e/0x130 [ 501.222799][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.228443][ C0] ? __lock_acquire+0xbdd/0x3cb0 [ 501.233432][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.239074][ C0] ? lock_acquire+0x1b1/0x560 [ 501.243768][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.249412][ C0] ? find_held_lock+0x2d/0x110 [ 501.254190][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.259833][ C0] ? ieee80211_bss_info_update+0x2cb/0xab0 [ 501.265664][ C0] cfg80211_inform_bss_frame_data+0x271/0x7a0 [ 501.271760][ C0] ieee80211_bss_info_update+0x311/0xab0 [ 501.277414][ C0] ? __pfx_ieee80211_bss_info_update+0x10/0x10 [ 501.283596][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.289254][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.294900][ C0] ? ieee80211_get_channel_khz+0x14d/0x1e0 [ 501.300737][ C0] ieee80211_scan_rx+0x474/0xac0 [ 501.305701][ C0] ieee80211_rx_list+0x1be3/0x2e90 [ 501.310845][ C0] ? __pfx_ieee80211_rx_list+0x10/0x10 [ 501.316321][ C0] ? lock_acquire+0x1b1/0x560 [ 501.321022][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.326685][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.332334][ C0] ? skb_dequeue+0x126/0x180 [ 501.336945][ C0] ieee80211_rx_napi+0xdd/0x400 [ 501.341828][ C0] ? __pfx_ieee80211_rx_napi+0x10/0x10 [ 501.347328][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 501.352549][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.358195][ C0] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 501.364029][ C0] ieee80211_handle_queued_frames+0xd5/0x130 [ 501.370028][ C0] tasklet_action_common.constprop.0+0x24f/0x3e0 [ 501.376383][ C0] handle_softirqs+0x219/0x8f0 [ 501.381181][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 501.386504][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.392158][ C0] irq_exit_rcu+0xbb/0x120 [ 501.396586][ C0] sysvec_apic_timer_interrupt+0x95/0xb0 [ 501.402239][ C0] [ 501.405169][ C0] [ 501.408098][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 501.414090][ C0] RIP: 0010:_raw_spin_unlock_irqrestore+0x31/0x80 [ 501.420526][ C0] Code: f5 53 48 8b 74 24 10 48 89 fb 48 83 c7 18 e8 d6 ea 54 f6 48 89 df e8 ee 67 55 f6 f7 c5 00 02 00 00 75 23 9c 58 f6 c4 02 75 37 01 00 00 00 e8 15 db 46 f6 65 8b 05 16 12 ef 74 85 c0 74 16 5b [ 501.440141][ C0] RSP: 0018:ffffc900000e7938 EFLAGS: 00000246 [ 501.446219][ C0] RAX: 0000000000000002 RBX: ffffffff9508c5c8 RCX: 1ffffffff28d3bf5 [ 501.454197][ C0] RDX: 0000000000000000 RSI: ffffffff8b4cd700 RDI: ffffffff8bb0c600 [ 501.462172][ C0] RBP: 0000000000000216 R08: 0000000000000001 R09: fffffbfff28c84fd [ 501.470147][ C0] R10: ffffffff946427ef R11: 0000000000000000 R12: ffff8880177e83f0 [ 501.478121][ C0] R13: ffffffff9508c5c0 R14: ffffc900000e7a68 R15: 1ffff9200001cf2e [ 501.486126][ C0] debug_object_free+0x291/0x500 [ 501.491079][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 501.496305][ C0] ? __pfx_debug_object_free+0x10/0x10 [ 501.501782][ C0] ? __pfx___try_to_del_timer_sync+0x10/0x10 [ 501.507799][ C0] ? msleep+0x5e/0xd0 [ 501.511805][ C0] schedule_timeout+0x14f/0x2a0 [ 501.516669][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 501.522059][ C0] ? __pfx_process_timeout+0x10/0x10 [ 501.527375][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.533019][ C0] ? __rhashtable_insert_fast.constprop.0.isra.0+0x979/0x1170 [ 501.540490][ C0] msleep+0x9c/0xd0 [ 501.544327][ C0] nsim_fib_event_work+0x1a11/0x26d0 [ 501.549643][ C0] ? __pfx_nsim_fib_event_work+0x10/0x10 [ 501.555303][ C0] process_one_work+0x9c8/0x1b40 [ 501.560273][ C0] ? __pfx_nsim_fib_event_work+0x10/0x10 [ 501.565915][ C0] ? __pfx_process_one_work+0x10/0x10 [ 501.571313][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.576977][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 501.582628][ C0] ? assign_work+0x1a0/0x250 [ 501.587252][ C0] worker_thread+0x6c8/0xf20 [ 501.591907][ C0] ? __pfx_worker_thread+0x10/0x10 [ 501.597043][ C0] kthread+0x2c4/0x3a0 [ 501.601120][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 501.606349][ C0] ? __pfx_kthread+0x10/0x10 [ 501.610951][ C0] ret_from_fork+0x48/0x80 [ 501.615394][ C0] ? __pfx_kthread+0x10/0x10 [ 501.619998][ C0] ret_from_fork_asm+0x1a/0x30 [ 501.625495][ C0] [ 501.636260][ C0] hrtimer: interrupt took 1390206994 ns [ 525.319259][ T5293] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive [ 553.021518][ T30] INFO: task jbd2/sda1-8:4638 blocked for more than 143 seconds. [ 593.342797][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 662.219505][ C0] watchdog: BUG: soft lockup - CPU#0 stuck for 127s! [kworker/0:3:5293] [ 662.227866][ C0] Modules linked in: [ 662.231772][ C0] irq event stamp: 994813 [ 662.236104][ C0] hardirqs last enabled at (994812): [] _raw_spin_unlock_irq+0x23/0x50 [ 662.246021][ C0] hardirqs last disabled at (994813): [] sysvec_apic_timer_interrupt+0xe/0xb0 [ 662.256458][ C0] softirqs last enabled at (797718): [] handle_softirqs+0x5be/0x8f0 [ 662.266116][ C0] softirqs last disabled at (798295): [] irq_exit_rcu+0xbb/0x120 [ 662.275852][ C0] CPU: 0 UID: 0 PID: 5293 Comm: kworker/0:3 Not tainted 6.11.0-rc4-syzkaller-00002-gb0da640826ba #0 [ 662.286625][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 662.296691][ C0] Workqueue: events request_firmware_work_func [ 662.302872][ C0] RIP: 0010:pie_calculate_probability+0x4c7/0x850 [ 662.309303][ C0] Code: 80 3c 02 00 0f 85 6a 03 00 00 4c 89 6b 08 48 83 c4 48 5b 5d 41 5c 41 5d 41 5e 41 5f e9 82 31 6b f8 e8 7d 31 6b f8 48 8d 43 08 <48> 89 c2 48 89 44 24 08 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 [ 662.328923][ C0] RSP: 0018:ffffc90000007b80 EFLAGS: 00000246 [ 662.335001][ C0] RAX: ffff888066c41ea8 RBX: ffff888066c41ea0 RCX: ffffffff89208b6d [ 662.342980][ C0] RDX: ffff888028a99e00 RSI: ffffffff89208fb3 RDI: 0000000000000001 [ 662.350978][ C0] RBP: ffff88801c695b00 R08: 0000000000000001 R09: 0000000000000000 [ 662.358954][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 662.366933][ C0] R13: 0000000000000400 R14: dffffc0000000000 R15: ffffed10038d2b5a [ 662.374913][ C0] FS: 0000000000000000(0000) GS:ffff8880b9200000(0000) knlGS:0000000000000000 [ 662.383854][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 662.390443][ C0] CR2: 0000001b31410ff8 CR3: 000000002c798000 CR4: 0000000000350ef0 [ 662.398426][ C0] Call Trace: [ 662.401710][ C0] [ 662.404558][ C0] ? show_regs+0x8c/0xa0 [ 662.408830][ C0] ? watchdog_timer_fn+0x570/0x7d0 [ 662.413962][ C0] ? __pfx_watchdog_timer_fn+0x10/0x10 [ 662.419435][ C0] ? __hrtimer_run_queues+0x65a/0xcc0 [ 662.424837][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 662.430577][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.436225][ C0] ? ktime_get_update_offsets_now+0x201/0x310 [ 662.442327][ C0] ? hrtimer_interrupt+0x31b/0x800 [ 662.447489][ C0] ? __sysvec_apic_timer_interrupt+0x112/0x450 [ 662.453662][ C0] ? sysvec_apic_timer_interrupt+0x43/0xb0 [ 662.459499][ C0] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 662.465679][ C0] ? pie_calculate_probability+0x7d/0x850 [ 662.471422][ C0] ? pie_calculate_probability+0x4c3/0x850 [ 662.477268][ C0] ? pie_calculate_probability+0x4c7/0x850 [ 662.483105][ C0] fq_pie_timer+0x215/0x5a0 [ 662.487632][ C0] call_timer_fn+0x1a3/0x610 [ 662.492247][ C0] ? __pfx_fq_pie_timer+0x10/0x10 [ 662.497287][ C0] ? __pfx_call_timer_fn+0x10/0x10 [ 662.502425][ C0] ? __pfx_lock_release+0x10/0x10 [ 662.507482][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.513130][ C0] ? mark_held_locks+0x9f/0xe0 [ 662.517917][ C0] ? __pfx_fq_pie_timer+0x10/0x10 [ 662.522958][ C0] ? __pfx_fq_pie_timer+0x10/0x10 [ 662.528003][ C0] __run_timers+0x74b/0xaf0 [ 662.532544][ C0] ? __pfx___run_timers+0x10/0x10 [ 662.537601][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 662.542653][ C0] ? run_timer_base+0x119/0x190 [ 662.547535][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.553191][ C0] run_timer_base+0x111/0x190 [ 662.557887][ C0] ? __pfx_run_timer_base+0x10/0x10 [ 662.563115][ C0] run_timer_softirq+0x1a/0x40 [ 662.567904][ C0] handle_softirqs+0x219/0x8f0 [ 662.572689][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 662.577989][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.583644][ C0] irq_exit_rcu+0xbb/0x120 [ 662.588072][ C0] sysvec_apic_timer_interrupt+0x95/0xb0 [ 662.593720][ C0] [ 662.596646][ C0] [ 662.599573][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 662.605559][ C0] RIP: 0010:vprintk_store+0x225/0xb70 [ 662.610939][ C0] Code: ed 0f 85 5f 07 00 00 e8 f9 46 1f 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 57 49 1f 00 48 85 db 0f 85 94 08 00 00 45 31 ed d6 46 1f 00 48 8b 4c 24 10 48 b8 00 00 00 00 00 fc ff df 48 01 [ 662.630555][ C0] RSP: 0018:ffffc9000303f5d8 EFLAGS: 00000293 [ 662.636713][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff816c8277 [ 662.644691][ C0] RDX: ffff888028a99e00 RSI: ffffffff816c8285 RDI: 0000000000000007 [ 662.652667][ C0] RBP: 0000000000000200 R08: 0000000000000007 R09: 0000000000000000 [ 662.660652][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000002 [ 662.668642][ C0] R13: 0000000000000034 R14: ffffffff8dd3c000 R15: 0000000000000000 [ 662.676632][ C0] ? vprintk_store+0xa47/0xb70 [ 662.681418][ C0] ? vprintk_store+0xa55/0xb70 [ 662.686217][ C0] ? vprintk_store+0xa55/0xb70 [ 662.690998][ C0] ? __pfx_vprintk_store+0x10/0x10 [ 662.696122][ C0] ? find_held_lock+0x2d/0x110 [ 662.700912][ C0] ? snprintf+0xc8/0x100 [ 662.705164][ C0] ? __pfx_snprintf+0x10/0x10 [ 662.709850][ C0] ? __lock_acquire+0x1620/0x3cb0 [ 662.714913][ C0] vprintk_emit+0x1d3/0x600 [ 662.719428][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.725082][ C0] dev_printk_emit+0xfb/0x140 [ 662.729788][ C0] ? __pfx_dev_printk_emit+0x10/0x10 [ 662.735102][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.740751][ C0] ? lock_acquire+0x1b1/0x560 [ 662.745462][ C0] ? __wait_for_common+0x2cf/0x5f0 [ 662.750600][ C0] ? __pfx_lock_release+0x10/0x10 [ 662.755662][ C0] __dev_printk+0xf5/0x270 [ 662.760090][ C0] _dev_err+0xe5/0x120 [ 662.764177][ C0] ? __pfx__dev_err+0x10/0x10 [ 662.768899][ C0] ? do_init_timer+0xc9/0x110 [ 662.773609][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.779251][ C0] ? ath9k_htc_wait_for_target+0xc9/0x1c0 [ 662.784998][ C0] ath9k_htc_wait_for_target+0x185/0x1c0 [ 662.790654][ C0] ath9k_htc_probe_device+0x185/0x2660 [ 662.796143][ C0] ? ath9k_hif_usb_alloc_urbs+0xae4/0x1020 [ 662.801992][ C0] ? __pfx_ath9k_htc_probe_device+0x10/0x10 [ 662.807911][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.813561][ C0] ? usb_submit_urb+0x883/0x1730 [ 662.818523][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.824168][ C0] ? usb_free_urb.part.0+0x3e/0x100 [ 662.829376][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.835023][ C0] ? usb_free_urb+0x1f/0x30 [ 662.839539][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.845188][ C0] ? ath9k_hif_usb_alloc_urbs+0xbc5/0x1020 [ 662.851022][ C0] ath9k_htc_hw_init+0x33/0x70 [ 662.855811][ C0] ath9k_hif_usb_firmware_cb+0x272/0x620 [ 662.861485][ C0] ? __pfx_ath9k_hif_usb_firmware_cb+0x10/0x10 [ 662.867689][ C0] request_firmware_work_func+0x13d/0x250 [ 662.873430][ C0] ? __pfx_request_firmware_work_func+0x10/0x10 [ 662.879697][ C0] process_one_work+0x9c8/0x1b40 [ 662.884674][ C0] ? __pfx_kernfs_notify_workfn+0x10/0x10 [ 662.890408][ C0] ? __pfx_process_one_work+0x10/0x10 [ 662.895815][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.901476][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.907127][ C0] ? assign_work+0x1a0/0x250 [ 662.911746][ C0] worker_thread+0x6c8/0xf20 [ 662.916378][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.922025][ C0] ? __kthread_parkme+0x148/0x220 [ 662.927066][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.932717][ C0] ? __pfx_worker_thread+0x10/0x10 [ 662.937856][ C0] kthread+0x2c4/0x3a0 [ 662.941940][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 662.947156][ C0] ? __pfx_kthread+0x10/0x10 [ 662.951775][ C0] ret_from_fork+0x48/0x80 [ 662.956242][ C0] ? __pfx_kthread+0x10/0x10 [ 662.960848][ C0] ret_from_fork_asm+0x1a/0x30 [ 662.965655][ C0] [ 662.968684][ C0] Sending NMI from CPU 0 to CPUs 1: [ 662.973918][ C1] NMI backtrace for cpu 1 skipped: idling at acpi_safe_halt+0x1a/0x20 [ 662.974905][ C0] Kernel panic - not syncing: softlockup: hung tasks [ 662.989698][ C0] CPU: 0 UID: 0 PID: 5293 Comm: kworker/0:3 Tainted: G L 6.11.0-rc4-syzkaller-00002-gb0da640826ba #0 [ 663.001968][ C0] Tainted: [L]=SOFTLOCKUP [ 663.006285][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 663.016337][ C0] Workqueue: events request_firmware_work_func [ 663.022516][ C0] Call Trace: [ 663.025791][ C0] [ 663.028630][ C0] dump_stack_lvl+0x3d/0x1f0 [ 663.033236][ C0] panic+0x6dc/0x7c0 [ 663.037152][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.042802][ C0] ? __pfx_panic+0x10/0x10 [ 663.047238][ C0] ? __pfx__printk+0x10/0x10 [ 663.051856][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.057503][ C0] ? __irq_work_queue_local+0x136/0x440 [ 663.063072][ C0] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 663.069073][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.074722][ C0] ? irq_work_queue+0x2a/0x80 [ 663.079424][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.085071][ C0] ? watchdog_timer_fn+0x5f2/0x7d0 [ 663.090191][ C0] ? watchdog_timer_fn+0x5e5/0x7d0 [ 663.095318][ C0] watchdog_timer_fn+0x603/0x7d0 [ 663.100264][ C0] ? __pfx_watchdog_timer_fn+0x10/0x10 [ 663.105735][ C0] __hrtimer_run_queues+0x65a/0xcc0 [ 663.110957][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 663.116694][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.122342][ C0] ? ktime_get_update_offsets_now+0x201/0x310 [ 663.128454][ C0] hrtimer_interrupt+0x31b/0x800 [ 663.133426][ C0] __sysvec_apic_timer_interrupt+0x112/0x450 [ 663.139421][ C0] sysvec_apic_timer_interrupt+0x43/0xb0 [ 663.145075][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 663.151065][ C0] RIP: 0010:pie_calculate_probability+0x4c7/0x850 [ 663.157492][ C0] Code: 80 3c 02 00 0f 85 6a 03 00 00 4c 89 6b 08 48 83 c4 48 5b 5d 41 5c 41 5d 41 5e 41 5f e9 82 31 6b f8 e8 7d 31 6b f8 48 8d 43 08 <48> 89 c2 48 89 44 24 08 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 [ 663.177114][ C0] RSP: 0018:ffffc90000007b80 EFLAGS: 00000246 [ 663.183191][ C0] RAX: ffff888066c41ea8 RBX: ffff888066c41ea0 RCX: ffffffff89208b6d [ 663.191166][ C0] RDX: ffff888028a99e00 RSI: ffffffff89208fb3 RDI: 0000000000000001 [ 663.199141][ C0] RBP: ffff88801c695b00 R08: 0000000000000001 R09: 0000000000000000 [ 663.207116][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 663.215090][ C0] R13: 0000000000000400 R14: dffffc0000000000 R15: ffffed10038d2b5a [ 663.223076][ C0] ? pie_calculate_probability+0x7d/0x850 [ 663.228808][ C0] ? pie_calculate_probability+0x4c3/0x850 [ 663.234647][ C0] fq_pie_timer+0x215/0x5a0 [ 663.239172][ C0] call_timer_fn+0x1a3/0x610 [ 663.243787][ C0] ? __pfx_fq_pie_timer+0x10/0x10 [ 663.248825][ C0] ? __pfx_call_timer_fn+0x10/0x10 [ 663.253958][ C0] ? __pfx_lock_release+0x10/0x10 [ 663.259010][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.264660][ C0] ? mark_held_locks+0x9f/0xe0 [ 663.269447][ C0] ? __pfx_fq_pie_timer+0x10/0x10 [ 663.274490][ C0] ? __pfx_fq_pie_timer+0x10/0x10 [ 663.279532][ C0] __run_timers+0x74b/0xaf0 [ 663.284074][ C0] ? __pfx___run_timers+0x10/0x10 [ 663.289125][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 663.294174][ C0] ? run_timer_base+0x119/0x190 [ 663.299055][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.304716][ C0] run_timer_base+0x111/0x190 [ 663.309421][ C0] ? __pfx_run_timer_base+0x10/0x10 [ 663.314653][ C0] run_timer_softirq+0x1a/0x40 [ 663.319441][ C0] handle_softirqs+0x219/0x8f0 [ 663.324226][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 663.329527][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.335178][ C0] irq_exit_rcu+0xbb/0x120 [ 663.339607][ C0] sysvec_apic_timer_interrupt+0x95/0xb0 [ 663.345262][ C0] [ 663.348191][ C0] [ 663.351119][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 663.357114][ C0] RIP: 0010:vprintk_store+0x225/0xb70 [ 663.362502][ C0] Code: ed 0f 85 5f 07 00 00 e8 f9 46 1f 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 57 49 1f 00 48 85 db 0f 85 94 08 00 00 45 31 ed d6 46 1f 00 48 8b 4c 24 10 48 b8 00 00 00 00 00 fc ff df 48 01 [ 663.382122][ C0] RSP: 0018:ffffc9000303f5d8 EFLAGS: 00000293 [ 663.388198][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff816c8277 [ 663.396174][ C0] RDX: ffff888028a99e00 RSI: ffffffff816c8285 RDI: 0000000000000007 [ 663.404150][ C0] RBP: 0000000000000200 R08: 0000000000000007 R09: 0000000000000000 [ 663.412124][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000002 [ 663.420098][ C0] R13: 0000000000000034 R14: ffffffff8dd3c000 R15: 0000000000000000 [ 663.428082][ C0] ? vprintk_store+0xa47/0xb70 [ 663.432861][ C0] ? vprintk_store+0xa55/0xb70 [ 663.437641][ C0] ? vprintk_store+0xa55/0xb70 [ 663.442431][ C0] ? __pfx_vprintk_store+0x10/0x10 [ 663.447556][ C0] ? find_held_lock+0x2d/0x110 [ 663.452347][ C0] ? snprintf+0xc8/0x100 [ 663.456607][ C0] ? __pfx_snprintf+0x10/0x10 [ 663.461299][ C0] ? __lock_acquire+0x1620/0x3cb0 [ 663.466403][ C0] vprintk_emit+0x1d3/0x600 [ 663.470920][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.476574][ C0] dev_printk_emit+0xfb/0x140 [ 663.481281][ C0] ? __pfx_dev_printk_emit+0x10/0x10 [ 663.486636][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.492285][ C0] ? lock_acquire+0x1b1/0x560 [ 663.496996][ C0] ? __wait_for_common+0x2cf/0x5f0 [ 663.502129][ C0] ? __pfx_lock_release+0x10/0x10 [ 663.507188][ C0] __dev_printk+0xf5/0x270 [ 663.511622][ C0] _dev_err+0xe5/0x120 [ 663.515701][ C0] ? __pfx__dev_err+0x10/0x10 [ 663.520402][ C0] ? do_init_timer+0xc9/0x110 [ 663.525100][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.530747][ C0] ? ath9k_htc_wait_for_target+0xc9/0x1c0 [ 663.536488][ C0] ath9k_htc_wait_for_target+0x185/0x1c0 [ 663.542147][ C0] ath9k_htc_probe_device+0x185/0x2660 [ 663.547632][ C0] ? ath9k_hif_usb_alloc_urbs+0xae4/0x1020 [ 663.553550][ C0] ? __pfx_ath9k_htc_probe_device+0x10/0x10 [ 663.559474][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.565126][ C0] ? usb_submit_urb+0x883/0x1730 [ 663.570084][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.575733][ C0] ? usb_free_urb.part.0+0x3e/0x100 [ 663.580944][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.586595][ C0] ? usb_free_urb+0x1f/0x30 [ 663.591109][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.596756][ C0] ? ath9k_hif_usb_alloc_urbs+0xbc5/0x1020 [ 663.602612][ C0] ath9k_htc_hw_init+0x33/0x70 [ 663.607402][ C0] ath9k_hif_usb_firmware_cb+0x272/0x620 [ 663.613063][ C0] ? __pfx_ath9k_hif_usb_firmware_cb+0x10/0x10 [ 663.619238][ C0] request_firmware_work_func+0x13d/0x250 [ 663.624983][ C0] ? __pfx_request_firmware_work_func+0x10/0x10 [ 663.631256][ C0] process_one_work+0x9c8/0x1b40 [ 663.636257][ C0] ? __pfx_kernfs_notify_workfn+0x10/0x10 [ 663.641995][ C0] ? __pfx_process_one_work+0x10/0x10 [ 663.647402][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.653063][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.658712][ C0] ? assign_work+0x1a0/0x250 [ 663.663332][ C0] worker_thread+0x6c8/0xf20 [ 663.667967][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.673620][ C0] ? __kthread_parkme+0x148/0x220 [ 663.678661][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.684312][ C0] ? __pfx_worker_thread+0x10/0x10 [ 663.689463][ C0] kthread+0x2c4/0x3a0 [ 663.693554][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 663.698770][ C0] ? __pfx_kthread+0x10/0x10 [ 663.703388][ C0] ret_from_fork+0x48/0x80 [ 663.707830][ C0] ? __pfx_kthread+0x10/0x10 [ 663.712438][ C0] ret_from_fork_asm+0x1a/0x30 [ 663.717250][ C0] [ 663.720483][ C0] Kernel Offset: disabled [ 663.724814][ C0] Rebooting in 86400 seconds..