last executing test programs: 4m55.260375398s ago: executing program 3 (id=1472): openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/partitions\x00', 0x0, 0x0) openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0) sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="040000000000fedbdf250f00000008000300", @ANYRES32=0x0, @ANYBLOB="44000e0080000000080211000000080211000001d1e33dc95050505050500000000000000000000064002008040600000000000006020000050310180225030034103c040106b808b750e2"], 0x60}, 0x1, 0x0, 0x0, 0x90}, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000040)=0x7) syz_open_dev$loop(&(0x7f0000000100), 0xd79, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x693, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=@newlink={0x40, 0x10, 0x801, 0xfffffffd, 0x0, {}, [@IFLA_GROUP={0x8}, @IFLA_AF_SPEC={0x18, 0x1a, 0x0, 0x1, [@AF_INET6={0xc, 0xa, 0x0, 0x1, [@IFLA_INET6_ADDR_GEN_MODE={0x5, 0x8, 0x1}]}, @AF_INET={0x8, 0x2, 0x0, 0x1, {0x4}}]}]}, 0x40}}, 0x0) 4m55.181669578s ago: executing program 3 (id=1474): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x104, 0x65, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x9}, {0x0, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0xfffefffe}, @TCA_RATE={0x6, 0x5, {0x0, 0xfd}}, @filter_kind_options=@f_route={{0xa}, {0xc4, 0x2, [@TCA_ROUTE4_TO={0x8, 0x2, 0x2}, @TCA_ROUTE4_ACT={0xb8, 0x6, [@m_connmark={0x40, 0x1b, 0x0, 0x0, {{0xd}, {0x4}, {0xd, 0x6, "cf2c6fb13fe0f95a8a"}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}, @m_csum={0x74, 0xe, 0x0, 0x0, {{0x9}, {0x4}, {0x45, 0x6, "5f39a87b76988a4cdd6959e065fb7a8ddde85cc4038229c626f640efeaa38e499df3bc3c8626ac62ee3f488e9b0e241675eddcaf88bbc3e35e796ed43b1196ace2"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1}}}}]}]}}]}, 0x104}, 0x1, 0x0, 0x0, 0x600400c5}, 0x0) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 4m54.93731012s ago: executing program 3 (id=1489): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)=@newlink={0x48, 0x10, 0x1, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, 0x0, 0x21a8}, [@IFLA_IFNAME={0x14, 0x3, 'netdevsim0\x00'}, @IFLA_VFINFO_LIST={0x14, 0x16, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@IFLA_VF_LINK_STATE={0xc, 0x5, {0x3, 0x3}}]}]}]}, 0x48}}, 0x0) 4m54.811384421s ago: executing program 3 (id=1481): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x12, &(0x7f0000001400)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) sched_setaffinity(0x0, 0x0, 0x0) read$dsp(0xffffffffffffffff, &(0x7f00000002c0)=""/4096, 0x1000) write$dsp(r0, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000) ioctl$SNDCTL_DSP_GETISPACE(0xffffffffffffffff, 0x8010500d, &(0x7f00000013c0)) 4m52.630001128s ago: executing program 3 (id=1503): openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) unshare(0x22020400) syz_open_procfs(0x0, &(0x7f0000000180)='net/psched\x00') socket$nl_xfrm(0x10, 0x3, 0x6) socket$inet6_sctp(0xa, 0x1, 0x84) openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0) socket$packet(0x11, 0x3, 0x300) socket$inet_sctp(0x2, 0x1, 0x84) pselect6(0x40, &(0x7f0000000000)={0x3, 0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x8, 0x0, 0x0, 0x2, 0x4}, 0x0, 0x0) syz_emit_ethernet(0xf6, 0x0, 0x0) 4m50.438948955s ago: executing program 3 (id=1511): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) writev(r0, &(0x7f00000009c0)=[{&(0x7f0000000100)="d276b15a420a2050b473fec988ca", 0xe}], 0x1) 4m35.084034092s ago: executing program 32 (id=1511): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) writev(r0, &(0x7f00000009c0)=[{&(0x7f0000000100)="d276b15a420a2050b473fec988ca", 0xe}], 0x1) 22.737778746s ago: executing program 4 (id=2806): ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, 0x0) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, &(0x7f0000000000)={r2, @in={{0x2, 0x0, @empty}}, 0x27c0}, 0x90) 22.643957857s ago: executing program 4 (id=2807): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0x4, r0}) r2 = syz_io_uring_setup(0xd1, &(0x7f0000000480)={0x0, 0x8a73, 0x100, 0x22, 0x335}, &(0x7f0000000080)=0x0, &(0x7f0000000100)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000000)=0x103, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r2, 0x47ba, 0x0, 0x0, 0x0, 0x0) 22.506369548s ago: executing program 4 (id=2809): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x40800) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r2, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 22.454009768s ago: executing program 4 (id=2810): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEAUTHENTICATE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x1c, 0x0, 0xfc5, 0x2, 0x0, {{0x11}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x40000000}, 0x40000) 22.357951859s ago: executing program 4 (id=2814): syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000001100)='./file1\x00', 0x801, &(0x7f0000000000)={[{@block_validity}, {@nojournal_checksum}, {@errors_remount}, {@norecovery}, {@nojournal_checksum}, {@mblk_io_submit}, {@init_itable_val}, {@barrier_val}, {@grpjquota}, {@grpquota}, {@usrjquota}]}, 0x1, 0x7f0, &(0x7f0000001140)="$eJzs3d9rXFkdAPDvnUx+tpIIolYQBgQtlE6aGlsFwYgPIlgo6JMPtmEyDTWTTMlMShOCbRHBF0HFN33psz9fxFfdhd2X3f9jaenupmW77MMyy50fySS90042yaQ/Ph+4yTn3nnvP/d5z75mT3JubAF5bhfRLLuJURPwhiZhsz08iYriZykfMtco92dospVMSjcbPPkiaZR5vbZaia53UiXbmqxHxxm8jzuSerre2vrE0X6mUGy23W+uub5y9vjy/WF4sr1yYmZ09f/E7Fy8cXqwfvbtx8sEff/ytf8598puv/Ov3byYxFyfT+Jp24jgshSi0j8lwegh3+dFhV3Zs/vPrPgrlIhqNVjJ/1DvEPqSX5lC7VU7FZAw9q33GB7lnAMBRuR3pyKyHoZ5LAICXWtL6/P/Bce8HADAond8DPN7aLHWm4/2NxGA9/GFEjLXi79zfbC3Jt+/ZjTXvg048TnbdGUkiYuoQ6i9ExF//+8u/p1PsuZ8KcJTu3I2Iq1OFXf3/UDR7uF3PLOx9gKEP57JnL3ZnCnsW6v9gcP6Xjn++mzX+y22PfyJj/DOace1+Hs+//nP3I+L+8CHUlSUd/32/69m2J13xt00NtXNfaI75hpNr1yvlc9tPuw2PpvmZVibzCZnTjz591Kv+7vHfh3/61d/S+tPvOyVy9/Oju9dZmK/PHyTmbg/vRnwtnxV/2v+PNts/6TH+vdxnHT/53u/+0mtZGn8ab2d6Ov6j1bgX8c3M9k+2y6Sp6fryjela1vOJ083TofU1u45/z8VEr/oL+Z32T6e0/s7PAoOQtv/Es+OfSrqe11yt9b3p7WvhnXuT/+9VqPv8z44/+/wfSX7eTI+0592ar9dXZyJGkp8+Pf/8zrqdfKd8Gv/pb2Rf/53+L+P8/0W6/at9Hoj8g/f/0X/8aW2Dbf+FfbX/vhMx9mRpaFelo8+KP6v9Z3et3k//1+8OHuTYAQAAAAAAAAAAAAAAAAAAAAAAAEC/chFxMpJccTudyxWLrf/h/aWYyFWqtfqZa9W1lYV0WfP9p7nOqy4nu96HOtN+H34nf35P/tsR8cWI+PPoeDNfLFUrC8cdPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC0nejx//9T743uKTx0HHsIAByJMR/sAPC6SfL5494FAGDQxvouWYiI8dadAgDgpdb/5z8A8Kro/fnvxgAAvKqe8/P/3j8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP26fOlSOjU+3tospfmFm+trS9WbZxfKtaXi8lqpWKqu3iguVquLlXKxVF2OfI8N3Wl9q1SrN2ZjZe3WdL1cq0/X1jeuLFfXVupXri/PL5avlIcHGBsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Ku2vrHUmKyUV9PEfOVAibH2Ng+6nf0mcjG4ug47sfR265i9KPuTmYgXYzdehER6jnfPiTtHcM6/deHrX043eqyRxshOLzE+8H4JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4GXxWQAAAP//pZIfGQ==") r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000180)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8) 22.031601872s ago: executing program 4 (id=2817): r0 = socket(0x2, 0x80805, 0x0) sendmmsg$inet(r0, &(0x7f0000000e80)=[{{&(0x7f0000000080)={0x2, 0x0, @private=0xa010102}, 0x10, &(0x7f0000000100)=[{0x0}], 0x1}}], 0x1, 0x1005) sendmmsg(0xffffffffffffffff, &(0x7f0000000ac0)=[{{&(0x7f0000000000)=@l2tp={0x2, 0x0, @dev}, 0x80, 0x0}}], 0x1, 0x0) r1 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x76, &(0x7f0000000140)=@assoc_value={r2}, 0x8) 6.902204308s ago: executing program 2 (id=2893): ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000000)={{0x1, 0x1, 0x18}, './file0\x00'}) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, 0x0, 0x0) 6.676647679s ago: executing program 2 (id=2894): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000008500000023000000850000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) r1 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bond0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000300)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) 5.584565988s ago: executing program 2 (id=2902): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x2041, 0x0) write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x4, 0x0, 0x3, "0062ba7d820000a75e0000000000fcff00"}) r1 = syz_open_pts(r0, 0x0) r2 = dup3(r1, r0, 0x0) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x44) 4.778468704s ago: executing program 2 (id=2913): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, 0x0) sendmsg$NL80211_CMD_DEAUTHENTICATE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x1c, r1, 0xfc5, 0x2, 0x0, {{0x11}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x40000000}, 0x40000) 4.249673508s ago: executing program 2 (id=2918): r0 = socket(0x2, 0x80805, 0x0) sendmmsg$inet(r0, &(0x7f0000000e80)=[{{&(0x7f0000000080)={0x2, 0x0, @private=0xa010102}, 0x10, &(0x7f0000000100)=[{&(0x7f00000000c0)='~', 0x1}], 0x1}}], 0x1, 0x1005) sendmmsg(0xffffffffffffffff, &(0x7f0000000ac0), 0x0, 0x0) r1 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x76, &(0x7f0000000140)=@assoc_value={r2}, 0x8) 4.052988899s ago: executing program 2 (id=2922): unshare(0x64000600) syz_mount_image$udf(&(0x7f0000000c40), &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='noadinicb,nostrict,mode=00000000000000000000004,uid=forget,noadinicb,umask=00000000000000040002000,lastblock=00000000000000000013,undelete,partition=00000000000000000005,\x00'], 0x43, 0xc11, &(0x7f0000000d00)="$eJzs3V1oXOl5B/DnnSOtRto00WYTb9Jm04GUxCi18VdsBZcgZxW1AccbIit0r6LRh51h5ZGR5MabtkFtSQu9Cd2b0psimi4t5KJX3V5WabaQUAol5CK9KAiaLHvRC10ECi0bhXPmHWlky7ayXlvS7u+3zP7PnHnO+P0YnzkCvzoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAER89nOXTp1OB90KAOBxujL5pVNnff8DwLvKVT//AwAAAAAAAAAAAADAYZeiiGORYujVzTRdPe+oX261b92eGp/Y+7DBFClqUVT15aN++szZc586f2G0m/c//u324Xh+8uqlxnOLN24uzS8vz881ptqt2cW5+X2/w8Mef6eRagAaN168NXft2nLjzMmzu16+Pfz6wJPHhi9eOHF+tFs7NT4xMdlT09f/lv/0u9xrhccTUUQzUrw5/EZqRkQtHn4sHvDZedQGq06MVJ2YGp+oOrLQarZXyhdTLVfVIho9B411x+gxzMVDGYtYLZtfNnik7N7kzeZSc2ZhvvHF5tJKa6W12E61TmvL/jSiFqMpYi0iNgbufrv+KOKjkeLlU5tpJiKK7jh8sloY/OD21B5BH/ehbGejP2KtdgTm7BAbiCKuRIqfvXY8Zssxy4/4eMQXynw14pUyPxORyg/GuYif7vE54mjqiyL+PVIsps00V50PuueVy19ufL59bbGntnteOfLfD4/TIT831aOImeqMv5ne+sUOAAAAAAAAAAAAAAAAAG+3wSji25HiT579vWpdcVTr0t93cfQ9L/x275rxZx7wPmXtyYhYre1vTW5/XjqcauV/j6Bj7Es9ivhGXv/3RwfdGAAAAAAAAAAAAAAAAAAAgHe1Il6IFF85cTytRe89xVvt642rzZmFzl1hu/f+7d4zfWtra6uROjmWczrnas61nOs5N3JGLR+fcyzndM7VnGs513Nu5IwiH59zLOd0ztWcaznXc27kjL58fM6xnNM5V3Ou5VzPuZEzDsm9ewEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3klqUcTPI8W3vraZIkXEWMR0dHJ94KBbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU6qmIk5Fi/YV69XytFnE1In6+tbXVfUTEZpkP66D7CgAAAAAAAAAAAAAAAAAAAIdWKuJjkeLp/9tMjYi4Pfz6wJPHhi9eOHF+tIgiUlnSW//85NVLjecWb9xcml9enp9rTLVbs4tz8/v94+qXW+1bt6fGJx5JZx5o8BG3f7D+3OLNl5Za17+6sufrQ/VLM8srS83ZvV+OwahFTPfuGakaPDU+UTV6odVsV4em2j0aWIsY229nAAAAAAAAAAAAAAAAAAAAODSGUhGfixQ/+a9zqbtuvK+z5v9XOs+K7dpX/mDndwEs3JFdvb8/YD/bab8NHakW3jemxicmJnt29/XfXVq2KaUinokUn3j5Q9V6+BRDe66NL+veW9bdOJfrhn+trFvdVVUfmRqfaFxZbJ+4tLCwONtcac4szDcmbzZn9/2LAwAAAAAAAAAAAAAAAAAAAOA+hlIRP4oU//P3/5G6953P6//7Os961v//VrWEvlJPu3Nbtbb/vdXa/s72+y6ODn302XvtfxTr/8s2pVTENyPF2R99qLqffnf9//QdtWXdn0WKN579SK6rPVHWNbvd6bzjtdbC/Kmy9q8jxa+/2a2NqvZ6rn16p/Z0WTsYKf5yc3ftV3PtB3Zqz5S1xyPF9/5779oP7tSeLWt/Ein+6e8a3dqhsvb3c+2xndqTs4sLcw8a1nL+vxMp/vbK76Run+85/z2//2H1jtx215zff/vtmv/hnn2reV7/NM9/8wHzfz5SfKf+kVzXGfuZ/PpT1f935v8TkeI//2137bVc+/6d2tP77dZBK+f/25Hiu3/14+0+5/nPI7szQ73z/6t9u3P7U3JA8/9Uz77h3K7ZX3Is3o2WX/r6i82FhfklGzZs2NjeOOgzE49D+f3/55Hi/48VqXsdk7//39N5tnP997/f2Pn+v3hHbjug7//39+y7mK9a+vsi6is3bvY/E1FffunrJ1o3mtfnr8+3z5w+9elPnz996vT5/ie6F3c7W/seu3eCcv5/ECl++A8/3P45Zvf1397X/0N35LYDmv+ne/u067pm30PxrlTO/99Eiqc+++Ptnzfvd/3f/fn/+Md25/bfvwOa/w/07BvO7Wr9kmMBAAAAAAAAAABwlAylIv4iUvzuH/9m6q4h2s+//5u7I7cd0L//Otazb+4xrWvY9yADABwi5fXfByPFP299f3st9+7rv/iNbm3v9d+9HIb7/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFGXoog/jBRDr26m9YHyeUf9cqt96/bU+MTehw2mSFGLoqovH/XTZ86e+9T5C6PdvP/xb7cPx/OTVy81nlu8cXNpfnl5fq4x1W7NLs7N7/sdHvb4O41UA9C48eKtuWvXlhtnTp7d9fLt4dcHnjw2fPHCifOj3dqp8YmJyZ6avv63/KffJd1j/xNRxPcjxZvDb6TvDkTU4uHH4gGfnUdtsOrESNWJqfGJqiMLrWZ7pXwx1XJVLaLRc9BYd4wew1w8lLGI1bL5ZYNHyu5N3mwuNWcW5htfbC6ttFZai+1U67S27E8jajGaItYiYmPg7rfrjyK+GSlePrWZ/mUgouiOwyevTH7p1NkHt6f2CPq4D2U7G/0Ra7UjMGeH2EAU8Y+R4mevHY/vDUT0RecRH4/4QpmvRrxS5mciUvnBOBfx0z0+RxxNfVHEuUixmDbTawPl+aB7Xrn85cbn29cWe2q755Uj//3wOB3yc1M9ivhBdcbfTP/q7zUAAAAAAAAAAAAAAADAIVLEWqT4yonjqVofvL2muNW+3rjanFnoLOvrrv3rrpne2traaqROjuWczrmacy3nes6NnFHLx+ccyzmdczXnWs71nBs5o8jH5xzLOZ1zNedazvWcGzmjLx+fcyzndM7VnGs513Nu5IxDsnYPAAAAAAAAAAAAAAAAAAB4Z6lFUd3F/Vtf20xbA537S09HJ9fdD/Qd7xcBAAD//0kCdPc=") r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000000c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000240)=0x10) 3.866331661s ago: executing program 1 (id=2923): ioctl$TCSETAF(0xffffffffffffffff, 0x5408, &(0x7f0000000080)={0x49de, 0xffff, 0x20, 0x17, 0x9, "ec28a144f13d7607"}) write$binfmt_aout(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[], 0xff2e) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x4, 0x0, 0x3, "0062ba7d820000a75e0000000000fcff00"}) r0 = syz_open_pts(0xffffffffffffffff, 0x0) r1 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0x44) 3.742233822s ago: executing program 1 (id=2926): getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@dev={0xfe, 0x80, '\x00', 0x37}, 0x2, 0x1, 0xff, 0x4}, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) ioctl$FS_IOC_GETFSLABEL(r0, 0x400452c8, &(0x7f0000000100)) 3.496672124s ago: executing program 1 (id=2928): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00'}) sendmsg$NL80211_CMD_DEAUTHENTICATE(r0, 0x0, 0x40000) 3.485602074s ago: executing program 1 (id=2929): openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x0) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000700)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 3.367305345s ago: executing program 0 (id=2930): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000840)=@nat={'nat\x00', 0x19, 0x4, 0x90, [0x200000000240, 0x0, 0x0, 0x200000000270, 0x2000000003ce], 0x0, 0x0, &(0x7f0000000240)=[{0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x1, 0xffffffffffffffff}]}, 0x108) 3.216584406s ago: executing program 0 (id=2932): r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x8, 0x57e, 0x2017, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x90, 0x0, [{{0x9, 0x4, 0x0, 0xff, 0xb, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0xb, 0xf, 0x1, {0x22, 0xb}}, {{{0x9, 0x5, 0x81, 0x3, 0x400, 0x3, 0x6, 0xb}}}}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000000c0)={0x2c, &(0x7f00000003c0)=ANY=[@ANYBLOB="00240b000000010393f1ffdb6ca9da45"], 0x0, 0x0, 0x0, 0x0}, 0x0) 2.468663271s ago: executing program 1 (id=2939): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10) fsmount(0xffffffffffffffff, 0x0, 0x70) 2.404404902s ago: executing program 1 (id=2940): r0 = socket(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, 0x0, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000001440)=@newtaction={0x850, 0x31, 0x1, 0x0, 0x0, {}, [{0x83c, 0x1, [@m_police={0x838, 0x0, 0x0, 0x0, {{0xb}, {0x80c, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0xa1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}, @TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0xf7, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd8b]}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x850}}, 0x0) 1.517649809s ago: executing program 0 (id=2945): ioctl$TCSETAF(0xffffffffffffffff, 0x5408, &(0x7f0000000080)={0x49de, 0xffff, 0x20, 0x17, 0x9, "ec28a144f13d7607"}) write$binfmt_aout(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[], 0xff2e) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x4, 0x0, 0x3, "0062ba7d820000a75e0000000000fcff00"}) r0 = syz_open_pts(0xffffffffffffffff, 0x0) r1 = dup3(r0, 0xffffffffffffffff, 0x0) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0x44) 1.423455369s ago: executing program 0 (id=2946): syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x1218088, &(0x7f00000001c0)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c757466383d312c696f636861727365743d61736369692c73686f72746e616d653d77696e39352c73686f77657865632c6e66732c636865636b3d7374726963742c756e695f786c6174653d302c757466383d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c726f6469722c726f6469722c64656275672c757466383d302c726f6469722c71756965742c6572726f72733d72656d6f756e742d726f2c009c8a8fc4f74784ad79ec08fb556262ebc972ef94821f3565ef5f75f11e30ef1f72a065c510b17cae352940538b7b2c5d72f4627c25306b2479725add28f511a68f5f6f47f9facdd0cc574286d00ab52d6b9374b6a58eac694336ebe971f41860d01084c1a0fa6b51d80fa9f9d2c5a2e7a5284f93296217ef8f28e0a36e573296a0bfb38b94191f4b82873563f3759b5e193ecfab6ed7892542364757e47d656ad6a0fbb6e8bf138bddae620a3602991821d4844f628e6bdd8b62cca73744332f0185a54b"], 0x6, 0x2c2, &(0x7f00000008c0)="$eJzs3T+LI2UcB/DfZLOTUYuksBLhBrzC6nCvE5sscgfiVh4p1EIX7w5kE4Q7WPAPxqtsbSwsfAWC4Au5xncg2Ap2nnAwMpOZndk1xkQ2K7f7+TT72+d5vjPPMxmys0WefPjy7OhuHvcfffFLZFkSvXGM40kSo+hF46s4ZfxNAADPsidFEb8XC5vkkojItjctAGCL1vv732/Lny5kWgDAFt1597239w8Obr2TRRa3Z18fT8r/7Mufi/79+/FxTONevBbDeBpRPSjsRvW0UJa3i6KY9/PSKK7P5seTMjn74HF9/P3fIqr8XgxjVDWdPG1U+bcObu3lC538vJzH8/X5x2X+ZgzjxZPwqfzNJfmYpPHqK53534hh/PxRfBLTuFtNos1/uZfnbxbf/vH5++X0ynwyP54MqnGtYueCXxoAAAAAAAAAAAAAAAAAAAAAAC6xG/XeOYPIr8X1WdlU77+z8zTS8te8MWpTZf+iSpqm7v5ARVHMi/i+s6VgXtQD2/19+vFSv7uxIAAAAAAAAAAAAAAAAAAAAFxdDz/97OhwOr334FyKZjeAfkT8eSfivx5n3Gm5FqsHD+pzHk6nvbo8NeZx2m2JnWZMErFyGuUizumy/Fvx3Nk5N8UPP5YL3OSAWafl9eUL3N3+upq76+gwWX6uQTQtWX2TfJdGtGPSWPNc6T91FbHJ7Zcu7RpuvPb0haqYrxgTyaqJvfHr4srVLcnZVaTVVV0a362LTvzMvbHW6x7ZIv7394qk2q1jsL03IwAAAAAAAAAAAAAAAAAAuOLaT/8u6Xy0MtorfBQYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEui/f7/DYp5HV5jcBoPHv7PSwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAK+CsAAP//hipWFQ==") open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) unshare(0x400) writev(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000200040010000800014004000000", 0x58}], 0x1) 1.37563123s ago: executing program 0 (id=2947): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0) syz_usb_disconnect(r0) syz_usb_connect(0x4, 0x1b, &(0x7f0000000200)={{0x12, 0x1, 0x0, 0x4d, 0xef, 0xa3, 0x40, 0x41e, 0x403b, 0x1ac0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x9}}]}}, 0x0) ioctl$EVIOCRMFF(r0, 0xc0085508, &(0x7f0000000080)=0xffff001d) 532.539986ms ago: executing program 0 (id=2948): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xd9, 0x72, 0xa4, 0x40, 0x20b7, 0x1540, 0xb75a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xff}}]}}]}}, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000540)={0x34, &(0x7f00000002c0)={0x20, 0x15}, 0x0, 0x0, 0x0, 0x0, 0x0}) 390.305257ms ago: executing program 5 (id=2951): r0 = socket(0x2, 0x80805, 0x0) sendmmsg$inet(r0, &(0x7f0000000e80)=[{{&(0x7f0000000080)={0x2, 0x0, @private=0xa010102}, 0x10, &(0x7f0000000100)=[{&(0x7f00000000c0)='~', 0x1}], 0x1}}], 0x1, 0x1005) sendmmsg(0xffffffffffffffff, &(0x7f0000000ac0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r1 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x76, &(0x7f0000000140)=@assoc_value={r2}, 0x8) 342.969248ms ago: executing program 5 (id=2952): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x1001a, &(0x7f0000000180), 0x1, 0x42e, &(0x7f0000000940)="$eJzs20tvG0UcAPD/rpOUvkgo5dEHECiIiEfSpAV64AICiQsSEhzKMSRpFeI2qAkSrSIICHFFlbgjjkh8Ak5wQcAJiSsfAFWqUC4tnIzW3k1sx3k4deKCfz9pk5ndcWb+3hl7dicbQM8azn4kEYci4o+IGKxlGwsM137dXlma+ntlaSqJSuXtv5JquVsrS1NF0eJ1B/PMSBqRfp7EiRb1Lly9NjdZLs9cyfNji5c+GFu4eu352UuTF2cuzlyeOHfu7Jnxl16ceKEjcWZtunX84/mTx9549/qbU+evv/fLd0kRf1McHTK82cGnKpUOV9ddh+vSSV8XG0JbShGRna7+6vgfjFKsnbzBeP2zrjYO2FWVSqVycOPDyxXgfyyJbrcA6I7iiz67/i22PZp63BVuvlK7AMrivp1vtSN9keZl+puubztpOCLOL//zdbbF7tyHAABo8EM2/3mu1fwvjQfryt2brw0NRcR9EXEkIu6PiKMR8UBEtexDEfFwm/U3L5Ksn/+kN3YU2DZl87+X87WtxvlfMfuLoVKeO1yNvz+5MFueOZ2/JyPRvy/Lj29Sx4+v/f7lRsfq53/ZltVfzAXzdtzo29f4munJxck7ibnezU8jjve1ij9ZXQlIIuJYRBzfYR2zz3x7cqNjW8e/iQ6sM1W+iXi6dv6Xoyn+QrL5+uTYPVGeOT1W9Ir1fv3ti7c2qv+O4u+A7PwfaNn/V+MfSurXaxfa+/v7tji+0/4/kLxTTQ/k+z6aXFy8Mh4xMNfYKar7J9bni/JZ/COnWo//I7H2TpyIiKwTPxIRj0bEY3nbH4+IJyLi1CYx/vzqk+/vPP7dlcU/3db5X0sMRPOe1onS3E/fN1Q61E782fk/W02N5Hu28/m3nXa135sBAADgvymNiEORpKOr6TQdHa39v/zROJCW5xcWn70w/+Hl6dozAkPRnxZ3ugbr7oeO55f1RX6iKX8mv2/8VWl/NT86NV+e7nbw0OMObjD+M3+Wut06YNd5Xgt6l/EPvcv4h95l/EPvajH+93ejHcDea/X9/0kX2gHsvabxb9kPeojrf+hdxj/0LuMfetLC/tj6IXkJiXWJSO+KZkjsUqLbn0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACd8W8AAAD//9Oa5Js=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0) ftruncate(r1, 0x2000009) write$cgroup_int(r0, &(0x7f00000000c0), 0x12) write$binfmt_script(r1, &(0x7f0000000140), 0xfcb8) 176.672339ms ago: executing program 5 (id=2953): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x28) sendto$inet6(r0, &(0x7f0000000080)="19", 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback, 0x3}, 0x1c) recvmmsg(r0, &(0x7f0000001780)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000000c0)=""/38, 0x26}], 0x1}}], 0x1, 0x10042, 0x0) 141.021549ms ago: executing program 5 (id=2954): r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_GET_LEASE(r0, 0xc01064c8, &(0x7f0000000940)={0x0, 0x0, 0x0}) 87.86523ms ago: executing program 5 (id=2955): r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x2041, 0x0) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000080)={0x49de, 0xffff, 0x20, 0x17, 0x9, "ec28a144f13d7607"}) write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x4, 0x0, 0x3, "0062ba7d820000a75e0000000000fcff00"}) r1 = syz_open_pts(r0, 0x0) r2 = dup3(r1, r0, 0x0) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x44) 0s ago: executing program 5 (id=2956): syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x1218088, &(0x7f00000001c0)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c757466383d312c696f636861727365743d61736369692c73686f72746e616d653d77696e39352c73686f77657865632c6e66732c636865636b3d7374726963742c756e695f786c6174653d302c757466383d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c726f6469722c726f6469722c64656275672c757466383d302c726f6469722c71756965742c6572726f72733d72656d6f756e742d726f2c009c8a8fc4f74784ad79ec08fb556262ebc972ef94821f3565ef5f75f11e30ef1f72a065c510b17cae352940538b7b2c5d72f4627c25306b2479725add28f511a68f5f6f47f9facdd0cc574286d00ab52d6b9374b6a58eac694336ebe971f41860d01084c1a0fa6b51d80fa9f9d2c5a2e7a5284f93296217ef8f28e0a36e573296a0bfb38b94191f4b82873563f3759b5e193ecfab6ed7892542364757e47d656ad6a0fbb6e8bf138bddae620a3602991821d4844f628e6bdd8b62cca73744332f0185a54b"], 0x6, 0x2c2, &(0x7f00000008c0)="$eJzs3T+LI2UcB/DfZLOTUYuksBLhBrzC6nCvE5sscgfiVh4p1EIX7w5kE4Q7WPAPxqtsbSwsfAWC4Au5xncg2Ap2nnAwMpOZndk1xkQ2K7f7+TT72+d5vjPPMxmys0WefPjy7OhuHvcfffFLZFkSvXGM40kSo+hF46s4ZfxNAADPsidFEb8XC5vkkojItjctAGCL1vv732/Lny5kWgDAFt1597239w8Obr2TRRa3Z18fT8r/7Mufi/79+/FxTONevBbDeBpRPSjsRvW0UJa3i6KY9/PSKK7P5seTMjn74HF9/P3fIqr8XgxjVDWdPG1U+bcObu3lC538vJzH8/X5x2X+ZgzjxZPwqfzNJfmYpPHqK53534hh/PxRfBLTuFtNos1/uZfnbxbf/vH5++X0ynwyP54MqnGtYueCXxoAAAAAAAAAAAAAAAAAAAAAAC6xG/XeOYPIr8X1WdlU77+z8zTS8te8MWpTZf+iSpqm7v5ARVHMi/i+s6VgXtQD2/19+vFSv7uxIAAAAAAAAAAAAAAAAAAAAFxdDz/97OhwOr334FyKZjeAfkT8eSfivx5n3Gm5FqsHD+pzHk6nvbo8NeZx2m2JnWZMErFyGuUizumy/Fvx3Nk5N8UPP5YL3OSAWafl9eUL3N3+upq76+gwWX6uQTQtWX2TfJdGtGPSWPNc6T91FbHJ7Zcu7RpuvPb0haqYrxgTyaqJvfHr4srVLcnZVaTVVV0a362LTvzMvbHW6x7ZIv7394qk2q1jsL03IwAAAAAAAAAAAAAAAAAAuOLaT/8u6Xy0MtorfBQYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEui/f7/DYp5HV5jcBoPHv7PSwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAK+CsAAP//hipWFQ==") r0 = socket$netlink(0x10, 0x3, 0x8000000004) unshare(0x400) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000200040010000800014004000000", 0x58}], 0x1) kernel console output (not intermixed with test programs): : batadv_slave_0 [ 479.612591][ T4819] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 479.614705][ T4819] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 479.618754][ T4819] device bridge_slave_1 left promiscuous mode [ 479.621675][ T4819] bridge0: port 2(bridge_slave_1) entered disabled state [ 479.667481][ T4819] device bridge_slave_0 left promiscuous mode [ 479.669673][ T4819] bridge0: port 1(bridge_slave_0) entered disabled state [ 479.896540][ T4819] device veth1_macvtap left promiscuous mode [ 479.898490][ T4819] device veth0_macvtap left promiscuous mode [ 479.900232][ T4819] device veth1_vlan left promiscuous mode [ 479.901908][ T4819] device veth0_vlan left promiscuous mode [ 480.136836][ T9472] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 480.139248][ T9472] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 481.361331][ T4819] bond6 (unregistering): Released all slaves [ 482.478290][ T4819] bond5 (unregistering): Released all slaves [ 483.217666][ T4819] bond4 (unregistering): Released all slaves [ 484.128796][ T4819] bond3 (unregistering): Released all slaves [ 484.781923][ T4819] bond2 (unregistering): Released all slaves [ 485.487803][ T4819] bond1 (unregistering): Released all slaves [ 487.130904][ T4819] team0 (unregistering): Port device team_slave_1 removed [ 487.329918][ T4819] team0 (unregistering): Port device team_slave_0 removed [ 487.517934][ T4819] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 487.757494][ T4819] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 490.173855][ T4819] bond0 (unregistering): Released all slaves [ 490.941098][ T9511] syz.1.1602 (9511): drop_caches: 2 [ 493.096644][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 493.103201][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 493.110351][ T9211] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 495.283296][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 495.286723][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 495.289499][ T9562] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1615'. [ 495.318533][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 495.321236][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 495.395551][ T9211] device veth0_vlan entered promiscuous mode [ 495.408200][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 495.410881][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 495.448742][ T9211] device veth1_vlan entered promiscuous mode [ 495.533052][ T4393] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 495.542016][ T4393] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 495.546320][ T4393] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 495.562407][ T4393] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 495.573763][ T9211] device veth0_macvtap entered promiscuous mode [ 495.593206][ T9211] device veth1_macvtap entered promiscuous mode [ 495.628533][ T9211] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 495.640053][ T9211] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 495.645048][ T9211] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 495.653024][ T9211] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 495.659232][ T9211] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 495.665470][ T9211] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 495.677121][ T9211] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 495.683388][ T9211] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 495.698758][ T9211] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 495.703311][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 495.712419][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 495.715176][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 495.724469][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 495.740180][ T9211] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 495.743262][ T9211] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 495.753359][ T9211] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 495.767709][ T9211] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 495.773210][ T9211] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 495.782869][ T9211] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 495.790156][ T9211] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 495.794205][ T9211] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 495.805346][ T9211] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 495.955923][ T9211] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 495.958294][ T9211] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 495.960587][ T9211] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 495.977673][ T9211] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 496.559642][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 496.562761][ T172] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 496.779442][ T4392] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 496.781636][ T4392] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 496.804346][ T7649] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 496.835521][ T7649] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 496.839995][ T7649] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 496.844306][ T4819] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 497.114287][ T9609] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1625'. [ 499.700170][ T2060] ieee802154 phy0 wpan0: encryption failed: -22 [ 499.701981][ T2060] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.792522][ T9713] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1650'. [ 504.186203][ T9751] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1662'. [ 506.407610][ T9802] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1675'. [ 511.222513][ T9902] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1703'. [ 513.165254][ T9934] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1714'. [ 520.279775][T10074] syz.1.1750 (10074): drop_caches: 2 [ 523.919221][T10144] syz.1.1765 (10144): drop_caches: 2 [ 528.957880][T10205] syz.2.1781 (10205): drop_caches: 2 [ 534.402885][T10292] syz.0.1801 (10292): drop_caches: 2 [ 536.609504][T10326] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 536.613908][T10326] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 539.229315][T10347] syz.0.1818 (10347): drop_caches: 2 [ 542.928412][T10387] syz.2.1832 (10387): drop_caches: 2 [ 546.427464][T10426] syz.5.1845 (10426): drop_caches: 2 [ 549.222563][T10457] syz.0.1857 (10457): drop_caches: 2 [ 550.825532][T10480] syz.1.1861 (10480): drop_caches: 2 [ 555.617821][T10524] syz.1.1879 (10524): drop_caches: 2 [ 555.821316][T10521] syz.5.1878 (10521): drop_caches: 2 [ 557.476561][T10537] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 557.494082][T10537] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 559.710777][T10571] syz.5.1891 (10571): drop_caches: 2 [ 561.128122][ T2060] ieee802154 phy0 wpan0: encryption failed: -22 [ 561.130009][ T2060] ieee802154 phy1 wpan1: encryption failed: -22 [ 565.777257][T10617] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 565.805968][T10617] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 566.967144][T10634] syz.0.1910 (10634): drop_caches: 2 [ 568.683823][ T9213] Bluetooth: hci5: command 0x0406 tx timeout [ 570.904276][T10681] syz.2.1926 (10681): drop_caches: 2 [ 571.526474][T10686] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1928'. [ 573.776948][T10710] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 573.784761][T10710] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 575.158802][T10732] syz.4.1944 (10732): drop_caches: 2 [ 576.129830][T10748] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1952'. [ 577.101833][T10783] syz.1.1965 (10783): drop_caches: 2 [ 577.264944][T10790] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1968'. [ 577.966892][T10809] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 577.969323][T10809] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 580.088783][T10830] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1982'. [ 580.386683][T10837] syz.5.1984 (10837): drop_caches: 2 [ 582.101570][T10881] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 582.106142][T10881] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 583.615969][T10891] syz.1.2003 (10891): drop_caches: 2 [ 586.104752][T10932] syz.5.2017 (10932): drop_caches: 2 [ 586.340078][T10937] net veth1_virt_wifi ÿÿÿÿÿÿ: renamed from virt_wifi0 [ 586.398249][T10939] syz.4.2014 (10939): drop_caches: 2 [ 586.849982][T10952] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 586.852758][T10952] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 589.693352][T10992] syz.4.2035 (10992): drop_caches: 2 [ 591.634918][T11029] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 591.647676][T11029] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 592.715192][T11032] net veth1_virt_wifi ÿÿÿÿÿÿ: renamed from virt_wifi0 [ 592.780121][T11032] syz.2.2049 (11032): drop_caches: 2 [ 593.131885][T11045] syz.4.2053 (11045): drop_caches: 2 [ 596.230583][T11094] syz.1.2068 (11094): drop_caches: 2 [ 596.328021][T11097] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 596.352229][T11097] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 597.398611][T11105] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 597.404605][T11105] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 600.175984][T11145] syz.4.2084 (11145): drop_caches: 2 [ 600.628278][T11152] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 600.634490][T11152] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 604.434563][T11189] syz.5.2099 (11189): drop_caches: 2 [ 604.622301][T11201] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 604.627022][T11201] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 606.546529][T11232] syz.1.2115 (11232): drop_caches: 2 [ 607.245953][ T7] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 607.435980][ T7] usb 1-1: Using ep0 maxpacket: 16 [ 607.441470][ T7] usb 1-1: New USB device found, idVendor=05d1, idProduct=2002, bcdDevice= 7.00 [ 607.444112][ T7] usb 1-1: New USB device strings: Mfr=51, Product=2, SerialNumber=3 [ 607.446980][ T7] usb 1-1: Product: syz [ 607.448187][ T7] usb 1-1: Manufacturer: syz [ 607.449518][ T7] usb 1-1: SerialNumber: syz [ 607.453969][ T7] usb 1-1: config 0 descriptor?? [ 607.458120][ T7] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected [ 607.461135][ T7] usb 1-1: Detected FT2232H [ 609.927670][T11268] syz.2.2127 (11268): drop_caches: 2 [ 609.961716][ T7] ftdi_sio ttyUSB0: Unable to read latency timer: -71 [ 609.963906][ T7] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 609.966551][ T7] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 609.978790][ T7] usb 1-1: USB disconnect, device number 10 [ 609.984105][ T7] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 609.987187][ T7] ftdi_sio 1-1:0.0: device disconnected [ 612.067049][T11299] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 612.069662][T11299] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 613.659960][T11311] syz.0.2140 (11311): drop_caches: 2 [ 614.841506][ T27] kauditd_printk_skb: 1 callbacks suppressed [ 614.841519][ T27] audit: type=1326 audit(614.820:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11329 comm="syz.4.2147" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff9555ad28 code=0x0 [ 616.057713][T11354] syz.5.2156 (11354): drop_caches: 2 [ 617.817388][ T27] audit: type=1326 audit(617.800:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11367 comm="syz.0.2160" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffa9d5ad28 code=0x0 [ 617.937441][T11371] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 617.939890][T11371] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 618.837295][T11392] syz.4.2168 (11392): drop_caches: 2 [ 621.566500][ T27] audit: type=1326 audit(621.550:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11429 comm="syz.5.2181" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff9175ad28 code=0x0 [ 622.512838][T11441] syz.0.2184 (11441): drop_caches: 2 [ 622.579633][ T2060] ieee802154 phy0 wpan0: encryption failed: -22 [ 622.581590][ T2060] ieee802154 phy1 wpan1: encryption failed: -22 [ 622.770602][T11449] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 622.784035][T11449] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 629.421113][T11513] syz.4.2206 (11513): drop_caches: 2 [ 629.652913][T11522] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 629.655328][T11522] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 631.082429][T11535] loop5: detected capacity change from 0 to 2048 [ 631.107958][T11535] EXT4-fs: Ignoring removed mblk_io_submit option [ 631.207028][T11535] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 631.219887][T11535] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 631.222445][T11535] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 631.291442][T11535] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 631.346384][T11535] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 631.502386][T11546] loop0: detected capacity change from 0 to 32768 [ 631.504506][T11546] ======================================================= [ 631.504506][T11546] WARNING: The mand mount option has been deprecated and [ 631.504506][T11546] and is ignored by this kernel. Remove the mand [ 631.504506][T11546] option from the mount to silence this warning. [ 631.504506][T11546] ======================================================= [ 631.584269][T11546] XFS (loop0): Mounting V5 Filesystem [ 631.587379][T11556] loop1: detected capacity change from 0 to 128 [ 631.617039][T11556] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 631.660996][T11546] XFS (loop0): Ending clean mount [ 631.670959][T11546] XFS (loop0): Quotacheck needed: Please wait. [ 631.755719][T11546] XFS (loop0): Quotacheck: Done. [ 631.806968][ T4305] EXT4-fs (loop1): unmounting filesystem. [ 631.895146][ T4295] XFS (loop0): Unmounting Filesystem [ 631.902609][T11572] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2218'. [ 631.914183][T11572] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2218'. [ 631.919228][ T9211] EXT4-fs (loop5): unmounting filesystem. [ 632.119046][T11582] block nbd1: shutting down sockets [ 632.213003][T11590] loop1: detected capacity change from 0 to 1024 [ 632.253585][T11590] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 632.495506][T11597] loop0: detected capacity change from 0 to 32768 [ 632.508708][T11597] (syz.0.2219,11597,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 632.520572][T11597] (syz.0.2219,11597,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 632.558016][T11597] JBD2: Ignoring recovery information on journal [ 632.558936][ T4305] EXT4-fs (loop1): unmounting filesystem. [ 632.602036][T11597] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 632.796598][ T4295] ocfs2: Unmounting device (7,0) on (node local) [ 632.800308][T11615] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 632.813832][T11615] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 632.867058][T11619] netlink: 'syz.5.2234': attribute type 21 has an invalid length. [ 632.879735][T11614] loop1: detected capacity change from 0 to 4096 [ 632.996589][T11622] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2236'. [ 633.006843][T11623] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 633.009306][T11623] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 633.077435][T11623] loop5: detected capacity change from 0 to 2048 [ 633.084770][T11623] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 633.481611][T11637] loop4: detected capacity change from 0 to 32768 [ 633.483849][T11637] XFS: attr2 mount option is deprecated. [ 633.496938][T11637] XFS (loop4): Mounting V5 Filesystem [ 633.513938][T11646] loop2: detected capacity change from 0 to 1024 [ 633.527802][T11637] XFS (loop4): Ending clean mount [ 633.531120][T11637] XFS (loop4): Quotacheck needed: Please wait. [ 633.562652][T11637] XFS (loop4): Quotacheck: Done. [ 633.595179][ T4296] XFS (loop4): Unmounting Filesystem [ 633.604879][T10458] hfsplus: b-tree write err: -5, ino 4 [ 633.674255][T11651] device syzkaller0 entered promiscuous mode [ 633.822420][T11655] capability: warning: `syz.5.2247' uses 32-bit capabilities (legacy support in use) [ 633.872307][T11657] loop5: detected capacity change from 0 to 128 [ 633.880058][T11657] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 633.903240][T11657] FAT-fs (loop5): error, invalid access to FAT (entry 0x0fff0007) [ 633.905547][T11657] FAT-fs (loop5): Filesystem has been set read-only [ 633.908227][T11657] FAT-fs (loop5): error, invalid access to FAT (entry 0x0fff0007) [ 633.948501][ T9211] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 634.349942][T11666] loop0: detected capacity change from 0 to 40427 [ 634.361615][T11666] F2FS-fs (loop0): Unrecognized mount option "age_extent_cache" or missing value [ 634.368793][T11668] loop1: detected capacity change from 0 to 32768 [ 634.398920][T11668] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 634.504391][ T4305] (syz-executor,4305,0):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 72 [ 634.529976][ T4305] ocfs2: Unmounting device (7,1) on (node local) [ 634.795184][T11675] loop1: detected capacity change from 0 to 32768 [ 634.815709][T11675] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 634.847864][ T4305] (syz-executor,4305,1):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 72 [ 634.852615][ T4305] ocfs2: Unmounting device (7,1) on (node local) [ 635.307357][T11687] loop1: detected capacity change from 0 to 32768 [ 635.442111][T11687] XFS (loop1): Mounting V5 Filesystem [ 635.513420][T11700] loop0: detected capacity change from 0 to 256 [ 635.545230][T11687] XFS (loop1): Ending clean mount [ 635.548710][T11700] FAT-fs (loop0): bogus sectors per cluster 0 [ 635.550339][T11700] FAT-fs (loop0): Can't find a valid FAT filesystem [ 635.559673][T11687] XFS (loop1): Quotacheck needed: Please wait. [ 635.596235][T11687] XFS (loop1): Quotacheck: Done. [ 635.624610][ T4305] XFS (loop1): Unmounting Filesystem [ 635.647154][T11707] loop0: detected capacity change from 0 to 256 [ 635.694057][T11707] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d) [ 635.758169][T11709] loop5: detected capacity change from 0 to 512 [ 635.797931][T11709] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 635.801584][T11709] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 635.820933][T11709] EXT4-fs (loop5): 1 truncate cleaned up [ 635.822481][T11709] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 635.964737][ T9211] EXT4-fs (loop5): unmounting filesystem. [ 636.072485][T11715] loop5: detected capacity change from 0 to 128 [ 636.172044][T11713] loop0: detected capacity change from 0 to 65536 [ 636.234767][T11713] XFS (loop0): Mounting V5 Filesystem [ 636.291331][T11713] XFS (loop0): Ending clean mount [ 636.293870][T11713] XFS (loop0): Quotacheck needed: Please wait. [ 636.312545][T11727] loop1: detected capacity change from 0 to 256 [ 636.354459][T11713] XFS (loop0): Quotacheck: Done. [ 636.377293][T11727] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 636.401130][ T4295] XFS (loop0): Unmounting Filesystem [ 636.596992][T11734] loop1: detected capacity change from 0 to 4096 [ 636.635581][T11735] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 636.983681][T11739] loop0: detected capacity change from 0 to 2048 [ 637.014288][T11737] loop1: detected capacity change from 0 to 32768 [ 637.025491][T11739] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found! [ 637.063534][T11739] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 645.513689][T11753] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2281'. [ 645.629995][T11759] loop1: detected capacity change from 0 to 256 [ 645.879522][T11762] loop4: detected capacity change from 0 to 40427 [ 645.908880][T11768] loop5: detected capacity change from 0 to 32768 [ 645.921289][T11759] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 196) [ 645.923630][T11759] FAT-fs (loop1): Filesystem has been set read-only [ 645.926351][T11768] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 scanned by syz.5.2288 (11768) [ 645.936287][T11762] F2FS-fs (loop4): invalid crc value [ 645.945282][T11768] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 645.948369][T11768] BTRFS info (device loop5): using crc32c (crc32c-generic) checksum algorithm [ 645.950757][T11768] BTRFS info (device loop5): max_inline at 0 [ 645.952350][T11768] BTRFS info (device loop5): enabling disk space caching [ 645.954188][T11768] BTRFS info (device loop5): setting nodatasum [ 645.955886][T11768] BTRFS info (device loop5): turning off barriers [ 645.957592][T11768] BTRFS info (device loop5): turning on flush-on-commit [ 645.959484][T11768] BTRFS info (device loop5): doing ref verification [ 645.961175][T11768] BTRFS info (device loop5): force clearing of disk cache [ 645.963013][T11768] BTRFS info (device loop5): enabling ssd optimizations [ 645.964796][T11768] BTRFS info (device loop5): max_inline at 4096 [ 645.966498][T11768] BTRFS info (device loop5): disk space caching is enabled [ 645.973321][T11762] F2FS-fs (loop4): Found nat_bits in checkpoint [ 646.010246][T11762] F2FS-fs (loop4): recover fsync data on readonly fs [ 646.015311][T11762] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 646.025339][T11772] loop2: detected capacity change from 0 to 1024 [ 646.026030][ T4342] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 646.035913][ T4305] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 196) [ 646.055398][T11775] f2fs_ckpt-7:4: attempt to access beyond end of device [ 646.055398][T11775] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 646.145989][T11785] device vlan2 entered promiscuous mode [ 646.175632][ T9246] hfsplus: b-tree write err: -5, ino 4 [ 646.202760][T11793] loop1: detected capacity change from 0 to 512 [ 646.211228][ T4342] usb 1-1: config index 0 descriptor too short (expected 2340, got 36) [ 646.213862][ T4342] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 646.219532][ T4342] usb 1-1: config 0 interface 0 altsetting 254 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 646.221290][T11793] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002] [ 646.225393][T11793] System zones: 1-12 [ 646.227686][ T4342] usb 1-1: config 0 interface 0 has no altsetting 0 [ 646.229870][ T4342] usb 1-1: New USB device found, idVendor=17ef, idProduct=6085, bcdDevice= 0.00 [ 646.232882][ T4342] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 646.248913][T11793] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 33619980: comm syz.1.2291: invalid block [ 646.264260][T11793] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.2291: invalid indirect mapped block 1819239214 (level 1) [ 646.277894][T11793] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.2291: bg 0: block 361: padding at end of block bitmap is not set [ 646.282334][T11793] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 646.284634][ T4342] usb 1-1: config 0 descriptor?? [ 646.297407][T11793] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #13: comm syz.1.2291: attempt to clear invalid blocks 33619980 len 1 [ 646.315417][ T4342] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 646.330683][T11768] BTRFS info (device loop5): rebuilding free space tree [ 646.358347][T11768] BTRFS info (device loop5): disabling free space tree [ 646.360893][T11768] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 646.363607][T11768] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 646.376346][T11793] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.2291: invalid indirect mapped block 1819239214 (level 0) [ 646.383753][T11793] EXT4-fs (loop1): 1 truncate cleaned up [ 646.387961][T11793] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 646.403521][T11793] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 646.453865][ T9211] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 646.512094][ T4343] usb 1-1: USB disconnect, device number 11 [ 646.512729][ T4305] EXT4-fs (loop1): unmounting filesystem. [ 646.650510][T11809] loop2: detected capacity change from 0 to 1024 [ 646.724886][T11809] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 646.890434][T11811] loop4: detected capacity change from 0 to 4096 [ 646.916234][T11815] loop1: detected capacity change from 0 to 32768 [ 646.925229][T11815] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.2297 (11815) [ 646.944367][T11815] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 646.947501][T11815] BTRFS info (device loop1): using crc32c (crc32c-generic) checksum algorithm [ 646.949872][T11815] BTRFS info (device loop1): max_inline at 0 [ 646.951554][T11815] BTRFS info (device loop1): enabling disk space caching [ 646.953479][T11815] BTRFS info (device loop1): setting nodatasum [ 646.955110][T11815] BTRFS info (device loop1): turning off barriers [ 646.956858][T11815] BTRFS info (device loop1): turning on flush-on-commit [ 646.958668][T11815] BTRFS info (device loop1): doing ref verification [ 646.960473][T11815] BTRFS info (device loop1): force clearing of disk cache [ 646.962317][T11815] BTRFS info (device loop1): enabling ssd optimizations [ 646.964215][T11815] BTRFS info (device loop1): force zlib compression, level 3 [ 646.966297][T11815] BTRFS info (device loop1): max_inline at 4096 [ 646.967964][T11815] BTRFS info (device loop1): disk space caching is enabled [ 646.987232][T11824] loop5: detected capacity change from 0 to 128 [ 646.989864][T11822] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 647.011985][ T4303] EXT4-fs (loop2): unmounting filesystem. [ 647.016791][T11824] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 647.162837][T11831] loop0: detected capacity change from 0 to 512 [ 647.165510][T11835] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 647.169827][T11835] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 647.186637][ T9211] EXT4-fs (loop5): unmounting filesystem. [ 647.202509][T11831] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.2300: iget: bad extended attribute block 1 [ 647.217547][T11831] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.2300: couldn't read orphan inode 15 (err -117) [ 647.226046][T11831] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 647.273444][T11815] BTRFS info (device loop1): rebuilding free space tree [ 647.281659][ T4295] EXT4-fs (loop0): unmounting filesystem. [ 647.283860][T11815] BTRFS info (device loop1): disabling free space tree [ 647.285746][T11815] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 647.288388][T11815] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 647.310042][T11851] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 647.330422][T11851] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 647.371477][T11853] loop4: detected capacity change from 0 to 256 [ 647.444396][ T4305] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 647.586414][T11855] loop0: detected capacity change from 0 to 4096 [ 647.589280][T11855] ntfs3: loop0: Different NTFS' sector size (2048) and media sector size (512) [ 647.624206][T11766] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 12 /dev/loop1 scanned by udevd (11766) [ 647.802193][T11866] netlink: 212 bytes leftover after parsing attributes in process `syz.1.2318'. [ 647.894834][T11869] loop2: detected capacity change from 0 to 4096 [ 647.990782][T11867] loop4: detected capacity change from 0 to 32768 [ 648.036730][T11874] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 648.236961][T11877] loop0: detected capacity change from 0 to 40427 [ 648.252159][T11877] F2FS-fs (loop0): invalid crc value [ 648.376690][T11877] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 648.404714][T11877] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 648.547478][T11884] loop1: detected capacity change from 0 to 40427 [ 648.552497][T11884] F2FS-fs (loop1): invalid crc value [ 648.603882][T11884] F2FS-fs (loop1): Found nat_bits in checkpoint [ 648.643995][T11884] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 648.709150][ T4305] syz-executor: attempt to access beyond end of device [ 648.709150][ T4305] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 648.813725][T11895] loop4: detected capacity change from 0 to 128 [ 648.841128][T11895] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 649.132727][T11903] loop2: detected capacity change from 0 to 8 [ 649.142371][ T4296] EXT4-fs (loop4): unmounting filesystem. [ 649.181983][T11901] loop5: detected capacity change from 0 to 32768 [ 649.302195][T11901] XFS (loop5): Mounting V5 Filesystem [ 649.381281][T11917] loop2: detected capacity change from 0 to 256 [ 649.395583][T11917] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x995b9f63, utbl_chksum : 0xe619d30d) [ 649.413489][T11901] XFS (loop5): Ending clean mount [ 649.417249][T11901] XFS (loop5): Quotacheck needed: Please wait. [ 649.455199][T11901] XFS (loop5): Quotacheck: Done. [ 649.784385][T11921] loop2: detected capacity change from 0 to 32768 [ 649.863577][T11929] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 649.863731][ T9211] XFS (loop5): Unmounting Filesystem [ 649.866498][T11929] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 649.895207][T11921] XFS (loop2): Mounting V5 Filesystem [ 649.926490][T11934] loop0: detected capacity change from 0 to 4096 [ 649.979249][T11921] XFS (loop2): Ending clean mount [ 649.983999][T11921] XFS (loop2): Quotacheck needed: Please wait. [ 650.001788][T11939] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 650.015421][T11921] XFS (loop2): Quotacheck: Done. [ 650.083434][ T4303] XFS (loop2): Unmounting Filesystem [ 650.407404][ T27] audit: type=1326 audit(650.390:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11951 comm="syz.5.2329" exe="/root/syz-executor" sig=9 arch=c00000b7 syscall=98 compat=0 ip=0xffff9175ad28 code=0x0 [ 650.416701][T11949] loop0: detected capacity change from 0 to 4096 [ 650.820902][T11964] loop4: detected capacity change from 0 to 32768 [ 650.967885][T11964] XFS (loop4): Mounting V5 Filesystem [ 651.064659][T11964] XFS (loop4): Ending clean mount [ 651.067871][T11964] XFS (loop4): Quotacheck needed: Please wait. [ 651.105151][T11964] XFS (loop4): Quotacheck: Done. [ 651.146265][T11970] loop1: detected capacity change from 0 to 65536 [ 651.247310][ T4296] XFS (loop4): Unmounting Filesystem [ 651.269716][T11970] XFS (loop1): Mounting V5 Filesystem [ 651.346304][T11970] XFS (loop1): Ending clean mount [ 651.348872][T11970] XFS (loop1): Quotacheck needed: Please wait. [ 651.420438][T11970] XFS (loop1): Quotacheck: Done. [ 651.524868][ T4305] XFS (loop1): Unmounting Filesystem [ 651.572470][T12004] loop2: detected capacity change from 0 to 64 [ 651.732941][T12002] loop5: detected capacity change from 0 to 32768 [ 651.746588][T12002] BTRFS error: device /dev/loop5 already registered with a higher generation, found 8 expect 12 [ 651.841659][T12007] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready [ 651.861818][T12011] loop4: detected capacity change from 0 to 512 [ 651.880613][T12007] bridge0: port 3(vlan2) entered blocking state [ 651.890661][T12007] bridge0: port 3(vlan2) entered disabled state [ 651.893271][T12007] device vlan2 entered promiscuous mode [ 651.900745][T12007] device syz_tun entered promiscuous mode [ 651.923532][T12007] bridge0: port 3(vlan2) entered blocking state [ 651.925563][T12007] bridge0: port 3(vlan2) entered forwarding state [ 651.942629][T12011] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 651.985321][T10458] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready [ 652.070223][T12020] loop0: detected capacity change from 0 to 128 [ 652.082593][ T4296] EXT4-fs (loop4): unmounting filesystem. [ 652.209869][T12027] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2361'. [ 652.343593][T12033] loop5: detected capacity change from 0 to 64 [ 652.350989][T12034] loop4: detected capacity change from 0 to 512 [ 652.466220][T12034] EXT4-fs warning (device loop4): ext4_enable_quotas:7030: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 652.471634][T12034] EXT4-fs (loop4): mount failed [ 652.538922][T12046] loop2: detected capacity change from 0 to 2048 [ 652.541835][T12046] NILFS (loop2): couldn't find nilfs on the device [ 652.713033][T12057] loop4: detected capacity change from 0 to 512 [ 652.741538][T12059] loop1: detected capacity change from 0 to 256 [ 652.743999][T12057] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 652.820286][T12059] FAT-fs (loop1): Directory bread(block 64) failed [ 652.822284][T12059] FAT-fs (loop1): Directory bread(block 65) failed [ 652.824195][T12059] FAT-fs (loop1): Directory bread(block 66) failed [ 652.828295][T12057] EXT4-fs (loop4): 1 truncate cleaned up [ 652.829878][T12057] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 652.858548][T12059] FAT-fs (loop1): Directory bread(block 67) failed [ 652.860458][T12059] FAT-fs (loop1): Directory bread(block 68) failed [ 652.862193][T12059] FAT-fs (loop1): Directory bread(block 69) failed [ 652.863948][T12059] FAT-fs (loop1): Directory bread(block 70) failed [ 652.865658][T12059] FAT-fs (loop1): Directory bread(block 71) failed [ 652.872428][T12059] FAT-fs (loop1): Directory bread(block 72) failed [ 652.874261][T12059] FAT-fs (loop1): Directory bread(block 73) failed [ 653.024168][T12065] loop2: detected capacity change from 0 to 32768 [ 653.035373][T12066] bridge0: port 2(bridge_slave_1) entered disabled state [ 653.064491][T12065] XFS (loop2): Mounting V5 Filesystem [ 653.239149][ T4296] EXT4-fs (loop4): unmounting filesystem. [ 653.261322][T12065] XFS (loop2): Ending clean mount [ 653.264049][T12065] XFS (loop2): Quotacheck needed: Please wait. [ 653.321510][T12065] XFS (loop2): Quotacheck: Done. [ 653.561399][T12085] loop0: detected capacity change from 0 to 40427 [ 653.565044][T12085] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x3ffff [ 653.567381][T12085] F2FS-fs (loop0): LFS not compatible with checkpoint=disable [ 653.802035][T11764] I/O error, dev loop0, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 653.826030][T12087] loop1: detected capacity change from 0 to 32768 [ 653.828422][T12087] XFS: attr2 mount option is deprecated. [ 653.939564][T12087] XFS (loop1): Mounting V5 Filesystem [ 654.058541][T12087] XFS (loop1): Ending clean mount [ 654.064167][T12087] XFS (loop1): Quotacheck needed: Please wait. [ 654.130284][T12087] XFS (loop1): Quotacheck: Done. [ 654.150518][ T4303] XFS (loop2): Unmounting Filesystem [ 654.182276][ T4305] XFS (loop1): Unmounting Filesystem [ 654.289986][T12106] loop4: detected capacity change from 0 to 1764 [ 654.570864][ T4341] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 654.574623][T12112] loop4: detected capacity change from 0 to 4096 [ 654.770251][ T4341] usb 1-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 654.773031][ T4341] usb 1-1: config 0 interface 0 has no altsetting 0 [ 654.777027][ T4341] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 654.789491][ T4341] usb 1-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 654.791882][ T4341] usb 1-1: Product: syz [ 654.792970][ T4341] usb 1-1: Manufacturer: syz [ 654.794222][ T4341] usb 1-1: SerialNumber: syz [ 654.820133][ T4341] usb 1-1: config 0 descriptor?? [ 654.862903][ T4341] usb 1-1: selecting invalid altsetting 0 [ 654.881864][T12116] loop2: detected capacity change from 0 to 40427 [ 654.893537][T12116] F2FS-fs (loop2): invalid crc value [ 654.948343][T12116] F2FS-fs (loop2): Found nat_bits in checkpoint [ 654.963239][T12116] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 655.103890][ T4303] syz-executor: attempt to access beyond end of device [ 655.103890][ T4303] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 655.187296][ T24] usb 1-1: USB disconnect, device number 12 [ 655.251790][T12134] loop1: detected capacity change from 0 to 64 [ 655.255712][T12132] loop4: detected capacity change from 0 to 2048 [ 655.317627][T12134] hfs: request for non-existent node 24 in B*Tree [ 655.319672][T12134] hfs: request for non-existent node 24 in B*Tree [ 655.351783][T12134] hfs: request for non-existent node 25 in B*Tree [ 655.357418][T12134] hfs: request for non-existent node 25 in B*Tree [ 655.365654][T12134] hfs: request for non-existent node 26 in B*Tree [ 655.370923][T12134] hfs: request for non-existent node 26 in B*Tree [ 655.374239][T12134] hfs: request for non-existent node 27 in B*Tree [ 655.381052][T12134] hfs: request for non-existent node 27 in B*Tree [ 655.383571][T12134] hfs: request for non-existent node 28 in B*Tree [ 655.385360][T12134] hfs: request for non-existent node 28 in B*Tree [ 655.458632][T11817] udevd[11817]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 655.925498][T12166] loop2: detected capacity change from 0 to 1024 [ 656.114579][ T4819] hfsplus: b-tree write err: -5, ino 4 [ 656.204474][T12182] loop2: detected capacity change from 0 to 1024 [ 656.218807][T12182] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 656.219063][T12185] atomic_op 00000000a74eacc2 conn xmit_atomic 0000000000000000 [ 656.221547][T12182] EXT4-fs (loop2): orphan cleanup on readonly fs [ 656.235655][T12182] EXT4-fs error (device loop2): __ext4_get_inode_loc:4506: comm syz.2.2417: Invalid inode table block 0 in block_group 0 [ 656.294801][T12182] EXT4-fs (loop2): Remounting filesystem read-only [ 656.298443][T12182] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5885: Corrupt filesystem [ 656.321358][T12182] EXT4-fs (loop2): Remounting filesystem read-only [ 656.323167][T12182] EXT4-fs error (device loop2): ext4_quota_write:7190: inode #3: comm syz.2.2417: mark_inode_dirty error [ 656.355740][T12182] EXT4-fs (loop2): Remounting filesystem read-only [ 656.366802][T12182] Quota error (device loop2): write_blk: dquota write failed [ 656.369069][T12182] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 656.371900][T12182] EXT4-fs error (device loop2): ext4_acquire_dquot:6795: comm syz.2.2417: Failed to acquire dquot type 0 [ 656.393041][T12182] EXT4-fs (loop2): Remounting filesystem read-only [ 656.394873][T12182] EXT4-fs error (device loop2): __ext4_get_inode_loc:4506: comm syz.2.2417: Invalid inode table block 0 in block_group 0 [ 656.421039][T12182] EXT4-fs (loop2): Remounting filesystem read-only [ 656.422749][T12182] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5885: Corrupt filesystem [ 656.437051][T12182] EXT4-fs (loop2): Remounting filesystem read-only [ 656.438881][T12182] EXT4-fs error (device loop2): ext4_ext_truncate:4453: inode #15: comm syz.2.2417: mark_inode_dirty error [ 656.446013][T12182] EXT4-fs (loop2): Remounting filesystem read-only [ 656.448042][T12182] EXT4-fs error (device loop2): __ext4_get_inode_loc:4506: comm syz.2.2417: Invalid inode table block 0 in block_group 0 [ 656.464697][T12198] loop1: detected capacity change from 0 to 256 [ 656.478015][T12182] EXT4-fs (loop2): Remounting filesystem read-only [ 656.479852][T12182] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5885: Corrupt filesystem [ 656.484019][T12200] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 656.504148][T12198] exfat: Deprecated parameter 'namecase' [ 656.512621][T12182] EXT4-fs (loop2): Remounting filesystem read-only [ 656.514456][T12182] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem [ 656.516553][T12198] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 656.520046][T12182] EXT4-fs (loop2): Remounting filesystem read-only [ 656.521961][T12182] EXT4-fs error (device loop2): __ext4_get_inode_loc:4506: comm syz.2.2417: Invalid inode table block 0 in block_group 0 [ 656.522158][T12200] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 656.528666][T12182] EXT4-fs (loop2): Remounting filesystem read-only [ 656.532130][T12182] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5885: Corrupt filesystem [ 656.537541][T12182] EXT4-fs (loop2): Remounting filesystem read-only [ 656.539518][T12182] EXT4-fs error (device loop2): ext4_truncate:4311: inode #15: comm syz.2.2417: mark_inode_dirty error [ 656.561353][T12182] EXT4-fs (loop2): Remounting filesystem read-only [ 656.563406][T12182] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem [ 656.582482][T12182] EXT4-fs (loop2): Remounting filesystem read-only [ 656.593269][T12182] EXT4-fs (loop2): 1 truncate cleaned up [ 656.605230][T12182] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 656.641546][T12182] EXT4-fs error (device loop2): __ext4_get_inode_loc:4506: comm syz.2.2417: Invalid inode table block 0 in block_group 0 [ 656.710102][ T4303] EXT4-fs (loop2): unmounting filesystem. [ 656.851242][ T5723] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 656.885089][T12217] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 656.890188][T12219] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2434'. [ 656.893172][T12217] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 657.033571][ T5723] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 657.036435][ T5723] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 657.038878][ T5723] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 657.051557][ T5723] usb 1-1: config 0 descriptor?? [ 657.060058][ T5723] pwc: Askey VC010 type 2 USB webcam detected. [ 657.360234][T12234] loop1: detected capacity change from 0 to 32768 [ 657.363202][T12234] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.2440 (12234) [ 657.368879][T12234] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 657.371616][T12234] BTRFS info (device loop1): using sha256 (sha256-ce) checksum algorithm [ 657.373867][T12234] BTRFS info (device loop1): enabling ssd optimizations [ 657.375739][T12234] BTRFS info (device loop1): using free space tree [ 657.456556][T12246] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 657.459367][T12246] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 657.463502][ T5723] pwc: recv_control_msg error -32 req 02 val 2b00 [ 657.472870][ T5723] pwc: recv_control_msg error -32 req 02 val 2700 [ 657.475148][ T5723] pwc: recv_control_msg error -32 req 02 val 2c00 [ 657.478271][ T5723] pwc: recv_control_msg error -32 req 04 val 1000 [ 657.482886][ T5723] pwc: recv_control_msg error -32 req 04 val 1300 [ 657.493024][ T5723] pwc: recv_control_msg error -32 req 04 val 1400 [ 657.505365][ T5723] pwc: recv_control_msg error -32 req 02 val 2000 [ 657.512719][ T5723] pwc: recv_control_msg error -32 req 02 val 2100 [ 657.516311][ T5723] pwc: recv_control_msg error -32 req 04 val 1500 [ 657.518651][ T5723] pwc: recv_control_msg error -32 req 02 val 2500 [ 657.524917][ T5723] pwc: recv_control_msg error -32 req 02 val 2400 [ 657.535181][ T5723] pwc: recv_control_msg error -32 req 02 val 2600 [ 657.589983][T12263] loop2: detected capacity change from 0 to 8 [ 657.598303][T12263] SQUASHFS error: Failed to read block 0x7000000000002d9: -5 [ 657.600618][T12263] unable to read xattr id index table [ 657.622329][ T4305] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 657.741415][ T5723] pwc: recv_control_msg error -71 req 02 val 2800 [ 657.743732][ T5723] pwc: recv_control_msg error -71 req 04 val 1100 [ 657.749393][ T5723] pwc: recv_control_msg error -71 req 04 val 1200 [ 657.772190][ T5723] pwc: Registered as video11. [ 657.774340][ T5723] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input2 [ 657.807804][ T5723] usb 1-1: USB disconnect, device number 13 [ 657.828823][T12271] loop4: detected capacity change from 0 to 512 [ 657.852354][T12271] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 657.860913][T12270] loop2: detected capacity change from 0 to 1764 [ 658.015265][T12271] EXT4-fs (loop4): 1 truncate cleaned up [ 658.017059][T12271] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 658.065875][T12274] loop1: detected capacity change from 0 to 32768 [ 658.130977][T12274] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 658.223166][ T4305] (syz-executor,4305,1):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 72 [ 658.251055][ T4305] ocfs2: Unmounting device (7,1) on (node local) [ 658.273979][ T4296] EXT4-fs (loop4): unmounting filesystem. [ 658.387485][T12280] loop2: detected capacity change from 0 to 40427 [ 658.391616][T12280] F2FS-fs (loop2): invalid crc value [ 658.398139][T12280] F2FS-fs (loop2): Found nat_bits in checkpoint [ 658.414106][T12280] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 658.502556][T12290] loop4: detected capacity change from 0 to 64 [ 658.558455][T12290] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 658.560561][T12290] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 658.566392][T12290] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 658.568204][T12290] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 658.574367][T12290] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 658.576232][T12290] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 658.589569][T12290] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 658.591408][T12290] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 658.608479][T12290] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 658.610372][T12290] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 658.855985][T12302] loop1: detected capacity change from 0 to 32768 [ 658.859626][T12302] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.2458 (12302) [ 658.867883][T12302] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 658.870816][T12302] BTRFS info (device loop1): using crc32c (crc32c-generic) checksum algorithm [ 658.873490][T12302] BTRFS info (device loop1): max_inline at 0 [ 658.875194][T12302] BTRFS info (device loop1): enabling disk space caching [ 658.877306][T12302] BTRFS info (device loop1): setting nodatasum [ 658.879181][T12302] BTRFS info (device loop1): turning off barriers [ 658.880893][T12302] BTRFS info (device loop1): turning on flush-on-commit [ 658.882906][T12302] BTRFS info (device loop1): doing ref verification [ 658.884982][T12302] BTRFS info (device loop1): force clearing of disk cache [ 658.887007][T12302] BTRFS info (device loop1): enabling ssd optimizations [ 658.888805][T12302] BTRFS info (device loop1): max_inline at 4096 [ 658.890501][T12302] BTRFS info (device loop1): disk space caching is enabled [ 658.947840][T12308] loop5: detected capacity change from 0 to 1764 [ 659.080161][T12327] loop0: detected capacity change from 0 to 512 [ 659.095227][T12302] BTRFS info (device loop1): rebuilding free space tree [ 659.113585][T12302] BTRFS info (device loop1): disabling free space tree [ 659.115581][T12302] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 659.118337][T12302] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 659.136455][T12327] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 659.149571][T12327] EXT4-fs (loop0): 1 truncate cleaned up [ 659.151130][T12327] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 659.244447][T12336] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2464'. [ 659.316589][ T4305] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 659.432928][ T4295] EXT4-fs (loop0): unmounting filesystem. [ 659.543215][T12338] loop4: detected capacity change from 0 to 40427 [ 659.552188][T12338] F2FS-fs (loop4): invalid crc value [ 659.646847][T12338] F2FS-fs (loop4): Found nat_bits in checkpoint [ 659.706295][T12338] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 659.902214][T12355] loop0: detected capacity change from 0 to 4096 [ 660.032049][T12358] loop4: detected capacity change from 0 to 32768 [ 660.034724][T12358] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.2471 (12358) [ 660.046571][T12358] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 660.049296][T12358] BTRFS info (device loop4): using crc32c (crc32c-generic) checksum algorithm [ 660.051846][T12358] BTRFS info (device loop4): max_inline at 0 [ 660.053464][T12358] BTRFS info (device loop4): enabling disk space caching [ 660.055410][T12358] BTRFS info (device loop4): setting nodatasum [ 660.057180][T12358] BTRFS info (device loop4): turning off barriers [ 660.058863][T12358] BTRFS info (device loop4): turning on flush-on-commit [ 660.060692][T12358] BTRFS info (device loop4): doing ref verification [ 660.062462][T12358] BTRFS info (device loop4): force clearing of disk cache [ 660.064350][T12358] BTRFS info (device loop4): enabling ssd optimizations [ 660.066344][T12358] BTRFS info (device loop4): max_inline at 4096 [ 660.068143][T12358] BTRFS info (device loop4): disk space caching is enabled [ 660.141733][T12368] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 660.144293][T12368] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 660.388016][T12365] loop5: detected capacity change from 0 to 32768 [ 660.389177][T12381] loop0: detected capacity change from 0 to 512 [ 660.392194][T12365] BTRFS warning: duplicate device /dev/loop5 devid 1 generation 8 scanned by syz.5.2474 (12365) [ 660.407662][T12365] netlink: 56 bytes leftover after parsing attributes in process `syz.5.2474'. [ 660.416946][T12381] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 660.424022][T12358] BTRFS info (device loop4): rebuilding free space tree [ 660.434185][T12358] BTRFS info (device loop4): disabling free space tree [ 660.436108][T12358] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 660.438703][T12358] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 660.474240][T12381] EXT4-fs (loop0): 1 truncate cleaned up [ 660.476291][T12381] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 660.616210][ T4296] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 660.657012][T12398] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2482'. [ 660.796136][T12402] loop2: detected capacity change from 0 to 512 [ 660.798489][T12402] EXT4-fs: Ignoring removed bh option [ 660.801150][T12401] loop5: detected capacity change from 0 to 64 [ 660.815053][ T4295] EXT4-fs (loop0): unmounting filesystem. [ 660.821895][T12402] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=1800c018, mo2=0002] [ 660.825137][T12402] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2809: Unable to expand inode 17. Delete some EAs or run e2fsck. [ 660.829070][T12402] EXT4-fs (loop2): 1 truncate cleaned up [ 660.830672][T12402] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 661.053364][ T4303] EXT4-fs (loop2): unmounting filesystem. [ 661.217378][T12414] loop2: detected capacity change from 0 to 1024 [ 661.250360][T12418] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 661.265072][T12418] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 661.383353][T12414] EXT4-fs (loop2): Test dummy encryption mode enabled [ 661.394678][T12426] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 661.397540][T12426] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 661.432694][T12414] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 661.624557][T12414] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-ce" [ 661.631854][T12429] loop5: detected capacity change from 0 to 32768 [ 661.634829][T12429] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 scanned by syz.5.2492 (12429) [ 661.640174][T12429] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 661.643006][T12429] BTRFS info (device loop5): using crc32c (crc32c-generic) checksum algorithm [ 661.645419][T12429] BTRFS info (device loop5): max_inline at 0 [ 661.647263][T12429] BTRFS info (device loop5): enabling disk space caching [ 661.649367][T12429] BTRFS info (device loop5): setting nodatasum [ 661.651067][T12429] BTRFS info (device loop5): turning off barriers [ 661.652734][T12429] BTRFS info (device loop5): turning on flush-on-commit [ 661.654796][T12429] BTRFS info (device loop5): doing ref verification [ 661.657198][T12429] BTRFS info (device loop5): force clearing of disk cache [ 661.659105][T12429] BTRFS info (device loop5): enabling ssd optimizations [ 661.660904][T12429] BTRFS info (device loop5): max_inline at 4096 [ 661.662566][T12429] BTRFS info (device loop5): disk space caching is enabled [ 661.742540][ T4303] EXT4-fs (loop2): unmounting filesystem. [ 661.852414][T12453] loop2: detected capacity change from 0 to 512 [ 661.855225][T12453] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 661.872852][T12429] BTRFS info (device loop5): rebuilding free space tree [ 661.882476][T12429] BTRFS info (device loop5): disabling free space tree [ 661.884432][T12429] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 661.887279][T12429] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 661.915120][T12453] EXT4-fs (loop2): 1 truncate cleaned up [ 661.917607][T12453] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 662.060513][ T9211] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 662.083145][T12466] loop1: detected capacity change from 0 to 64 [ 662.124556][T12464] loop4: detected capacity change from 0 to 512 [ 662.151883][T12464] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 662.244108][T12464] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 662.264839][ T4303] EXT4-fs (loop2): unmounting filesystem. [ 662.346969][T12478] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 662.349435][T12478] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 662.434716][ T4296] EXT4-fs (loop4): unmounting filesystem. [ 662.467466][T12481] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(6) [ 662.469432][T12481] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 662.481259][T12486] vhci_hcd vhci_hcd.0: pdev(2) rhport(2) sockfd(9) [ 662.483114][T12486] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 662.490719][T12486] vhci_hcd vhci_hcd.0: Device attached [ 662.520800][T12481] vhci_hcd vhci_hcd.0: Device attached [ 662.529335][T12476] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 662.531181][T12476] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 662.543626][T12476] vhci_hcd vhci_hcd.0: Device attached [ 662.557780][T12486] vhci_hcd vhci_hcd.0: pdev(2) rhport(3) sockfd(11) [ 662.559609][T12486] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 662.568199][T12483] loop0: detected capacity change from 0 to 32768 [ 662.574146][T12483] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.2506 (12483) [ 662.584275][T12483] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 662.587441][T12483] BTRFS info (device loop0): using crc32c (crc32c-generic) checksum algorithm [ 662.590002][T12483] BTRFS info (device loop0): max_inline at 0 [ 662.591740][T12483] BTRFS info (device loop0): enabling disk space caching [ 662.593766][T12483] BTRFS info (device loop0): setting nodatasum [ 662.595491][T12483] BTRFS info (device loop0): turning off barriers [ 662.597740][T12483] BTRFS info (device loop0): turning on flush-on-commit [ 662.599650][T12483] BTRFS info (device loop0): doing ref verification [ 662.601559][T12483] BTRFS info (device loop0): force clearing of disk cache [ 662.603662][T12483] BTRFS info (device loop0): enabling ssd optimizations [ 662.605480][T12483] BTRFS info (device loop0): force zlib compression, level 3 [ 662.607751][T12483] BTRFS info (device loop0): max_inline at 4096 [ 662.609355][T12483] BTRFS info (device loop0): disk space caching is enabled [ 662.614380][T12486] vhci_hcd vhci_hcd.0: Device attached [ 662.691324][T12476] vhci_hcd vhci_hcd.0: pdev(2) rhport(4) sockfd(8) [ 662.693133][T12476] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 662.711521][T12481] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 662.717356][T12476] vhci_hcd vhci_hcd.0: Device attached [ 662.735301][T12481] vhci_hcd vhci_hcd.0: pdev(2) rhport(6) sockfd(14) [ 662.737232][T12481] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 662.745262][T12481] vhci_hcd vhci_hcd.0: Device attached [ 662.789870][T12476] vhci_hcd vhci_hcd.0: pdev(2) rhport(7) sockfd(19) [ 662.791783][T12476] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 662.793947][T12476] vhci_hcd vhci_hcd.0: Device attached [ 662.807962][T12512] vhci_hcd: connection closed [ 662.808045][T12507] vhci_hcd: connection closed [ 662.812520][ T4819] vhci_hcd: stop threads [ 662.817381][T12496] vhci_hcd: connection closed [ 662.820623][T12489] vhci_hcd: connection closed [ 662.821957][T12487] vhci_hcd: connection closed [ 662.823276][T12482] vhci_hcd: connection closed [ 662.824574][T12479] vhci_hcd: connection closed [ 662.835749][ T4819] vhci_hcd: release socket [ 662.855698][ T4819] vhci_hcd: disconnect device [ 662.867970][ T4819] vhci_hcd: stop threads [ 662.872555][T12483] BTRFS info (device loop0): rebuilding free space tree [ 662.878026][T12483] BTRFS info (device loop0): disabling free space tree [ 662.880095][T12483] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 662.882691][T12483] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 662.886734][ T4819] vhci_hcd: release socket [ 662.895276][ T4819] vhci_hcd: disconnect device [ 662.906933][ T4819] vhci_hcd: stop threads [ 662.914657][ T4819] vhci_hcd: release socket [ 662.916281][T11803] vhci_hcd: vhci_device speed not set [ 662.938814][ T4819] vhci_hcd: disconnect device [ 662.940320][ T4819] vhci_hcd: stop threads [ 662.941458][ T4819] vhci_hcd: release socket [ 662.943813][ T4819] vhci_hcd: disconnect device [ 662.955165][ T4819] vhci_hcd: stop threads [ 662.989656][ T4819] vhci_hcd: release socket [ 662.990943][ T4819] vhci_hcd: disconnect device [ 662.996323][T11803] usb 6-1: new full-speed USB device number 2 using vhci_hcd [ 663.000230][T12485] vhci_hcd: sendmsg failed!, ret=-32 for 48 [ 663.006072][ T4819] vhci_hcd: stop threads [ 663.007213][ T4819] vhci_hcd: release socket [ 663.022731][ T4819] vhci_hcd: disconnect device [ 663.024132][ T4819] vhci_hcd: stop threads [ 663.025268][ T4819] vhci_hcd: release socket [ 663.037527][ T4819] vhci_hcd: disconnect device [ 663.066028][ T4295] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 663.148593][T12526] loop1: detected capacity change from 0 to 32768 [ 663.371613][T12534] loop4: detected capacity change from 0 to 1024 [ 663.492446][T12540] loop0: detected capacity change from 0 to 512 [ 663.496432][T12540] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 663.561018][T12540] EXT4-fs (loop0): 1 truncate cleaned up [ 663.562600][T12540] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 663.642438][T12549] loop2: detected capacity change from 0 to 4096 [ 663.684032][ T4295] EXT4-fs (loop0): unmounting filesystem. [ 663.780711][T12554] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 663.785716][T12552] netlink: 'syz.0.2534': attribute type 4 has an invalid length. [ 663.786675][T12554] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 663.912854][T12561] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 663.915533][T12561] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 663.935240][T12561] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2526'. [ 663.941312][T12564] netlink: 104 bytes leftover after parsing attributes in process `syz.0.2527'. [ 664.308115][T12570] loop0: detected capacity change from 0 to 32768 [ 664.336585][T12570] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.2530 (12570) [ 664.346632][T12570] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 664.349891][T12570] BTRFS info (device loop0): using crc32c (crc32c-generic) checksum algorithm [ 664.352598][T12570] BTRFS info (device loop0): max_inline at 0 [ 664.354498][T12570] BTRFS info (device loop0): enabling disk space caching [ 664.356695][T12570] BTRFS info (device loop0): setting nodatasum [ 664.358483][T12570] BTRFS info (device loop0): turning off barriers [ 664.360455][T12570] BTRFS info (device loop0): turning on flush-on-commit [ 664.362358][T12570] BTRFS info (device loop0): doing ref verification [ 664.364342][T12570] BTRFS info (device loop0): force clearing of disk cache [ 664.366500][T12570] BTRFS info (device loop0): enabling ssd optimizations [ 664.368572][T12570] BTRFS info (device loop0): max_inline at 4096 [ 664.370234][T12570] BTRFS info (device loop0): disk space caching is enabled [ 664.471721][T12570] BTRFS info (device loop0): rebuilding free space tree [ 664.491978][T12570] BTRFS info (device loop0): disabling free space tree [ 664.493785][T12570] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 664.496910][T12570] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 664.595084][ T4295] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 664.808282][T12601] loop1: detected capacity change from 0 to 64 [ 664.855593][T12605] netlink: 'syz.4.2538': attribute type 4 has an invalid length. [ 665.032797][T12603] loop2: detected capacity change from 0 to 32768 [ 665.035935][T12603] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 scanned by syz.2.2537 (12603) [ 665.054858][T12603] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 665.058177][T12603] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 665.060785][T12603] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 665.063678][T12603] BTRFS info (device loop2): use zstd compression, level 3 [ 665.065613][T12603] BTRFS info (device loop2): using free space tree [ 665.088192][T12603] BTRFS info (device loop2): enabling ssd optimizations [ 665.211258][ T4303] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 665.234475][T12582] loop5: detected capacity change from 0 to 40427 [ 665.252749][T12582] F2FS-fs (loop5): invalid crc value [ 665.263266][T12630] tipc: Started in network mode [ 665.270677][T12630] tipc: Node identity b6d46d7aa771, cluster identity 4711 [ 665.353135][T12630] tipc: Enabled bearer , priority 0 [ 665.444209][T12608] tipc: Resetting bearer [ 665.453989][T12582] F2FS-fs (loop5): Found nat_bits in checkpoint [ 665.489978][T12634] loop1: detected capacity change from 0 to 40427 [ 665.512375][T12634] F2FS-fs (loop1): invalid crc value [ 665.536724][T12582] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4 [ 665.553735][T12634] F2FS-fs (loop1): Found nat_bits in checkpoint [ 665.576807][T12634] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 665.601441][T11765] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 9 /dev/loop2 scanned by udevd (11765) [ 665.642775][T12646] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 665.660080][T12646] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 665.673765][ T9211] syz-executor: attempt to access beyond end of device [ 665.673765][ T9211] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 665.695602][ T4305] syz-executor: attempt to access beyond end of device [ 665.695602][ T4305] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 666.034833][T12653] loop5: detected capacity change from 0 to 1024 [ 666.114611][T12656] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 666.130247][T12656] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 666.427416][T12666] loop1: detected capacity change from 0 to 512 [ 666.438733][T12666] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 666.448462][T11857] tipc: Node number set to 296054138 [ 666.460310][T12666] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 666.514342][ T4305] EXT4-fs (loop1): unmounting filesystem. [ 666.935239][T12677] loop5: detected capacity change from 0 to 40427 [ 666.948304][T12677] F2FS-fs (loop5): invalid crc value [ 666.970152][T12677] F2FS-fs (loop5): Found nat_bits in checkpoint [ 666.996184][T12677] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4 [ 667.071784][T12675] loop1: detected capacity change from 0 to 40427 [ 667.083021][T12675] F2FS-fs (loop1): invalid crc value [ 667.086617][ T9211] syz-executor: attempt to access beyond end of device [ 667.086617][ T9211] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 667.115524][T12675] F2FS-fs (loop1): Found nat_bits in checkpoint [ 667.172115][T12675] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 667.254097][ T4305] syz-executor: attempt to access beyond end of device [ 667.254097][ T4305] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 667.467470][T12691] loop1: detected capacity change from 0 to 1024 [ 667.699078][T12700] loop1: detected capacity change from 0 to 512 [ 667.707525][T12700] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 667.711453][T12700] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2 [ 667.732889][T12700] EXT4-fs (loop1): 1 truncate cleaned up [ 667.734560][T12700] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 667.748753][T12700] EXT4-fs (loop1): re-mounted. Quota mode: writeback. [ 667.780480][ T4305] EXT4-fs (loop1): unmounting filesystem. [ 668.101159][T11803] vhci_hcd: vhci_device speed not set [ 676.987654][T12608] tipc: Disabling bearer [ 677.177309][T12714] loop1: detected capacity change from 0 to 16 [ 677.188330][T12714] erofs: (device loop1): mounted with root inode @ nid 36. [ 677.209061][T12714] erofs: (device loop1): z_erofs_readahead: readahead error at page 3604 @ nid 36 [ 677.211758][T12714] erofs: (device loop1): z_erofs_readahead: readahead error at page 3603 @ nid 36 [ 677.214195][T12714] erofs: (device loop1): z_erofs_readahead: readahead error at page 3602 @ nid 36 [ 677.216776][T12714] erofs: (device loop1): z_erofs_readahead: readahead error at page 3601 @ nid 36 [ 677.219261][T12714] erofs: (device loop1): z_erofs_readahead: readahead error at page 3600 @ nid 36 [ 677.221795][T12714] erofs: (device loop1): z_erofs_readahead: readahead error at page 3599 @ nid 36 [ 677.324268][T12723] loop4: detected capacity change from 0 to 1024 [ 677.384565][T12726] loop2: detected capacity change from 0 to 1024 [ 677.426429][T12726] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 677.580994][T12710] loop5: detected capacity change from 0 to 40427 [ 677.608169][ T4303] EXT4-fs (loop2): unmounting filesystem. [ 677.633427][T12710] F2FS-fs (loop5): invalid crc value [ 677.665225][T12710] F2FS-fs (loop5): Found nat_bits in checkpoint [ 677.722933][T12710] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4 [ 677.775063][ T9211] syz-executor: attempt to access beyond end of device [ 677.775063][ T9211] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 678.320305][T12759] loop1: detected capacity change from 0 to 4096 [ 678.361073][T12759] NILFS (loop1): invalid segment: Checksum error in segment payload [ 678.365326][T12759] NILFS (loop1): trying rollback from an earlier position [ 678.386167][T12759] NILFS (loop1): recovery complete [ 678.391434][T12761] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 678.594768][T12752] loop2: detected capacity change from 0 to 32768 [ 678.643723][T12752] (syz.2.2582,12752,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 678.676403][T12752] (syz.2.2582,12752,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 678.696680][T12766] loop0: detected capacity change from 0 to 4096 [ 678.702943][T12752] JBD2: Ignoring recovery information on journal [ 678.760711][T12779] loop5: detected capacity change from 0 to 64 [ 678.777523][T12766] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 678.861541][ T4295] EXT4-fs (loop0): unmounting filesystem. [ 678.864188][T12752] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 679.022668][ T4303] ocfs2: Unmounting device (7,2) on (node local) [ 679.232932][T12770] loop1: detected capacity change from 0 to 32768 [ 679.243329][T12770] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.2586 (12770) [ 679.253858][T12770] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 679.260319][T12770] BTRFS info (device loop1): using crc32c (crc32c-generic) checksum algorithm [ 679.266032][T12770] BTRFS info (device loop1): max_inline at 0 [ 679.296375][T12770] BTRFS info (device loop1): enabling disk space caching [ 679.298323][T12770] BTRFS info (device loop1): setting nodatasum [ 679.299883][T12770] BTRFS info (device loop1): turning off barriers [ 679.305753][T12770] BTRFS info (device loop1): turning on flush-on-commit [ 679.316031][T12770] BTRFS info (device loop1): doing ref verification [ 679.317752][T12770] BTRFS info (device loop1): force clearing of disk cache [ 679.321963][T12770] BTRFS info (device loop1): enabling ssd optimizations [ 679.323864][T12770] BTRFS info (device loop1): max_inline at 4096 [ 679.325423][T12770] BTRFS info (device loop1): disk space caching is enabled [ 679.339524][T12773] loop4: detected capacity change from 0 to 40427 [ 679.348711][T12773] F2FS-fs (loop4): invalid crc value [ 679.385155][T12773] F2FS-fs (loop4): Found nat_bits in checkpoint [ 679.415885][T12773] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 679.515719][ T4296] syz-executor: attempt to access beyond end of device [ 679.515719][ T4296] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 679.517866][T12770] BTRFS info (device loop1): rebuilding free space tree [ 679.533712][T12770] BTRFS info (device loop1): disabling free space tree [ 679.535582][T12770] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 679.542527][T12770] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 679.609207][ T4305] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 680.086911][T12823] loop0: detected capacity change from 0 to 32768 [ 680.096416][T12823] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.2611 (12823) [ 680.110449][T12833] loop5: detected capacity change from 0 to 4096 [ 680.113408][T12823] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 680.119989][T12823] BTRFS info (device loop0): using crc32c (crc32c-generic) checksum algorithm [ 680.124827][T12823] BTRFS info (device loop0): max_inline at 0 [ 680.129170][T12823] BTRFS info (device loop0): enabling disk space caching [ 680.132297][T12823] BTRFS info (device loop0): setting nodatasum [ 680.143597][T12833] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 680.148639][T12823] BTRFS info (device loop0): turning off barriers [ 680.153793][T12823] BTRFS info (device loop0): turning on flush-on-commit [ 680.160738][T12823] BTRFS info (device loop0): doing ref verification [ 680.164879][T12823] BTRFS info (device loop0): force clearing of disk cache [ 680.171570][T12823] BTRFS info (device loop0): enabling ssd optimizations [ 680.176165][T12823] BTRFS info (device loop0): max_inline at 4096 [ 680.179577][T12823] BTRFS info (device loop0): disk space caching is enabled [ 680.222998][ T9211] EXT4-fs (loop5): unmounting filesystem. [ 680.339318][T12823] BTRFS info (device loop0): rebuilding free space tree [ 680.351884][T12823] BTRFS info (device loop0): disabling free space tree [ 680.353700][T12823] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 680.360105][T12823] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 680.539334][ T4295] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 680.951844][T12886] loop4: detected capacity change from 0 to 4096 [ 681.011102][T12883] loop2: detected capacity change from 0 to 32768 [ 681.027123][T12886] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 681.073956][T12883] XFS (loop2): Mounting V5 Filesystem [ 681.117432][T12883] XFS (loop2): Ending clean mount [ 681.138530][ T4296] EXT4-fs (loop4): unmounting filesystem. [ 681.179926][ T4303] XFS (loop2): Unmounting Filesystem [ 681.182946][T12901] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 681.185485][T12901] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 681.270052][T12869] loop5: detected capacity change from 0 to 40427 [ 681.279375][T12869] F2FS-fs (loop5): invalid crc value [ 681.301127][T12869] F2FS-fs (loop5): Found nat_bits in checkpoint [ 681.316629][T12869] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4 [ 681.354569][ T9211] syz-executor: attempt to access beyond end of device [ 681.354569][ T9211] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 681.691486][T12914] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 681.706519][T12914] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 681.741461][T12916] loop0: detected capacity change from 0 to 512 [ 681.751361][T12916] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 681.763303][T12916] EXT4-fs (loop0): 1 truncate cleaned up [ 681.764989][T12916] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 681.883066][ T4295] EXT4-fs (loop0): unmounting filesystem. [ 682.052404][T12913] loop5: detected capacity change from 0 to 32768 [ 682.067867][T12913] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 scanned by syz.5.2623 (12913) [ 682.070010][T12929] loop1: detected capacity change from 0 to 4096 [ 682.082404][T12913] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 682.084220][T12929] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 682.085385][T12913] BTRFS info (device loop5): using crc32c (crc32c-generic) checksum algorithm [ 682.095107][T12913] BTRFS info (device loop5): max_inline at 0 [ 682.099551][T12913] BTRFS info (device loop5): enabling disk space caching [ 682.104938][T12913] BTRFS info (device loop5): setting nodatasum [ 682.109506][T12913] BTRFS info (device loop5): turning off barriers [ 682.113573][T12913] BTRFS info (device loop5): turning on flush-on-commit [ 682.117927][T12913] BTRFS info (device loop5): doing ref verification [ 682.122001][T12913] BTRFS info (device loop5): force clearing of disk cache [ 682.126603][T12913] BTRFS info (device loop5): enabling ssd optimizations [ 682.129677][T12913] BTRFS info (device loop5): max_inline at 4096 [ 682.133701][T12913] BTRFS info (device loop5): disk space caching is enabled [ 682.142830][ T4305] EXT4-fs (loop1): unmounting filesystem. [ 682.208124][T12939] loop1: detected capacity change from 0 to 512 [ 682.221620][T12939] EXT4-fs (loop1): orphan cleanup on readonly fs [ 682.226541][T12939] Quota error (device loop1): do_check_range: Getting block 196613 out of range 1-5 [ 682.229366][T12939] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 682.231901][T12939] EXT4-fs error (device loop1): ext4_acquire_dquot:6795: comm syz.1.2631: Failed to acquire dquot type 1 [ 682.251190][T12939] EXT4-fs (loop1): 1 truncate cleaned up [ 682.254899][T12939] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 682.261407][T12939] netlink: 180 bytes leftover after parsing attributes in process `syz.1.2631'. [ 682.281095][ T4305] EXT4-fs (loop1): unmounting filesystem. [ 682.333025][T12913] BTRFS info (device loop5): rebuilding free space tree [ 682.343922][T12913] BTRFS info (device loop5): disabling free space tree [ 682.346308][T12913] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 682.350065][T12913] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 682.458924][ T9211] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 682.475990][T12471] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 682.655979][T12471] usb 1-1: Using ep0 maxpacket: 8 [ 682.658994][T12471] usb 1-1: config 0 has no interfaces? [ 682.662789][T12471] usb 1-1: New USB device found, idVendor=046d, idProduct=08ad, bcdDevice=45.03 [ 682.665365][T12471] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 682.674899][T12471] usb 1-1: Product: syz [ 682.678337][T12471] usb 1-1: Manufacturer: syz [ 682.683061][T12471] usb 1-1: SerialNumber: syz [ 682.692217][T12471] usb 1-1: config 0 descriptor?? [ 682.905451][T12471] usb 1-1: USB disconnect, device number 14 [ 682.952664][T12969] loop5: detected capacity change from 0 to 512 [ 682.964218][T12969] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 682.973486][T12954] loop1: detected capacity change from 0 to 40427 [ 682.979435][T12954] F2FS-fs (loop1): invalid crc value [ 682.983701][T12954] F2FS-fs (loop1): Found nat_bits in checkpoint [ 682.999188][T12969] EXT4-fs (loop5): 1 truncate cleaned up [ 683.002126][T12969] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 683.004871][T12954] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 683.045553][ T9211] EXT4-fs (loop5): unmounting filesystem. [ 683.133014][T12976] loop5: detected capacity change from 0 to 16 [ 683.138355][T12976] erofs: (device loop5): mounted with root inode @ nid 36. [ 683.269269][T12978] loop5: detected capacity change from 0 to 4096 [ 683.293771][T12978] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 683.352526][ T9211] EXT4-fs (loop5): unmounting filesystem. [ 683.695539][T13003] loop2: detected capacity change from 0 to 512 [ 683.706901][T13004] loop1: detected capacity change from 0 to 16 [ 683.712722][T13004] erofs: (device loop1): mounted with root inode @ nid 36. [ 683.721627][T13003] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 683.745778][T13003] EXT4-fs (loop2): 1 truncate cleaned up [ 683.751460][T13003] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 683.786205][T13010] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 683.788837][T13010] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 683.863429][T13012] loop4: detected capacity change from 0 to 1024 [ 683.902128][ T4303] EXT4-fs (loop2): unmounting filesystem. [ 683.987217][T10458] hfsplus: b-tree write err: -5, ino 4 [ 684.007074][ T2060] ieee802154 phy0 wpan0: encryption failed: -22 [ 684.008766][ T2060] ieee802154 phy1 wpan1: encryption failed: -22 [ 684.122985][T13020] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2658'. [ 684.129248][T13020] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2658'. [ 684.131752][T13020] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2658'. [ 684.134477][T13020] net_ratelimit: 3176 callbacks suppressed [ 684.134488][T13020] A link change request failed with some changes committed already. Interface ip6gre0 may have been left with an inconsistent configuration, please check. [ 684.354726][T13027] loop2: detected capacity change from 0 to 1024 [ 684.450851][T13034] loop5: detected capacity change from 0 to 16 [ 684.451866][T12721] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 684.455288][T13034] erofs: (device loop5): mounted with root inode @ nid 36. [ 684.523719][T13001] loop0: detected capacity change from 0 to 40427 [ 684.530278][T13001] F2FS-fs (loop0): invalid crc value [ 684.571939][T13001] F2FS-fs (loop0): Found nat_bits in checkpoint [ 684.635223][T13001] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 684.644721][T13044] loop5: detected capacity change from 0 to 512 [ 684.684501][T13044] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 684.703504][T13044] EXT4-fs (loop5): 1 truncate cleaned up [ 684.709671][T13044] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 684.861515][ T9211] EXT4-fs (loop5): unmounting filesystem. [ 685.061414][T13058] loop0: detected capacity change from 0 to 256 [ 685.069356][T13058] exfat: Deprecated parameter 'namecase' [ 685.078003][T13058] exfat: Deprecated parameter 'utf8' [ 685.106817][T13058] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 685.676942][T13079] loop2: detected capacity change from 0 to 512 [ 685.695464][T13079] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 685.737015][T13079] EXT4-fs (loop2): 1 truncate cleaned up [ 685.738603][T13079] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 685.908471][T13060] loop1: detected capacity change from 0 to 32768 [ 685.920306][ T4303] EXT4-fs (loop2): unmounting filesystem. [ 685.963253][T13060] (syz.1.2673,13060,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 685.987516][T13060] (syz.1.2673,13060,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 686.159992][T13060] JBD2: Ignoring recovery information on journal [ 686.198119][T13089] loop0: detected capacity change from 0 to 32768 [ 686.241253][T13094] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2687'. [ 686.252443][T13094] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2687'. [ 686.322507][T13075] loop4: detected capacity change from 0 to 40427 [ 686.327553][T13060] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 686.349721][T13075] F2FS-fs (loop4): invalid crc value [ 686.387588][T13089] XFS (loop0): Mounting V5 Filesystem [ 686.394771][T13075] F2FS-fs (loop4): Found nat_bits in checkpoint [ 686.443528][T13089] XFS (loop0): Ending clean mount [ 686.443585][T13075] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 686.450842][T13089] XFS (loop0): Quotacheck needed: Please wait. [ 686.459505][ T4305] ocfs2: Unmounting device (7,1) on (node local) [ 686.541320][T13089] XFS (loop0): Quotacheck: Done. [ 686.625253][ T4295] XFS (loop0): Unmounting Filesystem [ 686.757195][T13118] loop2: detected capacity change from 0 to 512 [ 686.763867][T13118] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 686.804154][T13118] EXT4-fs (loop2): 1 truncate cleaned up [ 686.806349][T13118] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 686.888271][ T4303] EXT4-fs (loop2): unmounting filesystem. [ 686.957304][T12721] I/O error, dev loop2, sector 32 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 687.000322][T13128] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 687.023507][T13128] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 687.092464][T13132] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 687.094317][T13132] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 687.098016][T13132] vhci_hcd vhci_hcd.0: Device attached [ 687.130106][T13132] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(5) [ 687.132072][T13132] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 687.134338][T13132] vhci_hcd vhci_hcd.0: Device attached [ 687.145188][T13132] vhci_hcd vhci_hcd.0: pdev(1) rhport(2) sockfd(7) [ 687.147136][T13132] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 687.150634][T13132] vhci_hcd vhci_hcd.0: Device attached [ 687.163297][T13132] vhci_hcd vhci_hcd.0: pdev(1) rhport(3) sockfd(10) [ 687.165220][T13132] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 687.168684][T13132] vhci_hcd vhci_hcd.0: Device attached [ 687.171132][T13143] vhci_hcd: connection closed [ 687.171373][ T4438] vhci_hcd: stop threads [ 687.171682][T13138] vhci_hcd: connection closed [ 687.172598][ T4438] vhci_hcd: release socket [ 687.176507][T13135] vhci_hcd: connection closed [ 687.181918][T13133] vhci_hcd: connection closed [ 687.194559][ T4438] vhci_hcd: disconnect device [ 687.209062][ T4438] vhci_hcd: stop threads [ 687.210250][ T4438] vhci_hcd: release socket [ 687.211426][ T4438] vhci_hcd: disconnect device [ 687.222124][ T4438] vhci_hcd: stop threads [ 687.224477][ T4438] vhci_hcd: release socket [ 687.227114][ T4438] vhci_hcd: disconnect device [ 687.229496][ T4438] vhci_hcd: stop threads [ 687.230615][ T4438] vhci_hcd: release socket [ 687.242113][ T4438] vhci_hcd: disconnect device [ 687.296077][T12265] vhci_hcd: vhci_device speed not set [ 687.655420][T13157] loop4: detected capacity change from 0 to 32768 [ 687.663692][T13157] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 9 [ 687.798299][T13149] loop5: detected capacity change from 0 to 32768 [ 687.837022][T13149] (syz.5.2701,13149,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 687.849398][T13149] (syz.5.2701,13149,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 687.893230][T13149] JBD2: Ignoring recovery information on journal [ 687.914399][T13170] loop4: detected capacity change from 0 to 16 [ 687.936126][T13170] erofs: (device loop4): mounted with root inode @ nid 36. [ 687.957712][T13170] erofs: (device loop4): z_erofs_readahead: readahead error at page 3604 @ nid 36 [ 687.960272][T13170] erofs: (device loop4): z_erofs_readahead: readahead error at page 3603 @ nid 36 [ 687.968551][T13170] erofs: (device loop4): z_erofs_readahead: readahead error at page 3602 @ nid 36 [ 687.973240][T13176] loop0: detected capacity change from 0 to 256 [ 687.989909][T13149] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 688.001190][T13170] erofs: (device loop4): z_erofs_readahead: readahead error at page 3601 @ nid 36 [ 688.003732][T13170] erofs: (device loop4): z_erofs_readahead: readahead error at page 3600 @ nid 36 [ 688.006275][T13170] erofs: (device loop4): z_erofs_readahead: readahead error at page 3599 @ nid 36 [ 688.031285][T13176] FAT-fs (loop0): Directory bread(block 64) failed [ 688.056531][T13176] FAT-fs (loop0): Directory bread(block 65) failed [ 688.068998][T13176] FAT-fs (loop0): Directory bread(block 66) failed [ 688.080980][T13176] FAT-fs (loop0): Directory bread(block 67) failed [ 688.095077][T13176] FAT-fs (loop0): Directory bread(block 68) failed [ 688.106258][T13176] FAT-fs (loop0): Directory bread(block 69) failed [ 688.110622][T13176] FAT-fs (loop0): Directory bread(block 70) failed [ 688.112441][T13176] FAT-fs (loop0): Directory bread(block 71) failed [ 688.127108][T13176] FAT-fs (loop0): Directory bread(block 72) failed [ 688.128854][T13176] FAT-fs (loop0): Directory bread(block 73) failed [ 688.129385][ T9211] ocfs2: Unmounting device (7,5) on (node local) [ 688.423864][T13194] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 688.425632][T13194] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 688.434714][T13194] vhci_hcd vhci_hcd.0: Device attached [ 688.463610][T13194] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(5) [ 688.463695][T13200] loop0: detected capacity change from 0 to 256 [ 688.465404][T13194] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 688.472353][T13200] exfat: Deprecated parameter 'namecase' [ 688.495247][T13200] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x8ce3369d, utbl_chksum : 0xe619d30d) [ 688.499281][T13194] vhci_hcd vhci_hcd.0: Device attached [ 688.517906][T13194] vhci_hcd vhci_hcd.0: pdev(2) rhport(2) sockfd(7) [ 688.519676][T13194] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 688.521650][T13194] vhci_hcd vhci_hcd.0: Device attached [ 688.542798][T13206] loop5: detected capacity change from 0 to 16 [ 688.543489][T13194] vhci_hcd vhci_hcd.0: pdev(2) rhport(3) sockfd(10) [ 688.546325][T13194] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 688.549362][T13194] vhci_hcd vhci_hcd.0: Device attached [ 688.552570][T13207] vhci_hcd: connection closed [ 688.552845][ T5016] vhci_hcd: stop threads [ 688.555411][ T5016] vhci_hcd: release socket [ 688.556273][T13203] vhci_hcd: connection closed [ 688.556986][T13199] vhci_hcd: connection closed [ 688.558236][ T5016] vhci_hcd: disconnect device [ 688.560619][T13195] vhci_hcd: connection closed [ 688.563088][ T5016] vhci_hcd: stop threads [ 688.568078][ T5016] vhci_hcd: release socket [ 688.572100][ T5016] vhci_hcd: disconnect device [ 688.576668][T13206] erofs: (device loop5): mounted with root inode @ nid 36. [ 688.580033][ T5016] vhci_hcd: stop threads [ 688.584620][ T5016] vhci_hcd: release socket [ 688.590604][ T5016] vhci_hcd: disconnect device [ 688.596050][ T5016] vhci_hcd: stop threads [ 688.600740][ T5016] vhci_hcd: release socket [ 688.605284][ T5016] vhci_hcd: disconnect device [ 688.607545][T13206] erofs: (device loop5): z_erofs_readahead: readahead error at page 3604 @ nid 36 [ 688.609995][T13206] erofs: (device loop5): z_erofs_readahead: readahead error at page 3603 @ nid 36 [ 688.614446][T13206] erofs: (device loop5): z_erofs_readahead: readahead error at page 3602 @ nid 36 [ 688.626182][T12471] vhci_hcd: vhci_device speed not set [ 688.646407][T13206] erofs: (device loop5): z_erofs_readahead: readahead error at page 3601 @ nid 36 [ 688.657591][T13206] erofs: (device loop5): z_erofs_readahead: readahead error at page 3600 @ nid 36 [ 688.666804][T13206] erofs: (device loop5): z_erofs_readahead: readahead error at page 3599 @ nid 36 [ 689.057675][T13229] loop5: detected capacity change from 0 to 1024 [ 689.153418][T13229] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 689.184107][T13240] loop0: detected capacity change from 0 to 16 [ 689.212839][T13213] loop4: detected capacity change from 0 to 32768 [ 689.234739][T13213] (syz.4.2726,13213,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 689.246169][T13213] (syz.4.2726,13213,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 689.272755][T13213] JBD2: Ignoring recovery information on journal [ 689.273124][T13240] erofs: (device loop0): mounted with root inode @ nid 36. [ 689.369479][ T9211] EXT4-fs (loop5): unmounting filesystem. [ 689.369863][T13213] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 689.482111][ T4296] ocfs2: Unmounting device (7,4) on (node local) [ 689.492569][T13254] loop5: detected capacity change from 0 to 512 [ 689.513155][T13254] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 689.523094][T13254] EXT4-fs (loop5): orphan cleanup on readonly fs [ 689.530070][T13254] EXT4-fs error (device loop5): ext4_orphan_get:1400: inode #16: comm syz.5.2739: casefold flag without casefold feature [ 689.543257][T13254] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.2739: couldn't read orphan inode 16 (err -117) [ 689.556447][T13254] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 689.569178][T13254] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 689.772028][ T9211] EXT4-fs (loop5): unmounting filesystem. [ 689.870259][T13270] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 689.872162][T13270] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 689.889902][T13270] vhci_hcd vhci_hcd.0: Device attached [ 689.914334][T13270] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(5) [ 689.916274][T13270] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 689.929292][T13270] vhci_hcd vhci_hcd.0: Device attached [ 689.953755][T13270] vhci_hcd vhci_hcd.0: pdev(2) rhport(2) sockfd(7) [ 689.955489][T13270] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 689.961902][T13270] vhci_hcd vhci_hcd.0: Device attached [ 689.981120][T13270] vhci_hcd vhci_hcd.0: pdev(2) rhport(3) sockfd(10) [ 689.982914][T13270] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 689.985124][T13270] vhci_hcd vhci_hcd.0: Device attached [ 689.989300][T13283] vhci_hcd: connection closed [ 689.989826][ T6585] vhci_hcd: stop threads [ 689.992363][ T6585] vhci_hcd: release socket [ 689.993717][ T6585] vhci_hcd: disconnect device [ 689.995366][T13279] vhci_hcd: connection closed [ 689.995488][T13277] vhci_hcd: connection closed [ 689.997039][ T6585] vhci_hcd: stop threads [ 689.997054][T13271] vhci_hcd: connection closed [ 689.998405][ T6585] vhci_hcd: release socket [ 690.003181][ T6585] vhci_hcd: disconnect device [ 690.010016][ T6585] vhci_hcd: stop threads [ 690.012190][ T6585] vhci_hcd: release socket [ 690.015481][ T6585] vhci_hcd: disconnect device [ 690.019428][ T6585] vhci_hcd: stop threads [ 690.022308][ T6585] vhci_hcd: release socket [ 690.025601][ T6585] vhci_hcd: disconnect device [ 690.298080][T13305] loop1: detected capacity change from 0 to 16 [ 690.306764][T13305] erofs: (device loop1): mounted with root inode @ nid 36. [ 691.155105][T13303] loop5: detected capacity change from 0 to 32768 [ 691.286137][T13303] (syz.5.2752,13303,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 691.292777][T13303] (syz.5.2752,13303,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 691.403054][T13303] JBD2: Ignoring recovery information on journal [ 691.495172][T13342] loop1: detected capacity change from 0 to 16 [ 691.499095][T13342] erofs: (device loop1): mounted with root inode @ nid 36. [ 691.608138][T13345] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3) [ 691.608206][T13303] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 691.609959][T13345] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 691.616700][T13345] vhci_hcd vhci_hcd.0: Device attached [ 691.714425][T13345] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(5) [ 691.716234][T13345] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 691.719851][T13345] vhci_hcd vhci_hcd.0: Device attached [ 691.730435][ T9211] ocfs2: Unmounting device (7,5) on (node local) [ 691.769286][T13345] vhci_hcd vhci_hcd.0: pdev(4) rhport(2) sockfd(7) [ 691.771110][T13345] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 691.773406][T13345] vhci_hcd vhci_hcd.0: Device attached [ 691.792124][T13356] vhci_hcd vhci_hcd.0: pdev(4) rhport(3) sockfd(11) [ 691.793961][T13356] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 691.799891][T13356] vhci_hcd vhci_hcd.0: Device attached [ 691.802361][T13357] vhci_hcd: connection closed [ 691.802679][ T4438] vhci_hcd: stop threads [ 691.805124][ T4438] vhci_hcd: release socket [ 691.808801][ T4438] vhci_hcd: disconnect device [ 691.812400][T13350] vhci_hcd: connection closed [ 691.814007][ T4438] vhci_hcd: stop threads [ 691.814777][T13352] vhci_hcd: connection closed [ 691.815274][ T4438] vhci_hcd: release socket [ 691.820528][T13346] vhci_hcd: connection closed [ 691.822302][ T4438] vhci_hcd: disconnect device [ 691.830046][ T4438] vhci_hcd: stop threads [ 691.832163][ T4438] vhci_hcd: release socket [ 691.833435][ T4438] vhci_hcd: disconnect device [ 691.845561][ T4438] vhci_hcd: stop threads [ 691.849520][ T4438] vhci_hcd: release socket [ 691.852438][ T4438] vhci_hcd: disconnect device [ 691.909129][T12598] usb 10-1: new low-speed USB device number 2 using vhci_hcd [ 691.911354][T12598] usb 10-1: enqueue for inactive port 0 [ 691.985937][T12598] vhci_hcd: vhci_device speed not set [ 692.206490][T13380] device gretap0 entered promiscuous mode [ 692.208106][T13380] device macsec1 entered promiscuous mode [ 692.234306][T13380] device gretap0 left promiscuous mode [ 692.471351][T13383] loop1: detected capacity change from 0 to 40427 [ 692.477669][T13383] F2FS-fs (loop1): invalid crc value [ 692.482693][T13383] F2FS-fs (loop1): Found nat_bits in checkpoint [ 692.523743][T13383] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 692.596940][ T4305] syz-executor: attempt to access beyond end of device [ 692.596940][ T4305] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 692.633891][T13398] netlink: 'syz.4.2783': attribute type 8 has an invalid length. [ 692.979922][T13388] loop2: detected capacity change from 0 to 32768 [ 692.983512][T13388] (syz.2.2778,13388,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 692.992399][T13388] (syz.2.2778,13388,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 693.002861][T13388] JBD2: Ignoring recovery information on journal [ 693.065483][T13388] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 693.109912][T13418] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 693.111751][T13418] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 693.117231][T13418] vhci_hcd vhci_hcd.0: Device attached [ 693.120827][ T4303] ocfs2: Unmounting device (7,2) on (node local) [ 693.123549][T13418] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(5) [ 693.125322][T13418] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 693.127973][T13418] vhci_hcd vhci_hcd.0: Device attached [ 693.145935][ T4347] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 693.157628][T13418] vhci_hcd vhci_hcd.0: pdev(1) rhport(2) sockfd(7) [ 693.159558][T13418] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 693.161948][T13418] vhci_hcd vhci_hcd.0: Device attached [ 693.174663][T13418] vhci_hcd vhci_hcd.0: pdev(1) rhport(3) sockfd(10) [ 693.176445][T13418] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 693.178586][T13418] vhci_hcd vhci_hcd.0: Device attached [ 693.181247][T13427] vhci_hcd: connection closed [ 693.181559][ T6585] vhci_hcd: stop threads [ 693.182484][T13421] vhci_hcd: connection closed [ 693.182859][ T6585] vhci_hcd: release socket [ 693.187588][T13423] vhci_hcd: connection closed [ 693.187749][T13419] vhci_hcd: connection closed [ 693.193828][ T6585] vhci_hcd: disconnect device [ 693.221123][ T6585] vhci_hcd: stop threads [ 693.222360][ T6585] vhci_hcd: release socket [ 693.223514][ T6585] vhci_hcd: disconnect device [ 693.226690][ T6585] vhci_hcd: stop threads [ 693.227905][ T6585] vhci_hcd: release socket [ 693.229095][ T6585] vhci_hcd: disconnect device [ 693.233186][ T6585] vhci_hcd: stop threads [ 693.234330][ T6585] vhci_hcd: release socket [ 693.235508][ T6585] vhci_hcd: disconnect device [ 693.268474][T13432] loop4: detected capacity change from 0 to 64 [ 693.283901][T13432] hfs: request for non-existent node 24 in B*Tree [ 693.288008][T13432] hfs: request for non-existent node 24 in B*Tree [ 693.294810][T13432] hfs: request for non-existent node 25 in B*Tree [ 693.296715][T13432] hfs: request for non-existent node 25 in B*Tree [ 693.303951][T13432] hfs: request for non-existent node 26 in B*Tree [ 693.308893][T13432] hfs: request for non-existent node 26 in B*Tree [ 693.316725][T13432] hfs: request for non-existent node 27 in B*Tree [ 693.320799][T13432] hfs: request for non-existent node 27 in B*Tree [ 693.338561][ T4347] usb 1-1: config 0 has an invalid descriptor of length 100, skipping remainder of the config [ 693.343704][ T4347] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 97, changing to 10 [ 693.356280][ T4347] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 24677, setting to 1024 [ 693.359337][ T4347] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 693.362657][ T4347] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.de [ 693.364997][ T4347] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 693.376970][ T4347] usb 1-1: config 0 descriptor?? [ 693.584213][ T4347] ath6kl: Failed to submit usb control message: -71 [ 693.586219][ T4347] ath6kl: unable to send the bmi data to the device: -71 [ 693.587988][ T4347] ath6kl: Unable to send get target info: -71 [ 693.591353][ T4347] ath6kl: Failed to init ath6kl core: -71 [ 693.666062][ T4347] ath6kl_usb: probe of 1-1:0.0 failed with error -71 [ 693.693987][ T4347] usb 1-1: USB disconnect, device number 15 [ 693.899761][T13439] loop2: detected capacity change from 0 to 40427 [ 693.923430][T13439] F2FS-fs (loop2): invalid crc value [ 694.002674][T13439] F2FS-fs (loop2): Found nat_bits in checkpoint [ 694.042059][T13439] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 694.152628][ T4303] syz-executor: attempt to access beyond end of device [ 694.152628][ T4303] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 694.309792][T13474] loop0: detected capacity change from 0 to 256 [ 694.332192][T13471] loop4: detected capacity change from 0 to 2048 [ 694.344991][T13452] loop5: detected capacity change from 0 to 32768 [ 694.359754][T13452] (syz.5.2805,13452,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 694.364521][T13452] (syz.5.2805,13452,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 694.366870][T13471] EXT4-fs: Ignoring removed mblk_io_submit option [ 694.383401][T13452] JBD2: Ignoring recovery information on journal [ 694.390343][T13471] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 694.564380][ T4296] EXT4-fs (loop4): unmounting filesystem. [ 694.612861][T13452] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 694.698732][T13482] loop0: detected capacity change from 0 to 32768 [ 694.730040][ T9211] ocfs2: Unmounting device (7,5) on (node local) [ 694.798078][T13482] XFS (loop0): Mounting V5 Filesystem [ 694.945314][T13482] XFS (loop0): Ending clean mount [ 694.955283][T13482] XFS (loop0): Quotacheck needed: Please wait. [ 695.018126][T13482] XFS (loop0): Quotacheck: Done. [ 695.050494][T13482] XFS (loop0): syz.0.2815 should use fallocate; XFS_IOC_{ALLOC,FREE}SP ioctl unsupported [ 695.117277][ T4295] XFS (loop0): Unmounting Filesystem [ 695.167273][ T9213] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 695.173269][ T9213] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 695.187232][ T9213] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 695.190125][ T9213] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 695.192536][ T9213] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 695.194690][ T9213] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 695.498943][T13504] loop1: detected capacity change from 0 to 40427 [ 695.531382][T13504] F2FS-fs (loop1): invalid crc value [ 695.543728][T13510] loop2: detected capacity change from 0 to 32768 [ 695.557926][T13504] F2FS-fs (loop1): Found nat_bits in checkpoint [ 695.565993][T13510] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode. [ 695.582642][T13510] (syz.2.2823,13510,0):ocfs2_read_blocks_sync:112 ERROR: status = -12 [ 695.585096][T13510] (syz.2.2823,13510,0):ocfs2_get_suballoc_slot_bit:2709 ERROR: read block 47244640267 failed -12 [ 695.588099][T13510] (syz.2.2823,13510,0):ocfs2_get_suballoc_slot_bit:2741 ERROR: status = -12 [ 695.590445][T13510] (syz.2.2823,13510,0):ocfs2_test_inode_bit:2823 ERROR: get alloc slot and bit failed -12 [ 695.592954][T13510] (syz.2.2823,13510,0):ocfs2_test_inode_bit:2864 ERROR: status = -12 [ 695.595017][T13510] (syz.2.2823,13510,0):ocfs2_get_dentry:78 ERROR: test inode bit failed -12 [ 695.643901][T13504] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 695.684897][ T4303] ocfs2: Unmounting device (7,2) on (node local) [ 695.731368][ T4305] syz-executor: attempt to access beyond end of device [ 695.731368][ T4305] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 695.979619][T13527] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 695.983416][T13527] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 696.285102][T13531] loop2: detected capacity change from 0 to 32768 [ 696.296246][T13531] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.2828 (13531) [ 696.302707][T13531] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 696.305455][T13531] BTRFS info (device loop2): using crc32c (crc32c-generic) checksum algorithm [ 696.307956][T13531] BTRFS info (device loop2): max_inline at 0 [ 696.309524][T13531] BTRFS info (device loop2): enabling disk space caching [ 696.311338][T13531] BTRFS info (device loop2): setting nodatasum [ 696.312995][T13531] BTRFS info (device loop2): turning off barriers [ 696.314764][T13531] BTRFS info (device loop2): turning on flush-on-commit [ 696.316536][T13531] BTRFS info (device loop2): doing ref verification [ 696.318307][T13531] BTRFS info (device loop2): force clearing of disk cache [ 696.320170][T13531] BTRFS info (device loop2): enabling ssd optimizations [ 696.321961][T13531] BTRFS info (device loop2): max_inline at 4096 [ 696.323652][T13531] BTRFS info (device loop2): disk space caching is enabled [ 696.380430][T13531] BTRFS info (device loop2): rebuilding free space tree [ 696.386749][T13531] BTRFS info (device loop2): disabling free space tree [ 696.388772][T13531] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 696.391261][T13531] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 696.465525][ T4303] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 696.824018][T13559] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 696.837898][T13559] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 696.959530][T13555] loop2: detected capacity change from 0 to 32768 [ 696.974953][T13555] (syz.2.2829,13555,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 696.979150][T13555] (syz.2.2829,13555,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 697.004878][T13555] JBD2: Ignoring recovery information on journal [ 697.033548][T13555] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 697.074435][ T4303] ocfs2: Unmounting device (7,2) on (node local) [ 697.286154][ T4301] Bluetooth: hci1: command 0x0409 tx timeout [ 697.464063][T13563] loop2: detected capacity change from 0 to 40427 [ 697.482819][T13563] F2FS-fs (loop2): invalid crc value [ 697.488387][T13563] F2FS-fs (loop2): Found nat_bits in checkpoint [ 697.514078][T13563] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 698.097760][T13586] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 698.100687][T13586] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 698.868289][T13588] loop2: detected capacity change from 0 to 32768 [ 698.871815][T13588] (syz.2.2844,13588,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 698.875660][T13588] (syz.2.2844,13588,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 698.905190][T13588] JBD2: Ignoring recovery information on journal [ 698.939222][T13588] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 699.000417][ T4303] ocfs2: Unmounting device (7,2) on (node local) [ 699.366017][ T4301] Bluetooth: hci1: command 0x041b tx timeout [ 699.379244][T13594] loop2: detected capacity change from 0 to 40427 [ 699.382985][T13594] F2FS-fs (loop2): invalid crc value [ 699.394521][T13594] F2FS-fs (loop2): Found nat_bits in checkpoint [ 699.414676][T13594] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 699.841404][T13607] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 699.843960][T13607] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 701.446055][ T9213] Bluetooth: hci1: command 0x040f tx timeout [ 701.597903][T13618] loop2: detected capacity change from 0 to 32768 [ 701.625429][T13618] (syz.2.2854,13618,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 701.629630][T13618] (syz.2.2854,13618,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 701.663766][T13618] JBD2: Ignoring recovery information on journal [ 701.691248][T13618] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 701.754075][ T4303] ocfs2: Unmounting device (7,2) on (node local) [ 702.128285][T13624] loop2: detected capacity change from 0 to 40427 [ 702.132266][T13624] F2FS-fs (loop2): invalid crc value [ 702.139837][T13624] F2FS-fs (loop2): Found nat_bits in checkpoint [ 702.154193][T13624] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 703.525979][ T4301] Bluetooth: hci1: command 0x0419 tx timeout [ 706.805658][T13578] IPv6: Can't replace route, no match found [ 706.855561][T13638] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 706.863028][T13638] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 706.902580][T13639] loop2: detected capacity change from 0 to 1764 [ 707.205110][T13505] chnl_net:caif_netlink_parms(): no params data found [ 707.654562][T13658] loop0: detected capacity change from 0 to 32768 [ 707.682566][T13658] (syz.0.2864,13658,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 707.690174][T13658] (syz.0.2864,13658,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 707.717716][T13658] JBD2: Ignoring recovery information on journal [ 707.758978][T13663] netlink: 'syz.5.2866': attribute type 10 has an invalid length. [ 707.779424][T13663] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 707.800597][T13658] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 707.889537][ T4295] ocfs2: Unmounting device (7,0) on (node local) [ 707.960977][ T5016] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 708.018281][T13505] bridge0: port 1(bridge_slave_0) entered blocking state [ 708.020412][T13505] bridge0: port 1(bridge_slave_0) entered disabled state [ 708.023099][T13505] device bridge_slave_0 entered promiscuous mode [ 708.179485][ T5016] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 708.214089][T13505] bridge0: port 2(bridge_slave_1) entered blocking state [ 708.217161][T13505] bridge0: port 2(bridge_slave_1) entered disabled state [ 708.219791][T13505] device bridge_slave_1 entered promiscuous mode [ 708.240443][T13679] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 708.253844][T13679] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 708.341972][ T5016] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 708.361686][T13505] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 708.367118][T13505] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 708.407958][T13688] loop0: detected capacity change from 0 to 128 [ 708.447763][ T5016] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 708.465580][ T27] audit: type=1400 audit(708.440:189): apparmor="DENIED" operation="change_profile" info="label not found" error=-2 profile="unconfined" name=2626200D3A529E579C387A10FD3F pid=13687 comm="syz.0.2877" [ 708.470972][T13636] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 708.480452][T13505] team0: Port device team_slave_0 added [ 708.517544][T13505] team0: Port device team_slave_1 added [ 708.583739][T13505] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 708.585686][T13505] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 708.622483][T13505] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 708.653111][T13505] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 708.654981][T13505] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 708.666243][T13505] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 708.788161][T13505] device hsr_slave_0 entered promiscuous mode [ 708.826332][T13505] device hsr_slave_1 entered promiscuous mode [ 709.211324][T13715] loop5: detected capacity change from 0 to 32768 [ 709.217713][T13715] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop5 scanned by syz.5.2887 (13715) [ 709.223210][T13715] BTRFS info (device loop5): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 709.226087][T13715] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm [ 709.228723][T13715] BTRFS info (device loop5): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 709.231173][T13715] BTRFS info (device loop5): use zstd compression, level 3 [ 709.233091][T13715] BTRFS info (device loop5): using free space tree [ 709.271319][T13715] BTRFS info (device loop5): enabling ssd optimizations [ 709.292432][T13715] fs-verity: sha512 using implementation "sha512-arm64" [ 709.309251][T13715] BTRFS info (device loop5): setting compat-ro feature flag for VERITY (0x4) [ 709.364861][T13720] loop0: detected capacity change from 0 to 1764 [ 709.533769][ T9211] BTRFS info (device loop5): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 709.565750][T13744] loop1: detected capacity change from 0 to 1024 [ 709.750037][T13748] loop0: detected capacity change from 0 to 256 [ 709.767727][T13744] hfsplus: cannot replace xattr [ 709.962306][T13750] loop5: detected capacity change from 0 to 32768 [ 710.000070][ T6585] hfsplus: b-tree write err: -5, ino 4 [ 710.083910][T13750] XFS (loop5): Mounting V5 Filesystem [ 710.124727][T13767] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 710.134568][T13767] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 710.213024][T13750] XFS (loop5): Ending clean mount [ 710.291575][ T9211] XFS (loop5): Unmounting Filesystem [ 710.828336][T13779] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 710.830705][T13779] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 711.238552][T13790] loop0: detected capacity change from 0 to 256 [ 711.523293][T13796] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2908'. [ 711.706210][T13799] loop0: detected capacity change from 0 to 32768 [ 711.758432][T13799] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 711.776737][ T5016] bond1: (slave gretap1): Releasing active interface [ 711.805323][ T4295] (syz-executor,4295,0):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 72 [ 711.828758][ T4295] ocfs2: Unmounting device (7,0) on (node local) [ 711.919501][T12598] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 711.947609][T12598] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 711.960912][T13810] loop1: detected capacity change from 0 to 1024 [ 711.972213][T13810] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 711.981788][ T1516] kernel write not supported for file /uhid (pid: 1516 comm: kworker/1:2) [ 712.012276][ T4305] EXT4-fs (loop1): unmounting filesystem. [ 712.062757][T13816] loop1: detected capacity change from 0 to 256 [ 712.121822][T13818] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 712.124456][T13818] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 712.443296][T13505] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 712.558562][T13505] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 712.641181][T13830] loop0: detected capacity change from 0 to 32768 [ 712.662800][T13830] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 712.755154][ T4295] (syz-executor,4295,1):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 72 [ 712.761563][ T4295] ocfs2: Unmounting device (7,0) on (node local) [ 712.790238][T13839] loop2: detected capacity change from 0 to 2048 [ 712.821875][T13839] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 712.838357][T13849] loop5: detected capacity change from 0 to 256 [ 713.119231][T13505] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 713.258709][T13505] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 713.452019][T13878] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2933'. [ 713.460430][T13878] netlink: 10840 bytes leftover after parsing attributes in process `syz.5.2933'. [ 713.647506][ T4376] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 713.747620][T13891] loop5: detected capacity change from 0 to 256 [ 713.772260][ T5016] device hsr_slave_0 left promiscuous mode [ 713.822070][ T5016] device hsr_slave_1 left promiscuous mode [ 713.839097][ T4376] usb 1-1: Using ep0 maxpacket: 8 [ 713.842462][ T4376] usb 1-1: config 0 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 11 [ 713.851808][ T4376] usb 1-1: config 0 interface 0 has no altsetting 0 [ 713.853780][ T4376] usb 1-1: New USB device found, idVendor=057e, idProduct=2017, bcdDevice= 0.00 [ 713.860032][ T4376] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 713.864449][ T4376] usb 1-1: config 0 descriptor?? [ 713.867604][T13893] loop5: detected capacity change from 0 to 4096 [ 713.901883][T13893] NILFS (loop5): invalid segment: Checksum error in segment payload [ 713.904028][T13893] NILFS (loop5): trying rollback from an earlier position [ 713.916235][ T5016] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 713.918408][ T5016] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 713.924176][ T5016] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 713.930091][ T5016] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 713.932246][T13893] NILFS (loop5): recovery complete [ 713.937311][ T5016] device bridge_slave_1 left promiscuous mode [ 713.939094][ T5016] bridge0: port 2(bridge_slave_1) entered disabled state [ 713.941962][T13894] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 713.980143][ T5016] device bridge_slave_0 left promiscuous mode [ 713.981930][ T5016] bridge0: port 1(bridge_slave_0) entered disabled state [ 714.305345][ T4376] hid-generic 0003:057E:2017.0002: unknown main item tag 0x0 [ 714.307819][ T4376] hid-generic 0003:057E:2017.0002: unbalanced delimiter at end of report description [ 714.312020][ T4376] hid-generic: probe of 0003:057E:2017.0002 failed with error -22 [ 714.336056][ T5016] device veth1_macvtap left promiscuous mode [ 714.337973][ T5016] device veth0_macvtap left promiscuous mode [ 714.339859][ T5016] device veth1_vlan left promiscuous mode [ 714.341551][ T5016] device veth0_vlan left promiscuous mode [ 714.432197][T13906] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2943'. [ 714.534436][ T4376] usb 1-1: USB disconnect, device number 16 [ 715.159522][T13912] loop0: detected capacity change from 0 to 256 [ 715.318692][ T5016] bond7 (unregistering): Released all slaves [ 716.018406][ T5016] bond6 (unregistering): Released all slaves [ 716.272346][T13924] loop5: detected capacity change from 0 to 512 [ 716.290391][T13924] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 716.302840][T13924] EXT4-fs (loop5): 1 truncate cleaned up [ 716.304452][T13924] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 716.356049][ T22] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 716.373460][ T9211] EXT4-fs (loop5): unmounting filesystem. [ 716.570640][ T22] usb 1-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 716.573439][ T22] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 716.575762][ T22] usb 1-1: Product: syz [ 716.584673][T13934] loop5: detected capacity change from 0 to 256 [ 716.585509][ T22] usb 1-1: Manufacturer: syz [ 716.587922][ T22] usb 1-1: SerialNumber: syz [ 716.593567][ T22] usb 1-1: config 0 descriptor?? [ 716.737724][ T5016] bond5 (unregistering): Released all slaves [ 717.002112][ T22] usb 1-1: Firmware version (0.0) predates our first public release. [ 717.004350][ T22] usb 1-1: Please update to version 0.2 or newer [ 717.377697][ T5016] bond4 (unregistering): Released all slaves [ 718.099921][ T5016] bond3 (unregistering): Released all slaves [ 718.869594][ T5016] bond2 (unregistering): Released all slaves [ 719.569053][ T5016] bond1 (unregistering): Released all slaves [ 721.581727][ T5016] team0 (unregistering): Port device team_slave_1 removed [ 721.779634][ T5016] team0 (unregistering): Port device team_slave_0 removed [ 721.998377][ T5016] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 722.256910][ T5016] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 724.886689][ T4622] [ 724.887334][ T4622] ============================================ [ 724.889035][ T4622] WARNING: possible recursive locking detected [ 724.890624][ T4622] 6.1.131-syzkaller #0 Not tainted [ 724.891980][ T4622] -------------------------------------------- [ 724.893611][ T4622] kworker/u4:15/4622 is trying to acquire lock: [ 724.895291][ T4622] ffff0000e4750218 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock){+.-.}-{2:2}, at: __dev_queue_xmit+0x1b38/0x34d4 [ 724.898618][ T4622] [ 724.898618][ T4622] but task is already holding lock: [ 724.900595][ T4622] ffff0000c3efb258 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock){+.-.}-{2:2}, at: __dev_queue_xmit+0xf04/0x34d4 [ 724.903924][ T4622] [ 724.903924][ T4622] other info that might help us debug this: [ 724.906171][ T4622] Possible unsafe locking scenario: [ 724.906171][ T4622] [ 724.908195][ T4622] CPU0 [ 724.909081][ T4622] ---- [ 724.909936][ T4622] lock(dev->qdisc_tx_busylock ?: &qdisc_tx_busylock); [ 724.911842][ T4622] lock(dev->qdisc_tx_busylock ?: &qdisc_tx_busylock); [ 724.913722][ T4622] [ 724.913722][ T4622] *** DEADLOCK *** [ 724.913722][ T4622] [ 724.915934][ T4622] May be due to missing lock nesting notation [ 724.915934][ T4622] [ 724.918240][ T4622] 7 locks held by kworker/u4:15/4622: [ 724.919667][ T4622] #0: ffff0000dc30b138 ((wq_completion)bond1#3){+.+.}-{0:0}, at: process_one_work+0x6bc/0x1484 [ 724.922498][ T4622] #1: ffff8000219d7c20 ((work_completion)(&(&bond->alb_work)->work)){+.+.}-{0:0}, at: process_one_work+0x6fc/0x1484 [ 724.925944][ T4622] #2: ffff800015cd77e0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x10/0x4c [ 724.928497][ T4622] #3: ffff800015cd7840 (rcu_read_lock_bh){....}-{1:2}, at: rcu_lock_acquire+0x18/0x54 [ 724.931152][ T4622] #4: ffff0000c3efb258 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock){+.-.}-{2:2}, at: __dev_queue_xmit+0xf04/0x34d4 [ 724.934526][ T4622] #5: ffff800015cd77e0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x10/0x4c [ 724.937132][ T4622] #6: ffff800015cd7840 (rcu_read_lock_bh){....}-{1:2}, at: rcu_lock_acquire+0x18/0x54 [ 724.939779][ T4622] [ 724.939779][ T4622] stack backtrace: [ 724.941374][ T4622] CPU: 0 PID: 4622 Comm: kworker/u4:15 Not tainted 6.1.131-syzkaller #0 [ 724.943629][ T4622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 724.946333][ T4622] Workqueue: bond1 bond_alb_monitor [ 724.947773][ T4622] Call trace: [ 724.948664][ T4622] dump_backtrace+0x1c8/0x1f4 [ 724.949990][ T4622] show_stack+0x2c/0x3c [ 724.951132][ T4622] dump_stack_lvl+0x108/0x170 [ 724.952392][ T4622] dump_stack+0x1c/0x58 [ 724.953519][ T4622] __lock_acquire+0x6310/0x7680 [ 724.954850][ T4622] lock_acquire+0x26c/0x7cc [ 724.956063][ T4622] _raw_spin_lock+0x54/0x6c [ 724.957330][ T4622] __dev_queue_xmit+0x1b38/0x34d4 [ 724.958709][ T4622] ip_finish_output2+0xc9c/0x11f0 [ 724.960072][ T4622] __ip_finish_output+0x1b0/0x458 [ 724.961422][ T4622] ip_finish_output+0x40/0x268 [ 724.962734][ T4622] ip_output+0x330/0x49c [ 724.963840][ T4622] ip_local_out+0x120/0x160 [ 724.965135][ T4622] iptunnel_xmit+0x410/0x8f0 [ 724.966419][ T4622] ip_tunnel_xmit+0x18bc/0x1f9c [ 724.967809][ T4622] gre_tap_xmit+0x414/0x600 [ 724.969053][ T4622] dev_hard_start_xmit+0x25c/0x9a4 [ 724.970428][ T4622] sch_direct_xmit+0x234/0x548 [ 724.971718][ T4622] __dev_queue_xmit+0x1438/0x34d4 [ 724.973083][ T4622] alb_send_lp_vid+0x2ac/0x5c8 [ 724.974368][ T4622] alb_send_learning_packets+0x168/0x318 [ 724.975937][ T4622] bond_alb_monitor+0x330/0x1380 [ 724.977323][ T4622] process_one_work+0x804/0x1484 [ 724.978676][ T4622] worker_thread+0x8e4/0xfec [ 724.979944][ T4622] kthread+0x250/0x2d8 [ 724.981024][ T4622] ret_from_fork+0x10/0x20 [ 725.128094][ T5016] bond0 (unregistering): Released all slaves [ 725.491165][T13505] 8021q: adding VLAN 0 to HW filter on device bond0 [ 725.505912][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 725.508334][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 725.512918][T13505] 8021q: adding VLAN 0 to HW filter on device team0 [ 725.527916][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 725.529832][ T22] usb 1-1: USB disconnect, device number 17 [ 725.531092][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 725.534615][ T8152] bridge0: port 1(bridge_slave_0) entered blocking state [ 725.536602][ T8152] bridge0: port 1(bridge_slave_0) entered forwarding state [ 725.549509][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 725.631198][ T6585] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 725.633930][ T6585] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 725.636679][ T6585] bridge0: port 2(bridge_slave_1) entered blocking state [ 725.638614][ T6585] bridge0: port 2(bridge_slave_1) entered forwarding state [ 725.645140][ T4819] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 725.653465][ T6585] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 725.658823][ T6585] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 725.661664][ T6585] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 725.664302][ T6585] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 725.737968][ T6585] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 725.740712][ T6585] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 725.744707][ T6585] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 725.747922][ T6585] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 725.752270][ T6585] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 725.754995][ T6585] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 725.759436][T13505] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 725.829991][ T4819] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 725.832134][ T4819] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 725.837438][T13505] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 725.924515][ T4819] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 725.927917][ T4819] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 725.949980][ T6585] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 725.952585][ T6585] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 725.955210][ T6585] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 725.958185][ T6585] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 725.962278][T13505] device veth0_vlan entered promiscuous mode [ 725.967531][T13505] device veth1_vlan entered promiscuous mode [ 726.019382][T13505] device veth0_macvtap entered promiscuous mode [ 726.023194][T13505] device veth1_macvtap entered promiscuous mode [ 726.026008][ T4819] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 726.028415][ T4819] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 726.030722][ T4819] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 726.033210][ T4819] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 726.036466][ T4819] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 726.042227][ T4819] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 726.051033][T13505] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 726.053770][T13505] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 726.056742][T13505] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 726.059509][T13505] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 726.062047][T13505] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 726.064818][T13505] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 726.068269][T13505] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 726.071028][T13505] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 726.074393][T13505] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 726.077076][ T4819] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 726.080491][ T4819] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 726.097385][T13505] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 726.100158][T13505] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 726.102687][T13505] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 726.105332][T13505] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 726.116207][T13505] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 726.118843][T13505] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 726.121348][T13505] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 726.124027][T13505] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 726.134906][T13505] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 726.139186][T13505] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 726.141537][T13505] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 726.144012][T13505] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 726.146622][T13505] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 726.151681][ T4819] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 726.154399][ T4819] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 726.174371][T13505] ieee80211 phy16: Selected rate control algorithm 'minstrel_ht' [ 726.201981][ T4819] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 726.204217][ T4819] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 726.207162][T13505] ieee80211 phy17: Selected rate control algorithm 'minstrel_ht' [ 726.212764][ T4819] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 726.221877][ T4819] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 726.224177][ T4819] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 726.227237][ T8152] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready