last executing test programs: 10.278028442s ago: executing program 2 (id=2539): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000000500), 0x0, 0x4) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2800c1e, &(0x7f0000000000)={[{@test_dummy_encryption}, {@usrjquota}]}, 0xff, 0x249, &(0x7f0000000500)="$eJzs3T9oJGUcBuB3ZneNuVvk1EYQ/4CIaCCcnWBzNgoHchwiggoRERslEWKCXWJlY6G1SiqbIHZGS0kTbBTBKmqK2AgaLAwWWqzsTiIx2aBx484l8zwwOzM7881vhpn3m2VhmACNdSnJlSStJFNJOkmKgyvcWw2X9mZXJjdmkl7vqV+KwXrVfGW/3cUky0keSbJeFnmlnSyuPbf92+YTD7y90Ln/w7VnJ8d6kHt2tree3P3g2lufXH148atvfrpW5Eq6fzuu01cM+a5dJLf9H8VuEEW77j3g37j+xsff9nN/e5L7BvnvpEx18t6Zv2m9k4feP67tuz9/fec49xU4fb1ep38PXO4BjVMm6aYop5NU02U5PV39hv+udaF8dW7+9amX5xZmX6q7pwJOSzfZevyziU8vHsr/j60q/8A5Vf0ptfX09dXv+xO7rZM2Bc6ku6pR//4/9cLSgzlh/oGzT/6hueQfmkv+obnkH5pL/qG55B+aS/6hueQfmkv+4ZybOH7RwfwDAM3Sm6j7CWSgLnX3PwAAAAAAAAAAAAAAAAAAwFErkxsz+8O4an7xXrLzWJL2sPqtwfuIk5sHnxd+Lfqr/aWomo3k+XtG3MCIPqr56etbfqi3/pd311t/aTZZfjPJ5Xb76PVX7F1//92t/7C88+KIBU7o8Lt7H31mvPUP+2O13vpXN5PP+/3P5WH9T5k7BuPh/U+3f/5GrP/a7yNuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgLH5MwAA//8lhG1E") syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./bus/file0\x00', 0x80008, 0x0, 0x0, 0x0, &(0x7f0000000000)) 10.10528305s ago: executing program 2 (id=2541): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000180)=r5, 0x4) syz_emit_ethernet(0x66, &(0x7f0000000340)=ANY=[], 0x0) 9.856493504s ago: executing program 2 (id=2544): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee6, 0x8031, 0xffffffffffffffff, 0x0) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x1, 0x0, &(0x7f0000000440)=""/53, 0x0, 0xffff1000}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x0, 0x0, &(0x7f0000000300)=""/75, 0x0, 0xeeef0000}) ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0xfffffffe) ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af04, &(0x7f0000000400)={0x3}) 7.553808165s ago: executing program 2 (id=2558): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=0x0, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r3, 0x0, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r6, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r7 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900676c0000000000000000e0000001000000000000000000000000e000000200"/56, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000400000000000000000000001000000000000000000000000000000000000000000000000000000000000df000012000000000000000000000000000000000000010000"], 0xfc}}, 0x0) 6.503110019s ago: executing program 2 (id=2562): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x24000]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000005800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r4 = socket$can_raw(0x1d, 0x3, 0x1) r5 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r5, &(0x7f0000000000), 0x10) r6 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt(r6, 0x65, 0x1, &(0x7f0000000080), 0x1d0) bind$can_raw(r6, &(0x7f00000001c0), 0x10) dup3(r4, r5, 0x0) 4.577091962s ago: executing program 0 (id=2576): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) write(r2, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) ioprio_set$pid(0x1, 0x0, 0x0) 4.350399555s ago: executing program 0 (id=2578): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x24000]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, 0x0, 0x0, 0x0) setuid(0xee01) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r3, 0x0, 0x0, 0x805, 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000005800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) 4.182255042s ago: executing program 3 (id=2581): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) socket$inet6_tcp(0xa, 0x1, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r6, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r7, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) write(r5, 0x0, 0x0) quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0) 4.178194602s ago: executing program 0 (id=2582): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x40000, 0x0) ioctl$TIOCVHANGUP(r3, 0x5437, 0x0) 4.165677723s ago: executing program 4 (id=2583): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.self_freezing\x00', 0x275a, 0x0) sync_file_range(r0, 0x6, 0x0, 0x6) 4.044543476s ago: executing program 4 (id=2584): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee6, 0x8031, 0xffffffffffffffff, 0x0) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x1, 0x0, &(0x7f0000000440)=""/53, 0x0, 0xffff1000}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x0, 0x0, &(0x7f0000000300)=""/75, 0x0, 0xeeef0000}) ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000840)) ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0xfffffffe) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f00000000c0)={0x1, 0x1, 0x0, 0x0, 0x0, 0xeeee0000}) 4.043796876s ago: executing program 0 (id=2585): munmap(&(0x7f0000001000/0x2000)=nil, 0x2000) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func_proto={0x0, 0x0, 0x0, 0xd, 0x2}]}}, 0x0, 0x26, 0x0, 0x1, 0x7ff}, 0x28) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x40001e0, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e23, 0x9, @loopback, 0xd9b}, 0x1c) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000009cc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)}}], 0x1, 0x800) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = syz_open_dev$loop(&(0x7f0000000500), 0x47ffffa, 0x60500) ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f0000001ac0)={0xffffffffffffffff, 0x2000, {0x0, 0x0, 0x0, 0x3, 0x140000, 0x0, 0x0, 0x1e, 0x1c, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200", [0x0, 0x400]}}) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r4 = syz_open_dev$video4linux(&(0x7f0000000540), 0x10000fc3, 0x0) ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r4, 0xc040564a, &(0x7f0000000040)={0x0, 0x0, 0x1012, 0x221e, 0xffffeff6, 0xc251, 0x0, 0x1}) ioctl$KVM_CAP_PMU_CAPABILITY(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000140)={0xd4, 0x0, 0x8}) 2.530470847s ago: executing program 3 (id=2589): rt_sigaction(0xd, 0x0, 0x0, 0x8, &(0x7f0000000300)) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6f, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) sendmsg$NFT_MSG_GETSET(r1, 0x0, 0x48080) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$UHID_CREATE2(r5, 0x0, 0x118) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r5, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) r8 = socket$packet(0x11, 0x2, 0x300) bind$packet(r8, &(0x7f0000000d00)={0x11, 0x1a, r7, 0x1, 0x0, 0x6, @multicast}, 0x14) setsockopt$packet_fanout(r8, 0x107, 0x12, &(0x7f0000000140)={0x2, 0x4}, 0x4) r9 = socket$netlink(0x10, 0x3, 0x0) writev(r9, &(0x7f00000003c0)=[{&(0x7f0000000380)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fdd411efc40800040000000000000000", 0x39}], 0x1) 2.440770306s ago: executing program 2 (id=2590): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r3, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r6 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r6, 0x0, 0x0, 0x805, 0x0, 0x0) syz_open_procfs(0x0, 0x0) 2.336949906s ago: executing program 3 (id=2592): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x24000]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, 0x0, 0x0, 0x0) setuid(0xee01) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r3, 0x0, 0x0, 0x805, 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000005800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) 2.216469508s ago: executing program 3 (id=2593): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) write(r3, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000640)={&(0x7f0000000700)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c0000000a000000060000000000000d"], 0x0, 0x3e}, 0x20) 2.188955631s ago: executing program 1 (id=2594): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xc}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) sendmsg$inet(r5, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600)=[{&(0x7f0000000140)}], 0x1, &(0x7f00000001c0)=ANY=[], 0x40}, 0x0) read$FUSE(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000340)={[{@noblock_validity}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x71d}}, {@abort}, {@nombcache}], [{@uid_gt}]}, 0x1, 0x61b, &(0x7f0000001080)="$eJzs3U1rXNUbAPDn3rw26f+ftAhaF7Yg0oI2adJWigg2S0FKffkCsUlLadqUJIJpC01Bl+LGheDKhfVbaMGduHDrwr0UikgXVooduZM76WRekkySyUxmfj+Y5r5M7nlumifn3HPPuRNA1zqW/ZNGHImIm0nESNm+3sh3Hlt93+O/7lzKXkkUCh/+mcSdu8lK+bGS/Otw/s3/jkTyaxpxuKeq2IHF5VvXpufmZhfyDeNL12+OLy7fOnn1+vSV2SuzNybfnDx39szZcxOndn5+Fb775mky8f3vF5I4H8/y2LLzqgpyRyVnZR+Lwqon5duzn+u5HR67Xfw9Uvo9eS6p3EDbupznbV9EvBgj0VP2vzkSn7/f0uCApiokUaqjgK6T1Mn/n6c2+ssw2LR4gL1SageUru1rXQdXS5vcKgH2wqOp1Q6p1dzvi4hS/vfmfWeDxb6BocfJun6eJCJ21jO3Kivjl58ufJa9ok4/HNAcK/dKvdyV9X9SzM3RGCyuDT1O1+f/SqGQ5i2BbPsH2yy/sn9e/sPeWbkXES/l9X9/bDn/0zx3S/n/8TbLl/8AAAAAAACwex5MRcQbtcb/pWvjf/prjP8Zjojzu1D+5vf/0of5QlLx1v5dKB662qOpiLdrjv9dG+M72pOv/a84HuB2cvnq3OypiPh/RJyIvoFsfaLiuOUjhE9+cfjreuWXj//LXln5pbGA+ZEe9lZMxJ2ZXpre6XkDEY/uRbxcHP97NN+yfvxPVv8nNer/LL9vbrGMw6/dv1hv3+b5DzRL4duI4zXr/+fN7WTj53OMF9sD46VWQbVXbn/5Q73yK/O/gdCvNPBeoIas/h/aOP8HsqW15/UsNnb87CL99HJvod7+7bb/+5OPeqKsE+DT6aWlhYmI/uS96u2TjcUMnSrPh6OR50uW/yde3bj/b639X5aHByJiZQvlDW6yX/sfWifL/5nq+v/dsvp/dH393/jC5P3RH+uVf3FL9f+ZYp1+It+i/w/KVT+PY6sJ2pJwAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCfSyPiYCTp2Npymo6NRQxHxAsxlM7NLy69fnn+kxsz2b6I0ehLS5/0O7K6npQ+/3+0bH2yYv10RByKiK96DhTXxy7Nz820+uQBAAAAAAAAAAAAAAAAAACgTQwX5/wXBirn/2f+6Gl1dEDT9eZf5Tt0n95tf2dhYFcDAfbc9vMf2Meya/4G8r+vmbEALVA//588LRTtaTjAHtL+h+61zfx3uwD2uYPqf+hiW+zTG2x2HEArqP8BAAAAAKCjHDr64LckIlbeOlB8ZfrzfTVuDLoJCB0kbXUAQMsYwwvdq3e+1REArWJCP5CsLf1Tc7J//Y6/pDkBAQAAAAAAAAAAAABVjh9paP4/0EE2nv9vbD90sg3m/9dKfo8LgA5S/6M/1P3Q6VzjA5vV9ub/AwAAAAAAAAAAAEAbGLx1bXpubnZhcXn/LbzTHmE0trAy3RZhNLBQuBux8XueNaf0voholx/CwmIWzV6VVXoERwtPucV/lwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDX/BQAA//927Rvw") r6 = creat(&(0x7f0000000040)='./bus\x00', 0x0) io_submit(0x0, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x2, 0x1, 0x0, r6, &(0x7f0000000000), 0x4000}]) keyctl$clear(0x3, 0xfffffffffffffffc) 2.018374508s ago: executing program 4 (id=2595): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800"/16], &(0x7f00000003c0)='GPL\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = io_uring_setup(0x785a, &(0x7f0000000580)={0x0, 0xddf4, 0x400, 0xfffffdfe, 0x183}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2c, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) socket$netlink(0x10, 0x3, 0x0) close_range(r1, r1, 0x0) 1.962126373s ago: executing program 3 (id=2596): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) write$P9_RMKNOD(r2, 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB=',wfdno=', @ANYRESHEX=r6, @ANYBLOB=',access=any,']) 1.519113228s ago: executing program 4 (id=2597): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x1, 0x803, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x300}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r6}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x4c}}, 0x0) r7 = socket(0x10, 0x803, 0x8) sendmsg$IPVS_CMD_SET_INFO(r7, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x40) 937.940826ms ago: executing program 1 (id=2598): pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000140)="390000001100090468fe0700000000000700ff3f0800000045000e070000001419001a00", 0x24}], 0x1) write$binfmt_misc(r1, &(0x7f00000002c0), 0x15) splice(r0, 0x0, r2, 0x0, 0x19404, 0x0) 933.640147ms ago: executing program 3 (id=2599): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee6, 0x8031, 0xffffffffffffffff, 0x0) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x1, 0x0, &(0x7f0000000440)=""/53, 0x0, 0xffff1000}) ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000840)) ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0xfffffffe) ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af04, &(0x7f0000000400)={0x3}) 878.019312ms ago: executing program 1 (id=2600): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x24000]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000005800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) r4 = socket$can_raw(0x1d, 0x3, 0x1) r5 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r5, &(0x7f0000000000), 0x10) r6 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt(r6, 0x65, 0x1, &(0x7f0000000080), 0x1d0) bind$can_raw(r6, &(0x7f00000001c0), 0x10) dup3(r4, r5, 0x0) 495.62282ms ago: executing program 4 (id=2601): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) write$P9_RMKNOD(r2, 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet(r4, &(0x7f0000000c80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x488d5) r5 = socket(0x10, 0x3, 0x0) getsockopt$sock_cred(r5, 0x1, 0x11, 0x0, &(0x7f0000cab000)) 390.264621ms ago: executing program 1 (id=2602): mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x24000]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) 358.764414ms ago: executing program 4 (id=2603): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x2642, 0x0) writev(r2, &(0x7f0000000500)=[{&(0x7f0000000040)="93d90400000304", 0x7}, {&(0x7f0000000180)="010400", 0x3}], 0x2) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000340)='kfree\x00', r3}, 0x18) socket$inet6_tcp(0xa, 0x1, 0x0) pipe2(&(0x7f0000000000)={0x0, 0x0}, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000800)={r3, 0xe0, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000280)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0xa, 0x1, &(0x7f0000000580)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000002c0)=[0x0], 0x0, 0x4a, &(0x7f0000000400)=[{}], 0x8, 0x10, &(0x7f0000000600), &(0x7f0000000680), 0x8, 0xaa, 0x8, 0x8, &(0x7f00000006c0)}}, 0x10) close_range(r4, 0xffffffffffffffff, 0x0) write$P9_ROPEN(r4, &(0x7f0000000200)={0x18, 0x71, 0x1, {{0x40, 0x2, 0x5}, 0x1}}, 0x18) r5 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000180)={'fscrypt:', @desc2}, &(0x7f0000000340)={0x0, "69dcaf20127e9a854528f45826cb35be51ca73845d177dd8dba7221daeccfda56b75cfe286fdd14cb5b11b1cab614fec2236da7d88ea0f0700", 0x3f}, 0x48, 0xfffffffffffffffe) keyctl$search(0xa, r5, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000100)={'syz', 0x0}, 0x0) fsetxattr(r1, &(0x7f0000000080)=@known='system.posix_acl_default\x00', &(0x7f00000001c0)='logon\x00', 0x6, 0x1) 261.533344ms ago: executing program 1 (id=2604): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x24000]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, 0x0, 0x0, 0x0) setuid(0xee01) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r3, 0x0, 0x0, 0x805, 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f0000005800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014) openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) 48.053075ms ago: executing program 0 (id=2605): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, 0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r1, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003780)=[{{0x0, 0x0, &(0x7f0000003200)=[{&(0x7f0000003c40)="550192235da2b4c80ffe71396e252d7703fc86b83b08a520e753fc816da1d27c1911a6ba012ecf3a29c15ee9f79c396ccfbf1553b1e7584848b630877146e819d94080cbd65a5d6b338769790a283091cc8d0bbcd29707c2e649bfa902ac7fca387f8a59120095de9e20405305f588c701dec53db7f7d75c83a84e74ce4281dd7fc09961a99b8fbc2e57a22090718c8d973755d0cd51c8cedebcd8efbe0097309f0158bb601c363a315f58f838b37a82528491dfb578d8e6c1a5e22dc3f60d375e2213c29790804256cbab6e23461f2822b00cebb8be021996dd487839d242b6d524c618d9d480f78143185c9425d0900d09414e2e18d11540f9136cfc540326559812c45e6c29a20b79602351411746b29861fcd0759082e7d7e223c7d927412158c62b1b629cdb82958c73eb1a17f540348241b4575610c68a32612b87cdc7e77fb9448609f634e65073f3e6cc299a71a1d010f6a4da54e00a8038e061cd450dc0079d5850d75e77f207f4ae0107405a826341f0ed4f9ff76c4789441ad06066c4bebf6f1e39fa2aec0a43bf0f3e7ac706ddeb2719e63b3bce6457c028dce9a752119b7fd3fc94d0003dfdcd6a6c6053e3eb4715dbec5d53e2cdf438d5471f2efb94374039e8fc91f0b1341e6a7ed9460b3211a76199c69f5bc9dea6812523616f90c69175434ed0cee2a279c2459211c47ff1069df45f44ffb6258d4e7626dd76476f9a2a977f76829563358473a8f777a928267930343298ddaa9eee88ac21a359803edc9bfe9d8190353ae93b954090508085e039041f89ab6603bc16f2428e6e1db92fee3e3c09eaa8c5e1c77a9f454542a39ebbf97e3aac1c1cf6337e9c04c52eb2ab6dea535243ee5e0ed9d042947842a5fd70beb274737495817e2151013c6470bf28786155553e267e87a01f7b1870a6c86782b15b747c8aa72918bb48d1b34685851ac3a5486f80f0baa977b30fe4328795e2dd8fa93faa4d34a4dfde3cfe47abb98a7e9436d2e9c19d48fdf3384b2e18956ba5e0647f77a048fe99e06ddbac361ec71e427c5a50320fbd5ab6405e175a43210ba8bda0a310f3e5946a80df0e3dd726be9cf7eed907d1c9ab6e55fde87310592558b0595a42bcd1cb0a3a40b9a6bc8600dd0701f1be16ab5c2e8e113e40f532dce5fac9087d9f11b907a8295506d7ba4838e6408bd44c23fb83dc9c368b442f384f75e7fcc8071d12b10aa3aecd40c772de5dfd5d333de517fd0095a4432d54c235760ac8854ffa2908bf93a541d8f3533ee75f8fad76be55d442f0bcc7d0ee0293b781c6f4456e1fd9c09e799dfc4dd325", 0x3aa}], 0x1}}], 0x1, 0x8014) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) 47.401745ms ago: executing program 1 (id=2606): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x24000]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000240)=ANY=[@ANYRES32=r1, @ANYRES8, @ANYRES8=r1, @ANYRES32=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r4 = fcntl$dupfd(r3, 0x0, r2) sendmsg$nl_generic(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x4}, 0x4040841) sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01002cbd7000fbdbdf25010000000400018010000280"], 0x28}, 0x1, 0x0, 0x0, 0x20000080}, 0x2000) 0s ago: executing program 0 (id=2607): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee6, 0x8031, 0xffffffffffffffff, 0x0) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x0, 0x0, &(0x7f0000000300)=""/75, 0x0, 0xeeef0000}) ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000840)) ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0xfffffffe) kernel console output (not intermixed with test programs): 024 [ 63.835357][ T4275] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 64.290318][ T4320] EXT4-fs (loop3): Unrecognized mount option "uid>00000000000000000000" or missing value [ 64.587804][ T4261] Bluetooth: hci1: command 0x0419 tx timeout [ 64.595481][ T4261] Bluetooth: hci3: command 0x0419 tx timeout [ 64.636056][ T4261] Bluetooth: hci0: command 0x0419 tx timeout [ 64.647041][ T4261] Bluetooth: hci2: command 0x0419 tx timeout [ 64.669273][ T4261] Bluetooth: hci4: command 0x0419 tx timeout [ 64.683041][ T4335] loop4: detected capacity change from 0 to 1024 [ 64.709157][ T4338] loop2: detected capacity change from 0 to 8 [ 64.788316][ T4335] ======================================================= [ 64.788316][ T4335] WARNING: The mand mount option has been deprecated and [ 64.788316][ T4335] and is ignored by this kernel. Remove the mand [ 64.788316][ T4335] option from the mount to silence this warning. [ 64.788316][ T4335] ======================================================= [ 65.184399][ T4335] EXT4-fs (loop4): mounted filesystem without journal. Opts: barrier,nodioread_nolock,noquota,barrier,auto_da_alloc,nodioread_nolock,,errors=continue. Quota mode: none. [ 65.204752][ T4335] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 65.226811][ T4335] EXT4-fs error (device loop4): ext4_lookup:1858: inode #15: comm syz.4.5: inode has both inline data and extents flags [ 65.413981][ T4354] loop3: detected capacity change from 0 to 4096 [ 65.532861][ T4354] ntfs: (device loop3): parse_options(): Unrecognized mount option disable_spars0F$he. [ 65.639947][ T4354] ntfs: (device loop3): parse_options(): The uid option requires an argument. [ 65.748145][ T4367] binder: Bad value for 'max' [ 66.055668][ T4378] openvswitch: netlink: Message has 16 unknown bytes. [ 66.444652][ T4382] openvswitch: netlink: Message has 16 unknown bytes. [ 66.822688][ T4386] loop0: detected capacity change from 0 to 8 [ 67.194289][ T4394] netlink: 'syz.0.36': attribute type 4 has an invalid length. [ 68.116706][ T4406] netlink: 12 bytes leftover after parsing attributes in process `syz.4.38'. [ 69.035478][ T4422] netlink: 68 bytes leftover after parsing attributes in process `syz.0.45'. [ 69.469320][ T4420] Cannot find set identified by id 0 to match [ 69.751290][ T4434] overlayfs: overlapping lowerdir path [ 70.264089][ T4451] loop3: detected capacity change from 0 to 8192 [ 70.717671][ T4455] netlink: 4 bytes leftover after parsing attributes in process `syz.2.55'. [ 70.833195][ T4451] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 70.895327][ T4451] REISERFS (device loop3): using ordered data mode [ 70.933208][ T4458] syz.4.56 uses obsolete (PF_INET,SOCK_PACKET) [ 70.958837][ T4451] reiserfs: using flush barriers [ 71.020291][ T4451] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 71.067486][ T4451] REISERFS (device loop3): checking transaction log (loop3) [ 71.110107][ T4451] REISERFS (device loop3): Using r5 hash to sort names [ 71.123689][ T4451] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 71.140684][ T1427] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.147291][ T1427] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.253057][ T4449] loop0: detected capacity change from 0 to 32768 [ 71.349096][ T4466] syz.4.60[4466] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 71.349213][ T4466] syz.4.60[4466] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 71.424226][ T4466] process 'syz.4.60' launched './file0' with NULL argv: empty string added [ 71.492651][ T4449] XFS (loop0): Mounting V5 Filesystem [ 71.717030][ T4449] XFS (loop0): Ending clean mount [ 71.766500][ T4449] XFS (loop0): Quotacheck needed: Please wait. [ 71.848168][ T4449] XFS (loop0): Quotacheck: Done. [ 71.852847][ T4487] loop1: detected capacity change from 0 to 1024 [ 71.925847][ T4183] XFS (loop0): Unmounting Filesystem [ 71.933221][ T4487] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 72.029127][ T4487] EXT4-fs (loop1): orphan cleanup on readonly fs [ 72.125452][ T4487] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.67: bg 0: block 10: padding at end of block bitmap is not set [ 72.146091][ T4492] loop3: detected capacity change from 0 to 256 [ 72.188479][ T4487] Quota error (device loop1): write_blk: dquota write failed [ 72.206411][ T4487] Quota error (device loop1): find_free_dqentry: Can't write quota data block 3 [ 72.226766][ T4487] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota [ 72.248157][ T4492] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 72.258951][ T4487] EXT4-fs error (device loop1): ext4_acquire_dquot:6209: comm syz.1.67: Failed to acquire dquot type 0 [ 72.299856][ T4487] Quota error (device loop1): write_blk: dquota write failed [ 72.446265][ T4487] Quota error (device loop1): find_free_dqentry: Can't write quota data block 3 [ 72.470663][ T4487] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota [ 72.482045][ T4487] EXT4-fs error (device loop1): ext4_acquire_dquot:6209: comm syz.1.67: Failed to acquire dquot type 0 [ 72.576905][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!! [ 72.606905][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!! [ 72.646914][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!! [ 72.656910][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!! [ 72.665791][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #182!!! [ 72.696914][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #182!!! [ 72.734574][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #182!!! [ 72.760049][ T4494] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 72.768811][ T4494] FAT-fs (loop3): Filesystem has been set read-only [ 72.780165][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #182!!! [ 72.816915][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #382!!! [ 72.836908][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #382!!! [ 73.483453][ T26] audit: type=1800 audit(1763523848.349:2): pid=4494 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.69" name="file1" dev="loop3" ino=1048590 res=0 errno=0 [ 73.533899][ T4487] EXT4-fs error (device loop1): ext4_free_blocks:6218: comm syz.1.67: Freeing blocks not in datazone - block = 0, count = 4096 [ 73.623876][ T4487] Quota error (device loop1): write_blk: dquota write failed [ 73.662563][ T4487] Quota error (device loop1): find_free_dqentry: Can't write quota data block 3 [ 73.726651][ T4487] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota [ 73.775054][ T4487] EXT4-fs error (device loop1): ext4_acquire_dquot:6209: comm syz.1.67: Failed to acquire dquot type 0 [ 73.838166][ T4487] EXT4-fs (loop1): 1 orphan inode deleted [ 73.867808][ T4487] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 73.916041][ T4504] loop0: detected capacity change from 0 to 1024 [ 73.982560][ T4487] syz.1.67 (4487) used greatest stack depth: 20304 bytes left [ 73.997112][ T4504] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 74.028356][ T4504] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a800e11d, mo2=0002] [ 74.057643][ T4504] System zones: 0-1, 4-36, 102-102 [ 74.063807][ T4504] EXT4-fs (loop0): mounted filesystem without journal. Opts: nombcache,debug,norecovery,grpid,norecovery,,errors=continue. Quota mode: writeback. [ 75.064169][ T4536] capability: warning: `syz.1.87' uses deprecated v2 capabilities in a way that may be insecure [ 75.764591][ T4545] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 75.835724][ T4547] loop2: detected capacity change from 0 to 128 [ 75.918622][ T4547] FAT-fs (loop2): Unrecognized mount option "zG*vb7cQCE.PTMjlUvC:"Ye $ vQ;а:"_d5-M iʷAjK/zrkBÏ ß4զm8[$0sy|wݾFMEȨpU0sj礩Գ X`ތTizcd{18446744073709551615184467440737" or missing value [ 76.311797][ T4567] netlink: 'syz.1.99': attribute type 1 has an invalid length. [ 76.382349][ T21] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 76.614947][ T4576] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 76.627552][ T21] usb 4-1: Using ep0 maxpacket: 32 [ 77.544703][ T4582] loop4: detected capacity change from 0 to 131072 [ 77.591697][ T21] usb 4-1: unable to get BOS descriptor or descriptor too short [ 77.599677][ T4582] F2FS-fs (loop4): Wrong CP boundary, start(512) end(1536) blocks(0) [ 77.608026][ T4582] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 77.621751][ T4582] F2FS-fs (loop4): invalid crc value [ 77.697488][ T21] usb 4-1: config 128 has an invalid interface number: 127 but max is 3 [ 77.709873][ T4582] F2FS-fs (loop4): Found nat_bits in checkpoint [ 77.742862][ T21] usb 4-1: config 128 has an invalid descriptor of length 0, skipping remainder of the config [ 77.758045][ T21] usb 4-1: config 128 has 1 interface, different from the descriptor's value: 4 [ 77.771124][ T21] usb 4-1: config 128 has no interface number 0 [ 77.778705][ T21] usb 4-1: config 128 interface 127 altsetting 14 endpoint 0x5 has an invalid bInterval 0, changing to 7 [ 77.790172][ T21] usb 4-1: config 128 interface 127 altsetting 14 endpoint 0x5 has invalid wMaxPacketSize 0 [ 77.807968][ T21] usb 4-1: config 128 interface 127 has no altsetting 0 [ 77.823278][ T4582] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 77.830538][ T4582] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 77.910398][ T4600] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.014006][ T21] usb 4-1: New USB device found, idVendor=0582, idProduct=295c, bcdDevice=d4.55 [ 78.037558][ T21] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 78.052376][ T21] usb 4-1: Product: syz [ 78.057108][ T21] usb 4-1: Manufacturer: syz [ 78.061803][ T21] usb 4-1: SerialNumber: syz [ 78.339529][ T4614] loop1: detected capacity change from 0 to 1024 [ 78.398019][ T4614] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 78.407173][ T4304] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 78.428913][ T4614] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a800e11d, mo2=0002] [ 78.447176][ T4614] System zones: 0-1, 4-36, 102-102 [ 78.453668][ T4614] EXT4-fs (loop1): mounted filesystem without journal. Opts: nombcache,debug,norecovery,grpid,norecovery,,errors=continue. Quota mode: writeback. [ 78.572185][ T21] usb 4-1: USB disconnect, device number 2 [ 78.583976][ T4185] udevd[4185]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:128.127/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 78.647378][ T4304] usb 1-1: Using ep0 maxpacket: 32 [ 78.767343][ T4304] usb 1-1: config 0 has an invalid interface number: 12 but max is 0 [ 78.810812][ T4304] usb 1-1: config 0 has no interface number 0 [ 78.819158][ T4304] usb 1-1: config 0 interface 12 has no altsetting 0 [ 78.977144][ T4304] usb 1-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 79.000854][ T4304] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 79.042987][ T4304] usb 1-1: Product: syz [ 79.051290][ T4304] usb 1-1: Manufacturer: syz [ 79.056283][ T4304] usb 1-1: SerialNumber: syz [ 79.074620][ T4304] usb 1-1: config 0 descriptor?? [ 79.438034][ T4663] openvswitch: netlink: Message has 16 unknown bytes. [ 79.447060][ T23] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 79.697535][ T23] usb 2-1: Using ep0 maxpacket: 16 [ 79.827209][ T23] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 79.844782][ T23] usb 2-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 79.890768][ T23] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 79.919853][ T23] usb 2-1: config 0 descriptor?? [ 79.945643][ T4671] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.407613][ T23] mcp2221 0003:04D8:00DD.0001: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0 [ 80.632591][ T23] usb 2-1: USB disconnect, device number 2 [ 80.657078][ T4304] f81534 1-1:0.12: f81534_set_register: reg: 1003 data: b8 failed: -71 [ 80.671492][ T4304] f81534 1-1:0.12: f81534_find_config_idx: read failed: -71 [ 80.706930][ T4304] f81534 1-1:0.12: f81534_calc_num_ports: find idx failed: -71 [ 80.714568][ T4304] f81534: probe of 1-1:0.12 failed with error -71 [ 80.745524][ T4304] usb 1-1: USB disconnect, device number 2 [ 80.895490][ T4705] loop4: detected capacity change from 0 to 32768 [ 80.922766][ T4705] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.157 (4705) [ 81.007758][ T4705] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 81.037006][ T4705] BTRFS info (device loop4): using free space tree [ 81.051694][ T4705] BTRFS info (device loop4): has skinny extents [ 81.378629][ T1108] cfg80211: failed to load regulatory.db [ 81.433931][ T4705] BTRFS info (device loop4): enabling ssd optimizations [ 81.544255][ T4750] binder: Bad value for 'max' [ 81.618416][ T1108] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 81.631512][ T1108] Bluetooth: hci1: Injecting HCI hardware error event [ 81.802157][ T4197] Bluetooth: hci1: hardware error 0x00 [ 82.618325][ T4776] openvswitch: netlink: Message has 16 unknown bytes. [ 82.746973][ T7] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 82.934068][ T4787] loop0: detected capacity change from 0 to 128 [ 83.008364][ T4787] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 83.020370][ T7] usb 2-1: Using ep0 maxpacket: 32 [ 83.069858][ T4787] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 83.137255][ T7] usb 2-1: config index 0 descriptor too short (expected 29220, got 36) [ 83.156971][ T7] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 83.179384][ T7] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 83.197185][ T7] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 83.221988][ T7] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 83.252605][ T7] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 14385, setting to 1024 [ 83.279265][ T7] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024 [ 83.314310][ T7] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 83.347219][ T7] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 83.367018][ T7] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 83.389378][ T7] usb 2-1: config 0 descriptor?? [ 83.417421][ T4765] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 83.617001][ T4304] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 83.655510][ T7] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 3 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 83.784503][ T4803] overlayfs: failed to clone lowerpath [ 83.868284][ T4304] usb 4-1: Using ep0 maxpacket: 16 [ 83.927021][ C1] usblp0: nonzero read bulk status received: -71 [ 83.984200][ T1108] usb 2-1: USB disconnect, device number 3 [ 84.017151][ T1108] usblp0: removed [ 84.047794][ T4304] usb 4-1: unable to get BOS descriptor or descriptor too short [ 84.157255][ T4304] usb 4-1: config 16 has an invalid interface number: 157 but max is 0 [ 84.179357][ T4304] usb 4-1: config 16 has no interface number 0 [ 84.206545][ T4304] usb 4-1: config 16 interface 157 has no altsetting 0 [ 84.397671][ T4304] usb 4-1: New USB device found, idVendor=15c2, idProduct=0043, bcdDevice= d.ae [ 84.416439][ T4304] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 84.446667][ T4304] usb 4-1: Product: syz [ 84.461671][ T4304] usb 4-1: Manufacturer: syz [ 84.473927][ T4304] usb 4-1: SerialNumber: syz [ 84.858539][ T4304] imon 4-1:16.157: unable to register, err -19 [ 84.885769][ T4304] usb 4-1: USB disconnect, device number 3 [ 84.905401][ T4817] openvswitch: netlink: Message has 16 unknown bytes. [ 85.161626][ T4818] loop1: detected capacity change from 0 to 4096 [ 85.234416][ T4818] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 86.502039][ T4852] netlink: 68 bytes leftover after parsing attributes in process `syz.1.208'. [ 87.027394][ T4859] openvswitch: netlink: Message has 16 unknown bytes. [ 87.466079][ T4860] loop0: detected capacity change from 0 to 4096 [ 87.583929][ T4860] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 87.810870][ T4865] loop1: detected capacity change from 0 to 128 [ 87.870336][ T4865] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 87.911922][ T4865] ext4 filesystem being mounted at /45/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 89.277020][ T4900] netlink: 68 bytes leftover after parsing attributes in process `syz.4.231'. [ 91.235751][ T4949] binder: Bad value for 'max' [ 91.582033][ T4936] loop4: detected capacity change from 0 to 32768 [ 92.511544][ T4936] XFS (loop4): Mounting V5 Filesystem [ 92.684122][ T4936] XFS (loop4): Ending clean mount [ 92.831112][ T4184] XFS (loop4): Unmounting Filesystem [ 92.879583][ T4963] loop1: detected capacity change from 0 to 32768 [ 92.927194][ T4963] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.255 (4963) [ 93.028685][ T4963] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 93.077234][ T4963] BTRFS info (device loop1): enabling auto defrag [ 93.915421][ T4963] BTRFS info (device loop1): turning on sync discard [ 94.097164][ T4963] BTRFS info (device loop1): force clearing of disk cache [ 94.113239][ T4963] BTRFS warning (device loop1): excessive commit interval 4194304 [ 94.157014][ T4963] BTRFS info (device loop1): max_inline at 2 [ 94.387099][ T4963] BTRFS info (device loop1): disabling free space tree [ 94.403517][ T4963] BTRFS info (device loop1): has skinny extents [ 94.644773][ T4963] BTRFS error (device loop1): open_ctree failed: -12 [ 94.903245][ T5025] loop0: detected capacity change from 0 to 4096 [ 94.996518][ T5025] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 95.486759][ T5046] netlink: 12 bytes leftover after parsing attributes in process `syz.1.274'. [ 95.509222][ T5048] loop4: detected capacity change from 0 to 128 [ 95.538082][ T5048] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 95.590679][ T5048] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 97.232557][ T5079] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 97.416569][ T5090] binder: Bad value for 'max' [ 98.534694][ T5119] binder: Bad value for 'max' [ 98.797245][ T5126] netlink: 68 bytes leftover after parsing attributes in process `syz.0.308'. [ 99.019316][ T5134] openvswitch: netlink: Message has 16 unknown bytes. [ 99.417674][ T5140] loop3: detected capacity change from 0 to 128 [ 99.519366][ T5140] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 99.647630][ T5140] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 103.308258][ T5212] netlink: 68 bytes leftover after parsing attributes in process `syz.1.344'. [ 104.080785][ T5227] loop1: detected capacity change from 0 to 1024 [ 104.716482][ T5227] EXT4-fs (loop1): Unrecognized mount option "uid>00000000000000000000" or missing value [ 105.310010][ T5241] netlink: 68 bytes leftover after parsing attributes in process `syz.1.356'. [ 105.387740][ T5243] blktrace: Concurrent blktraces are not allowed on loop3 [ 105.562445][ T5247] binder: Bad value for 'max' [ 105.719458][ T5249] loop0: detected capacity change from 0 to 512 [ 105.883647][ T5249] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 105.897059][ T5249] ext4 filesystem being mounted at /76/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 106.219519][ T5254] loop0: detected capacity change from 0 to 8 [ 108.448473][ T5277] bridge0: port 2(bridge_slave_1) entered disabled state [ 109.358766][ T5296] netlink: 68 bytes leftover after parsing attributes in process `syz.1.368'. [ 109.473276][ T5299] netlink: 'syz.1.379': attribute type 1 has an invalid length. [ 109.555243][ T5299] 8021q: adding VLAN 0 to HW filter on device bond1 [ 109.598407][ T5301] bond1: (slave gretap1): making interface the new active one [ 109.656019][ T5301] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 109.693613][ T5292] loop0: detected capacity change from 0 to 40427 [ 109.701001][ T4542] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready [ 109.740261][ T5301] syz.1.379 (5301) used greatest stack depth: 20160 bytes left [ 109.812849][ T5292] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 109.844167][ T5292] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 109.882065][ T5292] F2FS-fs (loop0): invalid crc value [ 109.943517][ T5292] F2FS-fs (loop0): Found nat_bits in checkpoint [ 110.152880][ T5292] F2FS-fs (loop0): sanity_check_inode: inode (ino=3, mode=16877) should not have inline_data, run fsck to fix [ 110.271268][ T5292] F2FS-fs (loop0): Failed to read root inode [ 112.819875][ T5343] blktrace: Concurrent blktraces are not allowed on loop3 [ 112.986958][ T5019] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 113.388544][ T5019] usb 4-1: Using ep0 maxpacket: 32 [ 113.507725][ T5019] usb 4-1: config 0 has an invalid interface number: 209 but max is 0 [ 113.536974][ T5019] usb 4-1: config 0 has no interface number 0 [ 113.543119][ T5019] usb 4-1: config 0 interface 209 has no altsetting 0 [ 113.737177][ T5019] usb 4-1: New USB device found, idVendor=1f71, idProduct=3306, bcdDevice=1b.23 [ 113.746346][ T5019] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 113.776974][ T5019] usb 4-1: Product: syz [ 113.781279][ T5019] usb 4-1: Manufacturer: syz [ 113.785891][ T5019] usb 4-1: SerialNumber: syz [ 113.818936][ T5019] usb 4-1: config 0 descriptor?? [ 114.115220][ T5371] loop0: detected capacity change from 0 to 4096 [ 114.160522][ T5019] usb 4-1: USB disconnect, device number 4 [ 114.195833][ T5371] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 115.515923][ T5389] openvswitch: netlink: Message has 16 unknown bytes. [ 115.967418][ T5404] bridge0: port 2(bridge_slave_1) entered disabled state [ 116.112074][ T5405] loop0: detected capacity change from 0 to 1024 [ 116.643921][ T5405] EXT4-fs (loop0): Unrecognized mount option "uid>00000000000000000000" or missing value [ 117.974009][ T5432] netlink: 'syz.2.431': attribute type 1 has an invalid length. [ 118.074668][ T5432] 8021q: adding VLAN 0 to HW filter on device bond1 [ 118.094039][ T5430] loop0: detected capacity change from 0 to 40427 [ 118.124092][ T5434] bond1: (slave gretap1): making interface the new active one [ 118.150191][ T5430] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 118.158012][ T5430] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 118.173446][ T5434] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 118.184540][ T5430] F2FS-fs (loop0): invalid crc value [ 118.196152][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready [ 118.218743][ T5430] F2FS-fs (loop0): Found nat_bits in checkpoint [ 118.254139][ T5430] F2FS-fs (loop0): sanity_check_inode: inode (ino=3, mode=16877) should not have inline_data, run fsck to fix [ 118.266010][ T5430] F2FS-fs (loop0): Failed to read root inode [ 118.272269][ T23] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 118.499950][ T5440] openvswitch: netlink: Message has 16 unknown bytes. [ 118.537138][ T23] usb 4-1: Using ep0 maxpacket: 16 [ 118.657873][ T23] usb 4-1: config 0 has an invalid interface number: 41 but max is 0 [ 118.746613][ T23] usb 4-1: config 0 has no interface number 0 [ 118.845627][ T23] usb 4-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 118.895224][ T23] usb 4-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 118.946367][ T23] usb 4-1: config 0 interface 41 has no altsetting 0 [ 119.217298][ T23] usb 4-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 119.226372][ T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 119.313709][ T23] usb 4-1: Product: syz [ 119.343319][ T23] usb 4-1: Manufacturer: syz [ 119.481388][ T23] usb 4-1: SerialNumber: syz [ 119.519512][ T23] usb 4-1: config 0 descriptor?? [ 119.567252][ T5428] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 119.583950][ T5428] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 119.988614][ T23] CoreChips: probe of 4-1:0.41 failed with error -71 [ 120.029084][ T23] usb 4-1: USB disconnect, device number 5 [ 121.199765][ T5479] loop0: detected capacity change from 0 to 40427 [ 121.288358][ T5479] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 121.296126][ T5479] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 121.310437][ T5479] F2FS-fs (loop0): invalid crc value [ 121.343007][ T5479] F2FS-fs (loop0): Found nat_bits in checkpoint [ 121.379960][ T5479] F2FS-fs (loop0): sanity_check_inode: inode (ino=3, mode=16877) should not have inline_data, run fsck to fix [ 121.391896][ T5479] F2FS-fs (loop0): Failed to read root inode [ 122.298332][ T5500] netlink: 68 bytes leftover after parsing attributes in process `syz.1.448'. [ 127.068831][ T5563] netlink: 68 bytes leftover after parsing attributes in process `syz.2.482'. [ 127.668423][ T5580] openvswitch: netlink: Message has 16 unknown bytes. [ 127.919927][ T5020] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 128.176940][ T5020] usb 4-1: Using ep0 maxpacket: 16 [ 128.244899][ T5586] loop4: detected capacity change from 0 to 256 [ 128.307118][ T5020] usb 4-1: config 0 has an invalid interface number: 41 but max is 0 [ 128.318923][ T5020] usb 4-1: config 0 has no interface number 0 [ 128.325037][ T5020] usb 4-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 128.377842][ T5020] usb 4-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 128.378128][ T5586] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 128.407226][ T5020] usb 4-1: config 0 interface 41 has no altsetting 0 [ 128.617307][ T5020] usb 4-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 128.626381][ T5020] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 128.666905][ T5020] usb 4-1: Product: syz [ 128.677215][ T5020] usb 4-1: Manufacturer: syz [ 128.681840][ T5020] usb 4-1: SerialNumber: syz [ 128.725001][ T5020] usb 4-1: config 0 descriptor?? [ 128.747384][ T5577] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 128.754867][ T5577] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 129.013028][ T5594] loop4: detected capacity change from 0 to 128 [ 129.032053][ T5020] CoreChips: probe of 4-1:0.41 failed with error -71 [ 129.054113][ T5020] usb 4-1: USB disconnect, device number 6 [ 129.168119][ T5594] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 129.266770][ T5594] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 129.527293][ T5611] netlink: 68 bytes leftover after parsing attributes in process `syz.4.501'. [ 132.100178][ T5644] loop0: detected capacity change from 0 to 40427 [ 132.166144][ T5644] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 132.174086][ T5644] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 132.184211][ T5644] F2FS-fs (loop0): invalid crc value [ 132.228601][ T5644] F2FS-fs (loop0): Found nat_bits in checkpoint [ 132.266680][ T5644] F2FS-fs (loop0): sanity_check_inode: inode (ino=3, mode=16877) should not have inline_data, run fsck to fix [ 132.278646][ T5644] F2FS-fs (loop0): Failed to read root inode [ 132.580005][ T1427] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.586434][ T1427] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.728979][ T5655] netlink: 12 bytes leftover after parsing attributes in process `syz.2.517'. [ 135.031975][ T4249] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 135.292005][ T4249] usb 5-1: Using ep0 maxpacket: 16 [ 135.417091][ T4249] usb 5-1: config 0 has an invalid interface number: 41 but max is 0 [ 135.445724][ T4249] usb 5-1: config 0 has no interface number 0 [ 135.466021][ T4249] usb 5-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 135.506733][ T4249] usb 5-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 135.551922][ T4249] usb 5-1: config 0 interface 41 has no altsetting 0 [ 135.664291][ T5690] netlink: 40 bytes leftover after parsing attributes in process `syz.3.531'. [ 135.729996][ T4249] usb 5-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 135.750557][ T4249] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 135.787143][ T4249] usb 5-1: Product: syz [ 135.791349][ T4249] usb 5-1: Manufacturer: syz [ 135.806562][ T4249] usb 5-1: SerialNumber: syz [ 135.834252][ T4249] usb 5-1: config 0 descriptor?? [ 135.836113][ T5692] loop1: detected capacity change from 0 to 1024 [ 135.857616][ T5676] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 135.864679][ T5676] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 135.936169][ T5692] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 135.966807][ T5692] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a800e11d, mo2=0002] [ 135.982446][ T5692] System zones: 0-1, 4-36, 102-102 [ 135.989036][ T5692] EXT4-fs (loop1): mounted filesystem without journal. Opts: nombcache,debug,norecovery,grpid,norecovery,,errors=continue. Quota mode: writeback. [ 136.137175][ T4249] CoreChips: probe of 5-1:0.41 failed with error -71 [ 136.168069][ T4249] usb 5-1: USB disconnect, device number 2 [ 139.150590][ T5759] loop4: detected capacity change from 0 to 128 [ 139.195779][ T5759] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 139.261122][ T5759] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 139.875072][ T5767] binder: Bad value for 'max' [ 140.504150][ T5765] loop4: detected capacity change from 0 to 40427 [ 140.564813][ T5765] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 140.579836][ T5765] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 140.596320][ T5765] F2FS-fs (loop4): invalid crc value [ 140.650421][ T5765] F2FS-fs (loop4): Found nat_bits in checkpoint [ 140.734561][ T5765] F2FS-fs (loop4): sanity_check_inode: inode (ino=3, mode=16877) should not have inline_data, run fsck to fix [ 140.754433][ T5765] F2FS-fs (loop4): Failed to read root inode [ 140.798172][ T5019] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 140.833648][ T5794] binder: Bad value for 'max' [ 141.233040][ T5019] usb 2-1: Using ep0 maxpacket: 16 [ 141.387104][ T5019] usb 2-1: config 0 has an invalid interface number: 41 but max is 0 [ 141.395389][ T5019] usb 2-1: config 0 has no interface number 0 [ 141.411879][ T5019] usb 2-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 141.439166][ T5019] usb 2-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 141.476139][ T5019] usb 2-1: config 0 interface 41 has no altsetting 0 [ 141.667337][ T5019] usb 2-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 141.684035][ T5019] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 141.707650][ T5019] usb 2-1: Product: syz [ 141.711850][ T5019] usb 2-1: Manufacturer: syz [ 141.716727][ T5019] usb 2-1: SerialNumber: syz [ 141.770874][ T5019] usb 2-1: config 0 descriptor?? [ 141.787306][ T5783] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 141.794417][ T5783] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 142.047095][ T5019] CoreChips: probe of 2-1:0.41 failed with error -71 [ 142.075536][ T5019] usb 2-1: USB disconnect, device number 4 [ 145.243809][ T5868] loop1: detected capacity change from 0 to 1024 [ 145.747060][ T5019] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 146.136952][ T5019] usb 2-1: Using ep0 maxpacket: 16 [ 146.327059][ T5019] usb 2-1: unable to get BOS descriptor or descriptor too short [ 146.427050][ T5019] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 146.436207][ T5019] usb 2-1: config 1 has no interface number 1 [ 146.442742][ T5019] usb 2-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x43, skipping [ 146.454197][ T5019] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 146.647778][ T5019] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0121, bcdDevice= 0.40 [ 146.670455][ T5019] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 146.697880][ T5019] usb 2-1: Product: syz [ 146.711767][ T5019] usb 2-1: Manufacturer: syz [ 146.727101][ T5019] usb 2-1: SerialNumber: syz [ 146.771824][ T5868] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 147.007032][ T5877] loop3: detected capacity change from 0 to 16 [ 147.109378][ T5877] erofs: (device loop3): mounted with root inode @ nid 36. [ 147.902355][ T5019] usb 2-1: 2:1: invalid format type 0x1001 is detected, processed as PCM [ 147.911592][ T5019] usb 2-1: 2:1 : sample bitwidth 146 in over sample bytes 2 [ 147.919261][ T5019] usb 2-1: 2:1 : invalid UAC_FORMAT_TYPE desc [ 147.980762][ T5019] usb 2-1: USB disconnect, device number 5 [ 148.917994][ T5900] loop3: detected capacity change from 0 to 512 [ 149.009019][ T4185] udevd[4185]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 149.030893][ T26] audit: type=1800 audit(1763523924.659:3): pid=5900 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.615" name="file2" dev="loop3" ino=1048612 res=0 errno=0 [ 149.564616][ T5914] loop3: detected capacity change from 0 to 1024 [ 149.614750][ T5914] EXT4-fs (loop3): Unrecognized mount option "uid>00000000000000000000" or missing value [ 150.283748][ T5933] openvswitch: netlink: Message has 16 unknown bytes. [ 151.323437][ T5952] netlink: 68 bytes leftover after parsing attributes in process `syz.0.634'. [ 151.479466][ T5957] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 151.817342][ T5963] openvswitch: netlink: Message has 16 unknown bytes. [ 152.078923][ T5968] loop3: detected capacity change from 0 to 512 [ 152.125442][ T5972] loop0: detected capacity change from 0 to 64 [ 152.131357][ T5968] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 152.165370][ T5968] EXT4-fs (loop3): inline encryption not supported [ 152.174145][ T5968] EXT4-fs (loop3): Test dummy encryption mode enabled [ 152.198162][ T5968] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 152.205299][ T5968] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 152.269777][ T5968] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 152.323299][ T5974] loop1: detected capacity change from 0 to 1024 [ 152.467498][ T5968] EXT4-fs (loop3): 1 truncate cleaned up [ 152.473178][ T5968] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,mblk_io_submit,inlinecrypt,test_dummy_encryption=v1,barrier,mblk_io_submit,nogrpid,. Quota mode: none. [ 152.492251][ T5974] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 152.877314][ T5974] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a800e11d, mo2=0002] [ 152.980548][ T5974] System zones: 0-1, 4-36, 102-102 [ 153.045629][ T5974] EXT4-fs (loop1): mounted filesystem without journal. Opts: nombcache,debug,norecovery,grpid,norecovery,,errors=continue. Quota mode: writeback. [ 153.250188][ T5983] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 153.393445][ T5989] binder: Bad value for 'max' [ 153.413964][ T5990] netlink: 68 bytes leftover after parsing attributes in process `syz.3.648'. [ 153.564530][ T5995] netlink: 8 bytes leftover after parsing attributes in process `syz.3.651'. [ 153.775110][ T6008] loop1: detected capacity change from 0 to 1024 [ 153.870208][ T6008] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 153.926289][ T6008] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a800e11d, mo2=0002] [ 153.930554][ T6018] binder: Bad value for 'max' [ 154.156225][ T6008] System zones: 0-1, 4-36, 102-102 [ 154.367787][ T6008] EXT4-fs (loop1): mounted filesystem without journal. Opts: nombcache,debug,norecovery,grpid,norecovery,,errors=continue. Quota mode: writeback. [ 154.974956][ T6049] loop1: detected capacity change from 0 to 8 [ 155.335514][ T6029] loop0: detected capacity change from 0 to 40427 [ 155.345653][ T6056] loop1: detected capacity change from 0 to 256 [ 155.388751][ T6029] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 155.426004][ T6029] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 155.455417][ T6056] FAT-fs (loop1): Directory bread(block 64) failed [ 155.471246][ T6029] F2FS-fs (loop0): invalid crc value [ 155.494601][ T6056] FAT-fs (loop1): Directory bread(block 65) failed [ 155.521887][ T6056] FAT-fs (loop1): Directory bread(block 66) failed [ 155.534457][ T6029] F2FS-fs (loop0): Found nat_bits in checkpoint [ 155.551344][ T6056] FAT-fs (loop1): Directory bread(block 67) failed [ 155.571404][ T6056] FAT-fs (loop1): Directory bread(block 68) failed [ 155.585870][ T6056] FAT-fs (loop1): Directory bread(block 69) failed [ 155.610888][ T6056] FAT-fs (loop1): Directory bread(block 70) failed [ 155.642530][ T6029] F2FS-fs (loop0): sanity_check_inode: inode (ino=3, mode=16877) should not have inline_data, run fsck to fix [ 155.652510][ T6056] FAT-fs (loop1): Directory bread(block 71) failed [ 155.687067][ T6056] FAT-fs (loop1): Directory bread(block 72) failed [ 155.706379][ T6029] F2FS-fs (loop0): Failed to read root inode [ 155.710259][ T6056] FAT-fs (loop1): Directory bread(block 73) failed [ 155.751518][ T6061] loop3: detected capacity change from 0 to 1024 [ 155.824743][ T6061] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 155.896629][ T6063] overlayfs: failed to clone lowerpath [ 155.904280][ T6061] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a800e11d, mo2=0002] [ 155.937419][ T6061] System zones: 0-1, 4-36, 102-102 [ 155.943505][ T6061] EXT4-fs (loop3): mounted filesystem without journal. Opts: nombcache,debug,norecovery,grpid,norecovery,,errors=continue. Quota mode: writeback. [ 157.443403][ T6103] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 158.682695][ T6129] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 160.029274][ T6141] netlink: 68 bytes leftover after parsing attributes in process `syz.4.708'. [ 160.077575][ T6122] loop0: detected capacity change from 0 to 40427 [ 160.115030][ T6122] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 160.136441][ T6122] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 160.222083][ T6122] F2FS-fs (loop0): invalid crc value [ 160.264796][ T6122] F2FS-fs (loop0): Found nat_bits in checkpoint [ 160.346890][ T6122] F2FS-fs (loop0): sanity_check_inode: inode (ino=3, mode=16877) should not have inline_data, run fsck to fix [ 160.374832][ T6122] F2FS-fs (loop0): Failed to read root inode [ 161.127115][ T6150] binder: Bad value for 'max' [ 163.387871][ T6199] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 163.545539][ T6203] loop1: detected capacity change from 0 to 1024 [ 163.643681][ T6207] sp0: Synchronizing with TNC [ 163.654042][ T6203] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 163.743470][ T6203] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a800e11d, mo2=0002] [ 163.782612][ T6203] System zones: 0-1, 4-36, 102-102 [ 163.799868][ T6203] EXT4-fs (loop1): mounted filesystem without journal. Opts: nombcache,debug,norecovery,grpid,norecovery,,errors=continue. Quota mode: writeback. [ 166.024197][ T6248] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 166.189440][ T6256] overlayfs: failed to clone lowerpath [ 167.136555][ T6271] binder: Bad value for 'max' [ 168.092225][ T6297] loop0: detected capacity change from 0 to 1024 [ 168.197485][ T6297] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 168.218646][ T6297] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a800e11d, mo2=0002] [ 168.230650][ T6297] System zones: 0-1, 4-36, 102-102 [ 168.242797][ T6297] EXT4-fs (loop0): mounted filesystem without journal. Opts: nombcache,debug,norecovery,grpid,norecovery,,errors=continue. Quota mode: writeback. [ 170.615467][ T6330] Zero length message leads to an empty skb [ 170.999971][ T6335] loop4: detected capacity change from 0 to 1024 [ 171.184040][ T6335] EXT4-fs (loop4): Unrecognized mount option "uid>00000000000000000000" or missing value [ 173.720750][ T6381] loop0: detected capacity change from 0 to 128 [ 173.908801][ T6385] loop1: detected capacity change from 0 to 8 [ 173.973333][ T6381] EXT4-fs (loop0): Test dummy encryption mode enabled [ 174.003975][ T6381] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption,usrjquota=,,errors=continue. Quota mode: none. [ 174.034105][ T6381] ext4 filesystem being mounted at /171/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 174.147747][ T6391] device syzkaller1 entered promiscuous mode [ 174.828445][ T6413] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 176.092951][ T6435] bridge0: port 2(bridge_slave_1) entered disabled state [ 176.351577][ T6444] loop3: detected capacity change from 0 to 1024 [ 176.410295][ T6444] EXT4-fs (loop3): Unrecognized mount option "uid>00000000000000000000" or missing value [ 176.588532][ T6448] loop1: detected capacity change from 0 to 1024 [ 176.664974][ T6448] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 176.688621][ T6448] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a800e11d, mo2=0002] [ 176.707311][ T6448] System zones: 0-1, 4-36, 102-102 [ 176.724198][ T6448] EXT4-fs (loop1): mounted filesystem without journal. Opts: nombcache,debug,norecovery,grpid,norecovery,,errors=continue. Quota mode: writeback. [ 177.974750][ T6491] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 178.292696][ T6495] openvswitch: netlink: Message has 16 unknown bytes. [ 179.938274][ T23] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 180.527072][ T23] usb 1-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73 [ 180.546589][ T23] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 180.556712][ T23] usb 1-1: Product: syz [ 180.567194][ T23] usb 1-1: Manufacturer: syz [ 180.571811][ T23] usb 1-1: SerialNumber: syz [ 180.616908][ T23] usb 1-1: config 0 descriptor?? [ 180.737064][ T4256] Bluetooth: hci2: command 0x0406 tx timeout [ 180.743564][ T4256] Bluetooth: hci3: command 0x0406 tx timeout [ 180.763881][ T4256] Bluetooth: hci0: command 0x0406 tx timeout [ 180.770573][ T4256] Bluetooth: hci4: command 0x0406 tx timeout [ 181.417236][ T6547] loop1: detected capacity change from 0 to 128 [ 181.439023][ T6547] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 181.469433][ T6547] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 181.765186][ T23] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 181.776030][ T23] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0080: ffffffb9 [ 181.795689][ T23] asix: probe of 1-1:0.0 failed with error -71 [ 181.828837][ T23] usb 1-1: USB disconnect, device number 3 [ 182.683792][ T6560] loop4: detected capacity change from 0 to 1024 [ 182.717978][ T6562] loop1: detected capacity change from 0 to 8 [ 182.788182][ T6560] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 182.875003][ T6560] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a800e11d, mo2=0002] [ 182.892495][ T6560] System zones: 0-1, 4-36, 102-102 [ 182.978048][ T6560] EXT4-fs (loop4): mounted filesystem without journal. Opts: nombcache,debug,norecovery,grpid,norecovery,,errors=continue. Quota mode: writeback. [ 184.415108][ T6595] netlink: 188 bytes leftover after parsing attributes in process `syz.0.887'. [ 186.287089][ T6624] openvswitch: netlink: Message has 16 unknown bytes. [ 187.037012][ T6632] netlink: 188 bytes leftover after parsing attributes in process `syz.3.900'. [ 188.310611][ T6655] netlink: 68 bytes leftover after parsing attributes in process `syz.2.911'. [ 189.359694][ T6665] loop1: detected capacity change from 0 to 1024 [ 189.479966][ T6665] EXT4-fs (loop1): Unrecognized mount option "uid>00000000000000000000" or missing value [ 189.807754][ T6669] netlink: 188 bytes leftover after parsing attributes in process `syz.4.915'. [ 191.420081][ T6696] loop0: detected capacity change from 0 to 8 [ 192.218240][ T6724] loop1: detected capacity change from 0 to 8 [ 192.552550][ T6735] netlink: 20 bytes leftover after parsing attributes in process `syz.0.944'. [ 193.610456][ T6754] loop1: detected capacity change from 0 to 64 [ 194.039320][ T1427] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.039410][ T1427] ieee802154 phy1 wpan1: encryption failed: -22 [ 196.576489][ T6791] netlink: 20 bytes leftover after parsing attributes in process `syz.4.957'. [ 196.695668][ T6782] loop1: detected capacity change from 0 to 40427 [ 196.807381][ T6782] F2FS-fs (loop1): invalid crc value [ 196.830123][ T6782] F2FS-fs (loop1): Found nat_bits in checkpoint [ 197.004000][ T6782] F2FS-fs (loop1): Start checkpoint disabled! [ 197.025654][ T6782] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 197.910193][ T4453] attempt to access beyond end of device [ 197.910193][ T4453] loop1: rw=2049, want=40976, limit=40427 [ 198.010619][ T6816] netlink: 'syz.4.976': attribute type 4 has an invalid length. [ 198.091561][ T6823] overlayfs: missing 'lowerdir' [ 199.706692][ T6849] loop3: detected capacity change from 0 to 512 [ 200.076669][ T6849] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=e000c018, mo2=0002] [ 200.107520][ T6849] System zones: 0-2, 18-18, 34-35 [ 200.150009][ T6849] EXT4-fs error (device loop3): ext4_quota_enable:6417: inode #4: comm syz.3.990: iget: bad i_size value: 5910974510929920 [ 200.173314][ T6849] EXT4-fs error (device loop3): ext4_quota_enable:6420: comm syz.3.990: Bad quota inode: 4, type: 1 [ 200.208975][ T6849] EXT4-fs warning (device loop3): ext4_enable_quotas:6461: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 200.280300][ T6849] EXT4-fs (loop3): mount failed [ 201.491759][ T6881] loop4: detected capacity change from 0 to 512 [ 201.620379][ T6881] EXT4-fs (loop4): bad s_min_extra_isize: 2304 [ 201.962231][ T6892] overlayfs: unrecognized mount option "/" or missing value [ 202.316942][ T5020] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 202.597192][ T5020] usb 4-1: Using ep0 maxpacket: 16 [ 202.728037][ T5020] usb 4-1: config 0 has an invalid interface number: 41 but max is 0 [ 202.795615][ T5020] usb 4-1: config 0 has no interface number 0 [ 202.945371][ T5020] usb 4-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 203.093598][ T5020] usb 4-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 203.140834][ T5020] usb 4-1: config 0 interface 41 has no altsetting 0 [ 203.362051][ T5020] usb 4-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 203.376467][ T5020] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 203.419931][ T5020] usb 4-1: Product: syz [ 203.427224][ T5020] usb 4-1: Manufacturer: syz [ 203.460245][ T5020] usb 4-1: SerialNumber: syz [ 203.485226][ T5020] usb 4-1: config 0 descriptor?? [ 203.667154][ T6897] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 203.677102][ T6897] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 203.917106][ T5020] CoreChips: probe of 4-1:0.41 failed with error -71 [ 203.937541][ T5020] usb 4-1: USB disconnect, device number 7 [ 203.970441][ T6950] netlink: 188 bytes leftover after parsing attributes in process `syz.1.1031'. [ 204.144017][ T6956] loop1: detected capacity change from 0 to 256 [ 204.165843][ T6956] exfat: Deprecated parameter 'utf8' [ 204.175586][ T6956] exfat: Deprecated parameter 'namecase' [ 204.182500][ T6956] exfat: Deprecated parameter 'utf8' [ 204.209141][ T6956] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 205.548866][ T6998] binder: Unknown parameter 'ma' [ 205.639977][ T7004] loop3: detected capacity change from 0 to 64 [ 206.463078][ T7015] overlayfs: failed to clone lowerpath [ 206.601512][ T7020] loop4: detected capacity change from 0 to 1024 [ 206.658045][ T7020] EXT4-fs (loop4): Unrecognized mount option "uid>00000000000000000000" or missing value [ 206.739696][ T7026] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1063'. [ 207.642390][ T7045] overlayfs: failed to clone lowerpath [ 208.760400][ T7071] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 208.773338][ T7070] loop4: detected capacity change from 0 to 128 [ 208.854539][ T7070] EXT4-fs (loop4): Test dummy encryption mode enabled [ 208.928900][ T7070] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption,usrjquota=,,errors=continue. Quota mode: none. [ 208.991544][ T7070] ext4 filesystem being mounted at /200/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 210.265220][ T7100] overlayfs: failed to clone lowerpath [ 210.472647][ T7108] loop4: detected capacity change from 0 to 128 [ 210.585267][ T7108] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 210.619984][ T7108] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 211.067014][ T4249] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 211.176529][ T7120] loop4: detected capacity change from 0 to 64 [ 211.427039][ T4249] usb 1-1: Using ep0 maxpacket: 32 [ 211.467315][ T7130] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 211.718871][ T4249] usb 1-1: New USB device found, idVendor=06a2, idProduct=0003, bcdDevice=b4.8c [ 211.736890][ T4249] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 211.755097][ T4249] usb 1-1: Product: syz [ 211.759575][ T4249] usb 1-1: Manufacturer: syz [ 211.764205][ T4249] usb 1-1: SerialNumber: syz [ 211.780171][ T4249] usb 1-1: config 0 descriptor?? [ 211.819436][ T4249] gspca_main: gspca_topro-2.14.0 probing 06a2:0003 [ 212.165960][ T7138] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1112'. [ 212.507446][ T7150] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 213.377127][ T4249] gspca_topro: Sensor cx0342 [ 213.593104][ T4771] usb 1-1: USB disconnect, device number 4 [ 213.788993][ T7165] loop3: detected capacity change from 0 to 64 [ 214.245823][ T7170] loop0: detected capacity change from 0 to 128 [ 214.292975][ T7170] EXT4-fs (loop0): Test dummy encryption mode enabled [ 214.348292][ T7170] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption,usrjquota=,,errors=continue. Quota mode: none. [ 214.380360][ T7170] ext4 filesystem being mounted at /231/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 214.843084][ T7178] binder: Bad value for 'max' [ 215.351045][ T7194] loop3: detected capacity change from 0 to 128 [ 215.498579][ T7194] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 215.532119][ T7194] hpfs: filesystem error: improperly stopped [ 215.561540][ T7194] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 215.591013][ T7194] hpfs: You really don't want any checks? You are crazy... [ 215.611651][ T7194] hpfs: hpfs_map_sector(): read error [ 215.636940][ T7194] hpfs: code page support is disabled [ 215.653266][ T7194] hpfs: hpfs_map_4sectors(): unaligned read [ 215.683165][ T7194] hpfs: hpfs_map_4sectors(): unaligned read [ 215.703211][ T7194] hpfs: filesystem error: unable to find root dir [ 216.006919][ T5019] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 216.920609][ T5019] usb 2-1: Using ep0 maxpacket: 16 [ 217.048231][ T5019] usb 2-1: config 0 has an invalid interface number: 41 but max is 0 [ 217.061014][ T5019] usb 2-1: config 0 has no interface number 0 [ 217.099129][ T5019] usb 2-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 217.109424][ T5019] usb 2-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 217.119719][ T5019] usb 2-1: config 0 interface 41 has no altsetting 0 [ 217.417559][ T5019] usb 2-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 217.479930][ T5019] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 217.607961][ T5019] usb 2-1: Product: syz [ 217.684604][ T5019] usb 2-1: Manufacturer: syz [ 217.784206][ T5019] usb 2-1: SerialNumber: syz [ 217.892649][ T5019] usb 2-1: config 0 descriptor?? [ 217.977135][ T7200] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 217.984221][ T7200] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 218.257159][ T5019] CoreChips: probe of 2-1:0.41 failed with error -71 [ 218.288166][ T5019] usb 2-1: USB disconnect, device number 6 [ 218.365320][ T7246] netlink: 'syz.3.1160': attribute type 4 has an invalid length. [ 218.533430][ T7253] loop3: detected capacity change from 0 to 128 [ 218.578475][ T7253] EXT4-fs (loop3): Test dummy encryption mode enabled [ 218.625158][ T7253] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,usrjquota=,,errors=continue. Quota mode: none. [ 218.648995][ T7253] ext4 filesystem being mounted at /223/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 219.655693][ T7249] loop4: detected capacity change from 0 to 32768 [ 219.740841][ T7249] XFS (loop4): Mounting V5 Filesystem [ 219.998938][ T7249] XFS (loop4): Ending clean mount [ 220.022346][ T7249] XFS (loop4): Quotacheck needed: Please wait. [ 220.073317][ T7249] XFS (loop4): Quotacheck: Done. [ 220.183361][ T4771] usb 1-1: new full-speed USB device number 5 using dummy_hcd [ 220.273032][ T4184] XFS (loop4): Unmounting Filesystem [ 221.287264][ T4771] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 221.301024][ T4771] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 221.318386][ T4771] usb 1-1: Product: syz [ 221.331739][ T4771] usb 1-1: Manufacturer: syz [ 221.339305][ T7336] netlink: 'syz.3.1195': attribute type 4 has an invalid length. [ 221.355629][ T4771] usb 1-1: SerialNumber: syz [ 221.402750][ T4771] usb 1-1: config 0 descriptor?? [ 222.251906][ T7351] loop1: detected capacity change from 0 to 512 [ 222.355665][ T7351] EXT4-fs (loop1): mounted filesystem without journal. Opts: usrquota,grpjquota=,nodelalloc,,errors=continue. Quota mode: writeback. [ 222.367039][ T4771] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 222.387214][ T7351] ext4 filesystem being mounted at /233/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 223.137991][ T7380] netlink: 'syz.0.1208': attribute type 4 has an invalid length. [ 223.160167][ T4771] dvb_usb_rtl28xxu: probe of 1-1:0.0 failed with error -71 [ 223.182606][ T4771] usb 1-1: USB disconnect, device number 5 [ 223.652378][ T5020] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 223.917319][ T5020] usb 5-1: Using ep0 maxpacket: 16 [ 224.077438][ T5020] usb 5-1: config 0 has an invalid interface number: 41 but max is 0 [ 224.126324][ T5020] usb 5-1: config 0 has no interface number 0 [ 224.234975][ T5020] usb 5-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 224.414956][ T5020] usb 5-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 224.465821][ T7408] loop1: detected capacity change from 0 to 1024 [ 224.474289][ T5020] usb 5-1: config 0 interface 41 has no altsetting 0 [ 224.528540][ T7415] netlink: 'syz.0.1221': attribute type 4 has an invalid length. [ 224.717855][ T5020] usb 5-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 224.745270][ T5020] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 224.767450][ T7408] EXT4-fs (loop1): Unrecognized mount option "uid>00000000000000000000" or missing value [ 225.100926][ T5020] usb 5-1: Product: syz [ 225.105502][ T5020] usb 5-1: Manufacturer: syz [ 225.110249][ T5020] usb 5-1: SerialNumber: syz [ 225.143220][ T5020] usb 5-1: config 0 descriptor?? [ 225.179360][ T7390] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 225.275254][ T7390] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 225.677122][ T5020] CoreChips: probe of 5-1:0.41 failed with error -71 [ 225.728094][ T5020] usb 5-1: USB disconnect, device number 3 [ 227.085622][ T7451] netlink: 'syz.4.1234': attribute type 4 has an invalid length. [ 227.380073][ T7457] loop0: detected capacity change from 0 to 128 [ 227.444550][ T7457] EXT4-fs (loop0): Test dummy encryption mode enabled [ 227.577751][ T7457] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption,usrjquota=,,errors=continue. Quota mode: none. [ 227.625082][ T7457] ext4 filesystem being mounted at /249/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 227.723537][ T7467] loop4: detected capacity change from 0 to 8 [ 229.152103][ T7499] loop4: detected capacity change from 0 to 128 [ 229.216102][ T7499] EXT4-fs (loop4): Test dummy encryption mode enabled [ 229.297544][ T7499] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption,usrjquota=,,errors=continue. Quota mode: none. [ 229.372203][ T7499] ext4 filesystem being mounted at /228/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 229.423170][ T7511] netlink: 'syz.1.1259': attribute type 4 has an invalid length. [ 229.605289][ T7515] loop3: detected capacity change from 0 to 1024 [ 229.654917][ T7519] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1262'. [ 230.246860][ T7515] EXT4-fs (loop3): Unrecognized mount option "uid>00000000000000000000" or missing value [ 230.569376][ T7525] loop4: detected capacity change from 0 to 128 [ 230.647881][ T7525] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 230.693325][ T7525] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 231.628020][ T7547] loop1: detected capacity change from 0 to 128 [ 231.661915][ T7537] loop4: detected capacity change from 0 to 40427 [ 231.683340][ T7547] EXT4-fs (loop1): Test dummy encryption mode enabled [ 231.724683][ T7547] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,usrjquota=,,errors=continue. Quota mode: none. [ 231.775464][ T7537] F2FS-fs (loop4): invalid crc value [ 231.827295][ T7547] ext4 filesystem being mounted at /251/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 231.847966][ T7537] F2FS-fs (loop4): Found nat_bits in checkpoint [ 231.969737][ T7537] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 234.018911][ T7583] loop1: detected capacity change from 0 to 8 [ 234.088056][ T7586] loop4: detected capacity change from 0 to 128 [ 234.096124][ T7590] loop0: detected capacity change from 0 to 64 [ 234.150187][ T7586] EXT4-fs (loop4): Test dummy encryption mode enabled [ 234.234897][ T7586] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption,usrjquota=,,errors=continue. Quota mode: none. [ 234.259137][ T7586] ext4 filesystem being mounted at /233/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 235.227522][ T7614] loop4: detected capacity change from 0 to 40427 [ 235.239097][ T7614] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 235.247029][ T7614] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 235.265714][ T7614] F2FS-fs (loop4): invalid crc value [ 235.312649][ T7614] F2FS-fs (loop4): Found nat_bits in checkpoint [ 235.365084][ T7614] F2FS-fs (loop4): sanity_check_inode: inode (ino=3, mode=16877) should not have inline_data, run fsck to fix [ 235.377487][ T7614] F2FS-fs (loop4): Failed to read root inode [ 235.774578][ T7634] loop3: detected capacity change from 0 to 128 [ 235.815813][ T7634] EXT4-fs (loop3): Test dummy encryption mode enabled [ 235.886234][ T7634] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,usrjquota=,,errors=continue. Quota mode: none. [ 235.912057][ T7634] ext4 filesystem being mounted at /260/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 235.969889][ T7637] loop0: detected capacity change from 0 to 64 [ 236.541712][ T7646] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1308'. [ 236.699056][ T7654] netlink: 'syz.3.1312': attribute type 4 has an invalid length. [ 237.098371][ T7663] loop3: detected capacity change from 0 to 40427 [ 237.136890][ T7663] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 237.144731][ T7663] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 237.163099][ T7663] F2FS-fs (loop3): invalid crc value [ 237.205690][ T7663] F2FS-fs (loop3): Found nat_bits in checkpoint [ 237.246589][ T7663] F2FS-fs (loop3): sanity_check_inode: inode (ino=3, mode=16877) should not have inline_data, run fsck to fix [ 237.258440][ T7663] F2FS-fs (loop3): Failed to read root inode [ 237.436309][ T7675] loop0: detected capacity change from 0 to 8 [ 237.892553][ T7686] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 238.001492][ T7698] overlayfs: overlapping lowerdir path [ 238.061529][ T7700] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1331'. [ 238.085536][ T7697] loop3: detected capacity change from 0 to 4096 [ 238.383296][ T7705] loop4: detected capacity change from 0 to 40427 [ 238.556431][ T7705] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 238.564323][ T7705] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 238.578470][ T7705] F2FS-fs (loop4): invalid crc value [ 238.774678][ T7705] F2FS-fs (loop4): Found nat_bits in checkpoint [ 238.814818][ T7705] F2FS-fs (loop4): sanity_check_inode: inode (ino=3, mode=16877) should not have inline_data, run fsck to fix [ 238.826707][ T7705] F2FS-fs (loop4): Failed to read root inode [ 238.901974][ T7715] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 240.838804][ T7697] syz.3.1330 (7697) used greatest stack depth: 19440 bytes left [ 241.083478][ T7746] overlayfs: overlapping lowerdir path [ 241.456280][ T7753] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1347'. [ 242.009725][ T7754] loop1: detected capacity change from 0 to 40427 [ 242.131586][ T7754] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 242.139442][ T7754] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 242.175070][ T7754] F2FS-fs (loop1): invalid crc value [ 242.235240][ T7754] F2FS-fs (loop1): Found nat_bits in checkpoint [ 242.278222][ T7754] F2FS-fs (loop1): sanity_check_inode: inode (ino=3, mode=16877) should not have inline_data, run fsck to fix [ 242.290289][ T7754] F2FS-fs (loop1): Failed to read root inode [ 245.193638][ T7791] overlayfs: failed to clone upperpath [ 245.231731][ T7801] loop3: detected capacity change from 0 to 40427 [ 245.281199][ T7801] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 245.289012][ T7801] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 245.299364][ T7801] F2FS-fs (loop3): invalid crc value [ 245.328601][ T7801] F2FS-fs (loop3): Found nat_bits in checkpoint [ 245.364521][ T7801] F2FS-fs (loop3): sanity_check_inode: inode (ino=3, mode=16877) should not have inline_data, run fsck to fix [ 245.376313][ T7801] F2FS-fs (loop3): Failed to read root inode [ 246.166160][ T7821] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1364'. [ 246.420728][ T7830] loop0: detected capacity change from 0 to 1024 [ 246.574999][ T7830] EXT4-fs (loop0): Unrecognized mount option "uid>00000000000000000000" or missing value [ 247.134587][ T7838] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1376'. [ 250.908388][ T7900] loop3: detected capacity change from 0 to 8 [ 252.287172][ T5020] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 252.537124][ T5020] usb 4-1: Using ep0 maxpacket: 16 [ 252.888438][ T5020] usb 4-1: config 0 has an invalid interface number: 41 but max is 0 [ 252.896688][ T5020] usb 4-1: config 0 has no interface number 0 [ 252.903564][ T5020] usb 4-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 252.914042][ T5020] usb 4-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 252.924031][ T5020] usb 4-1: config 0 interface 41 has no altsetting 0 [ 253.251865][ T5020] usb 4-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 253.261525][ T5020] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 253.270258][ T5020] usb 4-1: Product: syz [ 253.274438][ T5020] usb 4-1: Manufacturer: syz [ 253.279252][ T5020] usb 4-1: SerialNumber: syz [ 253.283826][ T7919] syz.0.1412 (7919) used greatest stack depth: 18560 bytes left [ 253.294544][ T5020] usb 4-1: config 0 descriptor?? [ 253.328218][ T7902] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 253.391208][ T7902] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 253.937042][ T5020] CoreChips: probe of 4-1:0.41 failed with error -71 [ 254.033530][ T5020] usb 4-1: USB disconnect, device number 8 [ 254.949714][ T7964] loop4: detected capacity change from 0 to 128 [ 255.050968][ T7964] EXT4-fs (loop4): Test dummy encryption mode enabled [ 255.126566][ T7964] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption,usrjquota=,,errors=continue. Quota mode: none. [ 255.148552][ T7964] ext4 filesystem being mounted at /265/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 255.458816][ T1427] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.465151][ T1427] ieee802154 phy1 wpan1: encryption failed: -22 [ 258.282853][ T7995] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1444'. [ 258.469949][ T7998] loop0: detected capacity change from 0 to 512 [ 258.534374][ T7998] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 258.602460][ T7998] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2826: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 258.705793][ T7998] EXT4-fs (loop0): 1 truncate cleaned up [ 258.723631][ T7998] EXT4-fs (loop0): mounted filesystem without journal. Opts: nogrpid,auto_da_alloc,debug_want_extra_isize=0x0000000000000068,errors=continue,lazytime,quota,,errors=continue. Quota mode: writeback. [ 259.766000][ T8034] netlink: 'syz.2.1457': attribute type 4 has an invalid length. [ 265.984472][ T4771] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 267.171991][ T4771] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 267.193476][ T4771] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 267.253520][ T4771] usb 5-1: config 0 descriptor?? [ 268.032086][ T4771] cp210x 5-1:0.0: cp210x converter detected [ 268.108102][ T4771] cp210x 5-1:0.0: failed to get vendor val 0x370b size 1: -71 [ 268.166913][ T4771] cp210x 5-1:0.0: querying part number failed [ 268.204193][ T4771] usb 5-1: cp210x converter now attached to ttyUSB0 [ 268.258768][ T4771] usb 5-1: USB disconnect, device number 4 [ 268.314048][ T4771] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 268.341729][ T4771] cp210x 5-1:0.0: device disconnected [ 269.710479][ T8205] loop4: detected capacity change from 0 to 64 [ 270.654574][ T8226] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1537'. [ 271.297584][ T8251] overlayfs: unrecognized mount option "/" or missing value [ 271.559736][ T8262] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1554'. [ 273.457068][ T8299] netlink: 188 bytes leftover after parsing attributes in process `syz.0.1569'. [ 274.414305][ T8325] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1580'. [ 275.532234][ T8345] loop1: detected capacity change from 0 to 1024 [ 275.604429][ T8345] EXT4-fs (loop1): Unrecognized mount option "uid>00000000000000000000" or missing value [ 276.353943][ T8353] netlink: 188 bytes leftover after parsing attributes in process `syz.1.1592'. [ 276.592435][ T8362] netlink: 'syz.0.1597': attribute type 4 has an invalid length. [ 277.694236][ T8383] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1593'. [ 277.877953][ T5020] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 277.902418][ T8388] loop3: detected capacity change from 0 to 128 [ 277.978091][ T8390] netlink: 188 bytes leftover after parsing attributes in process `syz.0.1607'. [ 278.037547][ T8388] EXT4-fs (loop3): Test dummy encryption mode enabled [ 278.123181][ T8388] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,usrjquota=,,errors=continue. Quota mode: none. [ 278.261405][ T8388] ext4 filesystem being mounted at /314/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 278.278734][ T8395] netlink: 2088 bytes leftover after parsing attributes in process `syz.0.1608'. [ 278.566074][ T5020] usb 5-1: Using ep0 maxpacket: 16 [ 278.612862][ T8398] loop0: detected capacity change from 0 to 128 [ 278.639581][ T8398] EXT4-fs (loop0): Test dummy encryption mode enabled [ 278.840043][ T8398] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption,usrjquota=,,errors=continue. Quota mode: none. [ 278.840740][ T5020] usb 5-1: config 0 has an invalid interface number: 41 but max is 0 [ 278.862468][ T8398] ext4 filesystem being mounted at /330/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 278.932083][ T5020] usb 5-1: config 0 has no interface number 0 [ 278.945005][ T5020] usb 5-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 278.965704][ T5020] usb 5-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 278.988606][ T5020] usb 5-1: config 0 interface 41 has no altsetting 0 [ 280.052268][ T5020] usb 5-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 280.073818][ T5020] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 280.081940][ T5020] usb 5-1: Product: syz [ 280.086119][ T5020] usb 5-1: Manufacturer: syz [ 280.116978][ T5020] usb 5-1: SerialNumber: syz [ 280.128563][ T5020] usb 5-1: config 0 descriptor?? [ 280.153132][ T8376] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 280.177924][ T8376] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 280.429916][ T8439] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1625'. [ 280.451882][ T5020] CoreChips: probe of 5-1:0.41 failed with error -71 [ 280.471882][ T5020] usb 5-1: USB disconnect, device number 5 [ 281.195261][ T8448] netlink: 'syz.4.1630': attribute type 4 has an invalid length. [ 283.618000][ T8481] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1642'. [ 284.877484][ T8505] netlink: 188 bytes leftover after parsing attributes in process `syz.4.1654'. [ 285.940853][ T8519] loop1: detected capacity change from 0 to 256 [ 286.017757][ T8521] loop0: detected capacity change from 0 to 128 [ 286.054249][ T8519] FAT-fs (loop1): Directory bread(block 64) failed [ 286.097947][ T8519] FAT-fs (loop1): Directory bread(block 65) failed [ 286.104568][ T8519] FAT-fs (loop1): Directory bread(block 66) failed [ 286.145061][ T8521] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 286.186291][ T8519] FAT-fs (loop1): Directory bread(block 67) failed [ 286.237004][ T8521] ext4 filesystem being mounted at /334/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 286.266206][ T8519] FAT-fs (loop1): Directory bread(block 68) failed [ 286.309477][ T8519] FAT-fs (loop1): Directory bread(block 69) failed [ 286.316097][ T8519] FAT-fs (loop1): Directory bread(block 70) failed [ 286.333034][ T8519] FAT-fs (loop1): Directory bread(block 71) failed [ 286.352988][ T8519] FAT-fs (loop1): Directory bread(block 72) failed [ 286.391580][ T8519] FAT-fs (loop1): Directory bread(block 73) failed [ 286.657680][ T8527] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1660'. [ 287.881382][ T8547] loop0: detected capacity change from 0 to 64 [ 290.168249][ T8569] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1676'. [ 290.182404][ T8569] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1676'. [ 290.336882][ T4249] usb 1-1: new full-speed USB device number 6 using dummy_hcd [ 290.707596][ T4249] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 290.775485][ T4249] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 290.883940][ T4249] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 291.003550][ T4249] usb 1-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 291.072933][ T4249] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 291.233721][ T4249] hub 1-1:1.0: bad descriptor, ignoring hub [ 291.240443][ T4249] hub: probe of 1-1:1.0 failed with error -5 [ 291.250594][ T4249] cdc_wdm 1-1:1.0: skipping garbage [ 291.255820][ T4249] cdc_wdm 1-1:1.0: skipping garbage [ 291.265324][ T4249] cdc_wdm: probe of 1-1:1.0 failed with error -22 [ 291.417248][ T8579] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1681'. [ 291.477341][ T4249] usb 1-1: USB disconnect, device number 6 [ 297.984025][ T8655] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1703'. [ 298.681511][ T8671] loop3: detected capacity change from 0 to 40427 [ 298.763465][ T8671] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 298.771323][ T8671] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 298.944116][ T8671] F2FS-fs (loop3): invalid crc value [ 299.029942][ T8671] F2FS-fs (loop3): Found nat_bits in checkpoint [ 299.083786][ T8671] F2FS-fs (loop3): sanity_check_inode: inode (ino=3, mode=16877) should not have inline_data, run fsck to fix [ 299.095696][ T8671] F2FS-fs (loop3): Failed to read root inode [ 300.598706][ T8691] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1719'. [ 300.770125][ T8693] loop3: detected capacity change from 0 to 128 [ 300.815626][ T8695] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1723'. [ 300.858755][ T8693] EXT4-fs (loop3): Test dummy encryption mode enabled [ 300.945370][ T8693] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,usrjquota=,,errors=continue. Quota mode: none. [ 301.042840][ T8693] ext4 filesystem being mounted at /342/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 302.345140][ T8727] loop4: detected capacity change from 0 to 128 [ 302.501099][ T8727] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 302.723118][ T8727] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 303.473187][ T8748] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1740'. [ 303.826152][ T8762] loop3: detected capacity change from 0 to 128 [ 303.874780][ T8765] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1750'. [ 303.947423][ T8762] EXT4-fs (loop3): Test dummy encryption mode enabled [ 304.048928][ T8762] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,usrjquota=,,errors=continue. Quota mode: none. [ 304.117342][ T8762] ext4 filesystem being mounted at /348/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 304.686935][ T8790] loop3: detected capacity change from 0 to 64 [ 304.709403][ T8792] loop0: detected capacity change from 0 to 128 [ 304.797446][ T8794] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1763'. [ 304.834757][ T8792] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 304.918383][ T8792] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 306.085476][ T8808] loop0: detected capacity change from 0 to 128 [ 306.152168][ T8808] EXT4-fs (loop0): Test dummy encryption mode enabled [ 306.220458][ T8808] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption,usrjquota=,,errors=continue. Quota mode: none. [ 306.236960][ T8808] ext4 filesystem being mounted at /354/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 306.666337][ T8798] loop4: detected capacity change from 0 to 40427 [ 306.773562][ T8798] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 306.798020][ T8798] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 306.851560][ T8798] F2FS-fs (loop4): invalid crc value [ 306.928527][ T8798] F2FS-fs (loop4): Found nat_bits in checkpoint [ 307.103150][ T8798] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 307.116857][ T8798] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 307.279150][ T26] audit: type=1800 audit(1763524082.909:4): pid=8798 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1764" name="file1" dev="loop4" ino=10 res=0 errno=0 [ 309.335761][ T8836] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1777'. [ 309.983937][ T8862] loop1: detected capacity change from 0 to 64 [ 310.471001][ T8873] netlink: 'syz.4.1790': attribute type 4 has an invalid length. [ 311.163457][ T8883] loop1: detected capacity change from 0 to 128 [ 311.254644][ T8886] netlink: 188 bytes leftover after parsing attributes in process `syz.4.1796'. [ 311.356043][ T8883] EXT4-fs (loop1): Test dummy encryption mode enabled [ 311.506242][ T8890] loop3: detected capacity change from 0 to 128 [ 311.591042][ T8894] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1793'. [ 311.601949][ T8883] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,usrjquota=,,errors=continue. Quota mode: none. [ 311.667947][ T8890] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 311.743927][ T8883] ext4 filesystem being mounted at /367/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 311.767034][ T8890] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 312.288996][ T8914] loop4: detected capacity change from 0 to 1024 [ 312.339938][ T8916] netlink: 188 bytes leftover after parsing attributes in process `syz.3.1808'. [ 312.416986][ T8914] EXT4-fs (loop4): Unrecognized mount option "uid>00000000000000000000" or missing value [ 314.097315][ T8944] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1821'. [ 314.536011][ T8963] loop3: detected capacity change from 0 to 128 [ 314.708141][ T8963] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 314.805767][ T8963] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 314.998149][ T8978] loop3: detected capacity change from 0 to 512 [ 315.072154][ T8978] EXT4-fs (loop3): Mount option "journal_path=./file0" incompatible with ext2 [ 315.091374][ T8980] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1837'. [ 315.137770][ T8982] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1838'. [ 316.321326][ T9008] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1850'. [ 316.619906][ T9016] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1853'. [ 316.663009][ T9020] loop0: detected capacity change from 0 to 128 [ 316.738469][ T9020] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 316.763445][ T9020] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 316.901042][ T1427] ieee802154 phy0 wpan0: encryption failed: -22 [ 316.908227][ T1427] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.151637][ T9055] loop4: detected capacity change from 0 to 128 [ 318.217693][ T9055] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 318.280524][ T9059] loop1: detected capacity change from 0 to 128 [ 318.286923][ T9055] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 318.357919][ T9059] EXT4-fs (loop1): Test dummy encryption mode enabled [ 318.396942][ T9059] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,usrjquota=,,errors=continue. Quota mode: none. [ 318.528473][ T9059] ext4 filesystem being mounted at /383/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 318.734787][ T9067] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1875'. [ 319.113895][ T9081] netlink: 'syz.2.1874': attribute type 1 has an invalid length. [ 319.121771][ T9081] netlink: 168864 bytes leftover after parsing attributes in process `syz.2.1874'. [ 321.096743][ T9109] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1889'. [ 321.206406][ T9114] loop3: detected capacity change from 0 to 128 [ 321.518566][ T9114] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 322.012245][ T9114] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 322.645583][ T9127] netlink: 188 bytes leftover after parsing attributes in process `syz.3.1896'. [ 323.016163][ T9131] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 323.791115][ T9116] loop0: detected capacity change from 0 to 40427 [ 324.003746][ T9116] F2FS-fs (loop0): build fault injection attr: rate: 0, type: 0x35f7 [ 324.046563][ T9116] F2FS-fs (loop0): Unrecognized mount option "errors=remount-ro" or missing value [ 324.327712][ T9139] netlink: 'syz.4.1903': attribute type 1 has an invalid length. [ 324.432287][ T9139] 8021q: adding VLAN 0 to HW filter on device bond1 [ 324.490448][ T9143] bond1: (slave gretap1): making interface the new active one [ 324.539367][ T9143] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 324.573588][ T9145] loop0: detected capacity change from 0 to 128 [ 324.606805][ T7771] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready [ 324.735147][ T9145] EXT4-fs (loop0): Test dummy encryption mode enabled [ 324.787405][ T9145] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption,usrjquota=,,errors=continue. Quota mode: none. [ 324.803455][ T9145] ext4 filesystem being mounted at /370/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 324.806797][ T9149] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1902'. [ 325.098320][ T9162] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1909'. [ 325.356174][ T9174] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1916'. [ 326.602952][ T9199] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1927'. [ 326.806921][ T9211] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1931'. [ 327.159981][ T9224] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1938'. [ 327.641836][ T9230] loop3: detected capacity change from 0 to 1024 [ 327.738484][ T9230] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled [ 327.776398][ T9230] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 327.858527][ T9230] EXT4-fs (loop3): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000000000,delalloc,resuid=0x0000000000000000,abort,dioread_nolock,jqfmt=vfsold,data=ordered,noauto_da_alloc,,errors=continue. Quota mode: writeback. [ 328.332636][ T9242] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1945'. [ 330.372991][ T9271] loop3: detected capacity change from 0 to 1024 [ 330.420199][ T9271] EXT4-fs (loop3): Unrecognized mount option "uid>00000000000000000000" or missing value [ 330.876114][ T9287] tipc: Started in network mode [ 330.881352][ T9287] tipc: Node identity ac14140f, cluster identity 4711 [ 330.893093][ T9287] tipc: New replicast peer: 255.255.255.255 [ 330.900671][ T9287] tipc: Enabled bearer , priority 10 [ 332.040778][ T9301] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 332.069848][ T1108] tipc: Node number set to 2886997007 [ 333.126147][ T9312] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1972'. [ 335.683193][ T9350] netlink: 'syz.4.1988': attribute type 4 has an invalid length. [ 337.115647][ T23] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 337.711648][ T9371] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 337.795634][ T23] usb 5-1: Using ep0 maxpacket: 8 [ 337.817657][ T9376] loop1: detected capacity change from 0 to 64 [ 337.920907][ T23] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 337.961361][ T23] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 337.991743][ T23] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 338.020273][ T23] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 338.045732][ T23] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 338.063992][ T23] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 338.345766][ T23] usb 5-1: GET_CAPABILITIES returned 0 [ 338.352017][ T23] usbtmc 5-1:16.0: can't read capabilities [ 338.726309][ T9382] loop0: detected capacity change from 0 to 1024 [ 338.818510][ T9382] EXT4-fs (loop0): Unrecognized mount option "uid>00000000000000000000" or missing value [ 338.906491][ T23] usb 5-1: USB disconnect, device number 6 [ 339.581531][ T9400] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2004'. [ 339.590891][ T9400] netlink: 50 bytes leftover after parsing attributes in process `syz.0.2004'. [ 340.730227][ T9406] netlink: 'syz.3.2005': attribute type 1 has an invalid length. [ 340.920474][ T9406] 8021q: adding VLAN 0 to HW filter on device bond1 [ 341.040096][ T9409] bond1: (slave gretap1): making interface the new active one [ 341.124108][ T9409] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 341.131882][ T9419] loop1: detected capacity change from 0 to 64 [ 341.176879][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready [ 341.412921][ T1108] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 341.678434][ T1108] usb 5-1: Using ep0 maxpacket: 8 [ 341.795740][ T1108] usb 5-1: config index 0 descriptor too short (expected 1307, got 27) [ 341.812527][ T1108] usb 5-1: config 0 has an invalid interface number: 0 but max is -1 [ 341.849003][ T1108] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 341.940155][ T9434] loop3: detected capacity change from 0 to 1024 [ 342.047513][ T9434] EXT4-fs (loop3): Unrecognized mount option "uid>00000000000000000000" or missing value [ 342.191420][ T1108] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30 [ 342.202909][ T1108] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 342.213940][ T1108] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 342.223731][ T1108] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246 [ 342.395680][ T1108] usb 5-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 342.404756][ T1108] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 342.418386][ T1108] usb 5-1: Product: syz [ 342.422579][ T1108] usb 5-1: Manufacturer: syz [ 342.429563][ T1108] usb 5-1: SerialNumber: syz [ 342.448756][ T1108] usb 5-1: config 0 descriptor?? [ 342.566206][ T1108] hub 5-1:0.0: bad descriptor, ignoring hub [ 342.572224][ T1108] hub: probe of 5-1:0.0 failed with error -5 [ 342.609362][ T1108] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input5 [ 342.749844][ T1108] usb 5-1: USB disconnect, device number 7 [ 342.873621][ T9444] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2018'. [ 342.882690][ T9444] netlink: 50 bytes leftover after parsing attributes in process `syz.3.2018'. [ 342.906276][ T9444] netlink: 'syz.3.2018': attribute type 16 has an invalid length. [ 342.914116][ T9444] netlink: 64138 bytes leftover after parsing attributes in process `syz.3.2018'. [ 343.929334][ T9456] netlink: 'syz.3.2023': attribute type 4 has an invalid length. [ 345.084345][ T9475] loop3: detected capacity change from 0 to 128 [ 345.169237][ T9475] EXT4-fs (loop3): Test dummy encryption mode enabled [ 345.207595][ T9475] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,usrjquota=,,errors=continue. Quota mode: none. [ 345.235382][ T9475] ext4 filesystem being mounted at /425/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 345.571735][ T9481] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2031'. [ 345.580819][ T9481] netlink: 50 bytes leftover after parsing attributes in process `syz.0.2031'. [ 345.602549][ T9481] netlink: 'syz.0.2031': attribute type 16 has an invalid length. [ 345.610469][ T9481] netlink: 64138 bytes leftover after parsing attributes in process `syz.0.2031'. [ 346.490538][ T9493] netlink: 'syz.1.2036': attribute type 4 has an invalid length. [ 348.337745][ T9512] netlink: 'syz.2.2044': attribute type 1 has an invalid length. [ 349.157668][ T9512] 8021q: adding VLAN 0 to HW filter on device bond2 [ 350.620477][ T9543] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2053'. [ 350.800661][ T9545] loop0: detected capacity change from 0 to 128 [ 351.383650][ T9545] EXT4-fs (loop0): Test dummy encryption mode enabled [ 351.427971][ T9545] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption,usrjquota=,,errors=continue. Quota mode: none. [ 351.458204][ T9545] ext4 filesystem being mounted at /399/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 352.696263][ T9574] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2061'. [ 353.028739][ T9582] loop4: detected capacity change from 0 to 1024 [ 353.824982][ T9582] EXT4-fs (loop4): Unrecognized mount option "uid>00000000000000000000" or missing value [ 354.217944][ T9604] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2073'. [ 354.274742][ T21] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 354.401837][ T9609] netlink: 188 bytes leftover after parsing attributes in process `syz.4.2074'. [ 354.595092][ T21] usb 4-1: unable to get BOS descriptor or descriptor too short [ 354.684817][ T21] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 354.714199][ T21] usb 4-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 354.750911][ T21] usb 4-1: config 1 interface 0 has no altsetting 1 [ 355.566399][ T21] usb 4-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75 [ 355.589702][ T21] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 355.632961][ T21] usb 4-1: Product: syz [ 355.689406][ T21] usb 4-1: Manufacturer: syz [ 355.694044][ T21] usb 4-1: SerialNumber: syz [ 355.807606][ T21] smsusb:smsusb_probe: board id=8, interface number 0 [ 355.838229][ T9636] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2086'. [ 356.035083][ T21] smsusb:smsusb_probe: usb_set_interface failed, rc -71 [ 356.038786][ T9646] netlink: 188 bytes leftover after parsing attributes in process `syz.2.2089'. [ 356.042084][ T21] smsusb: probe of 4-1:1.0 failed with error -71 [ 356.054247][ T21] usb 4-1: USB disconnect, device number 9 [ 356.231742][ T9654] netlink: 'syz.0.2093': attribute type 1 has an invalid length. [ 356.309006][ T9654] 8021q: adding VLAN 0 to HW filter on device bond1 [ 356.459977][ T9654] bond1: (slave gretap1): making interface the new active one [ 356.500407][ T9654] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 356.603373][ T5406] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready [ 356.848463][ T9669] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2099'. [ 356.966808][ T9672] loop0: detected capacity change from 0 to 128 [ 357.038379][ T9672] EXT4-fs (loop0): Test dummy encryption mode enabled [ 357.066931][ T9676] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2101'. [ 357.076043][ T9676] netlink: 50 bytes leftover after parsing attributes in process `syz.1.2101'. [ 357.115766][ T9676] netlink: 'syz.1.2101': attribute type 16 has an invalid length. [ 357.124124][ T9676] netlink: 64138 bytes leftover after parsing attributes in process `syz.1.2101'. [ 357.915456][ T9672] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption,usrjquota=,,errors=continue. Quota mode: none. [ 358.005167][ T9672] ext4 filesystem being mounted at /409/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 359.579871][ T4771] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 361.094399][ T4771] usb 2-1: Using ep0 maxpacket: 16 [ 361.204248][ C1] sched: RT throttling activated [ 361.234553][ T4771] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 361.273538][ T4771] usb 2-1: New USB device found, idVendor=056a, idProduct=0317, bcdDevice= 0.00 [ 361.357652][ T4771] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 361.552484][ T4771] usb 2-1: config 0 descriptor?? [ 361.574484][ T4771] usb 2-1: can't set config #0, error -71 [ 361.595423][ T4771] usb 2-1: USB disconnect, device number 7 [ 362.454812][ T9727] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2112'. [ 362.931461][ T9742] syz.2.2126 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 364.306145][ T9756] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 365.339082][ T9767] netlink: 188 bytes leftover after parsing attributes in process `syz.2.2135'. [ 366.687114][ T9786] loop4: detected capacity change from 0 to 8192 [ 366.705049][ T9790] loop0: detected capacity change from 0 to 1024 [ 366.774127][ T9790] EXT4-fs (loop0): Unrecognized mount option "uid>00000000000000000000" or missing value [ 366.797020][ T9786] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 366.809557][ T9786] REISERFS (device loop4): using ordered data mode [ 366.816755][ T9786] reiserfs: using flush barriers [ 366.872722][ T9786] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 367.501224][ T9786] REISERFS (device loop4): checking transaction log (loop4) [ 367.793097][ T9786] REISERFS (device loop4): Using tea hash to sort names [ 367.810209][ T9786] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 367.820630][ T9813] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2151'. [ 369.224296][ T9838] loop4: detected capacity change from 0 to 1024 [ 370.428024][ T9838] EXT4-fs (loop4): Unrecognized mount option "uid>00000000000000000000" or missing value [ 373.318891][ T9886] loop0: detected capacity change from 0 to 4096 [ 373.384250][ T9886] ntfs3: Unknown parameter 'windows_names' [ 376.831664][ T9978] loop4: detected capacity change from 0 to 1024 [ 377.430176][ T9978] EXT4-fs (loop4): Test dummy encryption mode enabled [ 377.462170][ T9978] EXT4-fs (loop4): inodes count not valid: 32 vs 15 [ 378.335324][ T1427] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.341687][ T1427] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.617810][T10005] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2229'. [ 378.627319][T10005] netlink: 50 bytes leftover after parsing attributes in process `syz.1.2229'. [ 378.649595][T10005] netlink: 'syz.1.2229': attribute type 16 has an invalid length. [ 378.657953][T10005] netlink: 64138 bytes leftover after parsing attributes in process `syz.1.2229'. [ 379.461490][T10011] loop1: detected capacity change from 0 to 512 [ 379.567777][T10011] EXT4-fs (loop1): external journal device major/minor numbers have changed [ 379.601327][T10016] netlink: 'syz.2.2235': attribute type 1 has an invalid length. [ 379.664159][T10011] block device autoloading is deprecated and will be removed. [ 379.697197][T10011] EXT4-fs (loop1): external journal has bad superblock [ 379.729338][T10016] 8021q: adding VLAN 0 to HW filter on device bond3 [ 379.966463][T10023] 9pnet: p9_errstr2errno: server reported unknown error [ 381.229185][T10044] netlink: 68 bytes leftover after parsing attributes in process `syz.3.2247'. [ 381.788247][T10052] loop0: detected capacity change from 0 to 40427 [ 381.822104][T10056] 9pnet: p9_errstr2errno: server reported unknown error [ 381.843304][T10052] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 381.851044][T10052] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 381.861324][T10052] F2FS-fs (loop0): invalid crc value [ 381.919614][T10052] F2FS-fs (loop0): Found nat_bits in checkpoint [ 381.959673][T10052] F2FS-fs (loop0): sanity_check_inode: inode (ino=3, mode=16877) should not have inline_data, run fsck to fix [ 381.971599][T10052] F2FS-fs (loop0): Failed to read root inode [ 382.079595][T10062] netlink: 'syz.1.2253': attribute type 4 has an invalid length. [ 382.816587][T10050] loop3: detected capacity change from 0 to 40427 [ 382.873164][T10050] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x1ffff [ 382.893572][T10050] F2FS-fs (loop3): build fault injection attr: rate: 0, type: 0x35f7 [ 382.926332][T10050] F2FS-fs (loop3): invalid crc value [ 382.954783][T10050] F2FS-fs (loop3): Found nat_bits in checkpoint [ 383.060384][T10074] netlink: 188 bytes leftover after parsing attributes in process `syz.0.2259'. [ 383.134368][T10050] F2FS-fs (loop3): Start checkpoint disabled! [ 383.176647][T10050] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 383.352921][T10050] attempt to access beyond end of device [ 383.352921][T10050] loop3: rw=2049, want=45104, limit=40427 [ 383.830458][ T5278] attempt to access beyond end of device [ 383.830458][ T5278] loop3: rw=2049, want=40984, limit=40427 [ 384.426627][T10095] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2267'. [ 385.196852][T10104] loop4: detected capacity change from 0 to 512 [ 385.339960][T10110] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2271'. [ 385.362343][T10104] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.2269: invalid indirect mapped block 4294967295 (level 1) [ 385.399882][T10104] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.2269: invalid indirect mapped block 4294967295 (level 1) [ 385.477199][T10104] EXT4-fs (loop4): 2 truncates cleaned up [ 385.513028][T10104] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpjquota=,abort,mb_optimize_scan=0x0000000000000001,auto_da_alloc=0x000000007fffffff,max_batch_time=0x0000000000000004,,errors=continue. Quota mode: writeback. [ 385.579103][T10116] loop3: detected capacity change from 0 to 128 [ 385.606966][T10118] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2275'. [ 385.652504][T10116] EXT4-fs (loop3): Test dummy encryption mode enabled [ 385.687679][T10104] EXT4-fs error (device loop4): ext4_get_parent:1906: inode #11: comm syz.4.2269: bad parent inode number: 3 [ 385.726778][T10116] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,usrjquota=,,errors=continue. Quota mode: none. [ 385.743094][T10116] ext4 filesystem being mounted at /464/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 387.330261][T10147] netlink: 'syz.2.2288': attribute type 4 has an invalid length. [ 388.442763][ T4249] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 388.702950][ T4249] usb 5-1: Using ep0 maxpacket: 16 [ 388.823343][ T4249] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 388.866460][ T4249] usb 5-1: config 0 has no interfaces? [ 389.192857][ T4249] usb 5-1: New USB device found, idVendor=25c6, idProduct=9002, bcdDevice=41.ba [ 389.202019][ T4249] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 389.272787][ T4249] usb 5-1: Product: syz [ 389.288804][ T4249] usb 5-1: Manufacturer: syz [ 389.329306][ T4249] usb 5-1: SerialNumber: syz [ 389.394144][ T4249] usb 5-1: config 0 descriptor?? [ 389.479129][T10173] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2295'. [ 389.488191][T10173] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2295'. [ 389.497309][T10173] netlink: 'syz.1.2295': attribute type 18 has an invalid length. [ 389.531278][T10173] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 389.540414][T10173] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 389.549199][T10173] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 389.557920][T10173] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 389.570842][T10173] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2295'. [ 389.579918][T10173] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2295'. [ 389.589505][T10173] netlink: 'syz.1.2295': attribute type 18 has an invalid length. [ 389.778489][ T4249] usb 5-1: USB disconnect, device number 8 [ 390.154381][T10177] bridge0: port 3(syz_tun) entered blocking state [ 390.173492][T10177] bridge0: port 3(syz_tun) entered disabled state [ 390.212876][T10177] device syz_tun entered promiscuous mode [ 390.221969][T10177] bridge0: port 3(syz_tun) entered blocking state [ 390.228823][T10177] bridge0: port 3(syz_tun) entered forwarding state [ 390.272750][T10180] netlink: 'syz.1.2298': attribute type 10 has an invalid length. [ 390.313972][T10180] bridge0: port 3(syz_tun) entered disabled state [ 390.320821][T10180] bridge0: port 1(bridge_slave_0) entered disabled state [ 390.406247][T10189] 9pnet: p9_errstr2errno: server reported unknown error [ 390.451685][T10180] bridge0: port 3(syz_tun) entered blocking state [ 390.458227][T10180] bridge0: port 3(syz_tun) entered forwarding state [ 390.465037][T10180] bridge0: port 1(bridge_slave_0) entered blocking state [ 390.472128][T10180] bridge0: port 1(bridge_slave_0) entered forwarding state [ 390.522329][T10180] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 390.582174][T10193] netlink: 68 bytes leftover after parsing attributes in process `syz.4.2304'. [ 391.002674][ T4771] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 391.128267][T10212] 9pnet: p9_errstr2errno: server reported unknown error [ 391.242754][ T4771] usb 2-1: Using ep0 maxpacket: 16 [ 391.379063][ T4771] usb 2-1: config 0 has an invalid interface number: 41 but max is 0 [ 391.398062][ T4771] usb 2-1: config 0 has no interface number 0 [ 391.414567][ T4771] usb 2-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 391.436517][ T4771] usb 2-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 391.604444][ T4771] usb 2-1: config 0 interface 41 has no altsetting 0 [ 392.278230][T10236] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2322'. [ 392.287232][T10236] netlink: 50 bytes leftover after parsing attributes in process `syz.2.2322'. [ 392.304825][T10236] netlink: 'syz.2.2322': attribute type 16 has an invalid length. [ 392.312760][T10236] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.2322'. [ 392.377559][T10208] loop0: detected capacity change from 0 to 32768 [ 392.403046][ T4771] usb 2-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 392.582389][ T4771] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 392.617328][ T4771] usb 2-1: Product: syz [ 392.632409][ T4771] usb 2-1: Manufacturer: syz [ 392.649021][ T4771] usb 2-1: SerialNumber: syz [ 392.678518][ T4771] usb 2-1: config 0 descriptor?? [ 392.722818][T10198] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 392.742817][T10198] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 392.829901][T10250] netlink: 188 bytes leftover after parsing attributes in process `syz.3.2328'. [ 392.881678][T10208] [ 392.881678][T10208] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 392.881678][T10208] [ 392.992742][ T4771] CoreChips: probe of 2-1:0.41 failed with error -71 [ 393.040613][ T4771] usb 2-1: USB disconnect, device number 8 [ 393.140894][ T4183] [ 393.140894][ T4183] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 393.140894][ T4183] [ 393.160174][ T4249] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 393.175280][ T4183] [ 393.175280][ T4183] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 393.175280][ T4183] [ 394.052544][ T4249] usb 5-1: Using ep0 maxpacket: 16 [ 394.124229][T10273] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2337'. [ 394.146592][T10273] netlink: 'syz.3.2337': attribute type 16 has an invalid length. [ 394.193540][ T4249] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 394.350194][ T4249] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 394.574059][ T4249] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 394.759024][ T4249] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 394.788571][ T4249] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 394.820929][ T4249] usb 5-1: config 0 descriptor?? [ 395.008788][T10291] loop0: detected capacity change from 0 to 128 [ 395.033184][T10290] __nla_validate_parse: 2 callbacks suppressed [ 395.033199][T10290] netlink: 188 bytes leftover after parsing attributes in process `syz.3.2344'. [ 395.045603][T10291] EXT4-fs (loop0): Test dummy encryption mode enabled [ 395.095845][T10291] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption,usrjquota=,,errors=continue. Quota mode: none. [ 395.111755][T10291] ext4 filesystem being mounted at /458/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 395.160252][T10299] loop3: detected capacity change from 0 to 128 [ 395.227108][T10299] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 395.251733][T10299] ext4 filesystem being mounted at /480/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 395.462806][ T4249] usbhid 5-1:0.0: can't add hid device: -71 [ 395.468809][ T4249] usbhid: probe of 5-1:0.0 failed with error -71 [ 395.524634][ T4249] usb 5-1: USB disconnect, device number 9 [ 395.780316][T10306] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2349'. [ 397.105344][T10331] 9pnet: p9_errstr2errno: server reported unknown error [ 397.159610][T10333] netlink: 188 bytes leftover after parsing attributes in process `syz.1.2359'. [ 399.216116][T10366] loop0: detected capacity change from 0 to 128 [ 399.281720][T10371] 9pnet: p9_errstr2errno: server reported unknown error [ 399.320942][T10366] EXT4-fs (loop0): Test dummy encryption mode enabled [ 399.447428][T10366] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption,usrjquota=,,errors=continue. Quota mode: none. [ 399.462579][T10366] ext4 filesystem being mounted at /464/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 399.512199][ T1108] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 399.752352][ T1108] usb 5-1: Using ep0 maxpacket: 16 [ 399.972860][ T1108] usb 5-1: config 0 has an invalid interface number: 41 but max is 0 [ 400.327475][ T1108] usb 5-1: config 0 has no interface number 0 [ 400.420336][ T1108] usb 5-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 400.596976][ T1108] usb 5-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 400.711823][ T1108] usb 5-1: config 0 interface 41 has no altsetting 0 [ 400.946987][ T1108] usb 5-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 400.977479][ T1108] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 401.004638][ T1108] usb 5-1: Product: syz [ 401.048565][ T1108] usb 5-1: Manufacturer: syz [ 401.058694][ T1108] usb 5-1: SerialNumber: syz [ 401.088163][ T1108] usb 5-1: config 0 descriptor?? [ 401.132360][T10368] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 401.157521][T10368] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 401.307661][T10409] 9pnet: p9_errstr2errno: server reported unknown error [ 401.452373][ T1108] CoreChips: probe of 5-1:0.41 failed with error -71 [ 401.482213][ T1108] usb 5-1: USB disconnect, device number 10 [ 401.944619][T10421] loop0: detected capacity change from 0 to 128 [ 404.186158][T10444] 9pnet: p9_errstr2errno: server reported unknown error [ 404.601170][T10455] loop1: detected capacity change from 0 to 512 [ 405.317089][T10455] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 405.393479][T10465] loop0: detected capacity change from 0 to 512 [ 405.566641][T10465] EXT4-fs (loop0): Test dummy encryption mode enabled [ 405.579219][T10455] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.2403: bg 0: block 384: padding at end of block bitmap is not set [ 405.639311][T10465] EXT4-fs (loop0): Test dummy encryption mode enabled [ 405.686171][T10455] EXT4-fs (loop1): Remounting filesystem read-only [ 405.761508][T10465] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption,init_itable=0x0000000000000000,minixdf,jqfmt=vfsv1,user_xattr,inode_readahead_blks=0x0000000000000800,barrier=0x000000000100000b,errors=remount-ro,auto_da_alloc,test_dummy_encryption,min_batch_time=0x00. Quota mode: none. [ 405.881779][T10455] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6178: Corrupt filesystem [ 405.951850][T10455] EXT4-fs (loop1): Remounting filesystem read-only [ 405.961873][T10455] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #11: comm syz.1.2403: attempt to clear invalid blocks 983260 len 1 [ 406.706401][T10455] EXT4-fs (loop1): Remounting filesystem read-only [ 406.713044][T10455] EXT4-fs error (device loop1): __ext4_get_inode_loc:4327: comm syz.1.2403: Invalid inode table block 0 in block_group 0 [ 406.853295][T10455] EXT4-fs (loop1): Remounting filesystem read-only [ 406.859928][T10455] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5850: Corrupt filesystem [ 406.932455][T10481] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2413'. [ 406.954437][T10455] EXT4-fs (loop1): Remounting filesystem read-only [ 407.059270][T10455] EXT4-fs error (device loop1) in ext4_orphan_del:301: Corrupt filesystem [ 407.166911][T10455] EXT4-fs (loop1): Remounting filesystem read-only [ 407.233667][T10455] EXT4-fs error (device loop1): __ext4_get_inode_loc:4327: comm syz.1.2403: Invalid inode table block 0 in block_group 0 [ 407.327264][T10455] EXT4-fs (loop1): Remounting filesystem read-only [ 407.371918][T10455] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5850: Corrupt filesystem [ 407.454723][T10455] EXT4-fs (loop1): Remounting filesystem read-only [ 407.501351][T10455] EXT4-fs error (device loop1): ext4_truncate:4279: inode #11: comm syz.1.2403: mark_inode_dirty error [ 407.577677][T10455] EXT4-fs (loop1): Remounting filesystem read-only [ 407.656575][T10455] EXT4-fs error (device loop1) in ext4_process_orphan:343: Corrupt filesystem [ 407.743291][T10455] EXT4-fs (loop1): Remounting filesystem read-only [ 407.819327][T10455] EXT4-fs (loop1): 1 truncate cleaned up [ 407.825597][T10455] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,grpquota,max_dir_size_kb=0x00000000000001ff,noblock_validity,. Quota mode: writeback. [ 410.110826][T10511] loop1: detected capacity change from 0 to 128 [ 410.238485][T10511] EXT4-fs (loop1): Test dummy encryption mode enabled [ 410.463006][T10511] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,usrjquota=,,errors=continue. Quota mode: none. [ 410.582503][T10511] ext4 filesystem being mounted at /488/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 411.103370][T10530] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2435'. [ 411.214661][T10534] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2427'. [ 411.245721][ T4249] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 411.496914][ T4249] usb 5-1: Using ep0 maxpacket: 16 [ 411.901664][ T4249] usb 5-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90 [ 411.941536][ T4249] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 411.949574][ T4249] usb 5-1: Product: syz [ 411.979210][ T4249] usb 5-1: Manufacturer: syz [ 412.001893][ T4249] usb 5-1: SerialNumber: syz [ 412.042474][ T4249] usb 5-1: config 0 descriptor?? [ 412.082530][ T4249] ums-onetouch 5-1:0.0: USB Mass Storage device detected [ 412.095991][T10561] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2447'. [ 412.289193][ T21] usb 5-1: USB disconnect, device number 11 [ 412.336084][T10569] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2449'. [ 413.474071][T10586] netlink: 'syz.1.2456': attribute type 4 has an invalid length. [ 414.682093][T10608] netlink: 68 bytes leftover after parsing attributes in process `syz.1.2464'. [ 414.925546][T10617] netlink: 'syz.4.2468': attribute type 4 has an invalid length. [ 416.387477][T10640] loop0: detected capacity change from 0 to 1024 [ 416.454442][T10640] EXT4-fs (loop0): Unrecognized mount option "uid>00000000000000000000" or missing value [ 417.012979][ T5019] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 417.020881][ T4771] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 417.266076][ T5019] usb 2-1: Using ep0 maxpacket: 16 [ 417.286471][T10651] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2478'. [ 417.301314][ T4771] usb 5-1: Using ep0 maxpacket: 32 [ 417.472775][ T5019] usb 2-1: config 0 has an invalid interface number: 41 but max is 0 [ 417.480917][ T5019] usb 2-1: config 0 has no interface number 0 [ 417.526319][ T4771] usb 5-1: unable to get BOS descriptor or descriptor too short [ 417.542119][ T5019] usb 2-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 417.581059][ T5019] usb 2-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 417.607708][ T5019] usb 2-1: config 0 interface 41 has no altsetting 0 [ 417.661646][ T4771] usb 5-1: config 3 has an invalid interface number: 132 but max is 0 [ 417.690672][ T4771] usb 5-1: config 3 has an invalid interface descriptor of length 2, skipping [ 417.691461][ T4249] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 417.700847][ T4771] usb 5-1: config 3 has no interface number 0 [ 417.733605][ T4771] usb 5-1: config 3 interface 132 altsetting 7 endpoint 0xA has invalid maxpacket 512, setting to 64 [ 417.764299][ T4771] usb 5-1: config 3 interface 132 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 417.797959][ T4771] usb 5-1: config 3 interface 132 has no altsetting 0 [ 417.821347][ T5019] usb 2-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 417.850822][ T5019] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 417.860941][ T5019] usb 2-1: Product: syz [ 417.871282][ T5019] usb 2-1: Manufacturer: syz [ 417.875897][ T5019] usb 2-1: SerialNumber: syz [ 417.902251][ T5019] usb 2-1: config 0 descriptor?? [ 417.921431][T10628] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 417.931702][T10628] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 417.971333][ T4771] usb 5-1: New USB device found, idVendor=0a5c, idProduct=21e1, bcdDevice=a2.cc [ 418.000837][ T4771] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 418.010957][ T4771] usb 5-1: Product: syz [ 418.021135][ T4771] usb 5-1: Manufacturer: syz [ 418.025755][ T4771] usb 5-1: SerialNumber: syz [ 418.093756][ T4249] usb 1-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 418.110946][ T4249] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 418.147512][ T4249] usb 1-1: config 0 descriptor?? [ 418.164550][ T5019] CoreChips: probe of 2-1:0.41 failed with error -71 [ 418.190939][ T5019] usb 2-1: USB disconnect, device number 9 [ 418.213201][ T4249] gspca_main: spca508-2.14.0 probing 8086:0110 [ 418.339010][ T4771] usb 5-1: USB disconnect, device number 12 [ 418.426093][ T4249] gspca_spca508: reg_read err -32 [ 418.471108][ T4249] gspca_spca508: reg_read err -32 [ 418.731153][ T4249] gspca_spca508: reg_read err -71 [ 418.751148][ T4249] gspca_spca508: reg_read err -71 [ 418.771130][ T4249] gspca_spca508: reg write: error -71 [ 418.776595][ T4249] spca508: probe of 1-1:0.0 failed with error -71 [ 418.789002][T10657] netlink: 'syz.1.2482': attribute type 4 has an invalid length. [ 418.800399][ T4249] usb 1-1: USB disconnect, device number 7 [ 419.054307][T10663] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2484'. [ 419.063741][T10663] netlink: 50 bytes leftover after parsing attributes in process `syz.1.2484'. [ 419.098148][T10663] netlink: 'syz.1.2484': attribute type 16 has an invalid length. [ 419.106033][T10663] netlink: 64138 bytes leftover after parsing attributes in process `syz.1.2484'. [ 420.134596][T10672] loop1: detected capacity change from 0 to 1024 [ 420.185462][T10672] EXT4-fs (loop1): Unrecognized mount option "uid>00000000000000000000" or missing value [ 421.687437][T10689] netlink: 'syz.1.2493': attribute type 4 has an invalid length. [ 421.702419][T10689] netlink: 'syz.1.2493': attribute type 5 has an invalid length. [ 421.737330][T10689] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.2493'. [ 422.028544][T10705] netlink: 'syz.4.2496': attribute type 16 has an invalid length. [ 422.036512][T10705] netlink: 64138 bytes leftover after parsing attributes in process `syz.4.2496'. [ 422.780855][ T5019] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 423.071071][ T5019] usb 2-1: Using ep0 maxpacket: 32 [ 423.196539][ T5019] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0 [ 423.216677][ T5019] usb 2-1: config 0 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0 [ 423.244253][ T5019] usb 2-1: config 0 interface 0 has no altsetting 0 [ 423.431313][ T5019] usb 2-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 423.467804][T10730] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2509'. [ 423.476153][ T5019] usb 2-1: New USB device strings: Mfr=229, Product=1, SerialNumber=3 [ 423.520742][ T5019] usb 2-1: Product: syz [ 423.524941][ T5019] usb 2-1: Manufacturer: syz [ 423.567717][ T5019] usb 2-1: SerialNumber: syz [ 423.603549][ T5019] usb 2-1: config 0 descriptor?? [ 423.877654][T10735] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2511'. [ 424.330732][ T4249] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 424.585756][ T4249] usb 1-1: Using ep0 maxpacket: 16 [ 424.710921][ T4249] usb 1-1: config 0 has an invalid interface number: 41 but max is 0 [ 424.724181][ T4249] usb 1-1: config 0 has no interface number 0 [ 424.737484][ T4249] usb 1-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 424.749106][T10752] netlink: 188 bytes leftover after parsing attributes in process `syz.3.2518'. [ 424.757784][ T4249] usb 1-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 424.778382][ T4249] usb 1-1: config 0 interface 41 has no altsetting 0 [ 424.923139][ T4771] usb 2-1: USB disconnect, device number 10 [ 424.962011][ T4249] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 424.980887][ T4249] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 424.988922][ T4249] usb 1-1: Product: syz [ 425.007924][T10761] Bluetooth: hci0: service_discovery: too big uuid_count value 51713 [ 425.027675][ T4249] usb 1-1: Manufacturer: syz [ 425.045555][ T4249] usb 1-1: SerialNumber: syz [ 425.084422][ T4249] usb 1-1: config 0 descriptor?? [ 425.110917][T10737] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 425.118423][T10737] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 425.352340][T10771] netlink: 'syz.1.2527': attribute type 4 has an invalid length. [ 425.380853][ T4249] CoreChips: probe of 1-1:0.41 failed with error -71 [ 425.401432][ T4249] usb 1-1: USB disconnect, device number 8 [ 428.565435][T10821] loop4: detected capacity change from 0 to 128 [ 428.821028][T10821] EXT4-fs (loop4): Test dummy encryption mode enabled [ 429.631484][T10821] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption,usrjquota=,,errors=continue. Quota mode: none. [ 429.680147][T10821] ext4 filesystem being mounted at /475/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 429.726039][T10831] loop3: detected capacity change from 0 to 512 [ 429.854296][T10831] EXT4-fs (loop3): Test dummy encryption mode enabled [ 429.870895][T10831] EXT4-fs (loop3): Test dummy encryption mode enabled [ 429.938820][T10831] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,init_itable=0x0000000000000000,minixdf,jqfmt=vfsv1,user_xattr,inode_readahead_blks=0x0000000000000800,barrier=0x000000000100000b,errors=remount-ro,auto_da_alloc,test_dummy_encryption,min_batch_time=0x00. Quota mode: none. [ 430.387856][T10844] loop0: detected capacity change from 0 to 128 [ 430.525817][T10844] EXT4-fs (loop0): Test dummy encryption mode enabled [ 430.611810][T10844] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption,usrjquota=,,errors=continue. Quota mode: none. [ 430.660551][T10844] ext4 filesystem being mounted at /496/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 430.994880][T10857] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2558'. [ 431.719425][T10868] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2561'. [ 432.029898][T10870] netlink: 'syz.4.2564': attribute type 4 has an invalid length. [ 432.601132][T10893] netlink: 87 bytes leftover after parsing attributes in process `syz.4.2572'. [ 433.285034][T10901] netlink: 'syz.4.2574': attribute type 16 has an invalid length. [ 433.293697][T10901] netlink: 64138 bytes leftover after parsing attributes in process `syz.4.2574'. [ 433.903012][T10907] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2575'. [ 433.911092][T10909] netlink: 'syz.4.2577': attribute type 4 has an invalid length. [ 434.921251][T10931] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2587'. [ 434.930391][T10931] netlink: 50 bytes leftover after parsing attributes in process `syz.1.2587'. [ 434.966101][T10931] netlink: 'syz.1.2587': attribute type 16 has an invalid length. [ 434.974120][T10931] netlink: 64138 bytes leftover after parsing attributes in process `syz.1.2587'. [ 435.830553][T10938] netlink: 'syz.3.2589': attribute type 4 has an invalid length. [ 436.491933][T10955] loop1: detected capacity change from 0 to 1024 [ 437.120197][T10955] EXT4-fs (loop1): Unrecognized mount option "uid>00000000000000000000" or missing value [ 437.212389][T10958] netlink: 'syz.4.2597': attribute type 1 has an invalid length. [ 437.408703][T10958] 8021q: adding VLAN 0 to HW filter on device bond2 [ 437.458677][T10961] device macvlan2 entered promiscuous mode [ 437.567716][T10961] device bond2 entered promiscuous mode [ 437.626118][T10961] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 437.651947][T10961] device bond2 left promiscuous mode [ 437.914777][T10975] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 438.305489][T10977] [ 438.307853][T10977] ====================================================== [ 438.314869][T10977] WARNING: possible circular locking dependency detected [ 438.321897][T10977] syzkaller #0 Not tainted [ 438.326326][T10977] ------------------------------------------------------ [ 438.333345][T10977] syz.4.2603/10977 is trying to acquire lock: [ 438.339403][T10977] ffff888079ce8c28 ((work_completion)(&hdev->bg_scan_update)){+.+.}-{0:0}, at: __flush_work+0xc1/0x1b0 [ 438.350488][T10977] [ 438.350488][T10977] but task is already holding lock: [ 438.357851][T10977] ffffffff8d4c0f28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0x19e/0x560 [ 438.367521][T10977] [ 438.367521][T10977] which lock already depends on the new lock. [ 438.367521][T10977] [ 438.377919][T10977] [ 438.377919][T10977] the existing dependency chain (in reverse order) is: [ 438.386929][T10977] [ 438.386929][T10977] -> #4 (rfkill_global_mutex){+.+.}-{3:3}: [ 438.394942][T10977] __mutex_lock_common+0x1eb/0x2390 [ 438.400673][T10977] mutex_lock_nested+0x17/0x20 [ 438.405965][T10977] rfkill_register+0x33/0x8a0 [ 438.411180][T10977] hci_register_dev+0x452/0x970 [ 438.416570][T10977] vhci_create_device+0x32c/0x5c0 [ 438.422131][T10977] vhci_write+0x391/0x450 [ 438.427008][T10977] vfs_write+0x712/0xd00 [ 438.431774][T10977] ksys_write+0x14d/0x250 [ 438.436635][T10977] do_syscall_64+0x4c/0xa0 [ 438.441584][T10977] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 438.448020][T10977] [ 438.448020][T10977] -> #3 (&data->open_mutex){+.+.}-{3:3}: [ 438.455847][T10977] __mutex_lock_common+0x1eb/0x2390 [ 438.461587][T10977] mutex_lock_nested+0x17/0x20 [ 438.466682][T10990] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2606'. [ 438.466888][T10977] vhci_send_frame+0x88/0x100 [ 438.480985][T10977] hci_send_frame+0x1a9/0x2e0 [ 438.486204][T10977] hci_tx_work+0x9f9/0x1710 [ 438.491261][T10977] process_one_work+0x863/0x1000 [ 438.496746][T10977] worker_thread+0xaa8/0x12a0 [ 438.501958][T10977] kthread+0x436/0x520 [ 438.506561][T10977] ret_from_fork+0x1f/0x30 [ 438.511513][T10977] [ 438.511513][T10977] -> #2 ((work_completion)(&hdev->tx_work)){+.+.}-{0:0}: [ 438.520739][T10977] __flush_work+0xdd/0x1b0 [ 438.525680][T10977] hci_dev_do_close+0x1e7/0x1030 [ 438.531164][T10977] hci_error_reset+0x101/0x2c0 [ 438.536467][T10977] process_one_work+0x863/0x1000 [ 438.541931][T10977] worker_thread+0xaa8/0x12a0 [ 438.547146][T10977] kthread+0x436/0x520 [ 438.551749][T10977] ret_from_fork+0x1f/0x30 [ 438.556700][T10977] [ 438.556700][T10977] -> #1 (&hdev->req_lock){+.+.}-{3:3}: [ 438.564350][T10977] __mutex_lock_common+0x1eb/0x2390 [ 438.570076][T10977] mutex_lock_nested+0x17/0x20 [ 438.575373][T10977] bg_scan_update+0x44/0x3b0 [ 438.580500][T10977] process_one_work+0x863/0x1000 [ 438.585964][T10977] worker_thread+0xaa8/0x12a0 [ 438.591175][T10977] kthread+0x436/0x520 [ 438.595774][T10977] ret_from_fork+0x1f/0x30 [ 438.600720][T10977] [ 438.600720][T10977] -> #0 ((work_completion)(&hdev->bg_scan_update)){+.+.}-{0:0}: [ 438.610624][T10977] __lock_acquire+0x2c33/0x7c60 [ 438.616007][T10977] lock_acquire+0x197/0x3f0 [ 438.621039][T10977] __flush_work+0xdd/0x1b0 [ 438.626009][T10977] __cancel_work_timer+0x3ac/0x520 [ 438.631649][T10977] hci_request_cancel_all+0xcc/0x300 [ 438.637472][T10977] hci_dev_do_close+0x4e/0x1030 [ 438.642855][T10977] hci_rfkill_set_block+0x10a/0x190 [ 438.648602][T10977] rfkill_set_block+0x1c6/0x420 [ 438.654078][T10977] rfkill_fop_write+0x458/0x560 [ 438.659574][T10977] do_iter_write+0x3e4/0x7b0 [ 438.664687][T10977] do_writev+0x254/0x410 [ 438.669452][T10977] do_syscall_64+0x4c/0xa0 [ 438.674395][T10977] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 438.680813][T10977] [ 438.680813][T10977] other info that might help us debug this: [ 438.680813][T10977] [ 438.691035][T10977] Chain exists of: [ 438.691035][T10977] (work_completion)(&hdev->bg_scan_update) --> &data->open_mutex --> rfkill_global_mutex [ 438.691035][T10977] [ 438.706766][T10977] Possible unsafe locking scenario: [ 438.706766][T10977] [ 438.714223][T10977] CPU0 CPU1 [ 438.719599][T10977] ---- ---- [ 438.724967][T10977] lock(rfkill_global_mutex); [ 438.729731][T10977] lock(&data->open_mutex); [ 438.736839][T10977] lock(rfkill_global_mutex); [ 438.744122][T10977] lock((work_completion)(&hdev->bg_scan_update)); [ 438.750714][T10977] [ 438.750714][T10977] *** DEADLOCK *** [ 438.750714][T10977] [ 438.758953][T10977] 1 lock held by syz.4.2603/10977: [ 438.764061][T10977] #0: ffffffff8d4c0f28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0x19e/0x560 [ 438.774203][T10977] [ 438.774203][T10977] stack backtrace: [ 438.780208][T10977] CPU: 1 PID: 10977 Comm: syz.4.2603 Not tainted syzkaller #0 [ 438.787678][T10977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 438.797749][T10977] Call Trace: [ 438.801038][T10977] [ 438.804003][T10977] dump_stack_lvl+0x168/0x230 [ 438.808712][T10977] ? load_image+0x3b0/0x3b0 [ 438.813234][T10977] ? show_regs_print_info+0x20/0x20 [ 438.818459][T10977] ? print_circular_bug+0x12b/0x1a0 [ 438.823670][T10977] check_noncircular+0x274/0x310 [ 438.828619][T10977] ? add_chain_block+0x940/0x940 [ 438.833564][T10977] ? lockdep_lock+0xdc/0x1e0 [ 438.838189][T10977] ? __lock_acquire+0x12d9/0x7c60 [ 438.843213][T10977] ? lockdep_lock+0x1e0/0x1e0 [ 438.847886][T10977] ? mark_lock+0x94/0x320 [ 438.852209][T10977] __lock_acquire+0x2c33/0x7c60 [ 438.857074][T10977] ? verify_lock_unused+0x140/0x140 [ 438.862277][T10977] ? verify_lock_unused+0x140/0x140 [ 438.867508][T10977] lock_acquire+0x197/0x3f0 [ 438.872027][T10977] ? __flush_work+0xc1/0x1b0 [ 438.876615][T10977] ? __lock_acquire+0x7c60/0x7c60 [ 438.881641][T10977] ? read_lock_is_recursive+0x10/0x10 [ 438.887016][T10977] ? start_flush_work+0x776/0x820 [ 438.892049][T10977] ? _raw_spin_unlock_irqrestore+0xaa/0x100 [ 438.897942][T10977] ? _raw_spin_unlock+0x40/0x40 [ 438.902790][T10977] __flush_work+0xdd/0x1b0 [ 438.907200][T10977] ? __flush_work+0xc1/0x1b0 [ 438.911785][T10977] ? flush_work+0x20/0x20 [ 438.916115][T10977] ? try_to_grab_pending+0xf3/0x7e0 [ 438.921397][T10977] ? lockdep_hardirqs_off+0x70/0x100 [ 438.926680][T10977] ? mark_lock+0x94/0x320 [ 438.931007][T10977] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 438.936984][T10977] ? lock_chain_count+0x20/0x20 [ 438.941833][T10977] ? mark_lock+0x94/0x320 [ 438.946186][T10977] ? __cancel_work_timer+0x331/0x520 [ 438.951567][T10977] __cancel_work_timer+0x3ac/0x520 [ 438.956682][T10977] ? cancel_work_sync+0x20/0x20 [ 438.961522][T10977] ? __cancel_work+0x1f4/0x2d0 [ 438.966290][T10977] ? lockdep_hardirqs_on+0x94/0x140 [ 438.971496][T10977] ? __cancel_work+0x26f/0x2d0 [ 438.976264][T10977] ? cancel_work+0x20/0x20 [ 438.980671][T10977] ? lock_chain_count+0x20/0x20 [ 438.985512][T10977] hci_request_cancel_all+0xcc/0x300 [ 438.990791][T10977] hci_dev_do_close+0x4e/0x1030 [ 438.995633][T10977] ? _raw_spin_unlock_irqrestore+0xaa/0x100 [ 439.001521][T10977] ? _raw_spin_unlock+0x40/0x40 [ 439.006371][T10977] hci_rfkill_set_block+0x10a/0x190 [ 439.011566][T10977] ? rcu_lock_release+0x20/0x20 [ 439.016424][T10977] rfkill_set_block+0x1c6/0x420 [ 439.021280][T10977] rfkill_fop_write+0x458/0x560 [ 439.026133][T10977] ? _copy_from_user+0x111/0x170 [ 439.031076][T10977] ? rfkill_fop_read+0x4b0/0x4b0 [ 439.036113][T10977] ? common_file_perm+0x171/0x1c0 [ 439.041156][T10977] ? fsnotify_perm+0x5d/0x560 [ 439.045827][T10977] ? security_file_permission+0x75/0xa0 [ 439.051375][T10977] do_iter_write+0x3e4/0x7b0 [ 439.055968][T10977] do_writev+0x254/0x410 [ 439.060204][T10977] ? do_readv+0x3e0/0x3e0 [ 439.064529][T10977] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 439.070498][T10977] ? lock_chain_count+0x20/0x20 [ 439.075342][T10977] ? vtime_user_exit+0x2dc/0x400 [ 439.080268][T10977] ? lockdep_hardirqs_on+0x94/0x140 [ 439.085454][T10977] do_syscall_64+0x4c/0xa0 [ 439.089858][T10977] ? clear_bhb_loop+0x30/0x80 [ 439.094524][T10977] ? clear_bhb_loop+0x30/0x80 [ 439.099197][T10977] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 439.105102][T10977] RIP: 0033:0x7fbafd7746c9 [ 439.109523][T10977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 439.129139][T10977] RSP: 002b:00007fbafb9db038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 439.137541][T10977] RAX: ffffffffffffffda RBX: 00007fbafd9cafa0 RCX: 00007fbafd7746c9 [ 439.145507][T10977] RDX: 0000000000000002 RSI: 0000200000000500 RDI: 0000000000000004 [ 439.153471][T10977] RBP: 00007fbafd7f6f91 R08: 0000000000000000 R09: 0000000000000000 [ 439.161437][T10977] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 439.169403][T10977] R13: 00007fbafd9cb038 R14: 00007fbafd9cafa0 R15: 00007ffe32d72b18 [ 439.177376][T10977] [ 439.771274][ T1427] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.777599][ T1427] ieee802154 phy1 wpan1: encryption failed: -22