last executing test programs: 11m29.750703347s ago: executing program 2 (id=5045): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x84, &(0x7f0000000180)={0x0, @in={{0x2, 0x4e20, @empty}}, 0x7, 0x4002}, 0x90) 11m29.537805309s ago: executing program 2 (id=5049): r0 = socket$kcm(0x10, 0x2, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x89f1, &(0x7f00000001c0)={'tunl0\x00', &(0x7f0000000040)=@ethtool_cmd={0x3a, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x83, 0x0, 0x3, 0x3, 0x1, 0x0, 0x0, 0x80000045, [0x7, 0x89ff]}}) 11m29.334144642s ago: executing program 2 (id=5052): r0 = syz_open_procfs(0x0, &(0x7f0000002140)='timerslack_ns\x00') writev(r0, &(0x7f0000005c00)=[{&(0x7f0000005a00)="84", 0x1}, {0x0}], 0x2) 11m29.08125097s ago: executing program 2 (id=5058): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$nfs(&(0x7f00000001c0)='..\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x85000, 0x0) 11m28.844318692s ago: executing program 2 (id=5062): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)={0xa4, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0x14, 0x4, @private0}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_HELP={0x10, 0x18, 0x0, 0x1, {0x4, 0x1, 'Q.931\x00'}}]}, 0xa4}}, 0x0) 11m28.374633582s ago: executing program 2 (id=5068): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000140)={0x2, 0x3, 0xd0, 0x3, 0xc, 0x0, 0x70bd2d, 0x0, [@sadb_address={0x3, 0x6, 0x2b, 0x0, 0x0, @in={0x2, 0x4e20, @private}}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x3, @initdev={0xac, 0x1e, 0x0, 0x0}}}, @sadb_key={0x2, 0x9, 0x10, 0x0, 'pL'}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2}]}, 0x60}, 0x1, 0x7}, 0x10) 11m27.812168384s ago: executing program 32 (id=5068): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000140)={0x2, 0x3, 0xd0, 0x3, 0xc, 0x0, 0x70bd2d, 0x0, [@sadb_address={0x3, 0x6, 0x2b, 0x0, 0x0, @in={0x2, 0x4e20, @private}}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x3, @initdev={0xac, 0x1e, 0x0, 0x0}}}, @sadb_key={0x2, 0x9, 0x10, 0x0, 'pL'}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2}]}, 0x60}, 0x1, 0x7}, 0x10) 3m29.625111997s ago: executing program 1 (id=13354): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x5}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELCHAIN={0x3c, 0x5, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x2000}, [@NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x4}, @NFTA_CHAIN_TYPE={0xb, 0x7, 'filter\x00'}]}], {0x14}}, 0xc4}}, 0x0) 3m29.412963483s ago: executing program 1 (id=13358): r0 = socket$inet6(0xa, 0x2, 0x0) ioctl$sock_inet6_SIOCSIFDSTADDR(r0, 0x8918, 0x0) 3m29.241494994s ago: executing program 1 (id=13362): r0 = socket$l2tp6(0xa, 0x2, 0x73) sendmsg$inet6(r0, &(0x7f0000000040)={&(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c, 0x0, 0x0, &(0x7f0000002200)=[@rthdr_2292={{0x18, 0x29, 0x39, {0x0, 0x0, 0x2, 0x7}}}], 0x18}, 0x0) 3m29.017841423s ago: executing program 1 (id=13366): syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000340)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0xa10812, &(0x7f0000000540)=ANY=[@ANYBLOB='dmask=00000000000000000002621,utf8,umask=00000000000000000200000,namecase=1,discard,errors=remount-ro,umask=00000000000000000200004,umask=00000000000000000003377,namecase=1,utf8,iocharset=iso8859-4,iocharset=cp874,dmask=01777777777777777777770,errors=remount-ro,uid=', @ANYRESOCT=0x0, @ANYRESHEX=0x0, @ANYRESDEC=0x0, @ANYRES32, @ANYRESOCT=0x0, @ANYRESOCT=0x0, @ANYRES16=0x0, @ANYRES64=0x0, @ANYRES8=0x0, @ANYRES16, @ANYRESHEX, @ANYRES32, @ANYRES8=0x0], 0x21, 0x1513, &(0x7f0000020a00)="$eJzs3AnYjtX2OP619t43L0lPknmvvW6e9NImSTIkyZAkyZEkU0KSJElSmackU0LmJHNIppDM85Q5SZIkSUimZP8vfZ2/zumcX+d8v+f8fH/nXZ/ruq93r+d+1r7X/aznfe/hvZ7nu7b9K9auVK4mM8P/CP7Xj04AkAIAvQDgGgCIAKBYlmJZLq7PoLHT/2wj4l/roclXugJxJUn/0zbpf9om/U/bpP9pm/Q/bZP+p23S/7RN+i9EWrZ5Ss5rZUm7y/+l+/8g9///N5Lj/3+Qg4VGfrW20PXt/omUh+r/G+sR/+vJ73/aJv1P26T/aZv0P22T/qdt0v+0TfovRFr23793LP87+E9YrvT7TwghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE2nAmXGYA4M/jK12XEEIIIYQQQggh/nVC+itdgRBCCCGEEEIIIf79EBRoMBBBOkgPKZABMsJVkAmuhsxwDSTgWsgC10FWuB6yQXbIATkhF+SGPGCBwAFDDHkhHyThBsgPN0IqFICCcBN4KASF4WYoArdAUbgVisFtUBxuhxJQEkpBabgDysCdUBbugnJwN5SHClARKsE9UBnuhSpwH1SF+6EaPADV4UGoAX+CmvAQ1IKHoTY8AnXgUagL9aA+NICG/638l+BleAU6QEfoBJ2hC3SFbtAdekBP6AWvQm9IufTa9IP+MAAGwhswCN6EwTAEhsJbMAyGwwgYCaNgNIyBt2EsvAPj4F0YDxNgIkyCyTAFpsJ7MA2mwwx4H2bCBzALZsMcmAvz4EOYDwtgIXwEi+BjWAxLYCksg+WwAlbCKlgNa2AtrIP1sAE2wibYDJ/AFtgK22A77ICdsAs+hd3wGeyBz2EvfPFP5p/+q/x2CAioUKFBg+kwHaZgCmbEjJgJM2FmzIwJTGAWzIJZMStmw2w35sAcmAtzYR7Mg4QEgIx5MS8mMYn5MT+mYioWxILo0WNhLIxF8BYsikWxGBbD4lgcS2BJLImlsTSWwTJYFstiOSyH5bE8VsSKeA/eg/diFayCVbEqVsNqWB2r48HcNbAm1sRaWAtrY22sg3WwLtbF+lgfG2JDbISNsDE2xqbYFJthM2yOzbEFtsCW2BJbYStsja2xDbbBttgW2+GL+CK+hC/hK/gKdsTyqjN2wS7YDbthD+yJPfFV7I2v4Wv4OvbFftgfB+AAfAMH4SkcjENwKA7FMmo4jsCRyGo0jsExOBbH4jgch+NxAk7ASTgZp+BUnIrTcDpOx/dxJn6AH+BsnI1zcR7Ow/m4YMCldxguxiW4FJfhclyBy3EVrsZVuBbX4VrcgBtwE27CT/AT3IpbcTtux51oAPBT/Aw/w764F/fiPtyH+3E/HsADeBAP4iE8hIfxMB7BI3gUj+IxPI4n8DiexJN4Ck/jGTyD5/Acnsfnc31Ta2eBNX1BXWSUUelUOpWiUlRGlVFlUplUZpVZJVRCZVFZVFaVVWVT2VQOlUPlUrlUHnVWkSLFKlZ5VV6VVEmVX+VXqSpVFVQFlVdeFVaFVRFVRBVVRVUxdZsqrm5XJVRJ1cSXVqVVGdXUl1V3qXKqnCqvKqiKqpKqpCqryqqKqqKqqqqqmqqmqqsHVQ3VGXvgQ+piZ2qrflhH9ce6qp6qrxqoN/Ax1UgNwsaqiWqqnlBDcDA2V418C/W0aqlGYCv1rBqJz6k2ajS2VS+odupF1V5F6mXV2HdQHdV47Ky6qEnYTXVXPVRPNQ0rqIsdq6heV31VP9VfDVBz8Q01SL2pBqshaqh6Sw1Tw9UINVKNUqPVGPW2GqveUePUu2q8mqAmqklqspqipqr31DQ1Xc1Q76uZ6gM1S81Wc9RcNU99qOarBWqh+kgtUh+rxWqJWqqWqeVqhVqpVqnVao1aq9ap9WqD2qg2qc3qE7VFbVXb1Ha1Q+1Uu9Snarf6TO1Rn6u96gu1T32p9quv1AH1tTqovlGH1LfqsPpOHVHfq6PqB3VMHVcn1I/qpPpJnVKn1Rl1Vp1TP6vz6hd1QQUFGrXSWhsd6XQ6vU7RGXRGfZXOpK/WmfU1OqGv1Vn0dTqrvl5n09l1Dp1T59K5dR5tNWmnWcc6r86nk/oGnV/fqFN1AV1Q36S9LqQL65t1EX2LLqpv1cX0bbq4vl2X0CV1KV1a36HL6Dt1WX2XLqfv1uV1BV1RV9L36Mr6Xl1F36er6vt1Nf2Arq4f1DX0n3RN/ZCupR/WtfUjuo5+VNfV9XR93UA31I/pRvpx3Vg30U31E7qZflI310/pFvpp3VI/o1vpZ3Vr/Zxuo5/XbfULup1+UbfXv+gLOugOuqPupDvrLrqr7qa76x66p+6lX9W99Wu6j35d99X9dH89QA/Ub+hB+k09WA/RQ/VbepgerkfokXqUHq3H6Lf1WP2OHqff1eP1BD1RT9KT9RTd49JMM/6B/Hf+Rn6fX7e+SW/Wn+gteqveprfrHXqn3qV36d16t96j9+i9eq/ep/fp/Xq/PqAP6IP6oD6kD+nD+rA+oo/oo/qoPqaP67P6R31S/6RP6dP6tD6rz+lz+vyl1wAMGmW0MSYy6Ux6k2IymIzmKpPJXG0ym2tMwlxrspjrTFZzvclmspscJqfJZXKbPMYaMs6wiU1ek88kzQ146aBpCpqbjDeFTGFz8z+Tb/KbG02qKfAX+X9UX0PT0DQyjUxj09g0NU1NM9PMNDfNb7lYR0vT0rQyrUxr09q0MW1MW9PWtDPtTHvT3rxsXjYdTAfTyXQyXUxX0810Nz1MT9PLvGp6m96mj+lj+pq+pr/pbwaagWaQGWQGm8FmqBlqhplhZoQZYUaZUWaMGWPGmrFmnBlnxpvxZqKZaCabyWaqmWqmmWlmhplhZpqZZpaZZeaYOWaemWfmm/lmoVloFplFZrFZYpaYZWaZWWFWmFVmlVlj1ph1Zp3ZYDaYxek3m81mi9litpltZofZYXaZXWa32W32mD1mr9lr9pl9Zr/Zbw6YA+agOWgOmUPmsDlsjpgj5qg5ao6ZY+aEOWFOmpPmlDllzpgz5pw5Z86b8+aCuXDxtC9SkYpMZKJ0UbooJUqJMkYZo0xRpihzlDlKRIkoS5QlyhpdH2WLskc5opxRrih3lCeyEUUu4iiO8kb5omR0Q5Q/ujFKjQpEBaObIh8VigpHN0dFoluiotGtUbHotqh4dHtUIioZlYpKR3dEZaI7o7LRXVG56O6ofFQhqhhViu6JKkf3RlWi+6Kq0f1RteiBqHr0YFQj+lNUM3ooqhU9HNWOHonqRI9GdaN6Uf2oQdTwXzp/CKeyP+472I62k+1su9iutpvtbnvYnraXfdX2tq/ZPvZ129f2s/3tADvQvmEH2TftYDvEDrVv2WF2uB1hR9pRdrQdY9+2Y+07dpx91463E+xEO8lOtlPsVPuenWan2xn2fTvTfmBn2dl2jp1r59kP7Xy7wC60H9lF9mO72C6xS+0yu9yusCvtKrvarrFr7Tq73m6wG+0mu9l+YrfYrXab3W532J12l/3U7raf2T32c7vXfmH32S/tfvuVPWC/tgftNymH7Lf2sP3OHrHf26P2B3vMHrcn7I/2pP3JnrKn7Rl71p6zP9vz9hd7wYaLJ/cXD+9kyFA6SkcplEIZKSNlokyUmTJTghKUhbJQVspK2Sgb5aAclItyUR7KQxcxMeWlvJSkJOWn/JRKqVSQCpInT4WpMBWhIlSUilIxKkbFqTiVoBJUikrRHXQH3Ul30l10F91Nd1MFqkCVqBJVpspUhapQVapK1agaVafqVINqUE2qSbWoFtWm2lSH6lBdqkv1qT41pIbUiBpRY2pMTakpNaNm1JyaUwtqQS2pJbWiVtSaWlMbakNtqS21o3bUntrTy/QydaAO1Ik6URfqQt2oG/WgHtSLelFv6k19qA/1pb7Un/rTQBpIg2gQDaYhNJTeomE0nEbQSBpFo2kMjaGxNJbG0TgaT+NpIk2kyTSZptJUmkbTaAbNoJk0k2bRLJpDc2gezaP5NJ8W0kJaRItoMS2mpbSUltNyWkkraTWtprW0ltbTetpIG2kzbaYttIW20TbaQTtoF+2i3bSb9tAe2kt7aR/to/20nw7QATpIB+kQHaLDdJiO0BE6SkfpGB2jE3SCTtJJOkWn6AydoXP0M52nX+gCBUpxGVxGd5XL5K52md017q/jHC6ny+VyuzzOumwu+1/E5JxLdQVcQXeT866QK+xudqkXT3h/E5dwJV0pV9rd4cq4O13Z38WV3b2uirvPVXX3u0runr+Iq7kHXHX3iKvhHnU1XT1XyzVwtd0jro571NV19Vx918A1c0+65u4p18I97Vq6Z34Xz3cL3Gq3xq1169xu95k74866w+47d8797Dq4jq6Xe9X1dq+5Pu5119f1+1081L3lhrnhboQb6Ua50b+LJ7pJbrKb4qa699w0N/138Tz3oZvpFrpZbrab4+b+Gl+saaH7yC1yH7vFbolb6pa55W6FW+lW/f+1LnMb3Ea3ye1yn7otbqvb5ra7HW7nr/HF/djjPnd73RfukPvW7XdfuQPuiDvovvk1vrh/R9z37qj7wR1zx90J96M76X5yp9zpX/f/4r7/6H5xF1xwwMiKNRuOOB2n5xTOwBn5Ks7EV3NmvoYTfC1n4es4K1/P2Tg75+CcnItzcx62TOyYOea8nI+TfAPn5xs5lQtwQb6JPRfiwnwzF+FbuCjfysX4Ni7Ot3MJLsmluDTfwWX4Ti7Ld3E5vpvLcwWuyJX4Hq7M93IVvo+r8v1cjR/g6vwg1+A/cU1+iGvxw1ybH+E6/CjX5XpcnxtwQ36MG/Hj3JibcFN+gpvxk9ycn+IW/DS35Ge4FT/Lrfk5bsPPc1t+gdvxi9yeX+KX+RXuwB25E3fmLtyVu3F37sE9uRe/yr35Ne7Dr3Nf7sf9eQAP5Dd4EL/Jg3kID+W3eBgP5xE8kkfxaB7Db/NYfofH8bs8nifwRJ7Ek3kKT+X3eBpP5xn8Ps/kD3gWz+Y5PJfn8Yc8nxfwQv6IF/HHvJiX8FJexst5Ba/kVbya1/BaXsfreQNv5E28mT/hLbyVt/F23sE7eRd/yrv5M97Dn/Ne/oL38Ze8n7/iA/w1H+Rv+BB/y4f5Oz7C3/NR/oGP8XE+wT/ySf6JT/FpPsNn+Rz/zOf5F77AgSHGWMU6NnEUp4vTxylxhjhjfFWcKb46zhxfEyfia+Ms8XVx1vj6OFucPc4R54xzxbnjPLGNKXYxx3GcN84XJ+Mb4vzxjXFqXCAuGN8U+7hQXDi+OS4S3xIXjW+Ni8W3xcXj2+MSccn4kftLx3fEZeI747LxXXG5+O64fFwhrhhXiu+JK8f3xlXi++Kq8f1x0fiBuHr8YAyXPq9SK344rh0/EteJH43rxvXi+nGDuGH8WNwofjxuHDeJm8ZPxM3iJ+Pm8VNxi/jpuGX8zB+u7xR3jrvEXeOucQj36TnJucl5yQ+T85MLkguTHyUXJT9OLk4uSS5NLksuT65IrkyuSq5OrkmuTa5Lrk9uSG5MbkqGUCk9ePTKa2985NP59D7FZ/AZ/VU+k7/aZ/bX+IS/1mfx1/ms/nqfzWf3OXxOn8vn9nm89eSdZx/7vD6fT/obfH5/o0/1BXxBf5P3vpAv7Bv4hr6hb+Qf9419E9/UP+Gf8E/6J/1T/in/tG/pn/Gt/LO+tX/Ot/HP++f9C76df9G39y/5l/0rvoPv6Dv5Tr6L7+K7+W6+h+/he/levrfv7fv4Pr6v7+v7+/5+oB/oB/lBfrAf7If6oX6YH+ZH+BF+lB/lx/gxfqwf68f5cX68H+8n+ol+sp/sp/qpfpqf5mf4GX5m6kw/y8/yc/wcP8/P8/P9fL/QL/SL/CK/2C/2S/1Sv9wv9yv9Sr/ar/Zr/Vq/3q/3G/1Gv9lv9lv8Fr/Nb/M7/A6/y+/yu/1uv8fv8Xv9Xr/P7/P7/X5/wH/tD/pv/CH/rT/sv/NH/Pf+qP/BH/PH/Qn/oz/pf/Kn/Gl/xp/15/zP/rz/xV/wwY9JvJ0Ym3gnMS7xbmJ8YkJiYmJSYnJiSmJq4r3EtMT0xIzE+4mZiQ8SsxKzE3MScxPzEh8m5icWJBYmPkosSnycWJxYkliaWJZYnliRCCH3ljjkDflCMtwQ8ocbQ2ooEAqGm4IPhULhcHMoEm4JRcOtoVi4LRQPt4cSoWQoFR4NdUO9UD80CA3DY6FReDw0Dk1C0/BEaBaeDM3DU6FFeDq0DM+EVuHZ0Do8F9qE50Pb8EJo9+crrvBK6BA6hk6hc+gSuoZuoXvoEXqGXuHV0Du8FvqE10Pf0C/0DwPCwPBGGBTeDIPDkDA0vBWGheFhRBgZRoXRYUx4O4wN74Rx4d0wPkwIE8OkMDlMCVPDe2FamB5mhPfDzPBBmBVmhzlhbpgXPgzzw4KwMHwUFoWPw+KwJCwNy8LysCKsDKvC6rAmrA3rwvqwIWwMm8Lm8EnYEraGbWF72BF2hl3h07A7fBb2hM/D3vBF2Be+DPvDV+FA+DocDN+EQ+HbcDh8F46E78PR8EM4Fo6HE+HHcDL8FE6F0+FMOBvOhZ/D+fBLuCCfWRNCCCGE+Id0/YP1nf/GYwYA1KVxFwC4emvOg79drwFgfbb/GndXuZolAODpjm0f+vNSvnynTp0uPXexhijfbABI/NUGLsVLoCk8CS2gCRT5m/V1Vy+e4z+YP3kbQMbf5KTA5fjy/F/+nfkfe2Lo/OLxmSz/h/lnA6Tmu5yTAS7HS6DpF68AQBMo+nfmz97oD+rP8NUYgMa/yckEl+PL9ReGx+EZaPEXz/wr91/199cJIYQQQgghhPiP1l2Vav1H188Xr89zmcs56eFy/EfX50IIIYQQQgghhLjynnux/VOPtWjRpPU/Pkj/zzxZBjKQwf+Lgyv9l0kIIYQQQgjxr3b5pP/yYxmuZEFCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIUQa9Jsv/coAAP+WrxO70vsohBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCXGn/XwAAAP//BdswlA==") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0) 3m28.634154092s ago: executing program 1 (id=13372): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x24, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0x6, 0x1, 0x0, 0x0, @str='5\x00'}, @typed={0x8, 0xa, 0x0, 0x0, @fd=r0}]}, 0x24}}, 0x0) 3m27.986111782s ago: executing program 1 (id=13382): r0 = syz_open_procfs(0x0, &(0x7f0000001240)='net/wireless\x00') preadv(r0, &(0x7f00000026c0)=[{&(0x7f0000000240)=""/4088, 0xff8}], 0x1, 0x15f, 0x0) 3m27.54169977s ago: executing program 33 (id=13382): r0 = syz_open_procfs(0x0, &(0x7f0000001240)='net/wireless\x00') preadv(r0, &(0x7f00000026c0)=[{&(0x7f0000000240)=""/4088, 0xff8}], 0x1, 0x15f, 0x0) 2.446494187s ago: executing program 6 (id=17002): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0xc, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000220000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000110b0008850000000700000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @sched_cls=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r0, 0x0, 0xcc0, 0x0, &(0x7f0000000000)="c1188e19b95d02ff4284860186dd", 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 2.315135102s ago: executing program 6 (id=17006): syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000180)='./bus\x00', 0x804, &(0x7f0000000280)={[{@rodir}, {@numtail}, {@utf8no}, {@uni_xlateno}, {@shortname_mixed}, {@utf8no}, {@shortname_winnt}, {@utf8no}, {@utf8no}, {@fat=@codepage={'codepage', 0x3d, '866'}}, {@fat=@check_strict}, {@utf8}, {@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'koi8-ru'}}, {@utf8no}, {@rodir}]}, 0x9, 0x27b, &(0x7f0000000640)="$eJzs3cFqK1UYAOB/mqRJdJEsXInQAV24Kq1P0CIVxIKgZKEutNgUpAmFFgJVMXblE/gEPo8b8QV8AC93d7u43LmkM0nTyyQlvWlT7v2+TQ//+f85/5kZ2tWc/vBB//jw5Ozo4tf/otFIYm0nduIyiXasxdjvUerfJ+VxAOCRu8yyeJrl6nno/GZGbUZlde3emwMA7sX03/9V9wIAPIyvv/n2i939/b2v0rQR0f9j0Eki/5nP7x7FT9GLbmxFK55HZBP5+LPP9/eimo6046P+cNAZVfa//7u4/u7/EVf129GKdnn9dpqbqh8OOrV4p1h/pxfdL/+KVrxXXv9JSX101uPjD6f634xW/PNjnEQvDovexvW/bafpp9mfz375bhQd1SfDQac+ySuyKw/6YAAAAAAAAAAAAAAAAAAAAAAAeKNtphPtm+fvjA/+nzM/53yg4dT5PFtpmmZJnn9dX433q1Fd5d4BAAAAAAAAAAAAAAAAAADgsTg7//n4oNfrni51MP6sv2QqXtyM1CPi7mttLFoVlaK1XhKx2Fq1qF9V3p5cWXAXzVE/3dOkGst7BMkk0pye2oh8rVGkmQ+mIq+9eiOuBuO36/ggue3hNspekiUMspLXrzKzav3VSLPYQUlyc87q6+/eqeesNWMqiYja5GbOv05tuffw4X4HAQAAAAAAAAAAAAAAAAAAueuPfksmL1bQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACswPX//19gMCyKZ+VkldGgGkVkxVsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgLfAyAAD//0MUZ+o=") mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) 2.107972247s ago: executing program 6 (id=17009): r0 = semget$private(0x0, 0x7, 0x195) semop(r0, &(0x7f0000000100)=[{0x3, 0x401, 0x800}, {0x0, 0xf772}], 0x2) semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000240)) 1.884793887s ago: executing program 4 (id=17013): r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}, 0x48b}, {{0x0, 0x0, 0x0}, 0xb22d}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000880)=""/4098, 0x1002}, {&(0x7f00000007c0)=""/186, 0xba}, {&(0x7f00000018c0)=""/256, 0x100}, {&(0x7f0000000180)=""/231, 0xe7}, {&(0x7f00000034c0)=""/197, 0xc5}, {&(0x7f0000000080)=""/223, 0xdf}, {&(0x7f00000019c0)=""/144, 0x90}, {&(0x7f0000000340)=""/25, 0x1a}, {&(0x7f0000000380)=""/155, 0x9b}, {&(0x7f0000000600)=""/96, 0x60}], 0xa}, 0xffffffff}, {{0x0, 0xffffffffffffffa6, 0x0}, 0x8}, {{0x0, 0x0, 0x0}, 0x5}, {{0x0, 0x0, 0x0}, 0x5}, {{0x0, 0x0, 0x0}, 0x1ff}], 0x7, 0x2100, 0x0) 1.721107608s ago: executing program 4 (id=17016): syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="00a9cea1ba565e336db4c3e8ba9a4bfdf7ab4751a8020fb9d705d20ba76ac020c4ab290e47d8f06dc8fa3b9c54e571365ac4b1166731dccf53c74313"], 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFO40AUhv8ZZxPtaoutVogGJCIRkHBsBxANRQp6JAiIjoiYKOAkKHFBIlFQcQUaCk7ABSgoOAIHCFQ0oaM2sj1JhggIBSAh/q9487/x83jmWfotGYSQH8vd7WOn4188GAD+Io2Umr83BjVSq/9/XSulTlbGLm+OZs8Kp/nh9QSAIHj/8xMArvIGfJUHwfO702pch+zrAiRmlN6EgKn0NiQ2lHYhsKX0nqbrYb1p7lY819ype6VQWGGww+CEITe8v+6xQEnbn9CuN1vt/aLnuY1PFKP6181LLGv7099XrzeW1j8bErbSOQisKb2EVK83cUu0848nBusbX3x+CgqK7yYG/hScC0xr/pTQ/CPrVw+yzVZ7rlItlt2yW3Oc3KI1b1kLTjYyoji+4X+/I3/6o63/65XapEjisOj7DTuO/dyJ40uOm4z8TyIzFedCzelE34N/YjIcMobKCSGEEEIIIYQQQggh5MOZgIj+go7AWY2qnwIAAP//ntd3Nw==") r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', 0x8880, 0x85) lseek(r0, 0xda, 0x3) 1.454647466s ago: executing program 5 (id=17019): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x30}, {0x6}]}, 0x10) sendmsg$nl_route_sched(r0, &(0x7f0000004b80)={0x0, 0x0, &(0x7f0000004b40)={0x0}}, 0x0) 1.411935515s ago: executing program 4 (id=17020): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000380), r0) sendmsg$ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000680)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010027bd7000fedbdf251500000018000180140002007665746830"], 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x80) 1.297970295s ago: executing program 0 (id=17022): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000640)='/sys/power/pm_test', 0x42, 0x0) io_setup(0x20, &(0x7f0000001140)=0x0) io_submit(r1, 0x1, &(0x7f00000001c0)=[&(0x7f0000000d80)={0xf, 0x400000000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000c40)="0d32818e2fa06dfb", 0x8}]) 1.200496591s ago: executing program 3 (id=17023): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x13}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x10}, @NFTA_CT_SREG={0x8}]}}}]}]}], {0x14}}, 0x80}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 1.158748463s ago: executing program 5 (id=17024): syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0, @ANYRESHEX, @ANYRESHEX, @ANYRES64, @ANYRESHEX=0x0], 0x1, 0x253, &(0x7f00000002c0)="$eJzs2s9rHGUYB/BnkpTWlHQj/mxBfNGDehmanD00SArigqCNUAXp1Ex0ybgbMktgRWxOCp569uRZPHoTpEcvufgXeNBTLjn2II4km9o0RmuQ7Ab7+Vz2gXe+vM/s+zK8h3f71dsfr65MxUrRj4ksi4krsRl3s5iNibhnM1556fqPz719/d03FtrtxbdSurpwbW4+pXTh+R/e+/TbF+70z7/z3YXvz8bW7PvbO/O/bD29dXH792sfderUqVO3109Futnr9YubVZmWO/VqntLtqizqMnW6dbn+wPhK1VtbG6SiuzwzvbZe1nUquoO0Wg5Sv5f664NUfFh0uinP8zQzHfwXS9/cbZrYac7ciKZpHvs6zt+JmZ+jFdnjKXviSvbUjeyZzeziTtO0xt0qJ8L6P9oOfNTPRVRfbCxtLA1/h+MLK9GJKsq4HK34LXa3yb5hffX19uLltGc2Pq9u7edvbSxN7uW/vJefi1bMHp2fG+bTg/mzMX1w/vloxZN/zf862V6cPzJ/Ll5+8UA+j1b89EH0oorl2M3en/+zuZRee7N9KH9p7zkAgP+bPP3pyPNbnv/d+DB/jPPhofPVVFyaGu+7E1EPPlktqqpcH0mxu6dGNddDimz/D3j4w89OjLnVky6+Oh1tnFAxub/Qp6WffyrO/KsNOZpijB8lRub+oo+7EwAAAAAAAAAAAI7j0KW/1klckxz3OwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKfbHwEAAP//Ok/KeQ==") creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) rename(&(0x7f00000003c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 1.131179647s ago: executing program 4 (id=17025): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000100)={0x26, 'aead\x00', 0x0, 0x0, 'authenc(streebog256-generic,pcbc(fcrypt-generic))\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) 1.087282727s ago: executing program 6 (id=17026): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)={0x114, 0x35, 0x1, 0x0, 0x0, "", [@nested={0x101, 0x0, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64}, @typed={0x14, 0x3, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00'}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe8101000000010000008b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd"]}]}, 0x114}], 0x1}, 0x0) 999.727943ms ago: executing program 0 (id=17027): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x20802, 0x0) ioctl$TCXONC(r0, 0x540a, 0x2) 988.876627ms ago: executing program 3 (id=17028): openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000340), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r0, 0x404c534a, &(0x7f0000000380)) 912.146661ms ago: executing program 4 (id=17029): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1018ed8, &(0x7f0000000180)={[{@sysvgroups}, {@noload}, {@nobh}, {@noload}, {@journal_dev={'journal_dev', 0x3d, 0x4}}, {@norecovery}, {@errors_continue}, {@quota}]}, 0x1, 0x644, &(0x7f00000006c0)="$eJzs3c9rHG0dAPDvzCZ5kzS+6SsiNigGPLQgTZNarHqxrQd7KFiwBxEPDU1SQ7c/SFKwtdAEPCgoiHgt0ov/gHfp3ZsI6s2zUEUqFrR0ZWZnm81mN7ttsrtJ5vOBzT7zzLN5nm9mn8wzM/vsBFBas9mPNOJUxNubScR007qpqK+cLcq9+teTW9kjiVrtu/9MIinyGuWT4vlEsTAeEX+8EvHpyu561x89vrNYrdU9jTi3cffBufVHj8+u3l28vXx7+d7C+a9duDj/9YULC00N/XAniuer177z+V/85IdfXflT9WwSl+LG6I+XoiWOgzIbs/G2CLE5fyQiLmaJNn+Xo+YYhFBqleL9OBoRn43pqORLddOx+vOhNg7oq1olora3pFsB4KjSvaGsGuOAxrF9b8fBN/o8Khmcl5frB0C74x8pTjmM58dGk6+SpiOj+rmNkwdQf1bHmyfjz948mXkWO85DvH63dUYOoJ5ONrci4nPt4k/ytp3MI83iT3cc6ycRMR8RY0X7vrWPNiRN6X6ch9lLj/FXsvibt0MaEZeK5yz/ygfW33paa9DxA1BOLy4XO/LNbGl7/5eNPRrjn9ge/zxtvG5q/5dkcsPe/3Ue/zX29+P5uCdtGYdlY5br7X/laGvG33529Ved6q+P/2aeNR5Z/Y2x4CC83IqYaYn/p1mwxfgniz9pM/7Nity81Fsd3/7zP652Wjfs+GvPI063Pf7ZHpVmqT2uT55bWa0uz9d/tq3j93/4wW871d8+/o/6EGl72faf7BB/0/ZPW1+X/U0etP+VW60Zv7v+/G6n+qe6bv/072NJ/XhzrMj50dbGxtpCxFhyrShS5C9ubKyd3zveepnXtfx5oR7/mS+17/873v8tUU00/mX24MH37rzqtO5D3v9NF5Pf1npsQydZ/Evdt/+u/p/l/bLHOv7z/Ydf6LSuffzJvmICAAAAAACAskrza7BJOvcunaZzc/X5sp+JybR6f33jyyv3H95bijiTfx5yNI00yT8yMl1fTlZWq8sLxedhG8vnW5a/EhGfRMSvKxP58tyt+9WlYQcPAAAAAAAAAAAAAAAAAAAAh8SJYv5/4z7V/67U5/8DJdH9BnO77v8AHBP9vMEkcLjl/X+vXfzHg2sLMFj2/1Be+j+Ul/4P5aX/Q3np/1Be+j+Ul/4P5aX/AwAAAMCx9MkXX/w1iYjNb0zkj8xYsc6kXzjeRt+rdKVv7QAGT4+G8np36d9gH0qnp/H/f4svB+x/c4AhSNpl5oOD2t6d/0XbV27b2n/bAAAAAAAAAAAAAIC606c6z/9/v7nBwFFj2h+U1z7m//vqADjifPU/lJdjfKDLLP4Y77Si2/x/AAAAAAAAAAAAAODATOWPJJ0r5gJPRZrOzUV8KiJOxmiyslpdno+IjyPiL5XRj7LlhWE3GgAAAAAAAAAAAAAAAAAAAI6Z9UeP7yxWq8trzYn/7co53onGXVC7F671UGbPxDfjPV8VyeD/LBMRMfSN0rfESFNOErGZbflD0bC19TgczcgTQ/7HBAAAAAAAAAAAAAAAAAAAJdQ097i9md8MuEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMHjb9//vkliarL+gp8I7E8OOEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4mv4fAAD//6AzO/k=") quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000002540)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000140)={0x0, 0x2, 0x7fffffff, 0x7ec, 0x2000010000, 0x2000000000002, 0x3, 0x0, 0x7ffc}) 837.235547ms ago: executing program 5 (id=17030): r0 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi1\x00', 0x2180, 0x0) ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000300)={'pcl730\x00', [0x2f00, 0x5, 0xd09a, 0xfff7ffff, 0x3, 0xfffffffe, 0x20000024, 0x6, 0xfffffe00, 0x9, 0xb, 0x1005, 0xe2, 0x5, 0xffff, 0x6, 0x5, 0x40000029, 0x2, 0x30000, 0x5, 0x2, 0x407fe, 0xe2df, 0x2, 0xd, 0x1007, 0x3, 0x4, 0x5, 0x200030f]}) ioctl$COMEDI_INSN(r0, 0x8028640c, &(0x7f0000000080)={0xc000002, 0x2, &(0x7f00000003c0)=[0x4, 0x0, 0xe13, 0x9, 0x80000000, 0x4, 0x3, 0x9, 0xff, 0xb, 0xdd0, 0x2, 0xfff, 0x7ffffffc, 0x9], 0x2, 0x1}) 746.091696ms ago: executing program 3 (id=17031): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='hugetlbfs\x00', 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x2270469, &(0x7f0000000140)=ANY=[@ANYBLOB='size=t']) 744.958557ms ago: executing program 6 (id=17032): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x20, 0x0, 0x0, 0xfffff038}, {0x6, 0x0, 0x0, 0x6}]}, 0x10) syz_emit_ethernet(0x1388, &(0x7f0000003ac0)=ANY=[], 0x0) 732.830664ms ago: executing program 0 (id=17033): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000064000000030a01030000000000000000050000000900010073797a30000000000900030073797a300000000008000a40000000032800048008000240000000120800014000000000140003006e657464657673696d30000000000000080000000000000014000000110001"], 0xac}, 0x1, 0x0, 0x0, 0x4008805}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="14000000100001f500000000000000000100000a14000000020a497f75241d4e1deb00000500000614000000110001"], 0x3c}, 0x1, 0x0, 0x0, 0x2004c040}, 0xc050) 507.1474ms ago: executing program 6 (id=17034): syz_usb_connect(0x3, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xfe, 0x85, 0x71, 0x8, 0xb48, 0x3007, 0x4f64, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x38, 0x0, 0x0, 0x23, 0x52, 0x26}}]}}]}}, 0x0) r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x500) pread64(r0, 0x0, 0x0, 0x1) 468.372377ms ago: executing program 5 (id=17035): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="12000000040000000400000001"], 0x48) r1 = socket(0x1, 0x1, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000080)={r0, &(0x7f00000000c0), &(0x7f0000000000)=@udp=r1, 0x2}, 0x20) 411.821777ms ago: executing program 3 (id=17036): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000480), 0xffffffffffffffff) sendmsg$TIPC_NL_PEER_REMOVE(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000a40)={0x30, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NET={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc}, @TIPC_NLA_NET_NODEID={0xb}]}]}, 0x30}}, 0x0) 317.928966ms ago: executing program 0 (id=17037): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_STAT_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x18, 0x1411, 0x1, 0x0, 0x0, "", [@RDMA_NLDEV_ATTR_STAT_RES={0x8, 0x4b, 0x3b}]}, 0x18}}, 0x40) 231.554278ms ago: executing program 5 (id=17038): r0 = socket$inet6(0xa, 0x2, 0x3a) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x1}, 0x1c) sendto$inet6(r0, &(0x7f0000000100)="800037e9220ca1ce", 0x8, 0x0, &(0x7f0000000140)={0xa, 0x4e24, 0x6, @mcast2, 0xf}, 0x1c) 204.528948ms ago: executing program 0 (id=17039): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000000100)={[{@dioread_nolock}, {@norecovery}, {@resgid}, {@nojournal_checksum}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@errors_remount}, {@grpid}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x343}}, {@grpid}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@nombcache}], [{@subj_user={'subj_user', 0x3d, '('}}, {@measure}, {@smackfsfloor}, {@appraise_type}]}, 0xfd, 0x588, &(0x7f0000000680)="$eJzs3d9rW1UcAPDvTZP96rQdjKE+yGAPTsbStfXHBGHzUXQ40PcZ2qyMpsto0rHWgduDe/FFhiDiQPwDfN/j8B/wrxi4wZBR9EGFyk1vuq7Nj7bLTF0+H8h2Ts5Nzv3m3u/NOfcmTQAD62j6Ty7i1Yj4JokYWdeWj6zx6Opyy4+vT6W3JFZWPv09iTMbnivJ/h/OKq9ExC9fRZzIbe63trg0W6pUyvNZfaw+d2Wstrh08tJcaaY8U748MTl5+u3Jiffefadnsb55/s/vP7n34emvjy1/9/PDQ7eTOBsHs7Y0rh50cWN95Wjpn6xUiLMbFhzvQWe7SdLvFWBHhrI8L0R6DBiJoSzrgRfflxGxAgyoRP7DgGqOA5pz+x7Ng/83Hn2wOgHaHH9+9dxI7GvMjQ4sJ0/NjNL57mgP+k/7GH1w5/bdB3duR+fzEPu71AG25cbNiDiVz28+/iXZ8W/nTjVOHne2sY9Be/+BfrqXjn+SGxGb8j+3Nv6JFuOf4Ra5uxPd8z/3sAfdtJWO/95vOf5dO3SNDmW1lxpjvkJy8VKlfCoiXo6I41HYm9Y7Xc85vXx/pV1bGv/dbPyX3tL+m2PBbD0e5vc+/ZjpUr30LDGv9+hmxGstx7/J2vZPWmz/9PU4v8U+jpTvvN6urXv8z9fKTxFvtNz+T65oJZ2vT4419oex5l6x2R+3jvzarv9+x59u/wOd4x9N1l+vrW2/jx/3/VVu17bT/X9P8lmjvCe771qpXp8fj9iTfJwf3nj/xJPHNuvN5dP4jx9rnf+d9v908vX5FuO/dfhW20W7xv/3ukn6U25usffO0vint7X9t1+4/9EXP+w4/sb2f6tROp7ds5Xj31ZX8FleOwAAAAAAANhtchFxMJJcca2cyxWLhUbb4TiQq1Rr9RMXqwuXp6PxXdnRKOSaV7pH1n0eYjz7PGyzPrGhPhkRhyLi26H9jXpxqlqZ7nfwAAAAAAAAAAAAAAAAAAAAsEsMt/z+/2rbb0P9XjvguWv8sMHefq8F0A9df/K/F7/0BOxKXfMfeGFtP/+dGYAXhfd/GFzyHwaX/IfBtdX8L4w85xUB/nPe/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqfPnzqW3leXH16fS+vTVxYXZ6tWT0+XabHFuYao4VZ2/UpypVmcq5eJUda7b81Wq1SvjE7FwbaxertXHaotLF+aqC5frFy7NlWbKF8oFf2wYAAAAAAAAAAAAAAAAAAAANqktLs2WKpXyvELbwpno5RMmu++VP5Ot0o4ent8tUSj0tNDHgxIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbPBvAAAA///YBDOu") r0 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2) ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205647, &(0x7f0000000100)={0xf000000, 0x67, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000140)={0x98f910, 0x4b, '\x00', @ptr=0x20001100}}) 192.662921ms ago: executing program 4 (id=17040): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f0000000300)) 188.151669ms ago: executing program 3 (id=17041): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_LINK_TOL(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)={0x30, r1, 0x1, 0x70bd26, 0x25dfdbfd, {{}, {}, {0x0, 0x18, {0x10, @bearer=@l2={'eth', 0x3a, 'wlan1\x00'}}}}}, 0x30}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 113.280685ms ago: executing program 5 (id=17042): syz_mount_image$hfs(&(0x7f0000000300), &(0x7f0000000880)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc10, &(0x7f0000000180)=ANY=[], 0x3, 0x300, &(0x7f0000000980)="$eJzs3btPFEEcwPHf7N3BIQRXwJBYoiRWRrExNhjD32As1IjcmRAumAAmYiOxNsbOR2dhZ21sLO2J1kYrY2EP3Zp5LLd4u7P34G45/X4SLuvtzOxvdmdnZy5ZRwD8t64vfX93+af+UyIlKYnIVZFARKoiZRE5LbPVh+tbq1uNes1XUMnk0H9KbE7VkmZlvZ6WVeczOZxQ/6ssE8nv0B9RFEU/vpb8aU4OLBwUxNz9UWs7CERG3d1pdlaLCK4PdooOoGBqX/blkUwWHQcAoFj6+V+xA3/9nJ9w4/cgEJl3j/0he/77R637gwvkWEo8/80sK1L6+ppTpprzPTOF0/uDeJboKTFzz4jYgeSh0aXKm1WaWIKx+6uN+oWVB41aIE9l0UkkmzGfNdt0YznRznmCTZFf9yymxkFF12EhI/7pbo74svNQDuxFalfdUaG8kdrB+K8cmTNirlRo4g4PMtj4L5rtG5WUEsf1h1ImVUYtT5mDnHFHkI/v26hlVTKnpSOuTNt0n9gvwzjOFyOeXFNy+GcFW7tLWUdyuaZTcy3k5Jpp5voV95yuNWfn7F5Gtf+inqubak5+ywdZSoz/A322502C+LR7glQmpWsZ3vqUTcqwjcCCtsJHu9Ju1aZnck+uyOTm9uO15UajvtHuxqdvHSQ+qo3Xb+1GqZdy4pq37CpLrxFGo7bofp2ELiPUXU4HueIG0+9rKiI77pv4mmQmjvu0tHJU66Uclg3puZySjMpa3GceWWDubO+sLTfsVvpAaazbPgnHTKJ7nL2VnzwaREwYKN2HKDv/MyN5O6q7Zvbp2z804/SKpI3Tc9uDKfHV7V07fUjMDZqD1SnzeaKjGdx49gwuUQfvnOvseZFzniN+Plxs6OL8R6gl+SJ3+f0fAAAAAAAAAAAAAAAAAABg2OS+GLAXbWxuu9dbunwzpOAqAgAAAAAAAAAAAAAAAAAAAAAw9Hzr/5o1MnPW/43fDMhe/zfxv3rnr/+7qAvKWP/Xv0gtgI79CQAA///D62tS") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='blkio.bfq.io_merged\x00', 0x275a, 0x0) write$UHID_INPUT(r0, &(0x7f0000002000)={0x8, {"488085fddf7e1378d3ad4adb6e165913c1f7ae15c9b4ed75d7413838ff0d9381cead5adbe8228d9ba29fe815a6f64afca949ca64011b9d8c93b4272d6428962fe017b1cb68796b7b800b25eb3013496be2e3e973309e6842f2df0e5309a233d16ced2bc26cd6f7db616268621fe160c1644afc707a535571e0a936469f5dd6d60c6962109cd8de336fc0938bcd412788f01c1d84e33d5eaa3e140944ddefde0366395044cf0f095786b3f1fd27c0eaf2d0df657acf52c9220297bc28779a85ac06d4f14c31cbfced5519b61ddf599c08c7f10e385e4a6637e44ce117631e6d561c5118ad8e21bba948e572e54c67516e0f2a504f05f23e00d9b04160dac7e52d6caacf617d94e200e9c97771d56fe7b2ad6b69247904463f36b11e74b41ea9e63e77ded5af1406fe0f01f2350e756fd41c94f9dee22f611720853d7f8fd755903f1c3e044bd704bd4255c570cc0c82cacec7b9b7720cd6d5b2cd96e583ff1ddb0ad39155daa2f29a4f61298b44ea802bbac9b1f552cf0279f52ff200178468b94b293f7052817d89adb9130a3eaec5ceeeb386a31a7d9807f069ad07e3488e99a0b7f7f92fc2a63226175432a93ae4dc820e702d21bdec10a773c7b3de3f0ec4b5f8af60a159aaa4231ed4e79883acf5d2eed3a0fd3445d46d7fbbd47f2c610d96d6435293b103db15b8e7383e63e9d672410f5248183d4e608e7aee4d9dbfd040fb3fae39faec3cc0f5410d0d479bc1b7addd255ba502a52fa858eb6574530fd16c01e1138b19258e1c40b9a29a8672f418159f663bc8fe634e3a0d23dde1ced471cfb1decc1a9464667771b795229b1906651e9e5e4402c7e75182b1432acb4b54c499358585aa83fca804fbdd12dfd3b9e95b0ac718cadb879a2898d86c4ed914a59918df6ba519de4599f662811202158e418cef0d103ed4e77833d4dea6e59f7fef1c86f818121655dd1b2cb3717c892a289797049911356b5dd5dc0c50caadd0dd0318994d730fd6e6953e01730fb2682ab3f7ca8b4d596574456f59b95f34ff6f79db68b495010b8816a7b55229b35a2790f25c42ef1efcc5271c66500fc285de61516fc401518ba1ae388f90b0a5760e01031ceed37d1eb8a792f4a196a9fa0ff1579358bfe5c63744027d1a01e0a4602c79c2fe727034a4d810f0a2c30dc5a4c122e510e4d6348774754bf1f924c1d5a31dccf345a6c752389cc38e46e968e3b2815e2ecc3e5827f198f5d836b5783e9d7cc5bc5ba1715d23a4c35157b28e997010c627cbcebda89d08ac88e3d2f387c87af78b2a565dd5704bf3c12e4019d91890ad4f660345b384b59fad6d9f56f1fcf35babe5a9fbd8dd3908be450edf05ca8a3154fb3ac1af485508c61a7ba322ac06928e7d660fee6bfef74c9c4f22bbab318077446163a3230a3d486ce6d71aed12e2581e4208eed1a540560921ac89e9372482594351a5ff0cf9e95e80f0a69c4d621638c9056ae0bdfc44895f061767aba8400da865b73b5488c690694af744372c00d87bba4664a60f13f1453337113055d7b659a87208c1e663e4d35f0ebcfe70459f5ec5812434468cec38d3fbcf90598de986b3d49ad45e7b3b230fc389b5278ed6242abe9c44a8c74438968cc9b7a253d89c5b14f7a917b86a6d51f5d5380f2a7606dbe1867fd781fab284d153e20f5bf1a2c8156b93e60dc8945eb8385d937537b785f6f6af81ea0131398c77819ddea78eadf6b6f019db772e69e9cde3540ddc95625987b4a4e1dbbf15bc0217abac6cc3ff0650ed11fa612b90afaab842be4c2bd9967702b023e8ecd5f4a0e62af56f7320241a8516bcdf344a4421eed035b8c5a126820c5dc3962f5df4bf369bd6260eb09aa8e1310bf6f28aba0e3236f699721daa26950de7fa8fd8c3d2adebc101e304d0ed1af839c74b6cc42a6d7244f6b31ed08f6f12f62569b2c0602cc371962bff74b9b3c5f6326247d4ffec7f2d0a073e5a678e76f4243533001b1c0de6739c5c6ec0195fa9a8e898c2068bb614c40c403324e84cdbc530121217ba49f300aa8d5056d170d0a6bc8827ee20d55401b9f401b12e212cf630781139978b5fb38fdf768fec87b79f7a70d6083c3df98019ebd09b7941708e06c8d9fa930a1fdb993e0061343c87b4cf47dd36f9a3d603ca986f5144af403b7b04a93f5808a8c192df5e4c17af1ec23eddd1e7fc91109e6a4cfe5e23435bcabf3915ce5242cb6f7974e97c8ad3773e3a510afa52c4193c36fd1b99a02ece5b19ad35eb8fa97b57fd1641b463de79cdd2aac5d5b4060a040ad1d5752d70015b74d556fb4ef0cc8747591edc8858707616104f0ec342fb3a9b95df31b6f84e56387aae80a72d8dd670be7aaeef54065d6e2d7837481ce5622ee3c115d02d50efdb20aaf25b636d6d6c7e49f50a4b30ae243ecf1187ffe851c52bb1849c5e5c0979b758b747aebfdab58d8fd60faa5d5005f401c661256183dd4e7cba38b4ccf03506398eab901595dc2de27ab231abdddffc9d120abd8025b77ac47f39b6373a38a09bc045559578ccdf0402385177d499333d06d2cd3f604689d50dcd01b04ffbcb545385da389e4b6102ee77febb8a34a906f822601e61d2d3fc9e206caf3753f65422a5ff31dc3b3c4d09aa9a90f9ebc858ee2e4df6a730948e436586c665a3c64aab00aa757d252eec5b8bea5035a5b9f644cb84a991286edc2a394cef9fd40ad085aa99680aea363dc163c2ef40e0f289e0b79dc600f31ae510bbd74f963632ff25230a1ec866fed0db0d0af59c5b9f4a18659f5a218c3d0db80700719a61e59efbd5f996145139e5654a9290bf504eb7453775b8c6190ff51d4c04ce9384060f1dd34799fee04c0f951ae15cb589f80dc544c05421d60f51cbc78df7dceff213575bfebe2bb307d196ef0a5cf3c2608fbb969a574e6dce9132246447a84cab6dd4923281cf40bc19c29585a02bc0d2d491907e5b528a1cfc7b2fe88dc2520ea49903423cb7a0d23530daa7217e7f312d4ec67c02fc74ab8d91b8ead50bfe9508b0f7d70e88868ee1a5f38349054374ae463d1148e0ca238c0f9fe7b40f6fba87498697f3220612ea66feb18a29f1df04234ac3d69e0706d0deef321d09ee16de188a32f4c41635cf48ee35a42140fc08b42c2e0e289a3c73fd4b0e656a72b29b99093127a17aaa199610787787abb0f4613dd03332a9306b9b5e98e9c839ffce5e72c44b288593bee47253613dc0fc3e583ab9aac7e1a161dfc36bd038d533eb6829b22dc1a01f055c16f83c1b1abe049b5744508456658c6df44c13d6ab1a18d76a55740cdcfca4a1dd81b54d9c4e71cef9f4b55f1ebc7751766175d631f9607f22a613377f6d96afaddbc66cbeef20ae578468f33265516ee711e2591e1af272a35bf5cedc78aec6e330bf6f3f3b9cdb7d373754125c9caea6a4d344d098c7332175b09441cc11040e5b71e9b975b2aaaaa5f8c5f502b00ad3ade9de204602aa227c9f11da55107b79802c09d246050c6580d92559a47935cfb59b47e88aa8095ea1ac34578697ffe89c440a2369f6661db2c24f1056d553e200184b927b359efba5db1e69e7f2cf5e4dd9c9bbc3e085fc38c43f436aa47abcc1e9986fc0226262588110c5b27c6fe9b8072cd8204c500883d3b9feaed80d5d87929d01b9bad995ed58a1be3ccad600840c6424625f4f4c221c8e1cd11af1a5ac153954ac6b441692f296ac2d529233d317fecf3fbfa53f77c8ea47d1385e3ca4b8b55fd2467cac15af1bfa04fb41784305a4b9aed6880cfba9629d6dabd22b2bd90c1aad0f2e0dff0777112b1e313447cf9417a52a58b17cc73ab03d4841ec9b1dc3f75d0fb5ece65c99982b338bb2f42b68104d94c826247814bd68e7c9664e8b2a9fdaf7fde4730960b43a496cb818badfbc97d1e51aa7817657e49536e69cacb3c4abb27dfe10d5c962fabdd3056d290a2b969e7f61d144e22539c5e2027b57c8e099db6ab8f0fdda7412b393af60e3299478744e9071801c4c39b0c87d4f237ade73b955812f254e641844e985d40f3e4df51bf7a9c81f02d22ad8296fe94d4664f3c0d113974ba222dab68c4407e9d5359205a5fec059d4370e0d15fd040ced32baa7e8586d38680a4c2e4e5679c0d374636e9dc0fd9a06808671f08e8c19b0bed18540de8107855f410f8954e078755a8c7b0822c25e2534887c9593aa1e008e78244cfec5b347a847ecf61cb207dcb2170b663a54d98ffeea991a9d944e4a8302bf37231bf3558c6b2fcaf925becb663bb574341bc81bbc50e9f0108c5d8a7783caf25bcb3bc24368e8a4915785652877555d22f7d6cbcb12049180ee4c49502d41c0fb00e31f3835b53e622e85290ee5a641eb9215567fed4782484ba8ccb43d81d3ef3ca5d8a2e3389864c15946e3d5dad607447f35a5396c27e99e20a1b98393169d85e788e9c4f9367649b308094479bc0ad8d68f0dc655724e2d9f599557f567fe7fd11f87b37df7ce0530e40d7e0ab06c2b273716e2598bd6e816c18c2e3c038b199e58424a5d72759af13e121e21d263fa0f24577a32b4356919cc22c5d1929b15590a53861aaf68aaa9ed404d1e64c3c6b0fa19e0a5299bd46867aff993b87ce96fd493fa2b125ea23907f9598acc33cd7e90c2383d5af5d232d979766ac2743c93d947db811d38df20742fa1db7c6f2306ec008ca9d53faf1a7cc2372d42437f906ef6ff9db785ac575c97e4f568e57414a0881ffe1b8dee59240305e28ab5f4f2c990c959009b022a656386229c7a71b3fcbc381a1f3511751ef19653d8e7dd0de12f630c719413a84b385802f5e8e2680cc2afa7fbb1cd1193a1e5af32ad07b24ba1c05904d3325634d10aa685d97f9c1d58377cfa46f17f0f57c7d48ce0917a8b4f5bccdf60e52764b7a826e6ccab1b70821a74cc5cc2e15532d3ef346aaf9c31fe0e0776bb1e3f4f5f276bcf53f5ea9018609b18b47497dba8e73676d2fc2fba47472ffba25ba7ddca1e9754b516eff05a05eaba9e7752f8d97f99684e3a53ded2d2c1913a6e488c65f57f8d85d261c762c37015c756e0aeed54edda41236bae33ed83c688478bcd94ce9e67971c0f8e588f1a3a4cd3f7da5e571c1984d9c9a10bb7eaf8414cbabf5fb97a17a67d10ae1a7ab96a8df88da1e82e797e67b534f765a5dcac76bb769d9547f375cfbea8d9f434f48d60e05df8797919fef5cb01a04177ed092a37f71f7948279bc4c35e3239e943a1507cff0b7152dd95c27e573e0191cfe1bc9f3862e5329ddcd160c61fc5bb82b57d8086e1e74abfc36bb43404357c50eb150fcaea9aac90fa0c413ea9f8538055a45b77d5a7548f6a4f2414714495576a1de459a55ab298a2a2fa33459da0d205e4b91d340c0721226e546f323bb878605590b66516fa51fd635e5eaa580486f6fb543b6b5236871aa3dedcb44e7d73d9bf704420fc0bb9b1a0f21e848ed9161e9bf1ae3bc628861b5007f0a38884a178dc85dbf034e9234fe603698cda4811dfcb73253335ca7cee533957578a9b97f149ae6dbd43c4aae8a16da135830f7a1c5b913838d5c28936f45f2d9ed991ec7a3ab83df4dd6fe2ff720a6b8abf40927bf8835bfa25effb92eadea47ae1629193ee5707767b13771cb105f231be2af8380a85b9de42f682d22d17c926ccbe39ea3fa7a5d3c0f6b3dc7802b927a36cd04ade3e02bf8ce06a52585388fb8f49df4dda68e9eb426da9c0909d5b9cf4b16c2e3f78331c8683a1698033ea0b1ed4dd33edeecd89c4f14caf84d52336e500", 0x1000}}, 0x1006) 51.921653ms ago: executing program 3 (id=17043): syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) r0 = socket$kcm(0x2, 0x200000000000001, 0x0) setsockopt$sock_attach_bpf(r0, 0x1, 0x50, &(0x7f0000000100), 0x48) 0s ago: executing program 0 (id=17044): pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) syz_usb_connect$uac1(0x0, 0xa4, &(0x7f00000001c0)=ANY=[@ANYBLOB="2a01000020000040b708000000000000430109029200030172e5000904000000010100000a24010000000201020c0d240700000500006e626805000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r1, @ANYBLOB="05", @ANYRES32=r0], 0x0) kernel console output (not intermixed with test programs): 24595][ T6007] BTRFS info (device loop5): turning on async discard [ 1174.231421][ T6007] BTRFS info (device loop5): enabling free space tree [ 1174.285886][ T30] audit: type=1326 audit(2000000197.402:2834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6068 comm="syz.4.14525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1174.385725][ T30] audit: type=1326 audit(2000000197.402:2835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6068 comm="syz.4.14525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1174.438302][ T30] audit: type=1326 audit(2000000197.439:2836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6068 comm="syz.4.14525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=173 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1174.502546][ T30] audit: type=1326 audit(2000000197.439:2837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6068 comm="syz.4.14525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1174.526170][ T30] audit: type=1326 audit(2000000197.439:2838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6068 comm="syz.4.14525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1174.549327][ T30] audit: type=1800 audit(2000000197.476:2839): pid=6058 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.14522" name="file2" dev="loop6" ino=1048724 res=0 errno=0 [ 1174.623897][T17493] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1174.977876][ T6089] loop4: detected capacity change from 0 to 64 [ 1175.698928][ T6116] netlink: 16 bytes leftover after parsing attributes in process `syz.5.14548'. [ 1176.473539][ T6155] xt_l2tp: invalid flags combination: c [ 1176.487634][ T6156] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1177.296006][ T6191] netlink: 'syz.3.14585': attribute type 27 has an invalid length. [ 1177.333352][ T6191] netlink: 'syz.3.14585': attribute type 3 has an invalid length. [ 1177.343594][ T6193] SET target dimension over the limit! [ 1177.369326][ T6191] netlink: 132 bytes leftover after parsing attributes in process `syz.3.14585'. [ 1177.612925][ T6203] netlink: 16 bytes leftover after parsing attributes in process `syz.6.14591'. [ 1178.755413][ T6215] loop4: detected capacity change from 0 to 32768 [ 1178.847910][ T6215] read_mapping_page failed! [ 1178.853201][ T6215] ialloc: diAlloc returned -5! [ 1178.971934][ T6259] netlink: 132 bytes leftover after parsing attributes in process `syz.6.14620'. [ 1179.153207][ T6264] loop4: detected capacity change from 0 to 128 [ 1179.212983][ T6264] befs: (loop4): invalid magic header [ 1179.528562][ T30] audit: type=1326 audit(2000000202.311:2840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6275 comm="syz.4.14627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1179.628584][ T30] audit: type=1326 audit(2000000202.311:2841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6275 comm="syz.4.14627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1179.728723][ T30] audit: type=1326 audit(2000000202.349:2842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6275 comm="syz.4.14627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1179.786367][ T30] audit: type=1326 audit(2000000202.349:2843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6275 comm="syz.4.14627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1179.836923][ T30] audit: type=1326 audit(2000000202.349:2844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6275 comm="syz.4.14627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1180.006116][ T6295] netlink: 8 bytes leftover after parsing attributes in process `syz.5.14636'. [ 1180.161718][ T8424] usb 1-1: new full-speed USB device number 57 using dummy_hcd [ 1180.353411][ T8424] usb 1-1: config 252 has an invalid interface number: 251 but max is 0 [ 1180.362197][ T8424] usb 1-1: config 252 has no interface number 0 [ 1180.369088][ T8424] usb 1-1: New USB device found, idVendor=0c45, idProduct=6280, bcdDevice=d5.fc [ 1180.417602][ T8424] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1180.452356][ T8424] gspca_main: gspca_sn9c20x-2.14.0 probing 0c45:6280 [ 1180.634344][ T6287] loop6: detected capacity change from 0 to 32768 [ 1180.907075][ T8424] gspca_sn9c20x: Write register 1001 failed -71 [ 1180.949071][ T8424] gspca_sn9c20x: Device initialization failed [ 1180.975167][ T8424] gspca_sn9c20x 1-1:252.251: probe with driver gspca_sn9c20x failed with error -71 [ 1181.013028][ T8424] usb 1-1: USB disconnect, device number 57 [ 1181.180657][ T6328] loop5: detected capacity change from 0 to 2048 [ 1181.237023][ T6328] NILFS (loop5): invalid segment: Inconsistency found [ 1181.269389][ T6328] NILFS (loop5): trying rollback from an earlier position [ 1181.325731][ T6328] NILFS (loop5): recovery complete [ 1181.342447][ T6336] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1181.379871][ T6339] loop6: detected capacity change from 0 to 512 [ 1181.419965][ T6339] EXT4-fs (loop6): orphan cleanup on readonly fs [ 1181.433294][ T6339] EXT4-fs error (device loop6): ext4_iget_extra_inode:5079: inode #15: comm syz.6.14651: corrupted in-inode xattr: invalid size in ea xattr [ 1181.497250][ T6339] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.14651: couldn't read orphan inode 15 (err -117) [ 1181.542128][ T6339] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1181.669320][ T3280] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1182.228399][ T6361] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 1182.345981][ T6366] loop4: detected capacity change from 0 to 128 [ 1182.385398][ T6366] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 1182.450405][ T6366] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1182.596174][ T6370] loop6: detected capacity change from 0 to 4096 [ 1182.626736][ T6370] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512). [ 1182.731306][ T6370] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 1182.775462][ T6370] ntfs3(loop6): ino=19, mi_enum_attr [ 1182.844328][ T6370] ntfs3(loop6): failed to convert "c46c" to macromanian [ 1182.886832][ T6370] ntfs3(loop6): ino=20, mi_enum_attr [ 1183.167458][ T6396] netlink: 'syz.0.14678': attribute type 1 has an invalid length. [ 1183.185705][ T6396] netlink: 'syz.0.14678': attribute type 1 has an invalid length. [ 1183.194074][ T6396] netlink: 224 bytes leftover after parsing attributes in process `syz.0.14678'. [ 1183.277744][ T6398] netlink: 256 bytes leftover after parsing attributes in process `syz.0.14679'. [ 1183.332304][ T6402] loop6: detected capacity change from 0 to 1024 [ 1183.424476][ T778] usb 5-1: new high-speed USB device number 51 using dummy_hcd [ 1183.614303][ T778] usb 5-1: Using ep0 maxpacket: 16 [ 1183.642785][ T778] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 1183.667609][ T778] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1183.675684][ T778] usb 5-1: Product: syz [ 1183.684688][ T778] usb 5-1: Manufacturer: syz [ 1183.698777][ T778] usb 5-1: SerialNumber: syz [ 1183.722864][ T778] r8152-cfgselector 5-1: Unknown version 0x0000 [ 1183.752389][ T778] r8152-cfgselector 5-1: config 0 descriptor?? [ 1184.231149][ T3798] r8152-cfgselector 5-1: USB disconnect, device number 51 [ 1184.340089][ T6440] xt_TCPMSS: Only works on TCP SYN packets [ 1185.163222][ T6464] loop4: detected capacity change from 0 to 512 [ 1185.239634][ T6464] EXT4-fs: Ignoring removed nobh option [ 1185.338576][ T6464] EXT4-fs error (device loop4): ext4_do_update_inode:5635: inode #3: comm syz.4.14708: corrupted inode contents [ 1185.387634][ T6464] EXT4-fs (loop4): Remounting filesystem read-only [ 1185.399355][ T6464] Quota error (device loop4): write_blk: dquota write failed [ 1185.406943][ T6464] Quota error (device loop4): qtree_write_dquot: Error -30 occurred while creating quota [ 1185.418114][ T6464] EXT4-fs (loop4): 1 truncate cleaned up [ 1185.428915][ T6464] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1185.442077][ T6464] ext4 filesystem being mounted at /2973/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1185.607377][ T5853] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1185.771952][ T6453] loop6: detected capacity change from 0 to 32768 [ 1185.856925][ T6453] JBD2: Ignoring recovery information on journal [ 1185.997954][ T6453] ocfs2: Mounting device (7,6) on (node local, slot 0) with writeback data mode. [ 1186.298460][ T6496] loop4: detected capacity change from 0 to 4096 [ 1186.319257][ T3280] ocfs2: Unmounting device (7,6) on (node local) [ 1186.411967][ T6496] ntfs3(loop4): ino=1e, "file1" attr_set_size [ 1186.421070][ T6496] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 1186.908609][ T6522] loop5: detected capacity change from 0 to 1024 [ 1187.039870][ T43] kernel write not supported for file /input/mice (pid: 43 comm: kworker/1:1) [ 1187.150812][ T6535] openvswitch: netlink: IP tunnel dst address not specified [ 1187.379732][ T6546] loop6: detected capacity change from 0 to 16 [ 1187.400964][ T6546] erofs (device loop6): mounted with root inode @ nid 36. [ 1187.575735][ T6554] mmap: syz.3.14750 (6554): VmData 37470208 exceed data ulimit 1023. Update limits or use boot option ignore_rlimit_data. [ 1187.895279][ T6558] loop6: detected capacity change from 0 to 4096 [ 1187.946037][ T6558] ntfs3(loop6): Different NTFS sector size (2048) and media sector size (512). [ 1188.073364][ T6558] ntfs3(loop6): Failed to initialize $Extend/$ObjId. [ 1188.217373][ T6576] netlink: 14 bytes leftover after parsing attributes in process `syz.5.14761'. [ 1188.389130][ T6553] loop4: detected capacity change from 0 to 32768 [ 1188.429793][ T6553] (syz.4.14747,6553,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1188.459438][ T6553] (syz.4.14747,6553,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1188.567316][ T6553] JBD2: Ignoring recovery information on journal [ 1188.703379][ T6553] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode. [ 1188.748052][ T6553] (syz.4.14747,6553,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x98842a5e, computed 0xdf97dca5. Applying ECC. [ 1188.861379][ T6553] ocfs2: Unmounting device (7,4) on (node local) [ 1188.905776][ T6576] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1188.988932][ T6576] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1189.018684][ T6576] bond0 (unregistering): Released all slaves [ 1189.300534][ T6603] loop6: detected capacity change from 0 to 1024 [ 1189.453397][ T6610] netlink: 'syz.3.14777': attribute type 4 has an invalid length. [ 1189.484666][ T6610] netlink: 152 bytes leftover after parsing attributes in process `syz.3.14777'. [ 1189.582013][ T6610] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check. [ 1189.935220][ T6626] netlink: 4096 bytes leftover after parsing attributes in process `syz.4.14785'. [ 1190.187563][ T6638] netlink: 32 bytes leftover after parsing attributes in process `syz.0.14789'. [ 1190.208698][ T6638] netlink: 32 bytes leftover after parsing attributes in process `syz.0.14789'. [ 1190.550397][ T6656] CIFS mount error: No usable UNC path provided in device string! [ 1190.550397][ T6656] [ 1190.585474][ T6656] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 1190.603838][ T6660] netlink: 8 bytes leftover after parsing attributes in process `syz.3.14801'. [ 1190.823784][ T6668] netlink: 92 bytes leftover after parsing attributes in process `syz.3.14807'. [ 1190.851409][ T6668] netlink: 'syz.3.14807': attribute type 1 has an invalid length. [ 1191.359721][ T6698] loop6: detected capacity change from 0 to 256 [ 1191.403863][ T6698] exfat: Deprecated parameter 'utf8' [ 1191.475010][ T6698] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 1191.837345][ T8424] usb 6-1: new full-speed USB device number 21 using dummy_hcd [ 1192.028227][ T8424] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1192.054926][ T6724] xt_limit: Overflow, try lower: 65536/2147483648 [ 1192.064174][ T8424] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1192.103340][ T8424] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1192.138396][ T8424] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40 [ 1192.149719][ T8424] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 1192.165451][ T8424] usb 6-1: SerialNumber: syz [ 1192.210996][ T8424] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -22 [ 1192.234434][ T8424] usb-storage 6-1:1.0: USB Mass Storage device detected [ 1192.282842][ T8424] usb-storage 6-1:1.0: Quirks match for vid 0525 pid a4a5: 10000 [ 1192.423093][ T8424] usb 6-1: USB disconnect, device number 21 [ 1192.677307][ T6752] netlink: 'syz.4.14846': attribute type 32 has an invalid length. [ 1192.685608][ T6752] bond0: option coupled_control: mode dependency failed, not supported in mode balance-rr(0) [ 1192.945587][ T6764] kAFS: unable to lookup cell '' [ 1193.257654][ T6782] loop4: detected capacity change from 0 to 64 [ 1193.435783][ T6782] Trying to free block not in datazone [ 1193.443850][ T6792] IPVS: length: 73 != 8 [ 1193.555002][ T6789] netlink: set zone limit has 4 unknown bytes [ 1193.821655][ T6804] netlink: 'syz.6.14872': attribute type 3 has an invalid length. [ 1193.834522][ T6804] netlink: 28 bytes leftover after parsing attributes in process `syz.6.14872'. [ 1193.849599][ T6804] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1194.084793][ T6819] netlink: 16 bytes leftover after parsing attributes in process `syz.0.14879'. [ 1194.297094][ T6829] netlink: 44 bytes leftover after parsing attributes in process `syz.0.14885'. [ 1194.448331][ T6836] netlink: 'syz.3.14888': attribute type 1 has an invalid length. [ 1194.844211][ T6850] netlink: 'syz.5.14897': attribute type 30 has an invalid length. [ 1194.989017][ T6861] xt_NFQUEUE: number of queues (65535) out of range (got 65541) [ 1195.012490][ T6850] bond0: option arp_missed_max: invalid value (0) [ 1195.031602][ T6863] netlink: 'syz.3.14901': attribute type 1 has an invalid length. [ 1195.033878][ T6850] bond0: option arp_missed_max: allowed values 1 - 255 [ 1195.090763][ T6850] bond0 (unregistering): Released all slaves [ 1195.200368][ T6869] trusted_key: encrypted key: instantiation of keys using provided decrypted data is disabled since CONFIG_USER_DECRYPTED_DATA is set to false [ 1195.463777][ T6878] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14908'. [ 1195.551485][ T6881] loop4: detected capacity change from 0 to 512 [ 1195.576027][ T6881] EXT4-fs: Ignoring removed bh option [ 1195.656029][ T6881] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 1195.701290][ T6881] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 1195.722179][ T6881] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 1195.733486][ T6881] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 1195.764124][ T6881] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1195.875924][ T6900] loop5: detected capacity change from 0 to 256 [ 1195.928483][ T6900] FAT-fs (loop5): Directory bread(block 64) failed [ 1195.944005][ T6900] FAT-fs (loop5): Directory bread(block 65) failed [ 1195.950691][ T6900] FAT-fs (loop5): Directory bread(block 66) failed [ 1195.968491][ T5853] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1195.984955][ T6900] FAT-fs (loop5): Directory bread(block 67) failed [ 1195.994506][ T6900] FAT-fs (loop5): Directory bread(block 68) failed [ 1196.003782][ T6900] FAT-fs (loop5): Directory bread(block 69) failed [ 1196.050010][ T6900] FAT-fs (loop5): Directory bread(block 70) failed [ 1196.071509][ T6900] FAT-fs (loop5): Directory bread(block 71) failed [ 1196.078201][ T6900] FAT-fs (loop5): Directory bread(block 72) failed [ 1196.107024][ T6900] FAT-fs (loop5): Directory bread(block 73) failed [ 1196.424846][ T30] audit: type=1326 audit(2000000218.097:2845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6920 comm="syz.3.14930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe2a98f749 code=0x7ffc0000 [ 1196.499785][ T30] audit: type=1326 audit(2000000218.106:2846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6920 comm="syz.3.14930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7efe2a98f749 code=0x7ffc0000 [ 1196.627093][ T30] audit: type=1326 audit(2000000218.106:2847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6920 comm="syz.3.14930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe2a98f749 code=0x7ffc0000 [ 1196.699255][ T30] audit: type=1326 audit(2000000218.106:2848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6920 comm="syz.3.14930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe2a98f749 code=0x7ffc0000 [ 1197.661149][ T6978] loop5: detected capacity change from 0 to 164 [ 1197.765099][ T6978] Unsupported NM flag settings (240) [ 1197.904626][ T6987] netlink: 16 bytes leftover after parsing attributes in process `syz.4.14961'. [ 1198.302918][ T7004] netlink: 8 bytes leftover after parsing attributes in process `syz.5.14969'. [ 1198.625439][ T7014] netlink: 12 bytes leftover after parsing attributes in process `syz.4.14975'. [ 1198.676357][ T7014] netlink: 16 bytes leftover after parsing attributes in process `syz.4.14975'. [ 1198.875300][ T7030] loop6: detected capacity change from 0 to 8 [ 1198.902548][ T7030] MTD: Attempt to mount non-MTD device "/dev/loop6" [ 1198.931699][T11807] udevd[11807]: incorrect cramfs checksum on /dev/loop6 [ 1198.983767][T11807] udevd[11807]: incorrect cramfs checksum on /dev/loop6 [ 1198.995549][ T7032] loop5: detected capacity change from 0 to 64 [ 1199.920148][ T7076] netlink: 8 bytes leftover after parsing attributes in process `syz.5.15006'. [ 1200.034360][ T7084] usb usb1: check_ctrlrecip: process 7084 (syz.0.15010) requesting ep 01 but needs 81 [ 1200.074850][ T7084] usb usb1: usbfs: process 7084 (syz.0.15010) did not claim interface 0 before use [ 1200.480225][ T7104] 9pnet_fd: p9_fd_create_unix (7104): problem connecting socket: ./file0: -111 [ 1201.397380][ T7150] bond1: option broadcast_neighbor: mode dependency failed, not supported in mode balance-rr(0) [ 1201.463188][ T7150] bond1 (unregistering): Released all slaves [ 1201.603556][ T7162] netlink: 'syz.5.15048': attribute type 10 has an invalid length. [ 1201.844423][ T7171] netlink: 'syz.5.15051': attribute type 39 has an invalid length. [ 1202.175228][ T7182] loop4: detected capacity change from 0 to 128 [ 1202.291932][ T7182] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1202.362458][ T30] audit: type=1326 audit(2000000223.670:2849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7190 comm="syz.6.15061" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fde4c18f749 code=0x0 [ 1202.393388][ T7182] ext4 filesystem being mounted at /3038/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1202.498604][ T7182] EXT4-fs warning (device loop4): verify_group_input:137: Cannot add at group 37441 (only 1 groups) [ 1202.652915][ T5853] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1202.724858][ T7204] tmpfs: Bad value for 'mpol' [ 1202.870138][ T7209] loop5: detected capacity change from 0 to 16 [ 1202.930776][ T7209] erofs (device loop5): mounted with root inode @ nid 36. [ 1203.719448][ T7241] netlink: 'syz.0.15086': attribute type 1 has an invalid length. [ 1203.842117][ T7211] loop6: detected capacity change from 0 to 32768 [ 1203.935017][ T7211] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1204.029740][ T7211] XFS (loop6): Ending clean mount [ 1204.072538][ T7211] XFS (loop6): Quotacheck needed: Please wait. [ 1204.215799][ T7211] XFS (loop6): Quotacheck: Done. [ 1204.286937][ T3280] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1204.380946][ T7272] bond9: option primary_reselect: invalid value (13) [ 1204.429170][ T7272] bond9 (unregistering): Released all slaves [ 1204.560690][ T7280] netlink: 892 bytes leftover after parsing attributes in process `syz.3.15099'. [ 1204.913727][ T7294] netlink: 76 bytes leftover after parsing attributes in process `syz.4.15106'. [ 1205.348644][ T7310] loop4: detected capacity change from 0 to 256 [ 1205.435368][ T7310] FAT-fs (loop4): Directory bread(block 64) failed [ 1205.476850][ T7310] FAT-fs (loop4): Directory bread(block 65) failed [ 1205.514685][ T7310] FAT-fs (loop4): Directory bread(block 66) failed [ 1205.521381][ T7310] FAT-fs (loop4): Directory bread(block 67) failed [ 1205.531201][ T7312] loop5: detected capacity change from 0 to 4096 [ 1205.550956][ T7310] FAT-fs (loop4): Directory bread(block 68) failed [ 1205.560598][ T7312] ntfs3(loop5): Different NTFS sector size (1024) and media sector size (512). [ 1205.598943][ T7310] FAT-fs (loop4): Directory bread(block 69) failed [ 1205.605717][ T7310] FAT-fs (loop4): Directory bread(block 70) failed [ 1205.673620][ T7310] FAT-fs (loop4): Directory bread(block 71) failed [ 1205.691329][ T7310] FAT-fs (loop4): Directory bread(block 72) failed [ 1205.697898][ T7312] ntfs3(loop5): ino=1d, mi_enum_attr [ 1205.716064][ T7310] FAT-fs (loop4): Directory bread(block 73) failed [ 1205.720231][ T7320] binder: Bad value for 'stats' [ 1205.739080][ T7312] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 1205.773853][ T7312] ntfs3(loop5): ino=1d, mi_enum_attr [ 1205.857007][T17493] ntfs3(loop5): ino=1d, mi_enum_attr [ 1206.214021][ T7308] loop6: detected capacity change from 0 to 32768 [ 1206.245016][ T7308] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.15113 (7308) [ 1206.301539][ T7308] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1206.315310][ T9399] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 1206.347464][ T7308] BTRFS info (device loop6): using sha256 (sha256-lib) checksum algorithm [ 1206.512002][ T9399] usb 6-1: config 0 has an invalid interface number: 120 but max is 0 [ 1206.555347][ T9399] usb 6-1: config 0 has no interface number 0 [ 1206.596831][ T9399] usb 6-1: config 0 interface 120 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 1206.653103][ T9399] usb 6-1: config 0 interface 120 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 1206.679848][ T9399] usb 6-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58 [ 1206.694433][ T9399] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1206.706757][ T7308] BTRFS info (device loop6): enabling ssd optimizations [ 1206.712157][ T9399] usb 6-1: config 0 descriptor?? [ 1206.734181][ T9399] input: USB Touchscreen 16e3:f9e9 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.120/input/input99 [ 1206.738106][ T7308] BTRFS info (device loop6): turning on async discard [ 1206.796772][ T7308] BTRFS info (device loop6): enabling free space tree [ 1206.846683][ T7365] loop4: detected capacity change from 0 to 64 [ 1206.970392][ T7368] netlink: 48 bytes leftover after parsing attributes in process `syz.3.15135'. [ 1207.017978][ T7368] netlink: 12 bytes leftover after parsing attributes in process `syz.3.15135'. [ 1207.044430][ T3280] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1207.069998][ T7368] netlink: 16 bytes leftover after parsing attributes in process `syz.3.15135'. [ 1207.133384][ T43] usb 6-1: USB disconnect, device number 22 [ 1208.052471][ T7404] wg1: entered promiscuous mode [ 1208.068408][ T7404] wg1: entered allmulticast mode [ 1208.780837][ T7436] netlink: 8 bytes leftover after parsing attributes in process `syz.6.15169'. [ 1208.790880][ T7436] netlink: 32 bytes leftover after parsing attributes in process `syz.6.15169'. [ 1208.844623][ T7436] netlink: 8 bytes leftover after parsing attributes in process `syz.6.15169'. [ 1208.871089][ T7436] netlink: 2 bytes leftover after parsing attributes in process `syz.6.15169'. [ 1208.889604][ T7436] netlink: 32 bytes leftover after parsing attributes in process `syz.6.15169'. [ 1209.086864][ T7447] nbd: must specify a device to reconfigure [ 1210.058262][ T7495] __nla_validate_parse: 3 callbacks suppressed [ 1210.058287][ T7495] netlink: 12 bytes leftover after parsing attributes in process `syz.6.15197'. [ 1210.077391][ T7495] netlink: 20 bytes leftover after parsing attributes in process `syz.6.15197'. [ 1210.347007][ T7506] bond9: option ad_user_port_key: mode dependency failed, not supported in mode broadcast(3) [ 1210.362281][ T7506] bond9 (unregistering): Released all slaves [ 1210.432366][ T8424] usb 6-1: new high-speed USB device number 23 using dummy_hcd [ 1210.454590][ T7514] netlink: 'syz.0.15206': attribute type 1 has an invalid length. [ 1210.488742][ T7514] netlink: 'syz.0.15206': attribute type 1 has an invalid length. [ 1210.619746][ T8424] usb 6-1: New USB device found, idVendor=0c45, idProduct=608f, bcdDevice=b5.55 [ 1210.646031][ T8424] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1210.667412][ T8424] usb 6-1: Product: syz [ 1210.675842][ T8424] usb 6-1: Manufacturer: syz [ 1210.699599][ T8424] usb 6-1: SerialNumber: syz [ 1210.714939][ T8424] usb 6-1: config 0 descriptor?? [ 1210.738601][ T8424] gspca_main: sonixb-2.14.0 probing 0c45:608f [ 1211.161589][ T8424] usb 6-1: USB disconnect, device number 23 [ 1211.350717][ T7560] netlink: 'syz.4.15230': attribute type 21 has an invalid length. [ 1211.369962][ T7560] netlink: 'syz.4.15230': attribute type 1 has an invalid length. [ 1211.396963][ T7560] netlink: 132 bytes leftover after parsing attributes in process `syz.4.15230'. [ 1211.538088][ T7569] netlink: 'syz.4.15234': attribute type 10 has an invalid length. [ 1212.335992][ T7606] netlink: 28 bytes leftover after parsing attributes in process `syz.4.15253'. [ 1212.346297][T30321] usb 4-1: new full-speed USB device number 37 using dummy_hcd [ 1212.366867][ T7606] netlink: 28 bytes leftover after parsing attributes in process `syz.4.15253'. [ 1212.521182][T30321] usb 4-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43 [ 1212.536311][T30321] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1212.574212][T30321] usb 4-1: config 0 descriptor?? [ 1212.594131][T30321] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 1212.772511][ T7596] loop5: detected capacity change from 0 to 32768 [ 1212.773281][ T7623] loop4: detected capacity change from 0 to 8 [ 1212.801323][ T7596] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.15247 (7596) [ 1212.882739][ T7596] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1212.924343][ T7596] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm [ 1213.052192][ T3798] usb 7-1: new full-speed USB device number 3 using dummy_hcd [ 1213.083031][T30321] gp8psk: usb in 128 operation failed. [ 1213.093718][T30321] gp8psk: usb in 137 operation failed. [ 1213.115219][ T7596] BTRFS info (device loop5): enabling ssd optimizations [ 1213.135798][T30321] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 1213.136448][ T7596] BTRFS info (device loop5): turning on async discard [ 1213.154751][ T7596] BTRFS info (device loop5): enabling free space tree [ 1213.178869][T30321] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 1213.222549][T30321] usb 4-1: USB disconnect, device number 37 [ 1213.246638][ T3798] usb 7-1: config 0 has an invalid interface number: 29 but max is 0 [ 1213.265449][ T3798] usb 7-1: config 0 has no interface number 0 [ 1213.288267][ T3798] usb 7-1: config 0 interface 29 has no altsetting 0 [ 1213.298491][T17493] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1213.320817][ T3798] usb 7-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac [ 1213.341678][ T3798] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1213.357418][ T3798] usb 7-1: Product: syz [ 1213.366112][ T3798] usb 7-1: Manufacturer: syz [ 1213.373526][ T3798] usb 7-1: SerialNumber: syz [ 1213.392137][ T3798] usb 7-1: config 0 descriptor?? [ 1213.651462][ T3798] peak_usb 7-1:0.29: PEAK-System PCAN-USB X6 v154 fw v36.88.168 (2 channels) [ 1213.877383][ T3798] peak_usb 7-1:0.29 can0: unable to request usb[type=2 value=5] err=-71 [ 1213.912955][ T3798] peak_usb 7-1:0.29: unable to tell PCAN-USB X6 driver is loaded (err -71) [ 1214.022567][ T7664] netlink: 8 bytes leftover after parsing attributes in process `syz.3.15274'. [ 1214.050514][ T3798] peak_usb 7-1:0.29: probe with driver peak_usb failed with error -71 [ 1214.053754][ T7630] loop4: detected capacity change from 0 to 32768 [ 1214.092571][ T7664] batman_adv: batadv0: Removing interface: virt_wifi0 [ 1214.102863][ T3798] usb 7-1: USB disconnect, device number 3 [ 1214.191293][ T7630] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1214.382412][ T7630] XFS (loop4): Ending clean mount [ 1214.596346][ T5853] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1214.653853][ T7689] netlink: 'syz.5.15282': attribute type 1 has an invalid length. [ 1214.665573][ T7689] netlink: 'syz.5.15282': attribute type 2 has an invalid length. [ 1214.955271][ T7693] 9p: Could not find request transport: f [ 1216.014733][ T7747] Scaler: ================= START STATUS ================= [ 1216.024629][ T7742] loop6: detected capacity change from 0 to 8192 [ 1216.074838][ T7742] FAT-fs (loop6): error, clusters badly computed (1 != 0) [ 1216.075015][ T7747] Scaler: ================== END STATUS ================== [ 1216.376012][ T7726] loop4: detected capacity change from 0 to 32768 [ 1216.388723][ T7759] IPv6: NLM_F_REPLACE set, but no existing node found! [ 1216.451202][ T7726] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.15300 (7726) [ 1216.509092][ T7726] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1216.558678][ T7726] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm [ 1216.589666][ T7765] netlink: 'syz.6.15319': attribute type 5 has an invalid length. [ 1216.602927][ T7726] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 1216.852855][ T7726] BTRFS info (device loop4): rebuilding free space tree [ 1216.918898][ T7726] BTRFS info (device loop4): disabling free space tree [ 1216.925943][T30321] usb 4-1: new high-speed USB device number 38 using dummy_hcd [ 1216.956205][ T7726] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 1217.002647][ T7726] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 1217.033549][ T7796] netlink: 12 bytes leftover after parsing attributes in process `syz.5.15327'. [ 1217.065214][ T7726] BTRFS info (device loop4): enabling ssd optimizations [ 1217.078471][ T7726] BTRFS info (device loop4): enabling disk space caching [ 1217.097239][ T7726] BTRFS info (device loop4): force clearing of disk cache [ 1217.126494][T30321] usb 4-1: Using ep0 maxpacket: 16 [ 1217.127437][ T7726] BTRFS info (device loop4): enabling auto defrag [ 1217.152200][T30321] usb 4-1: config 0 has an invalid interface number: 180 but max is 0 [ 1217.169061][ T7726] BTRFS info (device loop4): max_inline set to 0 [ 1217.183539][T30321] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1217.215737][T30321] usb 4-1: config 0 has no interface number 0 [ 1217.235628][T30321] usb 4-1: New USB device found, idVendor=0421, idProduct=0114, bcdDevice=11.72 [ 1217.266505][T30321] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1217.291247][T30321] usb 4-1: Product: syz [ 1217.295488][T30321] usb 4-1: Manufacturer: syz [ 1217.323327][T30321] usb 4-1: SerialNumber: syz [ 1217.345202][T30321] usb 4-1: config 0 descriptor?? [ 1217.368529][T30321] usb 4-1: bad CDC descriptors [ 1217.388746][ T5853] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1217.633686][ T8424] usb 4-1: USB disconnect, device number 38 [ 1217.798625][ T7821] loop6: detected capacity change from 0 to 256 [ 1217.868358][ T7821] FAT-fs (loop6): Directory bread(block 64) failed [ 1217.918134][ T7821] FAT-fs (loop6): Directory bread(block 65) failed [ 1217.958259][ T7821] FAT-fs (loop6): Directory bread(block 66) failed [ 1217.978883][ T7821] FAT-fs (loop6): Directory bread(block 67) failed [ 1218.010200][ T7821] FAT-fs (loop6): Directory bread(block 68) failed [ 1218.030158][ T7821] FAT-fs (loop6): Directory bread(block 69) failed [ 1218.039859][ T7827] netlink: 32 bytes leftover after parsing attributes in process `syz.5.15342'. [ 1218.060607][ T7821] FAT-fs (loop6): Directory bread(block 70) failed [ 1218.071350][ T7827] netlink: 32 bytes leftover after parsing attributes in process `syz.5.15342'. [ 1218.081091][ T7821] FAT-fs (loop6): Directory bread(block 71) failed [ 1218.092047][ T7821] FAT-fs (loop6): Directory bread(block 72) failed [ 1218.098643][ T7821] FAT-fs (loop6): Directory bread(block 73) failed [ 1218.307059][ T7832] netlink: 'syz.5.15344': attribute type 64 has an invalid length. [ 1218.498318][ T7838] loop4: detected capacity change from 0 to 512 [ 1218.561724][ T7838] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e01c, mo2=0002] [ 1218.570041][ T7838] System zones: 1-12 [ 1218.596336][ T7838] EXT4-fs error (device loop4): dx_probe:791: inode #2: comm syz.4.15347: Directory hole found for htree index block 0 [ 1218.620247][ T7838] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -117 [ 1218.634144][ T7838] EXT4-fs error (device loop4): dx_probe:791: inode #2: comm syz.4.15347: Directory hole found for htree index block 0 [ 1218.679033][ T7838] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117 [ 1218.693245][ T7838] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1218.700223][ T3798] usb 1-1: new high-speed USB device number 58 using dummy_hcd [ 1218.790963][ T7838] EXT4-fs error (device loop4): dx_probe:791: inode #2: comm syz.4.15347: Directory hole found for htree index block 0 [ 1218.838327][ T7851] i2c i2c-0: Invalid block write size 150 [ 1218.884675][ T5853] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1218.944180][ T3798] usb 1-1: Using ep0 maxpacket: 32 [ 1218.951740][ T3798] usb 1-1: config 0 has an invalid interface number: 54 but max is 0 [ 1218.997030][ T3798] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1219.050834][ T3798] usb 1-1: config 0 has no interface number 0 [ 1219.065004][ T3798] usb 1-1: too many endpoints for config 0 interface 54 altsetting 205: 134, using maximum allowed: 30 [ 1219.091950][ T3798] usb 1-1: config 0 interface 54 altsetting 205 has 0 endpoint descriptors, different from the interface descriptor's value: 134 [ 1219.120267][ T7861] loop4: detected capacity change from 0 to 1764 [ 1219.145344][ T3798] usb 1-1: config 0 interface 54 has no altsetting 0 [ 1219.181700][ T3798] usb 1-1: New USB device found, idVendor=05e1, idProduct=0408, bcdDevice=25.11 [ 1219.208903][ T7861] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 1219.220957][ T3798] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1219.241049][ T3798] usb 1-1: Product: syz [ 1219.265171][ T3798] usb 1-1: Manufacturer: syz [ 1219.269840][ T3798] usb 1-1: SerialNumber: syz [ 1219.304125][ T7865] loop6: detected capacity change from 0 to 2048 [ 1219.311968][ T3798] usb 1-1: config 0 descriptor?? [ 1219.337548][ T3798] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 1219.347054][ T3798] usb 1-1: MIDIStreaming interface descriptor not found [ 1219.393284][ T7865] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1219.458798][ T7871] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 1219.466153][ T7871] IPv6: NLM_F_CREATE should be set when creating new route [ 1219.473497][ T7871] IPv6: NLM_F_CREATE should be set when creating new route [ 1219.638859][T30321] usb 1-1: USB disconnect, device number 58 [ 1220.040701][ T7890] netlink: 216 bytes leftover after parsing attributes in process `syz.6.15371'. [ 1220.201567][ T7898] loop6: detected capacity change from 0 to 256 [ 1220.325338][ T7898] FAT-fs (loop6): Directory bread(block 64) failed [ 1220.344447][ T7898] FAT-fs (loop6): Directory bread(block 65) failed [ 1220.374480][ T7905] loop5: detected capacity change from 0 to 512 [ 1220.386875][ T7898] FAT-fs (loop6): Directory bread(block 66) failed [ 1220.409274][ T7898] FAT-fs (loop6): Directory bread(block 67) failed [ 1220.435108][ T7898] FAT-fs (loop6): Directory bread(block 68) failed [ 1220.453650][ T7905] EXT4-fs error (device loop5): ext4_orphan_get:1391: inode #15: comm syz.5.15378: inode has both inline data and extents flags [ 1220.501552][ T7898] FAT-fs (loop6): Directory bread(block 69) failed [ 1220.510923][ T7898] FAT-fs (loop6): Directory bread(block 70) failed [ 1220.518559][ T7898] FAT-fs (loop6): Directory bread(block 71) failed [ 1220.525229][ T7898] FAT-fs (loop6): Directory bread(block 72) failed [ 1220.533782][ T7898] FAT-fs (loop6): Directory bread(block 73) failed [ 1220.558233][ T7905] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.15378: couldn't read orphan inode 15 (err -117) [ 1220.637192][ T7905] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1220.708295][ T7914] dvmrp0: entered allmulticast mode [ 1220.726202][ T7917] netlink: 'syz.3.15384': attribute type 2 has an invalid length. [ 1220.743655][ T7917] netlink: 132 bytes leftover after parsing attributes in process `syz.3.15384'. [ 1220.821825][T17493] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1220.837296][ T7919] netlink: 'syz.6.15385': attribute type 1 has an invalid length. [ 1220.889288][ T7921] loop4: detected capacity change from 0 to 22 [ 1220.915409][ T7921] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 1220.943229][ T7921] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 1220.986710][ T7923] netlink: 'syz.3.15388': attribute type 1 has an invalid length. [ 1221.475992][ T30] audit: type=1326 audit(2000000241.541:2850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7946 comm="syz.0.15397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f364478f749 code=0x7ffc0000 [ 1221.540790][ T30] audit: type=1326 audit(2000000241.569:2851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7946 comm="syz.0.15397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7f364478f749 code=0x7ffc0000 [ 1221.635675][ T30] audit: type=1326 audit(2000000241.569:2852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7946 comm="syz.0.15397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f364478f749 code=0x7ffc0000 [ 1221.731257][ T30] audit: type=1326 audit(2000000241.569:2853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7946 comm="syz.0.15397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f364478f749 code=0x7ffc0000 [ 1221.817989][ T7959] netlink: 'syz.0.15405': attribute type 21 has an invalid length. [ 1221.851239][ T7959] netlink: 'syz.0.15405': attribute type 20 has an invalid length. [ 1221.949337][ T8424] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 1222.127436][ T8424] usb 7-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 1222.162957][ T8424] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1222.174929][ T8424] usb 7-1: Product: syz [ 1222.179236][ T8424] usb 7-1: Manufacturer: syz [ 1222.183872][ T8424] usb 7-1: SerialNumber: syz [ 1222.245035][ T8424] r8152-cfgselector 7-1: Unknown version 0x0000 [ 1222.282649][ T8424] r8152-cfgselector 7-1: config 0 descriptor?? [ 1222.761106][T30321] r8152-cfgselector 7-1: USB disconnect, device number 4 [ 1223.068758][ T7990] bond0: option arp_interval: mode dependency failed, not supported in mode 802.3ad(4) [ 1223.371372][ T3798] usb 1-1: new high-speed USB device number 59 using dummy_hcd [ 1223.553542][ T3798] usb 1-1: Using ep0 maxpacket: 8 [ 1223.577216][ T3798] usb 1-1: config 0 has an invalid interface number: 151 but max is 1 [ 1223.596943][ T3798] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1223.631590][ T3798] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 1223.652797][ T3798] usb 1-1: config 0 has no interface number 0 [ 1223.696914][ T3798] usb 1-1: config 0 interface 151 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 1223.729516][ T3798] usb 1-1: config 0 interface 151 altsetting 0 has an endpoint descriptor with address 0xA3, changing to 0x83 [ 1223.747370][ T3798] usb 1-1: config 0 interface 151 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 210 [ 1223.767115][ T3798] usb 1-1: config 0 interface 151 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 1223.801630][ T3798] usb 1-1: New USB device found, idVendor=0499, idProduct=500a, bcdDevice=e7.b7 [ 1223.814524][ T3798] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1223.829497][ T3798] usb 1-1: Product: syz [ 1223.851088][ T3798] usb 1-1: Manufacturer: syz [ 1223.868855][ T3798] usb 1-1: SerialNumber: syz [ 1223.879766][ T8028] netlink: 'syz.5.15438': attribute type 1 has an invalid length. [ 1223.885317][ T8029] binder: 8027:8029 ioctl c018620c 200000000000 returned -22 [ 1223.898802][ T3798] usb 1-1: config 0 descriptor?? [ 1223.917326][ T7995] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 1223.951612][ T3798] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 1224.053297][ T8035] netlink: 'syz.5.15444': attribute type 10 has an invalid length. [ 1224.127150][ T8038] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1224.187115][T30321] usb 1-1: USB disconnect, device number 59 [ 1224.648838][ T3798] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 1224.826091][ T8067] netlink: 8 bytes leftover after parsing attributes in process `syz.0.15459'. [ 1224.846987][ T3798] usb 7-1: Using ep0 maxpacket: 8 [ 1224.854801][ T3798] usb 7-1: unable to get BOS descriptor or descriptor too short [ 1224.870095][ T3798] usb 7-1: config 0 has an invalid interface number: 88 but max is 0 [ 1224.889424][ T3798] usb 7-1: config 0 has no interface number 0 [ 1224.921877][ T3798] usb 7-1: config 0 interface 88 altsetting 8 endpoint 0x86 has an invalid bInterval 0, changing to 7 [ 1224.953916][ T3798] usb 7-1: config 0 interface 88 altsetting 8 endpoint 0x86 has invalid wMaxPacketSize 0 [ 1224.982662][ T3798] usb 7-1: config 0 interface 88 has no altsetting 0 [ 1225.008300][ T3798] usb 7-1: language id specifier not provided by device, defaulting to English [ 1225.044627][ T3798] usb 7-1: New USB device found, idVendor=0460, idProduct=0004, bcdDevice=96.31 [ 1225.061088][ T3798] usb 7-1: New USB device strings: Mfr=1, Product=84, SerialNumber=3 [ 1225.080336][ T3798] usb 7-1: Product: syz [ 1225.087027][ T3798] usb 7-1: SerialNumber: syz [ 1225.100588][ T3798] usb 7-1: config 0 descriptor?? [ 1225.121100][ T8073] loop4: detected capacity change from 0 to 1024 [ 1225.174506][ T8073] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 1225.186648][ T8077] netlink: 176 bytes leftover after parsing attributes in process `syz.0.15463'. [ 1225.197325][ T8077] netlink: 28 bytes leftover after parsing attributes in process `syz.0.15463'. [ 1225.221779][ T8077] netlink: 28 bytes leftover after parsing attributes in process `syz.0.15463'. [ 1225.251433][ T8077] netlink: 'syz.0.15463': attribute type 6 has an invalid length. [ 1225.352624][ T8044] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1225.378112][ T3798] input: syz as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.88/input/input100 [ 1225.464268][ T3798] usb 7-1: USB disconnect, device number 5 [ 1226.061252][ T8104] ./file0: Can't lookup blockdev [ 1226.354328][ T8117] vlan0: entered promiscuous mode [ 1226.547657][ T30] audit: type=1326 audit(2000000246.282:2854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8127 comm="syz.0.15488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f364478f749 code=0x7ffc0000 [ 1226.613244][ T30] audit: type=1326 audit(2000000246.320:2855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8127 comm="syz.0.15488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7f364478f749 code=0x7ffc0000 [ 1226.639151][ T30] audit: type=1326 audit(2000000246.320:2856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8127 comm="syz.0.15488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f364478f749 code=0x7ffc0000 [ 1226.662046][ T30] audit: type=1326 audit(2000000246.320:2857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8127 comm="syz.0.15488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f364478f749 code=0x7ffc0000 [ 1226.671099][ T8124] bond0: option lp_interval: invalid value (18446744073709551613) [ 1226.696929][ T8124] bond0: option lp_interval: allowed values 1 - 2147483647 [ 1226.717707][ T8124] bond0 (unregistering): Released all slaves [ 1226.911516][ T9399] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 1227.021547][ T8144] program syz.0.15496 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1227.039940][ T8146] netlink: 'syz.4.15497': attribute type 21 has an invalid length. [ 1227.047998][ T8146] netlink: 128 bytes leftover after parsing attributes in process `syz.4.15497'. [ 1227.070598][ T8146] netlink: 'syz.4.15497': attribute type 4 has an invalid length. [ 1227.082435][ T8146] netlink: 3 bytes leftover after parsing attributes in process `syz.4.15497'. [ 1227.097037][ T9399] usb 7-1: config 0 has an invalid interface number: 120 but max is 0 [ 1227.106087][ T9399] usb 7-1: config 0 has no interface number 0 [ 1227.112247][ T9399] usb 7-1: config 0 interface 120 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 1227.146313][ T9399] usb 7-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58 [ 1227.158628][ T9399] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1227.183444][ T9399] usb 7-1: config 0 descriptor?? [ 1227.202868][ T9399] input: USB Touchscreen 16e3:f9e9 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.120/input/input102 [ 1227.325467][ T8158] netlink: 4768 bytes leftover after parsing attributes in process `syz.4.15502'. [ 1227.479837][ T9399] usb 7-1: USB disconnect, device number 6 [ 1227.845269][ T8180] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 1227.863262][ T8178] fuse: Bad value for 'fd' [ 1227.967834][ T8184] syz.4.15518 (8184): /proc/8183/oom_adj is deprecated, please use /proc/8183/oom_score_adj instead. [ 1228.025220][ T8189] RDS: rds_bind could not find a transport for fe88::104, load rds_tcp or rds_rdma? [ 1228.210290][ T8195] net veth1_virt_wifi ÿÿÿÿÿÿ: renamed from virt_wifi0 [ 1228.657255][ T8218] overlayfs: missing 'lowerdir' [ 1229.291980][ T8247] netlink: 'syz.5.15546': attribute type 1 has an invalid length. [ 1230.174251][ T8283] loop5: detected capacity change from 0 to 512 [ 1230.256692][ T8289] netlink: 'syz.4.15565': attribute type 92 has an invalid length. [ 1230.278641][ T8283] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 1230.341950][ T8283] ext4 filesystem being mounted at /2059/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1230.368934][ T8283] Quota error (device loop5): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8 [ 1230.380866][ T8283] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota [ 1230.394449][ T8283] EXT4-fs error (device loop5): ext4_acquire_dquot:6948: comm syz.5.15563: Failed to acquire dquot type 0 [ 1230.548174][T17493] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 1230.571839][ T30] audit: type=1326 audit(2000000250.051:2858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8299 comm="syz.4.15571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1230.701783][ T30] audit: type=1326 audit(2000000250.107:2859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8299 comm="syz.4.15571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=217 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1230.781869][ T30] audit: type=1326 audit(2000000250.107:2860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8299 comm="syz.4.15571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1230.892362][ T30] audit: type=1326 audit(2000000250.107:2861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8299 comm="syz.4.15571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1231.029183][ T8321] netlink: 'syz.6.15579': attribute type 1 has an invalid length. [ 1231.336555][ T8335] netlink: 'syz.6.15588': attribute type 1 has an invalid length. [ 1231.439893][ T8341] loop4: detected capacity change from 0 to 2048 [ 1231.506801][ T8341] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1231.723398][ T8351] siw: device registration error -23 [ 1232.162719][ T9399] usb 4-1: new high-speed USB device number 39 using dummy_hcd [ 1232.343655][ T9399] usb 4-1: Using ep0 maxpacket: 32 [ 1232.361759][ T9399] usb 4-1: config 0 has an invalid interface number: 85 but max is 0 [ 1232.388430][ T9399] usb 4-1: config 0 has no interface number 0 [ 1232.437106][ T9399] usb 4-1: config 0 interface 85 altsetting 7 endpoint 0x8 has invalid maxpacket 512, setting to 64 [ 1232.456612][ T9399] usb 4-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1232.494120][ T9399] usb 4-1: config 0 interface 85 altsetting 7 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1232.513364][ T9399] usb 4-1: config 0 interface 85 has no altsetting 0 [ 1232.553336][ T9399] usb 4-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 1232.573956][ T9399] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1232.589292][ T9399] usb 4-1: Product: syz [ 1232.597387][ T9399] usb 4-1: Manufacturer: syz [ 1232.633007][ T9399] usb 4-1: SerialNumber: syz [ 1232.657252][ T8393] bond10: entered allmulticast mode [ 1232.671337][ T9399] usb 4-1: config 0 descriptor?? [ 1232.694165][ T8393] 8021q: adding VLAN 0 to HW filter on device bond10 [ 1233.190557][ T9399] appletouch 4-1:0.85: Failed to request geyser raw mode [ 1233.240827][ T9399] appletouch 4-1:0.85: probe with driver appletouch failed with error -5 [ 1233.295246][T30321] usb 1-1: new high-speed USB device number 60 using dummy_hcd [ 1233.327293][ T9399] usb 4-1: USB disconnect, device number 39 [ 1233.505955][T30321] usb 1-1: config 220 has an invalid interface number: 76 but max is 2 [ 1233.527203][T30321] usb 1-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 1233.572759][T30321] usb 1-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 1233.583143][T30321] usb 1-1: config 220 has no interface number 2 [ 1233.603494][T30321] usb 1-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 1233.637541][T30321] usb 1-1: config 220 interface 0 has no altsetting 0 [ 1233.644414][T30321] usb 1-1: config 220 interface 76 has no altsetting 0 [ 1233.687353][T30321] usb 1-1: config 220 interface 1 has no altsetting 0 [ 1233.703598][T30321] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 1233.724207][T30321] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1233.733670][T30321] usb 1-1: Product: syz [ 1233.737887][T30321] usb 1-1: Manufacturer: syz [ 1233.764805][T30321] usb 1-1: SerialNumber: syz [ 1234.042741][T30321] usb 1-1: selecting invalid altsetting 0 [ 1234.083883][T30321] uvcvideo 1-1:220.0: Found UVC 7.01 device syz (8086:0b07) [ 1234.099086][T30321] uvcvideo 1-1:220.0: No valid video chain found. [ 1234.144835][T30321] usb 1-1: selecting invalid altsetting 0 [ 1234.160878][T30321] usbtest 1-1:220.1: probe with driver usbtest failed with error -22 [ 1234.178877][T30321] usb 1-1: USB disconnect, device number 60 [ 1234.308413][ T8449] loop6: detected capacity change from 0 to 64 [ 1234.482597][ T8455] tmpfs: Bad value for 'mpol' [ 1234.706384][ T8466] netlink: 'syz.5.15651': attribute type 1 has an invalid length. [ 1234.743838][ T8468] IPv6: NLM_F_CREATE should be specified when creating new route [ 1234.773485][ T8471] netlink: 'syz.0.15655': attribute type 29 has an invalid length. [ 1235.080465][T30321] usb 6-1: new high-speed USB device number 24 using dummy_hcd [ 1235.116389][ T8485] usb usb7: usbfs: process 8485 (syz.6.15662) did not claim interface 0 before use [ 1235.258283][T30321] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1235.279955][T30321] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1235.308444][T30321] usb 6-1: config 0 descriptor?? [ 1235.331506][T30321] cp210x 6-1:0.0: cp210x converter detected [ 1235.402232][ T8464] loop4: detected capacity change from 0 to 32768 [ 1235.434029][T15581] Bluetooth: hci4: command 0x0406 tx timeout [ 1235.480996][ T8464] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1235.586086][T30321] usb 6-1: cp210x converter now attached to ttyUSB0 [ 1235.648125][ T8508] loop6: detected capacity change from 0 to 64 [ 1235.675152][ T8464] XFS (loop4): Ending clean mount [ 1235.712556][ T8464] XFS (loop4): Quotacheck needed: Please wait. [ 1235.794904][ T9399] usb 6-1: USB disconnect, device number 24 [ 1235.802804][ T8464] XFS (loop4): Quotacheck: Done. [ 1235.844752][ T9399] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1235.881575][ T9399] cp210x 6-1:0.0: device disconnected [ 1235.958626][ T5853] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1236.832796][ T8551] Dead loop on virtual device ip6_vti0, fix it urgently! [ 1237.394463][ T8564] loop5: detected capacity change from 0 to 256 [ 1237.440082][ T8564] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 1237.801272][ T8580] loop6: detected capacity change from 0 to 128 [ 1237.872280][ T8580] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256 [ 1237.915786][ T8582] loop5: detected capacity change from 0 to 256 [ 1238.282124][ T8591] netlink: 'syz.5.15709': attribute type 1 has an invalid length. [ 1238.321285][ T8591] netlink: 224 bytes leftover after parsing attributes in process `syz.5.15709'. [ 1238.410466][ T30] audit: type=1326 audit(2000000257.382:2862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8596 comm="syz.4.15712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1238.458381][ T30] audit: type=1326 audit(2000000257.382:2863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8596 comm="syz.4.15712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1238.481500][ T30] audit: type=1326 audit(2000000257.382:2864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8596 comm="syz.4.15712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=225 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1238.504983][ T30] audit: type=1326 audit(2000000257.382:2865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8596 comm="syz.4.15712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1238.528733][ T30] audit: type=1326 audit(2000000257.382:2866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8596 comm="syz.4.15712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1239.001773][ T8624] netlink: 8 bytes leftover after parsing attributes in process `syz.3.15726'. [ 1239.340068][ T8642] netlink: 20 bytes leftover after parsing attributes in process `syz.5.15735'. [ 1239.555517][ T8650] xt_TCPMSS: Only works on TCP SYN packets [ 1239.976237][ T8667] netlink: 4 bytes leftover after parsing attributes in process `syz.0.15747'. [ 1240.558351][ T8665] loop6: detected capacity change from 0 to 32768 [ 1240.580553][ T8665] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.15746 (8665) [ 1240.605991][ T8665] BTRFS info (device loop6): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 1240.624874][ T8665] BTRFS info (device loop6): using sha256 (sha256-lib) checksum algorithm [ 1240.859894][ T8665] BTRFS info (device loop6): turning off barriers [ 1240.878548][ T8665] BTRFS info (device loop6): turning on flush-on-commit [ 1240.885800][ T8665] BTRFS info (device loop6): turning on sync discard [ 1240.892876][ T8665] BTRFS info (device loop6): enabling free space tree [ 1240.994413][ T3280] BTRFS info (device loop6): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 1241.205811][ T8720] RDS: rds_bind could not find a transport for fec0:ffff::1, load rds_tcp or rds_rdma? [ 1241.256169][ T8726] netlink: 1788 bytes leftover after parsing attributes in process `syz.0.15768'. [ 1241.825907][ T8749] sctp: [Deprecated]: syz.0.15779 (pid 8749) Use of int in max_burst socket option deprecated. [ 1241.825907][ T8749] Use struct sctp_assoc_value instead [ 1241.967981][ T5959] usb 5-1: new high-speed USB device number 52 using dummy_hcd [ 1242.140157][ T5959] usb 5-1: Using ep0 maxpacket: 16 [ 1242.151020][ T5959] usb 5-1: config 0 has an invalid interface number: 8 but max is 0 [ 1242.159105][ T5959] usb 5-1: config 0 has no interface number 0 [ 1242.191749][ T5959] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 1242.228930][ T5959] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 1242.249427][ T5959] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 1242.288656][ T5959] usb 5-1: Product: syz [ 1242.306768][ T5959] usb 5-1: SerialNumber: syz [ 1242.333793][ T5959] usb 5-1: config 0 descriptor?? [ 1242.356783][ T5959] cm109 5-1:0.8: invalid payload size 208, expected 4 [ 1242.396539][ T5959] input: CM109 USB driver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.8/input/input106 [ 1242.691762][ T8773] bond3: entered promiscuous mode [ 1242.697062][ T8773] bond3: entered allmulticast mode [ 1242.702815][ T8773] 8021q: adding VLAN 0 to HW filter on device bond3 [ 1242.849687][ C0] cm109 5-1:0.8: cm109_urb_irq_callback: urb status -71 [ 1242.857409][ C0] cm109_urb_ctl_callback: 13 callbacks suppressed [ 1242.857434][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1242.871338][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1242.878685][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1242.885890][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1242.893145][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1242.900386][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1242.907620][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1242.914988][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1242.922386][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1242.929654][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1242.945759][ T5959] usb 5-1: USB disconnect, device number 52 [ 1242.950063][ T8790] : renamed from bridge_slave_0 [ 1242.952370][ C0] cm109 5-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 1242.988498][ T5959] cm109 5-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 1243.036986][ T8793] netlink: 'syz.0.15800': attribute type 29 has an invalid length. [ 1243.045332][ T8793] netlink: 4 bytes leftover after parsing attributes in process `syz.0.15800'. [ 1243.138107][ T8795] loop6: detected capacity change from 0 to 512 [ 1243.177034][ T30] audit: type=1326 audit(2000000261.834:2867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8798 comm="syz.3.15803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe2a98f749 code=0x7ffc0000 [ 1243.179508][ T8795] EXT4-fs (loop6): orphan cleanup on readonly fs [ 1243.214454][ T30] audit: type=1326 audit(2000000261.871:2868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8798 comm="syz.3.15803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7efe2a98f749 code=0x7ffc0000 [ 1243.238105][ T30] audit: type=1326 audit(2000000261.871:2869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8798 comm="syz.3.15803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe2a98f749 code=0x7ffc0000 [ 1243.238494][ T8795] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -13 [ 1243.261142][ T30] audit: type=1326 audit(2000000261.871:2870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8798 comm="syz.3.15803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe2a98f749 code=0x7ffc0000 [ 1243.336481][ T8795] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 1243.401605][ T8795] EXT4-fs error (device loop6): ext4_clear_blocks:876: inode #13: comm syz.6.15801: attempt to clear invalid blocks 2 len 1 [ 1243.446794][ T8795] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #13: comm syz.6.15801: invalid indirect mapped block 1819239214 (level 0) [ 1243.489256][ T8795] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #13: comm syz.6.15801: invalid indirect mapped block 1819239214 (level 1) [ 1243.507856][ T8795] EXT4-fs (loop6): 1 truncate cleaned up [ 1243.515407][ T8795] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1243.671627][ T8795] EXT4-fs error (device loop6): ext4_lookup:1784: inode #2: comm syz.6.15801: 'file1' linked to parent dir [ 1243.744195][ T3280] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1243.881138][T30321] usb 6-1: new high-speed USB device number 25 using dummy_hcd [ 1243.962470][ T8829] ip6erspan1: entered allmulticast mode [ 1244.085977][T30321] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1244.106311][T30321] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 3 [ 1244.124768][T30321] usb 6-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00 [ 1244.150587][T30321] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1244.190896][T30321] usb 6-1: config 0 descriptor?? [ 1244.283778][ T30] audit: type=1326 audit(2000000262.863:2871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8840 comm="syz.4.15826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1244.294975][ T8843] netlink: 16 bytes leftover after parsing attributes in process `syz.0.15823'. [ 1244.339849][ T8846] loop6: detected capacity change from 0 to 1024 [ 1244.346660][ T30] audit: type=1326 audit(2000000262.863:2872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8840 comm="syz.4.15826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1244.436370][ T30] audit: type=1326 audit(2000000262.872:2873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8840 comm="syz.4.15826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1244.507228][ T30] audit: type=1326 audit(2000000262.872:2874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8840 comm="syz.4.15826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1244.596747][ T30] audit: type=1326 audit(2000000262.872:2875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8840 comm="syz.4.15826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1244.652414][T30321] Bluetooth: Can't get state to change to load configuration err [ 1244.660226][T30321] Bluetooth: Loading sysconfig file failed [ 1244.704701][T30321] ath3k 6-1:0.0: probe with driver ath3k failed with error -16 [ 1244.752212][T30321] usb 6-1: USB disconnect, device number 25 [ 1244.837744][ T30] audit: type=1326 audit(2000000263.386:2876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8860 comm="syz.0.15834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f364478f749 code=0x7ffc0000 [ 1244.934220][ T30] audit: type=1326 audit(2000000263.386:2877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8860 comm="syz.0.15834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=106 compat=0 ip=0x7f364478f749 code=0x7ffc0000 [ 1244.972844][ T8865] netlink: 4696 bytes leftover after parsing attributes in process `syz.6.15835'. [ 1244.993477][ T8865] netlink: 4696 bytes leftover after parsing attributes in process `syz.6.15835'. [ 1245.002775][ T8865] netlink: 500 bytes leftover after parsing attributes in process `syz.6.15835'. [ 1245.020472][ T30] audit: type=1326 audit(2000000263.386:2878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8860 comm="syz.0.15834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f364478f749 code=0x7ffc0000 [ 1245.078907][ T30] audit: type=1326 audit(2000000263.386:2879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8860 comm="syz.0.15834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f364478f749 code=0x7ffc0000 [ 1245.151126][ T8871] : entered promiscuous mode [ 1245.279129][ T8876] netlink: 'syz.4.15842': attribute type 2 has an invalid length. [ 1245.296903][ T8876] netlink: 'syz.4.15842': attribute type 11 has an invalid length. [ 1245.306042][ T8878] netlink: 'syz.6.15840': attribute type 32 has an invalid length. [ 1245.314307][ T8876] netlink: 132 bytes leftover after parsing attributes in process `syz.4.15842'. [ 1245.502370][ T8890] netlink: 'syz.4.15847': attribute type 10 has an invalid length. [ 1245.504890][ T8886] kAFS: unable to lookup cell 'syz1' [ 1245.530535][ T8890] team0: Cannot enslave team device to itself [ 1245.692744][ T8898] tmpfs: Bad value for 'mpol' [ 1245.885557][ T8909] loop4: detected capacity change from 0 to 256 [ 1245.924677][ T8909] exfat: Deprecated parameter 'utf8' [ 1245.964076][ T8909] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 1246.674456][ T8950] mac80211_hwsim hwsim4 : renamed from wlan0 [ 1247.062455][ T30] audit: type=1326 audit(2000000265.472:2880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8973 comm="syz.6.15888" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde4c18f749 code=0x7ffc0000 [ 1247.259953][ T8983] netlink: 'syz.6.15892': attribute type 21 has an invalid length. [ 1247.290116][ T8983] netlink: 132 bytes leftover after parsing attributes in process `syz.6.15892'. [ 1247.305832][ T8552] usb 4-1: new high-speed USB device number 40 using dummy_hcd [ 1247.329445][ T8983] netlink: 'syz.6.15892': attribute type 1 has an invalid length. [ 1247.413219][ T8993] netlink: 244 bytes leftover after parsing attributes in process `syz.5.15897'. [ 1247.485095][ T8552] usb 4-1: Using ep0 maxpacket: 16 [ 1247.515976][ T8552] usb 4-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88 [ 1247.548009][ T8552] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1247.569793][ T8552] usb 4-1: Product: syz [ 1247.582175][ T8552] usb 4-1: Manufacturer: syz [ 1247.586858][ T8552] usb 4-1: SerialNumber: syz [ 1247.637674][ T8552] usb 4-1: config 0 descriptor?? [ 1247.659392][ T9004] SET target dimension over the limit! [ 1247.691314][ T9003] veth4: entered allmulticast mode [ 1247.889511][ T8552] speedtch 4-1:0.0: speedtch_bind: data interface not found! [ 1247.925579][ T8552] speedtch 4-1:0.0: usbatm_usb_probe: bind failed: -19! [ 1248.140530][ T8552] usb 4-1: USB disconnect, device number 40 [ 1248.440971][ T9040] netlink: 72 bytes leftover after parsing attributes in process `syz.5.15920'. [ 1248.614435][ T9049] netlink: 96 bytes leftover after parsing attributes in process `syz.5.15924'. [ 1248.786432][ T9058] netlink: 'syz.4.15929': attribute type 30 has an invalid length. [ 1248.833375][ T9058] netlink: 8 bytes leftover after parsing attributes in process `syz.4.15929'. [ 1248.868442][ T9063] loop5: detected capacity change from 0 to 1024 [ 1248.976208][ T9058] bond11: option arp_missed_max: mode dependency failed, not supported in mode 802.3ad(4) [ 1249.041378][ T9058] bond11 (unregistering): Released all slaves [ 1249.573089][ T9093] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1249.611369][ T9089] loop4: detected capacity change from 0 to 4096 [ 1249.622433][ T9089] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 1249.703162][ T9089] ntfs3(loop4): ino=19, mi_enum_attr [ 1249.708639][ T9089] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 1249.835861][ T9089] ntfs3(loop4): failed to convert "c46c" to ascii [ 1249.878042][ T9089] ntfs3(loop4): ino=20, mi_enum_attr [ 1249.892550][ T9106] kernel read not supported for file / œ7³ÏüâW)ës“§Ç!Qöì¥fsõl{T‡rÒ)r§ÖOš˜õ2:"ôÀT+ÍŸv|Õ²DvcŽ“ØÖ Å6Òxãc: (pid: 9106 comm: syz.3.15952) [ 1249.934699][ T9107] loop6: detected capacity change from 0 to 1024 [ 1249.952240][ T30] kauditd_printk_skb: 4 callbacks suppressed [ 1249.952261][ T30] audit: type=1800 audit(2000000268.165:2885): pid=9106 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.15952" name=20019C1437B3CFFCC3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=118810 res=0 errno=0 [ 1250.436789][ T9122] bridge_slave_0: entered allmulticast mode [ 1250.469350][ T9122] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 1250.727137][ T30] audit: type=1326 audit(2000000268.894:2886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9130 comm="syz.0.15965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f364478f749 code=0x7ffc0000 [ 1250.823839][ T30] audit: type=1326 audit(2000000268.932:2887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9130 comm="syz.0.15965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f364478f749 code=0x7ffc0000 [ 1250.888365][ T9136] __nla_validate_parse: 2 callbacks suppressed [ 1250.888389][ T9136] netlink: 16 bytes leftover after parsing attributes in process `syz.4.15967'. [ 1250.907659][ T30] audit: type=1326 audit(2000000268.932:2888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9130 comm="syz.0.15965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f364478f749 code=0x7ffc0000 [ 1250.971539][ T30] audit: type=1326 audit(2000000268.932:2889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9130 comm="syz.0.15965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=249 compat=0 ip=0x7f364478f749 code=0x7ffc0000 [ 1251.038190][ T30] audit: type=1326 audit(2000000268.932:2890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9130 comm="syz.0.15965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f364478f749 code=0x7ffc0000 [ 1251.062200][ T9101] loop5: detected capacity change from 0 to 32768 [ 1251.072696][T30321] usb 7-1: new full-speed USB device number 7 using dummy_hcd [ 1251.117654][ T30] audit: type=1326 audit(2000000268.932:2891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9130 comm="syz.0.15965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f364478f749 code=0x7ffc0000 [ 1251.175854][ T9145] netlink: 8 bytes leftover after parsing attributes in process `syz.0.15972'. [ 1251.195885][ T30] audit: type=1326 audit(2000000268.932:2892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9130 comm="syz.0.15965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f364478f749 code=0x7ffc0000 [ 1251.278524][T30321] usb 7-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config [ 1251.293861][ T30] audit: type=1326 audit(2000000268.932:2893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9130 comm="syz.0.15965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f364478f749 code=0x7ffc0000 [ 1251.298789][T30321] usb 7-1: New USB device found, idVendor=7a69, idProduct=0001, bcdDevice=a8.6b [ 1251.394458][ T9151] binder: 9147:9151 ioctl c018620c 0 returned -14 [ 1251.409322][T30321] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1251.417404][T30321] usb 7-1: Product: syz [ 1251.473458][T30321] usb 7-1: Manufacturer: syz [ 1251.478137][T30321] usb 7-1: SerialNumber: syz [ 1251.509672][T30321] usb 7-1: dvb_usb_v2: found a '774 Friio White ISDB-T USB2.0' in warm state [ 1251.972086][T30321] usb 7-1: dvb_usb_v2: this USB2.0 device cannot be run on a USB1.1 port (it lacks a hardware PID filter) [ 1252.011261][T30321] usb 7-1: USB disconnect, device number 7 [ 1252.616170][ T9203] netlink: 16 bytes leftover after parsing attributes in process `syz.4.16001'. [ 1252.740291][ T9209] netlink: 60 bytes leftover after parsing attributes in process `syz.5.16003'. [ 1252.925037][ T9216] netlink: 'syz.0.16008': attribute type 11 has an invalid length. [ 1252.933679][ T9216] netlink: 448 bytes leftover after parsing attributes in process `syz.0.16008'. [ 1253.646226][ T9239] loop5: detected capacity change from 0 to 512 [ 1253.676572][ T9239] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1253.771944][ T9239] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1253.804195][ T9239] ext4 filesystem being mounted at /2146/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1254.043585][T17493] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1254.098384][ T9259] loop6: detected capacity change from 0 to 2048 [ 1254.877075][ T9291] openvswitch: netlink: IP tunnel dst address not specified [ 1255.118075][ T9266] loop4: detected capacity change from 0 to 32768 [ 1255.174455][ T9266] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.16030 (9266) [ 1255.276929][ T9266] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1255.329816][ T9266] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm [ 1255.599988][ T9266] BTRFS info (device loop4): enabling ssd optimizations [ 1255.641080][ T9266] BTRFS info (device loop4): turning on async discard [ 1255.666036][ T9266] BTRFS info (device loop4): enabling free space tree [ 1255.739356][ T9338] 9pnet_fd: Insufficient options for proto=fd [ 1255.879963][ T5853] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1255.929063][ T9347] loop5: detected capacity change from 0 to 256 [ 1256.025711][ T9347] FAT-fs (loop5): Directory bread(block 64) failed [ 1256.061436][ T9347] FAT-fs (loop5): Directory bread(block 65) failed [ 1256.068122][ T9347] FAT-fs (loop5): Directory bread(block 66) failed [ 1256.142364][ T9347] FAT-fs (loop5): Directory bread(block 67) failed [ 1256.221708][ T9347] FAT-fs (loop5): Directory bread(block 68) failed [ 1256.249191][ T9347] FAT-fs (loop5): Directory bread(block 69) failed [ 1256.267280][ T9347] FAT-fs (loop5): Directory bread(block 70) failed [ 1256.273887][ T9347] FAT-fs (loop5): Directory bread(block 71) failed [ 1256.309369][ T9347] FAT-fs (loop5): Directory bread(block 72) failed [ 1256.316066][ T9347] FAT-fs (loop5): Directory bread(block 73) failed [ 1256.757339][ T9371] No such timeout policy "syz1" [ 1256.828449][ T9377] netlink: 'syz.3.16077': attribute type 21 has an invalid length. [ 1256.966021][ T9380] loop6: detected capacity change from 0 to 1764 [ 1257.014210][ T9383] xt_addrtype: ipv6 BLACKHOLE matching not supported [ 1257.035054][ T9380] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 1257.461587][ T9398] loop5: detected capacity change from 0 to 512 [ 1257.536737][ T9398] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1257.586125][ T9398] ext4 filesystem being mounted at /2162/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1257.656502][ T9398] EXT4-fs error (device loop5): ext4_xattr_block_get:597: inode #12: comm syz.5.16088: corrupted xattr block 6: invalid header [ 1257.794657][T17493] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1258.143583][ T9425] loop4: detected capacity change from 0 to 1024 [ 1258.192562][ T3655] hfsplus: b-tree write err: -5, ino 4 [ 1259.187564][ T9462] program syz.6.16119 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1259.378595][ T9472] loop4: detected capacity change from 0 to 256 [ 1259.796171][ T9493] netlink: 4 bytes leftover after parsing attributes in process `syz.0.16133'. [ 1259.825213][ T778] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 1259.929225][ T9499] sit0: entered promiscuous mode [ 1259.951849][ T9499] netlink: 'syz.5.16136': attribute type 1 has an invalid length. [ 1259.952183][ T9502] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks [ 1259.971470][ T9499] netlink: 'syz.5.16136': attribute type 3 has an invalid length. [ 1259.987180][ T9503] loop4: detected capacity change from 0 to 2048 [ 1260.021031][ T778] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1260.034662][ T9503] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1260.038858][ T778] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1260.061330][ T778] usb 7-1: Product: syz [ 1260.066623][ T778] usb 7-1: Manufacturer: syz [ 1260.077451][ T778] usb 7-1: SerialNumber: syz [ 1260.091190][ T9503] ext4 filesystem being mounted at /3260/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1260.102777][ T778] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1260.124030][T30321] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1260.246506][ T5853] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1260.689501][ T778] usb 7-1: USB disconnect, device number 8 [ 1260.753502][ T9534] netlink: 44 bytes leftover after parsing attributes in process `syz.5.16150'. [ 1261.133987][ T9553] bridge0: port 1(bridge_slave_0) entered disabled state [ 1261.269855][T30321] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive [ 1261.290145][T30321] ath9k_htc: Failed to initialize the device [ 1261.301253][ T778] usb 7-1: ath9k_htc: USB layer deinitialized [ 1261.555442][ T9579] loop5: detected capacity change from 0 to 22 [ 1261.566662][ T9580] loop6: detected capacity change from 0 to 64 [ 1261.590447][ T9579] MTD: Attempt to mount non-MTD device "/dev/loop5" [ 1261.602992][ T9581] loop4: detected capacity change from 0 to 1024 [ 1261.621888][ T9579] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 1261.757294][T17651] hfsplus: b-tree write err: -5, ino 4 [ 1262.290987][ T9608] netlink: 'syz.3.16186': attribute type 10 has an invalid length. [ 1262.301758][ T9608] netlink: 55 bytes leftover after parsing attributes in process `syz.3.16186'. [ 1262.736852][ T9631] wg2 speed is unknown, defaulting to 1000 [ 1262.798052][ T9631] wg2 speed is unknown, defaulting to 1000 [ 1262.812076][ T9631] wg2 speed is unknown, defaulting to 1000 [ 1263.168833][ T9647] netlink: 'syz.5.16205': attribute type 1 has an invalid length. [ 1263.198927][ T9647] netlink: 244 bytes leftover after parsing attributes in process `syz.5.16205'. [ 1263.215540][ T9631] infiniband syz2: set active [ 1263.220409][ T9631] infiniband syz2: added wg2 [ 1263.265327][ T9631] RDS/IB: syz2: added [ 1263.269612][ T9631] smc: adding ib device syz2 with port count 1 [ 1263.276140][ T9631] smc: ib device syz2 port 1 has no pnetid [ 1263.283699][ T9399] wg2 speed is unknown, defaulting to 1000 [ 1263.309033][ T9631] wg2 speed is unknown, defaulting to 1000 [ 1263.332714][ T9650] netlink: 232 bytes leftover after parsing attributes in process `syz.6.16206'. [ 1263.399795][ T9399] wg2 speed is unknown, defaulting to 1000 [ 1263.478432][ T9658] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 1263.524318][ T9658] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 1263.550513][ T9658] overlayfs: missing 'lowerdir' [ 1263.881284][ T9674] netlink: 32 bytes leftover after parsing attributes in process `syz.0.16217'. [ 1263.948698][ T9678] netlink: 'syz.6.16219': attribute type 5 has an invalid length. [ 1264.318852][ T9692] netlink: 56 bytes leftover after parsing attributes in process `syz.0.16227'. [ 1264.342005][ T9631] wg2 speed is unknown, defaulting to 1000 [ 1264.352790][ T9692] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 1264.375672][ T9692] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 1264.825846][ T9714] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic [ 1265.223054][ T9631] wg2 speed is unknown, defaulting to 1000 [ 1265.784519][ T9753] netlink: 104 bytes leftover after parsing attributes in process `syz.5.16258'. [ 1265.816136][ T9753] netlink: 104 bytes leftover after parsing attributes in process `syz.5.16258'. [ 1265.901861][ T9631] wg2 speed is unknown, defaulting to 1000 [ 1266.222596][ T9769] tc_dump_action: action bad kind [ 1266.547274][ T9784] netlink: 292 bytes leftover after parsing attributes in process `syz.6.16273'. [ 1266.712744][ T9631] wg2 speed is unknown, defaulting to 1000 [ 1266.815492][ T9794] loop6: detected capacity change from 0 to 64 [ 1266.819047][ T9796] netlink: 'syz.3.16278': attribute type 2 has an invalid length. [ 1266.859650][ T9796] 9: entered promiscuous mode [ 1267.497890][ T9821] netlink: 24 bytes leftover after parsing attributes in process `syz.4.16293'. [ 1267.726415][ T9834] x_tables: duplicate underflow at hook 4 [ 1267.974937][ T9399] usb 4-1: new high-speed USB device number 41 using dummy_hcd [ 1268.088013][ T9848] loop4: detected capacity change from 0 to 2048 [ 1268.155744][ T9399] usb 4-1: Using ep0 maxpacket: 16 [ 1268.169390][ T9399] usb 4-1: config 8 has an invalid interface number: 223 but max is 0 [ 1268.178755][ T9848] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 1268.200218][ T9399] usb 4-1: config 8 contains an unexpected descriptor of type 0x1, skipping [ 1268.222220][ T9848] UDF-fs: Scanning with blocksize 512 failed [ 1268.226567][ T9399] usb 4-1: config 8 has an invalid descriptor of length 156, skipping remainder of the config [ 1268.254691][ T9848] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1268.282554][ T9399] usb 4-1: config 8 has no interface number 0 [ 1268.306499][ T9399] usb 4-1: config 8 interface 223 altsetting 2 bulk endpoint 0xC has invalid maxpacket 32 [ 1268.336899][ T9399] usb 4-1: config 8 interface 223 altsetting 2 endpoint 0x7 has invalid maxpacket 15872, setting to 64 [ 1268.359289][ T9399] usb 4-1: config 8 interface 223 altsetting 2 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1268.390656][ T9399] usb 4-1: config 8 interface 223 has no altsetting 0 [ 1268.416919][ T9399] usb 4-1: New USB device found, idVendor=a6da, idProduct=7458, bcdDevice=2d.4d [ 1268.444513][ T9399] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1268.470931][ T9399] usb 4-1: Product: syz [ 1268.507729][ T9399] usb 4-1: Manufacturer: syz [ 1268.517336][ T9399] usb 4-1: SerialNumber: syz [ 1268.543625][ T9829] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1268.800616][ T9862] netlink: 516 bytes leftover after parsing attributes in process `syz.4.16311'. [ 1268.829908][ T9399] usb 4-1: USB disconnect, device number 41 [ 1269.074394][ T9852] loop5: detected capacity change from 0 to 32768 [ 1269.756732][ T9894] netlink: 'syz.3.16327': attribute type 21 has an invalid length. [ 1270.010553][ T9905] netlink: 'syz.6.16332': attribute type 1 has an invalid length. [ 1270.041025][ T9909] IPv6: Can't replace route, no match found [ 1270.058825][ T9905] netlink: 'syz.6.16332': attribute type 2 has an invalid length. [ 1270.331164][ T9921] SET target dimension over the limit! [ 1271.334900][ T9973] netlink: 216 bytes leftover after parsing attributes in process `syz.0.16363'. [ 1271.960594][T10007] loop5: detected capacity change from 0 to 1764 [ 1272.044033][T10007] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 1272.149524][T10015] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1272.196544][T10013] bridge_slave_0: left promiscuous mode [ 1272.299349][T10013] vlan0: left promiscuous mode [ 1272.354929][T10013] ip6tnl1: left promiscuous mode [ 1272.366307][T10013] bridge6: left promiscuous mode [ 1272.378613][T10013] bridge9: left promiscuous mode [ 1272.478894][T10027] netlink: 'syz.6.16383': attribute type 11 has an invalid length. [ 1272.508521][T10027] netlink: 224 bytes leftover after parsing attributes in process `syz.6.16383'. [ 1272.869439][T10039] loop4: detected capacity change from 0 to 4096 [ 1272.933958][T10039] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 1272.955514][T10039] ntfs3(loop4): Failed to load $Extend (-22). [ 1272.964857][ T8552] usb 7-1: new full-speed USB device number 9 using dummy_hcd [ 1272.997901][T10039] ntfs3(loop4): Failed to initialize $Extend. [ 1273.172429][ T8552] usb 7-1: config 5 has an invalid interface number: 123 but max is 0 [ 1273.192889][ T8552] usb 7-1: config 5 has no interface number 0 [ 1273.210016][ T8552] usb 7-1: config 5 interface 123 altsetting 7 has an endpoint descriptor with address 0xEB, changing to 0x8B [ 1273.227502][ T8552] usb 7-1: config 5 interface 123 altsetting 7 endpoint 0x4 has invalid maxpacket 60849, setting to 64 [ 1273.245004][ T8552] usb 7-1: config 5 interface 123 has no altsetting 0 [ 1273.255377][ T8552] usb 7-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7 [ 1273.283170][ T8552] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1273.309257][ T8552] usb 7-1: Product: syz [ 1273.334946][ T8552] usb 7-1: Manufacturer: syz [ 1273.365126][ T8552] usb 7-1: SerialNumber: syz [ 1273.386416][T10035] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1273.639710][ T8552] comedi comedi4: driver 'ni6501' has successfully auto-configured 'ni6501'. [ 1273.696759][ T8552] usb 7-1: USB disconnect, device number 9 [ 1274.118062][T10097] loop4: detected capacity change from 0 to 1024 [ 1274.193833][T10103] virt_wifi0 speed is unknown, defaulting to 1000 [ 1274.203617][T10097] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1274.212695][T10103] virt_wifi0 speed is unknown, defaulting to 1000 [ 1274.263087][T10103] virt_wifi0 speed is unknown, defaulting to 1000 [ 1274.330932][T10103] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 1274.349774][ T5853] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1274.494109][T10103] virt_wifi0 speed is unknown, defaulting to 1000 [ 1274.538001][T10103] virt_wifi0 speed is unknown, defaulting to 1000 [ 1274.561988][T10103] virt_wifi0 speed is unknown, defaulting to 1000 [ 1274.598286][T10103] virt_wifi0 speed is unknown, defaulting to 1000 [ 1274.626863][T10103] virt_wifi0 speed is unknown, defaulting to 1000 [ 1274.864984][T10131] netlink: 1 bytes leftover after parsing attributes in process `syz.6.16434'. [ 1274.894323][T10131] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1275.153779][T10144] netlink: 64 bytes leftover after parsing attributes in process `syz.0.16440'. [ 1275.249498][T10148] netlink: 8 bytes leftover after parsing attributes in process `syz.5.16443'. [ 1275.418008][T10158] loop6: detected capacity change from 0 to 16 [ 1275.464713][T10158] erofs (device loop6): mounted with root inode @ nid 36. [ 1275.837280][T10176] netlink: 28 bytes leftover after parsing attributes in process `syz.6.16454'. [ 1275.886859][T10176] netlink: 28 bytes leftover after parsing attributes in process `syz.6.16454'. [ 1275.912232][T10176] netlink: 56 bytes leftover after parsing attributes in process `syz.6.16454'. [ 1275.940195][T10178] netlink: 72 bytes leftover after parsing attributes in process `syz.0.16458'. [ 1275.953385][T10178] netlink: 72 bytes leftover after parsing attributes in process `syz.0.16458'. [ 1276.552024][T10204] loop4: detected capacity change from 0 to 2048 [ 1276.579256][T10180] loop5: detected capacity change from 0 to 32768 [ 1276.602941][T10180] (syz.5.16457,10180,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1276.619504][T10204] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended [ 1276.643339][T10204] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1276.678353][T10180] (syz.5.16457,10180,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1276.707090][T10204] EXT4-fs error (device loop4): ext4_lookup:1787: inode #12: comm syz.4.16470: iget: bad extended attribute block 204079104 [ 1276.738866][T10180] JBD2: Ignoring recovery information on journal [ 1276.742430][T10213] libceph: resolve '400' (ret=-3): failed [ 1276.833797][ T5853] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1276.855368][T10180] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 1276.882144][ T5959] usb 1-1: new high-speed USB device number 61 using dummy_hcd [ 1277.024889][T10221] loop4: detected capacity change from 0 to 64 [ 1277.053755][ T5959] usb 1-1: Using ep0 maxpacket: 16 [ 1277.063405][ T5959] usb 1-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 1277.089197][ T5959] usb 1-1: config 0 interface 0 altsetting 1 endpoint 0x89 has invalid wMaxPacketSize 0 [ 1277.116108][ T5959] usb 1-1: config 0 interface 0 has no altsetting 0 [ 1277.128220][ T5959] usb 1-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 1277.128518][T17493] ocfs2: Unmounting device (7,5) on (node local) [ 1277.137853][ T5959] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1277.152308][ T5959] usb 1-1: Product: syz [ 1277.156548][ T5959] usb 1-1: Manufacturer: syz [ 1277.169021][ T5959] usb 1-1: SerialNumber: syz [ 1277.200334][ T5959] usb 1-1: config 0 descriptor?? [ 1277.654355][ T5959] usb 1-1: USB disconnect, device number 61 [ 1278.404253][T10277] binfmt_misc: register: failed to install interpreter file ./file0 [ 1278.744329][T10300] netlink: 'syz.5.16513': attribute type 21 has an invalid length. [ 1279.602339][T10336] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 1279.633874][T10336] overlayfs: missing 'lowerdir' [ 1279.741104][T10314] loop4: detected capacity change from 0 to 32768 [ 1279.759329][T10314] btrfs: Deprecated parameter 'usebackuproot' [ 1279.765473][T10314] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 1279.830252][T10314] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.16521 (10314) [ 1279.859110][T10344] loop5: detected capacity change from 0 to 256 [ 1279.882308][T10314] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1279.918110][T10314] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm [ 1279.960877][T10344] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 1280.154350][ T3655] BTRFS error (device loop4): bad fsid on logical 5328896 mirror 1 [ 1280.174805][T10314] BTRFS warning (device loop4): failed to read root (objectid=4): -5 [ 1280.207702][T10314] BTRFS warning (device loop4): try to load backup roots slot 1 [ 1280.261652][ T2084] BTRFS warning (device loop4): checksum verify failed on logical 5316608 mirror 1 wanted 0x5387c9d6 found 0xc5cdcf34 level 0 [ 1280.322129][T10314] BTRFS error (device loop4): failed to load root extent [ 1280.335909][T10314] BTRFS warning (device loop4): try to load backup roots slot 2 [ 1280.376518][ T13] BTRFS error (device loop4): level verify failed on logical 5255168 mirror 1 wanted 0 found 1 [ 1280.398460][T10314] BTRFS warning (device loop4): couldn't read tree root [ 1280.419268][T10314] BTRFS warning (device loop4): try to load backup roots slot 3 [ 1280.427181][ T778] usb 1-1: new high-speed USB device number 62 using dummy_hcd [ 1280.454051][ T5990] BTRFS warning (device loop4): checksum verify failed on logical 5242880 mirror 1 wanted 0xc0857788 found 0xfbc16af1 level 0 [ 1280.487608][T10314] BTRFS warning (device loop4): couldn't read tree root [ 1280.607450][ T778] usb 1-1: Using ep0 maxpacket: 8 [ 1280.643060][ T778] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 1280.652603][T10314] BTRFS error (device loop4): open_ctree failed: -5 [ 1280.652845][ T778] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1280.678292][T10338] loop6: detected capacity change from 0 to 32768 [ 1280.688793][ T778] pvrusb2: Hardware description: Terratec Grabster AV400 [ 1280.688813][ T778] pvrusb2: ********** [ 1280.688823][ T778] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 1280.688837][ T778] pvrusb2: Important functionality might not be entirely working. [ 1280.688850][ T778] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 1280.688863][ T778] pvrusb2: ********** [ 1280.820355][T10338] ERROR: (device loop6): dbAllocNext: Corrupt dmap page [ 1280.820355][T10338] [ 1280.822656][T10338] ERROR: (device loop6): remounting filesystem as read-only [ 1280.822862][T10338] ialloc: diAlloc returned -5! [ 1280.938605][ T2344] pvrusb2: Invalid write control endpoint [ 1281.087191][ T2344] pvrusb2: Invalid write control endpoint [ 1281.087212][ T2344] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 1281.087248][ T2344] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 1281.087259][ T2344] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 1281.087273][ T2344] pvrusb2: Device being rendered inoperable [ 1281.087356][ T2344] cx25840 2-0044: Unable to detect h/w, assuming cx23887 [ 1281.087424][ T2344] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 1281.106234][ T2344] pvrusb2: Attached sub-driver cx25840 [ 1281.106267][ T2344] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 1281.106281][ T2344] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 1281.167554][ T778] usb 1-1: USB disconnect, device number 62 [ 1282.065800][T10407] loop5: detected capacity change from 0 to 128 [ 1282.091999][T10407] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256 [ 1282.136717][T10407] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1282.185242][T30321] usb 1-1: new high-speed USB device number 63 using dummy_hcd [ 1282.259251][T10412] netlink: 48 bytes leftover after parsing attributes in process `syz.6.16562'. [ 1282.369288][T30321] usb 1-1: Using ep0 maxpacket: 16 [ 1282.391427][T30321] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 1282.425821][T30321] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1282.450486][T30321] usb 1-1: Product: syz [ 1282.458166][T30321] usb 1-1: Manufacturer: syz [ 1282.467410][T30321] usb 1-1: SerialNumber: syz [ 1282.505082][T30321] r8152-cfgselector 1-1: Unknown version 0x0000 [ 1282.526165][T30321] r8152-cfgselector 1-1: config 0 descriptor?? [ 1282.798539][T30321] r8152-cfgselector 1-1: Unknown version 0x0000 [ 1282.808835][T30321] r8152-cfgselector 1-1: bad CDC descriptors [ 1283.061570][T30321] r8152-cfgselector 1-1: USB disconnect, device number 63 [ 1283.074753][T10446] tc_dump_action: action bad kind [ 1283.301293][T10452] bond11: Unable to set peer notification delay as MII monitoring is disabled [ 1283.326000][T10452] bond11 (unregistering): Released all slaves [ 1283.737321][T10475] sg_write: data in/out 768/1 bytes for SCSI command 0x11-- guessing data in; [ 1283.737321][T10475] program syz.4.16593 not setting count and/or reply_len properly [ 1283.784399][T10481] netlink: 12 bytes leftover after parsing attributes in process `syz.5.16596'. [ 1283.978346][T10491] loop5: detected capacity change from 0 to 256 [ 1284.021922][T10491] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 1284.430625][T10510] netlink: 'syz.6.16610': attribute type 12 has an invalid length. [ 1284.498345][T10513] loop4: detected capacity change from 0 to 64 [ 1284.668818][T10519] netlink: 'syz.6.16614': attribute type 2 has an invalid length. [ 1284.684640][T10519] 9þ: entered promiscuous mode [ 1285.868942][T10562] netlink: 132 bytes leftover after parsing attributes in process `syz.6.16636'. [ 1285.888998][T10553] loop5: detected capacity change from 0 to 8192 [ 1285.960404][T11807] loop5: AHDI p1 p2 [ 1285.964640][T11807] loop5: p1 size 65535 extends beyond EOD, truncated [ 1286.009697][T10553] loop5: AHDI p1 p2 [ 1286.045622][T10553] loop5: p1 size 65535 extends beyond EOD, truncated [ 1286.450997][T11807] udevd[11807]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory [ 1286.520895][T11807] udevd[11807]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory [ 1286.772490][ T5959] usb 6-1: new high-speed USB device number 26 using dummy_hcd [ 1286.885516][T10607] netlink: 'syz.4.16659': attribute type 29 has an invalid length. [ 1286.895021][T10608] netlink: 12 bytes leftover after parsing attributes in process `syz.0.16658'. [ 1286.954956][ T5959] usb 6-1: Using ep0 maxpacket: 16 [ 1286.967507][ T5959] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 11 [ 1286.990474][ T5959] usb 6-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0 [ 1287.020745][ T5959] usb 6-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0 [ 1287.042890][ T5959] usb 6-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0 [ 1287.057110][ T5959] usb 6-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0 [ 1287.071936][ T5959] usb 6-1: config 1 interface 0 has no altsetting 0 [ 1287.082881][ T5959] usb 6-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77 [ 1287.103109][ T5959] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1287.153753][ T5959] ums-sddr09 6-1:1.0: USB Mass Storage device detected [ 1287.230028][T10625] loop6: detected capacity change from 0 to 256 [ 1287.249712][T10623] netlink: 132 bytes leftover after parsing attributes in process `syz.0.16667'. [ 1287.262720][ T30] audit: type=1326 audit(2000000303.065:2894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10624 comm="syz.4.16666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1287.308889][T10625] FAT-fs (loop6): Directory bread(block 64) failed [ 1287.328013][T10625] FAT-fs (loop6): Directory bread(block 65) failed [ 1287.335077][T10625] FAT-fs (loop6): Directory bread(block 66) failed [ 1287.342788][T10625] FAT-fs (loop6): Directory bread(block 67) failed [ 1287.349612][T10625] FAT-fs (loop6): Directory bread(block 68) failed [ 1287.362503][ T30] audit: type=1326 audit(2000000303.084:2895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10624 comm="syz.4.16666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=119 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1287.387464][T10625] FAT-fs (loop6): Directory bread(block 69) failed [ 1287.392647][ T8552] usb 4-1: new high-speed USB device number 42 using dummy_hcd [ 1287.407138][ T30] audit: type=1326 audit(2000000303.084:2896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10624 comm="syz.4.16666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1287.436247][T10625] FAT-fs (loop6): Directory bread(block 70) failed [ 1287.454957][ T30] audit: type=1326 audit(2000000303.084:2897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10624 comm="syz.4.16666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1287.456514][T10625] FAT-fs (loop6): Directory bread(block 71) failed [ 1287.503973][ T5959] ums-sddr09 6-1:1.0: probe with driver ums-sddr09 failed with error -22 [ 1287.534917][ T5959] usb 6-1: USB disconnect, device number 26 [ 1287.542418][T10625] FAT-fs (loop6): Directory bread(block 72) failed [ 1287.556140][T10625] FAT-fs (loop6): Directory bread(block 73) failed [ 1287.585055][ T8552] usb 4-1: Using ep0 maxpacket: 16 [ 1287.599566][ T8552] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=10.00 [ 1287.627571][ T8552] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1287.649708][ T8552] usb 4-1: Product: syz [ 1287.660277][ T8552] usb 4-1: Manufacturer: syz [ 1287.671227][ T8552] usb 4-1: SerialNumber: syz [ 1287.675980][ T30] audit: type=1326 audit(2000000303.448:2898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10635 comm="syz.0.16672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f364478f749 code=0x7ffc0000 [ 1287.714608][ T8552] usb 4-1: config 0 descriptor?? [ 1287.731859][ T8552] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected [ 1287.745535][ T30] audit: type=1326 audit(2000000303.448:2899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10635 comm="syz.0.16672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f364478f749 code=0x7ffc0000 [ 1287.770375][ T8552] usb 4-1: Detected FT-X [ 1287.796202][ T30] audit: type=1326 audit(2000000303.448:2900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10635 comm="syz.0.16672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f364478f749 code=0x7ffc0000 [ 1287.873890][ T30] audit: type=1326 audit(2000000303.448:2901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10635 comm="syz.0.16672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f364478f749 code=0x7ffc0000 [ 1287.961491][ T30] audit: type=1326 audit(2000000303.448:2902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10635 comm="syz.0.16672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=256 compat=0 ip=0x7f364478f749 code=0x7ffc0000 [ 1288.028312][ T30] audit: type=1326 audit(2000000303.448:2903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10635 comm="syz.0.16672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f364478f749 code=0x7ffc0000 [ 1288.208449][ T8552] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 1288.218319][ T8552] ftdi_sio 4-1:0.0: GPIO initialisation failed: -71 [ 1288.242470][ T8552] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 1288.303500][ T8552] usb 4-1: USB disconnect, device number 42 [ 1288.321144][ T8552] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 1288.391378][ T8552] ftdi_sio 4-1:0.0: device disconnected [ 1288.609109][T10668] x_tables: ip6_tables: sctp match: only valid for protocol 132 [ 1288.610448][T10666] loop5: detected capacity change from 0 to 2048 [ 1288.676443][T10666] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1288.719688][T10673] loop4: detected capacity change from 0 to 2048 [ 1288.910859][T17493] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1289.321747][T10698] xt_recent: hitcount (4294901760) is larger than allowed maximum (65535) [ 1290.039227][T10687] loop4: detected capacity change from 0 to 32768 [ 1290.108096][T10687] diRead: diIAGRead returned -5 [ 1290.264981][T10725] xt_recent: Unsupported userspace flags (000000b1) [ 1290.365515][ T778] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 1290.547134][ T778] usb 7-1: Using ep0 maxpacket: 8 [ 1290.554490][ T778] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x1 has invalid maxpacket 1024, setting to 64 [ 1290.612824][ T778] usb 7-1: config 0 interface 0 has no altsetting 0 [ 1290.636095][ T778] usb 7-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e [ 1290.664745][ T778] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1290.687450][ T778] usb 7-1: Product: syz [ 1290.691695][ T778] usb 7-1: Manufacturer: syz [ 1290.728084][ T778] usb 7-1: SerialNumber: syz [ 1290.737492][T10720] loop5: detected capacity change from 0 to 32768 [ 1290.747903][ T778] usb 7-1: config 0 descriptor?? [ 1290.762586][T10720] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.16711 (10720) [ 1290.797426][ T778] snd_usb_toneport 7-1:0.0: Line 6 TonePort UX2 found [ 1290.845734][T10720] BTRFS info (device loop5): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1290.868592][T10720] BTRFS info (device loop5): using xxhash64 (xxhash64-generic) checksum algorithm [ 1291.020956][ T778] snd_usb_toneport 7-1:0.0: Line 6 TonePort UX2 now disconnected [ 1291.068172][T10720] BTRFS info (device loop5): rebuilding free space tree [ 1291.070204][ T778] snd_usb_toneport 7-1:0.0: probe with driver snd_usb_toneport failed with error -22 [ 1291.093377][ T8552] usb 1-1: new full-speed USB device number 64 using dummy_hcd [ 1291.121028][T10720] BTRFS info (device loop5): enabling ssd optimizations [ 1291.152274][T10720] BTRFS info (device loop5): turning on async discard [ 1291.170575][T10720] BTRFS info (device loop5): enabling free space tree [ 1291.186345][T10720] BTRFS info (device loop5): force clearing of disk cache [ 1291.287644][ T8552] usb 1-1: config 0 has an invalid interface number: 151 but max is 1 [ 1291.306407][ T8552] usb 1-1: config 0 has no interface number 1 [ 1291.312595][ T8552] usb 1-1: config 0 interface 151 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 1291.335918][ T778] usb 7-1: USB disconnect, device number 10 [ 1291.372915][ T8552] usb 1-1: config 0 interface 151 altsetting 0 has an endpoint descriptor with address 0xA3, changing to 0x83 [ 1291.427847][ T8552] usb 1-1: config 0 interface 151 altsetting 0 endpoint 0x83 has invalid maxpacket 64466, setting to 64 [ 1291.465202][ T8552] usb 1-1: config 0 interface 151 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 1291.492615][ T8552] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xC9, changing to 0x89 [ 1291.504621][ T8552] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 1291.533181][ T8552] usb 1-1: New USB device found, idVendor=0499, idProduct=500a, bcdDevice=e7.b7 [ 1291.550944][ T8552] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1291.572337][ T8552] usb 1-1: Product: syz [ 1291.580390][ T8552] usb 1-1: Manufacturer: syz [ 1291.586783][ T8552] usb 1-1: SerialNumber: syz [ 1291.599700][ T8552] usb 1-1: config 0 descriptor?? [ 1291.619636][T10743] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 1291.641989][ T8552] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 1291.652286][T17493] BTRFS info (device loop5): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1291.686138][ T8552] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 1291.794457][ T8552] snd-usb-audio 1-1:0.0: probe with driver snd-usb-audio failed with error -12 [ 1292.035232][ T8552] usb 1-1: USB disconnect, device number 64 [ 1292.250349][T10787] netlink: 32 bytes leftover after parsing attributes in process `syz.5.16735'. [ 1292.797141][ T30] kauditd_printk_skb: 9 callbacks suppressed [ 1292.797161][ T30] audit: type=1400 audit(2000000308.236:2913): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-22 profile="unconfined" name="&" pid=10809 comm="syz.0.16746" [ 1293.169920][ T30] audit: type=1326 audit(2000000308.592:2914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10830 comm="syz.6.16757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde4c18f749 code=0x7ffc0000 [ 1293.224459][ T30] audit: type=1326 audit(2000000308.620:2915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10830 comm="syz.6.16757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7fde4c18f749 code=0x7ffc0000 [ 1293.285744][ T30] audit: type=1326 audit(2000000308.620:2916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10830 comm="syz.6.16757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde4c18f749 code=0x7ffc0000 [ 1293.333506][ T30] audit: type=1326 audit(2000000308.620:2917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10830 comm="syz.6.16757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde4c18f749 code=0x7ffc0000 [ 1294.008138][T10865] xt_limit: Overflow, try lower: 0/0 [ 1294.163280][T10836] loop6: detected capacity change from 0 to 32768 [ 1294.221070][T10836] ERROR: (device loop6): dbAlloc: the hint is outside the map [ 1294.221070][T10836] [ 1294.293048][T10877] delete_channel: no stack [ 1294.337667][ T13] read_mapping_page failed! [ 1294.337947][ T30] audit: type=1326 audit(2000000309.676:2918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10880 comm="syz.4.16780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1294.342588][ T13] ERROR: (device loop6): txCommit: [ 1294.342588][ T13] [ 1294.460950][ T13] jfs_write_inode: jfs_commit_inode failed! [ 1294.465290][ T30] audit: type=1326 audit(2000000309.676:2919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10880 comm="syz.4.16780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1294.589354][ T30] audit: type=1326 audit(2000000309.714:2920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10880 comm="syz.4.16780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1294.657620][ T30] audit: type=1326 audit(2000000309.714:2921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10880 comm="syz.4.16780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1294.771063][ T30] audit: type=1326 audit(2000000309.714:2922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10880 comm="syz.4.16780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f711f78f749 code=0x7ffc0000 [ 1295.926894][T10948] loop4: detected capacity change from 0 to 16 [ 1295.952098][T10948] erofs (device loop4): mounted with root inode @ nid 36. [ 1295.991063][T10948] erofs (device loop4): bogus lookback distance 1388 @ lcn 42 of nid 36 [ 1296.028250][T10948] erofs (device loop4): read error -117 @ 43 of nid 36 [ 1296.137621][T10954] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1297.307253][T10994] netlink: 4268 bytes leftover after parsing attributes in process `syz.4.16835'. [ 1297.566553][T11008] bond0: option miimon: invalid value (18446744073072017407) [ 1297.574911][T11008] bond0: option miimon: allowed values 0 - 2147483647 [ 1297.613516][T11008] bond0 (unregistering): Released all slaves [ 1297.697371][T11016] netlink: 'syz.4.16847': attribute type 13 has an invalid length. [ 1297.707786][T11016] netlink: 'syz.4.16847': attribute type 17 has an invalid length. [ 1297.759323][T11018] netlink: 308 bytes leftover after parsing attributes in process `syz.6.16846'. [ 1297.800972][T11016] erspan0: left promiscuous mode [ 1297.851190][T11018] netlink: 8 bytes leftover after parsing attributes in process `syz.6.16846'. [ 1297.858920][T11016] sit0: left promiscuous mode [ 1297.990776][T11026] netlink: 28 bytes leftover after parsing attributes in process `syz.0.16850'. [ 1298.006981][T11016] 8021q: adding VLAN 0 to HW filter on device team0 [ 1298.046131][T11016] 0ªX¹¦À: left allmulticast mode [ 1298.073507][T11016] A link change request failed with some changes committed already. Interface 60ªX¹¦À may have been left with an inconsistent configuration, please check. [ 1298.111218][T11018] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check. [ 1298.190868][T11033] loop5: detected capacity change from 0 to 16 [ 1298.210370][T11034] IPVS: Error joining to the multicast group [ 1298.240393][T11033] erofs (device loop5): mounted with root inode @ nid 36. [ 1298.295816][T11036] netlink: 40 bytes leftover after parsing attributes in process `syz.6.16856'. [ 1298.306093][T11036] netlink: 32 bytes leftover after parsing attributes in process `syz.6.16856'. [ 1298.318052][T11033] erofs (device loop5): ztailpacking inline data across blocks @ nid 36 [ 1298.375648][T11033] erofs (device loop5): ztailpacking inline data across blocks @ nid 36 [ 1298.400512][T11033] erofs (device loop5): read error -117 @ 32811 of nid 36 [ 1298.641241][T11054] random: crng reseeded on system resumption [ 1299.005343][T11066] netlink: 'syz.4.16871': attribute type 1 has an invalid length. [ 1299.604714][ T9399] usb 1-1: new full-speed USB device number 65 using dummy_hcd [ 1299.656688][T11100] netlink: 16 bytes leftover after parsing attributes in process `syz.4.16885'. [ 1299.798587][ T9399] usb 1-1: unable to get BOS descriptor or descriptor too short [ 1299.813789][ T9399] usb 1-1: not running at top speed; connect to a high speed hub [ 1299.830095][ T9399] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1299.866024][ T9399] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1299.907260][ T9399] usb 1-1: string descriptor 0 read error: -22 [ 1299.928423][ T9399] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1299.970954][ T9399] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1299.993327][ T9399] usb 1-1: 0:2 : does not exist [ 1300.152996][T11118] netlink: 40 bytes leftover after parsing attributes in process `syz.6.16897'. [ 1300.254151][ T9399] usb 1-1: 5:0: failed to get current value for ch 0 (-22) [ 1300.272334][ T9399] usb 1-1: 5:0: cannot get min/max values for control 2 (id 5) [ 1300.297897][ T9399] usb 1-1: 5:0: cannot get min/max values for control 3 (id 5) [ 1300.302808][ T9399] usb 1-1: 5:0: failed to get current value for ch 1 (-22) [ 1300.362627][ T9399] usb 1-1: 5:0: cannot get min/max values for control 3 (id 5) [ 1300.375458][ T9399] usb 1-1: 5:0: cannot get min/max values for control 2 (id 5) [ 1300.411382][ T9399] usb 1-1: USB disconnect, device number 65 [ 1300.539819][T11103] loop5: detected capacity change from 0 to 32768 [ 1300.633196][T11103] ERROR: (device loop5): xtSearch: xt_getpage: xtree page corrupt [ 1300.633196][T11103] [ 1300.680852][T11103] xtLookup: xtSearch returned -5 [ 1300.688618][T11131] cgroup: noprefix used incorrectly [ 1300.689104][T11103] add_index: get/read_metapage failed! [ 1300.715178][T11103] ERROR: (device loop5): xtSearch: xt_getpage: xtree page corrupt [ 1300.715178][T11103] [ 1300.736853][T11103] xtLookup: xtSearch returned -5 [ 1300.748288][T11103] free_index: error reading directory table [ 1300.773767][T11103] ERROR: (device loop5): xtSearch: xt_getpage: xtree page corrupt [ 1300.773767][T11103] [ 1300.784023][T11103] xtLookup: xtSearch returned -5 [ 1300.789490][T11103] free_index: error reading directory table [ 1300.796587][T11103] ERROR: (device loop5): xtSearch: xt_getpage: xtree page corrupt [ 1300.796587][T11103] [ 1300.869516][T11103] xtLookup: xtSearch returned -5 [ 1300.874571][T11103] free_index: error reading directory table [ 1300.876182][T11137] netlink: 10 bytes leftover after parsing attributes in process `syz.3.16906'. [ 1300.919941][T11103] ERROR: (device loop5): xtSearch: xt_getpage: xtree page corrupt [ 1300.919941][T11103] [ 1300.930059][T11103] xtLookup: xtSearch returned -5 [ 1300.978851][T11103] free_index: error reading directory table [ 1301.005670][T11103] ERROR: (device loop5): xtSearch: xt_getpage: xtree page corrupt [ 1301.005670][T11103] [ 1301.065922][T11103] xtLookup: xtSearch returned -5 [ 1301.077875][T11103] free_index: error reading directory table [ 1301.137369][T11149] netlink: 'syz.4.16911': attribute type 21 has an invalid length. [ 1301.167708][T11151] libceph: resolve '4' (ret=-3): failed [ 1301.337763][ T8552] usb 1-1: new high-speed USB device number 66 using dummy_hcd [ 1301.532571][ T8552] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1301.550820][ T8552] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1301.581044][ T8552] usb 1-1: Product: syz [ 1301.585533][ T8552] usb 1-1: Manufacturer: syz [ 1301.590172][ T8552] usb 1-1: SerialNumber: syz [ 1301.624275][ T8552] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1301.650807][ T5975] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1301.726578][T11165] loop5: detected capacity change from 0 to 256 [ 1301.821156][T11147] loop6: detected capacity change from 0 to 32768 [ 1301.840607][T11147] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.16910 (11147) [ 1301.876344][T11169] netlink: 'syz.3.16922': attribute type 2 has an invalid length. [ 1301.918559][T11147] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1301.940564][T11147] BTRFS info (device loop6): using sha256 (sha256-lib) checksum algorithm [ 1302.003176][T11169] : entered promiscuous mode [ 1302.179453][ T5959] usb 1-1: USB disconnect, device number 66 [ 1302.236432][T11147] BTRFS info (device loop6): enabling ssd optimizations [ 1302.262984][T11147] BTRFS info (device loop6): turning on async discard [ 1302.273201][T11147] BTRFS info (device loop6): enabling free space tree [ 1302.412136][ T3280] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1302.767876][T11206] bridge0: port 3(team0) entered blocking state [ 1302.774705][T11206] bridge0: port 3(team0) entered disabled state [ 1302.783680][T11206] team0: entered allmulticast mode [ 1302.789002][T11206] team_slave_0: entered allmulticast mode [ 1302.828196][T11206] team_slave_1: entered allmulticast mode [ 1302.868464][T11206] team0: entered promiscuous mode [ 1302.893727][T11206] team_slave_0: entered promiscuous mode [ 1302.904738][T11206] team_slave_1: entered promiscuous mode [ 1303.037326][ T5975] usb 1-1: Service connection timeout for: 256 [ 1303.049784][ T5975] ath9k_htc 1-1:1.0: ath9k_htc: Unable to initialize HTC services [ 1303.061236][ T5975] ath9k_htc: Failed to initialize the device [ 1303.067677][ T5959] usb 1-1: ath9k_htc: USB layer deinitialized [ 1303.137726][T11213] loop6: detected capacity change from 0 to 64 [ 1303.295951][T11221] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1303.973236][ T778] usb 5-1: new high-speed USB device number 53 using dummy_hcd [ 1303.994485][T11256] netlink: 32 bytes leftover after parsing attributes in process `syz.0.16957'. [ 1304.102200][T11261] netlink: 4 bytes leftover after parsing attributes in process `syz.6.16960'. [ 1304.153332][ T778] usb 5-1: Using ep0 maxpacket: 16 [ 1304.176396][ T778] usb 5-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15 [ 1304.201350][ T778] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1304.233863][ T778] usb 5-1: Product: syz [ 1304.244412][ T778] usb 5-1: Manufacturer: syz [ 1304.257018][ T778] usb 5-1: SerialNumber: syz [ 1304.270841][T11269] loop6: detected capacity change from 0 to 64 [ 1304.282796][ T778] usb 5-1: config 0 descriptor?? [ 1304.323649][ T778] ssu100 5-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected [ 1304.664341][T11283] netlink: 8 bytes leftover after parsing attributes in process `syz.6.16972'. [ 1304.749213][ T778] ssu100 5-1:0.0: probe with driver ssu100 failed with error -71 [ 1304.798994][ T778] usb 5-1: USB disconnect, device number 53 [ 1305.632575][T11324] netlink: 4 bytes leftover after parsing attributes in process `syz.3.16991'. [ 1305.775576][ T5959] usb 5-1: new high-speed USB device number 54 using dummy_hcd [ 1305.807554][T11328] netlink: 8 bytes leftover after parsing attributes in process `syz.5.16993'. [ 1305.821378][ T9399] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 1305.832235][ T9399] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 1305.848616][ T9399] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 1305.857100][ T9399] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 1305.865045][ T9399] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 1305.875030][ T9399] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 1305.884464][ T9399] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 1305.903000][ T9399] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 1305.911542][ T9399] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 1305.921860][ T9399] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 1305.946148][ T5959] usb 5-1: Using ep0 maxpacket: 16 [ 1305.979069][ T5959] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1305.986352][ T9399] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.43 Device [syz1] on syz1 [ 1306.032168][ T5959] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1306.062662][ T5959] usb 5-1: New USB device found, idVendor=1943, idProduct=2255, bcdDevice= 0.40 [ 1306.085257][ T5959] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1306.130472][ T5959] usb 5-1: config 0 descriptor?? [ 1306.162352][ T5959] s2255 5-1:0.0: Could not find bulk-in endpoint [ 1306.168856][ T5959] Sensoray 2255 driver load failed: 0xfffffff4 [ 1306.213335][ T5959] s2255 5-1:0.0: probe with driver s2255 failed with error -12 [ 1306.322622][T11333] fido_id[11333]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 1306.361591][ T5959] usbhid 5-1:0.0: can't add hid device: -71 [ 1306.384390][ T5959] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 1306.440832][ T5959] usb 5-1: USB disconnect, device number 54 [ 1306.650107][T11355] loop6: detected capacity change from 0 to 256 [ 1307.188567][T11349] loop5: detected capacity change from 0 to 32768 [ 1307.228540][T11349] XFS (loop5): Mounting V5 filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 in no-recovery mode. Filesystem will be inconsistent. [ 1307.281521][T11383] loop4: detected capacity change from 0 to 16 [ 1307.312649][T11383] erofs (device loop4): mounted with root inode @ nid 36. [ 1307.434068][T17493] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1307.810783][T11400] loop5: detected capacity change from 0 to 128 [ 1307.929104][T11405] netlink: 'syz.6.17026': attribute type 1 has an invalid length. [ 1307.970530][T11405] netlink: 'syz.6.17026': attribute type 3 has an invalid length. [ 1308.005484][T11405] netlink: 224 bytes leftover after parsing attributes in process `syz.6.17026'. [ 1308.158208][T11411] loop4: detected capacity change from 0 to 1024 [ 1308.168029][T11411] EXT4-fs: Ignoring removed nobh option [ 1308.177872][T11411] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1308.256350][T11415] hugetlbfs: Bad value 't' for mount option 'size' [ 1308.256350][T11415] [ 1308.266908][T11411] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #11: comm syz.4.17029: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 1308.301052][T11411] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.17029: couldn't read orphan inode 11 (err -117) [ 1308.342661][T11411] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1308.441800][T11411] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.17029: Invalid block bitmap block 0 in block_group 0 [ 1308.476456][T11411] Quota error (device loop4): write_blk: dquota write failed [ 1308.506267][T11411] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 1308.530716][T11411] EXT4-fs error (device loop4): ext4_acquire_dquot:6948: comm syz.4.17029: Failed to acquire dquot type 0 [ 1308.608922][T11427] netlink: 'syz.3.17036': attribute type 3 has an invalid length. [ 1308.640495][ T9399] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 1308.700870][ T5853] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1308.834119][ T9399] usb 7-1: Using ep0 maxpacket: 8 [ 1308.840930][ T9399] usb 7-1: config 0 has an invalid interface number: 56 but max is 0 [ 1308.873902][ T9399] usb 7-1: config 0 has no interface number 0 [ 1308.879198][T11437] loop5: detected capacity change from 0 to 64 [ 1308.912583][ T9399] usb 7-1: New USB device found, idVendor=0b48, idProduct=3007, bcdDevice=4f.64 [ 1308.946189][T11437] [ 1308.948693][T11437] ====================================================== [ 1308.955740][T11437] WARNING: possible circular locking dependency detected [ 1308.956275][ T9399] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1308.962792][T11437] syzkaller #0 Not tainted [ 1308.962806][T11437] ------------------------------------------------------ [ 1308.962815][T11437] syz.5.17042/11437 is trying to acquire lock: [ 1308.962827][T11437] ffff888059012e78 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}, at: hfs_extend_file+0xda/0x1540 [ 1308.999370][T11437] [ 1308.999370][T11437] but task is already holding lock: [ 1309.006768][T11437] ffff8880554420b0 (&tree->tree_lock#2/1){+.+.}-{4:4}, at: hfs_find_init+0x18e/0x300 [ 1309.007177][ T9399] usb 7-1: Product: syz [ 1309.016323][T11437] [ 1309.016323][T11437] which lock already depends on the new lock. [ 1309.016323][T11437] [ 1309.016336][T11437] [ 1309.016336][T11437] the existing dependency chain (in reverse order) is: [ 1309.016345][T11437] [ 1309.016345][T11437] -> #1 (&tree->tree_lock#2/1){+.+.}-{4:4}: [ 1309.016389][T11437] lock_acquire+0x117/0x350 [ 1309.035371][ T9399] usb 7-1: Manufacturer: syz [ 1309.040027][T11437] __mutex_lock+0x187/0x1350 [ 1309.040057][T11437] hfs_find_init+0x18e/0x300 [ 1309.057572][ T9399] usb 7-1: SerialNumber: syz [ 1309.057774][T11437] hfs_get_block+0x51b/0xbd0 [ 1309.068603][ T9399] usb 7-1: config 0 descriptor?? [ 1309.072640][T11437] block_read_full_folio+0x29f/0x830 [ 1309.088682][T11437] filemap_read_folio+0x117/0x380 [ 1309.091772][ T9399] dvb-usb: found a 'Technotrend TT Connect S2-3600' in warm state. [ 1309.094271][T11437] do_read_cache_folio+0x358/0x590 [ 1309.107895][T11437] read_cache_page+0x5d/0x170 [ 1309.113133][T11437] __hfs_bnode_create+0x4bb/0x960 [ 1309.118726][T11437] hfs_bnode_find+0x211/0xce0 [ 1309.120567][ T9399] pctv452e: pctv452e_power_ctrl: 1 [ 1309.120567][ T9399] [ 1309.124050][T11437] hfs_brec_find+0x172/0x510 [ 1309.124085][T11437] hfs_brec_read+0x24/0x110 [ 1309.141527][T11437] hfs_cat_find_brec+0x15c/0x3f0 [ 1309.147112][T11437] hfs_fill_super+0x4ae/0x6a0 [ 1309.152346][T11437] get_tree_bdev_flags+0x40e/0x4d0 [ 1309.153318][ T9399] pctv452e: pctv452e_power_ctrl: Warning set interface returned: -22 [ 1309.153318][ T9399] [ 1309.158003][T11437] vfs_get_tree+0x92/0x2b0 [ 1309.158032][T11437] do_new_mount+0x302/0xa10 [ 1309.178250][T11437] __se_sys_mount+0x313/0x410 [ 1309.183492][T11437] do_syscall_64+0xfa/0xfa0 [ 1309.185677][ T9399] dvb-usb: bulk message failed: -22 (5/0) [ 1309.188540][T11437] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1309.200687][T11437] [ 1309.200687][T11437] -> #0 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}: [ 1309.208346][ T9399] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 1309.209925][T11437] validate_chain+0xb9b/0x2130 [ 1309.224429][T11437] __lock_acquire+0xab9/0xd20 [ 1309.229670][T11437] lock_acquire+0x117/0x350 [ 1309.233829][ T9399] dvbdev: DVB: registering new adapter (Technotrend TT Connect S2-3600) [ 1309.234719][T11437] __mutex_lock+0x187/0x1350 [ 1309.248169][T11437] hfs_extend_file+0xda/0x1540 [ 1309.253518][T11437] hfs_bmap_reserve+0x107/0x430 [ 1309.254976][ T9399] usb 7-1: media controller created [ 1309.258914][T11437] __hfs_ext_write_extent+0x1fa/0x470 [ 1309.270031][T11437] __hfs_ext_cache_extent+0x6b/0x9b0 [ 1309.272451][ T9399] dvb-usb: bulk message failed: -22 (8/0) [ 1309.275871][T11437] hfs_extend_file+0x31e/0x1540 [ 1309.275905][T11437] hfs_get_block+0x3d7/0xbd0 [ 1309.275927][T11437] __block_write_begin_int+0x6b5/0x1900 [ 1309.292776][ T9399] pctv452e: I2C error -22; AA 01 A0 01 14 -> aa 01 31 04 a0 01 14 [ 1309.298225][T11437] cont_write_begin+0x78c/0xb50 [ 1309.311515][T11437] hfs_write_begin+0x66/0xb0 [ 1309.316756][T11437] generic_perform_write+0x2c5/0x900 [ 1309.322601][T11437] generic_file_write_iter+0x117/0x550 [ 1309.328627][T11437] vfs_write+0x5c9/0xb30 [ 1309.333427][T11437] ksys_write+0x145/0x250 [ 1309.338324][T11437] do_syscall_64+0xfa/0xfa0 [ 1309.343382][T11437] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1309.345929][ T9399] dvb-usb: MAC address reading failed. [ 1309.349829][T11437] [ 1309.349829][T11437] other info that might help us debug this: [ 1309.349829][T11437] [ 1309.349849][T11437] Possible unsafe locking scenario: [ 1309.349849][T11437] [ 1309.349857][T11437] CPU0 CPU1 [ 1309.349866][T11437] ---- ---- [ 1309.349873][T11437] lock(&tree->tree_lock#2/1); [ 1309.349906][T11437] lock( [ 1309.379473][ T9399] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1309.383810][T11437] &HFS_I(tree->inode)->extents_lock); [ 1309.383836][T11437] lock(&tree->tree_lock#2/1); [ 1309.415276][T11437] lock(&HFS_I(tree->inode)->extents_lock); [ 1309.421386][T11437] [ 1309.421386][T11437] *** DEADLOCK *** [ 1309.421386][T11437] [ 1309.429560][T11437] 5 locks held by syz.5.17042/11437: [ 1309.434871][T11437] #0: ffff88802f1749b8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x247/0x320 [ 1309.444092][T11437] #1: ffff888040c6c420 (sb_writers#20){.+.+}-{0:0}, at: vfs_write+0x211/0xb30 [ 1309.453129][T11437] #2: ffff8880590150a0 (&sb->s_type->i_mutex_key#43){+.+.}-{4:4}, at: generic_file_write_iter+0xeb/0x550 [ 1309.464540][T11437] #3: ffff888059014ef8 (&HFS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfs_extend_file+0xda/0x1540 [ 1309.475312][T11437] #4: ffff8880554420b0 (&tree->tree_lock#2/1){+.+.}-{4:4}, at: hfs_find_init+0x18e/0x300 [ 1309.480475][ T9399] DVB: Unable to find symbol stb0899_attach() [ 1309.485321][T11437] [ 1309.485321][T11437] stack backtrace: [ 1309.485342][T11437] CPU: 0 UID: 0 PID: 11437 Comm: syz.5.17042 Not tainted syzkaller #0 PREEMPT(full) [ 1309.485375][T11437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1309.485389][T11437] Call Trace: [ 1309.485399][T11437] [ 1309.485409][T11437] dump_stack_lvl+0x189/0x250 [ 1309.485447][T11437] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1309.485487][T11437] ? __pfx__printk+0x10/0x10 [ 1309.485514][T11437] ? print_lock_name+0xde/0x100 [ 1309.485539][T11437] print_circular_bug+0x2ee/0x310 [ 1309.485576][T11437] check_noncircular+0x134/0x160 [ 1309.485614][T11437] validate_chain+0xb9b/0x2130 [ 1309.485645][T11437] ? rcu_is_watching+0x15/0xb0 [ 1309.485668][T11437] ? lock_release+0x4b/0x3d0 [ 1309.485693][T11437] ? lock_release+0x4b/0x3d0 [ 1309.485719][T11437] ? look_up_lock_class+0x74/0x170 [ 1309.485741][T11437] ? register_lock_class+0x51/0x320 [ 1309.485771][T11437] __lock_acquire+0xab9/0xd20 [ 1309.485807][T11437] ? hfs_extend_file+0xda/0x1540 [ 1309.485832][T11437] lock_acquire+0x117/0x350 [ 1309.485863][T11437] ? hfs_extend_file+0xda/0x1540 [ 1309.485897][T11437] __mutex_lock+0x187/0x1350 [ 1309.485922][T11437] ? hfs_extend_file+0xda/0x1540 [ 1309.485948][T11437] ? check_noncircular+0xe0/0x160 [ 1309.485986][T11437] ? lockdep_unlock+0x89/0x120 [ 1309.486012][T11437] ? hfs_extend_file+0xda/0x1540 [ 1309.486039][T11437] ? __pfx___mutex_lock+0x10/0x10 [ 1309.486076][T11437] hfs_extend_file+0xda/0x1540 [ 1309.486108][T11437] ? __pfx_hfs_extend_file+0x10/0x10 [ 1309.486132][T11437] ? __pfx___mutex_trylock_common+0x10/0x10 [ 1309.486172][T11437] ? rcu_is_watching+0x15/0xb0 [ 1309.486194][T11437] ? trace_contention_end+0x39/0x120 [ 1309.486218][T11437] ? __asan_memset+0x22/0x50 [ 1309.486254][T11437] ? hfs_brec_find+0x1a7/0x510 [ 1309.486291][T11437] hfs_bmap_reserve+0x107/0x430 [ 1309.486322][T11437] __hfs_ext_write_extent+0x1fa/0x470 [ 1309.486352][T11437] __hfs_ext_cache_extent+0x6b/0x9b0 [ 1309.486378][T11437] ? hfs_find_init+0x18e/0x300 [ 1309.486412][T11437] hfs_extend_file+0x31e/0x1540 [ 1309.486439][T11437] ? percpu_ref_get_many+0x19/0x140 [ 1309.486481][T11437] ? __pfx_hfs_extend_file+0x10/0x10 [ 1309.486505][T11437] ? percpu_ref_get_many+0x19/0x140 [ 1309.486537][T11437] ? percpu_ref_get_many+0x19/0x140 [ 1309.486578][T11437] ? __lock_acquire+0xab9/0xd20 [ 1309.486611][T11437] hfs_get_block+0x3d7/0xbd0 [ 1309.486641][T11437] ? __pfx_hfs_get_block+0x10/0x10 [ 1309.486667][T11437] ? do_raw_spin_unlock+0x122/0x240 [ 1309.486694][T11437] ? _raw_spin_unlock+0x28/0x50 [ 1309.486732][T11437] __block_write_begin_int+0x6b5/0x1900 [ 1309.486761][T11437] ? __pfx_workingset_update_node+0x10/0x10 [ 1309.486804][T11437] ? __pfx_hfs_get_block+0x10/0x10 [ 1309.486831][T11437] ? __pfx___block_write_begin_int+0x10/0x10 [ 1309.486865][T11437] cont_write_begin+0x78c/0xb50 [ 1309.486901][T11437] ? __pfx_cont_write_begin+0x10/0x10 [ 1309.486929][T11437] ? __pfx___might_resched+0x10/0x10 [ 1309.486964][T11437] ? folio_unlock+0x101/0x160 [ 1309.486992][T11437] hfs_write_begin+0x66/0xb0 [ 1309.487015][T11437] ? __pfx_hfs_get_block+0x10/0x10 [ 1309.487042][T11437] generic_perform_write+0x2c5/0x900 [ 1309.487083][T11437] ? __pfx_generic_perform_write+0x10/0x10 [ 1309.487114][T11437] ? file_update_time+0x2da/0x490 [ 1309.487142][T11437] ? __generic_file_write_iter+0xf9/0x230 [ 1309.487172][T11437] ? generic_file_write_iter+0x103/0x550 [ 1309.487209][T11437] generic_file_write_iter+0x117/0x550 [ 1309.487243][T11437] ? __pfx_generic_file_write_iter+0x10/0x10 [ 1309.487289][T11437] ? __lock_acquire+0xab9/0xd20 [ 1309.487328][T11437] ? rcu_read_lock_any_held+0xb3/0x120 [ 1309.487352][T11437] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 1309.487383][T11437] vfs_write+0x5c9/0xb30 [ 1309.487411][T11437] ? __pfx_generic_file_write_iter+0x10/0x10 [ 1309.487444][T11437] ? __pfx_vfs_write+0x10/0x10 [ 1309.487484][T11437] ? __fget_files+0x2a/0x420 [ 1309.487522][T11437] ksys_write+0x145/0x250 [ 1309.487554][T11437] ? __pfx_ksys_write+0x10/0x10 [ 1309.487582][T11437] ? do_syscall_64+0xbe/0xfa0 [ 1309.487608][T11437] do_syscall_64+0xfa/0xfa0 [ 1309.487632][T11437] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1309.487657][T11437] ? clear_bhb_loop+0x60/0xb0 [ 1309.487684][T11437] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1309.487706][T11437] RIP: 0033:0x7fdadff8f749 [ 1309.487730][T11437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1309.487752][T11437] RSP: 002b:00007fdae0d8a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1309.487778][T11437] RAX: ffffffffffffffda RBX: 00007fdae01e5fa0 RCX: 00007fdadff8f749 [ 1309.487796][T11437] RDX: 0000000000001006 RSI: 0000200000002000 RDI: 0000000000000004 [ 1309.487812][T11437] RBP: 00007fdae0013f91 R08: 0000000000000000 R09: 0000000000000000 [ 1309.487827][T11437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1309.487842][T11437] R13: 00007fdae01e6038 R14: 00007fdae01e5fa0 R15: 00007ffcb55f7478 [ 1309.487871][T11437] [ 1309.622137][T11445] loop4: detected capacity change from 0 to 32768 [ 1309.629695][ T9399] dvb-usb: no frontend was attached by 'Technotrend TT Connect S2-3600' [ 1309.632603][ T5975] usb 1-1: new high-speed USB device number 67 using dummy_hcd [ 1309.795989][ T9399] rc_core: IR keymap rc-tt-1500 not found [ 1309.905246][T17493] hfs: node 4:3 still has 1 user(s)! [ 1309.909028][ T9399] Registered IR keymap rc-empty [ 1309.975194][ T5975] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1309.989525][ T9399] rc rc0: Technotrend TT Connect S2-3600 as /devices/platform/dummy_hcd.6/usb7/7-1/rc/rc0 [ 1310.005397][ T5975] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1310.022026][ T9399] input: Technotrend TT Connect S2-3600 as /devices/platform/dummy_hcd.6/usb7/7-1/rc/rc0/input107 [ 1310.048004][ T5975] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 1310.064770][ T9399] dvb-usb: schedule remote query interval to 100 msecs. [ 1310.076293][ T5975] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=67 [ 1310.081234][ T9399] pctv452e: pctv452e_power_ctrl: 0 [ 1310.081234][ T9399] [ 1310.089302][ T5975] usb 1-1: SerialNumber: syz [ 1310.112831][ T9399] dvb-usb: Technotrend TT Connect S2-3600 successfully initialized and connected. [ 1310.133636][ T9399] usb 7-1: USB disconnect, device number 11 [ 1310.180937][ T9399] dvb-usb: Technotrend TT Connect S2-3600 successfully deinitialized and disconnected. [ 1310.345511][ T5975] usb 1-1: 0:2 : does not exist [ 1310.356866][ T5975] usb 1-1: USB disconnect, device number 67