last executing test programs: 7m16.307909901s ago: executing program 1 (id=9650): r0 = fsopen(&(0x7f0000000240)='debugfs\x00', 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000280)='ip_vti0\x00', 0xffffffffffffffff, 0x0) 7m16.11989549s ago: executing program 1 (id=9654): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="800000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c000280050001000000000008000740000000011c0010800800014000000014080002"], 0x80}}, 0x0) 7m15.878695094s ago: executing program 1 (id=9658): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/vmcoreinfo', 0x0, 0x0) pread64(r0, &(0x7f0000000080)=""/75, 0x8e, 0x0) 7m15.768042045s ago: executing program 1 (id=9661): syz_mount_image$iso9660(&(0x7f0000000380), &(0x7f00000000c0)='./file0\x00', 0x204818, &(0x7f00000003c0)={[{@map_off}, {@check_strict}, {@overriderock}, {@map_off}, {@unhide}, {@iocharset={'iocharset', 0x3d, 'cp437'}}, {@map_off}, {@mode={'mode', 0x3d, 0x483}}]}, 0x1, 0x544, &(0x7f0000001000)="$eJzs3V9v01YfwPGfS/sQ5ZGqRw8TQlWBQ9mkIpXgJBAUceU5J+mBxI5sB7VXqKIpqkhhokxae8O4YZu0vQh2uRexd4T2EjbZTvqHJjHQv6u+nwjOiX3s8zup5Z/cxscCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADEcmu2XbSkabzOkhrNrQV+a/dtf+sDC+TWvmJMvyJW/E9yObmSLrry1e7qy/F/czKbvpuVXFzkZPu/l//34NLkxGD7MQF/lt+/cE+bW9vPV3q97qujCuQMunpx9LqG9kzom5bT0MqEvqpWKvadxXqo6qapw+Uw0i3lBtqJ/EDNu7dUsVotK11Y9jteo+Y09WDh/dsl266oh4W2doLQ9+48LITuomk2jddI2sSr4zb34wPxkYlUpJ2WUmvrvW45awBxo+KnNCplNSrZpVKxWCoVK/eq9+7b9uSBBfZH5ECLozto8e90hGdv4HAm+vlfmmLEk44siRr6cqUmgfjSGrG+b5D/v7mjx/a7N/8PsvyV3dUzkuT/a+m7a6Py/4hYTu61KVuyLc9lRXrSk668OvWITvbVEC2eGAnFFyMtcZIlqr9ESVUqUhFbnsii1CUUJXUx0hQtoSxLKJHo5IhyJRAtjkTiSyBK5sWVW6KkKFWpSlmUaCnIsvjSEU8aUhMn2cuarCefe1mUNSrGnUbFkcPID467rpTGjJb8j8M70vM3cBh/D/I/AAAAAAA4t6zkt+/x9f+UXE1qddPU9mmHBQAAAAAAjlDyl//ZuJiKa1fF4vofAAAAAIDzxkrusbNEJC/X09qaWMntUvwSAAAAAACAcyL5+/+1uEjmQLku1s50KVz/AwAAAABwTvycOcd+2L5o/fmXBMGU9ba99LW1kczN62xcSLe78PEeo/qMNd3fSVJU0mJy0tWzVi5ttDMJ5od+sZYVh7UbgLMTwI+fE8ClSflVbqRtbqym5epgTdpLvm6auuD6zQdFcZzpiUgvRd+/WP9BkuH/4rWmrZys97qFpy97q0ksb+O9vN3oT6B4YB7FMbG8TuZbSO65GDriqeRGjH6/eUvW1ntde+/4J9LNJ/b3+GZ6TJ/vZC5tNdef8Ta/f/y5uM9iYdTo+1EUDznyd3IzbXNz/mZaDImilBVFaW8Uwz+Lw0dRzoqifMgoAOC0rGVkIUsO5N0vOMt9WXaXz8zu72Q+bTM/k5xYJ2eGnNHtrDO6fcjs9seBZyCNyrFxv799lFXfxxu8H9lv2CxZ8Ud44fXGd3J5c2v79vrGyrPus+6LUqlcse/a9r2STCXD6BfkHgDAEHufsWMNzf+ZT+Gx7mZcVf9/5ysFBXkqL6Unq7KQ3G2QfONg6F7ze76GsJBx1ZpP0mT6hJeFMVd1/0nuchjstzS27f4YyifwkwAA4OTMZeThT8n/CxnX3ftz+fir4/yep7UBAIDjoYMPVj76yQoC035SrFaLTrSoVeC7j1Rgag2tjBfpwF10vIZW7cCPfNdvxpXHpqZDFXbabT+IVN0PVNsPzVIyfaDqP/o91C3Hi4wbtpvaCbVyfS9y3EjVTOiqdufbpgkXdZBsHLa1a+rGdSLjeyr0O4GrC0qFWu9paGrai0zdxFVPtQPTcoKceuw3Oy2tajp0A9OO/HSHg76MV/eDVrLbwml/2AAAnBGbW9vPV3q97qtjrAztOHfiQwUAAH0ZWRoAAAAAAAAAAAAAAAAAAAAAAJwBJ3H/H5VzXhlMBX1W4qFyBJXMU8ebYz85AThW/wQAAP//rVVPjw==") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0) 7m15.468691645s ago: executing program 1 (id=9665): r0 = syz_open_dev$vbi(&(0x7f0000000080), 0x3, 0x2) ioctl$VIDIOC_G_PARM(r0, 0xc0cc5615, &(0x7f0000000300)={0xa, @capture={0x0, 0x0, {0xd03d, 0x2}, 0x5, 0xfffff071}}) 7m14.830816799s ago: executing program 1 (id=9670): r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$SOCK_DIAG_BY_FAMILY(r0, &(0x7f0000001500)={0x0, 0x0, &(0x7f00000014c0)={&(0x7f0000001540)=ANY=[@ANYBLOB="180000001400010000008000000000001e"], 0x18}}, 0x0) 7m14.339917268s ago: executing program 32 (id=9670): r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$SOCK_DIAG_BY_FAMILY(r0, &(0x7f0000001500)={0x0, 0x0, &(0x7f00000014c0)={&(0x7f0000001540)=ANY=[@ANYBLOB="180000001400010000008000000000001e"], 0x18}}, 0x0) 2m24.197186487s ago: executing program 3 (id=13666): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000200)={0x5, 0xa, 0x0, "0200", 0x35315258}) 2m23.959432691s ago: executing program 3 (id=13670): r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SDTEFACILITIES(r0, 0x89eb, &(0x7f0000000840)={0x6, 0x8, 0xfff, 0x4, 0x70, 0x13, 0xfd, "21b836f5d1790dd10a5f00000900", "f674ba39fc2c6ebaa4c70200005600"}) 2m23.747305453s ago: executing program 3 (id=13673): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x44, 0x10, 0x609, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88a8ffa7}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_PEER_NOTIF_DELAY={0x8, 0x1c, 0xa}, @IFLA_BOND_MODE={0x5, 0x1, 0x4}]}}}]}, 0x44}}, 0x0) 2m23.362105522s ago: executing program 3 (id=13681): r0 = syz_open_dev$vim2m(&(0x7f0000002c80), 0x3, 0x2) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000002dc0)=@userptr={0x2, 0x1, 0x4, 0x0, 0x1, {}, {0x1, 0xc, 0x9, 0xc, 0x6, 0x8, "bf240fef"}, 0x5, 0x2, {0x0}, 0xf6e0}) 2m23.105684137s ago: executing program 3 (id=13685): syz_mount_image$squashfs(&(0x7f0000000200), &(0x7f0000000000)='./file0\x00', 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="005901e3fd18fb9c322293c67dcde48bfeffd1843c336e09b34af65ad26aafded7da5cfeeda2b8d8d900c2195f00f646f699eeb47813177405a6a6baf786c0d14f2079a9efa9db8973bcca25eb2973856c6760a483c41d0980c78a4cb096a5affa6b980600000000000000a1eacd2c820176737d4eb55dca564820dd769d8742f6d9ab243775a67afcdf845f978e95365cdf6f30aa43423b381881433e00ccbe6353b21300d8f0ca972589398eef9487db78486fcf174990c488031f8b39cc01bb509f3ea4bcde33d4c9e305ecb4dd88204c5d7bb5e469cabfda0feca3ce70c0acbc34d13e5a5c796eab23abfe3b717834f8e9d7120e1e925c4e210b4152c75210b3e979fbe8ddf23eef2d53733209b22206e0a4afc354c33d7ca2a00116a14d686e4aa86b6ec6a4130178c3ad8c723c0d8506bd7bff780000000000000000004b2ec61cfde813cc124715aaaf5508b93d8cf0860042108b660b74f94b1e4851eeec09fdb7a617eabeeeff8ce8bb99f4b1f9c2896cf31e19c3c24155b0ea7dc3cae1b56acb1946830cad94af3f1caf43ea03b38fc08a7e19480e283a4c0d", @ANYRESDEC, @ANYRESHEX, @ANYRESOCT, @ANYRES16, @ANYRES8, @ANYBLOB="eae535d4c5cd41b584d3bdb8d3fb3e37666220165c8aec9c235bc9af137d4058a50551a5b228bbbcf6cd1275ef3732adfeaebdf711988cbe9d1da671f8bbaac371392e227f548006163fc9aaf3d55e97410ccacb7df3444c03ac4170da3fbc69ae1c8a590318a7a33a774debbcc54bb6d6025bc65458b94791d5a8bcd898b75cce569e2c6fd55928c5084aab22c8196fb436916cff76302fd8c4b69ca674271f5db630ffad103ad9286287759d0d5470d0b54f701a713e8803665b87799065f31bb0cff21d9c109c1fbfffb640facdacd569f158f694c34ffb4c405b186aa90e8be7b47c56e6e439ae953605d89c131c711ff56f0adb96e5ee0d269b4cfc9d089794f60bdd06e845b5ffdccfefee032ecfd92f6cba5920130f685e807f88de4a2e595ea37f39a92dcbaeb2de15dab62a5a199d4666578eb1707e88ebb0b98140fdb62d60005fd6721f18a2054b2ba2ed308813164f8dbc7e1d26a11a707adc6978a25cca2fca5d62e51794447f656b92f8372ebf98934a0bc057b901080da81ef02ccfa18a29c9b82c90fd38eb554b83428948f3608cd8fd5845bed25a0d96b146f09bd4cce20efc1ecc7bf64bd88e7a460b372a298cb776eb1d78cc334da71dc6056b2d1119cdad3af9092a42c184e9d487076399f0be65a442fdc06901089e6b5178ecb57aa4b98ff1f538696e8510551dbb5cbd36b125efa2a3e719f22b96eeec80a178dae9c894a7dd170419c33817baedfc132cde868a1c55192b9c8a332772fc40fed9f6fee1aea0e2001752caeb58afb55ea7c421cd0eb5e6ea301f8e2f6b68484849f5d3e7bd1b4aa865d2cd049dfc773bb4281f5f8dd2a3f1563c8cd3655dd9e391424151dadf7415afb242cb99b9b9541b6780beafc6a8c2c0bd109749dde1e8535040d8d2cda8393abaa6cdae24e13917e867d6d301f6f39619bcbd70acc747e093ef3c22f0b1a8b8a4d8bd11bc19c7102e11a8603d563507423c96d1653a42d02ff1ee390934927f037d2022cbbf86cb605e82e2b6e2c2fa1d523f72b47738f318836defed1f898271bdd4fcbe7863e5aa7c7e468d9bad908de3c6851c696df710da87771840f46e63fc4c3d5d9b13b663ed2fef2e56a8690cdee9e6ac0a9824c9fe458ad29614f9485f9c18caf2d5c229f24a220ab84daa26ddb2a0d4059b43e073b703148d82fe4d91ae24db7224df2ee4e10d596846466d6a62faa9da7d24f9dd1e3b5cc291f4840b6603d1173204a452a9b05a5efcf4f9e09c2a3c38f2fd49322e718ddc8278ea182a359043387705c0be61be7e62ba7bb85dfa0f24400f89087f78d84d2296844944d186fb55045eb016dd3d602c85211d7b19dbebe3247313283da5bcbba09a3a74c590fdce8cdbef49a73b11413a9df4aaefc356e94f838cef801ba2380d7e5fdc8865140311f071c82bc1482c2033b8ad70d08a5a71e1c949f93cd8743b0bd4eefdaf45f5246efcf800444c8e9b8c2a01b76b6eb4e0639ee7381971172c53e165f14946fb56896e40424a3b981d97b4b01504806d797bb9e3405a7326d2ba7bfa6efc923c4c68d0165aea2d80ae953c7e2ec6534d0da7c28bbe255d81097e84254ff7bd065caa84fa7455885e1b28ab7d6243d0f02903860049935a764ebfe5384bdf9ae0b71f1641e457780da2071a84937dd88d2e4aec7ddaab66e335887f555a724ad9692ee996521ccaa35e2358aea1ab6a8c9845af8af552520fdec7ecb635d230074aa532c3efe6677c79b1328451a779501eccb4c11750744cfce16ba2ced0fc6dd2b75a5ff1770f3851c93bcf8850adf496012d94b8dd6a00d1f9f0c96989979b89838a29875072e0b678a2a55338f21625165c350134d7cb9119ac4dcc77f13a153fe6819d1bdc6b357e93531a68813913daf65d2e62d4bd09da6bb16e8d686518f6faff70dc0804b4b6810117d8698a4d27f0482f9adf9be3aae179dbcad90ab1fbd6b1ba15cdc78ee7686bd15a8fe1cf5af00fcc0a6981a77ac5c3485518921a1b4ea90b02e0059c2c71850d517bddc12bd61a5571da765a34b53e5f06a2b8bb122bf9d642f1ad50a0eb7afe34ef6fd2474d25f314adbf276a895b80b8de6e31eaee5fe4544f4709bf6416f26ec52d517dd3a350cb68df6791dc671495e0f056de8b158095b32ec8b43f65b1f3110cf7da37d2383e99a5bd9a0e0d5684a5b15246170bd11909ef22ee740aa5556dbc0f9dacc8ce440c137bf0ec673651067ef1146004701376116986c49b10226141bea12f679c3f53eaea945b1bb92e6c922a85a2221f768ff4f1c188dc82f9e8d947e140f43c4950430f88a47fb15dcd8ef8491ff08d7b287b280eab99e44a7fba6d4fe20fcb2c2cfa1a6f4d59b51755e66a3d9a325a08a286185c2bdac8c8c2910ed3ff8e047f28b2bf1827e0829f8ec8459241300583f1880c96b2e405b253af5f7e9ee91e34c3fa2cd5c53a71bc3b4b1a5741c17a7b73c8e7d3e8ec9e51a90772b8eb38f23fcb9e07eff8b0f68d4f7d4d68bfb8fbc8d90be681166fe5ed220e3a425c65c0e678e8b7470a99d7fccc7a3be07189ee02e1f8c81549b0b8c0113ef602d10d5d2429e8b60fa5aaddd55cb86141609bae35c185c5ad743d0fb0a1244ba6d67755e46073f3d428926c0d9033f8180120deab78a4b42664e36b6723039457195bff897760ede28bf2661a95715dd20bc744ae2a06bcb12ef8b7a373f3a5557f20256446ba95d45b7810d68494f954d1802aa8986279adc368c2365168c0619bc8952ec6ac60840d9968302edb8809d36f6b0c83dc6941193fb8eb2adcef36db70cbe51fd533ee108eaedebc05ab363058feecfb51e294419695019d0ba50a660ecbe3fd1b43ac973141b7e4c423c062f63ad24468ca79740502716b10a823821429d53f34409cc0757587a5de21663c33a8b194c988a3c209cec76b9fc18805649d9cc109635271c968972f4328e561b562ad6c32a71b269718a303ae3635e5b06717152817a11589d3efa0f803d7bb560c08132827333ada867d1a870e2feb3a5e7851363fc333bb681018764aab63eb740978994f62ec3147d4d6a40e099ada0c50c1a5f6a8196549be226508055aef349c76af40596f6c9b7217423628bb6dc07d9382f6d4c87c962ec97bee6384ba3e2522b76ee8619093500a75bcc8fd0fb9bb5093650ec0ca9c867a22260e2668ecf46047e3df87f5d82d992a558e45fb852be616c030edf6aeeae70848403dc1166e6a16776e8660f90449f297224f667563850480f259f6a59039b1a3ea5488971b5e4bcbf380c527c937055dbf4f5a676bacc09f4dde33c50a1286f6024980df1064a9dc4b3f101b129fa1fc141e54f52d4b7322a0cb1c2567205016f5ede0794122fcaa2d11fa77f5fddb3a5f3c7b3d85f0cb6f32cd11d752f755687fb8d93d40711a4c8873ec7c794f0f781bb9c10f9df22fa8f40cca06a48c37e66ea4480fcdd686526be62915ebe36e0bdf7dafd3940f698469ecdc792ca6105a37499a19382247a85bb734e4ba325dd307be8444b5860f99f9dbc7aa28c26747c89041bde3c10c459406786e10792078a52f4bcc32aff61b3f5798cb5dc2927f260f70a41d8e5fc38498b02d0053a86ae408d2efdc1aca9a8508ef9128dfd1fc6a92ba72f940ee469a3111e2cf6c28e77e5a206db6f09139db812fa4e4cfe33c8d184e4763bd8e54e0e473346215b8905d101463dd2ca855747c81c7ffd6c2625e0b59273a9516ec96a5cd8d9078c974980a16b6b87563986ba287821cd41f417792e42dd24e796e313b9cd943f1b9dd6ee35676ff4ad46dbd52db83abbc78f5dad11b6e7bd09a4ace8c246d0a52c36dcb1f0c6025f6ed2868f4b918b6e4e645c63689b7e7bc369dbe44725993b3b43f4572a7136b6e610adc161f45fc307c0937f2338ebc4fd571852b229b80ccd071e1a29c927f88b8b45efa503691758125d29463e742e2ef508babf30ae39ff8bb3a94cfee379f84348c002fdef77b410bee9f47f8119388b3fc159b409b9d9c9af97a4b75c38ca5fc0665cd975df293370de64714cefdd470c1d05a5d3e0f257182889d7a2d797ebf42d6935d1c6b5ef8cd1e2783cef3a316dbd4768510f26ee5b1c481bcac3e1608458d4b5ec6411cb3c921a131140440561931ca51b92231de91d1f950d992eec74c6500a6ecc9e8bc26eec367dba82720accd6dee234db88c132ec649baeef23a16ebb18c8e5b68b95aac984d8322a01b39636baf16911e458242730ea8b22c686bd01bc451e91c34f81fafe88485bbe97ec99299940ca897c3f802d080ecf8ca7e5032c728b8b33f162ab26a6805db239b88103c19ff8160a28268f8f7ac66593c67251fb0f3fa3004d5ad08107f48e0ecc1e4e910554f49ca72e3fd7e212d828fc3c0c40203e4642a3a372f36cfd13a037fd4dd107d6b386659b379c4c41813c8599cb71fd08e4b80f22dbb088d3d0257f30493b1c4d54201a00e049d998d291ecb659e65e2eed9776b367afc9b84b03957701bcbef289b0eea8e5722a63e1bd748d5af209c5ebff7df185d0d68e7ceabbf9a63bba55946cd3b52a09383fd9b9d2d956dc4e5af16986c5600dfd0db89e0e478420557d001c3716350c3e6ba0bbec1e5888435d296d8666f455d22205ea407a95eb60bc68a184e95ae3259f3783c594d3e550c018369df677ea11a37c757a3bd3c19eb257f5e228ad760562e431754a0c620004548962c3a4fb42d49259dafc1b9d365323fa2ace81876728a24f70b06e1198d5f863bfd00a04d5393b3adb15f4191d374c607c7ccb6b7ef84303454b6655392a23dccca41f55cb314a3bfbb637f57178cc9df4fe0645a8dc1ca0386d1fb0ff2cfc3e149991f97264d893fba0b013c027ce753c3e1f907a2988b1507eecd0e5e26368155ff5c55f616ffec31a613be450ee048955a46d68c272aa53f1db6ce199e2765f4be20933799d96f13b3a65f33cb60da1929023ff5d820172c423f83210a992264a37854033cd43c88129fabb5146367d2b748d84be96dc3a4ad95279ec7ed78dcb57056597a9f46a948708b0e9915b22f28216d94554db2082f4b9782a5802bf6700ef9017168a68304b6573f46c78a0a3be302e096b4f5b87313a2ef9a2b5f51956d9e315b08ee89a59aeec225227f3ece808c451e1103df7887f944138af1b93235bc93121fb84591d065d5f245c035c238a1c30d510be5db14725148919e8d57f1e3a36ead8be870e2505e3c9935c4461741c4a8dc4dff7e0e042167a7228bf218c9d8dd9c0be9e5ff4a79968d8f34cfc3206e0ade5889e9c5e44c918ed3755063d4148e7f1da9d2ce7aa45b9fc873f85cb92160b8a4d5b219884d0c43cc1194259ec4a6127887470d2fabbc1983b1bcc51e931f131d1238333c09740b43802fc5b1c01a942c5d08693b81e59429cb7d49f454f517cddc160d563a243182083008f2481e35312b4b35a2688468f18f4733f4b40d2f298c0b88ec2ad51e2efa509905233e3bbb9e172a1e697ab379f500c8c791aa97623bc8faa7f0468e02e6bc6f9bc40c75b4c01b92731fc371ad7c90928bead62a74580bb2d0aa1d8972fa857766ebe8aa00cd9eae79a591ea3e87a5ce636dc865b992c98a6fafe478973665936ad477558dac400fe179e86e6fef41aa074d0812f0c14f3992edb76358d02a2b763512ca9abc0940dd711670deb4d9abf196de9106efa5e1c14a673de86193908206ab9f72afd6ef1b05355f06ad0b9bc83750bb196654566b56e13e6e820d12bc34920b45c3"], 0xfd, 0x200, &(0x7f00000002c0)="$eJzskr9rFEEUx7+zO3fuaUIOORBFEDVoLJLbbDT+KBRsDCoIohADgsfdJS5u/JE90DsOXKsUNoIiJIiFIElhIf4DLqiN2CgEuxBJnSKFjSSsvNm3mwnY28ynuO/NvLfvve/M3A4fhDsAbK5360AZhEQF338JSAAHhNpCw07VYb3MWuT4BSvVmPUP6+bJzvgEIPxDy6NWvKdxUJTRU/n9dQV19N3E6deX3v24WnixtHvt7UfKv3i9/QHiaKPvzav3z87P9ary4saEXseO9887VAjA843x5RW5165ktfxoiVoXkPFyEsKddwAMfR6cO+v2PrW4Ztju3KkFQXMmPPfEwppq9XO9W6c/twAkBPsbA6DnkP1FzqG9fRK4BsBGkudIbFFtTd+vhu3OoD9dm2pONe963sioe9x1T3jVST9ouvQLcDf1OZ8gSI8BoGsq0QhCxXdRbINzdmI7VIfmivK496XE45fQrRe1qxs4jHRb65fZylQgZluOmgPKKlk+Ajrah5HQdvtVFQllbAwCNi+GpTZf2stRgaFP94LGLMgbf7YAmdcYXkUhX3j6YuRU5hCzrP3YujFigXWVNXvR2UuVqoLF73kgAop4VGu1kiR5jMUeXPmWRmhvxivm/8qRfmDUtWxvN3fG/setGAwGg8FgMBgMBsN/4m8AAAD//4Hjlpw=") open(&(0x7f0000000140)='./file2\x00', 0x0, 0x0) 2m21.987825479s ago: executing program 3 (id=13699): r0 = syz_open_dev$sndpcmc(&(0x7f0000000480), 0x1, 0x0) ioctl$SNDRV_PCM_IOCTL_STATUS64(r0, 0x80984120, &(0x7f0000000100)) 2m7.671642071s ago: executing program 33 (id=13699): r0 = syz_open_dev$sndpcmc(&(0x7f0000000480), 0x1, 0x0) ioctl$SNDRV_PCM_IOCTL_STATUS64(r0, 0x80984120, &(0x7f0000000100)) 1m7.313846283s ago: executing program 0 (id=14723): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={{0x14}, [], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x28}, 0x1, 0x0, 0x0, 0x4004804}, 0x4040000) 1m7.127301832s ago: executing program 0 (id=14726): r0 = socket$netlink(0x10, 0x3, 0x4) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000440)="580000001400192340834b80040d8c560a067fbc45ff810500000000070058000b480400945f640094272d5961d328b92d0000000000008000f0fffeffe809000000fff5dd000000100001000c0808004149004001040800", 0x58}], 0x1) 1m6.784213246s ago: executing program 0 (id=14730): r0 = syz_open_dev$evdev(&(0x7f000001fa80), 0x20000000, 0x0) ioctl$EVIOCSCLOCKID(r0, 0x40084504, &(0x7f0000ffcffc)) 1m6.54045355s ago: executing program 0 (id=14734): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x800700, &(0x7f0000000580)={[{@grpjquota}, {@stripe={'stripe', 0x3d, 0x3}}, {@norecovery}, {@noinit_itable}, {@init_itable_val={'init_itable', 0x3d, 0x1}}, {@minixdf}, {@usrjquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@errors_continue}, {@dioread_lock}, {@noblock_validity}, {@noquota}]}, 0x3, 0x465, &(0x7f0000000f00)="$eJzs3M9vFFUcAPDvzLYgP1sRf4CoVWJs/NHSgsrBi0YTDxhN9IDH2hZCWKihNRFCpBqDFxND1LPxaOJf4M2LUU8mXvVuSIhyAT3VzOwM7C67pYXtLnQ/n2SX92Ze+963b97Mm3m7BNC3RrK3JGJrRPwREUO1bGOBkdo/Vy+fnf738tnpJJaW3v47yctduXx2uixa/tyWIjOaRqSfJkUljeZPnzk+Va3Oniry4wsn3h+fP33muWMnpo7OHp09OXnw4IH9Ey++MPn8Mq3fuOI4s7iu7P5obs+u19+98Mb04Qvv/fJ91t6txf76ODplJAv8n6Vc3eYvs7cnO11Zj22rSycDPWwIq1KJiKy7BvPxPxSVuN55Q/HaJz1tHLCmsmvTMlfRxSVgHUtihcViZQWBu0V5oc/uf8tXl6Yed4RLL9dugLK4rxav2p6BSIsyg033t500EhGHF//7JnvFGj2HAACo9/n014fi2VbzvzQeqCu3vVhDGY6IeyNiR0TcFxE7I+L+iLzsgxHxUNuaNrTc2rw0dOP8J714y8GtQDb/e6lY22qc/5Wzv8pwpchty+MfTI4cq87uK/4mozG4MctPLFPHj6/+/kW7ffXzv+yV1V/OBYt2XBxoekA3M7UwlU9KO+DSxxG7B1rFn1xbCchu/XdFxO7V/ertZeLY09/taVfo5vEvowPrTEvfRjxV6//FaIq/lCy/Pjl+T1Rn942XR8WNfv3t/Fvt6r+t+Dsg6//Njcd/c5HhpH69dn71dZz/87O29zS3evxvSN7J+6U8q3w4tbBwaiJiQ3Iozzdsn7z+s2W+LJ/FP7q39fjfUUtsyt4ejojsIH4kIh6NiMeKtj8eEU9ExN5l4v/5lfb77oT+n2l5/rt2/Df1/+oTleM//dCu/pX1/4E8NVpsyc9/N7HSBt7O3w4AAADuFmn+GfgkHbuWTtOxsdpn+HfG5rQ6N7/wzJG5D07O1D4rPxyDafmka6jueehEslj8xlp+snhWXO7fXzw3/qqyKc+PTc9VZ3ocO/S7LW3Gf+avSq9bB6y5Vutoky3Xaxu+yAasA83jP23Mnnuzm40Busr3taF/3WT8p91qB9B9rv/Qv1qN/3NNeWsBsD65/kP/Mv6hfxn/0L+Mf+hLt/O9/n5OZKfMO6AZ1aGiH7tfe6S9jl1iLRKt/58mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9X/AQAA//9l+OT1") mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000200)='./file0\x00', &(0x7f0000000000)='ext4\x00', 0x800800, 0x0) 1m5.850762029s ago: executing program 0 (id=14745): syz_usb_connect(0x0, 0x3f, &(0x7f0000000540)=ANY=[@ANYBLOB="12010000a13de30840205029f1850102030109022d0002000000000904210001d553e5000905060500"], 0x0) ioctl$EVIOCRMFF(0xffffffffffffffff, 0x550c, 0x0) 1m4.94400552s ago: executing program 0 (id=14756): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="300000001800010000000000000000000a80000000000007000000001400010000000000000000000000ff"], 0x30}}, 0x20008000) 1m4.574054927s ago: executing program 34 (id=14756): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="300000001800010000000000000000000a80000000000007000000001400010000000000000000000000ff"], 0x30}}, 0x20008000) 2.361334893s ago: executing program 4 (id=15478): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000000)={'sit0\x00', &(0x7f0000000280)={'ip_vti0\x00', 0x0, 0x8, 0x10, 0x80000001, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0xfffd, 0x0, 0x0, 0x0, @multicast1, @loopback}}}}) 2.043424546s ago: executing program 4 (id=15484): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_int(r0, 0x29, 0x4b, &(0x7f0000000040), 0x4) 1.770000392s ago: executing program 4 (id=15488): r0 = syz_open_dev$I2C(&(0x7f0000000040), 0x0, 0x0) ioctl$BTRFS_IOC_GET_FEATURES(r0, 0x541b, 0x0) 1.766187883s ago: executing program 2 (id=15489): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000440)={@ipv4={'\x00', '\xff\xff', @loopback}, @mcast1, @mcast1={0xff, 0x5}, 0x0, 0xb, 0x0, 0x180, 0x401, 0x20c200a2}) 1.580005052s ago: executing program 5 (id=15491): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=@newlinkprop={0x80, 0x6c, 0x1, 0x70bd2a, 0xa5dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x10090, 0x1b040}, [@IFLA_LINKMODE={0x5, 0x11, 0x8}, @IFLA_LINKMODE={0x5}, @IFLA_IFNAME={0x14, 0x3, 'veth0\x00'}, @IFLA_TARGET_NETNSID={0x8, 0x2e, 0x3}, @IFLA_PROP_LIST={0x2c, 0x34, 0x0, 0x1, [{0x14, 0x35, 'syzkaller0\x00'}, {0x14, 0x35, 'bridge_slave_1\x00'}]}, @IFLA_PROTO_DOWN={0x4, 0x27, 0x5}]}, 0x80}, 0x1, 0x0, 0x0, 0x1}, 0x4000800) 1.579063162s ago: executing program 6 (id=15492): mbind(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x6002, &(0x7f0000000040)=0x3, 0x4, 0x0) set_mempolicy_home_node(&(0x7f0000ffc000/0x4000)=nil, 0x403f, 0x0, 0x0) 1.532275927s ago: executing program 4 (id=15493): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}]}]}, @NFT_MSG_DELFLOWTABLE={0x2c, 0x18, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xb4}, 0x1, 0x0, 0x0, 0x20002010}, 0x0) 1.449952665s ago: executing program 2 (id=15494): r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$PTP_PEROUT_REQUEST2(r0, 0x40383d0c, &(0x7f0000000200)={{0x2}, {0x2, 0x7fffffff}, 0x0, 0x7}) 1.341345796s ago: executing program 7 (id=15495): socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000014c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000000)=@file={0xd1653077bafa0114, './file0\x00'}, 0xa) 1.293590801s ago: executing program 5 (id=15496): r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) bind$rose(r0, &(0x7f0000000000)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, 0x3, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}]}, 0x1c) 1.213822258s ago: executing program 4 (id=15497): capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x0, 0x0, 0xffffffff}) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x2, 0x4, 0x0, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 1.190594561s ago: executing program 6 (id=15498): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="180200000000000000000000000000008500000053000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x45, 0x0, &(0x7f0000000100)="e02742e80f1c335a9782762f86dd", 0x0, 0x3fe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.083240141s ago: executing program 7 (id=15499): r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) getsockopt$WPAN_SECURITY(r0, 0x0, 0x1, 0x0, 0x0) 1.028313767s ago: executing program 2 (id=15500): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=@ipv4_newroute={0x30, 0x18, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, [@RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @MPLS_IPTUNNEL_TTL={0x5}}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x6}]}, 0x30}}, 0x0) 984.843151ms ago: executing program 5 (id=15501): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002540)=ANY=[@ANYBLOB="10000000040000000400000002"], 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x1f, 0xf, &(0x7f0000000700)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x7fffffff}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='syzkaller\x00', 0x7, 0xc0, &(0x7f00000020c0)=""/192, 0x0, 0x10}, 0x94) 931.942537ms ago: executing program 4 (id=15502): r0 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000300)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x118, &(0x7f0000000380)=ANY=[@ANYBLOB="d7ff004ecc"]) 846.770775ms ago: executing program 6 (id=15503): r0 = syz_open_dev$I2C(&(0x7f00000003c0), 0x0, 0x20000) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000240)={&(0x7f0000000200)=[{0x7, 0x1000, 0x0, 0x0}, {0x6, 0x2c01, 0x0, 0x0}], 0x2}) 779.442252ms ago: executing program 2 (id=15504): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x800448d3, &(0x7f0000000240)) 745.587655ms ago: executing program 7 (id=15505): r0 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2) ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205649, &(0x7f0000000100)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000580)={0x98f90d, 0x6, '\x00', @ptr}}) 724.752327ms ago: executing program 5 (id=15506): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000007900)={&(0x7f0000000680)=@newtaction={0x74, 0x30, 0x216822a75a8bdd29, 0x0, 0x0, {}, [{0x60, 0x1, [@m_skbmod={0x5c, 0x1, 0x0, 0x0, {{0xb}, {0x31, 0x2, 0x0, 0x1, [@TCA_SKBMOD_ETYPE={0x6}, @TCA_SKBMOD_PARMS={0x24}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x74}}, 0x0) 617.410658ms ago: executing program 6 (id=15507): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_ACCEPT(r0, &(0x7f0000000040)={0x8, 0x68, 0xfa00, {0x0, {0x3, 0x16, "c0b26ce24d51c647a216f3e53f3a4fc6c3b9d0f8b089e74fe9be219a857550d9d36dfe29bbb3810cc30cc4eabc742b52fe85c4209ab693f18d793c1b129a488c67ac33f5fedfb648235578633b6a18238453aa8482ea61dedf549d9617d35096c8b0247c86d7f4f93d408cf74fc1ebaac63abcf1c1a02080df38e31635cebae51161a888ea346d119d4d2cf02edb96f01a48b9eed20a74d392fa6635ba3818fab8191e1ec80e11e2171527950bb4f02b0bec47821fe1d35528c1bbe3a957bec438768d20d45eba85aa4215d0a1dff7e25c5eba372918427341f3408b2fcbb97c58a9a93a079aba44f9818b959a977e9fabc354a11ce0817195ddc53dd200", 0x80, 0x9, 0xef, 0x6, 0xe9, 0x10, 0x6, 0x1}}}, 0x128) 509.824139ms ago: executing program 2 (id=15508): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002280)=ANY=[@ANYBLOB="240000001900010000000000fbdbdf250a010900100012800c00f880080012"], 0x24}, 0x1, 0x0, 0x0, 0x5}, 0x0) 509.185709ms ago: executing program 7 (id=15509): r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000040)={'ip6gre0\x00', 0x0}) 441.660976ms ago: executing program 5 (id=15510): r0 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r0, 0x10d, 0x86, &(0x7f0000000000), &(0x7f0000000280)=0x4) 373.666202ms ago: executing program 6 (id=15511): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000001600)={&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000000)='=', 0x1, r0}, 0x68) 318.827518ms ago: executing program 2 (id=15512): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) lseek(r0, 0x400000000000000, 0x1) 279.687662ms ago: executing program 7 (id=15513): r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f0000000400)={0x1, 'veth0_to_batadv\x00', 0x4}, 0x18) 213.276879ms ago: executing program 5 (id=15514): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=ANY=[@ANYBLOB="200000006a00010000000000fbdb09000000000000000000080001"], 0x20}}, 0x4) 74.392982ms ago: executing program 6 (id=15515): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0xa}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}]}, @NFT_MSG_NEWSETELEM={0x60, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x34, 0x3, 0x0, 0x1, [{0x30, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x16, 0xb, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x9}]}}}]}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xe4}, 0x1, 0x0, 0x0, 0x4040054}, 0x24000050) 0s ago: executing program 7 (id=15516): r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.net/devices.allow\x00', 0x2, 0xc8) open_by_handle_at(r0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0c000000fe0000008000e9"], 0xa01) kernel console output (not intermixed with test programs): ] device hsr_slave_1 entered promiscuous mode [ 1357.940113][ T3438] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1357.969131][ T3438] Cannot create hsr debugfs directory [ 1357.987743][ T3523] netlink: 28 bytes leftover after parsing attributes in process `syz.5.13963'. [ 1358.003023][ T3523] netlink: 28 bytes leftover after parsing attributes in process `syz.5.13963'. [ 1358.215053][ T3529] binder: 3528:3529 ioctl c018620c 200000000080 returned -22 [ 1358.333546][ T3535] netlink: 12 bytes leftover after parsing attributes in process `syz.4.13969'. [ 1358.716134][ T3550] loop2: detected capacity change from 0 to 256 [ 1358.850894][ T3550] FAT-fs (loop2): Directory bread(block 64) failed [ 1358.866864][ T3550] FAT-fs (loop2): Directory bread(block 65) failed [ 1358.917102][ T3550] FAT-fs (loop2): Directory bread(block 66) failed [ 1358.927832][ T3550] FAT-fs (loop2): Directory bread(block 67) failed [ 1358.934510][ T3550] FAT-fs (loop2): Directory bread(block 68) failed [ 1358.972016][ T3438] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 1358.993846][ T3550] FAT-fs (loop2): Directory bread(block 69) failed [ 1359.000543][ T3550] FAT-fs (loop2): Directory bread(block 70) failed [ 1359.029710][ T3438] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 1359.048579][ T3550] FAT-fs (loop2): Directory bread(block 71) failed [ 1359.072451][ T3550] FAT-fs (loop2): Directory bread(block 72) failed [ 1359.079069][ T3550] FAT-fs (loop2): Directory bread(block 73) failed [ 1359.089637][ T3438] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 1359.120586][ T3438] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 1359.389592][ T3438] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1359.423336][T26329] Bluetooth: hci5: command 0x041b tx timeout [ 1359.498167][ T4396] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1359.530512][ T4396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1359.551168][ T3438] 8021q: adding VLAN 0 to HW filter on device team0 [ 1359.603652][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1359.612478][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1359.675888][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 1359.683133][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1359.747230][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1359.792028][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1359.810964][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1359.842860][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 1359.850074][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1359.951935][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1359.984070][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1360.019561][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1360.051206][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1360.072538][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1360.084279][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1360.099067][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1360.156252][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1360.165937][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1360.184897][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1360.198452][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1360.242600][ T3438] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1360.384341][ T3606] netlink: 6 bytes leftover after parsing attributes in process `syz.0.13999'. [ 1360.768768][ T3628] loop2: detected capacity change from 0 to 128 [ 1360.969953][ T3632] loop0: detected capacity change from 0 to 16 [ 1361.005562][ T3632] erofs: (device loop0): mounted with root inode @ nid 36. [ 1361.144967][ T3613] infiniband !yz!: set active [ 1361.173818][ T3613] infiniband !yz!: added team_slave_0 [ 1361.273272][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1361.309840][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1361.326665][ T3613] RDS/IB: !yz!: added [ 1361.367089][ T3438] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1361.367361][ T3643] overlayfs: missing 'lowerdir' [ 1361.403766][T26329] Bluetooth: hci5: command 0x040f tx timeout [ 1361.430308][ T3613] smc: adding ib device !yz! with port count 1 [ 1361.438896][ T3647] loop0: detected capacity change from 0 to 1024 [ 1361.441918][ T3613] smc: ib device !yz! port 1 has pnetid [ 1361.486257][ T3647] hfsplus: invalid catalog entry type in lookup [ 1362.683326][ T3677] dns_resolver: Unsupported content type (240) [ 1362.795203][ T4374] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 1362.828021][ T4374] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1362.892699][ T4374] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1362.915844][ T4374] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1362.949895][ T4374] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1362.978971][ T4374] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1362.985799][ T3657] loop5: detected capacity change from 0 to 32768 [ 1363.007396][ T3438] device veth0_vlan entered promiscuous mode [ 1363.055913][ T3438] device veth1_vlan entered promiscuous mode [ 1363.083427][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 1363.101835][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 1363.111078][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1363.121722][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1363.132529][ T3438] device veth0_macvtap entered promiscuous mode [ 1363.147728][ T3657] XFS (loop5): Mounting V5 Filesystem [ 1363.175401][ T3438] device veth1_macvtap entered promiscuous mode [ 1363.193976][ T3438] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1363.210196][ T3438] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1363.220734][ T3438] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1363.235327][ T3438] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1363.246237][ T3438] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1363.257518][ T3438] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1363.263155][ T3657] XFS (loop5): Ending clean mount [ 1363.267982][ T3438] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1363.283335][ T3438] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1363.293612][ T3438] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1363.304515][ T3438] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1363.316365][ T3438] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1363.329494][T26495] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1363.347986][ T3657] XFS (loop5): Quotacheck needed: Please wait. [ 1363.372748][T26495] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 1363.384685][T26329] Bluetooth: hci5: command 0x0419 tx timeout [ 1363.441403][T26495] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1363.457800][T26495] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1363.528584][ T3438] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1363.537302][ T3657] XFS (loop5): Quotacheck: Done. [ 1363.566224][ T3438] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1363.612211][ T3438] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1363.649766][ T3438] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1363.679592][ T3438] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1363.691579][ T3697] loop2: detected capacity change from 0 to 4096 [ 1363.705292][ T3438] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1363.716736][ T3438] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1363.759793][ T3438] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1363.764185][ T3697] ntfs: volume version 3.1. [ 1363.771303][ T3438] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1363.825213][ T3438] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1363.845834][ T3697] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 1363.850555][ T3438] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1363.887676][T26326] XFS (loop5): Unmounting Filesystem [ 1363.889667][ T3697] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x800 because its location on disk could not be determined even after retrying (error code -5). [ 1364.007810][ T3697] ntfs: (device loop2): ntfs_cluster_alloc(): Failed to map page. [ 1364.037697][ T3697] ntfs: (device loop2): ntfs_cluster_alloc(): Failed to allocate clusters, aborting (error -5). [ 1364.050853][T26495] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1364.081750][T26495] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1364.087996][ T3697] ntfs: (device loop2): ntfs_truncate(): Cannot truncate inode 0x43, attribute type 0x80, because the conversion from resident to non-resident attribute failed with error code -5. [ 1364.103358][ T3438] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1364.137374][ T3438] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1364.146156][ T3438] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1364.162320][ T3438] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1364.423626][ T4280] ntfs: (device loop2): ntfs_put_super(): Volume has errors. Leaving volume marked dirty. Run chkdsk. [ 1364.449968][ T4354] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1364.483179][ T4354] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1364.537256][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1364.575168][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1364.614081][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1364.695730][ T4374] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1364.713177][ T5325] usb 1-1: new high-speed USB device number 72 using dummy_hcd [ 1364.918255][ T5325] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1364.965769][ T5325] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1365.024192][ T3710] netlink: 'syz.5.14034': attribute type 1 has an invalid length. [ 1365.026217][ T5325] usb 1-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=69.cf [ 1365.088768][ T5325] usb 1-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0 [ 1365.097161][ T3715] netlink: 24 bytes leftover after parsing attributes in process `syz.4.14039'. [ 1365.116819][ T5325] usb 1-1: Manufacturer: syz [ 1365.145591][ T5325] usb 1-1: config 0 descriptor?? [ 1365.178162][ T5325] usb 1-1: Found UVC 0.00 device (18ec:3288) [ 1365.224323][ T5325] usb 1-1: No valid video chain found. [ 1365.252195][ T3719] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14041'. [ 1365.403279][ T1421] usb 1-1: USB disconnect, device number 72 [ 1365.831415][ T3740] No such timeout policy "syz1" [ 1366.224498][ T3757] netlink: 108 bytes leftover after parsing attributes in process `syz.2.14059'. [ 1366.379428][ T3764] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14063'. [ 1366.527372][ T3768] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING [ 1367.185741][ T1421] usb 5-1: new high-speed USB device number 79 using dummy_hcd [ 1367.249348][ T3796] loop5: detected capacity change from 0 to 128 [ 1367.328308][ T3796] FAT-fs (loop5): Invalid FSINFO signature: 0x41610000, 0x61417272 (sector = 1) [ 1367.351077][ T3796] FAT-fs (loop5): Directory bread(block 162) failed [ 1367.385896][ T3796] FAT-fs (loop5): Directory bread(block 163) failed [ 1367.392629][ T3796] FAT-fs (loop5): Directory bread(block 164) failed [ 1367.398113][ T1421] usb 5-1: config 220 has an invalid interface number: 76 but max is 2 [ 1367.427916][ T1421] usb 5-1: config 220 has an invalid interface descriptor of length 5, skipping [ 1367.433649][ T3796] FAT-fs (loop5): Directory bread(block 165) failed [ 1367.457846][ T1421] usb 5-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 1367.487768][ T3796] FAT-fs (loop5): Directory bread(block 166) failed [ 1367.491037][ T1421] usb 5-1: config 220 has no interface number 2 [ 1367.509788][ T3796] FAT-fs (loop5): Directory bread(block 167) failed [ 1367.516746][ T3796] FAT-fs (loop5): Directory bread(block 168) failed [ 1367.521514][ T1421] usb 5-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 1367.544312][ T3796] FAT-fs (loop5): Directory bread(block 169) failed [ 1367.556898][ T1421] usb 5-1: config 220 interface 0 has no altsetting 0 [ 1367.568522][ T1421] usb 5-1: config 220 interface 76 has no altsetting 0 [ 1367.583681][ T1421] usb 5-1: config 220 interface 1 has no altsetting 0 [ 1367.621145][ T1421] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 1367.633745][ T3796] FAT-fs (loop5): Directory bread(block 162) failed [ 1367.661001][ T1421] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1367.680797][ T1421] usb 5-1: Product: syz [ 1367.681084][ T1421] usb 5-1: Manufacturer: syz [ 1367.681103][ T1421] usb 5-1: SerialNumber: syz [ 1367.682718][ T3796] FAT-fs (loop5): Directory bread(block 163) failed [ 1367.684454][ T3796] syz.5.14079: attempt to access beyond end of device [ 1367.684454][ T3796] loop5: rw=3, sector=210, nr_sectors = 6 limit=128 [ 1367.684730][ T3796] syz.5.14079: attempt to access beyond end of device [ 1367.684730][ T3796] loop5: rw=2051, sector=216, nr_sectors = 2 limit=128 [ 1367.809125][ T11] FAT-fs (loop5): Invalid FSINFO signature: 0x41610000, 0x61417272 (sector = 1) [ 1367.906434][ T1421] usb 5-1: selecting invalid altsetting 0 [ 1367.920172][ T1421] usb 5-1: Found UVC 7.01 device syz (8086:0b07) [ 1367.936726][ T1421] usb 5-1: No valid video chain found. [ 1367.991500][ T1421] usb 5-1: selecting invalid altsetting 0 [ 1368.007480][ T1421] usbtest: probe of 5-1:220.1 failed with error -22 [ 1368.052305][ T1421] usb 5-1: USB disconnect, device number 79 [ 1368.343926][ T3828] ip6gretap3: default qdisc (pfifo_fast) fail, fallback to noqueue [ 1368.662471][ T3842] bridge5: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 1368.798375][ T3846] netlink: 48 bytes leftover after parsing attributes in process `syz.6.14104'. [ 1368.858991][ T3846] netlink: 8 bytes leftover after parsing attributes in process `syz.6.14104'. [ 1369.157046][ T5325] usb 3-1: new high-speed USB device number 55 using dummy_hcd [ 1369.256384][ T3862] netlink: 'syz.5.14112': attribute type 1 has an invalid length. [ 1369.350180][ T5325] usb 3-1: Using ep0 maxpacket: 16 [ 1369.366205][ T5325] usb 3-1: New USB device found, idVendor=1a0a, idProduct=0104, bcdDevice=dd.d4 [ 1369.417944][ T5325] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1369.442415][ T5325] usb 3-1: Product: syz [ 1369.450090][ T5325] usb 3-1: Manufacturer: syz [ 1369.462260][ T3868] netlink: 28 bytes leftover after parsing attributes in process `syz.5.14114'. [ 1369.471502][ T5325] usb 3-1: SerialNumber: syz [ 1369.478165][ T5325] usb 3-1: config 0 descriptor?? [ 1369.500415][ T5325] usb_ehset_test: probe of 3-1:0.0 failed with error -32 [ 1369.718815][T11803] usb 3-1: USB disconnect, device number 55 [ 1369.910023][ T5325] usb 5-1: new high-speed USB device number 80 using dummy_hcd [ 1370.091070][ T5325] usb 5-1: Using ep0 maxpacket: 32 [ 1370.098118][ T5325] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1370.128766][ T5325] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1370.157621][ T5325] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 1370.166825][ T5325] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1370.205011][ T5325] usb 5-1: config 0 descriptor?? [ 1370.211100][ T3885] ALSA: mixer_oss: invalid OSS volume '' [ 1370.225218][ T5325] hub 5-1:0.0: USB hub found [ 1370.355111][ T3876] loop0: detected capacity change from 0 to 32768 [ 1370.424403][ T5325] hub 5-1:0.0: config failed, can't read hub descriptor (err -90) [ 1370.432198][ T3890] netlink: 'syz.6.14126': attribute type 18 has an invalid length. [ 1370.463125][ T3876] ocfs2: Slot 0 on device (7,0) was already allocated to this node! [ 1370.509965][ T3876] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 1370.635713][ T5325] usbhid 5-1:0.0: can't add hid device: -71 [ 1370.642217][ T5325] usbhid: probe of 5-1:0.0 failed with error -71 [ 1370.720221][ T5325] usb 5-1: USB disconnect, device number 80 [ 1370.763289][ T4277] ocfs2: Unmounting device (7,0) on (node local) [ 1371.621031][ T3940] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14147'. [ 1371.710028][ T3944] netlink: 'syz.4.14149': attribute type 1 has an invalid length. [ 1371.739494][ T3944] netlink: 134744 bytes leftover after parsing attributes in process `syz.4.14149'. [ 1371.991306][ T3954] xt_ecn: cannot match TCP bits for non-tcp packets [ 1372.144054][ T3961] netlink: 'syz.5.14156': attribute type 4 has an invalid length. [ 1372.370727][ T3971] IPVS: length: 120 != 24 [ 1372.477230][ T3972] loop0: detected capacity change from 0 to 4096 [ 1372.596207][ T3972] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 1372.892698][ T4277] EXT4-fs (loop0): unmounting filesystem. [ 1372.932882][ T3990] netlink: 16 bytes leftover after parsing attributes in process `syz.4.14171'. [ 1373.089478][ T3996] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 1373.152657][ T3998] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14173'. [ 1373.190280][ T3998] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14173'. [ 1373.573924][ T4014] loop5: detected capacity change from 0 to 256 [ 1373.601968][ T4014] exfat: Deprecated parameter 'namecase' [ 1373.646700][ T4014] exfat: Deprecated parameter 'namecase' [ 1373.669897][ T4014] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d) [ 1374.155459][ T27] audit: type=1326 audit(1658.006:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4035 comm="syz.2.14192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7a78f6c9 code=0x7ffc0000 [ 1374.202308][ T27] audit: type=1326 audit(1658.017:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4035 comm="syz.2.14192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=5 compat=0 ip=0x7fda7a78f6c9 code=0x7ffc0000 [ 1374.281429][ T27] audit: type=1326 audit(1658.017:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4035 comm="syz.2.14192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7a78f6c9 code=0x7ffc0000 [ 1374.389048][ T27] audit: type=1326 audit(1658.017:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4035 comm="syz.2.14192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7a78f6c9 code=0x7ffc0000 [ 1374.587307][T15374] usb 5-1: new full-speed USB device number 81 using dummy_hcd [ 1374.656217][ T4054] netlink: 'syz.0.14200': attribute type 3 has an invalid length. [ 1374.715720][ T4054] netlink: 'syz.0.14200': attribute type 1 has an invalid length. [ 1374.796662][T15374] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1374.819218][T15374] usb 5-1: New USB device found, idVendor=0403, idProduct=fa78, bcdDevice= 1.ff [ 1374.848833][T15374] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1374.872757][T15374] usb 5-1: SerialNumber: syz [ 1374.881851][T15374] usb 5-1: config 0 descriptor?? [ 1374.911638][T15374] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected [ 1374.929319][ T4032] loop5: detected capacity change from 0 to 32768 [ 1374.938638][ T4064] loop0: detected capacity change from 0 to 16 [ 1374.946769][T15374] usb 5-1: Detected SIO [ 1374.958528][T15374] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 1374.985772][ T4064] erofs: (device loop0): mounted with root inode @ nid 36. [ 1375.106149][ T5325] usb 5-1: USB disconnect, device number 81 [ 1375.149288][ T5325] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 1375.182738][ T5325] ftdi_sio 5-1:0.0: device disconnected [ 1375.235151][ T4067] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 1375.250359][ T27] audit: type=1326 audit(1659.150:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4066 comm="syz.6.14207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd6d18f6c9 code=0x7ffc0000 [ 1375.313314][ T4067] bond0: (slave lo): Error: Device can not be enslaved while up [ 1375.330111][ T27] audit: type=1326 audit(1659.182:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4066 comm="syz.6.14207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=253 compat=0 ip=0x7fbd6d18f6c9 code=0x7ffc0000 [ 1375.438156][ T27] audit: type=1326 audit(1659.182:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4066 comm="syz.6.14207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd6d18f6c9 code=0x7ffc0000 [ 1375.520541][ T27] audit: type=1326 audit(1659.182:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4066 comm="syz.6.14207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd6d18f6c9 code=0x7ffc0000 [ 1375.758725][ T4083] netlink: 4 bytes leftover after parsing attributes in process `syz.6.14213'. [ 1376.575086][ T5325] usb 5-1: new high-speed USB device number 82 using dummy_hcd [ 1376.600444][ T4120] usb usb8: usbfs: process 4120 (syz.0.14230) did not claim interface 0 before use [ 1376.649130][ T4120] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 1376.760528][ T5325] usb 5-1: config 0 has an invalid descriptor of length 97, skipping remainder of the config [ 1376.796933][ T5325] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 97, changing to 7 [ 1376.822828][ T5325] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 24929, setting to 1024 [ 1376.874313][ T5325] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1376.937570][ T5325] usb 5-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94 [ 1376.975876][ T5325] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1377.005204][ T5325] usb 5-1: config 0 descriptor?? [ 1377.042279][ T4136] netlink: 64 bytes leftover after parsing attributes in process `syz.5.14238'. [ 1377.045093][ T5325] em28xx 5-1:0.0: New device @ 480 Mbps (2040:1605, interface 0, class 0) [ 1377.077890][ T4138] xt_addrtype: ipv6 does not support BROADCAST matching [ 1377.086452][ T27] audit: type=1326 audit(1661.082:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4139 comm="syz.6.14240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd6d18f6c9 code=0x7ffc0000 [ 1377.098621][ T5325] em28xx 5-1:0.0: DVB interface 0 found: isoc [ 1377.119672][ T4136] netlink: 64 bytes leftover after parsing attributes in process `syz.5.14238'. [ 1377.166749][ T27] audit: type=1326 audit(1661.114:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4139 comm="syz.6.14240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=38 compat=0 ip=0x7fbd6d18f6c9 code=0x7ffc0000 [ 1377.311204][ T5325] em28xx 5-1:0.0: unknown em28xx chip ID (0) [ 1377.382761][ T5325] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 1377.411176][ T4150] netlink: 68 bytes leftover after parsing attributes in process `syz.2.14244'. [ 1377.420600][ T5325] em28xx 5-1:0.0: board has no eeprom [ 1377.511203][ T5325] em28xx 5-1:0.0: Identified as Hauppauge WinTV HVR 930C (card=81) [ 1377.542279][ T5325] em28xx 5-1:0.0: dvb set to isoc mode. [ 1377.571340][ T5325] usb 5-1: USB disconnect, device number 82 [ 1377.614686][ T5325] em28xx 5-1:0.0: Disconnecting em28xx [ 1377.623983][ T5320] em28xx 5-1:0.0: Binding DVB extension [ 1377.853522][ T4162] loop2: detected capacity change from 0 to 512 [ 1377.973908][ T4158] loop0: detected capacity change from 0 to 4096 [ 1378.019115][ T4162] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1378.045017][ T4158] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512) [ 1378.119049][ T4162] EXT4-fs error (device loop2): ext4_acquire_dquot:6809: comm syz.2.14251: Failed to acquire dquot type 0 [ 1378.148222][ T5320] DVB: Unable to find symbol drxk_attach() [ 1378.200889][ T5320] em28xx 5-1:0.0: Registering input extension [ 1378.231106][ T5325] em28xx 5-1:0.0: Closing input extension [ 1378.277950][ T4158] ntfs3: loop0: failed to convert "c46c" to cp855 [ 1378.293037][ T5325] em28xx 5-1:0.0: Freeing device [ 1378.415750][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 1378.448341][ T4149] loop5: detected capacity change from 0 to 32768 [ 1378.503402][ T4149] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 scanned by syz.5.14245 (4149) [ 1378.568676][ T4149] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1378.597247][ T4149] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm [ 1378.642014][ T4149] BTRFS info (device loop5): setting nodatacow, compression disabled [ 1378.698784][ T4178] loop0: detected capacity change from 0 to 764 [ 1378.717565][ T4149] BTRFS info (device loop5): turning on sync discard [ 1378.750896][ T4149] BTRFS info (device loop5): force zlib compression, level 3 [ 1378.758398][ T4149] BTRFS info (device loop5): turning off discard [ 1378.791155][ T4149] BTRFS info (device loop5): turning on async discard [ 1378.804936][ T4178] Symlink component flag not implemented [ 1378.824375][ T4178] Symlink component flag not implemented [ 1378.830419][ T4149] BTRFS info (device loop5): force clearing of disk cache [ 1378.883086][ T4149] BTRFS info (device loop5): turning on flush-on-commit [ 1378.905878][ T4149] BTRFS warning (device loop5): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 1378.946914][ T4149] BTRFS info (device loop5): trying to use backup root at mount time [ 1378.976698][ T4149] BTRFS info (device loop5): using free space tree [ 1379.078819][ T4190] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14261'. [ 1379.302731][ T4149] BTRFS info (device loop5): enabling ssd optimizations [ 1379.339025][ T4149] BTRFS info (device loop5): rebuilding free space tree [ 1379.377926][ T4172] loop4: detected capacity change from 0 to 32768 [ 1379.543899][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 1379.550335][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 1379.583202][ T4172] XFS (loop4): Mounting V5 Filesystem [ 1379.690173][T26326] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1379.704561][ T4172] XFS (loop4): Ending clean mount [ 1379.733404][ T4172] XFS (loop4): Quotacheck needed: Please wait. [ 1379.937954][ T4172] XFS (loop4): Quotacheck: Done. [ 1380.448453][ T4246] loop0: detected capacity change from 0 to 128 [ 1380.689817][ T4265] XFS (loop4): Unmounting Filesystem [ 1381.378953][ T4273] loop0: detected capacity change from 0 to 2048 [ 1381.420027][ T4273] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1381.915702][ C0] vkms_vblank_simulate: vblank timer overrun [ 1382.226727][ T4346] netlink: 'syz.6.14302': attribute type 10 has an invalid length. [ 1382.234952][ T4346] netlink: 40 bytes leftover after parsing attributes in process `syz.6.14302'. [ 1382.283239][ T4349] program syz.2.14301 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1382.309001][ T4346] bridge0: port 3(ipvlan1) entered blocking state [ 1382.316195][ T4346] bridge0: port 3(ipvlan1) entered disabled state [ 1382.326752][ T4349] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 1382.333285][ T4353] syz.0.14304 (4353): drop_caches: 2 [ 1382.337568][ T4346] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 1382.387164][ T4351] netlink: 'syz.5.14303': attribute type 15 has an invalid length. [ 1382.714219][ T4362] loop5: detected capacity change from 0 to 256 [ 1382.983328][ T4371] loop6: detected capacity change from 0 to 256 [ 1382.998232][ T5325] usb 5-1: new high-speed USB device number 83 using dummy_hcd [ 1383.012778][ T4371] exfat: Deprecated parameter 'namecase' [ 1383.052560][ T4371] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 1383.134908][ T4378] loop2: detected capacity change from 0 to 256 [ 1383.190622][ T5325] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 1383.209266][ T5325] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 1383.221828][ T4378] FAT-fs (loop2): Directory bread(block 64) failed [ 1383.223892][ T5325] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 1383.240034][ T5325] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0 [ 1383.245981][ T4378] FAT-fs (loop2): Directory bread(block 65) failed [ 1383.250752][ T5325] usb 5-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 1383.276495][ T5325] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1383.295549][ T5325] usb 5-1: config 0 descriptor?? [ 1383.302711][ T4340] usb 6-1: new high-speed USB device number 23 using dummy_hcd [ 1383.302947][ T4378] FAT-fs (loop2): Directory bread(block 66) failed [ 1383.377259][ T4378] FAT-fs (loop2): Directory bread(block 67) failed [ 1383.395610][ T4378] FAT-fs (loop2): Directory bread(block 68) failed [ 1383.406446][ T4378] FAT-fs (loop2): Directory bread(block 69) failed [ 1383.434261][ T4378] FAT-fs (loop2): Directory bread(block 70) failed [ 1383.446209][ T4378] FAT-fs (loop2): Directory bread(block 71) failed [ 1383.462989][ T4378] FAT-fs (loop2): Directory bread(block 72) failed [ 1383.494552][ T4378] FAT-fs (loop2): Directory bread(block 73) failed [ 1383.502614][ T4340] usb 6-1: config 0 has an invalid interface number: 64 but max is 0 [ 1383.511072][ T4340] usb 6-1: config 0 has no interface number 0 [ 1383.522016][ T5325] hdpvr 5-1:0.0: firmware version 0x15 dated Š–¸&S¶3;¨“Ãx&X^„œ wÒΖŠ g/ƒ µn#»† [ 1383.571439][ T4340] usb 6-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice= 0.07 [ 1383.592840][ T4340] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1383.607364][ T4340] usb 6-1: Product: syz [ 1383.613343][ T4340] usb 6-1: Manufacturer: syz [ 1383.631935][ T4340] usb 6-1: SerialNumber: syz [ 1383.650820][ T4340] usb 6-1: config 0 descriptor?? [ 1383.723961][ T5325] hdpvr 5-1:0.0: device init failed [ 1383.748842][ T5325] hdpvr: probe of 5-1:0.0 failed with error -12 [ 1383.796949][ T5325] usb 5-1: USB disconnect, device number 83 [ 1383.867627][ T4340] usb 6-1: Found UVC 0.08 device syz (046d:0823) [ 1383.874125][ T4340] usb 6-1: No valid video chain found. [ 1383.912031][ T4340] usb 6-1: USB disconnect, device number 23 [ 1384.033707][ T4400] netlink: 'syz.6.14324': attribute type 7 has an invalid length. [ 1384.073897][ T4394] loop2: detected capacity change from 0 to 4096 [ 1384.162321][ T4394] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 1384.762501][ T4420] netlink: 16 bytes leftover after parsing attributes in process `syz.0.14333'. [ 1384.801355][ T4420] netlink: 4 bytes leftover after parsing attributes in process `syz.0.14333'. [ 1385.465062][ T4409] loop2: detected capacity change from 0 to 32768 [ 1385.522393][ T1421] usb 1-1: new high-speed USB device number 73 using dummy_hcd [ 1385.530467][ T4409] ocfs2: Slot 0 on device (7,2) was already allocated to this node! [ 1385.597969][ T4409] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 1385.632523][ T4454] netlink: 8 bytes leftover after parsing attributes in process `syz.6.14348'. [ 1385.712920][ T1421] usb 1-1: Using ep0 maxpacket: 32 [ 1385.720417][ T1421] usb 1-1: unable to get BOS descriptor or descriptor too short [ 1385.780746][ T1421] usb 1-1: config 7 has an invalid interface number: 128 but max is 0 [ 1385.803564][ T1421] usb 1-1: config 7 contains an unexpected descriptor of type 0x1, skipping [ 1385.826801][ T1421] usb 1-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config [ 1385.878317][ T1421] usb 1-1: config 7 has no interface number 0 [ 1385.894294][ T1421] usb 1-1: config 7 interface 128 altsetting 2 has an invalid endpoint with address 0x17, skipping [ 1385.947204][ T1421] usb 1-1: config 7 interface 128 altsetting 2 endpoint 0x87 has an invalid bInterval 209, changing to 11 [ 1385.972563][ T1421] usb 1-1: config 7 interface 128 altsetting 2 has 2 endpoint descriptors, different from the interface descriptor's value: 6 [ 1386.014662][ T1421] usb 1-1: config 7 interface 128 has no altsetting 0 [ 1386.036052][ T1421] usb 1-1: New USB device found, idVendor=6033, idProduct=4108, bcdDevice=cc.13 [ 1386.075585][ T1421] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1386.083966][ T4280] ocfs2: Unmounting device (7,2) on (node local) [ 1386.090580][ T1421] usb 1-1: Product: syz [ 1386.110593][ T1421] usb 1-1: Manufacturer: syz [ 1386.130523][ T1421] usb 1-1: SerialNumber: syz [ 1386.139127][ T4471] loop6: detected capacity change from 0 to 8 [ 1386.159191][ T4435] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 1386.198613][ T4471] MTD: Attempt to mount non-MTD device "/dev/loop6" [ 1386.218831][ T4472] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 1386.226152][ T4472] IPv6: NLM_F_CREATE should be set when creating new route [ 1386.233523][ T4472] IPv6: NLM_F_CREATE should be set when creating new route [ 1386.253084][ T4471] cramfs: Error -3 while decompressing! [ 1386.279546][ T4412] udevd[4412]: incorrect cramfs checksum on /dev/loop6 [ 1386.279567][ T4471] cramfs: ffffffff96d761e8(26)->ffff8880413ed000(4096) [ 1386.322280][ T4471] cramfs: Error -3 while decompressing! [ 1386.337944][ T4471] cramfs: ffffffff96d76202(26)->ffff88804f8c4000(4096) [ 1386.347601][ T4471] cramfs: Error -3 while decompressing! [ 1386.381895][ T1421] usb 1-1: MIDIStreaming interface descriptor not found [ 1386.389592][ T4471] cramfs: ffffffff96d7621c(16)->ffff88804f8c5000(4096) [ 1386.403932][ T4412] udevd[4412]: incorrect cramfs checksum on /dev/loop6 [ 1386.415801][ T4471] cramfs: Error -3 while decompressing! [ 1386.450818][ T4471] cramfs: ffffffff96d761e8(26)->ffff8880413ed000(4096) [ 1386.483691][ T1421] usb 1-1: USB disconnect, device number 73 [ 1386.812702][ T4504] udevd[4504]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:7.128/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1386.836594][ T4486] netlink: 'syz.2.14361': attribute type 6 has an invalid length. [ 1387.091987][ T4495] netlink: 16 bytes leftover after parsing attributes in process `syz.4.14364'. [ 1387.337699][ T4496] loop0: detected capacity change from 0 to 4096 [ 1387.386429][ T4496] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512) [ 1387.591621][ T4507] loop2: detected capacity change from 0 to 4096 [ 1387.621305][ T4511] loop5: detected capacity change from 0 to 256 [ 1387.645219][ T4507] __ntfs_error: 4 callbacks suppressed [ 1387.645237][ T4507] ntfs: (device loop2): check_mft_mirror(): $MFT and $MFTMirr (record 2) do not match. Run ntfsfix or chkdsk. [ 1387.680713][ T4507] ntfs: (device loop2): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 1387.754486][ T4507] ntfs: (device loop2): ntfs_read_locked_inode(): $DATA attribute is missing. [ 1387.825446][ T4507] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0xa as bad. Run chkdsk. [ 1387.898589][ T4507] ntfs: (device loop2): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 1387.972472][ T4507] ntfs: volume version 3.1. [ 1387.977108][ T4507] ntfs: (device loop2): ntfs_read_locked_inode(): Inode is not in use! [ 1388.044161][ T4507] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0x2 as bad. Run chkdsk. [ 1388.077103][ T4507] ntfs: (device loop2): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 1388.234728][ T4507] ntfs: (device loop2): ntfs_read_locked_inode(): $INDEX_ROOT attribute is missing. [ 1388.293180][ T4507] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x40 as bad. Run chkdsk. [ 1388.563396][ T4532] ipt_CLUSTERIP: bad num_local_nodes 32 [ 1388.887093][ T4513] loop4: detected capacity change from 0 to 32768 [ 1388.955743][ T4513] [ 1388.955743][ T4513] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1388.955743][ T4513] [ 1389.051826][ T4536] loop6: detected capacity change from 0 to 8192 [ 1389.133680][ T4542] loop5: detected capacity change from 0 to 4096 [ 1389.166240][ T4542] ntfs3: loop5: Different NTFS' sector size (4096) and media sector size (512) [ 1389.172642][ T4265] [ 1389.172642][ T4265] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1389.172642][ T4265] [ 1389.179345][ T4536] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1389.209389][ T4265] [ 1389.209389][ T4265] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1389.209389][ T4265] [ 1389.448641][ T4551] libceph: resolve '40.' (ret=-3): failed [ 1389.965749][ T4570] cgroup: No subsys list or none specified [ 1390.279154][ T4582] xt_nat: multiple ranges no longer supported [ 1390.682197][ T4599] loop5: detected capacity change from 0 to 128 [ 1390.760144][ T4594] loop0: detected capacity change from 0 to 8192 [ 1390.825853][ T4599] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 1390.856572][ T4599] FAT-fs (loop5): Filesystem has been set read-only [ 1390.999779][ T1421] usb 5-1: new high-speed USB device number 84 using dummy_hcd [ 1391.027155][ T4608] loop2: detected capacity change from 0 to 256 [ 1391.105059][ T4610] netlink: 4 bytes leftover after parsing attributes in process `syz.0.14420'. [ 1391.211616][ T1421] usb 5-1: config 220 has an invalid interface number: 76 but max is 2 [ 1391.228132][ T4614] loop6: detected capacity change from 0 to 512 [ 1391.237673][ T1421] usb 5-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 1391.261744][ T1421] usb 5-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 1391.277468][ T4614] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended [ 1391.323454][ T1421] usb 5-1: config 220 has no interface number 2 [ 1391.352452][ T1421] usb 5-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 1391.366049][ T4614] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 1391.394905][ T4614] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 1391.417188][ T1421] usb 5-1: config 220 interface 0 has no altsetting 0 [ 1391.424308][ T4614] System zones: 0-2, 18-18, 34-34 [ 1391.430348][ T1421] usb 5-1: config 220 interface 76 has no altsetting 0 [ 1391.437484][ T1421] usb 5-1: config 220 interface 1 has no altsetting 0 [ 1391.458881][ T4617] loop0: detected capacity change from 0 to 256 [ 1391.466697][ T1421] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 1391.477311][ T1421] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1391.485426][ T1421] usb 5-1: Product: syz [ 1391.489858][ T1421] usb 5-1: Manufacturer: syz [ 1391.494487][ T1421] usb 5-1: SerialNumber: syz [ 1391.520598][ T4614] EXT4-fs (loop6): 1 truncate cleaned up [ 1391.526742][ T4614] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 1391.610762][ T4617] FAT-fs (loop0): Directory bread(block 64) failed [ 1391.617374][ T4617] FAT-fs (loop0): Directory bread(block 65) failed [ 1391.689851][ T4617] FAT-fs (loop0): Directory bread(block 66) failed [ 1391.718162][ T4617] FAT-fs (loop0): Directory bread(block 67) failed [ 1391.724884][ T1421] usb 5-1: selecting invalid altsetting 0 [ 1391.725656][ T1421] usb 5-1: Found UVC 7.01 device syz (8086:0b07) [ 1391.752411][ T4617] FAT-fs (loop0): Directory bread(block 68) failed [ 1391.759023][ T4617] FAT-fs (loop0): Directory bread(block 69) failed [ 1391.761630][ T1421] usb 5-1: No valid video chain found. [ 1391.800185][ T4617] FAT-fs (loop0): Directory bread(block 70) failed [ 1391.806890][ T4617] FAT-fs (loop0): Directory bread(block 71) failed [ 1391.839591][ T1421] usb 5-1: selecting invalid altsetting 0 [ 1391.857249][ T4617] FAT-fs (loop0): Directory bread(block 72) failed [ 1391.863962][ T4617] FAT-fs (loop0): Directory bread(block 73) failed [ 1391.865730][ T1421] usbtest: probe of 5-1:220.1 failed with error -22 [ 1391.905621][ T1421] usb 5-1: USB disconnect, device number 84 [ 1391.960113][ T3438] EXT4-fs (loop6): unmounting filesystem. [ 1392.040791][ T4632] loop5: detected capacity change from 0 to 64 [ 1392.363962][ T4640] comedi comedi3: comedi_config --init_data is deprecated [ 1392.784927][ T4657] loop0: detected capacity change from 0 to 16 [ 1393.266636][ T1421] usb 6-1: new high-speed USB device number 24 using dummy_hcd [ 1393.487717][ T4681] netlink: 'syz.4.14452': attribute type 10 has an invalid length. [ 1393.498886][ T1421] usb 6-1: Using ep0 maxpacket: 8 [ 1393.506190][ T1421] usb 6-1: config 179 has an invalid interface number: 65 but max is 0 [ 1393.523956][ T4681] netlink: 40 bytes leftover after parsing attributes in process `syz.4.14452'. [ 1393.536537][ T1421] usb 6-1: config 179 has no interface number 0 [ 1393.543956][ T4681] bridge0: port 4(batadv0) entered blocking state [ 1393.550819][ T1421] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 1393.567724][ T4681] bridge0: port 4(batadv0) entered disabled state [ 1393.580768][ T1421] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 1393.593676][ T1421] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 1393.609475][ T4681] device batadv0 entered promiscuous mode [ 1393.616192][ T4681] bridge0: port 4(batadv0) entered blocking state [ 1393.622819][ T4681] bridge0: port 4(batadv0) entered forwarding state [ 1393.635385][ T1421] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 1393.648617][ T1421] usb 6-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 1393.685905][ T1421] usb 6-1: config 179 interface 65 has no altsetting 0 [ 1393.699701][ T1421] usb 6-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 1393.728874][ T1421] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1393.748854][ T11] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 1393.758523][ T11] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 1393.799044][ T1421] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:179.65/input/input100 [ 1393.946449][ T4696] cgroup: Name too long [ 1394.060581][ T1421] usb 6-1: USB disconnect, device number 24 [ 1394.078411][ T1421] xpad 6-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 1394.155473][ T4700] loop2: detected capacity change from 0 to 16 [ 1394.229114][ T4700] erofs: (device loop2): mounted with root inode @ nid 36. [ 1394.304192][ T4700] erofs: (device loop2): z_erofs_read_folio: failed to read, err [-117] [ 1394.745942][ T4718] SET target dimension over the limit! [ 1394.816179][ T4720] device bond0 entered promiscuous mode [ 1396.238535][ T4764] xt_CT: No such helper "syz0" [ 1396.837526][ T4792] netlink: 'syz.5.14506': attribute type 10 has an invalid length. [ 1396.929883][ T4796] (unnamed net_device) (uninitialized): option arp_interval: invalid value (18446744073709551615) [ 1396.990010][ T4796] (unnamed net_device) (uninitialized): option arp_interval: allowed values 0 - 2147483647 [ 1397.192696][ C1] sd 0:0:1:0: [sda] tag#5326 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 1397.203326][ C1] sd 0:0:1:0: [sda] tag#5326 CDB: Read(6) 08 00 00 00 03 44 [ 1397.418496][ T4815] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1397.806924][ T4830] netlink: 8 bytes leftover after parsing attributes in process `syz.4.14525'. [ 1398.004550][ T4340] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 1398.205757][ T4340] usb 7-1: New USB device found, idVendor=03fd, idProduct=ebbe, bcdDevice=d2.0d [ 1398.230847][ T4340] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1398.248829][ T4340] usb 7-1: Product: syz [ 1398.253159][ T4340] usb 7-1: Manufacturer: syz [ 1398.257802][ T4340] usb 7-1: SerialNumber: syz [ 1398.275826][ T4340] usb 7-1: config 0 descriptor?? [ 1398.508667][ T4340] usb 7-1: USB disconnect, device number 2 [ 1398.513197][ T1421] usb 5-1: new low-speed USB device number 85 using dummy_hcd [ 1398.735777][ T1421] usb 5-1: config index 0 descriptor too short (expected 6427, got 27) [ 1398.748872][ T1421] usb 5-1: config 0 has an invalid interface number: 21 but max is 0 [ 1398.771398][ T1421] usb 5-1: config 0 has no interface number 0 [ 1398.784853][ T1421] usb 5-1: config 0 interface 21 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt [ 1398.807485][ T1421] usb 5-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1398.828976][ T1421] usb 5-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 1398.850013][ T1421] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1398.898867][ T1421] usb 5-1: config 0 descriptor?? [ 1399.002223][ T4850] loop0: detected capacity change from 0 to 32768 [ 1399.295085][ T4850] ERROR: (device loop0): dbFindCtl: Corrupt dmapctl page [ 1399.295085][ T4850] [ 1399.322077][ T1421] usb 5-1: USB disconnect, device number 85 [ 1399.334526][ T4850] ERROR: (device loop0): remounting filesystem as read-only [ 1399.370712][ T4850] jfs_mkdir: dtInsert returned -EIO [ 1399.412374][ T4850] ERROR: (device loop0): jfs_mkdir: [ 1399.412374][ T4850] [ 1399.643120][ T4872] loop2: detected capacity change from 0 to 1024 [ 1399.981362][ T4858] syz.5.14539 (4858): drop_caches: 2 [ 1400.124401][ T4396] hfsplus: b-tree write err: -5, ino 4 [ 1400.566476][ T4896] netlink: 'syz.4.14558': attribute type 21 has an invalid length. [ 1400.592143][ T4896] netlink: 8 bytes leftover after parsing attributes in process `syz.4.14558'. [ 1400.877024][ T4907] netlink: 8 bytes leftover after parsing attributes in process `syz.5.14564'. [ 1401.461923][ T4923] loop0: detected capacity change from 0 to 4096 [ 1401.499433][ T4923] ntfs: (device loop0): ntfs_read_locked_inode(): $DATA attribute is missing. [ 1401.562434][ T4923] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0xa as bad. Run chkdsk. [ 1401.630124][ T4923] ntfs: (device loop0): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 1401.649418][ T4284] Bluetooth: hci5: command 0x0405 tx timeout [ 1401.736184][ T4923] ntfs: volume version 3.1. [ 1402.136197][ T4950] loop5: detected capacity change from 0 to 512 [ 1402.145778][ T4947] loop2: detected capacity change from 0 to 4096 [ 1402.156615][ T4950] EXT4-fs: Ignoring removed mblk_io_submit option [ 1402.193888][ T4950] EXT4-fs: Ignoring removed bh option [ 1402.336269][ T4953] loop4: detected capacity change from 0 to 64 [ 1402.612215][ T4940] syz.6.14580 (4940): drop_caches: 2 [ 1402.623768][ T4277] ntfs: (device loop0): ntfs_put_super(): Volume has errors. Leaving volume marked dirty. Run chkdsk. [ 1402.657272][ T4950] EXT4-fs (loop5): orphan cleanup on readonly fs [ 1402.729060][ T4950] EXT4-fs error (device loop5): ext4_orphan_get:1426: comm syz.5.14585: bad orphan inode 14 [ 1402.848507][ T4950] ext4_test_bit(bit=13, block=18) = 1 [ 1402.902665][ T4950] is_bad_inode(inode)=0 [ 1402.947978][ T4950] NEXT_ORPHAN(inode)=0 [ 1402.952219][ T4950] max_ino=32 [ 1402.973045][ T4950] i_nlink=1 [ 1402.988001][ T4950] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1403.227979][T26326] EXT4-fs (loop5): unmounting filesystem. [ 1403.236771][ T4966] kAFS: Can only specify source 'none' with -o dyn [ 1403.348691][ T4964] loop2: detected capacity change from 0 to 4096 [ 1403.895676][ T4977] loop5: detected capacity change from 0 to 4096 [ 1404.033157][ T4977] ntfs: volume version 3.1. [ 1404.053418][ T4977] ntfs: (device loop5): ntfs_lookup_inode_by_name(): Corrupt directory. Aborting lookup. [ 1404.096926][ T4977] ntfs: (device loop5): load_and_init_quota(): Failed to find inode number for $Quota. [ 1404.164141][ T4977] ntfs: (device loop5): load_system_files(): Failed to load $Quota. Mounting read-only. Run chkdsk. [ 1404.220851][ T4977] ntfs: (device loop5): ntfs_lookup_inode_by_name(): Corrupt directory. Aborting lookup. [ 1404.259206][ T4977] ntfs: (device loop5): load_and_init_usnjrnl(): Failed to find inode number for $UsnJrnl. [ 1404.306502][ T4977] ntfs: (device loop5): load_system_files(): Failed to load $UsnJrnl. Will not be able to remount read-write. Run chkdsk. [ 1404.853616][ T5009] netlink: 8 bytes leftover after parsing attributes in process `syz.6.14613'. [ 1404.959498][ T5013] loop2: detected capacity change from 0 to 128 [ 1405.081790][ T5013] syz.2.14615: attempt to access beyond end of device [ 1405.081790][ T5013] loop2: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 1405.116424][ T5013] Buffer I/O error on dev loop2, logical block 3245768, async page read [ 1405.316241][ T4280] sysv_free_block: flc_count > flc_size [ 1405.352027][ T4280] sysv_free_block: flc_count > flc_size [ 1405.371959][ T4280] sysv_free_block: flc_count > flc_size [ 1405.378252][ T4280] sysv_free_block: flc_count > flc_size [ 1405.388022][ T4280] sysv_free_block: flc_count > flc_size [ 1405.394098][ T4280] sysv_free_block: flc_count > flc_size [ 1405.399688][ T4280] sysv_free_block: flc_count > flc_size [ 1405.406182][ T4280] sysv_free_block: flc_count > flc_size [ 1405.414962][ T4280] sysv_free_block: flc_count > flc_size [ 1405.440858][ T4280] sysv_free_block: flc_count > flc_size [ 1405.475856][ T4280] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 1405.630964][T15369] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 1405.758770][ T5040] netlink: 16 bytes leftover after parsing attributes in process `syz.5.14628'. [ 1405.844790][T15369] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1405.876494][T15369] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1405.916039][T15369] usb 7-1: Product: syz [ 1405.932367][ T5042] loop4: detected capacity change from 0 to 736 [ 1405.932678][T15369] usb 7-1: Manufacturer: syz [ 1405.964479][T15369] usb 7-1: SerialNumber: syz [ 1406.019231][T15369] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1406.083819][ T1421] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1406.332448][ T5050] netlink: 'syz.5.14633': attribute type 2 has an invalid length. [ 1406.475257][ T5052] loop4: detected capacity change from 0 to 2044 [ 1406.566752][T15376] usb 7-1: USB disconnect, device number 3 [ 1406.582848][ T5052] Alternate GPT is invalid, using primary GPT. [ 1406.595931][ T5052] loop4: p1 p2 p3 [ 1406.730270][ T5034] loop0: detected capacity change from 0 to 32768 [ 1406.801817][ T5034] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz.0.14624 (5034) [ 1406.925192][ T5034] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1406.974859][ T5034] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm [ 1407.007606][ T5034] BTRFS info (device loop0): enabling ssd optimizations [ 1407.022227][ T4447] udevd[4447]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory [ 1407.022998][ T4448] udevd[4448]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 1407.063818][ T4412] udevd[4412]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 1407.073763][ T5034] BTRFS info (device loop0): turning on sync discard [ 1407.108126][ T5034] BTRFS info (device loop0): using free space tree [ 1407.136014][ T1421] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive [ 1407.144553][ T1421] ath9k_htc: Failed to initialize the device [ 1407.201761][T15376] usb 7-1: ath9k_htc: USB layer deinitialized [ 1407.248083][ T5073] netlink: 196 bytes leftover after parsing attributes in process `syz.2.14643'. [ 1407.327401][ T5073] netlink: 196 bytes leftover after parsing attributes in process `syz.2.14643'. [ 1407.346329][ T5073] netlink: 19 bytes leftover after parsing attributes in process `syz.2.14643'. [ 1407.675385][ T5034] BTRFS error (device loop0): balance: invalid convert data profile raid1c4 [ 1407.744506][ T5098] netlink: 'syz.4.14648': attribute type 32 has an invalid length. [ 1407.825951][ T4277] BTRFS info (device loop0): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1408.002556][ T4412] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 9 /dev/loop0 scanned by udevd (4412) [ 1408.140960][ T5105] loop2: detected capacity change from 0 to 64 [ 1408.351761][ T5095] orangefs_mount: mount request failed with -4 [ 1408.584650][ T5080] loop6: detected capacity change from 0 to 32768 [ 1408.769335][ T5080] XFS (loop6): Mounting V5 Filesystem [ 1408.802820][ C1] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 1408.935410][ T4340] XFS (loop6): Metadata CRC error detected at xfs_agf_read_verify+0x18d/0x250, xfs_agf block 0x1 [ 1408.982624][ T4340] XFS (loop6): Unmount and run xfs_repair [ 1408.988903][ T5320] usb 1-1: new high-speed USB device number 74 using dummy_hcd [ 1409.015742][ T5131] loop4: detected capacity change from 0 to 64 [ 1409.031399][ T4340] XFS (loop6): First 128 bytes of corrupted metadata buffer: [ 1409.040922][ T4340] 00000000: 58 41 47 46 00 00 00 00 00 00 00 00 00 00 10 00 XAGF............ [ 1409.050493][T15378] usb 6-1: new full-speed USB device number 25 using dummy_hcd [ 1409.076537][ T5131] hfs: inconsistency in B*Tree (1,0,1,0,3) [ 1409.089005][ T4340] 00000010: 00 00 00 01 00 00 00 02 00 00 00 00 00 00 00 01 ................ [ 1409.113322][ T4340] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04 ................ [ 1409.153565][ T4340] 00000030: 00 00 00 04 00 00 0b a2 00 00 0b a0 00 00 00 00 ................ [ 1409.181245][ T4340] 00000040: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb ...^T.Lr......N. [ 1409.203292][ T5320] usb 1-1: Using ep0 maxpacket: 8 [ 1409.211287][ T5320] usb 1-1: config 0 has an invalid interface number: 31 but max is 0 [ 1409.236815][ T4340] 00000050: 00 00 00 00 00 00 00 01 00 00 00 05 00 00 00 01 ................ [ 1409.248302][ T5320] usb 1-1: config 0 has no interface number 0 [ 1409.261710][T15378] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1409.264897][ T4340] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 1409.291846][T15378] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1409.308076][ T5320] usb 1-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16 [ 1409.324516][ T5320] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1409.328172][T15378] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00 [ 1409.333132][ T4340] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 1409.360751][ T5320] usb 1-1: Product: syz [ 1409.374860][T15378] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1409.386282][ T5320] usb 1-1: Manufacturer: syz [ 1409.391093][ T5320] usb 1-1: SerialNumber: syz [ 1409.400801][T15378] usb 6-1: SerialNumber: syz [ 1409.409088][ T5080] XFS (loop6): metadata I/O error in "xfs_read_agf+0x2a0/0x620" at daddr 0x1 len 1 error 74 [ 1409.431302][ T5080] XFS (loop6): Error -117 reserving per-AG metadata reserve pool. [ 1409.433997][T15378] usb 6-1: 0:2 : does not exist [ 1409.446053][ T5320] usb 1-1: config 0 descriptor?? [ 1409.467610][ T5080] XFS (loop6): Corruption of in-memory data (0x8) detected at xfs_fs_reserve_ag_blocks+0x1c6/0x1f0 (fs/xfs/xfs_fsops.c:587). Shutting down filesystem. [ 1409.535831][ T5080] XFS (loop6): Please unmount the filesystem and rectify the problem(s) [ 1409.556643][ T5137] netlink: 64 bytes leftover after parsing attributes in process `syz.2.14663'. [ 1409.556748][ T5080] XFS (loop6): Ending clean mount [ 1409.582124][ T5080] XFS (loop6): Failed to initialize disk quotas. [ 1409.671041][ T5320] usb 1-1: Found UVC 0.04 device syz (046d:08c3) [ 1409.677521][ T5320] usb 1-1: No valid video chain found. [ 1409.718108][ T5320] usb 1-1: USB disconnect, device number 74 [ 1409.822163][ T3438] XFS (loop6): Unmounting Filesystem [ 1409.824111][T15378] usb 6-1: USB disconnect, device number 25 [ 1409.911740][ T5141] loop2: detected capacity change from 0 to 1024 [ 1409.926480][ T5141] EXT4-fs: Ignoring removed orlov option [ 1409.934699][ T5141] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1410.039971][ T5141] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1410.432956][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 1410.748559][ T5162] loop6: detected capacity change from 0 to 1024 [ 1410.906423][ T61] hfsplus: b-tree write err: -5, ino 4 [ 1411.330010][ T5180] netlink: 'syz.4.14683': attribute type 22 has an invalid length. [ 1411.354405][ T5184] netlink: 60 bytes leftover after parsing attributes in process `syz.6.14682'. [ 1411.609346][ T5190] loop2: detected capacity change from 0 to 512 [ 1411.666811][ T5190] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 1411.739464][ T5190] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1086: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 1411.766289][ T5160] loop0: detected capacity change from 0 to 32768 [ 1411.818752][ T5190] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.14687: bg 0: block 248: padding at end of block bitmap is not set [ 1411.841443][ T5160] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.14674 (5160) [ 1411.897188][ T5160] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 1411.921713][ T5190] Quota error (device loop2): write_blk: dquota write failed [ 1411.954066][ T5160] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 1411.967973][ T5190] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 1412.003411][ T5160] BTRFS info (device loop0): enabling auto defrag [ 1412.010571][ T5190] EXT4-fs error (device loop2): ext4_acquire_dquot:6809: comm syz.2.14687: Failed to acquire dquot type 1 [ 1412.022051][ T5160] BTRFS info (device loop0): use no compression [ 1412.022077][ T5160] BTRFS info (device loop0): force clearing of disk cache [ 1412.022096][ T5160] BTRFS info (device loop0): turning on flush-on-commit [ 1412.022141][ T5160] BTRFS info (device loop0): max_inline at 57 [ 1412.022432][ T5160] BTRFS info (device loop0): disabling free space tree [ 1412.075882][ T5204] bridge0: port 4(batadv0) entered disabled state [ 1412.090850][ T5190] EXT4-fs (loop2): 1 truncate cleaned up [ 1412.099473][ T5190] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1412.106857][ T5208] netlink: 32 bytes leftover after parsing attributes in process `syz.5.14693'. [ 1412.240891][ T5217] loop6: detected capacity change from 0 to 256 [ 1412.368965][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 1412.385152][ T4354] Quota error (device loop2): do_check_range: Getting block 0 out of range 1-5 [ 1412.426739][ T4354] EXT4-fs error (device loop2): ext4_release_dquot:6845: comm kworker/u4:6: Failed to release dquot type 1 [ 1412.438732][ T5160] BTRFS info (device loop0): enabling ssd optimizations [ 1412.480663][ T5160] BTRFS info (device loop0): rebuilding free space tree [ 1412.580104][ T5160] BTRFS info (device loop0): disabling free space tree [ 1412.634217][ T5160] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 1412.683724][ T5160] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 1412.955392][ T5242] netlink: 'syz.6.14702': attribute type 10 has an invalid length. [ 1413.048489][ T5242] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 1413.112095][ T4277] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 1413.156206][ T5320] usb 3-1: new high-speed USB device number 56 using dummy_hcd [ 1413.331207][ T4412] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 12 /dev/loop0 scanned by udevd (4412) [ 1413.347087][ T5320] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 1413.370537][ T5320] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 1413.397166][ T5253] netlink: 'syz.6.14707': attribute type 29 has an invalid length. [ 1413.421994][ T5320] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 1413.437260][ T5253] netlink: 'syz.6.14707': attribute type 29 has an invalid length. [ 1413.457255][ T5320] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1413.511519][ T5240] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1413.800541][ T5262] loop5: detected capacity change from 0 to 256 [ 1414.028426][ T5263] usb 3-1: USB disconnect, device number 56 [ 1414.251649][T15368] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 1414.351582][ T5277] loop5: detected capacity change from 0 to 256 [ 1414.383958][ T5277] exfat: Deprecated parameter 'namecase' [ 1414.420031][ T5277] exfat: Deprecated parameter 'utf8' [ 1414.454020][ T5277] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 1414.470458][T15368] usb 7-1: Using ep0 maxpacket: 32 [ 1414.478266][T15368] usb 7-1: unable to get BOS descriptor or descriptor too short [ 1414.527632][T15368] usb 7-1: config 7 has an invalid interface number: 187 but max is 0 [ 1414.527934][ T5277] overlayfs: filesystem on './file0' not supported [ 1414.565925][T15368] usb 7-1: config 7 has no interface number 0 [ 1414.584825][T15368] usb 7-1: config 7 interface 187 altsetting 6 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1414.641742][T15368] usb 7-1: config 7 interface 187 altsetting 6 bulk endpoint 0x3 has invalid maxpacket 0 [ 1414.691331][T15368] usb 7-1: config 7 interface 187 has no altsetting 0 [ 1414.705354][T15368] usb 7-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb [ 1414.722141][T15368] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1414.731336][T15368] usb 7-1: Product: syz [ 1414.735562][T15368] usb 7-1: Manufacturer: syz [ 1414.744274][T15368] usb 7-1: SerialNumber: syz [ 1414.772432][ T5287] loop2: detected capacity change from 0 to 256 [ 1414.953402][T15368] usb 7-1: Unknown endpoint type found, address 0x07 [ 1414.961432][T15368] usb 7-1: Not enough endpoints found in device, aborting! [ 1415.184382][ T5295] device batadv0 entered promiscuous mode [ 1415.185180][T15368] usb 7-1: USB disconnect, device number 4 [ 1415.550789][ T5310] loop0: detected capacity change from 0 to 512 [ 1415.602769][ T5314] loop4: detected capacity change from 0 to 256 [ 1415.630081][ T5314] FAT-fs (loop4): Directory bread(block 64) failed [ 1415.639974][ T5314] FAT-fs (loop4): Directory bread(block 65) failed [ 1415.646803][ T5314] FAT-fs (loop4): Directory bread(block 66) failed [ 1415.653900][ T5314] FAT-fs (loop4): Directory bread(block 67) failed [ 1415.658388][ T5310] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.14734: inode #1: comm syz.0.14734: iget: illegal inode # [ 1415.660563][ T5314] FAT-fs (loop4): Directory bread(block 68) failed [ 1415.680645][ T5314] FAT-fs (loop4): Directory bread(block 69) failed [ 1415.687448][ T5314] FAT-fs (loop4): Directory bread(block 70) failed [ 1415.694219][ T5314] FAT-fs (loop4): Directory bread(block 71) failed [ 1415.700996][ T5314] FAT-fs (loop4): Directory bread(block 72) failed [ 1415.707585][ T5314] FAT-fs (loop4): Directory bread(block 73) failed [ 1415.723494][ T5310] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.14734: error while reading EA inode 1 err=-117 [ 1415.758801][ T5310] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.14734: inode #1: comm syz.0.14734: iget: illegal inode # [ 1415.801300][ T5310] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.14734: error while reading EA inode 1 err=-117 [ 1415.863605][ T5310] EXT4-fs (loop0): 1 orphan inode deleted [ 1415.869443][ T5310] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 1415.940637][ T5323] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14738'. [ 1416.065863][ T5331] loop5: detected capacity change from 0 to 22 [ 1416.110854][ T5331] MTD: Attempt to mount non-MTD device "/dev/loop5" [ 1416.163210][ T4277] EXT4-fs error (device loop0): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0 [ 1416.185415][ T5331] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 1416.212987][ T5333] loop6: detected capacity change from 0 to 256 [ 1416.244154][ T4277] EXT4-fs error (device loop0): ext4_lookup:1858: inode #11: comm syz-executor: iget: bad extended attribute block 393216 [ 1416.291433][ T5333] exfat: Deprecated parameter 'utf8' [ 1416.324796][ T4277] EXT4-fs error (device loop0): ext4_lookup:1858: inode #11: comm syz-executor: iget: bad extended attribute block 393216 [ 1416.353325][ T5333] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xf6efbb19, utbl_chksum : 0xe619d30d) [ 1416.607537][ T5345] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.14749'. [ 1416.849897][ T4277] bond0: (slave syz_tun): Releasing backup interface [ 1416.928956][ T4277] EXT4-fs (loop0): unmounting filesystem. [ 1417.191610][ T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1417.203135][ T5353] loop5: detected capacity change from 0 to 8192 [ 1417.268109][ T5353] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 1417.290589][ T5353] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 1417.313498][ T5353] REISERFS (device loop5): using ordered data mode [ 1417.339518][ T5353] reiserfs: using flush barriers [ 1417.362881][ T5353] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 1417.397425][ T5353] REISERFS (device loop5): checking transaction log (loop5) [ 1417.542121][ T5363] loop2: detected capacity change from 0 to 128 [ 1417.600158][ T5363] ufs: You didn't specify the type of your ufs filesystem [ 1417.600158][ T5363] [ 1417.600158][ T5363] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 1417.600158][ T5363] [ 1417.600158][ T5363] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 1417.676590][ T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1417.796279][ T5353] REISERFS (device loop5): Using rupasov hash to sort names [ 1417.824086][ T5363] ufs: ufstype=old is supported read-only [ 1417.834453][ T5363] ufs: ufs_fill_super(): fragment size 3263967611 is not a power of 2 [ 1417.843172][ T5353] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 1417.855149][ T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1418.112579][ T5372] xt_recent: hitcount (134217728) is larger than allowed maximum (255) [ 1418.168610][ T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1418.782617][ T4284] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1418.802200][ T4284] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1418.813606][ T4284] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1418.825449][ T4284] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1418.833351][ T4284] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 1418.840691][ T4284] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1418.968624][ T5394] netlink: 168864 bytes leftover after parsing attributes in process `syz.4.14772'. [ 1418.980958][ T11] device .*! left promiscuous mode [ 1419.023444][ T5394] netlink: zone id is out of range [ 1419.115960][ T5386] lo speed is unknown, defaulting to 1000 [ 1419.128932][ T5402] netlink: 2 bytes leftover after parsing attributes in process `syz.5.14775'. [ 1419.172075][ T5394] netlink: del zone limit has 4 unknown bytes [ 1419.765486][ T5423] loop6: detected capacity change from 0 to 512 [ 1419.792119][ C1] vkms_vblank_simulate: vblank timer overrun [ 1419.855539][ T5423] EXT4-fs (loop6): Test dummy encryption mode enabled [ 1419.864170][ T5423] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 1419.954916][ T5419] netlink: 8 bytes leftover after parsing attributes in process `syz.4.14784'. [ 1419.968375][ T5419] netlink: 56 bytes leftover after parsing attributes in process `syz.4.14784'. [ 1420.003092][ T5429] loop2: detected capacity change from 0 to 512 [ 1420.042684][ T5423] EXT4-fs error (device loop6): ext4_orphan_get:1426: comm syz.6.14782: bad orphan inode 131083 [ 1420.090943][T15368] usb 6-1: new high-speed USB device number 26 using dummy_hcd [ 1420.109393][ T5423] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 1420.131697][ T5429] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 1420.150565][ T5429] EXT4-fs (loop2): orphan cleanup on readonly fs [ 1420.223591][ T5429] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #13: comm syz.2.14786: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 1420.283215][T15368] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 1420.304498][T15368] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 1420.341768][ T5429] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.14786: couldn't read orphan inode 13 (err -117) [ 1420.349463][ T3438] EXT4-fs (loop6): unmounting filesystem. [ 1420.367658][T15368] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 1420.399374][ T5429] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1420.408844][T15368] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1420.442635][ T5424] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 1420.518048][ T5429] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 1420.589858][ T5429] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 1420.638187][ T5429] EXT4-fs (loop2): re-mounted. Quota mode: writeback. [ 1420.817177][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 1420.843191][T26329] Bluetooth: hci3: command 0x0409 tx timeout [ 1420.855162][ T5325] usb 6-1: USB disconnect, device number 26 [ 1421.364949][ C1] vkms_vblank_simulate: vblank timer overrun [ 1421.436522][ T5386] chnl_net:caif_netlink_parms(): no params data found [ 1421.696195][ T5469] loop6: detected capacity change from 0 to 2048 [ 1421.835174][ T5480] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1421.872823][ T5469] NILFS (loop6): vblocknr = 15 has abnormal lifetime: start cno (= 4128770) > current cno (= 3) [ 1421.925982][ T5469] NILFS error (device loop6): nilfs_bmap_truncate: broken bmap (inode number=16) [ 1421.961363][ T5469] Remounting filesystem read-only [ 1421.976926][ T5469] NILFS (loop6): error -5 truncating bmap (ino=16) [ 1422.047459][ T3438] NILFS (loop6): disposed unprocessed dirty file(s) when detaching log writer [ 1422.097964][ T5386] bridge0: port 1(bridge_slave_0) entered blocking state [ 1422.148540][ T5386] bridge0: port 1(bridge_slave_0) entered disabled state [ 1422.184157][ T5386] device bridge_slave_0 entered promiscuous mode [ 1422.269809][ T5386] bridge0: port 2(bridge_slave_1) entered blocking state [ 1422.288819][ T5386] bridge0: port 2(bridge_slave_1) entered disabled state [ 1422.311406][ T5386] device bridge_slave_1 entered promiscuous mode [ 1422.419992][ T27] audit: type=1326 audit(1708.669:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5494 comm="syz.5.14808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c2a18f6c9 code=0x7ffc0000 [ 1422.431627][ T5496] loop6: detected capacity change from 0 to 256 [ 1422.469183][ T27] audit: type=1326 audit(1708.711:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5494 comm="syz.5.14808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=100 compat=0 ip=0x7f9c2a18f6c9 code=0x7ffc0000 [ 1422.491172][ C1] vkms_vblank_simulate: vblank timer overrun [ 1422.628362][ T5386] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1422.662653][ T27] audit: type=1326 audit(1708.711:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5494 comm="syz.5.14808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c2a18f6c9 code=0x7ffc0000 [ 1422.685467][ C1] vkms_vblank_simulate: vblank timer overrun [ 1422.718973][ T5504] loop5: detected capacity change from 0 to 128 [ 1422.753618][ T27] audit: type=1326 audit(1708.711:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5494 comm="syz.5.14808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c2a18f6c9 code=0x7ffc0000 [ 1422.793207][ T5386] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1422.797701][ T5504] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 1422.824990][T26329] Bluetooth: hci3: command 0x041b tx timeout [ 1422.977564][ T5504] EXT4-fs warning (device loop5): ext4_dirblock_csum_verify:406: inode #2: comm syz.5.14812: No space for directory leaf checksum. Please run e2fsck -D. [ 1423.053927][ T5504] EXT4-fs error (device loop5): __ext4_find_entry:1696: inode #2: comm syz.5.14812: checksumming directory block 0 [ 1423.221957][T26326] EXT4-fs (loop5): unmounting filesystem. [ 1423.317870][ T5523] loop6: detected capacity change from 0 to 64 [ 1423.487513][ T5386] team0: Port device team_slave_0 added [ 1423.521896][ T5525] netlink: 'syz.4.14819': attribute type 8 has an invalid length. [ 1423.558126][ T5525] netlink: 8 bytes leftover after parsing attributes in process `syz.4.14819'. [ 1423.608118][ T5386] team0: Port device team_slave_1 added [ 1423.634231][ C1] vkms_vblank_simulate: vblank timer overrun [ 1423.636781][ T5532] ieee802154 phy0 wpan0: encryption failed: -90 [ 1423.778813][ C1] vkms_vblank_simulate: vblank timer overrun [ 1423.842296][ C1] vkms_vblank_simulate: vblank timer overrun [ 1424.062669][ T5386] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1424.062689][ T5386] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1424.062717][ T5386] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1424.065139][ T5386] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1424.065179][ T5386] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1424.065206][ T5386] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1424.130806][ C1] vkms_vblank_simulate: vblank timer overrun [ 1424.178292][ T5386] device hsr_slave_0 entered promiscuous mode [ 1424.181775][ T5386] device hsr_slave_1 entered promiscuous mode [ 1424.198476][ T5386] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1424.198622][ T5386] Cannot create hsr debugfs directory [ 1424.225470][T15368] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 1424.401708][T15368] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1424.401742][T15368] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1424.401765][T15368] usb 7-1: Product: syz [ 1424.401781][T15368] usb 7-1: Manufacturer: syz [ 1424.401798][T15368] usb 7-1: SerialNumber: syz [ 1424.453874][T15368] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1424.497508][T15368] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1424.552159][ T11] device hsr_slave_0 left promiscuous mode [ 1424.665972][ T11] device hsr_slave_1 left promiscuous mode [ 1424.682612][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1424.699268][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1424.749595][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1424.757355][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1424.806221][T26329] Bluetooth: hci3: command 0x040f tx timeout [ 1424.821668][ T11] bridge0: port 3(team0) entered disabled state [ 1424.863505][ T11] device bridge_slave_1 left promiscuous mode [ 1424.865351][ T5536] loop5: detected capacity change from 0 to 32768 [ 1424.883824][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 1424.906566][ T11] device bridge_slave_0 left promiscuous mode [ 1424.935787][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 1424.944123][ T129] usb 7-1: USB disconnect, device number 5 [ 1424.996509][ T5536] XFS (loop5): Mounting V5 Filesystem [ 1425.155682][ T5536] XFS (loop5): Ending clean mount [ 1425.162986][ T5536] XFS (loop5): Quotacheck needed: Please wait. [ 1425.239522][ T11] device veth1_macvtap left promiscuous mode [ 1425.250262][ T11] device veth0_macvtap left promiscuous mode [ 1425.261782][ T11] device veth1_vlan left promiscuous mode [ 1425.300459][ T5536] XFS (loop5): Quotacheck: Done. [ 1425.479969][ T5568] loop4: detected capacity change from 0 to 512 [ 1425.491794][T15368] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive [ 1425.498952][T15368] ath9k_htc: Failed to initialize the device [ 1425.534630][ T129] usb 7-1: ath9k_htc: USB layer deinitialized [ 1425.598861][ T5568] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1425.619565][T26326] XFS (loop5): Unmounting Filesystem [ 1425.716777][ T4265] EXT4-fs (loop4): unmounting filesystem. [ 1425.763284][ C1] vkms_vblank_simulate: vblank timer overrun [ 1425.839395][ T11] bond5 (unregistering): Released all slaves [ 1426.237352][ T5578] dlm: no locking on control device [ 1426.398586][ T11] bond4 (unregistering): Released all slaves [ 1426.476685][ C1] vkms_vblank_simulate: vblank timer overrun [ 1426.796748][T26329] Bluetooth: hci3: command 0x0419 tx timeout [ 1426.887190][ T4340] usb 3-1: new high-speed USB device number 57 using dummy_hcd [ 1426.951401][ T11] bond3 (unregistering): Released all slaves [ 1426.980698][ T11] bond2 (unregistering): Released all slaves [ 1427.082307][ T4340] usb 3-1: Using ep0 maxpacket: 8 [ 1427.090650][ T4340] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 1427.098233][ C1] vkms_vblank_simulate: vblank timer overrun [ 1427.177891][ T4340] usb 3-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 1427.187005][ T4340] usb 3-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 1427.187634][ T5598] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1427.208035][ T4340] usb 3-1: Product: syz [ 1427.225844][ T4340] usb 3-1: Manufacturer: syz [ 1427.230520][ T4340] usb 3-1: SerialNumber: syz [ 1427.320401][ T5600] loop5: detected capacity change from 0 to 64 [ 1427.340332][ T5600] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 1427.462326][ T5600] minix_free_inode: bit 3 already cleared [ 1427.507006][ T4340] usb 3-1: Invalid connection information received from device [ 1427.525912][ C1] vkms_vblank_simulate: vblank timer overrun [ 1427.551246][ T11] bond1 (unregistering): Released all slaves [ 1427.707528][T15368] usb 3-1: USB disconnect, device number 57 [ 1428.223406][ C1] vkms_vblank_simulate: vblank timer overrun [ 1428.338086][ T5616] loop2: detected capacity change from 0 to 2048 [ 1428.366603][ C1] vkms_vblank_simulate: vblank timer overrun [ 1428.512542][ T5616] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1428.692046][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 1429.339877][ T5643] ceph: Path missing in source [ 1429.359158][ T11] device team_slave_1 left promiscuous mode [ 1429.374512][ T11] team0 (unregistering): Port device team_slave_1 removed [ 1429.499356][ T11] device team_slave_0 left promiscuous mode [ 1429.509238][ T11] team0 (unregistering): Port device team_slave_0 removed [ 1429.639805][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1429.744748][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1430.714875][ T11] bond0 (unregistering): Released all slaves [ 1430.836069][ T1110] team0 speed is unknown, defaulting to 1000 [ 1430.836556][ T5572] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1431.063650][ C1] vkms_vblank_simulate: vblank timer overrun [ 1431.098124][ T5659] ipt_rpfilter: unknown options [ 1431.643081][ T5386] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 1431.710493][ T5386] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 1431.754071][ T5386] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 1431.798744][ T5386] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 1431.899112][ T5685] netlink: 256 bytes leftover after parsing attributes in process `syz.5.14887'. [ 1432.245657][ T5386] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1432.300216][T26495] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1432.312801][T26495] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1432.404282][ T5386] 8021q: adding VLAN 0 to HW filter on device team0 [ 1432.481329][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1432.493491][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1432.530261][ T33] bridge0: port 1(bridge_slave_0) entered blocking state [ 1432.537629][ T33] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1432.631593][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1432.689176][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1432.713581][ T33] bridge0: port 2(bridge_slave_1) entered blocking state [ 1432.720846][ T33] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1432.779305][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1432.828436][ T5462] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1432.876986][ T5462] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1432.896771][ T5714] loop5: detected capacity change from 0 to 1764 [ 1432.923709][ T5462] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1432.956585][ T5462] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1432.985645][ T5717] loop4: detected capacity change from 0 to 256 [ 1432.991559][ T5676] loop2: detected capacity change from 0 to 40427 [ 1433.009251][ T5462] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1433.048593][ T5462] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1433.073559][ T5676] F2FS-fs (loop2): invalid crc value [ 1433.082863][ T5676] F2FS-fs (loop2): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 1433.088248][ T5717] FAT-fs (loop4): Directory bread(block 64) failed [ 1433.112673][ T5462] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1433.120065][ T5717] FAT-fs (loop4): Directory bread(block 65) failed [ 1433.174483][ T5717] FAT-fs (loop4): Directory bread(block 66) failed [ 1433.199725][ T5676] F2FS-fs (loop2): Found nat_bits in checkpoint [ 1433.215432][ T5462] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1433.246848][ T5717] FAT-fs (loop4): Directory bread(block 67) failed [ 1433.253580][ T5717] FAT-fs (loop4): Directory bread(block 68) failed [ 1433.266473][ T5462] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1433.314379][ T5462] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1433.326055][ T27] audit: type=1326 audit(1720.123:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5720 comm="syz.5.14896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c2a18f6c9 code=0x7ffc0000 [ 1433.328423][ T5717] FAT-fs (loop4): Directory bread(block 69) failed [ 1433.380007][ T5462] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1433.410627][ T5386] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1433.427906][ T5676] F2FS-fs (loop2): recover fsync data on readonly fs [ 1433.455430][ T27] audit: type=1326 audit(1720.123:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5720 comm="syz.5.14896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c2a18f6c9 code=0x7ffc0000 [ 1433.461391][ T5717] FAT-fs (loop4): Directory bread(block 70) failed [ 1433.498061][ T5676] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 1433.606720][ T27] audit: type=1326 audit(1720.154:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5720 comm="syz.5.14896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c2a18f6c9 code=0x7ffc0000 [ 1433.617618][ T5717] FAT-fs (loop4): Directory bread(block 71) failed [ 1433.700708][ T5717] FAT-fs (loop4): Directory bread(block 72) failed [ 1433.736928][ T27] audit: type=1326 audit(1720.154:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5720 comm="syz.5.14896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c2a18f6c9 code=0x7ffc0000 [ 1433.749289][ T5717] FAT-fs (loop4): Directory bread(block 73) failed [ 1433.852768][ T27] audit: type=1326 audit(1720.154:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5720 comm="syz.5.14896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=123 compat=0 ip=0x7f9c2a18f6c9 code=0x7ffc0000 [ 1433.900926][ T5701] loop6: detected capacity change from 0 to 32768 [ 1433.967908][ T27] audit: type=1326 audit(1720.154:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5720 comm="syz.5.14896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c2a18f6c9 code=0x7ffc0000 [ 1434.075347][ T27] audit: type=1326 audit(1720.154:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5720 comm="syz.5.14896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c2a18f6c9 code=0x7ffc0000 [ 1434.098133][ T27] audit: type=1326 audit(1720.154:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5720 comm="syz.5.14896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f9c2a18f6c9 code=0x7ffc0000 [ 1434.122100][ T5701] XFS (loop6): Mounting V5 Filesystem [ 1434.136296][ T27] audit: type=1326 audit(1720.154:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5720 comm="syz.5.14896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f9c2a18f6c9 code=0x7ffc0000 [ 1434.369092][ T5701] XFS (loop6): Ending clean mount [ 1434.379580][ T5701] XFS (loop6): Quotacheck needed: Please wait. [ 1434.543045][ T5751] loop5: detected capacity change from 0 to 64 [ 1434.630388][ T5701] XFS (loop6): Quotacheck: Done. [ 1435.042023][ T5462] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1435.067692][ T5462] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1435.119615][ T5386] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1435.465453][ T3438] XFS (loop6): Unmounting Filesystem [ 1435.780173][ T5777] bpf: Bad value for 'mode' [ 1436.365380][ T27] audit: type=1400 audit(1723.314:316): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=5792 comm="syz.4.14919" [ 1436.901470][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 1436.914248][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1436.965878][ T5812] netlink: 45 bytes leftover after parsing attributes in process `syz.4.14926'. [ 1437.020826][ T5386] device veth0_vlan entered promiscuous mode [ 1437.044268][ T5462] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1437.104130][ T5462] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1437.158529][ T5386] device veth1_vlan entered promiscuous mode [ 1437.190622][ T5462] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1437.198714][ T5462] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1437.255421][ T5462] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 1437.294916][ T5818] netlink: 12 bytes leftover after parsing attributes in process `syz.5.14929'. [ 1437.311689][ T5824] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 1437.335935][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 1437.352242][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1437.381247][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1437.442419][ T5386] device veth0_macvtap entered promiscuous mode [ 1437.482400][ T5822] loop4: detected capacity change from 0 to 4096 [ 1437.504544][ T5386] device veth1_macvtap entered promiscuous mode [ 1437.630155][ T5386] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1437.645832][ T5822] ntfs: volume version 3.1. [ 1437.693989][ T5386] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1437.769690][ T5386] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1437.837187][ T5386] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1437.883395][ T5386] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1437.922812][ T5386] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1437.959449][ T5386] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1438.014712][ T5835] loop2: detected capacity change from 0 to 4096 [ 1438.018334][ T5386] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1438.068670][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 1438.075119][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 1438.100621][ T5386] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1438.147824][ T5386] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1438.179668][ T33] ntfs: (device loop4): ntfs_write_block(): Writing beyond initialized size is not supported yet. Sorry. [ 1438.204751][ T5386] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1438.220171][ T5835] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 1438.256644][ T5835] ntfs3: loop2: Failed to load $Extend. [ 1438.267837][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1438.314336][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 1438.359303][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1438.409464][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1438.459074][ T5386] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1438.494802][ T5386] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1438.552760][ T5386] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1438.598230][ T5386] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1438.639506][ T5386] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1438.732606][ T5386] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1438.760672][ T5386] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1438.796512][ T5386] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1438.832318][ T5386] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1438.873338][ T5386] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1438.969073][ T5386] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1439.032657][ T4396] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1439.048153][ T4396] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1439.081041][ T5386] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1439.110261][ T5386] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1439.139081][ T5386] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1439.164582][ T5867] cgroup: subsys name conflicts with all [ 1439.185609][ T5386] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1439.565301][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1439.597025][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1439.660339][ T4354] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1439.698325][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1439.734739][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1439.824769][ T5462] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1439.950484][ T5888] netlink: 16 bytes leftover after parsing attributes in process `syz.2.14957'. [ 1439.975792][ T5892] netlink: 'syz.4.14959': attribute type 1 has an invalid length. [ 1440.025969][ T5891] loop6: detected capacity change from 0 to 2048 [ 1440.028042][ T5892] netlink: 224 bytes leftover after parsing attributes in process `syz.4.14959'. [ 1440.084161][ T5891] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1440.216697][ T5898] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1440.517357][ T5902] loop4: detected capacity change from 0 to 512 [ 1440.547320][ T5902] EXT4-fs: Ignoring removed mblk_io_submit option [ 1440.580991][ T5902] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1440.645228][ T5902] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1440.675650][ T5902] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 1440.804391][ T5902] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3836: comm syz.4.14962: Allocating blocks 41-42 which overlap fs metadata [ 1440.858290][ T5902] Quota error (device loop4): write_blk: dquota write failed [ 1440.905132][ T5902] Quota error (device loop4): find_free_dqentry: Can't write quota data block 5 [ 1440.948381][ T5902] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3836: comm syz.4.14962: Allocating blocks 41-42 which overlap fs metadata [ 1440.981184][ T5902] Quota error (device loop4): write_blk: dquota write failed [ 1441.012977][ T5902] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 1441.075995][ T5902] EXT4-fs error (device loop4): ext4_acquire_dquot:6809: comm syz.4.14962: Failed to acquire dquot type 1 [ 1441.123587][ T5902] EXT4-fs error (device loop4): mb_free_blocks:1810: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 1441.171464][ T5902] EXT4-fs error (device loop4): ext4_do_update_inode:5268: inode #12: comm syz.4.14962: corrupted inode contents [ 1441.258674][ T5902] EXT4-fs error (device loop4): ext4_dirty_inode:6133: inode #12: comm syz.4.14962: mark_inode_dirty error [ 1441.334010][ T5902] EXT4-fs error (device loop4): ext4_do_update_inode:5268: inode #12: comm syz.4.14962: corrupted inode contents [ 1441.391917][ T5902] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #12: comm syz.4.14962: mark_inode_dirty error [ 1441.437663][ T5902] EXT4-fs error (device loop4): ext4_do_update_inode:5268: inode #12: comm syz.4.14962: corrupted inode contents [ 1441.538119][ T5902] EXT4-fs error (device loop4) in ext4_orphan_del:301: Corrupt filesystem [ 1441.561989][ T5940] futex_wake_op: syz.6.14974 tries to shift op by 32; fix this program [ 1441.599472][ T5902] EXT4-fs error (device loop4): ext4_do_update_inode:5268: inode #12: comm syz.4.14962: corrupted inode contents [ 1441.667393][ T5902] EXT4-fs error (device loop4): ext4_truncate:4318: inode #12: comm syz.4.14962: mark_inode_dirty error [ 1441.730073][ T5902] EXT4-fs error (device loop4) in ext4_process_orphan:343: Corrupt filesystem [ 1441.779139][ T5902] EXT4-fs (loop4): 1 truncate cleaned up [ 1441.806811][ T5902] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1441.984154][ T5902] Quota error (device loop4): write_blk: dquota write failed [ 1442.052138][ T5902] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota [ 1442.141895][ T5902] EXT4-fs error (device loop4): ext4_acquire_dquot:6809: comm syz.4.14962: Failed to acquire dquot type 1 [ 1442.385795][ T4265] EXT4-fs (loop4): unmounting filesystem. [ 1443.199359][ T5991] loop4: detected capacity change from 0 to 64 [ 1443.202721][ T5988] loop6: detected capacity change from 0 to 512 [ 1443.279947][ T5948] loop7: detected capacity change from 0 to 32768 [ 1443.447715][ T5948] XFS (loop7): DAX unsupported by block device. Turning off DAX. [ 1443.505222][ T5948] XFS (loop7): Mounting V5 Filesystem [ 1443.743863][ T5948] XFS (loop7): Ending clean mount [ 1443.987670][ T5386] XFS (loop7): Unmounting Filesystem [ 1444.465011][ T6032] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized [ 1444.574078][ T27] audit: type=1326 audit(1731.923:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6038 comm="syz.2.15013" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fda7a78f6c9 code=0x0 [ 1444.880505][ T6047] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow [ 1445.253376][ T6057] loop2: detected capacity change from 0 to 1024 [ 1445.323775][ T6057] EXT4-fs (loop2): bad geometry: first data block 0 is beyond end of filesystem (0) [ 1445.664505][ T6072] loop2: detected capacity change from 0 to 128 [ 1445.743085][ T6074] netlink: 'syz.5.15027': attribute type 3 has an invalid length. [ 1445.766143][ T6072] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2 [ 1446.806051][ T6068] loop4: detected capacity change from 0 to 32768 [ 1446.843499][ T6068] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop4 scanned by syz.4.15024 (6068) [ 1446.905797][ T6068] BTRFS info (device loop4): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 1446.972041][ T6068] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 1447.016732][ T6068] BTRFS info (device loop4): enabling ssd optimizations [ 1447.080055][ T6116] netlink: 20 bytes leftover after parsing attributes in process `syz.6.15044'. [ 1447.089542][ T6068] BTRFS info (device loop4): not using ssd optimizations [ 1447.102557][ T6113] loop7: detected capacity change from 0 to 1024 [ 1447.108147][ T6068] BTRFS info (device loop4): turning off barriers [ 1447.137456][ T6068] BTRFS info (device loop4): using free space tree [ 1447.397383][ T9] hfsplus: b-tree write err: -5, ino 4 [ 1447.856171][ T4265] BTRFS info (device loop4): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 1448.067590][T11803] usb 6-1: new high-speed USB device number 27 using dummy_hcd [ 1448.267273][T11803] usb 6-1: Using ep0 maxpacket: 8 [ 1448.274879][T11803] usb 6-1: unable to get BOS descriptor or descriptor too short [ 1448.318980][T11803] usb 6-1: config 8 has an invalid interface number: 24 but max is 0 [ 1448.370413][T11803] usb 6-1: config 8 has no interface number 0 [ 1448.397532][T11803] usb 6-1: config 8 interface 24 altsetting 2 endpoint 0xE has invalid maxpacket 1535, setting to 1024 [ 1448.459651][T11803] usb 6-1: config 8 interface 24 altsetting 2 endpoint 0x85 has an invalid bInterval 255, changing to 11 [ 1448.530636][T11803] usb 6-1: config 8 interface 24 has no altsetting 0 [ 1448.585362][T11803] usb 6-1: New USB device found, idVendor=10cf, idProduct=5503, bcdDevice=75.af [ 1448.600896][T11803] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1448.642788][T11803] usb 6-1: Product: syz [ 1448.647154][T11803] usb 6-1: Manufacturer: syz [ 1448.684222][T11803] usb 6-1: SerialNumber: syz [ 1448.713692][ T6158] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 1448.967806][T11803] comedi comedi4: driver 'vmk80xx' has successfully auto-configured 'K8055 (VM110)'. [ 1449.010189][T11803] usb 6-1: USB disconnect, device number 27 [ 1450.032964][ T6223] netlink: 196 bytes leftover after parsing attributes in process `syz.5.15081'. [ 1450.090462][ T6218] loop6: detected capacity change from 0 to 4096 [ 1450.164023][ T6218] ntfs3: loop6: Different NTFS' sector size (4096) and media sector size (512) [ 1450.368106][ T6218] ntfs3: loop6: failed to convert "c46c" to iso8859-7 [ 1450.575683][ T6240] netlink: 28 bytes leftover after parsing attributes in process `syz.7.15087'. [ 1450.683968][ T6246] loop4: detected capacity change from 0 to 128 [ 1450.726830][ T6247] xt_bpf: check failed: parse error [ 1450.956133][ T27] audit: type=1326 audit(1738.631:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.2.15092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7a78f6c9 code=0x7ffc0000 [ 1451.032889][ T6256] netlink: 12 bytes leftover after parsing attributes in process `syz.5.15094'. [ 1451.042256][ T27] audit: type=1326 audit(1738.631:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.2.15092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7a78f6c9 code=0x7ffc0000 [ 1451.163490][ T27] audit: type=1326 audit(1738.652:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.2.15092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=193 compat=0 ip=0x7fda7a78f6c9 code=0x7ffc0000 [ 1451.288210][ T27] audit: type=1326 audit(1738.652:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.2.15092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7a78f6c9 code=0x7ffc0000 [ 1451.421854][ T27] audit: type=1326 audit(1738.652:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.2.15092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7a78f6c9 code=0x7ffc0000 [ 1451.625240][ T6270] loop6: detected capacity change from 0 to 4096 [ 1451.662546][ T6273] loop4: detected capacity change from 0 to 4096 [ 1451.721134][ T6270] ntfs: (device loop6): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 1451.748115][ T6270] ntfs: (device loop6): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 1451.805475][ T6273] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 1451.842064][ T6270] ntfs: (device loop6): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 1451.874568][ T6270] ntfs: (device loop6): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 1451.902453][ T6284] Lens A: ================= START STATUS ================= [ 1451.914866][ T6273] ntfs3: loop4: Failed to load $Extend. [ 1451.941892][ T6270] ntfs: (device loop6): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 1451.985809][ T6284] Lens A: Focus, Absolute: 0 [ 1451.995777][ T6270] ntfs: volume version 3.1. [ 1452.013966][ T6284] Lens A: ================== END STATUS ================== [ 1452.261646][ T6290] loop2: detected capacity change from 0 to 764 [ 1454.295037][ T6354] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 1454.554709][ T22] usb 3-1: new high-speed USB device number 58 using dummy_hcd [ 1454.563573][ T6367] netlink: 132 bytes leftover after parsing attributes in process `syz.4.15145'. [ 1454.593616][ T6366] netlink: 8 bytes leftover after parsing attributes in process `syz.7.15144'. [ 1454.780520][ T22] usb 3-1: Using ep0 maxpacket: 16 [ 1454.787769][ T22] usb 3-1: config 0 has an invalid interface number: 51 but max is 0 [ 1454.818750][ T22] usb 3-1: config 0 has no interface number 0 [ 1454.866212][ T22] usb 3-1: New USB device found, idVendor=06f8, idProduct=b000, bcdDevice=34.12 [ 1454.893021][ T22] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1454.902678][ T22] usb 3-1: Product: syz [ 1454.907725][ T22] usb 3-1: Manufacturer: syz [ 1454.912572][ T22] usb 3-1: SerialNumber: syz [ 1454.919813][ T22] usb 3-1: config 0 descriptor?? [ 1455.063255][ T4340] usb 5-1: new high-speed USB device number 86 using dummy_hcd [ 1455.148176][ T4333] usb 3-1: USB disconnect, device number 58 [ 1455.250167][ T4347] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 1455.274902][ T4340] usb 5-1: Using ep0 maxpacket: 8 [ 1455.282139][ T4340] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 1455.309587][ T4340] usb 5-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 1455.335809][ T4340] usb 5-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 1455.361945][ T4340] usb 5-1: Product: syz [ 1455.373980][ T4340] usb 5-1: Manufacturer: syz [ 1455.378859][ T4340] usb 5-1: SerialNumber: syz [ 1455.468782][ T4347] usb 7-1: Using ep0 maxpacket: 32 [ 1455.477146][ T4347] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1455.499222][ T4347] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1455.518893][ T4347] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 1455.543413][ T4347] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1455.565080][ T4347] usb 7-1: config 0 descriptor?? [ 1455.600051][ T4340] usb 5-1: Handspring Visor / Palm OS: No valid connect info available [ 1455.611075][ T4347] hub 7-1:0.0: USB hub found [ 1455.619937][ T4340] usb 5-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 1455.637778][ T4340] usb 5-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 1455.654846][ T4340] usb 5-1: Handspring Visor / Palm OS: Number of ports: 2 [ 1455.772805][ T4347] hub 7-1:0.0: 1 port detected [ 1455.802201][ T4340] usb 5-1: palm_os_3_probe - error -71 getting bytes available request [ 1455.821300][ T4340] visor 5-1:1.0: Handspring Visor / Palm OS converter detected [ 1455.858492][ T4340] usb 5-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 1455.945839][ T4340] usb 5-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 1455.971269][ T4347] hub 7-1:0.0: hub_hub_status failed (err = -71) [ 1455.983255][ T4347] hub 7-1:0.0: config failed, can't get hub status (err -71) [ 1456.008439][ T4340] usb 5-1: USB disconnect, device number 86 [ 1456.018150][ T4347] usbhid 7-1:0.0: can't add hid device: -71 [ 1456.026554][ T4347] usbhid: probe of 7-1:0.0 failed with error -71 [ 1456.044154][ T4340] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 1456.069952][ T4347] usb 7-1: USB disconnect, device number 6 [ 1456.082742][ T4340] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 1456.118680][ T4340] visor 5-1:1.0: device disconnected [ 1456.654698][ T6430] netlink: 28 bytes leftover after parsing attributes in process `syz.7.15173'. [ 1456.710011][ T6432] loop2: detected capacity change from 0 to 2048 [ 1456.723545][ T6432] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 1456.747037][ T6430] netlink: 28 bytes leftover after parsing attributes in process `syz.7.15173'. [ 1456.750655][ T6432] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1456.804710][ T6436] netlink: 8 bytes leftover after parsing attributes in process `syz.5.15175'. [ 1457.439315][ T6461] overlayfs: missing 'lowerdir' [ 1457.547699][ T6463] wg1 speed is unknown, defaulting to 1000 [ 1457.553691][ T6463] wg1 speed is unknown, defaulting to 1000 [ 1457.596676][ T6463] wg1 speed is unknown, defaulting to 1000 [ 1457.613113][ T27] kauditd_printk_skb: 15 callbacks suppressed [ 1457.613130][ T27] audit: type=1326 audit(1745.622:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6464 comm="syz.2.15190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7a78f6c9 code=0x7ffc0000 [ 1457.668710][ T6463] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 1457.717142][ T27] audit: type=1326 audit(1745.664:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6464 comm="syz.2.15190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7fda7a78f6c9 code=0x7ffc0000 [ 1457.790286][ T6463] wg1 speed is unknown, defaulting to 1000 [ 1457.806128][ T27] audit: type=1326 audit(1745.664:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6464 comm="syz.2.15190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7a78f6c9 code=0x7ffc0000 [ 1457.847112][ T6463] wg1 speed is unknown, defaulting to 1000 [ 1457.871157][ T6463] wg1 speed is unknown, defaulting to 1000 [ 1457.897099][ T6463] wg1 speed is unknown, defaulting to 1000 [ 1457.913540][ T27] audit: type=1326 audit(1745.664:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6464 comm="syz.2.15190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7a78f6c9 code=0x7ffc0000 [ 1457.936343][ C1] vkms_vblank_simulate: vblank timer overrun [ 1457.956718][ T6463] wg1 speed is unknown, defaulting to 1000 [ 1457.971008][ T6475] netlink: 16 bytes leftover after parsing attributes in process `syz.4.15194'. [ 1458.026637][ T6463] wg1 speed is unknown, defaulting to 1000 [ 1458.054379][ T6479] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 1458.225988][ T6485] netlink: 'syz.4.15199': attribute type 1 has an invalid length. [ 1458.265552][ T6485] netlink: 228 bytes leftover after parsing attributes in process `syz.4.15199'. [ 1458.526653][ T6491] binder: 6490:6491 ioctl c018620c 200000000100 returned -1 [ 1458.584371][ T6497] loop7: detected capacity change from 0 to 1024 [ 1458.755546][ T6501] (unnamed net_device) (uninitialized): option packets_per_slave: mode dependency failed, not supported in mode 802.3ad(4) [ 1459.198051][ T6481] loop6: detected capacity change from 0 to 32768 [ 1459.314554][ T6481] JFS: metapage_get_blocks failed [ 1459.345181][ T6481] ERROR: (device loop6): release_metapage: write_one_page() failed [ 1459.345181][ T6481] [ 1459.380929][ T6481] ERROR: (device loop6): remounting filesystem as read-only [ 1459.534018][ T108] blkno = 8ed2c, nblocks = 1 [ 1459.539134][ T108] ERROR: (device loop6): dbUpdatePMap: blocks are outside the map [ 1459.539134][ T108] [ 1459.778047][ T6527] netlink: 8 bytes leftover after parsing attributes in process `syz.5.15218'. [ 1459.822063][ T6527] netlink: 8 bytes leftover after parsing attributes in process `syz.5.15218'. [ 1460.258584][ T6510] loop4: detected capacity change from 0 to 32768 [ 1460.379141][ T6510] jfs_strtoUCS: char2uni returned -22. [ 1460.395077][ T6510] charset = cp949, char = 0xd4 [ 1460.586619][ T6549] loop6: detected capacity change from 0 to 128 [ 1460.730748][ T6553] loop2: detected capacity change from 0 to 16 [ 1460.766230][ T6553] erofs: DAX enabled. Warning: EXPERIMENTAL, use at your own risk [ 1460.822792][ T6553] erofs: (device loop2): mounted with root inode @ nid 36. [ 1460.851315][ T6555] netlink: 20 bytes leftover after parsing attributes in process `syz.5.15228'. [ 1460.929256][ T6552] loop4: detected capacity change from 0 to 4096 [ 1460.983404][ T6552] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512) [ 1461.739620][ T6577] netlink: 'syz.5.15236': attribute type 6 has an invalid length. [ 1462.390020][ T6558] loop6: detected capacity change from 0 to 40427 [ 1462.452507][ T6558] F2FS-fs (loop6): invalid crc value [ 1462.521636][ T6558] F2FS-fs (loop6): Found nat_bits in checkpoint [ 1462.579603][ T6567] loop2: detected capacity change from 0 to 32768 [ 1462.581329][ T6600] loop4: detected capacity change from 0 to 64 [ 1462.710816][ T6600] Trying to free block not in datazone [ 1462.728845][ T6567] JBD2: Ignoring recovery information on journal [ 1462.743701][ T6604] loop7: detected capacity change from 0 to 4096 [ 1462.791498][ T6558] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 1462.884359][ T6604] ntfs3: loop7: Mark volume as dirty due to NTFS errors [ 1462.968040][ T6567] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode. [ 1463.127773][ T6604] ntfs3: loop7: ino=1e, "file1" attr_set_size [ 1463.208062][ T4280] ocfs2: Unmounting device (7,2) on (node local) [ 1463.580511][ T6620] netlink: 8 bytes leftover after parsing attributes in process `syz.7.15251'. [ 1464.008441][ T6639] netlink: 16 bytes leftover after parsing attributes in process `syz.5.15256'. [ 1464.318672][ T6647] netlink: 'syz.4.15261': attribute type 11 has an invalid length. [ 1464.772568][ T6663] loop6: detected capacity change from 0 to 1764 [ 1464.916154][ T4412] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1464.949348][ T6663] gfs2: Unexpected value for 'discard' [ 1465.284794][ T6676] loop2: detected capacity change from 0 to 4096 [ 1465.335136][ T6676] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 1465.453722][ T6688] netlink: 'syz.7.15278': attribute type 6 has an invalid length. [ 1465.501636][ T6676] ntfs3: loop2: failed to convert "c46c" to macgaelic [ 1466.013039][ C1] sd 0:0:1:0: [sda] tag#5356 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 1466.023533][ C1] sd 0:0:1:0: [sda] tag#5356 CDB: Read(6) 08 00 00 00 03 44 [ 1466.860419][ T6742] kernel read not supported for file / œ7³ÏüâW)ës“§Ç!Qöì¥fsõl{T‡rÒ)r§ÖOš˜õ2:"ôÀT+ÍŸv|Õ²DvcŽ“ØÖ Å6Òxãc: (pid: 6742 comm: syz.5.15301) [ 1466.982287][ T27] audit: type=1800 audit(1755.449:331): pid=6742 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.15301" name=20019C1437B3CFFCC3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=138365 res=0 errno=0 [ 1467.263963][ T5325] usb 3-1: new high-speed USB device number 59 using dummy_hcd [ 1467.277358][ T6759] netlink: 1033 bytes leftover after parsing attributes in process `syz.7.15308'. [ 1467.288691][ T6756] libceph: resolve '4..' (ret=-3): failed [ 1467.452030][ T5325] usb 3-1: Using ep0 maxpacket: 8 [ 1467.459103][ T5325] usb 3-1: config 0 has an invalid interface number: 96 but max is 0 [ 1467.498614][ T5325] usb 3-1: config 0 has no interface number 0 [ 1467.508470][ T5325] usb 3-1: config 0 interface 96 altsetting 3 endpoint 0x88 has an invalid bInterval 254, changing to 11 [ 1467.565583][ T5325] usb 3-1: config 0 interface 96 has no altsetting 0 [ 1467.588128][ T5325] usb 3-1: New USB device found, idVendor=0b57, idProduct=2a8d, bcdDevice=33.74 [ 1467.620541][ T5325] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1467.660083][ T5325] usb 3-1: Product: syz [ 1467.670738][ T5325] usb 3-1: Manufacturer: syz [ 1467.680680][ T5325] usb 3-1: SerialNumber: syz [ 1467.692581][ T5325] usb 3-1: config 0 descriptor?? [ 1467.878550][ T6778] loop4: detected capacity change from 0 to 2048 [ 1467.890608][ T6781] netlink: 8 bytes leftover after parsing attributes in process `syz.5.15314'. [ 1467.926185][ T6778] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1468.150375][ T5325] usb 3-1: USB disconnect, device number 59 [ 1468.392837][ T6786] loop6: detected capacity change from 0 to 4096 [ 1468.460514][ T6786] ntfs: (device loop6): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 1468.545822][ T6786] ntfs: (device loop6): load_system_files(): $MFTMirr does not match $MFT. Will not be able to remount read-write. Run ntfsfix and/or chkdsk. [ 1468.697738][ T6786] ntfs: volume version 3.1. [ 1469.258023][ T6819] netlink: 'syz.2.15331': attribute type 6 has an invalid length. [ 1469.276215][ T6822] netlink: 'syz.7.15332': attribute type 29 has an invalid length. [ 1469.307836][ T6822] netlink: 'syz.7.15332': attribute type 29 has an invalid length. [ 1469.498751][ T6828] netlink: 'syz.5.15335': attribute type 24 has an invalid length. [ 1469.662440][ T4644] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 1469.852476][ T4644] usb 7-1: Using ep0 maxpacket: 32 [ 1469.859594][ T4644] usb 7-1: config 0 has an invalid interface number: 47 but max is 0 [ 1469.897874][ T4644] usb 7-1: config 0 has no interface number 0 [ 1469.928279][ T4644] usb 7-1: config 0 interface 47 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023 [ 1469.958240][ T4644] usb 7-1: config 0 interface 47 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8 [ 1469.968597][ T6845] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 1469.976017][ T6845] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 1470.017445][ T4644] usb 7-1: New USB device found, idVendor=08dd, idProduct=90ff, bcdDevice=7b.76 [ 1470.036745][ T4644] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1470.054625][ T4644] usb 7-1: Product: syz [ 1470.078986][ T4644] usb 7-1: Manufacturer: syz [ 1470.098094][ T4644] usb 7-1: SerialNumber: syz [ 1470.128310][ T4644] usb 7-1: config 0 descriptor?? [ 1470.133211][ T6842] loop4: detected capacity change from 0 to 4096 [ 1470.153881][ T6824] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1470.193910][ T6824] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1470.356297][ T6855] __vm_enough_memory: pid: 6855, comm: syz.2.15345, no enough memory for the allocation [ 1470.463276][ T4644] asix 7-1:0.47 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 1470.494021][ T4644] asix: probe of 7-1:0.47 failed with error -71 [ 1470.551019][ T4644] usb 7-1: USB disconnect, device number 7 [ 1471.131837][ T6871] loop4: detected capacity change from 0 to 4096 [ 1471.241754][ T6871] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 1471.340999][ T6885] overlayfs: conflicting options: nfs_export=on,index=off [ 1471.410798][ T6888] loop7: detected capacity change from 0 to 256 [ 1471.495866][ T6889] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1471.541780][ T6888] FAT-fs (loop7): Directory bread(block 64) failed [ 1471.574174][ T6888] FAT-fs (loop7): Directory bread(block 65) failed [ 1471.626060][ T6888] FAT-fs (loop7): Directory bread(block 66) failed [ 1471.632677][ T6888] FAT-fs (loop7): Directory bread(block 67) failed [ 1471.709455][ T6888] FAT-fs (loop7): Directory bread(block 68) failed [ 1471.744786][ T6888] FAT-fs (loop7): Directory bread(block 69) failed [ 1471.774316][ T6888] FAT-fs (loop7): Directory bread(block 70) failed [ 1471.805316][ T6888] FAT-fs (loop7): Directory bread(block 71) failed [ 1471.839591][ T6888] FAT-fs (loop7): Directory bread(block 72) failed [ 1471.882600][ T6888] FAT-fs (loop7): Directory bread(block 73) failed [ 1473.241974][ T6940] loop6: detected capacity change from 0 to 4096 [ 1473.323304][ T6940] ntfs: (device loop6): ntfs_is_extended_system_file(): Inode hard link count doesn't match number of name attributes. You should run chkdsk. [ 1473.399239][ T6940] ntfs: (device loop6): ntfs_read_locked_inode(): $DATA attribute is missing. [ 1473.453275][ T6940] ntfs: (device loop6): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0xa as bad. Run chkdsk. [ 1473.501002][ T6940] ntfs: (device loop6): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 1473.606233][ T6940] ntfs: volume version 3.1. [ 1473.652513][ T6940] ntfs: (device loop6): ntfs_mapping_pairs_decompress(): Invalid LCN < -1 in mapping pairs array. [ 1473.682007][ T6940] ntfs: (device loop6): ntfs_read_block(): Failed to read from inode 0x5, attribute type 0xa0, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 1473.758387][ T6940] ntfs: (device loop6): ntfs_mapping_pairs_decompress(): Invalid LCN < -1 in mapping pairs array. [ 1473.823986][ T6940] ntfs: (device loop6): ntfs_read_block(): Failed to read from inode 0x5, attribute type 0xa0, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 1473.890000][ T6963] loop4: detected capacity change from 0 to 4096 [ 1473.938536][ T6940] ntfs: (device loop6): ntfs_lookup_inode_by_name(): Failed to map directory index page, error 5. [ 1473.970617][ T6963] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512) [ 1473.999693][ T6940] ntfs: (device loop6): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 1474.187122][ T4284] Bluetooth: hci5: command 0x0406 tx timeout [ 1474.872543][ T5325] usb 3-1: new high-speed USB device number 60 using dummy_hcd [ 1475.063037][ T5325] usb 3-1: Using ep0 maxpacket: 32 [ 1475.071871][ T5325] usb 3-1: config 0 has an invalid interface number: 61 but max is 1 [ 1475.120535][ T5325] usb 3-1: config 0 has no interface number 1 [ 1475.176268][ T5325] usb 3-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=b5.f6 [ 1475.204934][ T5325] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1475.247467][ T5325] usb 3-1: Product: syz [ 1475.271546][ T5325] usb 3-1: Manufacturer: syz [ 1475.308592][ T5325] usb 3-1: SerialNumber: syz [ 1475.331499][ T5325] usb 3-1: config 0 descriptor?? [ 1475.455433][ T5325] viperboard 3-1:0.61: version 0.00 found at bus 003 address 060 [ 1475.534757][ T5325] viperboard-i2c viperboard-i2c.2.auto: failure setting i2c_bus_freq to 100 [ 1475.569031][ T5325] viperboard-i2c: probe of viperboard-i2c.2.auto failed with error -5 [ 1475.663152][ T5325] viperboard 3-1:0.0: version 0.00 found at bus 003 address 060 [ 1475.729963][ T5325] viperboard-i2c viperboard-i2c.5.auto: failure setting i2c_bus_freq to 100 [ 1475.738737][ T5325] viperboard-i2c: probe of viperboard-i2c.5.auto failed with error -5 [ 1475.807125][ T5325] usb 3-1: USB disconnect, device number 60 [ 1476.403987][ T7051] netlink: 'syz.4.15427': attribute type 1 has an invalid length. [ 1477.136964][ T7078] netlink: 12 bytes leftover after parsing attributes in process `syz.7.15437'. [ 1477.446622][ T7093] netlink: 124 bytes leftover after parsing attributes in process `syz.7.15444'. [ 1477.587615][ T7093] netlink: 'syz.7.15444': attribute type 3 has an invalid length. [ 1477.694946][ T7102] loop6: detected capacity change from 0 to 8 [ 1478.402286][ T7127] device netdevsim0 entered promiscuous mode [ 1478.462896][ T7127] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 1478.662127][ T7133] loop4: detected capacity change from 0 to 4096 [ 1478.806078][ T7141] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1480.213399][ T7198] loop6: detected capacity change from 0 to 128 [ 1480.477927][ T27] kauditd_printk_skb: 2 callbacks suppressed [ 1480.477944][ T27] audit: type=1326 audit(1769.621:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7204 comm="syz.7.15490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2157b8f6c9 code=0x7ffc0000 [ 1480.570469][ T7208] netlink: 'syz.5.15491': attribute type 39 has an invalid length. [ 1480.618551][ T27] audit: type=1326 audit(1769.673:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7204 comm="syz.7.15490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=104 compat=0 ip=0x7f2157b8f6c9 code=0x7ffc0000 [ 1480.742578][ T27] audit: type=1326 audit(1769.673:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7204 comm="syz.7.15490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2157b8f6c9 code=0x7ffc0000 [ 1480.860080][ T27] audit: type=1326 audit(1769.673:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7204 comm="syz.7.15490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2157b8f6c9 code=0x7ffc0000 [ 1481.411598][ T7242] netlink: 1 bytes leftover after parsing attributes in process `syz.5.15506'. [ 1481.454705][ T4340] usb 5-1: new high-speed USB device number 87 using dummy_hcd [ 1481.660418][ T4340] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1481.692712][ T4340] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1481.700800][ T4340] usb 5-1: Product: syz [ 1481.735739][ T4340] usb 5-1: Manufacturer: syz [ 1481.740422][ T4340] usb 5-1: SerialNumber: syz [ 1481.795703][ T4340] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1481.910672][ T4340] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1481.962666][ T28] INFO: task syz-executor:4267 blocked for more than 143 seconds. [ 1481.974037][ T28] Not tainted syzkaller #0 [ 1482.011506][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1482.035301][ T28] task:syz-executor state:D stack:21904 pid:4267 ppid:1 flags:0x00004004 [ 1482.072123][ T28] Call Trace: [ 1482.082208][ T28] [ 1482.085894][ T28] __schedule+0x10ec/0x40b0 [ 1482.090635][ T28] ? __sched_text_start+0x8/0x8 [ 1482.098954][ T28] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 1482.132834][ T28] ? lock_chain_count+0x20/0x20 [ 1482.139569][ C0] usb 5-1: ath9k_htc: invalid pkt_len (ffd7) [ 1482.153543][ T28] ? _raw_spin_lock_irq+0xab/0xe0 [ 1482.167572][ T28] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 1482.179067][ T28] schedule+0xb9/0x180 [ 1482.183602][ T28] io_schedule+0x7c/0xd0 [ 1482.188697][ T28] folio_wait_bit_common+0x6e1/0xf60 [ 1482.194463][ T28] ? folio_wait_bit+0x30/0x30 [ 1482.210904][ T28] ? migration_entry_wait_on_locked+0xe50/0xe50 [ 1482.223176][ T28] ? folio_mapping+0x1ba/0x4d0 [ 1482.230635][ T28] truncate_inode_pages_range+0x9a2/0xff0 [ 1482.241813][ T28] ? mapping_evict_folio+0x520/0x520 [ 1482.252319][ T28] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 1482.264336][ T28] ? _raw_spin_unlock_irq+0x1f/0x40 [ 1482.273697][ T28] ? lockdep_hardirqs_on+0x94/0x140 [ 1482.290047][ T28] evict+0x498/0x870 [ 1482.294407][ T28] ? proc_nr_inodes+0x2f0/0x2f0 [ 1482.299315][ T28] ? do_raw_spin_unlock+0x11d/0x230 [ 1482.310530][ T28] ? _raw_spin_unlock+0x24/0x40 [ 1482.337553][ T28] ? do_raw_spin_unlock+0x11d/0x230 [ 1482.346321][ T22] usb 5-1: USB disconnect, device number 87 [ 1482.361009][ T28] evict_inodes+0x604/0x690 [ 1482.376039][ T28] ? clear_inode+0x150/0x150 [ 1482.381149][ T28] ? dput+0x1c9/0x1d0 [ 1482.385327][ T28] ? sync_filesystem+0x103/0x220 [ 1482.390728][ T28] generic_shutdown_super+0x93/0x340 [ 1482.396196][ T28] kill_block_super+0x7c/0xe0 [ 1482.401357][ T28] deactivate_locked_super+0x93/0xf0 [ 1482.407219][ T28] cleanup_mnt+0x463/0x4f0 [ 1482.411700][ T28] ? lockdep_hardirqs_on+0x94/0x140 [ 1482.417582][ T28] task_work_run+0x1ca/0x250 [ 1482.422240][ T28] ? task_work_cancel+0x230/0x230 [ 1482.427769][ T28] ? exit_to_user_mode_loop+0x3b/0x110 [ 1482.433725][ T28] exit_to_user_mode_loop+0xe6/0x110 [ 1482.439624][ T28] exit_to_user_mode_prepare+0xee/0x180 [ 1482.445244][ T28] syscall_exit_to_user_mode+0x16/0x40 [ 1482.451550][ T28] do_syscall_64+0x58/0xa0 [ 1482.457561][ T28] ? clear_bhb_loop+0x60/0xb0 [ 1482.462458][ T28] ? clear_bhb_loop+0x60/0xb0 [ 1482.468175][ T28] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1482.474833][ T28] RIP: 0033:0x7f6e139909f7 [ 1482.481900][ T28] RSP: 002b:00007ffe587c9c48 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1482.496534][ T28] RAX: 0000000000000000 RBX: 00007f6e13a11d7d RCX: 00007f6e139909f7 [ 1482.505252][ T28] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe587c9d00 [ 1482.513439][ T28] RBP: 00007ffe587c9d00 R08: 0000000000000000 R09: 0000000000000000 [ 1482.521681][ T28] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe587cad90 [ 1482.529702][ T28] R13: 00007f6e13a11d7d R14: 00000000001529e9 R15: 00007ffe587cadd0 [ 1482.537908][ T28] [ 1482.541401][ T28] [ 1482.541401][ T28] Showing all locks held in the system: [ 1482.549176][ T28] 1 lock held by rcu_tasks_kthre/12: [ 1482.554893][ T28] #0: ffffffff8cb2b630 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x33/0xf00 [ 1482.567517][ T28] 1 lock held by rcu_tasks_trace/13: [ 1482.573544][ T28] #0: ffffffff8cb2be50 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x33/0xf00 [ 1482.584878][ T28] 5 locks held by kworker/1:0/22: [ 1482.590069][ T28] #0: ffff888140e5cd38 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x7a1/0x1160 [ 1482.601293][ T28] #1: ffffc900001c7d00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x7a1/0x1160 [ 1482.612812][ T28] #2: ffff888145bde190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1a7/0x54e0 [ 1482.621853][ T28] #3: ffff88805550c190 (&dev->mutex){....}-{3:3}, at: usb_disconnect+0x107/0x8a0 [ 1482.632037][ T28] #4: ffff888057d45118 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xb2/0x850 [ 1482.643493][ T28] 1 lock held by khungtaskd/28: [ 1482.650690][ T28] #0: ffffffff8cb2aca0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x51/0x290 [ 1482.661072][ T28] 2 locks held by getty/4026: [ 1482.667032][ T28] #0: ffff88814d00c098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70 [ 1482.677373][ T28] #1: ffffc9000327b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x41b/0x1380 [ 1482.687765][ T28] 1 lock held by syz-executor/4267: [ 1482.693509][ T28] #0: ffff8880748d20e0 (&type->s_umount_key#74){+.+.}-{3:3}, at: deactivate_super+0xa0/0xd0 [ 1482.704066][ T28] 2 locks held by kworker/0:6/4340: [ 1482.709391][ T28] #0: ffff888017470938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x7a1/0x1160 [ 1482.719957][ T28] #1: ffffc90004927d00 ((work_completion)(&fw_work->work)){+.+.}-{0:0}, at: process_one_work+0x7a1/0x1160 [ 1482.731873][ T28] [ 1482.734245][ T28] ============================================= [ 1482.734245][ T28] [ 1482.742800][ T28] NMI backtrace for cpu 0 [ 1482.747161][ T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted syzkaller #0 [ 1482.754398][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1482.764493][ T28] Call Trace: [ 1482.767818][ T28] [ 1482.770775][ T28] dump_stack_lvl+0x168/0x22e [ 1482.775466][ T28] ? preempt_schedule_thunk+0x16/0x18 [ 1482.780875][ T28] ? show_regs_print_info+0x12/0x12 [ 1482.786181][ T28] ? load_image+0x3b0/0x3b0 [ 1482.791321][ T28] ? vprintk_emit+0x571/0x680 [ 1482.796019][ T28] ? printk_sprint+0x460/0x460 [ 1482.800821][ T28] nmi_cpu_backtrace+0x3f4/0x470 [ 1482.805818][ T28] ? nmi_trigger_cpumask_backtrace+0x450/0x450 [ 1482.812003][ T28] ? _printk+0xcc/0x110 [ 1482.816175][ T28] ? load_image+0x3b0/0x3b0 [ 1482.820706][ T28] ? load_image+0x3b0/0x3b0 [ 1482.825253][ T28] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 1482.831360][ T28] nmi_trigger_cpumask_backtrace+0x1d4/0x450 [ 1482.837910][ T28] watchdog+0xeee/0xf30 [ 1482.842113][ T28] ? watchdog+0x1ed/0xf30 [ 1482.846485][ T28] kthread+0x29d/0x330 [ 1482.850607][ T28] ? hungtask_pm_notify+0x40/0x40 [ 1482.855678][ T28] ? kthread_blkcg+0xd0/0xd0 [ 1482.860338][ T28] ret_from_fork+0x1f/0x30 [ 1482.864814][ T28] [ 1482.868568][ T28] Sending NMI from CPU 0 to CPUs 1: [ 1482.874074][ C1] NMI backtrace for cpu 1 [ 1482.874085][ C1] CPU: 1 PID: 3619 Comm: syslogd Not tainted syzkaller #0 [ 1482.874101][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1482.874112][ C1] RIP: 0010:unix_dgram_recvmsg+0xb4/0xd0 [ 1482.874135][ C1] Code: 4c 89 e7 4c 89 fe 4c 89 f2 89 d9 45 31 c0 5b 41 5c 41 5d 41 5e 41 5f 5d ff e0 e8 17 e0 a7 f8 4c 89 e7 4c 89 fe 4c 89 f2 89 d9 <5b> 41 5c 41 5d 41 5e 41 5f 5d e9 4d e4 fe ff 66 2e 0f 1f 84 00 00 [ 1482.874151][ C1] RSP: 0018:ffffc90003287b88 EFLAGS: 00000293 [ 1482.874167][ C1] RAX: ffffffff88d8f649 RBX: 0000000000000000 RCX: 0000000000000000 [ 1482.874178][ C1] RDX: 00000000000000ff RSI: ffffc90003287c00 RDI: ffff88807e0cd000 [ 1482.874191][ C1] RBP: dffffc0000000000 R08: dffffc0000000000 R09: ffffc90003287c58 [ 1482.874203][ C1] R10: fffff52000650f8d R11: 1ffff92000650f8b R12: ffff88807e0cd000 [ 1482.874216][ C1] R13: ffffffff8de40980 R14: 00000000000000ff R15: ffffc90003287c00 [ 1482.874228][ C1] FS: 00007f847134cc80(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 1482.874243][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1482.874254][ C1] CR2: 00007fbd6d3b4198 CR3: 000000007e4f7000 CR4: 00000000003506e0 [ 1482.874269][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1482.874279][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1482.874289][ C1] Call Trace: [ 1482.874295][ C1] [ 1482.874303][ C1] sock_read_iter+0x2bf/0x370 [ 1482.874330][ C1] ? kernel_sock_ip_overhead+0x590/0x590 [ 1482.874360][ C1] ? common_file_perm+0x171/0x1c0 [ 1482.874387][ C1] ? fsnotify_perm+0x248/0x550 [ 1482.874408][ C1] vfs_read+0x434/0x920 [ 1482.874433][ C1] ? kernel_read+0x1e0/0x1e0 [ 1482.874454][ C1] ? rcu_is_watching+0x11/0xa0 [ 1482.874484][ C1] ? __bpf_trace_rseq_ip_fixup+0x40/0x40 [ 1482.874509][ C1] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 1482.874533][ C1] ? __fdget_pos+0x1d4/0x360 [ 1482.874557][ C1] ksys_read+0x143/0x240 [ 1482.874580][ C1] ? vfs_write+0x960/0x960 [ 1482.874604][ C1] ? lockdep_hardirqs_on+0x94/0x140 [ 1482.874630][ C1] do_syscall_64+0x4c/0xa0 [ 1482.874648][ C1] ? clear_bhb_loop+0x60/0xb0 [ 1482.874666][ C1] ? clear_bhb_loop+0x60/0xb0 [ 1482.874684][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1482.874701][ C1] RIP: 0033:0x7f847149c407 [ 1482.874714][ C1] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff [ 1482.874728][ C1] RSP: 002b:00007ffd185bb690 EFLAGS: 00000202 ORIG_RAX: 0000000000000000 [ 1482.874743][ C1] RAX: ffffffffffffffda RBX: 00007f847134cc80 RCX: 00007f847149c407 [ 1482.874755][ C1] RDX: 00000000000000ff RSI: 0000560f4279f950 RDI: 0000000000000000 [ 1482.874766][ C1] RBP: 0000560f4279f910 R08: 0000000000000000 R09: 0000000000000000 [ 1482.874776][ C1] R10: 0000000000000000 R11: 0000000000000202 R12: 0000560f4279f989 [ 1482.874787][ C1] R13: 0000000000000000 R14: 0000560f4279f950 R15: 0000560f1e5f3d98 [ 1482.874807][ C1] [ 1482.875460][ T28] Kernel panic - not syncing: hung_task: blocked tasks [ 1483.179097][ T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted syzkaller #0 [ 1483.186319][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1483.196382][ T28] Call Trace: [ 1483.199671][ T28] [ 1483.202613][ T28] dump_stack_lvl+0x168/0x22e [ 1483.207310][ T28] ? memcpy+0x3c/0x60 [ 1483.211317][ T28] ? show_regs_print_info+0x12/0x12 [ 1483.216534][ T28] ? load_image+0x3b0/0x3b0 [ 1483.221084][ T28] panic+0x2c9/0x710 [ 1483.224996][ T28] ? schedule_preempt_disabled+0x20/0x20 [ 1483.230647][ T28] ? bpf_jit_dump+0xd0/0xd0 [ 1483.235164][ T28] ? __irq_work_queue_local+0x12c/0x190 [ 1483.240745][ T28] ? nmi_trigger_cpumask_backtrace+0x35b/0x450 [ 1483.246924][ T28] ? nmi_trigger_cpumask_backtrace+0x360/0x450 [ 1483.253100][ T28] watchdog+0xf2d/0xf30 [ 1483.257297][ T28] ? watchdog+0x1ed/0xf30 [ 1483.261640][ T28] kthread+0x29d/0x330 [ 1483.265738][ T28] ? hungtask_pm_notify+0x40/0x40 [ 1483.270777][ T28] ? kthread_blkcg+0xd0/0xd0 [ 1483.275383][ T28] ret_from_fork+0x1f/0x30 [ 1483.279823][ T28] [ 1483.283097][ T28] Kernel Offset: disabled [ 1483.287432][ T28] Rebooting in 86400 seconds..