last executing test programs: 3m30.659458292s ago: executing program 0 (id=11190): r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_GET_UNIQUE(r0, 0xc0106401, &(0x7f0000000240)={0xe88df0c4fd85dcf, 0x0}) 3m30.427295817s ago: executing program 0 (id=11192): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x38, 0x29, 0x49920d862a92153b, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x41, 0x30012}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x4}}}, @IFLA_MASTER={0x8}]}, 0x38}}, 0x0) 3m30.143657416s ago: executing program 0 (id=11194): r0 = socket$inet_smc(0x2b, 0x1, 0x0) getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, &(0x7f0000000000)={'NETMAP\x00'}, &(0x7f0000000040)=0x1e) 3m29.890407795s ago: executing program 0 (id=11197): r0 = socket(0x1d, 0x2, 0x6) recvfrom$l2tp6(r0, 0x0, 0x0, 0x5028ce1c6d9ffa16, 0x0, 0x0) 3m29.583267929s ago: executing program 0 (id=11201): r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x12, &(0x7f0000000000)=0x10000003, 0x4) 3m29.26326217s ago: executing program 0 (id=11205): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x1c, 0x26, 0x9, 0x70bd25, 0x25dfdbfa, {0x2}, [@typed={0x8, 0x1, 0x0, 0x0, @u32=0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000002}, 0x4000080) 3m14.850348621s ago: executing program 32 (id=11205): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x1c, 0x26, 0x9, 0x70bd25, 0x25dfdbfa, {0x2}, [@typed={0x8, 0x1, 0x0, 0x0, @u32=0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000002}, 0x4000080) 2m29.868745748s ago: executing program 1 (id=12177): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000008c0)={0x20, 0x2e, 0x9, 0x70bd27, 0x0, {0x4}, [@typed={0x8, 0x9, 0x0, 0x0, @fd}, @typed={0x4, 0x12}]}, 0x20}, 0x1, 0x0, 0x0, 0x42804}, 0x0) 2m29.433609701s ago: executing program 1 (id=12186): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000780), 0x2, 0x0) ioctl$VIDIOC_S_AUDOUT(r0, 0x40345632, &(0x7f00000007c0)={0x0, "d6309093fa7936fc7ab4ce479e5fad975b89ed15c642c6c537e7baf08da1630d", 0x4, 0x1}) 2m29.145217724s ago: executing program 1 (id=12190): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000000)={@host}) 2m28.922056759s ago: executing program 1 (id=12195): futex(&(0x7f000000cffc), 0x9, 0x0, 0x0, 0x0, 0x300) futex(&(0x7f000000cffc), 0x5, 0x800, 0x0, &(0x7f00000001c0), 0x3000000) 2m28.691723645s ago: executing program 1 (id=12200): r0 = syz_open_dev$dmmidi(&(0x7f0000000300), 0x2, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_STATUS64(r0, 0xc0385720, &(0x7f0000000040)) 2m28.441173058s ago: executing program 1 (id=12206): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x14, 0x26, 0x301, 0x70bd24, 0x25dfdbfd, {0x1}}, 0x14}, 0x1, 0x0, 0x0, 0x4004004}, 0x4000) 2m14.084080465s ago: executing program 33 (id=12206): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x14, 0x26, 0x301, 0x70bd24, 0x25dfdbfd, {0x1}}, 0x14}, 0x1, 0x0, 0x0, 0x4004004}, 0x4000) 32.911368676s ago: executing program 3 (id=13981): r0 = socket$kcm(0xa, 0x5, 0x0) setsockopt$sock_attach_bpf(r0, 0x29, 0x46, 0x0, 0x0) sendmsg$kcm(r0, &(0x7f0000002dc0)={&(0x7f0000001640)=@l2tp6={0xa, 0x0, 0x0, @local, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f00000002c0)='\t', 0x1}], 0x1}, 0x41) 32.82306745s ago: executing program 3 (id=13982): openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x40, 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0) mount$nfs(&(0x7f0000000000)='@\a', &(0x7f0000000180)='./file1\x00', &(0x7f00000001c0), 0x1000000, 0x0) 32.499916191s ago: executing program 3 (id=13987): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x38011, r0, 0x0) syz_io_uring_setup(0x4ec5, &(0x7f0000000140)={0x0, 0xd210, 0x2, 0x3, 0x224}, &(0x7f0000000080), &(0x7f0000001040), &(0x7f0000000000)) 32.205997348s ago: executing program 3 (id=13991): mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) iopl(0x3) syz_clone3(&(0x7f00000071c0)={0x1000, 0x0, 0x0, 0x0, {0x36}, 0x0, 0x0, 0x0, 0x0}, 0x58) 31.873347866s ago: executing program 3 (id=13994): r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10) statx(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x6000, &(0x7f0000000240)) 31.564591052s ago: executing program 3 (id=13998): r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0x800, 0x0, 0x2000000000903, 0x1, 0x0, 0xfffe}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@loopback={0x0, 0x7ffffffff000}, 0x800, 0x0, 0x2000000000903}, 0x20) 17.092581156s ago: executing program 34 (id=13998): r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0x800, 0x0, 0x2000000000903, 0x1, 0x0, 0xfffe}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@loopback={0x0, 0x7ffffffff000}, 0x800, 0x0, 0x2000000000903}, 0x20) 5.286600207s ago: executing program 7 (id=14248): r0 = syz_usb_connect$hid(0x2, 0x3f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000406d0427c200000000000109022d00010000000f09040000050300000009210000000122050009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000300)={0x24, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="002205"], 0x0}, 0x0) 3.270935483s ago: executing program 7 (id=14260): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000100)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfefff963}, [@call={0x85, 0x0, 0x0, 0xbc}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xe, 0x0, &(0x7f00000003c0)="b2f3648e12e0a4fedee8af89368b", 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 2.927206756s ago: executing program 7 (id=14262): r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f0000000000)=0x201, 0x4) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c0000005e00cb7b27bd7000fbdbdf250000", @ANYRESOCT], 0x1c}, 0x1, 0x0, 0x0, 0x4040050}, 0x4c000) 2.925954765s ago: executing program 5 (id=14263): r0 = syz_open_dev$vbi(&(0x7f0000000080), 0x3, 0x2) ioctl$VIDIOC_S_OUTPUT(r0, 0xc004562f, &(0x7f0000000000)=0x1) ioctl$VIDIOC_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000380)={0x0, @bt={0x2d0, 0x191, 0x1, 0x0, 0xdd9f83, 0xfffffffc, 0x2f, 0x80000000, 0x1b, 0x8, 0x722, 0x6, 0x7, 0x83, 0x27, 0x20, {0x0, 0x6fd8e84b}, 0x3, 0xed}}) 2.734815852s ago: executing program 5 (id=14265): syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000140)='./file2\x00', 0x20048a, &(0x7f0000000300), 0x12, 0x522, &(0x7f0000000440)="$eJzs3U9sI1cZAPBvJsnau02bLfQAqNClFBa0WjvxtquqF8qpQqgSokcO25B4o2jtOIqd0oSVyB65I1GJE5w4c0DigNQTdyQOcONSDkgFVqAGCQkjj8eJ88eJu5vYu/HvJ438Zp7j773Mznujz5t5AUysaxGxExGXIuLdiJjLjyf5Fm92t877Pnl4f2n34f2lJNrtd/6RZPWdY9H3Mx3P5J9ZjIjvvRXxg+RQ0D9GNLe27y3WatWN/FC5VV8vN7e2b67WF1eqK9W1SuX2wu3512+9Vjmzvr5U//XHlyPid7/94kd/2PnGjzrNms3r+vtxlrpdn9mLE9HOfsXfOY9gYzAVEdP5v59P7ZF+iLOURsRnIuLl7Pqfi6nsbB508DR9c4StAwDOQ7s9l9+R9vYBgIsuzXJgSVrKcwGzkaalUjeH90JcSWuNZuvG3cbm2nI3V3Y1ZtK7q7XqfJ4rvBozyd3V6epCVu7t16qVQ/u3IuL5iPhp4XK2X1pq1JbHeeMDABPsmUPz/78L3fkfALjgivvFwjjbAQCMTnHcDQAARs78DwCTx/wPAJPH/A8Ak8f8DwCTx/wPABPlu2+/3dnau/nzr5ff29q813jv5nK1ea9U31wqLTU21ksrjcZK9sye+mmfV2s01hdejc33y61qs1Vubm3fqTc211p3sud636nOjKRXAMBJnn/pwz8nEbHzxuVsi77n/Z86V7943q0DzlM67gYAYzM17gYAY3N0tS9gUsjHw+T6X7vdjr61eyPiwV6p72GgA/+L0AdDhUmtGwpPnuuff4z8P/BUk/+HyfVo+X/38nARyP/D5Gq3E2v+A8CEkeMHklPq+7//n2/37Qz3/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcSLPZlqSlfC3w2UjTUini2Yi4GjPJ3dVadT4inouIPxVmCp39hYiwbhAAPM3SvyX5+l/X516ZPVx7qfCfQvYaET/8+Ts/e3+x1dpYiLiU/HPveOuD/HhlHO0HAE7Tm6d783jPJw/vL/W2Ubbn4291FxftxN3Nt27NdExnr8Us13DlX0m+39W5X5k6g/g7DyLic8f1P8lyI1fzlU8Px+/Efnak8dMD8dOsrvva+V189gzaApPmw8748+Zx118a17LX46//YjZCPb7e+Ld7ZPxL98a/qQHj37VhY7z6+28fOdie69Y9iPjCdMRu78P7xp9e/GRA/FeGjP+XF7/08qC69i8irsdx/U8OxCq36uvl5tb2zdX64kp1pbpWqdxeuD3/+q3XKuUsR13uZaqP+vsbN54bFL/T/ysD4hdP6f9Xh+z/L//77ve/fEL8r39lP/6PY//8v3BC/M6c+LUh4y9e+U1xUF0n/vKA/p92/m8MGf+jv24vD/lWAGAEmlvb9xZrterG4xeKJ74nPYsQQxSSiJ1zDrFfKPzqJ2+d/ubCyNrziIUYVDX1pLTwwhQKT0YzhiiMe2QCztv+RT/ulgAAAAAAAAAAAAAAAIOM4s+Jxt1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALq7/BwAA//8inNZ5") r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0) ioctl$FS_IOC_GETFSSYSFSPATH(r0, 0x80811501, 0x0) 2.606928881s ago: executing program 7 (id=14267): bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1700"], 0x48) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0) writev(r0, &(0x7f0000000040)=[{&(0x7f0000000100), 0x86}], 0x2) 2.471393129s ago: executing program 6 (id=14268): syz_mount_image$nilfs2(&(0x7f0000000a40), &(0x7f0000000080)='./file1\x00', 0x10, &(0x7f0000000100)=ANY=[], 0x5, 0xa5a, &(0x7f0000001b40)="$eJzs3U1sHFcBAOA3a6/z22ZTHGrS0CYU2vJTu3FM+ImAVM2FqKm4Vaq4RElaIpyASCVI1UOSEzdaVeHK76mX8qNK5IKinrhUopG49FQ4cCAKUiUO0JC48vq99e7zbmbt2J6s9/uk2bdv3tt9b3ZnZmdn5r0XgKFVaz7OzEwUIVy+8saRfz32zy0hXBlfzNFoPo62xeohhCLGR7P3+2BkIbz14asnuoVFmG4+pnh47kbrtdtCCBfC3nA1NMLuy9def3f62WMXj17a996bh66vzdIDAMBw+c7VQzO7/v7Xh3Z+9NbDh8Om1vx0fN6I8e3xuP9wPPBPx/+10Bkv2qZ2Y1m+0TjVsnwjXfK1l1PP8o32KH8se996j3ybSsofaZvXbblhkKX1uBGK2mRHvFabnFz4Tx6a/+vHismzp2dfPFdRRYFV959HQgh7Taahny42N4jq67Gu09yOqvdAAAvy64VLXMjPLNyd1ruN9lf+jadr3V8Pq2C913/lD1b5v71oj8Pq2ahrU1qutB1tj/G26whnQpf7l/Ltby5/42z7T++XX4+o91nPXtcRBuX6Qq96jqxzPVaqV/3z9WKj+kYM0+fwzSy9ffvJv9NB+Y6B7v7r/L/JNLTTkuPbO8jvlQE2tvy+ubkopef39eXpm0rSN5ekbylJ39qRa2n6tpLXwzD748s/C68Vi//z8//0yz0fns6z3RfD+5dZn/x85HLLH7tDbD3Kd4zEIPnT8edPffXkC9cW7v8vWuv/7bi+743xRtyarsYM6Xxhfl69de9/o7OcWo98D2T1ua9L/ubz8c58xfji+4S2/cySekx0vm5Hr3x7OvM1snxb4rQ5q29+fLI1e106/kj71fR5jWbLW8+WYyyrR9qv7IxhXg9YibQ+9rr/P62fE6FevHh69tRTMZ7W07+M1DfNz99fXtTvVrvuwN3pt/3PROhs/7O9Nb9ea98v7FicX7TvFxrZ/Oke8w/EePqd+97Ilub8yRM/mD252gsPQ+7c+Ve+f3x29tSPPPHEE09aT6reMwFrberlMz+cOnf+lSdPnzn+0qmXTp09cPDggenpg187MDPVPK6faj+6BzaSxR/9qmsCAAAAAAAAAAAA9OvHR49c+9s7X3l/of3/Yvu/1P4/3fmb2v//tFho615rmx+6jAOY2gHu7JLezJN1sDqW5avH6RNZfcezcnZlr/tkDFvj+MX2/6m4vF/XVJ8Hs/l5/70pX9adwJL+UsayXkfy8QI/E8NLMfx1gAoVW7rPjmFZ/9ZpXU/9UyyjX4ruBVOJ9L2lLyX1Y5Laf/fq1ynt/3euQx1ZfevRnLDqZQS6+/cQ9//dPHZZw/f/zf3VL+Pm3mmbqq6bqfppbs4oHsC9oerxP9N5zxSe/fO3N89PKduNpzv3l3n/pXA37vXxJ5W/scb/bI1/19f+7+bS0RMaKyv3f7+4/n5bsWF3v/vffPlTP9DjeQl3PhP90Xz5NxcX5fHQX/lzv8rKzy8I9elmXP70+W/ts/wly7+nrKTzb3eb+/9YfvrYnni03/IXalzUOuuRnzdO1//y88bJrWz5T650+Vc4UOPtWD4Ms0EZZ3a5+hj/t6ls/N8lVnn8317y+zC+HONpR5juc8hHOFlm/VuR9DuwK3v/ouT3zfi/g+3rMSzbHtL4v2l9bHSJ19ri9S6f7Ubd18Cg+uDevf63+ENVfV1M/X5f1dfDtIxpbm5ubU9olai0cCr//Kv+n1B1+VV//mXy8X/zY/h8/N88PR//N0/Px//N0/Px9fL0rVl6/nnm4//m6Q9m75uPDzyR/cHO0z9V8vrdJekPlaTvKUn/dEn6vpL0h0vSHylJf6Ak/dGS9M+WpH+uJP2xkvQnStI/X5K+0aX2KMO6/DDM8vZ5tn8YHql9ba/tf7wkHRhcP39r/zMv/OG7jYX2/2Ot8yHpOt7hGK/H/84/ifH8undoi8+nvRPj/8jS7/XzHTBM8v4z8t/3x0vSgcGV7vOyfcMQKrq3k+i336pex/kMli/E8Isx/FIMn4zhZAynYrg/htPrVD/WxjO/f/vQa8Xi//0dWXq/95Pn7YHyfqIO9Fmf/PzAcu/Hz/vxW667LX+FzcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqU2s+zsxMFCFcvvLGkeePnZ6an/OtVo5G83G0LVZvvS6Ep2I4EsNfxie3Pnz1RHt4O4ZFmA5FKFrzw3M3WiVtCyFcCHvD1dAIuy9fe/3d6WePXTx6ad97bx66vnafAAAAAGx8HwcAAP//V88c0Q==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0) ioctl$NILFS_IOCTL_GET_VINFO(r0, 0xc0186e86, &(0x7f0000000640)={&(0x7f00000005c0)=[{0x200, 0x9bc, 0x0, 0x9}], 0x1, 0x20, 0x0, 0x9}) 2.242382095s ago: executing program 7 (id=14270): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_PEER_REMOVE(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000002c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="81bd2bbd7000fbdbdf2514000000180007"], 0x2c}}, 0x80) 2.116969413s ago: executing program 5 (id=14271): r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x3fe, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x80000001, 0x1, 0x4}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000001c0)=@multiplanar_fd={0x9, 0x1, 0x4, 0x0, 0x0, {0x77359400}, {0x5, 0x0, 0x6, 0x2, 0x5, 0x2, "371d7f6f"}, 0x401, 0x4, {&(0x7f0000000140)=[{0x3, 0x7, {}, 0xdd3}, {0x8, 0x1, {}, 0x1}]}, 0x7}) 2.015883476s ago: executing program 6 (id=14272): mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x100000a, 0x4082172, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil) mprotect(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x1000002) 1.811211851s ago: executing program 7 (id=14274): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201050037057b082d0800014b702c02030109021200070100a0000904"], 0x0) syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000300)={0x44, &(0x7f0000000100)=ANY=[@ANYBLOB="400006"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$rtl8150(r0, 0x0, &(0x7f0000003f80)={0x2c, &(0x7f0000000380)={0x40, 0x14}, 0x0, 0x0, 0x0, 0x0}) 1.696370523s ago: executing program 5 (id=14275): r0 = socket(0xa, 0x5, 0x0) sendmsg$inet_sctp(r0, &(0x7f0000000380)={&(0x7f00000000c0)=@in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000240)="af", 0x1}], 0x1, &(0x7f00000006c0)=[@init={0x18, 0x84, 0x0, {0xffff, 0x7, 0x7, 0x4}}], 0x18, 0x20000001}, 0x20008000) setsockopt$inet_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0) 1.682616385s ago: executing program 6 (id=14276): r0 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa001) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) ioctl$USBDEVFS_RELEASE_PORT(r0, 0x80045519, &(0x7f0000001680)=0x7) 1.448445435s ago: executing program 6 (id=14278): r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) writev(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000600)="853ea23307ca3ce96a4a6e6310e7510000000000000000000000318bbd294bd04cd719c9ff5bb997c05235fae522f45683c3f3ddd56e838e23a81b421b98c65919b005ba2c014e4754ee9f8fabc9dc10bc743d7178e8234b540d4e0b", 0x5c}, {&(0x7f00000007c0)="d1ffacd516de50ac9d15bc75316da4defa1e72f65a65cdd26dcc389aacf7856da9aecf3765d4c032e1960faf25bad906b7d3440b6e71a82f1d8f8b8db35b6091f3af94c6b46b9ab10fe3923f268771078d2668be7bd3eb941d4bb5baa8547e36283a065ce5766cbff3a8fc37fc4507643d3786bbf231d3ed88cb8b01eab14e4372cf4f89bd1b853caa5d9f07f523b9dfa8cc09053ff36fde08e96fb6b3acc196b1bd1e2d3a6c65f585df7e2b8b17439a7ab29a7dfe642c2f0ac7a81eca8073b559663f2daf7a0832b2b09557794a21bf114831f8e6db3922d0cd169e5a8b4adc95d7322ee75944de15f57780b88fef7f3d9b256705ccfa2125b43ce8e3aacaead9", 0x101}], 0x3) ioctl$SCSI_IOCTL_GET_PCI(r0, 0x5393, &(0x7f0000000000)) 1.422733728s ago: executing program 2 (id=14279): r0 = socket(0x28, 0x5, 0x0) connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10) connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x2710, @local}, 0x10) 1.353600059s ago: executing program 4 (id=14280): r0 = socket$kcm(0xa, 0x1, 0x106) sendmsg$kcm(r0, &(0x7f00000019c0)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x3a}, 0xfffffffe, 0x2}, 0x80, 0x0}, 0x20040010) sendmsg$kcm(r0, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x6e22, 0xfffffffc, @remote, 0x7}, 0x18, 0x0}, 0x20000000) 1.262720934s ago: executing program 6 (id=14281): syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x2008802, &(0x7f0000019400)={[{@errors_continue}, {@discard}, {}, {@errors_remount}, {@iocharset={'iocharset', 0x3d, 'cp863'}}, {@zero_size_dir}, {@iocharset={'iocharset', 0x3d, 'cp860'}}, {@iocharset={'iocharset', 0x3d, 'iso8859-1'}}, {@gid={'gid', 0x3d, 0xee00}}, {@dmask={'dmask', 0x3d, 0x8}}, {@iocharset={'iocharset', 0x3d, 'default'}}, {@keep_last_dots}, {@discard}]}, 0x1, 0x152f, &(0x7f00000037c0)="$eJzs3AucTVX7OPDnWWvtMSSdJrkMa61nc5LLIklySZJLkiRJkltC0iSvJCSG3JKGJCSXIbkMIblMTBr3+/2SkCRNkoTklqz/Z8r81Vvv/33f39svv/9vnu/nsz+znrP2s/ba85yzz977nJlvug6r1aR29UZEBP8R/OVHIgDEAsAgALgGAAIAKB9XPi6zP6fExP9sI+zP9VDKlZ4Bu5K4/tkb1z974/pnb1z/7I3rn71x/bM3rn/2xvVnLDvbMqPgtbxk34Xv/2dn/P7/v0hG6XFfrCt9fTeAmH81hev//z/8D3K5/v9rBf/KSlz/7I3rn13FXukJsP8B+PWfHeT4hz1c/+yN689Ydvbre8GxcOXvR//VC0Sy92cgV/r5xxhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGMsezjrL1MAkNW+0vNijDHGGGOMMcbYn8fnuNIzYIwxxhhjjDHG2H8/BAESFAQQAzkgFnJCLhAAMVn910IcXAd54XrIB/mhABSEeCgEhUGDAQsEIRSBohCFG6AY3AjFoQSUhFLgoDSUgZugLNwM5eAWKA+3QgW4DSpCJagMVeB2qAp3QDW4E6rDXVADakItqA13Qx24B+rCvVAP7oP6cD80gAegITwIjeAhaAwPQxN4BJrCo9AMmkMLaAmt/kv5L0BPeBF6QW9IhD7QF16CftAfBsBAGAQvw2B4BYbAq5AEQ2EYvAbD4XUYAW/ASBgFo+FNGANvwVgYB+NhAiTDRJgEb8NkeAemwFSYBtMhBWbATHgXZsFsmAPvwVx4H+bBfFgACyEVPoBFsBjS4ENYAh9BOiyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVtsB12wE7YBR/DbvgE9sBe2Aefwn747N/MP/N3+d0QEFCgQIUKYzAGYzEWc2EuzI25MQ/mwQhGMA7jMC/mxXyYDwtgAYzHeCyMhdGgQULCIlgEoxjFYlgMi2NxLIkl0aHDMlgGy+LNWA7LYXksjxWwAlbESlgJq2AVrIpVsRpWw+pYHWtgDayFtfBuvBv7YF2si/WwHtbH+lm3p7ARNsLG2BibYBNsik2xGTbDFtgCW2ErbI2tsQ22wXbYDttje+yAHTABE7AjdsRO2Ak7Y2fsgl2wK3bFbtgdu2e8kAPwRXwRe2MN0Qf7Yl/sh0k5BuBAHIgv42B8BV/BVzEJh+IwfA1fw9dxBJ7GkTgKR+NorCrewrE4DklMwGRMxkk4CSfjZJyCU3EqTscUnIEzcSbOwtk4G9/Dufg+vo/zcT4uxFRMxUW4GNMwDZfgGUzHpbgMl+MKXIkrcDWuwdW4DtfjOtyIG3EzbsatuBW343bciTvxY1QA+Anuxb2YhPtxPx7AA3gQD+IhPIQZmIGH8TAewSN4FI/iMTyGx/EEnsQTeApP4Wk8g2fxLJ7H83gBn4v/qvHHJdYmgcikhBIxIkbEiliRS+QSuUVukUfkEREREXEiTuQVeUU+kU8UEAVEvIgXhUVhYYQRJMLMI4WIiqgoJoqJ4qK4KClKCiecKCPKiLKirCgnyony4lZRQdwmKopKoq2rIqqIqqKdqybuFNVFdVFD1BS1RG1RW9QRdURdUVfUE/VEfVFfNBAPiIaiDw7Ah0RmZZqIodhUDMNmormQl45QrcUIbCPainbiCTEKR2IH0doliKdFRzEWO4m/iXH4rOgiJmBX8bzoJrqLHuIF0VO0cb1EbzEF+4i+Yjr2E/3FADFQzMKa4j2cm7OWeFUkiaFimHhNLMTXxQjxhhgpRonR4k0xRrwlxopxYryYIJLFRDFJvC0mi3fEFDFVTBPTRYqYIWaKd8UsMVvMEe+JueJ9MU/MFwvEQpEqPhCLxGKRJj4US8RHIl0sFcvEcrFCrBSrxGqxRqwV68R6sUFsFJvEZrFFbBXbxHaxQ+wUu8THYrf4ROwRe8U+8anYLz4TB8Tn4qD4QhwSX4oM8ZU4LL4WR8Q34qj4VhwT34nj4oQ4Kb4Xp8QP4rQ4I86Kc+K8+FFcED+Ji8ILkCiFlFLJQMbIHDJW5pS55FUytwyyjv8yTl4n88rrZT6ZXxaQBWW8LCQLSy2NtJJkKIvIojIqb5DF5I2yuCwhS8pS0snSsoy8SZaVN8ty8hZZXt4qK8jbZEVZSVaWVeTtsqq8Q0Lkl23UkDVlLVlb3i0T4R5ZV94r68n7ZH15v2wgH5AN5YOykXxINpYPyybyEdlUPiqbyeayhWwpW8nHZGv5uGwj28p28gnZXj4pO8inZIJ8WnaU/tJT5FnZRT4nu8rnZTfZXfaQP8mL0stesreEPiD7ypdkP9lfDpAD5SD5shwsX5FD5KsySQ6Vw+Rrcrh8XY6Qb8iRcpQcLd+UY+RbcqwcJ8fLCTJZTpST5NtysnxHTpFT5TQ5XabIGXLApZHmSPlP89/+g/whP299s9wit8ptcrvcIXfKXfJjuVvulnvkHrlP7pP75X55QB6QB+VBeUgekhkyQx6Wh+UReUQelUflMXlMHpcn5Dn5vTwlf5Cn5Rl5Rp6T5+V5eeHS7wAUKqGkUipQMSqHilU5VS51lcqtrlZ51DUqoq5Vceo6lVddr/Kp/KqAKqjiVSFVWGlllFWkQlVEFVVRdQNeesKokqqUcqq0KqNu+nfyVTF1oyquSvwmP2t+if9gfq1UK9VatVZtVBvVTrVT7VV71UF1UAkqQXVUHVUn1Ul1Vp1VF9VFdVVdVTfVTfVQPVRP1VP1Ur1UokpUfdVLqp/qrwaogWqQellk7sMQNUQlqSQ1TA1Tw9VwNUKNUCPVSDVajVZj1Bg1Vo1V49V4layS1SQ1SU1Wk9UUNUVNU9NUikpRM9VMNUvNUnPUHDVXzVXz1Dy1QC1QqSpVLVKLVJpKU0vUEpWulqqlarlarlaqlWq1Wq3WqrVqvVqvNqqNKl1tUVvUNrVN7VA71C61S+1Wu9UetUftU/vUfrVfHVAH1EF1UB1Sh1SGylCH1WF1RB1RR9VRdUwdU8fVcXVSnVSn1Cl1Wp1WZ9VZdV6dVxfUBXVRXcw87QtEIAIVqCAmiAlig9ggV5AryB3kDvIEeYJIEAnigrggb3B9kC/IHxQICgbxQaGgcKADE9hAXCp6NLghKBbcGBQPSgQlg1KBC0oHZYKbgrLBzUG54JagfHBrUCG4LagYVAoqB1WC24OqwR1BteDOoHpwV1AjqBnUCmoHdwd1gnuCusG9Qb3gvqB+cH/QIHggaBg8GDQKHgoaBw8HTYJHgqbBo0GzoHnQImgZtPpTx/f+dP7HXS/dWyfqPrqvfkn30/31AD1QD9Iv68H6FT1Ev6qT9FA9TL+mh+vX9Qj9hh6pR+nR+k09Rr+lx+pxeryeoJP1RD1Jv60n63f0FD1VT9PTdYqeoWfqd/UsPVvP0e/pufp9PU/P1wv0Qp2qP9CL9GKdpj/US/RHOl0v1cv0cr1Cr9Sr9Gq9Rq/V6/R6vUFv1Jv0Zr1Fb9Xb9Ha9Q+/Uu/THerf+RO/Re/U+/anerz/TB/Tn+qD+Qh/SX+oM/ZU+rL/WR/Q3+qj+Vh/T3+nj+oQ+qb/Xp/QP+rQ+o8/qc/q8/lFf0D/pi9pnntxnvr0bZZSJMTEm1sSaXCaXyW1ymzwmj4mYiIkzcSavyWvymXymgClg4k28KWwKm0xkyBQxRUzURE0xU8wUN8VNSVPSOONMGVPGlDVlTTlTzpQ35U0FU8FUNBVNZVPZ3G5uN3eYO8yd5k5zl7nL1DQ1TW1T29QxdUxdU9fUM/VMfVPfNDANTEPT0DQyjUxj09g0MU1MU9PUNDPNTAvTwrQyrUxr09q0MW1MO9POtDftTQfTwSSYBNPRdDSdTCfT2XQ2XUwX09V0Nd1MN9PD9DA9TU/Ty/QyiSbR9DV9TT/TzwwwA8wgM8gMNoPNEDPEJJkkM8wMM8PNcDPCjDAjzSgzOvNE1bxlxppxZryZYJJNsplkJpnJZrKZYqaYaWaaSTEpZqaZaWaZWWaOmWPmmrlmnplnFpgFJtWkmkVmkUkzaWaJWWLSTbpZZpaZFWaFWWVWmTVmjVln1pkNsMFsMpvMFrPFbDPbzA6zw+wyu8xus9vsMXvMPrPP7Df7zQFzwBw0B80hc8hkmAxz2Bw2R8wRc9QcNcfMMXPcHDcnzUlzypwyp81pc9acNedN/kvvl97E2pw2l73K5rZX2zz2Gvv3cQFb0MbbQraw1Tafzf+b2Fhri9sStqQtZZ0tbcvYm34XV7SVbGVbxd5uq9o7bLXfxXXsPbauvdfWs/fZ2vbu38T17f22gX3ENkQEsM1tY9vSNrGP2Kb2UdvMNrctbEvb3j5pO9inbIJ92na0z/wuXmQX2zV2rV1n19s9dq89a8/ZI/Ybe97+aHvZ3naQfdkOtq/YIfZVm2SH/i4ebd+0Y+xbdqwdZ8fbCb+Lp9npNsXOsDPtu3aWnf27ONV+YOfaNDvPzrcL7MKf48w5pdkP7RL7kU23ASyzy+0Ku9Kusqv/71yX2412k91sd9tP7Da73e6wO+2urBNhu9fus5/a/fYze9h+bQ/aL+whe9Rm2K9+jjP376j91h6z39nj9oQ9ab+3p+wPKis7c9+/tz/Zi9ZbICQgSYoCiqEcFEs5KRddRbnpaspD11CErqU4uo7y0vWUj/JTASpI8VSICpMmQ5aIQipCRSlKN1DW9EpSKXJUmsrQTVSWbqZydAuVp1upAt1GFakSVaYqdDtVpTuoGt1J1ekuqkE1qRbVprupDt1Ddeleqkf3UX26nxrQA9SQHqRG9BA1poepCT1CTelRakbNqQW1pFb0GLWmx6kNtaV29AS1pyepAz1FCfQ0daRnqBP9jTrTs9SFnqOu9Dx1o+7Ug16gnvQi9aLelEh9qC+9RP2oPw2ggTSIXqbB9AoNoVcpiYbSMHqNhtPrNILeoJE0ikbTmzSG3qKxNI7G0wRKpok0id6myfQOTaGpNI2mUwrNoJn0Ls2i2TSH3qO59D7No/m0gBZSKn1Ai2gxpdGHtIQ+onRaSstoOa2glbSKVtMaWkvraD1toI20iTbTFtpK22g77aCdtIs+pt30Ce2hvbSPPqX99BkdoM/pIH1Bh+hLyqCv6DB9TUfoGzpK3/re9B0dpxN0kr6nU/QDnaYzdJbO0Xn6kS7QT3SRPEGIoQhlqMIgjAlzhLFhzjBXeFWYO7w6zBNeE0bCa8O48Lowb3h9mC/MHxYIC4bxYaGwcKhDE9qQwjAsEhYNo+ENYbHwxrB4WCIsGZYKXVg6LBPeFJYNbw7LhbeE5cNbwwrhbWHFsFL4yH1VwtvDquEdYbXwzrB6eFdYI6wZ1gprh3eHdcJ7wrrhvWG98L6wXHh/2CB8IGwYPhg2Ch8KG4cPh03CR8Km4aNhs7B52CJsGbYKHwtbh4+HbcK2YbvwqrB9+GTYIXwqTAifDjuGz/zcf//irP4nftefGPYJ+4YvhS+F3t8rF0QXRlOjH0QXRRdH06IfRpdEP4qmR5dGl0WXR1dEV0ZXRVdH10TXRtdF10c3RDdGN0U3R72vnQMcOuGkUy5wMS6Hi3U5XS53lcvtrnZ53DUu4q51ce46l9dd7/K5/K6AK+jiXSFX2GlnnHXkQlfEFXVRd4Mr5m50xV0JV9KVcs6VdmVcS9fKtXKt3eOujWvr2rkn3BPuSfeke8o95Z52Hd0zrpP7m+vsnnVd3HPuOfe86+a6ux7uBdfTTczzy2sy0fV1fV0/188NcAPcIDfIDXaD3RA3xCW5JDfMDXPD3XA3wo1wI91IN9qNdmPcGDfWjXXj3XiX7JLdJDfJTXaT3RQ3xU1z01yKS3Ez3Uw3y81yVWf/spV5bp5b4Ba4VJfqFrnMc8Y0t8Qtceku3S1zy9wKt8KtcqvcGrfGrXPr3Aa3wW1ym9wWt8Vtc9vcDrfD7XK73G632+3x1/wyqNvvDrgD7qA76A65L12G+8oddl+7I+4bd9R9646579xxd8KddN+7U+4Hd9qdcWfdOXfe/eguuJ/cReddcmRiZFLk7cjkyDuRKZGpkWmR6ZGUyIzIzMi7kVmR2ZE5kfcicyPvR+ZF5kcWRBZGUiMfRBZFFkfSIh9GlkQ+iqRHlkaWRZZHVkRWRrwvtC30RXxRH/U3+GL+Rl/cl/AlfSnvfGlfxt/ky/qbfTl/iy/vb/UV/G2+oq/kK/tHfTPf3LfwLX0r/5hv7R/3bXxb384/4dv7J30H/5RP8E/7jv4Z38n/zXf2z/ou/jnf1T/vu/nuvod/wff0L/pevrdP9H18X/+S7+f7+wF+oB/kX/aD/St+iH/VJ/mhfph/zQ/3r/sR/g0/0o/yo2Pe9GOyLpFhgk/2E/0k/7af7N/xU/xUP81P9yl+hp/p3/Wz/Gw/x7/n5/r3/Tw/3y/wC32q/8Av8ot9mv/QL/Ef+XS/NOumsV/lV/s1fq1f59f7DX6j3+Q3+y1+q9/mt/sdfqff5T/2u/0nfo/f6/f5T/1+/5k/4D/3B/0X/pD/0mf4r/xh/7U/4r/xR/23/pj/zh/3J/xJ/70/5X/wp/0Zf9af8+f9j/6C/8lf5L9ZY4wxxhj7l0y83BS/7fnldn6fP8gRv1q5LwBcvb1gxq/7M88oN+T7pd1fxLePAMDTvbs+lLXUqJGYmHhp3XQJQdH5AFmfBGX6+asHl+Kl0A6ehARoC2X/cP79Rffz9E/Gj94KkOtXObFwOb48/ucAmPgH4z/2xOhFFcKzcf+P8ecDFC96OScnXI6XQruf76+0hXL/YP75W/+T+ef8Ihmgza9ycsPl+PL8y8Dj8Awk/GZNxhhjjDHGGGPsF/1F5c5Z159Z3/j8o+vzeHU5Jwdcjv/Z9TljjDHGGGOMMcauvGe793jqsYSEtp3//Ua1/1LWv9xoCv9dI3PjDxveA2Q9ogDgPxwQILMh/8q92PqXbCvp0kvn77tWnPMB/M8o5Z/RuMIHJsYYY4wxxtif7vJJ/28fV1dqQowxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWDb0V/w7sSu9j4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxtiV9n8CAAD//7wUAB0=") r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='mountinfo\x00') read$FUSE(r0, &(0x7f0000000bc0)={0x2020}, 0x2020) 1.106187001s ago: executing program 2 (id=14282): bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1e000000ffff0000040000000500000000100000", @ANYRES32=0x1, @ANYBLOB='y-'], 0x50) r0 = socket$kcm(0x2, 0x3, 0x2) ioctl$SIOCSIFHWADDR(r0, 0x8b0b, &(0x7f0000000200)={'wlan1\x00', @random="9ffff7070600"}) 1.101208765s ago: executing program 4 (id=14283): r0 = socket(0x2b, 0x1, 0x1) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1000009, 0x31, 0xffffffffffffffff, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x5, &(0x7f0000000540)=0x3, 0x4) 854.216489ms ago: executing program 4 (id=14284): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0xc8}, 0x1, 0x0, 0x0, 0x2}, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="5c00000010003df600"/20, @ANYRES32=0x0, @ANYBLOB="4980020009d000003c0012800b000100697036746e6c00002c00028014000200ff020000000000000000000000000001140003"], 0x5c}, 0x1, 0x0, 0x0, 0x40001}, 0x0) 852.543987ms ago: executing program 6 (id=14285): r0 = socket$tipc(0x1e, 0x5, 0x0) sendmsg$tipc(r0, &(0x7f0000000240)={&(0x7f00000000c0)=@id, 0x10, 0x0, 0x0, 0x0, 0x0, 0x40050}, 0x0) connect$tipc(r0, &(0x7f0000000580)=@name={0x1e, 0x2, 0x1, {{0x42, 0x1}, 0x4}}, 0x10) 788.062204ms ago: executing program 2 (id=14286): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x1000000) r0 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) read(r0, &(0x7f0000001300)=""/112, 0x70) 578.51114ms ago: executing program 2 (id=14287): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@newqdisc={0x48, 0x24, 0x3fe3aa0262d8c583, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xf}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x14, 0x2, [@TCA_FQ_CODEL_QUANTUM={0x8, 0x6, 0x9}, @TCA_FQ_CODEL_ECN={0x8}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0xc083}, 0x2000400c) 492.868998ms ago: executing program 4 (id=14288): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000170900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}}, 0x2000c450) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000640)=ANY=[@ANYBLOB="140000001000010000000000000000000300000a50000000060a010400000000000000000a0000050900020073797a32000000002400048020000180080001006c6f670014000280080006400000000108000540ffffff080900010073797a31"], 0x78}, 0x1, 0x0, 0x0, 0x4000850}, 0x0) 427.835439ms ago: executing program 5 (id=14289): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000d000000000001000000000000000141000000030017"], 0x38}}, 0x0) 358.496002ms ago: executing program 2 (id=14290): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), r0) sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="01002dbd7000fedbdf252c"], 0x2c}, 0x1, 0x0, 0x0, 0x20048881}, 0x2000c800) 189.120129ms ago: executing program 4 (id=14291): r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000080)={0xffffffff, "5e5c3446aa0ecd604c893eba3198600b1891109654fe9676d14574be70b6225c", 0xffffffffffffffff}) ioctl$SYNC_IOC_FILE_INFO(r1, 0xc0383e04, &(0x7f0000000280)={""/32, 0x0, 0x0, 0xf, 0x0, 0xffffffffffffffff}) 117.999455ms ago: executing program 2 (id=14292): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f00000001c0)={[{@iocharset={'iocharset', 0x3d, 'cp850'}}, {@fmask={'fmask', 0x3d, 0xa0}}, {@errors_remount}, {@iocharset={'iocharset', 0x3d, 'iso8859-2'}}, {@iocharset={'iocharset', 0x3d, 'cp1250'}}, {@dmask}, {@namecase}, {@dmask={'dmask', 0x3d, 0x1}}, {@errors_continue}, {@keep_last_dots}, {@iocharset={'iocharset', 0x3d, 'cp850'}}, {@utf8}]}, 0x1, 0x152f, &(0x7f0000000880)="$eJzs3AucTVX7OPDnWWvtMSSdJrkMa61nc5LLIklySZJLkiRJkltC0iSvJCSG3JKGJCSXIbkMIblMTBr3+/2SkCRNkoTklqz/Z8r81Vvv/33f39svv/9vnu/nsz+znrP2s/ba85yzz977nJlvug6r1aR29UZEBP8R/OVHIgDEAsAgALgGAAIAKB9XPi6zP6fExP9sI+zP9VDKlZ4Bu5K4/tkb1z974/pnb1z/7I3rn71x/bM3rn/2xvVnLDvbMqPgtbxk34Xv/2dn/P7/v0hG6XFfrCt9fTeAmH81hev//z/8D3K5/v9rBf/KSlz/7I3rn13FXukJsP8B+PWfHeT4hz1c/+yN689Ydvbre8GxcOXvR//VC0Sy92cgV/r5xxhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGMsezjrL1MAkNW+0vNijDHGGGOMMcbYn8fnuNIzYIwxxhhjjDHG2H8/BAESFAQQAzkgFnJCLhAAMVn910IcXAd54XrIB/mhABSEeCgEhUGDAQsEIRSBohCFG6AY3AjFoQSUhFLgoDSUgZugLNwM5eAWKA+3QgW4DSpCJagMVeB2qAp3QDW4E6rDXVADakItqA13Qx24B+rCvVAP7oP6cD80gAegITwIjeAhaAwPQxN4BJrCo9AMmkMLaAmt/kv5L0BPeBF6QW9IhD7QF16CftAfBsBAGAQvw2B4BYbAq5AEQ2EYvAbD4XUYAW/ASBgFo+FNGANvwVgYB+NhAiTDRJgEb8NkeAemwFSYBtMhBWbATHgXZsFsmAPvwVx4H+bBfFgACyEVPoBFsBjS4ENYAh9BOiyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVtsB12wE7YBR/DbvgE9sBe2Aefwn747N/MP/N3+d0QEFCgQIUKYzAGYzEWc2EuzI25MQ/mwQhGMA7jMC/mxXyYDwtgAYzHeCyMhdGgQULCIlgEoxjFYlgMi2NxLIkl0aHDMlgGy+LNWA7LYXksjxWwAlbESlgJq2AVrIpVsRpWw+pYHWtgDayFtfBuvBv7YF2si/WwHtbH+lm3p7ARNsLG2BibYBNsik2xGTbDFtgCW2ErbI2tsQ22wXbYDttje+yAHTABE7AjdsRO2Ak7Y2fsgl2wK3bFbtgdu2e8kAPwRXwRe2MN0Qf7Yl/sh0k5BuBAHIgv42B8BV/BVzEJh+IwfA1fw9dxBJ7GkTgKR+NorCrewrE4DklMwGRMxkk4CSfjZJyCU3EqTscUnIEzcSbOwtk4G9/Dufg+vo/zcT4uxFRMxUW4GNMwDZfgGUzHpbgMl+MKXIkrcDWuwdW4DtfjOtyIG3EzbsatuBW343bciTvxY1QA+Anuxb2YhPtxPx7AA3gQD+IhPIQZmIGH8TAewSN4FI/iMTyGx/EEnsQTeApP4Wk8g2fxLJ7H83gBn4v/qvHHJdYmgcikhBIxIkbEiliRS+QSuUVukUfkEREREXEiTuQVeUU+kU8UEAVEvIgXhUVhYYQRJMLMI4WIiqgoJoqJ4qK4KClKCiecKCPKiLKirCgnyony4lZRQdwmKopKoq2rIqqIqqKdqybuFNVFdVFD1BS1RG1RW9QRdURdUVfUE/VEfVFfNBAPiIaiDw7Ah0RmZZqIodhUDMNmormQl45QrcUIbCPainbiCTEKR2IH0doliKdFRzEWO4m/iXH4rOgiJmBX8bzoJrqLHuIF0VO0cb1EbzEF+4i+Yjr2E/3FADFQzMKa4j2cm7OWeFUkiaFimHhNLMTXxQjxhhgpRonR4k0xRrwlxopxYryYIJLFRDFJvC0mi3fEFDFVTBPTRYqYIWaKd8UsMVvMEe+JueJ9MU/MFwvEQpEqPhCLxGKRJj4US8RHIl0sFcvEcrFCrBSrxGqxRqwV68R6sUFsFJvEZrFFbBXbxHaxQ+wUu8THYrf4ROwRe8U+8anYLz4TB8Tn4qD4QhwSX4oM8ZU4LL4WR8Q34qj4VhwT34nj4oQ4Kb4Xp8QP4rQ4I86Kc+K8+FFcED+Ji8ILkCiFlFLJQMbIHDJW5pS55FUytwyyjv8yTl4n88rrZT6ZXxaQBWW8LCQLSy2NtJJkKIvIojIqb5DF5I2yuCwhS8pS0snSsoy8SZaVN8ty8hZZXt4qK8jbZEVZSVaWVeTtsqq8Q0Lkl23UkDVlLVlb3i0T4R5ZV94r68n7ZH15v2wgH5AN5YOykXxINpYPyybyEdlUPiqbyeayhWwpW8nHZGv5uGwj28p28gnZXj4pO8inZIJ8WnaU/tJT5FnZRT4nu8rnZTfZXfaQP8mL0stesreEPiD7ypdkP9lfDpAD5SD5shwsX5FD5KsySQ6Vw+Rrcrh8XY6Qb8iRcpQcLd+UY+RbcqwcJ8fLCTJZTpST5NtysnxHTpFT5TQ5XabIGXLApZHmSPlP89/+g/whP299s9wit8ptcrvcIXfKXfJjuVvulnvkHrlP7pP75X55QB6QB+VBeUgekhkyQx6Wh+UReUQelUflMXlMHpcn5Dn5vTwlf5Cn5Rl5Rp6T5+V5eeHS7wAUKqGkUipQMSqHilU5VS51lcqtrlZ51DUqoq5Vceo6lVddr/Kp/KqAKqjiVSFVWGlllFWkQlVEFVVRdQNeesKokqqUcqq0KqNu+nfyVTF1oyquSvwmP2t+if9gfq1UK9VatVZtVBvVTrVT7VV71UF1UAkqQXVUHVUn1Ul1Vp1VF9VFdVVdVTfVTfVQPVRP1VP1Ur1UokpUfdVLqp/qrwaogWqQellk7sMQNUQlqSQ1TA1Tw9VwNUKNUCPVSDVajVZj1Bg1Vo1V49V4layS1SQ1SU1Wk9UUNUVNU9NUikpRM9VMNUvNUnPUHDVXzVXz1Dy1QC1QqSpVLVKLVJpKU0vUEpWulqqlarlarlaqlWq1Wq3WqrVqvVqvNqqNKl1tUVvUNrVN7VA71C61S+1Wu9UetUftU/vUfrVfHVAH1EF1UB1Sh1SGylCH1WF1RB1RR9VRdUwdU8fVcXVSnVSn1Cl1Wp1WZ9VZdV6dVxfUBXVRXcw87QtEIAIVqCAmiAlig9ggV5AryB3kDvIEeYJIEAnigrggb3B9kC/IHxQICgbxQaGgcKADE9hAXCp6NLghKBbcGBQPSgQlg1KBC0oHZYKbgrLBzUG54JagfHBrUCG4LagYVAoqB1WC24OqwR1BteDOoHpwV1AjqBnUCmoHdwd1gnuCusG9Qb3gvqB+cH/QIHggaBg8GDQKHgoaBw8HTYJHgqbBo0GzoHnQImgZtPpTx/f+dP7HXS/dWyfqPrqvfkn30/31AD1QD9Iv68H6FT1Ev6qT9FA9TL+mh+vX9Qj9hh6pR+nR+k09Rr+lx+pxeryeoJP1RD1Jv60n63f0FD1VT9PTdYqeoWfqd/UsPVvP0e/pufp9PU/P1wv0Qp2qP9CL9GKdpj/US/RHOl0v1cv0cr1Cr9Sr9Gq9Rq/V6/R6vUFv1Jv0Zr1Fb9Xb9Ha9Q+/Uu/THerf+RO/Re/U+/anerz/TB/Tn+qD+Qh/SX+oM/ZU+rL/WR/Q3+qj+Vh/T3+nj+oQ+qb/Xp/QP+rQ+o8/qc/q8/lFf0D/pi9pnntxnvr0bZZSJMTEm1sSaXCaXyW1ymzwmj4mYiIkzcSavyWvymXymgClg4k28KWwKm0xkyBQxRUzURE0xU8wUN8VNSVPSOONMGVPGlDVlTTlTzpQ35U0FU8FUNBVNZVPZ3G5uN3eYO8yd5k5zl7nL1DQ1TW1T29QxdUxdU9fUM/VMfVPfNDANTEPT0DQyjUxj09g0MU1MU9PUNDPNTAvTwrQyrUxr09q0MW1MO9POtDftTQfTwSSYBNPRdDSdTCfT2XQ2XUwX09V0Nd1MN9PD9DA9TU/Ty/QyiSbR9DV9TT/TzwwwA8wgM8gMNoPNEDPEJJkkM8wMM8PNcDPCjDAjzSgzOvNE1bxlxppxZryZYJJNsplkJpnJZrKZYqaYaWaaSTEpZqaZaWaZWWaOmWPmmrlmnplnFpgFJtWkmkVmkUkzaWaJWWLSTbpZZpaZFWaFWWVWmTVmjVln1pkNsMFsMpvMFrPFbDPbzA6zw+wyu8xus9vsMXvMPrPP7Df7zQFzwBw0B80hc8hkmAxz2Bw2R8wRc9QcNcfMMXPcHDcnzUlzypwyp81pc9acNedN/kvvl97E2pw2l73K5rZX2zz2Gvv3cQFb0MbbQraw1Tafzf+b2Fhri9sStqQtZZ0tbcvYm34XV7SVbGVbxd5uq9o7bLXfxXXsPbauvdfWs/fZ2vbu38T17f22gX3ENkQEsM1tY9vSNrGP2Kb2UdvMNrctbEvb3j5pO9inbIJ92na0z/wuXmQX2zV2rV1n19s9dq89a8/ZI/Ybe97+aHvZ3naQfdkOtq/YIfZVm2SH/i4ebd+0Y+xbdqwdZ8fbCb+Lp9npNsXOsDPtu3aWnf27ONV+YOfaNDvPzrcL7MKf48w5pdkP7RL7kU23ASyzy+0Ku9Kusqv/71yX2412k91sd9tP7Da73e6wO+2urBNhu9fus5/a/fYze9h+bQ/aL+whe9Rm2K9+jjP376j91h6z39nj9oQ9ab+3p+wPKis7c9+/tz/Zi9ZbICQgSYoCiqEcFEs5KRddRbnpaspD11CErqU4uo7y0vWUj/JTASpI8VSICpMmQ5aIQipCRSlKN1DW9EpSKXJUmsrQTVSWbqZydAuVp1upAt1GFakSVaYqdDtVpTuoGt1J1ekuqkE1qRbVprupDt1Ddeleqkf3UX26nxrQA9SQHqRG9BA1poepCT1CTelRakbNqQW1pFb0GLWmx6kNtaV29AS1pyepAz1FCfQ0daRnqBP9jTrTs9SFnqOu9Dx1o+7Ug16gnvQi9aLelEh9qC+9RP2oPw2ggTSIXqbB9AoNoVcpiYbSMHqNhtPrNILeoJE0ikbTmzSG3qKxNI7G0wRKpok0id6myfQOTaGpNI2mUwrNoJn0Ls2i2TSH3qO59D7No/m0gBZSKn1Ai2gxpdGHtIQ+onRaSstoOa2glbSKVtMaWkvraD1toI20iTbTFtpK22g77aCdtIs+pt30Ce2hvbSPPqX99BkdoM/pIH1Bh+hLyqCv6DB9TUfoGzpK3/re9B0dpxN0kr6nU/QDnaYzdJbO0Xn6kS7QT3SRPEGIoQhlqMIgjAlzhLFhzjBXeFWYO7w6zBNeE0bCa8O48Lowb3h9mC/MHxYIC4bxYaGwcKhDE9qQwjAsEhYNo+ENYbHwxrB4WCIsGZYKXVg6LBPeFJYNbw7LhbeE5cNbwwrhbWHFsFL4yH1VwtvDquEdYbXwzrB6eFdYI6wZ1gprh3eHdcJ7wrrhvWG98L6wXHh/2CB8IGwYPhg2Ch8KG4cPh03CR8Km4aNhs7B52CJsGbYKHwtbh4+HbcK2YbvwqrB9+GTYIXwqTAifDjuGz/zcf//irP4nftefGPYJ+4YvhS+F3t8rF0QXRlOjH0QXRRdH06IfRpdEP4qmR5dGl0WXR1dEV0ZXRVdH10TXRtdF10c3RDdGN0U3R72vnQMcOuGkUy5wMS6Hi3U5XS53lcvtrnZ53DUu4q51ce46l9dd7/K5/K6AK+jiXSFX2GlnnHXkQlfEFXVRd4Mr5m50xV0JV9KVcs6VdmVcS9fKtXKt3eOujWvr2rkn3BPuSfeke8o95Z52Hd0zrpP7m+vsnnVd3HPuOfe86+a6ux7uBdfTTczzy2sy0fV1fV0/188NcAPcIDfIDXaD3RA3xCW5JDfMDXPD3XA3wo1wI91IN9qNdmPcGDfWjXXj3XiX7JLdJDfJTXaT3RQ3xU1z01yKS3Ez3Uw3y81yVWf/spV5bp5b4Ba4VJfqFrnMc8Y0t8Qtceku3S1zy9wKt8KtcqvcGrfGrXPr3Aa3wW1ym9wWt8Vtc9vcDrfD7XK73G632+3x1/wyqNvvDrgD7qA76A65L12G+8oddl+7I+4bd9R9646579xxd8KddN+7U+4Hd9qdcWfdOXfe/eguuJ/cReddcmRiZFLk7cjkyDuRKZGpkWmR6ZGUyIzIzMi7kVmR2ZE5kfcicyPvR+ZF5kcWRBZGUiMfRBZFFkfSIh9GlkQ+iqRHlkaWRZZHVkRWRrwvtC30RXxRH/U3+GL+Rl/cl/AlfSnvfGlfxt/ky/qbfTl/iy/vb/UV/G2+oq/kK/tHfTPf3LfwLX0r/5hv7R/3bXxb384/4dv7J30H/5RP8E/7jv4Z38n/zXf2z/ou/jnf1T/vu/nuvod/wff0L/pevrdP9H18X/+S7+f7+wF+oB/kX/aD/St+iH/VJ/mhfph/zQ/3r/sR/g0/0o/yo2Pe9GOyLpFhgk/2E/0k/7af7N/xU/xUP81P9yl+hp/p3/Wz/Gw/x7/n5/r3/Tw/3y/wC32q/8Av8ot9mv/QL/Ef+XS/NOumsV/lV/s1fq1f59f7DX6j3+Q3+y1+q9/mt/sdfqff5T/2u/0nfo/f6/f5T/1+/5k/4D/3B/0X/pD/0mf4r/xh/7U/4r/xR/23/pj/zh/3J/xJ/70/5X/wp/0Zf9af8+f9j/6C/8lf5L9ZY4wxxhj7l0y83BS/7fnldn6fP8gRv1q5LwBcvb1gxq/7M88oN+T7pd1fxLePAMDTvbs+lLXUqJGYmHhp3XQJQdH5AFmfBGX6+asHl+Kl0A6ehARoC2X/cP79Rffz9E/Gj94KkOtXObFwOb48/ucAmPgH4z/2xOhFFcKzcf+P8ecDFC96OScnXI6XQruf76+0hXL/YP75W/+T+ef8Ihmgza9ycsPl+PL8y8Dj8Awk/GZNxhhjjDHGGGPsF/1F5c5Z159Z3/j8o+vzeHU5Jwdcjv/Z9TljjDHGGGOMMcauvGe793jqsYSEtp3//Ua1/1LWv9xoCv9dI3PjDxveA2Q9ogDgPxwQILMh/8q92PqXbCvp0kvn77tWnPMB/M8o5Z/RuMIHJsYYY4wxxtif7vJJ/28fV1dqQowxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWDb0V/w7sSu9j4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxtiV9n8CAAD//7wUAB0=") unlinkat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x200) mount$9p_rdma(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x300000, 0x0) 116.531716ms ago: executing program 5 (id=14293): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r0) sendmsg$nl_generic(r0, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002d00)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000000c0002006e6c3830323131"], 0x20}}, 0x800) 42.877385ms ago: executing program 8 (id=14140): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000001, 0x4c032, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='smaps\x00') preadv(r0, &(0x7f0000000340)=[{&(0x7f0000003200)=""/4096, 0x1000}], 0x1, 0x2c2, 0xca) 0s ago: executing program 4 (id=14294): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/mem_sleep', 0x288400, 0x48) unshare(0x600) signalfd(r0, &(0x7f0000000000)={[0xb]}, 0x8) kernel console output (not intermixed with test programs): 1:1.0: probe with driver snd-usb-audio failed with error -22 [ 1027.564926][T26681] usb 4-1: USB disconnect, device number 2 [ 1027.661854][ T6790] udevd[6790]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1027.780131][ T5910] usb 6-1: new high-speed USB device number 126 using dummy_hcd [ 1027.793503][ T2400] netlink: 16 bytes leftover after parsing attributes in process `syz.2.13042'. [ 1027.959055][ T5910] usb 6-1: config 220 has an invalid interface number: 76 but max is 2 [ 1027.977543][T32375] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 1027.985482][ T5910] usb 6-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 1028.015887][ T5910] usb 6-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 1028.043029][ T5910] usb 6-1: config 220 has no interface number 2 [ 1028.059542][ T5910] usb 6-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 1028.112045][ T5910] usb 6-1: config 220 interface 0 has no altsetting 0 [ 1028.137171][ T5910] usb 6-1: config 220 interface 76 has no altsetting 0 [ 1028.151468][ T5910] usb 6-1: config 220 interface 1 has no altsetting 0 [ 1028.158644][T32375] usb 8-1: Using ep0 maxpacket: 16 [ 1028.173107][T32375] usb 8-1: config index 0 descriptor too short (expected 65532, got 18) [ 1028.186628][ T5910] usb 6-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 1028.205263][T32375] usb 8-1: config 0 has an invalid interface number: 0 but max is -1 [ 1028.213523][ T5910] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1028.222121][T32375] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 1028.239814][ T5910] usb 6-1: Product: syz [ 1028.250227][ T5910] usb 6-1: Manufacturer: syz [ 1028.269657][ T5910] usb 6-1: SerialNumber: syz [ 1028.278307][T32375] usb 8-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 1028.287971][T32375] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1028.317500][T32375] usb 8-1: Product: syz [ 1028.338594][T32375] usb 8-1: Manufacturer: syz [ 1028.343302][T32375] usb 8-1: SerialNumber: syz [ 1028.374819][T32375] r8152-cfgselector 8-1: Unknown version 0x0000 [ 1028.401644][T32375] r8152-cfgselector 8-1: config 0 descriptor?? [ 1028.535811][ T2396] loop6: detected capacity change from 0 to 32768 [ 1028.548107][ T5910] usb 6-1: selecting invalid altsetting 0 [ 1028.597655][ T5910] uvcvideo 6-1:220.0: Found UVC 7.01 device syz (8086:0b07) [ 1028.655377][ T5910] uvcvideo 6-1:220.0: No valid video chain found. [ 1028.670071][ T2396] XFS (loop6): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 1028.757169][ T5910] usb 6-1: selecting invalid altsetting 0 [ 1028.810588][ T5910] usbtest 6-1:220.1: probe with driver usbtest failed with error -22 [ 1028.828525][ T2396] XFS (loop6): Ending clean mount [ 1028.838534][T32375] r8152-cfgselector 8-1: USB disconnect, device number 4 [ 1028.879477][ T5910] usb 6-1: USB disconnect, device number 126 [ 1028.960037][T31248] XFS (loop6): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 1029.091989][ T2445] wlan1 speed is unknown, defaulting to 1000 [ 1029.139720][ T2445] wg0 speed is unknown, defaulting to 1000 [ 1030.548181][ T2495] dlm: non-version read from control device 4112 [ 1030.688682][ T2459] loop5: detected capacity change from 0 to 32768 [ 1030.750624][ T2459] BTRFS info: device /dev/loop5 (7:5) using temp-fsid e861737d-74f8-4fe2-a0cb-13eacd38d1a5 [ 1030.818926][ T2459] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.13061 (2459) [ 1030.914453][ T2502] IPv6: sit1: Disabled Multicast RS [ 1030.923157][ T2459] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1030.939505][ T2501] loop6: detected capacity change from 0 to 512 [ 1030.942940][ T2502] sit1: entered allmulticast mode [ 1030.961946][ T2459] BTRFS info (device loop5): using sha256 checksum algorithm [ 1030.978018][ T2501] EXT4-fs: Ignoring removed i_version option [ 1031.033287][ T2501] EXT4-fs error (device loop6): ext4_orphan_get:1397: inode #15: comm syz.6.13078: inode has both inline data and extents flags [ 1031.108729][ T2501] loop6: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 1031.109984][ C0] EXT4-fs (loop6): error count since last fsck: 1 [ 1031.125649][ C0] EXT4-fs (loop6): initial error at time 2210210: ext4_orphan_get:1397: inode 15 [ 1031.134846][ C0] EXT4-fs (loop6): last error at time 2210210: ext4_orphan_get:1397: inode 15 [ 1031.143928][ T2501] EXT4-fs error (device loop6): ext4_orphan_get:1402: comm syz.6.13078: couldn't read orphan inode 15 (err -117) [ 1031.160602][ T2501] loop6: lost filesystem error report for type 5 error -117 [ 1031.171470][ T2501] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1031.330301][ T2459] BTRFS info (device loop5): enabling ssd optimizations [ 1031.362361][T31248] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1031.373521][ T2459] BTRFS info (device loop5): turning on async discard [ 1031.453132][ T2459] BTRFS info (device loop5): enabling free space tree [ 1031.628286][ T5822] BTRFS info (device loop5): last unmount of filesystem e861737d-74f8-4fe2-a0cb-13eacd38d1a5 [ 1031.673126][ T2506] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 1031.697628][ T2506] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 1031.826526][ T2506] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 1031.961864][ T2506] Bluetooth: hci7: Opcode 0x0c1a failed: -4 [ 1031.988268][ T2506] Bluetooth: hci7: Opcode 0x0406 failed: -4 [ 1032.048785][ T2557] netlink: 5 bytes leftover after parsing attributes in process `syz.6.13093'. [ 1032.192110][ T2506] Bluetooth: hci7: Opcode 0x0406 failed: -4 [ 1032.348801][ T2572] program syz.5.13098 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1032.867591][ T2593] loop6: detected capacity change from 0 to 16 [ 1032.887087][ T2593] erofs (device loop6): mounted with root inode @ nid 36. [ 1032.998397][ T2593] erofs (device loop6): bogus lookback distance 1 @ lcn 0 of nid 89 [ 1033.045851][ T5838] Bluetooth: hci6: command 0x0c1a tx timeout [ 1033.052082][ T2593] erofs (device loop6): readahead error at folio 0 @ nid 89 [ 1033.054772][ T2548] loop2: detected capacity change from 0 to 32768 [ 1033.073472][ T2593] syz.6.13106: attempt to access beyond end of device [ 1033.073472][ T2593] loop6: rw=524288, sector=1056, nr_sectors = 16 limit=16 [ 1033.114042][ T2593] erofs (device loop6): bogus lookback distance 1 @ lcn 0 of nid 89 [ 1033.147363][ T2593] erofs (device loop6): read error -117 @ 0 of nid 89 [ 1033.173548][ T31] kauditd_printk_skb: 8 callbacks suppressed [ 1033.173569][ T31] audit: type=1800 audit(2210212.923:2499): pid=2593 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.13106" name="file3" dev="loop6" ino=89 res=0 errno=0 [ 1033.260215][ T2548] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1033.540559][ T2548] XFS (loop2): Ending clean mount [ 1033.771700][ T5823] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1033.891613][ T5838] Bluetooth: hci7: command 0x0c1a tx timeout [ 1034.311980][ T2650] bond1: entered promiscuous mode [ 1034.364449][ T2650] 8021q: adding VLAN 0 to HW filter on device bond1 [ 1034.822625][ T2638] loop7: detected capacity change from 0 to 32768 [ 1034.878359][ T2638] BTRFS info: device /dev/loop7 (7:7) using temp-fsid e386f6fb-e75c-46db-b9df-d9f51676574d [ 1034.920199][T32375] usb 3-1: new full-speed USB device number 123 using dummy_hcd [ 1034.938803][ T2638] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.13119 (2638) [ 1035.005858][ T2638] BTRFS info (device loop7): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1035.034977][ T5838] Bluetooth: hci6: command 0x0c1a tx timeout [ 1035.053116][ T2638] BTRFS info (device loop7): using sha256 checksum algorithm [ 1035.110768][T32375] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1035.170054][T32375] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1035.244862][T32375] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40 [ 1035.264672][T32375] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 1035.293500][T32375] usb 3-1: SerialNumber: syz [ 1035.316915][T32375] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22 [ 1035.351851][T32375] usb-storage 3-1:1.0: USB Mass Storage device detected [ 1035.359430][ T2638] BTRFS info (device loop7): enabling ssd optimizations [ 1035.366393][ T2638] BTRFS info (device loop7): turning on async discard [ 1035.455125][ T2638] BTRFS info (device loop7): enabling free space tree [ 1035.473260][T32375] usb-storage 3-1:1.0: Quirks match for vid 0525 pid a4a5: 10000 [ 1035.501757][T32375] scsi host1: usb-storage 3-1:1.0 [ 1035.643847][ T2720] bond3: Removing last arp target with arp_interval on [ 1035.651675][ T2720] bond3: entered allmulticast mode [ 1035.663560][ T1061] BTRFS info (device loop7): last unmount of filesystem e386f6fb-e75c-46db-b9df-d9f51676574d [ 1035.670350][ T2720] 8021q: adding VLAN 0 to HW filter on device bond3 [ 1035.872637][ T5838] Bluetooth: hci7: command 0x0c1a tx timeout [ 1036.022608][ T2748] xt_cgroup: path and classid specified [ 1036.331495][ T2752] loop3: detected capacity change from 0 to 1024 [ 1036.500666][ T2765] netlink: 12 bytes leftover after parsing attributes in process `syz.5.13158'. [ 1036.593498][ T50] hfsplus: b-tree write err: -5, ino 25 [ 1036.601651][ T50] hfsplus: b-tree write err: -5, ino 4 [ 1036.617194][ T50] hfsplus: b-tree write err: -5, ino 2 [ 1036.710891][T26681] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 1036.873219][T26681] usb 7-1: Using ep0 maxpacket: 8 [ 1036.880906][T26681] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1036.910671][T26681] usb 7-1: New USB device found, idVendor=046d, idProduct=08f0, bcdDevice=a1.8c [ 1036.941144][T26681] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1036.972038][T26681] usb 7-1: config 0 descriptor?? [ 1037.000110][T26681] gspca_main: STV06xx-2.14.0 probing 046d:08f0 [ 1037.006709][ T5838] Bluetooth: hci6: command 0x0c1a tx timeout [ 1037.038395][T26681] gspca_stv06xx: st6422 sensor detected [ 1037.339187][T26682] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 1037.487014][T26681] STV06xx 7-1:0.0: probe with driver STV06xx failed with error -71 [ 1037.538553][T26682] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1037.553154][T26680] usb 3-1: USB disconnect, device number 123 [ 1037.585274][T26682] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1037.607295][T26681] usb 7-1: USB disconnect, device number 10 [ 1037.641196][T26682] usb 5-1: Product: syz [ 1037.653710][T26682] usb 5-1: Manufacturer: syz [ 1037.658346][T26682] usb 5-1: SerialNumber: syz [ 1037.702280][T26682] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1037.748632][ T5929] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1037.843903][ T5838] Bluetooth: hci7: command 0x0c1a tx timeout [ 1037.954509][ T2813] loop7: detected capacity change from 0 to 512 [ 1037.994165][ T2813] EXT4-fs: Ignoring removed oldalloc option [ 1038.091875][ T2813] EXT4-fs error (device loop7): ext4_xattr_inode_iget:437: comm syz.7.13178: Parent and EA inode have the same ino 15 [ 1038.117690][ T2813] loop7: lost filesystem error report for type 5 error -117 [ 1038.119524][ T2813] EXT4-fs (loop7): Remounting filesystem read-only [ 1038.126850][ C1] EXT4-fs (loop7): error count since last fsck: 1 [ 1038.126872][ C1] EXT4-fs (loop7): initial error at time 2210218: ext4_xattr_inode_iget:437 [ 1038.126903][ C1] EXT4-fs (loop7): last error at time 2210218: ext4_xattr_inode_iget:437 [ 1038.187818][ T2813] EXT4-fs warning (device loop7): ext4_evict_inode:285: xattr delete (err -30) [ 1038.197125][ T2813] EXT4-fs (loop7): 1 orphan inode deleted [ 1038.205063][ T1203] usb 5-1: USB disconnect, device number 4 [ 1038.217037][ T2813] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1038.446921][ T1061] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1038.490792][ T2839] loop5: detected capacity change from 0 to 128 [ 1038.519352][ T2839] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256 [ 1038.557116][ T2839] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1038.788283][ T5929] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 1038.795364][ T5929] ath9k_htc: Failed to initialize the device [ 1038.849457][ T1203] usb 5-1: ath9k_htc: USB layer deinitialized [ 1039.253900][ T2879] netlink: 'syz.2.13201': attribute type 9 has an invalid length. [ 1039.528981][ T2888] netlink: 'syz.6.13206': attribute type 31 has an invalid length. [ 1039.853840][ T5910] usb 6-1: new high-speed USB device number 127 using dummy_hcd [ 1039.918194][ T2911] x_tables: duplicate entry at hook 2 [ 1040.013164][ T5910] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 1040.044232][ T5910] usb 6-1: config 0 interface 0 has no altsetting 0 [ 1040.095594][ T5910] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 1040.125108][ T2921] JFS: discard option not supported on device [ 1040.126163][ T5910] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 1040.148434][ T2921] Mount JFS Failure: -22 [ 1040.154893][ T2908] wlan1 speed is unknown, defaulting to 1000 [ 1040.165978][ T5910] usb 6-1: Product: syz [ 1040.169387][ T2921] jfs_mount failed w/return code = -22 [ 1040.172921][ T2908] wg0 speed is unknown, defaulting to 1000 [ 1040.199134][ T5910] usb 6-1: Manufacturer: syz [ 1040.203874][ T5910] usb 6-1: SerialNumber: syz [ 1040.222305][ T2925] netlink: 16 bytes leftover after parsing attributes in process `syz.2.13224'. [ 1040.329412][ T5910] usb 6-1: config 0 descriptor?? [ 1040.341648][ T5910] usb 6-1: selecting invalid altsetting 0 [ 1040.435958][ T2928] xt_hashlimit: max too large, truncated to 1048576 [ 1040.452663][ T2929] libceph: resolve 'c' (ret=-3): failed [ 1040.477095][ T2928] xt_hashlimit: overflow, try lower: 13/0 [ 1040.661345][T26680] usb 6-1: USB disconnect, device number 127 [ 1041.065870][ T2942] loop6: detected capacity change from 0 to 4096 [ 1041.145844][ T2942] ntfs3(loop6): Failed to initialize $Extend/$ObjId. [ 1041.225818][ T5910] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 1041.427556][ T5910] usb 5-1: Using ep0 maxpacket: 32 [ 1041.459676][ T5910] usb 5-1: config 4 has an invalid interface number: 128 but max is 0 [ 1041.488385][ T5910] usb 5-1: config 4 has no interface number 0 [ 1041.524723][ T5910] usb 5-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1041.572409][ T5910] usb 5-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1041.593063][ T2933] loop2: detected capacity change from 0 to 32768 [ 1041.599992][ T5910] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 1041.621938][ T2933] BTRFS info: device /dev/loop2 (7:2) using temp-fsid 50a986c4-5ef6-4550-b81a-6449d3f9cd6f [ 1041.642360][ T5910] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1041.658248][ T2933] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.13228 (2933) [ 1041.717632][ T5910] hub 5-1:4.128: USB hub found [ 1041.749108][ T2933] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1041.800080][ T2933] BTRFS info (device loop2): using sha256 checksum algorithm [ 1041.915100][ T5910] hub 5-1:4.128: 19 ports detected [ 1041.978266][ T5910] hub 5-1:4.128: Using single TT (err -22) [ 1042.019170][ T2971] loop7: detected capacity change from 0 to 1024 [ 1042.028203][ T5910] hub 5-1:4.128: insufficient power available to use all downstream ports [ 1042.028569][ T2933] BTRFS info (device loop2): enabling ssd optimizations [ 1042.059076][ T2963] block device autoloading is deprecated and will be removed. [ 1042.077543][ T2933] BTRFS info (device loop2): turning on async discard [ 1042.085074][ T2933] BTRFS info (device loop2): enabling free space tree [ 1042.093494][ T2963] syz.3.13241: attempt to access beyond end of device [ 1042.093494][ T2963] ram232: rw=2048, sector=18446744073709551608, nr_sectors = 8 limit=8192 [ 1042.159470][ T5910] hub 5-1:4.128: hub_hub_status failed (err = -71) [ 1042.191041][ T5910] hub 5-1:4.128: config failed, can't get hub status (err -71) [ 1042.279835][ T5823] BTRFS info (device loop2): last unmount of filesystem 50a986c4-5ef6-4550-b81a-6449d3f9cd6f [ 1042.329209][ T12] hfsplus: b-tree write err: -5, ino 25 [ 1042.355830][ T12] hfsplus: b-tree write err: -5, ino 4 [ 1042.371893][ T5910] usb 5-1: USB disconnect, device number 5 [ 1042.418482][ T12] hfsplus: b-tree write err: -5, ino 2 [ 1042.609360][ T2986] wlan1 speed is unknown, defaulting to 1000 [ 1042.750236][ T2986] wg0 speed is unknown, defaulting to 1000 [ 1042.855925][ T3003] netlink: 8 bytes leftover after parsing attributes in process `syz.6.13253'. [ 1043.416252][ T3025] netlink: 28 bytes leftover after parsing attributes in process `syz.3.13263'. [ 1043.461227][ T3025] netlink: 28 bytes leftover after parsing attributes in process `syz.3.13263'. [ 1043.531677][ T3025] netlink: 32 bytes leftover after parsing attributes in process `syz.3.13263'. [ 1043.577054][ T3027] A link change request failed with some changes committed already. Interface veth1_to_bond may have been left with an inconsistent configuration, please check. [ 1044.001530][ T3047] netlink: 'syz.3.13275': attribute type 13 has an invalid length. [ 1044.022943][ T3047] netlink: 'syz.3.13275': attribute type 17 has an invalid length. [ 1044.042016][ T3047] gre0: left promiscuous mode [ 1044.054570][ T3047] gre0: left allmulticast mode [ 1044.078792][ T3047] gretap0: left promiscuous mode [ 1044.149250][ T9] usb 5-1: new full-speed USB device number 6 using dummy_hcd [ 1044.257679][ T3047] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 1044.306116][ T9] usb 5-1: config 0 has an invalid interface number: 200 but max is 0 [ 1044.369163][ T9] usb 5-1: config 0 has no interface number 0 [ 1044.375332][ T9] usb 5-1: config 0 interface 200 altsetting 2 has an endpoint descriptor with address 0xD8, changing to 0x88 [ 1044.438315][ T9] usb 5-1: config 0 interface 200 altsetting 2 endpoint 0x88 has an invalid bInterval 0, changing to 10 [ 1044.469846][ T9] usb 5-1: config 0 interface 200 has no altsetting 0 [ 1044.513217][ T9] usb 5-1: New USB device found, idVendor=0b57, idProduct=8528, bcdDevice=6d.39 [ 1044.532645][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1044.560700][ T9] usb 5-1: Product: syz [ 1044.574950][ T9] usb 5-1: Manufacturer: syz [ 1044.594527][ T9] usb 5-1: SerialNumber: syz [ 1044.632996][ T9] usb 5-1: config 0 descriptor?? [ 1044.748371][ T3071] m>e5n: entered promiscuous mode [ 1044.898082][ T9] input: Hanwang Art Master III 0906 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.200/input/input64 [ 1044.935865][ C1] usb 5-1: hanwang_irq - nonzero urb status received: -71 [ 1044.943259][ C1] usb 5-1: hanwang_irq - nonzero urb status received: -71 [ 1044.944388][ T9] usb 5-1: USB disconnect, device number 6 [ 1044.950387][ C1] usb 5-1: hanwang_irq - usb_submit_urb failed with result -19 [ 1045.340457][ T5929] usb 8-1: new full-speed USB device number 5 using dummy_hcd [ 1045.611645][ T5929] usb 8-1: config 0 has an invalid interface number: 16 but max is 0 [ 1045.622754][ T5929] usb 8-1: config 0 has no interface number 0 [ 1045.632980][ T5929] usb 8-1: config 0 interface 16 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 1045.644291][ T5929] usb 8-1: config 0 interface 16 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1045.688623][ T5929] usb 8-1: New USB device found, idVendor=0499, idProduct=102a, bcdDevice=85.2d [ 1045.720854][ T5929] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1045.752150][ T5929] usb 8-1: Product: syz [ 1045.773225][ T3098] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1045.773570][ T5929] usb 8-1: Manufacturer: syz [ 1045.829702][ T5929] usb 8-1: SerialNumber: syz [ 1045.868731][ T5929] usb 8-1: config 0 descriptor?? [ 1045.892188][ T3104] ipt_REJECT: ECHOREPLY no longer supported. [ 1045.899953][ T3083] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 1045.956356][ T5929] usb 8-1: Quirk or no altset; falling back to MIDI 1.0 [ 1045.976817][ T5929] usb 8-1: invalid MIDI in EP 0 [ 1046.058053][ T3106] loop6: detected capacity change from 0 to 1024 [ 1046.105644][ T3106] EXT4-fs: inline encryption not supported [ 1046.144736][ T3106] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1046.230521][ T3106] EXT4-fs error (device loop6): ext4_free_blocks:6724: comm syz.6.13303: Freeing blocks not in datazone - block = 0, count = 4096 [ 1046.265255][ T3106] loop6: lost filesystem error report for type 5 error -117 [ 1046.266205][ T3106] EXT4-fs (loop6): Remounting filesystem read-only [ 1046.273723][ C1] EXT4-fs (loop6): error count since last fsck: 1 [ 1046.273765][ C1] EXT4-fs (loop6): initial error at time 2210226: ext4_free_blocks:6724 [ 1046.273798][ C1] EXT4-fs (loop6): last error at time 2210226: ext4_free_blocks:6724 [ 1046.327174][ T5929] snd-usb-audio 8-1:0.16: probe with driver snd-usb-audio failed with error -22 [ 1046.386140][ T3118] loop3: detected capacity change from 0 to 22 [ 1046.412868][ T5929] usb 8-1: USB disconnect, device number 5 [ 1046.470506][ T5835] udevd[5835]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.16/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1046.474476][ T3118] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 1046.497538][ T3106] EXT4-fs (loop6): 1 orphan inode deleted [ 1046.517167][ T3106] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1046.519476][ T564] EXT4-fs (loop6): Quota write (off=2048, len=1024) cancelled because transaction is not started [ 1046.569285][ T3118] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 1046.602194][ T564] Quota error (device loop6): write_blk: dquota write failed [ 1046.603964][ T3124] netlink: 26 bytes leftover after parsing attributes in process `syz.4.13311'. [ 1046.616396][ T564] Quota error (device loop6): remove_free_dqentry: Can't write block (2) with free entries [ 1046.673371][ T564] EXT4-fs (loop6): Quota write (off=2048, len=1024) cancelled because transaction is not started [ 1046.712683][T31248] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1046.736498][ T564] Quota error (device loop6): write_blk: dquota write failed [ 1046.744200][ T3127] loop2: detected capacity change from 0 to 256 [ 1046.753705][ T564] Quota error (device loop6): free_dqentry: Can't move quota data block (2) to free list [ 1046.776549][ T564] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started [ 1046.787004][ T564] Quota error (device loop6): v2_write_file_info: Can't write info structure [ 1046.836707][ T3127] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7c18d7b, utbl_chksum : 0xe619d30d) [ 1046.888588][ T3128] loop5: detected capacity change from 0 to 2048 [ 1046.927471][ T3132] loop3: detected capacity change from 0 to 256 [ 1046.960955][ T3135] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1047.005454][ T3128] NILFS (loop5): bad btree node (ino=16, blocknr=12): level = 0, flags = 0x0, nchildren = 0 [ 1047.073728][ T3128] NILFS error (device loop5): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 1047.180932][ T3139] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 1047.229360][ T3139] block device autoloading is deprecated and will be removed. [ 1047.235503][ T3128] Remounting filesystem read-only [ 1047.268048][ T3143] 9pnet_fd: p9_fd_create_tcp (3143): problem binding to privport [ 1047.292505][ T3128] NILFS (loop5): bad btree node (ino=16, blocknr=12): level = 0, flags = 0x0, nchildren = 0 [ 1047.356170][ T3128] NILFS error (device loop5): nilfs_bmap_last_key: broken bmap (inode number=16) [ 1047.410745][ T3128] NILFS (loop5): error -5 truncating bmap (ino=16) [ 1047.598862][ T5822] NILFS (loop5): disposed unprocessed dirty file(s) when detaching log writer [ 1048.075391][ T3178] netlink: 'syz.5.13336': attribute type 11 has an invalid length. [ 1048.903355][ T3167] loop6: detected capacity change from 0 to 32768 [ 1048.999014][ T3167] XFS (loop6): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1049.076218][ T3223] IPVS: set_ctl: invalid protocol: 94 0.0.0.0:20003 [ 1049.083249][ T3217] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 11 out of range (51000000..2150000000) [ 1049.090530][ T3167] XFS (loop6): Ending clean mount [ 1049.106452][ T3167] XFS (loop6): Quotacheck needed: Please wait. [ 1049.234329][ T3167] XFS (loop6): Quotacheck: Done. [ 1049.408163][ T3228] loop5: detected capacity change from 0 to 2048 [ 1049.423399][ T3231] ALSA: mixer_oss: invalid OSS volume 'u' [ 1049.434530][T31248] XFS (loop6): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1049.462331][ T3228] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1049.538742][ T3228] syz.5.13356: attempt to access beyond end of device [ 1049.538742][ T3228] loop5: rw=8912896, sector=33554430, nr_sectors = 2 limit=2048 [ 1049.555326][ T3237] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1049.633693][ T3228] NILFS (loop5): DAT doesn't have a block to manage vblocknr = 16777227 [ 1049.651890][ T3228] NILFS error (device loop5): nilfs_bmap_truncate: broken bmap (inode number=16) [ 1049.722540][ T3228] Remounting filesystem read-only [ 1049.727706][ T3228] NILFS (loop5): error -5 truncating bmap (ino=16) [ 1049.894243][ T5822] NILFS (loop5): disposed unprocessed dirty file(s) when detaching log writer [ 1050.013799][ T3246] loop7: detected capacity change from 0 to 1024 [ 1050.168402][ T3204] loop3: detected capacity change from 0 to 32768 [ 1050.267196][ T127] hfsplus: b-tree write err: -5, ino 25 [ 1050.293287][ T127] hfsplus: b-tree write err: -5, ino 4 [ 1050.311800][ T127] hfsplus: b-tree write err: -5, ino 2 [ 1050.378847][ T1203] usb 3-1: new full-speed USB device number 124 using dummy_hcd [ 1050.571323][ T1203] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1050.626000][ T1203] usb 3-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e [ 1050.654889][ T1203] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1050.673563][ T3263] loop3: detected capacity change from 0 to 16 [ 1050.687589][ T1203] usb 3-1: Product: syz [ 1050.691770][ T1203] usb 3-1: Manufacturer: syz [ 1050.697485][ T3263] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 1050.726629][ T1203] usb 3-1: SerialNumber: syz [ 1050.747048][ T1203] usb 3-1: config 0 descriptor?? [ 1050.782853][ T1203] streamzap 3-1:0.0: streamzap_probe: Unexpected desc.bNumEndpoints (0) [ 1050.974518][T26681] usb 3-1: USB disconnect, device number 124 [ 1051.165568][ T3279] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1051.285119][ T3282] loop7: detected capacity change from 0 to 1024 [ 1051.492502][ T3253] loop6: detected capacity change from 0 to 32768 [ 1051.530443][ T3292] ip6tnl2: entered allmulticast mode [ 1051.540075][ T3294] netlink: 'syz.5.13388': attribute type 2 has an invalid length. [ 1051.571783][ T3253] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1051.751314][ T3253] XFS (loop6): Ending clean mount [ 1051.793358][ T3306] loop7: detected capacity change from 0 to 1024 [ 1051.803808][ T3253] XFS (loop6): Quotacheck needed: Please wait. [ 1051.931948][ T3253] XFS (loop6): Quotacheck: Done. [ 1052.045190][ T564] hfsplus: b-tree write err: -5, ino 25 [ 1052.074521][ T564] hfsplus: b-tree write err: -5, ino 4 [ 1052.080112][ T564] hfsplus: b-tree write err: -5, ino 2 [ 1052.151456][T31248] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1052.326704][ T3323] netlink: 12 bytes leftover after parsing attributes in process `syz.7.13397'. [ 1052.807234][ T3335] netlink: 20 bytes leftover after parsing attributes in process `syz.3.13406'. [ 1052.863012][ T3335] ip6tnl3: entered allmulticast mode [ 1052.959513][ T3343] netlink: 8 bytes leftover after parsing attributes in process `syz.6.13399'. [ 1052.969162][ T3342] netlink: 28 bytes leftover after parsing attributes in process `syz.5.13409'. [ 1053.155959][ T3347] sit0: entered promiscuous mode [ 1053.194117][ T3347] netlink: 'syz.2.13411': attribute type 1 has an invalid length. [ 1053.283736][ T3347] netlink: 1 bytes leftover after parsing attributes in process `syz.2.13411'. [ 1053.445685][ T1203] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 1053.636153][ T1203] usb 4-1: Using ep0 maxpacket: 16 [ 1053.647611][ T1203] usb 4-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4 [ 1053.683884][ T1203] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1053.720137][ T1203] usb 4-1: config 0 descriptor?? [ 1053.749962][ T1203] gspca_main: sonixj-2.14.0 probing 0471:0327 [ 1053.880265][ T3365] loop6: detected capacity change from 0 to 4096 [ 1053.988791][ T3365] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 1054.123742][ T3365] ntfs3(loop6): Failed to load $Extend (-22). [ 1054.129862][ T3365] ntfs3(loop6): Failed to initialize $Extend. [ 1054.153280][ T1203] gspca_sonixj: reg_r err -71 [ 1054.161438][ T1203] sonixj 4-1:0.0: probe with driver sonixj failed with error -71 [ 1054.200269][ T1203] usb 4-1: USB disconnect, device number 3 [ 1054.595148][ T3396] loop2: detected capacity change from 0 to 1024 [ 1054.817410][ T564] hfsplus: b-tree write err: -5, ino 25 [ 1054.823297][ T564] hfsplus: b-tree write err: -5, ino 4 [ 1054.880615][ T564] hfsplus: b-tree write err: -5, ino 2 [ 1054.931358][ T3408] loop6: detected capacity change from 0 to 1764 [ 1055.058658][ T3408] iso9660: Corrupted directory entry in block 14 of inode 1920 [ 1055.165602][ T3420] netlink: 12 bytes leftover after parsing attributes in process `syz.4.13442'. [ 1055.470901][ T3428] bond2: option all_slaves_active: invalid value (13) [ 1055.498533][ T3428] bond2 (unregistering): Released all slaves [ 1055.587003][ T3433] netlink: 20 bytes leftover after parsing attributes in process `syz.2.13449'. [ 1055.624079][ T3443] netlink: 'syz.3.13452': attribute type 3 has an invalid length. [ 1055.864324][ T3447] loop7: detected capacity change from 0 to 2048 [ 1055.911874][ T3447] UDF-fs: error (device loop7): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 1055.951520][ T3447] UDF-fs: error (device loop7): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 1056.003077][ T3447] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1056.085185][ T3458] netlink: 'syz.6.13460': attribute type 11 has an invalid length. [ 1056.123363][ T3458] netlink: 199828 bytes leftover after parsing attributes in process `syz.6.13460'. [ 1056.264980][ T3465] netlink: 12 bytes leftover after parsing attributes in process `syz.5.13463'. [ 1056.306938][ T3468] netlink: 12 bytes leftover after parsing attributes in process `syz.2.13466'. [ 1056.562328][ T3479] loop2: detected capacity change from 0 to 64 [ 1056.579500][T26681] usb 8-1: new full-speed USB device number 6 using dummy_hcd [ 1056.606163][ T3481] loop5: detected capacity change from 0 to 1024 [ 1056.758835][ T965] hfsplus: b-tree write err: -5, ino 25 [ 1056.775830][ T965] hfsplus: b-tree write err: -5, ino 4 [ 1056.783313][T26681] usb 8-1: config 8 has an invalid interface number: 177 but max is 0 [ 1056.798229][ T965] hfsplus: b-tree write err: -5, ino 2 [ 1056.802110][T26681] usb 8-1: config 8 has no interface number 0 [ 1056.828342][T26681] usb 8-1: config 8 interface 177 altsetting 9 endpoint 0x1 has invalid maxpacket 512, setting to 64 [ 1056.881768][T26681] usb 8-1: config 8 interface 177 altsetting 9 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 1056.915853][ T9] usb 3-1: new high-speed USB device number 125 using dummy_hcd [ 1056.918917][T26681] usb 8-1: config 8 interface 177 has no altsetting 0 [ 1056.944604][ T3489] netlink: 'syz.5.13475': attribute type 1 has an invalid length. [ 1056.956139][T26681] usb 8-1: New USB device found, idVendor=04d8, idProduct=fd08, bcdDevice=59.b1 [ 1056.975602][ T3489] NCSI netlink: No device for ifindex 0 [ 1057.001958][T26681] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1057.050437][ T3471] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 1057.074412][ T9] usb 3-1: Using ep0 maxpacket: 8 [ 1057.083760][ T3471] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 1057.100791][ T9] usb 3-1: config 7 has an invalid interface number: 143 but max is 1 [ 1057.122524][ T9] usb 3-1: config 7 has an invalid interface number: 217 but max is 1 [ 1057.125012][ C1] ir_toy 8-1:8.177: out urb status: -71 [ 1057.143485][ T3495] netlink: 'syz.4.13479': attribute type 10 has an invalid length. [ 1057.151918][ T9] usb 3-1: config 7 has an invalid descriptor of length 121, skipping remainder of the config [ 1057.185633][ T9] usb 3-1: config 7 has no interface number 0 [ 1057.192984][ T3495] bridge0: port 3() entered disabled state [ 1057.196080][ T9] usb 3-1: config 7 has no interface number 1 [ 1057.215539][ T3495] netdevsim netdevsim4 : left allmulticast mode [ 1057.216370][ T9] usb 3-1: too many endpoints for config 7 interface 217 altsetting 0: 255, using maximum allowed: 30 [ 1057.235193][ T9] usb 3-1: config 7 interface 217 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 1057.265778][ T3495] netdevsim netdevsim4 : left promiscuous mode [ 1057.274560][ T3495] bridge0: port 3() entered disabled state [ 1057.288292][ T9] usb 3-1: config 7 interface 143 has no altsetting 0 [ 1057.323264][ T3495] batman_adv: batadv0: Adding interface:  [ 1057.325998][ T9] usb 3-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=ba.35 [ 1057.339318][ T3495] batman_adv: batadv0: The MTU of interface  is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1057.363594][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1057.383219][ T9] usb 3-1: Product: syz [ 1057.387408][ T9] usb 3-1: Manufacturer: syz [ 1057.409667][ T9] usb 3-1: SerialNumber: syz [ 1057.417325][ T3495] batman_adv: batadv0: Not using interface  (retrying later): interface not active [ 1057.519103][ T3483] loop3: detected capacity change from 0 to 32768 [ 1057.551851][ T3505] loop6: detected capacity change from 0 to 2048 [ 1057.578081][ T3483] ocfs2: Slot 0 on device (7,3) was already allocated to this node! [ 1057.608686][ T3483] JBD2: Ignoring recovery information on journal [ 1057.616835][ T3505] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1057.643775][T26681] ir_toy 8-1:8.177: could not write reset command: -110 [ 1057.644631][ T9] qmi_wwan 3-1:7.143: probe with driver qmi_wwan failed with error -22 [ 1057.656538][T26681] ir_toy 8-1:8.177: probe with driver ir_toy failed with error -110 [ 1057.693040][T26681] usb 8-1: USB disconnect, device number 6 [ 1057.735580][ T3483] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 1057.752594][ T3511] __nla_validate_parse: 6 callbacks suppressed [ 1057.752614][ T3511] netlink: 20 bytes leftover after parsing attributes in process `syz.5.13485'. [ 1057.794591][ T9] usb 3-1: Could not set interface, error -71 [ 1057.818509][ T9] usb 3-1: USB disconnect, device number 125 [ 1057.828897][ T3511] netlink: 20 bytes leftover after parsing attributes in process `syz.5.13485'. [ 1058.087376][ T5821] ocfs2: Unmounting device (7,3) on (node local) [ 1058.319535][ T3525] xt_addrtype: ipv6 BLACKHOLE matching not supported [ 1058.426439][ T3524] wlan1 speed is unknown, defaulting to 1000 [ 1058.438171][ T3524] wg0 speed is unknown, defaulting to 1000 [ 1058.688180][ T3538] loop3: detected capacity change from 0 to 8 [ 1058.743231][ T3538] SQUASHFS error: zlib decompression failed, data probably corrupt [ 1058.781044][ T3538] SQUASHFS error: Failed to read block 0x4de: -5 [ 1058.803367][ T3538] SQUASHFS error: zlib decompression failed, data probably corrupt [ 1058.841276][ T3538] SQUASHFS error: Failed to read block 0x4df: -5 [ 1058.865348][ T3538] SQUASHFS error: zlib decompression failed, data probably corrupt [ 1058.890706][ T3538] SQUASHFS error: Failed to read block 0x4e0: -5 [ 1058.924214][ T3538] SQUASHFS error: zlib decompression failed, data probably corrupt [ 1058.977667][ T3538] SQUASHFS error: Failed to read block 0x4de: -5 [ 1059.045306][ T31] audit: type=1800 audit(2210240.084:2500): pid=3538 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.13489" name="file1" dev="loop3" ino=5 res=0 errno=0 [ 1059.864409][ T3577] netlink: 16 bytes leftover after parsing attributes in process `syz.7.13515'. [ 1059.928936][ T3577] netlink: 16 bytes leftover after parsing attributes in process `syz.7.13515'. [ 1059.979366][ T3577] netlink: 20 bytes leftover after parsing attributes in process `syz.7.13515'. [ 1060.094414][ T3583] openvswitch: netlink: Key type 80 is out of range max 32 [ 1060.198536][ T1203] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 1060.379339][ T1203] usb 4-1: Using ep0 maxpacket: 16 [ 1060.394453][ T1203] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 1060.423265][ T1203] usb 4-1: config 0 has no interface number 0 [ 1060.449380][ T1203] usb 4-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d [ 1060.513476][ T1203] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1060.521503][ T1203] usb 4-1: Product: syz [ 1060.528075][ T3593] bond5: option arp_validate: invalid value (18446744073709551614) [ 1060.572712][ T1203] usb 4-1: Manufacturer: syz [ 1060.577613][ T1203] usb 4-1: SerialNumber: syz [ 1060.590578][ T3593] bond5 (unregistering): Released all slaves [ 1060.599235][ T3598] loop5: detected capacity change from 0 to 8 [ 1060.617494][ T1203] usb 4-1: config 0 descriptor?? [ 1060.697720][ T1203] gspca_main: spca1528-2.14.0 probing 04fc:1528 [ 1060.716421][ T3573] loop6: detected capacity change from 0 to 32768 [ 1060.755457][ T3573] BTRFS info: device /dev/loop6 (7:6) using temp-fsid 2f80fad9-be07-4779-9d93-b363275c935c [ 1060.789185][ T3573] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.13512 (3573) [ 1060.862939][ T3573] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1060.888670][ T3573] BTRFS info (device loop6): using sha256 checksum algorithm [ 1061.043233][ T3620] tmpfs: Bad value for 'mpol' [ 1061.054109][ T1203] gspca_spca1528: reg_w err -71 [ 1061.084426][ T3573] BTRFS info (device loop6): enabling ssd optimizations [ 1061.084474][ T1203] spca1528 4-1:0.1: probe with driver spca1528 failed with error -71 [ 1061.106626][ T1203] usb 4-1: USB disconnect, device number 4 [ 1061.141448][ T3573] BTRFS info (device loop6): turning on async discard [ 1061.148269][ T3573] BTRFS info (device loop6): enabling free space tree [ 1061.239029][ T3628] xt_recent: hitcount (262144) is larger than allowed maximum (65535) [ 1061.346198][T31248] BTRFS info (device loop6): last unmount of filesystem 2f80fad9-be07-4779-9d93-b363275c935c [ 1061.406608][ T3633] netlink: 36 bytes leftover after parsing attributes in process `syz.2.13536'. [ 1061.439452][ T3633] netlink: 64 bytes leftover after parsing attributes in process `syz.2.13536'. [ 1061.950032][ T3641] loop5: detected capacity change from 0 to 4096 [ 1061.989571][ T3641] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 1062.062732][ T3602] loop7: detected capacity change from 0 to 32768 [ 1062.107320][ T3602] xfs: Deprecated parameter 'attr2' [ 1062.150050][ T3602] XFS: attr2 mount option is deprecated. [ 1062.207574][ T3641] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 1062.265754][ T3641] ntfs3(loop5): mft corrupted [ 1062.294302][ T3602] XFS (loop7): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1062.303744][ T3641] ntfs3(loop5): Failed to load $Extend (-22). [ 1062.309833][ T3641] ntfs3(loop5): Failed to initialize $Extend. [ 1062.333820][T26680] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 1062.343651][ T3641] ntfs3(loop5): ino=1e, mi_enum_attr [ 1062.346352][ T3655] loop2: detected capacity change from 0 to 2048 [ 1062.349498][ T3641] ntfs3(loop5): ino=1e, mi_enum_attr [ 1062.369375][ T3641] ntfs3(loop5): ino=1e, mi_enum_attr [ 1062.445722][ T3655] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1062.475537][ T3665] overlayfs: conflicting options: nfs_export=on,index=off [ 1062.513739][T26680] usb 5-1: Using ep0 maxpacket: 32 [ 1062.526663][T26680] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1062.541577][ T3602] XFS (loop7): Ending clean mount [ 1062.589073][T26680] usb 5-1: config 0 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0 [ 1062.618734][ T3602] XFS (loop7): Quotacheck needed: Please wait. [ 1062.635212][T26680] usb 5-1: config 0 interface 0 has no altsetting 0 [ 1062.681696][T26680] usb 5-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 1062.741433][T26680] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1062.785090][ T3602] XFS (loop7): Quotacheck: Done. [ 1062.790282][T26680] usb 5-1: Product: syz [ 1062.794446][T26680] usb 5-1: Manufacturer: syz [ 1062.853687][T26680] usb 5-1: SerialNumber: syz [ 1062.900023][T26680] usb 5-1: config 0 descriptor?? [ 1063.020464][ T1061] XFS (loop7): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1063.034825][ T3681] netlink: 44 bytes leftover after parsing attributes in process `syz.3.13555'. [ 1063.104555][ T3681] netlink: 43 bytes leftover after parsing attributes in process `syz.3.13555'. [ 1063.124564][ T3678] bond1: entered allmulticast mode [ 1063.134062][T26680] gs_usb 5-1:0.0: Couldn't send data format (err=-71) [ 1063.159604][ T3678] 8021q: adding VLAN 0 to HW filter on device bond1 [ 1063.166342][T26680] gs_usb 5-1:0.0: probe with driver gs_usb failed with error -71 [ 1063.174366][ T3681] netlink: 'syz.3.13555': attribute type 5 has an invalid length. [ 1063.194086][T26680] usb 5-1: USB disconnect, device number 7 [ 1063.200030][ T3681] netlink: 43 bytes leftover after parsing attributes in process `syz.3.13555'. [ 1063.875765][ T3705] openvswitch: netlink: IPv4 tun info is not correct [ 1063.943634][ T3711] netlink: 8 bytes leftover after parsing attributes in process `syz.4.13569'. [ 1064.049393][ T3716] IPVS: sync thread started: state = MASTER, mcast_ifn = lo, syncid = 2, id = 0 [ 1064.214333][ T3724] loop3: detected capacity change from 0 to 1024 [ 1064.404404][ T3730] netlink: 8 bytes leftover after parsing attributes in process `syz.2.13579'. [ 1064.428483][ T13] hfsplus: b-tree write err: -5, ino 25 [ 1064.434418][ T13] hfsplus: b-tree write err: -5, ino 4 [ 1064.472053][ T13] hfsplus: b-tree write err: -5, ino 2 [ 1064.838780][ T3752] netlink: 'syz.3.13590': attribute type 1 has an invalid length. [ 1064.877282][ T3752] netlink: 'syz.3.13590': attribute type 1 has an invalid length. [ 1065.174528][ T3762] loop3: detected capacity change from 0 to 2048 [ 1065.197736][ T3758] loop5: detected capacity change from 0 to 8192 [ 1065.273538][ T3762] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1065.553312][ T3775] netlink: 25 bytes leftover after parsing attributes in process `syz.7.13602'. [ 1065.706410][ T3782] netlink: 'syz.2.13605': attribute type 10 has an invalid length. [ 1065.743460][ T3782] netlink: 40 bytes leftover after parsing attributes in process `syz.2.13605'. [ 1065.770942][ T3782] lo: left promiscuous mode [ 1065.783961][ T3782] team0: Device lo is loopback device. Loopback devices can't be added as a team port [ 1065.828697][ T3782] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1065.898547][ T3754] loop6: detected capacity change from 0 to 32768 [ 1065.925049][ T3754] BTRFS info: device /dev/loop6 (7:6) using temp-fsid a01a87f6-e5b7-4e8b-bd28-54ebd5c7ef8f [ 1065.950485][T26680] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 1065.965018][ T3754] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.13591 (3754) [ 1066.016478][ T3754] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1066.077892][ T3754] BTRFS info (device loop6): using sha256 checksum algorithm [ 1066.125299][T26680] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 1066.143359][ T3796] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 1066.164560][T26680] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 1066.195214][ T3796] overlayfs: missing 'lowerdir' [ 1066.224970][T26680] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 1066.303845][ T3792] loop7: detected capacity change from 0 to 4096 [ 1066.339703][ T3754] BTRFS info (device loop6): enabling ssd optimizations [ 1066.360878][T26680] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1066.374822][ T3792] ntfs3(loop7): Different NTFS sector size (4096) and media sector size (512). [ 1066.399873][ T3754] BTRFS info (device loop6): turning on async discard [ 1066.406730][ T3754] BTRFS info (device loop6): enabling free space tree [ 1066.444890][ T3781] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1066.476259][ T3792] ntfs3(loop7): ino=19, mi_enum_attr [ 1066.489993][T26680] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 1066.510607][ T3792] ntfs3(loop7): Mark volume as dirty due to NTFS errors [ 1066.740329][ T3821] netlink: 16 bytes leftover after parsing attributes in process `syz.2.13617'. [ 1066.828343][T31248] BTRFS info (device loop6): last unmount of filesystem a01a87f6-e5b7-4e8b-bd28-54ebd5c7ef8f [ 1066.875945][T26680] usb 4-1: USB disconnect, device number 5 [ 1067.202251][ T3836] openvswitch: netlink: nsh attribute has 4 unknown bytes. [ 1067.232687][ T3836] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1067.472818][ T3844] netlink: 'syz.5.13628': attribute type 1 has an invalid length. [ 1067.513480][ T3844] netlink: 76 bytes leftover after parsing attributes in process `syz.5.13628'. [ 1067.572085][ T3849] netlink: 32 bytes leftover after parsing attributes in process `syz.6.13630'. [ 1067.822304][ T3856] tc_dump_action: action bad kind [ 1068.192047][ T3867] netlink: 20 bytes leftover after parsing attributes in process `syz.5.13640'. [ 1068.322096][ T3875] loop6: detected capacity change from 0 to 256 [ 1068.374700][ T3875] exfat: Deprecated parameter 'utf8' [ 1068.424776][ T3877] loop7: detected capacity change from 0 to 1024 [ 1068.428463][ T3875] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe3908169, utbl_chksum : 0xe619d30d) [ 1068.455342][ T3881] loop3: detected capacity change from 0 to 1024 [ 1068.564918][ T3881] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1068.965482][ T5821] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 1070.054385][ T3899] loop2: detected capacity change from 0 to 32768 [ 1070.071265][ T3942] loop5: detected capacity change from 0 to 256 [ 1070.087747][ T3899] BTRFS info: device /dev/loop2 (7:2) using temp-fsid 6c1cc56b-c2c7-48f0-b694-f997d9e05845 [ 1070.154091][ T3899] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.13655 (3899) [ 1070.259307][ T3899] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1070.272452][ T3942] FAT-fs (loop5): Directory bread(block 64) failed [ 1070.294841][ T3899] BTRFS info (device loop2): using sha256 checksum algorithm [ 1070.313559][ T3942] FAT-fs (loop5): Directory bread(block 65) failed [ 1070.342617][ T3942] FAT-fs (loop5): Directory bread(block 66) failed [ 1070.349196][ T3942] FAT-fs (loop5): Directory bread(block 67) failed [ 1070.371662][ T3942] FAT-fs (loop5): Directory bread(block 68) failed [ 1070.378690][ T3942] FAT-fs (loop5): Directory bread(block 69) failed [ 1070.382330][ T3953] loop3: detected capacity change from 0 to 512 [ 1070.386443][ T3942] FAT-fs (loop5): Directory bread(block 70) failed [ 1070.399086][ T3942] FAT-fs (loop5): Directory bread(block 71) failed [ 1070.407364][ T3953] EXT4-fs: inline encryption not supported [ 1070.437080][ T3953] EXT4-fs: Ignoring removed i_version option [ 1070.457170][ T3942] FAT-fs (loop5): Directory bread(block 72) failed [ 1070.517147][ T3942] FAT-fs (loop5): Directory bread(block 73) failed [ 1070.536880][ T3899] BTRFS info (device loop2): enabling ssd optimizations [ 1070.571539][ T3953] EXT4-fs (loop3): 1 orphan inode deleted [ 1070.598610][ T3899] BTRFS info (device loop2): turning on async discard [ 1070.631635][ T3953] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1070.664763][ T3899] BTRFS info (device loop2): enabling free space tree [ 1071.056967][ T5821] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1071.138963][ T3985] tc_dump_action: action bad kind [ 1071.174874][ T5823] BTRFS info (device loop2): last unmount of filesystem 6c1cc56b-c2c7-48f0-b694-f997d9e05845 [ 1072.439799][ T4030] IPVS: length: 153 != 24 [ 1072.932208][ T4055] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 1072.975653][ T4056] IPVS: set_ctl: invalid protocol: 0 172.20.20.170:0 [ 1073.220441][ T4068] loop2: detected capacity change from 0 to 764 [ 1073.951999][ T4098] usb usb8: usbfs: process 4098 (syz.4.13743) did not claim interface 0 before use [ 1074.116794][ T4109] loop5: detected capacity change from 0 to 256 [ 1074.174119][ T4111] netlink: 'syz.7.13751': attribute type 3 has an invalid length. [ 1074.246244][ T4114] loop3: detected capacity change from 0 to 8 [ 1074.345829][ T4114] SQUASHFS error: Failed to read block 0x6de: -5 [ 1074.380605][ T4114] SQUASHFS error: Unable to read metadata cache entry [6dc] [ 1074.394814][ T4114] SQUASHFS error: Unable to read directory block [26067d:ffff] [ 1075.127107][ T4149] netlink: 'syz.7.13769': attribute type 10 has an invalid length. [ 1075.198835][ T4149] team0: Device xfrm0 is of different type [ 1075.923688][ T1203] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 1076.102719][ T1203] usb 4-1: Using ep0 maxpacket: 8 [ 1076.124125][ T1203] usb 4-1: config 0 has an invalid interface number: 33 but max is 1 [ 1076.143539][ T1203] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1076.193039][ T1203] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 1076.228764][ T1203] usb 4-1: config 0 has no interface number 0 [ 1076.245190][ T1203] usb 4-1: config 0 interface 33 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0 [ 1076.290557][ T1203] usb 4-1: New USB device found, idVendor=2040, idProduct=2950, bcdDevice=85.f1 [ 1076.314088][ T1203] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1076.362127][ T1203] usb 4-1: Product: syz [ 1076.371791][ T1203] usb 4-1: Manufacturer: syz [ 1076.376434][ T1203] usb 4-1: SerialNumber: syz [ 1076.430818][ T1203] usb 4-1: config 0 descriptor?? [ 1076.456175][ T1203] pvrusb2: Hardware description: WinTV PVR USB2 Model 29xxx [ 1076.649520][ T2340] pvrusb2: Invalid write control endpoint [ 1076.676707][ T2340] usb 4-1: Direct firmware load for v4l-pvrusb2-29xxx-01.fw failed with error -2 [ 1076.723283][ T2340] usb 4-1: Falling back to sysfs fallback for: v4l-pvrusb2-29xxx-01.fw [ 1076.786017][ T4214] CIFS mount error: No usable UNC path provided in device string! [ 1076.786017][ T4214] [ 1076.858183][ T4214] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 1076.872486][ T1203] usb 4-1: USB disconnect, device number 6 [ 1077.049039][ T31] audit: type=1326 audit(2210258.993:2501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4223 comm="syz.6.13806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0179f9c819 code=0x7ffc0000 [ 1077.149840][ T4230] loop2: detected capacity change from 0 to 128 [ 1077.156425][ T31] audit: type=1326 audit(2210258.993:2502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4223 comm="syz.6.13806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0179f9c819 code=0x7ffc0000 [ 1077.227996][ T31] audit: type=1326 audit(2210258.993:2503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4223 comm="syz.6.13806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0179f9c819 code=0x7ffc0000 [ 1077.271771][ T4234] Bluetooth: MGMT ver 1.23 [ 1077.322554][ T31] audit: type=1326 audit(2210258.993:2504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4223 comm="syz.6.13806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=306 compat=0 ip=0x7f0179f9c819 code=0x7ffc0000 [ 1077.419077][ T31] audit: type=1326 audit(2210258.993:2505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4223 comm="syz.6.13806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0179f9c819 code=0x7ffc0000 [ 1077.554479][ T31] audit: type=1326 audit(2210258.993:2506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4223 comm="syz.6.13806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0179f9c819 code=0x7ffc0000 [ 1077.646695][ T31] audit: type=1326 audit(2210258.993:2507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4223 comm="syz.6.13806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0179f9c819 code=0x7ffc0000 [ 1077.678408][ T4239] loop7: detected capacity change from 0 to 4096 [ 1077.757008][ T31] audit: type=1326 audit(2210258.993:2508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4223 comm="syz.6.13806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f0179f9c819 code=0x7ffc0000 [ 1077.854645][ T31] audit: type=1326 audit(2210258.993:2509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4223 comm="syz.6.13806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f0179f9c819 code=0x7ffc0000 [ 1077.966965][ T4239] ntfs3(loop7): Mark volume as dirty due to NTFS errors [ 1077.978746][ T4253] loop3: detected capacity change from 0 to 16 [ 1078.002913][ T4253] erofs (device loop3): mounted with root inode @ nid 36. [ 1078.061448][ T4239] ntfs3(loop7): Failed to load $Extend (-22). [ 1078.109015][ T4239] ntfs3(loop7): Failed to initialize $Extend. [ 1078.258258][ T4262] loop5: detected capacity change from 0 to 256 [ 1078.263144][ T5821] syz-executor: attempt to access beyond end of device [ 1078.263144][ T5821] loop3: rw=524288, sector=44083543801856, nr_sectors = 64 limit=16 [ 1078.309227][ T4262] FAT-fs (loop5): Directory bread(block 64) failed [ 1078.338418][ T5821] syz-executor: attempt to access beyond end of device [ 1078.338418][ T5821] loop3: rw=8388608, sector=44083543801856, nr_sectors = 8 limit=16 [ 1078.343204][ T4262] FAT-fs (loop5): Directory bread(block 65) failed [ 1078.378621][ T4262] FAT-fs (loop5): Directory bread(block 66) failed [ 1078.417573][ T5821] erofs (device loop3): failed to readdir of logical block 0 of nid 46 [ 1078.426432][ T4262] FAT-fs (loop5): Directory bread(block 67) failed [ 1078.460915][ T5821] syz-executor: attempt to access beyond end of device [ 1078.460915][ T5821] loop3: rw=8912896, sector=8, nr_sectors = 24 limit=16 [ 1078.495697][ T5821] erofs (device loop3): invalid de[0].nameoff 0 @ nid 89 [ 1078.503343][ T4262] FAT-fs (loop5): Directory bread(block 68) failed [ 1078.542296][ T5821] erofs (device loop3): invalid de[0].nameoff 0 @ nid 89 [ 1078.571970][ T4262] FAT-fs (loop5): Directory bread(block 69) failed [ 1078.578619][ T4262] FAT-fs (loop5): Directory bread(block 70) failed [ 1078.648980][ T4262] FAT-fs (loop5): Directory bread(block 71) failed [ 1078.656503][ T4262] FAT-fs (loop5): Directory bread(block 72) failed [ 1078.733749][ T4262] FAT-fs (loop5): Directory bread(block 73) failed [ 1079.056834][ T4283] [U]  [ 1079.180652][ T4286] loop3: detected capacity change from 0 to 1024 [ 1079.205598][ T4284] loop5: detected capacity change from 0 to 4096 [ 1079.228787][ T9] usb 3-1: new full-speed USB device number 126 using dummy_hcd [ 1079.299177][ T4290] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1079.332357][ T4284] NILFS (loop5): cannot delete checkpoints: invalid range [2026, 1792) [ 1079.376883][ T4284] NILFS (loop5): error -22 preparing GC: cannot delete checkpoints [ 1079.440604][ T9] usb 3-1: config 0 has an invalid interface number: 41 but max is 0 [ 1079.460415][ T13] hfsplus: b-tree write err: -5, ino 25 [ 1079.460589][ T9] usb 3-1: config 0 has no interface number 0 [ 1079.483047][ T4264] loop6: detected capacity change from 0 to 32768 [ 1079.486507][ T13] hfsplus: b-tree write err: -5, ino 4 [ 1079.511977][ T9] usb 3-1: config 0 interface 41 has no altsetting 0 [ 1079.514833][ T13] hfsplus: b-tree write err: -5, ino 2 [ 1079.539326][ T4264] jfs_lookup: dtSearch returned -5 [ 1079.555669][ T9] usb 3-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 1079.587612][ T13] hfsplus: b-tree write err: -5, ino 22 [ 1079.619319][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1079.632849][ T9] usb 3-1: Product: syz [ 1079.637040][ T9] usb 3-1: Manufacturer: syz [ 1079.647925][ T9] usb 3-1: SerialNumber: syz [ 1079.660073][ T9] usb 3-1: config 0 descriptor?? [ 1080.064849][ T9] CoreChips 3-1:0.41 (unnamed net_device) (uninitialized): set LINK LED failed : -71 [ 1080.096919][ T9] CoreChips 3-1:0.41: probe with driver CoreChips failed with error -71 [ 1080.145237][ T9] usb 3-1: USB disconnect, device number 126 [ 1080.841672][ T4296] loop3: detected capacity change from 0 to 32768 [ 1080.870190][ T4296] BTRFS info: device /dev/loop3 (7:3) using temp-fsid ef6b3863-27ec-48ef-b6e2-4a14a7fb984a [ 1080.930867][ T4296] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.13839 (4296) [ 1081.031310][ T4296] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1081.041842][ T4296] BTRFS info (device loop3): using sha256 checksum algorithm [ 1081.099329][ T4315] loop5: detected capacity change from 0 to 32768 [ 1081.214987][ T4315] JBD2: Ignoring recovery information on journal [ 1081.244240][ T4347] loop6: detected capacity change from 0 to 1024 [ 1081.286603][ T4296] BTRFS info (device loop3): enabling ssd optimizations [ 1081.293559][ T4296] BTRFS info (device loop3): turning on async discard [ 1081.331344][ T4347] hfsplus: bad catalog entry type [ 1081.349758][ T4315] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 1081.362185][ T4296] BTRFS info (device loop3): enabling free space tree [ 1081.500143][ T13] hfsplus: b-tree write err: -5, ino 25 [ 1081.521976][ T13] hfsplus: b-tree write err: -5, ino 4 [ 1081.582883][ T13] hfsplus: b-tree write err: -5, ino 2 [ 1081.734892][ T5821] BTRFS info (device loop3): last unmount of filesystem ef6b3863-27ec-48ef-b6e2-4a14a7fb984a [ 1081.798822][ T5822] ocfs2: Unmounting device (7,5) on (node local) [ 1082.086527][ T4378] loop6: detected capacity change from 0 to 1024 [ 1082.160238][ T4378] hfsplus: bad catalog entry type [ 1082.166073][T26680] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 1082.211542][ T31] audit: type=1326 audit(2210264.400:2510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4380 comm="syz.2.13874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac6d9c819 code=0x7ffc0000 [ 1082.290439][ T564] hfsplus: b-tree write err: -5, ino 25 [ 1082.324567][ T31] audit: type=1326 audit(2210264.400:2511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4380 comm="syz.2.13874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac6d9c819 code=0x7ffc0000 [ 1082.331336][ T564] hfsplus: b-tree write err: -5, ino 4 [ 1082.382545][T26680] usb 5-1: config 0 has an invalid interface number: 16 but max is 0 [ 1082.390645][T26680] usb 5-1: config 0 has no interface number 0 [ 1082.429214][ T564] hfsplus: b-tree write err: -5, ino 2 [ 1082.434785][T26680] usb 5-1: too many endpoints for config 0 interface 16 altsetting 144: 127, using maximum allowed: 30 [ 1082.439191][ T31] audit: type=1326 audit(2210264.400:2512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4380 comm="syz.2.13874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ffac6d9c819 code=0x7ffc0000 [ 1082.524223][T26680] usb 5-1: config 0 interface 16 altsetting 144 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1082.575513][T26680] usb 5-1: config 0 interface 16 altsetting 144 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1082.618756][ T31] audit: type=1326 audit(2210264.400:2513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4380 comm="syz.2.13874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac6d9c819 code=0x7ffc0000 [ 1082.619090][T26680] usb 5-1: config 0 interface 16 altsetting 144 has 1 endpoint descriptor, different from the interface descriptor's value: 127 [ 1082.667514][ T4393] loop5: detected capacity change from 0 to 64 [ 1082.692328][T26680] usb 5-1: config 0 interface 16 has no altsetting 0 [ 1082.757621][T26680] usb 5-1: New USB device found, idVendor=5543, idProduct=004d, bcdDevice= 0.00 [ 1082.761866][ T31] audit: type=1326 audit(2210264.400:2514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4380 comm="syz.2.13874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac6d9c819 code=0x7ffc0000 [ 1082.817700][T26680] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1082.866527][T26680] usb 5-1: config 0 descriptor?? [ 1082.905220][ T31] audit: type=1326 audit(2210264.400:2515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4380 comm="syz.2.13874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7ffac6d9c819 code=0x7ffc0000 [ 1082.992695][ T4399] syz_tun: entered promiscuous mode [ 1082.998822][ T31] audit: type=1326 audit(2210264.400:2516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4380 comm="syz.2.13874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac6d9c819 code=0x7ffc0000 [ 1083.065677][ T4399] syz_tun: left promiscuous mode [ 1083.097753][ T31] audit: type=1800 audit(2210264.956:2517): pid=4393 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.13880" name="file1" dev="loop5" ino=22 res=0 errno=0 [ 1083.302918][T26680] uclogic 0003:5543:004D.0002: interface is invalid, ignoring [ 1083.330598][ T4411] loop7: detected capacity change from 0 to 64 [ 1083.381097][ T4414] loop6: detected capacity change from 0 to 256 [ 1083.573936][ T4414] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 1083.628473][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1083.655371][T26680] usb 5-1: USB disconnect, device number 8 [ 1083.671159][ T4419] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1083.690466][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1083.744454][ T4423] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1083.876415][ T4426] netlink: 8 bytes leftover after parsing attributes in process `syz.5.13894'. [ 1083.916435][ T4428] netlink: 'syz.2.13897': attribute type 1 has an invalid length. [ 1084.012824][ T4434] netlink: 24 bytes leftover after parsing attributes in process `syz.2.13898'. [ 1084.194723][ T4442] loop2: detected capacity change from 0 to 128 [ 1084.235947][ T4442] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1084.403717][ T5823] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1085.002690][ T4474] No buffer was provided with the request [ 1085.072354][ T4478] loop3: detected capacity change from 0 to 1024 [ 1085.124140][ T4485] netlink: 'syz.2.13921': attribute type 3 has an invalid length. [ 1085.149510][ T4478] hfsplus: bad catalog entry type [ 1085.155051][ T4485] netlink: 8 bytes leftover after parsing attributes in process `syz.2.13921'. [ 1085.296726][ T13] hfsplus: b-tree write err: -5, ino 25 [ 1085.302537][ T13] hfsplus: b-tree write err: -5, ino 4 [ 1085.338690][ T13] hfsplus: b-tree write err: -5, ino 2 [ 1085.425877][ T4498] vivid-000: disconnect [ 1085.444096][ T4497] vivid-000: reconnect [ 1085.453560][ T4493] loop5: detected capacity change from 0 to 2048 [ 1085.513291][ T4493] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1085.664381][ T4507] loop7: detected capacity change from 0 to 512 [ 1085.687422][ T4507] EXT4-fs: Ignoring removed nobh option [ 1085.728069][ T4507] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 1085.785190][ T4507] EXT4-fs (loop7): 1 truncate cleaned up [ 1085.795997][ T5822] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1085.880508][ T4507] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1086.038627][ T4510] loop6: detected capacity change from 0 to 2048 [ 1086.123553][ T4510] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1086.147532][ T1061] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1086.248018][ T4495] loop2: detected capacity change from 0 to 32768 [ 1086.278048][ T4510] EXT4-fs (loop6): stripe (536871160) is not aligned with cluster size (16), stripe is disabled [ 1086.318598][ T4510] EXT4-fs (loop6): can't enable nombcache during remount [ 1086.359610][ T4495] ocfs2: Slot 0 on device (7,2) was already allocated to this node! [ 1086.403186][ T4500] loop3: detected capacity change from 0 to 40427 [ 1086.419152][ T4495] JBD2: Ignoring recovery information on journal [ 1086.482811][ T4500] F2FS-fs (loop3): build fault injection rate: 771 [ 1086.494007][ T4495] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 1086.523303][T31248] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1086.528244][ T4500] F2FS-fs (loop3): invalid crc value [ 1086.633810][ T4495] OCFS2: ERROR (device loop2): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #32 has an invalid fs_generation of #1 [ 1086.711282][ T4495] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 1086.769209][ T4495] OCFS2: File system is now read-only. [ 1086.823878][ T4495] (syz.2.13926,4495,1):ocfs2_search_chain:1888 ERROR: status = -30 [ 1086.861607][ T4495] (syz.2.13926,4495,1):ocfs2_search_chain:2011 ERROR: status = -30 [ 1086.894018][ T4495] (syz.2.13926,4495,1):ocfs2_claim_suballoc_bits:2098 ERROR: status = -30 [ 1086.923398][ T4500] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1086.942318][ T4495] (syz.2.13926,4495,1):ocfs2_claim_suballoc_bits:2151 ERROR: status = -30 [ 1086.962887][ T4495] (syz.2.13926,4495,1):__ocfs2_claim_clusters:2532 ERROR: status = -30 [ 1087.003750][ T4500] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 1087.012550][ T4495] (syz.2.13926,4495,1):__ocfs2_claim_clusters:2540 ERROR: status = -30 [ 1087.068278][ T4495] (syz.2.13926,4495,0):ocfs2_local_alloc_new_window:1197 ERROR: status = -30 [ 1087.090589][ T4495] (syz.2.13926,4495,0):ocfs2_local_alloc_new_window:1222 ERROR: status = -30 [ 1087.127787][ T4495] (syz.2.13926,4495,0):ocfs2_local_alloc_slide_window:1296 ERROR: status = -30 [ 1087.164606][ T4495] (syz.2.13926,4495,0):ocfs2_local_alloc_slide_window:1315 ERROR: status = -30 [ 1087.222072][ T4495] (syz.2.13926,4495,0):ocfs2_reserve_local_alloc_bits:672 ERROR: status = -30 [ 1087.248566][ T4495] (syz.2.13926,4495,0):ocfs2_reserve_local_alloc_bits:710 ERROR: status = -30 [ 1087.257664][ T4495] (syz.2.13926,4495,0):ocfs2_reserve_clusters_with_limit:1241 ERROR: status = -30 [ 1087.301817][ T5821] syz-executor: attempt to access beyond end of device [ 1087.301817][ T5821] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1087.315957][ T4495] (syz.2.13926,4495,0):ocfs2_reserve_clusters_with_limit:1290 ERROR: status = -30 [ 1087.343790][ T5821] CPU: 0 UID: 0 PID: 5821 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT(full) [ 1087.343827][ T5821] Tainted: [L]=SOFTLOCKUP [ 1087.343837][ T5821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1087.343851][ T5821] Call Trace: [ 1087.343860][ T5821] [ 1087.343871][ T5821] dump_stack_lvl+0xe8/0x150 [ 1087.343912][ T5821] f2fs_handle_critical_error+0x37c/0x540 [ 1087.343957][ T5821] f2fs_write_end_io+0xcdb/0xff0 [ 1087.344015][ T5821] __submit_merged_bio+0x256/0x700 [ 1087.344060][ T5821] __submit_merged_write_cond+0x3c9/0x4e0 [ 1087.344106][ T5821] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 1087.344158][ T5821] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1087.344198][ T5821] f2fs_write_data_pages+0x2975/0x35e0 [ 1087.344282][ T5821] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 1087.344380][ T5821] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1087.344410][ T5821] ? kernel_text_address+0xa5/0xe0 [ 1087.344444][ T5821] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1087.344473][ T5821] ? __lock_acquire+0x6b5/0x2cf0 [ 1087.344519][ T5821] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1087.344553][ T5821] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1087.344582][ T5821] ? __lock_acquire+0x6b5/0x2cf0 [ 1087.344621][ T5821] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1087.344650][ T5821] ? do_raw_spin_lock+0x12b/0x2f0 [ 1087.344684][ T5821] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1087.344719][ T5821] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1087.344748][ T5821] ? do_raw_spin_unlock+0xf5/0x210 [ 1087.344776][ T5821] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 1087.344817][ T5821] do_writepages+0x32e/0x550 [ 1087.344857][ T5821] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1087.344890][ T5821] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1087.344924][ T5821] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1087.344954][ T5821] ? do_raw_spin_unlock+0xf5/0x210 [ 1087.344986][ T5821] filemap_fdatawrite+0x1e9/0x2f0 [ 1087.345037][ T5821] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 1087.345121][ T5821] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1087.345153][ T5821] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1087.345188][ T5821] ? do_raw_spin_unlock+0xf5/0x210 [ 1087.345220][ T5821] f2fs_sync_dirty_inodes+0x30e/0x860 [ 1087.345265][ T5821] f2fs_write_checkpoint+0x9df/0x26a0 [ 1087.345331][ T5821] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 1087.345405][ T5821] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1087.345436][ T5821] ? kfree+0x1c1/0x630 [ 1087.345460][ T5821] ? f2fs_stop_gc_thread+0x7f/0xb0 [ 1087.345501][ T5821] kill_f2fs_super+0x314/0x720 [ 1087.345535][ T5821] ? __pfx_kill_f2fs_super+0x10/0x10 [ 1087.345575][ T5821] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1087.345605][ T5821] ? lockdep_hardirqs_on+0x7a/0x110 [ 1087.345638][ T5821] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1087.345684][ T5821] deactivate_locked_super+0xbc/0x130 [ 1087.345723][ T5821] cleanup_mnt+0x437/0x4d0 [ 1087.345751][ T5821] ? _raw_spin_unlock_irq+0x23/0x50 [ 1087.345787][ T5821] task_work_run+0x1d9/0x270 [ 1087.345819][ T5821] ? __pfx_task_work_run+0x10/0x10 [ 1087.345861][ T5821] exit_to_user_mode_loop+0xed/0x480 [ 1087.345892][ T5821] ? rcu_is_watching+0x15/0xb0 [ 1087.345934][ T5821] do_syscall_64+0x32d/0xf80 [ 1087.345967][ T5821] ? trace_irq_disable+0x3b/0x150 [ 1087.345990][ T5821] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1087.346033][ T5821] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1087.346059][ T5821] RIP: 0033:0x7f191af9da57 [ 1087.346083][ T5821] Code: a2 c7 05 9c fc 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 1087.346104][ T5821] RSP: 002b:00007ffd813664e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1087.346131][ T5821] RAX: 0000000000000000 RBX: 00007f191b032048 RCX: 00007f191af9da57 [ 1087.346149][ T5821] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd813665a0 [ 1087.346165][ T5821] RBP: 00007ffd813665a0 R08: 00007ffd813675a0 R09: 00000000ffffffff [ 1087.346184][ T5821] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd81367630 [ 1087.346200][ T5821] R13: 00007f191b032048 R14: 000000000011279c R15: 00007ffd81367670 [ 1087.346240][ T5821] [ 1087.346252][ T5821] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 1087.375768][ T4495] (syz.2.13926,4495,1):ocfs2_symlink:1927 ERROR: status = -30 [ 1087.764342][ T4495] (syz.2.13926,4495,1):ocfs2_symlink:2081 ERROR: status = -30 [ 1087.950945][ T5823] ocfs2: Unmounting device (7,2) on (node local) [ 1088.063637][ T4559] loop6: detected capacity change from 0 to 256 [ 1088.599674][ T4570] loop3: detected capacity change from 0 to 2048 [ 1088.687839][ T4570] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 1088.775495][ T4570] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1088.823218][T26681] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 1088.959403][ T31] audit: type=1800 audit(2210271.486:2518): pid=4570 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.13945" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 1089.039310][T26681] usb 8-1: Using ep0 maxpacket: 16 [ 1089.069356][T26681] usb 8-1: config index 0 descriptor too short (expected 65, got 36) [ 1089.079118][ T31] audit: type=1326 audit(2210271.570:2519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4588 comm="syz.4.13959" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f455e79c819 code=0x0 [ 1089.122730][T26681] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1089.201519][T26681] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 1089.204306][ T4595] loop2: detected capacity change from 0 to 128 [ 1089.232881][T26681] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 1089.235573][ T5821] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1089.285569][T26681] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1089.329487][T26681] usb 8-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00 [ 1089.334424][ T4595] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 1089.390387][T26681] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1089.463122][T26681] usb 8-1: config 0 descriptor?? [ 1089.487219][ T4575] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 1089.522122][T26681] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/input/input66 [ 1089.585068][ T4603] netlink: 12 bytes leftover after parsing attributes in process `syz.5.13965'. [ 1089.657172][ T4603] tipc: Started in network mode [ 1089.707403][ T4603] tipc: Node identity fff50000000000000000000000000001, cluster identity 4711 [ 1089.766873][ T4603] tipc: Enabling of bearer rejected, failed to enable media [ 1089.799805][ T4612] loop2: detected capacity change from 0 to 128 [ 1089.855320][ T4612] EXT4-fs (loop2): Test dummy encryption mode enabled [ 1089.872134][T26681] usb 8-1: USB disconnect, device number 7 [ 1089.931616][ T4612] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a806c018, mo2=0042] [ 1090.003271][ T4612] System zones: 1-3, 19-19, 35-36 [ 1090.037904][ T4612] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 1090.133229][ T4612] fscrypt: AES-256-XTS using implementation "xts-aes-vaes-avx2" [ 1090.435288][ T4635] loop5: detected capacity change from 0 to 512 [ 1090.460170][ T5823] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1090.490108][ T4635] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 1090.577512][ T4635] EXT4-fs (loop5): 1 orphan inode deleted [ 1090.593198][ T4635] EXT4-fs (loop5): 1 truncate cleaned up [ 1090.695308][ T4635] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1090.966875][ T4655] loop7: detected capacity change from 0 to 512 [ 1090.992348][ T5822] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1091.134924][ T4655] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0007-000000000000 r/w without journal. Quota mode: writeback. [ 1091.301174][ T4669] loop5: detected capacity change from 0 to 256 [ 1091.370668][ T4669] FAT-fs (loop5): Directory bread(block 64) failed [ 1091.391736][ T9] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 1091.392717][ T1061] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0007-000000000000. [ 1091.410681][ T4669] FAT-fs (loop5): Directory bread(block 65) failed [ 1091.417282][ T4669] FAT-fs (loop5): Directory bread(block 66) failed [ 1091.457561][ T4673] loop2: detected capacity change from 0 to 256 [ 1091.459544][ T4669] FAT-fs (loop5): Directory bread(block 67) failed [ 1091.540813][ T4673] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x46ae1815, utbl_chksum : 0xe619d30d) [ 1091.548900][ T9] usb 7-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64 [ 1091.557078][ T4669] FAT-fs (loop5): Directory bread(block 68) failed [ 1091.569799][ T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1091.603567][ T9] usb 7-1: Product: syz [ 1091.607759][ T9] usb 7-1: Manufacturer: syz [ 1091.620658][ T4673] exFAT-fs (loop2): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 1091.625183][ T9] usb 7-1: SerialNumber: syz [ 1091.634213][ T4669] FAT-fs (loop5): Directory bread(block 69) failed [ 1091.634351][ T4669] FAT-fs (loop5): Directory bread(block 70) failed [ 1091.687092][ T4673] exFAT-fs (loop2): failed to load alloc-bitmap [ 1091.697940][ T9] usb 7-1: config 0 descriptor?? [ 1091.703455][ T4669] FAT-fs (loop5): Directory bread(block 71) failed [ 1091.710230][ T4673] exFAT-fs (loop2): failed to recognize exfat type [ 1091.732937][ T4669] FAT-fs (loop5): Directory bread(block 72) failed [ 1091.747570][ T9] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state. [ 1091.753758][ T4669] FAT-fs (loop5): Directory bread(block 73) failed [ 1091.814572][ T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 1091.848072][ T9] dvbdev: DVB: registering new adapter (Nebula Electronics uDigiTV DVB-T USB2.0)) [ 1091.904310][ T9] usb 7-1: media controller created [ 1091.995704][ T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1092.004823][ T4687] loop2: detected capacity change from 0 to 256 [ 1092.021646][ T4687] exfat: Deprecated parameter 'utf8' [ 1092.070152][ T4687] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d) [ 1092.200946][ T9] DVB: Unable to find symbol mt352_attach() [ 1092.368681][ T9] DVB: Unable to find symbol nxt6000_attach() [ 1092.383624][ T9] dvb-usb: no frontend was attached by 'Nebula Electronics uDigiTV DVB-T USB2.0)' [ 1092.437471][ T9] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.6/usb7/7-1/input/input67 [ 1092.493505][ T9] dvb-usb: schedule remote query interval to 1000 msecs. [ 1092.512743][ T9] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) successfully initialized and connected. [ 1092.542305][ T9] dvb-usb: bulk message failed: -22 (7/0) [ 1092.561309][ T9] dvb-usb: bulk message failed: -22 (7/0) [ 1092.627662][ T9] usb 7-1: USB disconnect, device number 11 [ 1092.709447][ T4702] loop6: detected capacity change from 0 to 2048 [ 1092.767861][ T4702] UDF-fs: error (device loop6): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 1092.820413][ T4702] UDF-fs: error (device loop6): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 1092.857386][ T4702] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1092.924983][ T9] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0 successfully deinitialized and disconnected. [ 1093.125984][T30699] NFSD: Failed to start, no listeners configured. [ 1093.658449][ T4699] loop2: detected capacity change from 0 to 40427 [ 1093.715700][ T9] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 1093.744720][ T4699] F2FS-fs (loop2): build fault injection rate: 771 [ 1093.760023][ T4699] F2FS-fs (loop2): invalid crc value [ 1093.877726][ T9] usb 8-1: Using ep0 maxpacket: 32 [ 1093.894817][ T9] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1093.934102][ T9] usb 8-1: config 0 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0 [ 1093.983269][ T9] usb 8-1: config 0 interface 0 has no altsetting 0 [ 1094.025970][ T4699] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1094.049407][ T9] usb 8-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 1094.058454][ T9] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1094.072062][ T9] usb 8-1: Product: syz [ 1094.072088][ T4699] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 1094.076216][ T9] usb 8-1: Manufacturer: syz [ 1094.076238][ T9] usb 8-1: SerialNumber: syz [ 1094.100786][ T9] usb 8-1: config 0 descriptor?? [ 1094.311603][ T5823] syz-executor: attempt to access beyond end of device [ 1094.311603][ T5823] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1094.344768][ T5823] CPU: 1 UID: 0 PID: 5823 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT(full) [ 1094.344804][ T5823] Tainted: [L]=SOFTLOCKUP [ 1094.344815][ T5823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1094.344831][ T5823] Call Trace: [ 1094.344842][ T5823] [ 1094.344853][ T5823] dump_stack_lvl+0xe8/0x150 [ 1094.344895][ T5823] f2fs_handle_critical_error+0x37c/0x540 [ 1094.344941][ T5823] f2fs_write_end_io+0xcdb/0xff0 [ 1094.344990][ T5823] __submit_merged_bio+0x256/0x700 [ 1094.345037][ T5823] __submit_merged_write_cond+0x3c9/0x4e0 [ 1094.345084][ T5823] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 1094.345138][ T5823] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1094.345180][ T5823] f2fs_write_data_pages+0x2975/0x35e0 [ 1094.345271][ T5823] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 1094.345365][ T5823] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1094.345406][ T5823] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1094.345437][ T5823] ? __lock_acquire+0x6b5/0x2cf0 [ 1094.345483][ T5823] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1094.345519][ T5823] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1094.345549][ T5823] ? __lock_acquire+0x6b5/0x2cf0 [ 1094.345589][ T5823] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1094.345618][ T5823] ? do_raw_spin_lock+0x12b/0x2f0 [ 1094.345653][ T5823] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1094.345688][ T5823] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1094.345719][ T5823] ? do_raw_spin_unlock+0xf5/0x210 [ 1094.345747][ T5823] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 1094.345794][ T5823] do_writepages+0x32e/0x550 [ 1094.345835][ T5823] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1094.345868][ T5823] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1094.345903][ T5823] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1094.345933][ T5823] ? do_raw_spin_unlock+0xf5/0x210 [ 1094.345967][ T5823] filemap_fdatawrite+0x1e9/0x2f0 [ 1094.346012][ T5823] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 1094.346096][ T5823] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1094.346130][ T5823] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1094.346166][ T5823] ? do_raw_spin_unlock+0xf5/0x210 [ 1094.346200][ T5823] f2fs_sync_dirty_inodes+0x30e/0x860 [ 1094.346245][ T5823] f2fs_write_checkpoint+0x9df/0x26a0 [ 1094.346320][ T5823] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 1094.346396][ T5823] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1094.346426][ T5823] ? kfree+0x1c1/0x630 [ 1094.346451][ T5823] ? f2fs_stop_gc_thread+0x7f/0xb0 [ 1094.346492][ T5823] kill_f2fs_super+0x314/0x720 [ 1094.346526][ T5823] ? __pfx_kill_f2fs_super+0x10/0x10 [ 1094.346567][ T5823] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1094.346597][ T5823] ? lockdep_hardirqs_on+0x7a/0x110 [ 1094.346631][ T5823] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1094.346677][ T5823] deactivate_locked_super+0xbc/0x130 [ 1094.346708][ T5823] cleanup_mnt+0x437/0x4d0 [ 1094.346736][ T5823] ? _raw_spin_unlock_irq+0x23/0x50 [ 1094.346772][ T5823] task_work_run+0x1d9/0x270 [ 1094.346806][ T5823] ? __pfx_task_work_run+0x10/0x10 [ 1094.346848][ T5823] exit_to_user_mode_loop+0xed/0x480 [ 1094.346879][ T5823] ? rcu_is_watching+0x15/0xb0 [ 1094.346921][ T5823] do_syscall_64+0x32d/0xf80 [ 1094.346955][ T5823] ? trace_irq_disable+0x3b/0x150 [ 1094.346978][ T5823] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1094.347012][ T5823] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1094.347038][ T5823] RIP: 0033:0x7ffac6d9da57 [ 1094.347062][ T5823] Code: a2 c7 05 9c fc 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 1094.347084][ T5823] RSP: 002b:00007ffd36ebbb38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1094.347110][ T5823] RAX: 0000000000000000 RBX: 00007ffac6e32048 RCX: 00007ffac6d9da57 [ 1094.347128][ T5823] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd36ebbbf0 [ 1094.347146][ T5823] RBP: 00007ffd36ebbbf0 R08: 00007ffd36ebcbf0 R09: 00000000ffffffff [ 1094.347164][ T5823] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd36ebcc80 [ 1094.347181][ T5823] R13: 00007ffac6e32048 R14: 000000000011445f R15: 00007ffd36ebccc0 [ 1094.347222][ T5823] [ 1094.348399][ T5823] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 1094.579821][ T9] gs_usb 8-1:0.0: Configuring for 1 interfaces [ 1094.603364][ T4714] loop5: detected capacity change from 0 to 32768 [ 1094.727894][ T4710] loop6: detected capacity change from 0 to 40427 [ 1094.774503][ T4710] F2FS-fs: heap/no_heap options were deprecated [ 1094.782203][ T9] gs_usb 8-1:0.0: Couldn't get bit timing const for channel 0 (-EPROTO) [ 1094.795525][ T9] gs_usb 8-1:0.0: probe with driver gs_usb failed with error -71 [ 1094.812627][ T4710] F2FS-fs (loop6): build fault injection rate: 19 [ 1094.819104][ T4710] F2FS-fs (loop6): build fault injection type: 0x77e8c [ 1094.819688][ T9] usb 8-1: USB disconnect, device number 8 [ 1094.830285][ T4714] BTRFS info: device /dev/loop5 (7:5) using temp-fsid 0c3ca668-c08f-4fd9-bd15-eb8c7c855296 [ 1094.872218][ T4714] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.14010 (4714) [ 1094.889901][ T4710] F2FS-fs (loop6): invalid crc value [ 1094.921307][ T4710] F2FS-fs (loop6): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_ra_meta_pages+0x21c/0xd60 [ 1095.005460][ T4710] F2FS-fs (loop6): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_bio+0x18f/0xaa0 [ 1095.011054][ T4714] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1095.078303][ C0] F2FS-fs (loop6): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60 [ 1095.097166][ T4714] BTRFS info (device loop5): using sha256 checksum algorithm [ 1095.335469][ T4744] netlink: 12 bytes leftover after parsing attributes in process `syz.4.14015'. [ 1095.354971][ T4710] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1095.402476][ T4714] BTRFS info (device loop5): enabling ssd optimizations [ 1095.409458][ T4714] BTRFS info (device loop5): turning on async discard [ 1095.426503][ T4710] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 1095.439674][ T4714] BTRFS info (device loop5): enabling free space tree [ 1095.535216][ T4710] F2FS-fs (loop6): inject dquot initialize in f2fs_dquot_initialize of f2fs_new_inode+0x525/0xff0 [ 1095.579068][ T4747] sp0: Synchronizing with TNC [ 1095.685451][ T5822] BTRFS info (device loop5): last unmount of filesystem 0c3ca668-c08f-4fd9-bd15-eb8c7c855296 [ 1095.748596][ C1] F2FS-fs (loop6): inject write IO error in f2fs_write_end_io of blk_update_request+0x57e/0xe60 [ 1095.759235][ C1] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Tainted: G L syzkaller #0 PREEMPT(full) [ 1095.759271][ C1] Tainted: [L]=SOFTLOCKUP [ 1095.759282][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1095.759298][ C1] Call Trace: [ 1095.759308][ C1] [ 1095.759318][ C1] dump_stack_lvl+0xe8/0x150 [ 1095.759359][ C1] f2fs_handle_critical_error+0x37c/0x540 [ 1095.759403][ C1] f2fs_write_end_io+0xcdb/0xff0 [ 1095.759428][ C1] ? blk_update_request+0x57e/0xe60 [ 1095.759476][ C1] blk_update_request+0x57e/0xe60 [ 1095.759520][ C1] blk_mq_end_request+0x3e/0x70 [ 1095.759550][ C1] blk_flush_complete_seq+0x678/0xcc0 [ 1095.759590][ C1] flush_end_io+0xbaa/0xe60 [ 1095.759635][ C1] __blk_mq_end_request+0x4f8/0x630 [ 1095.759671][ C1] blk_done_softirq+0x10a/0x160 [ 1095.759698][ C1] ? smpboot_thread_fn+0x4d/0xa50 [ 1095.759736][ C1] handle_softirqs+0x22a/0x870 [ 1095.759773][ C1] ? schedule+0x90/0x360 [ 1095.759803][ C1] ? run_ksoftirqd+0x36/0x60 [ 1095.759849][ C1] ? smpboot_thread_fn+0x4d/0xa50 [ 1095.759885][ C1] run_ksoftirqd+0x36/0x60 [ 1095.759920][ C1] smpboot_thread_fn+0x541/0xa50 [ 1095.759972][ C1] ? smpboot_thread_fn+0x4d/0xa50 [ 1095.760028][ C1] kthread+0x388/0x470 [ 1095.760054][ C1] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 1095.760091][ C1] ? __pfx_kthread+0x10/0x10 [ 1095.760118][ C1] ret_from_fork+0x51e/0xb90 [ 1095.760156][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 1095.760188][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1095.760218][ C1] ? __switch_to+0xc7d/0x1450 [ 1095.760252][ C1] ? __pfx_kthread+0x10/0x10 [ 1095.760280][ C1] ret_from_fork_asm+0x1a/0x30 [ 1095.760338][ C1] [ 1095.760349][ C1] F2FS-fs (loop6): Stopped filesystem due to reason: 3 [ 1095.965884][T31248] F2FS-fs (loop6): do_checkpoint failed err:-5, stop checkpoint [ 1096.014518][ T4755] loop2: detected capacity change from 0 to 16 [ 1096.085042][ T4755] erofs (device loop2): mounted with root inode @ nid 36. [ 1096.135201][ T31] audit: type=1800 audit(2210279.025:2520): pid=4755 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.14013" name="file1" dev="loop2" ino=86 res=0 errno=0 [ 1097.714737][ T4782] loop2: detected capacity change from 0 to 2048 [ 1097.869483][ T4782] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1098.266081][ T4794] loop2: detected capacity change from 0 to 128 [ 1098.277799][ T4788] loop5: detected capacity change from 0 to 8192 [ 1098.292464][ T4795] loop6: detected capacity change from 0 to 128 [ 1098.365813][ T4788] Dev loop5: RDB in block 1 has bad checksum [ 1098.499605][ T4795] FAT-fs (loop6): error, clusters badly computed (4 != 3) [ 1098.506764][ T4795] FAT-fs (loop6): Filesystem has been set read-only [ 1098.526433][ T4795] FAT-fs (loop6): error, clusters badly computed (5 != 4) [ 1098.572400][ T4795] FAT-fs (loop6): error, clusters badly computed (6 != 5) [ 1098.583025][ T4777] loop7: detected capacity change from 0 to 40427 [ 1098.617049][ T4777] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12 [ 1098.635182][ T4777] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 1098.932659][ T4809] vcan1: entered allmulticast mode [ 1099.074470][ T4777] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1099.159062][ T4777] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0 [ 1099.190150][ T4777] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5 [ 1099.224369][ T4819] vlan2: entered promiscuous mode [ 1099.248281][ T4819] veth1_to_bond: entered promiscuous mode [ 1099.507260][ T4825] netlink: 139 bytes leftover after parsing attributes in process `syz.5.14049'. [ 1099.644099][ T4829] netlink: 8 bytes leftover after parsing attributes in process `syz.4.14052'. [ 1099.775415][ T4832] loop2: detected capacity change from 0 to 512 [ 1099.861244][ T4832] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1100.041318][ T31] audit: type=1800 audit(2210283.119:2521): pid=4832 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.14053" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 1100.215198][ T5823] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1100.234548][ T4813] loop6: detected capacity change from 0 to 32768 [ 1100.344446][ T4813] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1100.544003][ T4813] XFS (loop6): Ending clean mount [ 1100.567588][ T4813] XFS (loop6): Quotacheck needed: Please wait. [ 1100.676576][ T4813] XFS (loop6): Quotacheck: Done. [ 1100.764401][ T4854] loop2: detected capacity change from 0 to 4096 [ 1100.812026][ T4854] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512). [ 1100.821753][T31248] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1100.831149][ T4854] ntfs3(loop2): ino=3, mi_enum_attr [ 1100.928899][ T4854] ntfs3(loop2): MFT: r=b, expect seq=0 instead of b! [ 1100.974134][ T4854] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 1101.337147][ T4873] netlink: 'syz.2.14067': attribute type 2 has an invalid length. [ 1101.346212][ T31] audit: type=1326 audit(2210284.505:2522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4874 comm="syz.7.14068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcae499c819 code=0x7ffc0000 [ 1101.430710][ T31] audit: type=1326 audit(2210284.526:2523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4874 comm="syz.7.14068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcae499c819 code=0x7ffc0000 [ 1101.564932][ T31] audit: type=1326 audit(2210284.537:2524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4874 comm="syz.7.14068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcae495d04e code=0x7ffc0000 [ 1101.649852][ T31] audit: type=1326 audit(2210284.537:2525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4874 comm="syz.7.14068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcae499c819 code=0x7ffc0000 [ 1101.696551][ T31] audit: type=1326 audit(2210284.537:2526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4874 comm="syz.7.14068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcae499c819 code=0x7ffc0000 [ 1101.812077][ T31] audit: type=1326 audit(2210284.547:2527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4874 comm="syz.7.14068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7fcae499c819 code=0x7ffc0000 [ 1101.908109][T26680] IPVS: starting estimator thread 0... [ 1101.916920][ T4892] netlink: 12 bytes leftover after parsing attributes in process `syz.7.14074'. [ 1101.933803][ T31] audit: type=1326 audit(2210284.547:2528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4874 comm="syz.7.14068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcae499c819 code=0x7ffc0000 [ 1101.949787][ T4896] netlink: 8 bytes leftover after parsing attributes in process `syz.4.14077'. [ 1101.968036][ T4892] netlink: 'syz.7.14074': attribute type 1 has an invalid length. [ 1102.002620][ T4892] netlink: 28 bytes leftover after parsing attributes in process `syz.7.14074'. [ 1102.022643][ T4894] IPVS: using max 23 ests per chain, 55200 per kthread [ 1102.029106][ T31] audit: type=1326 audit(2210284.547:2529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4874 comm="syz.7.14068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcae499c819 code=0x7ffc0000 [ 1102.030142][ T4896] netlink: 4 bytes leftover after parsing attributes in process `syz.4.14077'. [ 1102.127258][ T4896] netlink: 'syz.4.14077': attribute type 13 has an invalid length. [ 1102.193290][ T4896] netlink: 'syz.4.14077': attribute type 11 has an invalid length. [ 1102.269014][ T4900] loop5: detected capacity change from 0 to 2048 [ 1102.322007][ T4905] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1102.399293][ T4907] loop7: detected capacity change from 0 to 128 [ 1102.866103][ T4925] loop5: detected capacity change from 0 to 8 [ 1102.976011][ T4925] SQUASHFS error: Unable to read directory block [2c0:35] [ 1103.148664][ T4930] netlink: 20 bytes leftover after parsing attributes in process `syz.2.14092'. [ 1103.810797][ T4957] netlink: 'syz.4.14105': attribute type 29 has an invalid length. [ 1103.889749][ T4959] loop6: detected capacity change from 0 to 256 [ 1103.960391][ T4959] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 1104.431573][ T4968] loop5: detected capacity change from 0 to 4096 [ 1104.477079][ T4968] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 1104.560094][ T4968] ntfs3(loop5): Failed to load $Extend (-22). [ 1104.607557][ T4968] ntfs3(loop5): Failed to initialize $Extend. [ 1105.134053][ T4991] IPVS: stopping backup sync thread 4993 ... [ 1105.142616][ T4993] IPVS: sync thread started: state = BACKUP, mcast_ifn = macvlan0, syncid = 0, id = 0 [ 1105.655959][ T5011] loop7: detected capacity change from 0 to 8 [ 1105.941767][ T5022] loop2: detected capacity change from 0 to 1024 [ 1105.964849][ T5020] [U] vÔ3¸Âfù¾"SçÁ/Éê4:ÃXTz“W¡t‘’lWµ«= [ 1105.971327][ T5020] [U] J"—e:ÀÆ" [ 1106.017172][ T5024] loop7: detected capacity change from 0 to 256 [ 1106.051475][ T5024] exfat: Deprecated parameter 'utf8' [ 1106.056902][ T5024] exfat: Deprecated parameter 'utf8' [ 1106.127750][ T5022] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback. [ 1106.244620][ T5024] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x72bddf51, utbl_chksum : 0xe619d30d) [ 1106.367552][ T5823] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-001000000000. [ 1106.817140][ T5047] loop7: detected capacity change from 0 to 2048 [ 1106.863087][ T5050] loop5: detected capacity change from 0 to 512 [ 1106.896792][ T5045] loop6: detected capacity change from 0 to 4096 [ 1106.903073][ T5047] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1106.936276][ T5045] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512). [ 1106.970340][ T5050] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1107.057698][T17837] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 1107.079129][T17837] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 1107.095197][T17837] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 1107.110806][T17837] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 1107.129823][T17837] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 1107.197319][ T5055] wlan1 speed is unknown, defaulting to 1000 [ 1107.262282][ T5055] wg0 speed is unknown, defaulting to 1000 [ 1107.271924][ T5045] ntfs3(loop6): ino=1a, mi_enum_attr [ 1107.277313][ T5045] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 1107.310334][ T5822] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1107.372884][ T5045] ntfs3(loop6): ino=1a, mi_enum_attr [ 1107.381261][ T5045] ntfs3(loop6): Failed to initialize $Extend/$Reparse. [ 1107.654724][ T5040] loop2: detected capacity change from 0 to 32768 [ 1107.686664][ T5040] btrfs: Deprecated parameter 'usebackuproot' [ 1107.734146][ T5040] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 1107.778605][ T5040] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.14139 (5040) [ 1107.883761][ T5040] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1107.907673][ T9] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 1107.945976][ T5040] BTRFS info (device loop2): using crc32c checksum algorithm [ 1108.104579][ T9] usb 5-1: Using ep0 maxpacket: 8 [ 1108.112901][ T9] usb 5-1: config index 0 descriptor too short (expected 30, got 18) [ 1108.132813][ T9] usb 5-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 1108.152871][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1108.161739][ T9] usb 5-1: Product: syz [ 1108.166134][ T9] usb 5-1: Manufacturer: syz [ 1108.170425][ T5040] BTRFS info (device loop2): rebuilding free space tree [ 1108.170774][ T9] usb 5-1: SerialNumber: syz [ 1108.268665][ T9] usb 5-1: config 0 descriptor?? [ 1108.285276][ T9] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state. [ 1108.316460][ T5040] BTRFS info (device loop2): disabling free space tree [ 1108.326112][ T9] usb 5-1: setting power ON [ 1108.340495][ T9] dvb-usb: bulk message failed: -22 (2/0) [ 1108.360940][ T5040] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 1108.398216][ T5040] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 1108.460444][ T5040] BTRFS info (device loop2): enabling ssd optimizations [ 1108.484306][ T5040] BTRFS info (device loop2): force clearing of disk cache [ 1108.507825][ T5040] BTRFS info (device loop2): trying to use backup root at mount time [ 1108.572877][ T13] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1108.675273][ T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 1108.727976][ T9] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID)) [ 1108.765435][ T9] usb 5-1: media controller created [ 1108.833748][ T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1108.917950][ T5101] loop7: detected capacity change from 0 to 512 [ 1108.938456][ T9] usb 5-1: selecting invalid altsetting 6 [ 1108.947311][ T5823] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1108.958431][ T9] usb 5-1: digital interface selection failed (-22) [ 1108.995194][ T9] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)' [ 1109.013945][ T5101] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 1109.018583][ T9] usb 5-1: setting power OFF [ 1109.098425][ T5838] Bluetooth: hci8: command tx timeout [ 1109.112960][ T5101] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 1109.113309][ T13] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1109.136445][ C0] EXT4-fs (loop7): error count since last fsck: 1 [ 1109.144632][ C0] EXT4-fs (loop7): initial error at time 2210292: ext4_mb_generate_buddy:1317 [ 1109.153551][ C0] EXT4-fs (loop7): last error at time 2210292: ext4_mb_generate_buddy:1317 [ 1109.174946][ T9] dvb-usb: bulk message failed: -22 (2/0) [ 1109.207065][ T9] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected. [ 1109.233405][ T5101] EXT4-fs (loop7): 1 truncate cleaned up [ 1109.241052][ T5101] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1109.294438][ T9] (NULL device *): no alternate interface [ 1109.366724][ T5101] EXT4-fs error (device loop7): ext4_find_dest_de:2050: inode #12: block 7: comm syz.7.14163: bad entry in directory: directory entry overrun - offset=16, inode=2147483648, rec_len=1024, size=56 fake=0 [ 1109.488608][ T9] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected. [ 1109.577283][ T9] usb 5-1: USB disconnect, device number 9 [ 1109.648651][ T13] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1109.702529][ T1061] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1110.217098][ T13] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1110.346903][ T5137] vlan2: entered promiscuous mode [ 1110.384673][ T5137] macvlan0: entered promiscuous mode [ 1110.586710][ T5151] mac80211_hwsim hwsim11 wlan1: Caught tx_queue_len zero misconfig [ 1110.712276][ T5156] netlink: 8 bytes leftover after parsing attributes in process `syz.6.14185'. [ 1110.996968][ T5055] chnl_net:caif_netlink_parms(): no params data found [ 1111.079995][ T5838] Bluetooth: hci8: command tx timeout [ 1111.341584][ T5184] netlink: 4 bytes leftover after parsing attributes in process `syz.7.14193'. [ 1111.403337][T32375] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 1111.566520][T32375] usb 7-1: Using ep0 maxpacket: 16 [ 1111.588912][T32375] usb 7-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1111.629167][T32375] usb 7-1: config 0 interface 0 has no altsetting 0 [ 1111.649284][T32375] usb 7-1: New USB device found, idVendor=05ac, idProduct=029a, bcdDevice= 0.00 [ 1111.668106][T32375] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1111.710240][T32375] usb 7-1: config 0 descriptor?? [ 1112.118860][T32375] hid_parser_main: 8 callbacks suppressed [ 1112.118887][T32375] apple 0003:05AC:029A.0003: unknown main item tag 0x0 [ 1112.165913][T32375] apple 0003:05AC:029A.0003: unknown main item tag 0x0 [ 1112.185132][T32375] apple 0003:05AC:029A.0003: unknown main item tag 0x0 [ 1112.199786][T32375] apple 0003:05AC:029A.0003: unknown main item tag 0x0 [ 1112.219224][T32375] apple 0003:05AC:029A.0003: unknown main item tag 0x0 [ 1112.229033][ T13] bond0 (unregistering): (slave wlan1): Releasing backup interface [ 1112.236293][T32375] apple 0003:05AC:029A.0003: unknown main item tag 0x0 [ 1112.254862][ T13] bond0 (unregistering): Released all slaves [ 1112.263660][T32375] apple 0003:05AC:029A.0003: unknown main item tag 0x0 [ 1112.277059][ T13] bond1 (unregistering): Released all slaves [ 1112.290535][T32375] apple 0003:05AC:029A.0003: unknown main item tag 0x0 [ 1112.297507][T32375] apple 0003:05AC:029A.0003: unknown main item tag 0x0 [ 1112.325309][T32375] apple 0003:05AC:029A.0003: unknown main item tag 0x0 [ 1112.331967][ T13] bond2 (unregistering): Released all slaves [ 1112.388300][ T13] bond3 (unregistering): Released all slaves [ 1112.394914][T32375] apple 0003:05AC:029A.0003: hidraw0: USB HID v0.09 Device [HID 05ac:029a] on usb-dummy_hcd.6-1/input0 [ 1112.456564][T32375] usb 7-1: USB disconnect, device number 12 [ 1112.474437][ T13] bond4 (unregistering): Released all slaves [ 1112.612664][ T5210] fido_id[5210]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory [ 1112.678677][ T5185] tipc: Started in network mode [ 1112.699766][ T5185] tipc: Node identity 67f, cluster identity 4711 [ 1112.706139][ T5185] tipc: Node number set to 1663 [ 1112.750033][ T5185] tipc: Cannot configure node identity twice [ 1112.764744][T26680] wlan1 speed is unknown, defaulting to 1000 [ 1112.810595][ T13] : left promiscuous mode [ 1112.890225][ T5203] loop7: detected capacity change from 0 to 40427 [ 1112.960748][ T5203] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12 [ 1113.004166][ T5203] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 1113.032542][ T5215] loop5: detected capacity change from 0 to 1024 [ 1113.052184][ T5838] Bluetooth: hci8: command tx timeout [ 1113.068752][ T5203] F2FS-fs (loop7): invalid crc_offset: 33558524 [ 1113.324866][ T3668] hfsplus: b-tree write err: -5, ino 25 [ 1113.337540][ T5055] bridge0: port 1(bridge_slave_0) entered blocking state [ 1113.344695][ T5055] bridge0: port 1(bridge_slave_0) entered disabled state [ 1113.356405][ T3668] hfsplus: b-tree write err: -5, ino 4 [ 1113.361987][ T3668] hfsplus: b-tree write err: -5, ino 2 [ 1113.402804][ T5055] bridge_slave_0: entered allmulticast mode [ 1113.466634][ T5055] bridge_slave_0: entered promiscuous mode [ 1113.543781][ T5237] tipc: Started in network mode [ 1113.558820][ T5237] tipc: Node identity ac1414aa, cluster identity 4711 [ 1113.597830][ T5237] tipc: New replicast peer: 100.1.1.0 [ 1113.620758][ T5203] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1113.632184][ T5237] tipc: Enabled bearer , priority 10 [ 1113.661773][ T5055] bridge0: port 2(bridge_slave_1) entered blocking state [ 1113.690554][ T5055] bridge0: port 2(bridge_slave_1) entered disabled state [ 1113.716844][ T5055] bridge_slave_1: entered allmulticast mode [ 1113.724399][ T5203] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0 [ 1113.753902][ T5203] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5 [ 1113.764122][ T5055] bridge_slave_1: entered promiscuous mode [ 1113.881513][ T5203] F2FS-fs (loop7): Encrypt feature is off [ 1113.910221][ T5242] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14210'. [ 1113.933382][ T5242] netem: unknown loss type 13 [ 1113.965651][ T5242] netem: change failed [ 1114.191700][ T5055] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1114.261362][ T5055] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1114.317805][T26680] usb 7-1: new high-speed USB device number 13 using dummy_hcd [ 1114.461200][ T5258] loop2: detected capacity change from 0 to 4096 [ 1114.477982][ T5258] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512). [ 1114.518184][T26680] usb 7-1: Using ep0 maxpacket: 16 [ 1114.569472][T26680] usb 7-1: config 0 has an invalid interface number: 251 but max is 0 [ 1114.592479][T26680] usb 7-1: config 0 has no interface number 0 [ 1114.609030][ T5258] ntfs3(loop2): ino=b, mi_enum_attr [ 1114.629403][T26680] usb 7-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 1114.653438][ T5258] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 1114.676753][T26680] usb 7-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 1114.697376][ T5258] ntfs3(loop2): Failed to load $Extend (-22). [ 1114.715332][ T5055] team0: Port device team_slave_0 added [ 1114.728807][ T9] tipc: Node number set to 2886997162 [ 1114.740468][ T5258] ntfs3(loop2): Failed to initialize $Extend. [ 1114.759407][T26680] usb 7-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 1114.760436][ T5055] team0: Port device team_slave_1 added [ 1114.796444][T26680] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1114.819865][ T5258] ntfs3(loop2): ino=5, "/" fiemap is not supported for directories [ 1114.842691][T26680] usb 7-1: Product: syz [ 1114.846904][T26680] usb 7-1: Manufacturer: syz [ 1114.876153][T26680] usb 7-1: SerialNumber: syz [ 1114.918992][T26680] usb 7-1: config 0 descriptor?? [ 1114.925337][ T5256] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1114.959819][ T5256] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1115.032780][ T5838] Bluetooth: hci8: command tx timeout [ 1115.111866][ T5055] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1115.156967][ T5055] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1115.197765][ T5280] loop2: detected capacity change from 0 to 4096 [ 1115.207481][ T5256] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1115.234340][ T5280] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1115.238268][ T5256] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1115.258120][ T5055] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1115.297820][ T5280] NILFS (loop2): mounting unchecked fs [ 1115.306711][ T5055] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1115.349516][ T5055] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1115.368154][ T5286] loop5: detected capacity change from 0 to 256 [ 1115.457404][ T5280] NILFS (loop2): recovery complete [ 1115.462167][ T6790] udevd[6790]: incorrect nilfs2 checksum on /dev/loop2 [ 1115.481068][ T5289] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1115.496854][ T5055] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1115.526521][ T5286] FAT-fs (loop5): Directory bread(block 64) failed [ 1115.584482][ T5286] FAT-fs (loop5): Directory bread(block 65) failed [ 1115.599488][ T5286] FAT-fs (loop5): Directory bread(block 66) failed [ 1115.616391][ T5286] FAT-fs (loop5): Directory bread(block 67) failed [ 1115.633241][ T5286] FAT-fs (loop5): Directory bread(block 68) failed [ 1115.653776][ T5286] FAT-fs (loop5): Directory bread(block 69) failed [ 1115.673922][ T5286] FAT-fs (loop5): Directory bread(block 70) failed [ 1115.689820][ T5286] FAT-fs (loop5): Directory bread(block 71) failed [ 1115.722268][T26680] asix 7-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 1115.753131][ T5286] FAT-fs (loop5): Directory bread(block 72) failed [ 1115.771186][T26680] asix 7-1:0.251 (unnamed net_device) (uninitialized): Failed to read software interface selection register: -71 [ 1115.798654][ T5286] FAT-fs (loop5): Directory bread(block 73) failed [ 1115.842468][T26680] asix 7-1:0.251: probe with driver asix failed with error -71 [ 1115.918182][T26680] usb 7-1: USB disconnect, device number 13 [ 1116.063106][ T5055] hsr_slave_0: entered promiscuous mode [ 1116.082958][ T5055] hsr_slave_1: entered promiscuous mode [ 1116.112631][ T5055] debugfs: 'hsr0' already exists in 'hsr' [ 1116.134980][ T5055] Cannot create hsr debugfs directory [ 1116.760790][ T5291] loop7: detected capacity change from 0 to 32768 [ 1116.923943][ T5316] loop5: detected capacity change from 0 to 512 [ 1116.932963][ T13] hsr_slave_0: left promiscuous mode [ 1116.977922][ T5316] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 1116.984629][ T13] hsr_slave_1: left promiscuous mode [ 1117.016765][ T13] batman_adv: batadv0: Removing interface: virt_wifi0 [ 1117.043810][ T5316] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.14234: invalid indirect mapped block 9 (level 0) [ 1117.187334][ T5316] loop5: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 1117.194357][ C1] EXT4-fs (loop5): error count since last fsck: 1 [ 1117.209951][ C1] EXT4-fs (loop5): initial error at time 2210301: ext4_free_branches:1023: inode 11 [ 1117.219395][ C1] EXT4-fs (loop5): last error at time 2210301: ext4_free_branches:1023: inode 11 [ 1117.230831][ T5316] EXT4-fs (loop5): 1 truncate cleaned up [ 1117.284749][ T13] veth1_macvtap: left promiscuous mode [ 1117.292931][ T5316] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1117.327751][ T13] `: left promiscuous mode [ 1117.332485][ T13] veth1_vlan: left promiscuous mode [ 1117.376608][ T31] audit: type=1800 audit(2210301.325:2530): pid=5316 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.14234" name="file1" dev="loop5" ino=15 res=0 errno=0 [ 1117.386058][ T13] veth0_vlan: left promiscuous mode [ 1117.492824][ T5822] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1117.547269][T26681] usb 3-1: new high-speed USB device number 127 using dummy_hcd [ 1117.712576][T26681] usb 3-1: config 0 has an invalid interface number: 117 but max is 0 [ 1117.727270][T26681] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1117.755488][T26681] usb 3-1: config 0 has no interface number 0 [ 1117.770568][ T5342] netlink: 8 bytes leftover after parsing attributes in process `syz.4.14243'. [ 1117.773483][T26681] usb 3-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 1117.795626][ T5342] netlink: 8 bytes leftover after parsing attributes in process `syz.4.14243'. [ 1117.807998][T26681] usb 3-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1117.835325][T26681] usb 3-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0 [ 1117.845568][T26681] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1117.871547][T26681] usb 3-1: Product: syz [ 1117.881641][T26681] usb 3-1: Manufacturer: syz [ 1117.896138][T26681] usb 3-1: SerialNumber: syz [ 1117.911022][T26681] usb 3-1: config 0 descriptor?? [ 1118.324666][T32375] usb 3-1: USB disconnect, device number 127 [ 1118.518150][ T9] usb 8-1: new full-speed USB device number 9 using dummy_hcd [ 1118.701295][ T9] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1118.739372][ T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1118.761067][ T5360] loop5: detected capacity change from 0 to 1024 [ 1118.768155][ T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1118.804659][ T9] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 1118.853323][ T9] usb 8-1: New USB device found, idVendor=046d, idProduct=c227, bcdDevice= 0.00 [ 1118.880235][ T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1118.928895][T26682] usb 7-1: new high-speed USB device number 14 using dummy_hcd [ 1118.962857][ T5360] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1118.986205][ T9] usb 8-1: config 0 descriptor?? [ 1118.994000][ T5055] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 1119.079791][ T5055] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 1119.114588][T26682] usb 7-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 1119.125925][ T5360] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters [ 1119.137628][ T31] audit: type=1326 audit(2210303.183:2531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5369 comm="syz.2.14253" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ffac6d9c819 code=0x0 [ 1119.155342][T26682] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1119.201809][ T5055] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 1119.256454][T26682] usb 7-1: config 0 descriptor?? [ 1119.328953][ T5055] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 1119.400215][ T9] hid_parser_main: 31 callbacks suppressed [ 1119.400295][ T9] lg-g15 0003:046D:C227.0004: unknown main item tag 0x0 [ 1119.426545][ T5822] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1119.433600][ T9] lg-g15 0003:046D:C227.0004: unknown main item tag 0x0 [ 1119.472000][ T9] lg-g15 0003:046D:C227.0004: unknown main item tag 0x0 [ 1119.475823][T26682] udl 7-1:0.0: [drm] Unrecognized vendor firmware descriptor [ 1119.499106][ T9] lg-g15 0003:046D:C227.0004: unknown main item tag 0x0 [ 1119.518074][ T9] lg-g15 0003:046D:C227.0004: unknown main item tag 0x0 [ 1119.598828][ T9] lg-g15 0003:046D:C227.0004: hidraw0: USB HID v0.00 Device [HID 046d:c227] on usb-dummy_hcd.7-1/input0 [ 1119.662379][ T9] usb 8-1: USB disconnect, device number 9 [ 1119.694531][T26682] [drm:udl_init] *ERROR* Selecting channel failed [ 1119.741912][ T5055] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1119.767395][T26682] [drm] Initialized udl 0.0.1 for 7-1:0.0 on minor 2 [ 1119.794854][T26682] [drm] Initialized udl on minor 2 [ 1119.820803][T26682] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1119.838020][ T5055] 8021q: adding VLAN 0 to HW filter on device team0 [ 1119.857355][T26682] udl 7-1:0.0: [drm] Cannot find any crtc or sizes [ 1119.875898][ T5391] fido_id[5391]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.7/usb8/report_descriptor': No such file or directory [ 1119.905383][ T965] bridge0: port 1(bridge_slave_0) entered blocking state [ 1119.913100][ T965] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1119.929554][ T5929] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1119.941927][T26682] usb 7-1: USB disconnect, device number 14 [ 1119.956909][ T5929] udl 7-1:0.0: [drm] Cannot find any crtc or sizes [ 1120.000927][ T965] bridge0: port 2(bridge_slave_1) entered blocking state [ 1120.008185][ T965] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1120.077246][ T5395] veth1_to_hsr: Caught tx_queue_len zero misconfig [ 1120.179687][ T5398] loop2: detected capacity change from 0 to 256 [ 1120.193906][ T5055] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1120.307595][ T5398] FAT-fs (loop2): Directory bread(block 64) failed [ 1120.335189][ T5398] FAT-fs (loop2): Directory bread(block 65) failed [ 1120.375004][ T5398] FAT-fs (loop2): Directory bread(block 66) failed [ 1120.446762][ T5398] FAT-fs (loop2): Directory bread(block 67) failed [ 1120.484111][ T5398] FAT-fs (loop2): Directory bread(block 68) failed [ 1120.513485][ T5398] FAT-fs (loop2): Directory bread(block 69) failed [ 1120.540154][ T5398] FAT-fs (loop2): Directory bread(block 70) failed [ 1120.577507][ T5398] FAT-fs (loop2): Directory bread(block 71) failed [ 1120.581235][ T5408] netlink: 12 bytes leftover after parsing attributes in process `syz.6.14261'. [ 1120.586899][ T5398] FAT-fs (loop2): Directory bread(block 72) failed [ 1120.634182][ T5398] FAT-fs (loop2): Directory bread(block 73) failed [ 1120.943462][ T5419] loop5: detected capacity change from 0 to 512 [ 1121.096562][ T5419] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 1121.200974][ T5429] loop6: detected capacity change from 0 to 2048 [ 1121.216537][ T5429] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1121.234335][ T5055] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1121.310693][ T5432] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1121.439834][ T5822] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 1121.520151][ T5438] netlink: 20 bytes leftover after parsing attributes in process `syz.7.14270'. [ 1121.878983][ T5445] loop2: detected capacity change from 0 to 1024 [ 1121.988724][ T5445] hfsplus: size 25, res 24, name_len 6 [ 1122.161221][T26682] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 1122.318668][T26682] usb 8-1: Using ep0 maxpacket: 8 [ 1122.329075][T26682] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 1122.366603][T26682] usb 8-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 1122.379550][ T5055] veth0_vlan: entered promiscuous mode [ 1122.392021][ T5468] loop6: detected capacity change from 0 to 256 [ 1122.393552][T26682] usb 8-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 1122.410094][ T5055] veth1_vlan: entered promiscuous mode [ 1122.434279][T26682] usb 8-1: Product: syz [ 1122.441026][ T5468] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 1122.444340][T26682] usb 8-1: Manufacturer: syz [ 1122.488619][T26682] usb 8-1: SerialNumber: syz [ 1122.548759][ T5055] veth0_macvtap: entered promiscuous mode [ 1122.581069][ T5055] veth1_macvtap: entered promiscuous mode [ 1122.653323][ T5055] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1122.676242][ T5055] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1122.699454][ T965] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1122.718371][ T154] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1122.733891][T26682] usb 8-1: Handspring Visor / Palm OS: No valid connect info available [ 1122.754863][T26682] usb 8-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 1122.774080][T26682] usb 8-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 1122.777160][ T154] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1122.820473][ T154] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1122.833276][T26682] usb 8-1: Handspring Visor / Palm OS: Number of ports: 2 [ 1122.925661][T26682] visor 8-1:1.0: Handspring Visor / Palm OS converter detected [ 1122.982899][T26682] usb 8-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 1123.047541][T26682] usb 8-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 1123.076509][ T127] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1123.109218][ T127] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1123.195272][T26682] usb 8-1: USB disconnect, device number 10 [ 1123.228882][T26682] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 1123.233790][ T965] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1123.287131][ T965] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1123.300031][T26682] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 1123.316066][T26682] visor 8-1:1.0: device disconnected [ 1123.475416][ T5498] loop2: detected capacity change from 0 to 256 [ 1123.540300][ T5498] exfat: Deprecated parameter 'namecase' [ 1123.548254][ T5498] exfat: Deprecated parameter 'utf8' [ 1123.567980][ T32] INFO: task syz.1.12206:478 blocked for more than 143 seconds. [ 1123.575661][ T32] Tainted: G L syzkaller #0 [ 1123.602753][ T32] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1123.606016][ T5498] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 1123.623578][ T32] task:syz.1.12206 state:D stack:26200 pid:478 tgid:477 ppid:5818 task_flags:0x400040 flags:0x00080002 [ 1123.623672][ T32] Call Trace: [ 1123.623684][ T32] [ 1123.623701][ T32] __schedule+0x15dd/0x52d0 [ 1123.623785][ T32] ? __pfx___schedule+0x10/0x10 [ 1123.623835][ T32] ? schedule+0x90/0x360 [ 1123.623871][ T32] schedule+0x164/0x360 [ 1123.623906][ T32] schedule_preempt_disabled+0x13/0x30 [ 1123.623954][ T32] __mutex_lock+0x7fe/0x1300 [ 1123.624000][ T32] ? __mutex_lock+0x5ac/0x1300 [ 1123.624041][ T32] ? nfsd_nl_rpc_status_get_dumpit+0xdc/0x1410 [ 1123.624091][ T32] ? __pfx___mutex_lock+0x10/0x10 [ 1123.624139][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1123.624172][ T32] ? stack_trace_save+0xa9/0x100 [ 1123.624203][ T32] ? __pfx_stack_trace_save+0x10/0x10 [ 1123.624238][ T32] nfsd_nl_rpc_status_get_dumpit+0xdc/0x1410 [ 1123.624292][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1123.624324][ T32] ? kasan_save_track+0x4f/0x80 [ 1123.624355][ T32] ? kasan_save_track+0x3e/0x80 [ 1123.624384][ T32] ? __kasan_kmalloc+0x93/0xb0 [ 1123.624416][ T32] ? __alloc_skb+0x2c1/0x7d0 [ 1123.624445][ T32] ? netlink_dump+0x1ef/0xe80 [ 1123.856553][ T32] ? __netlink_dump_start+0x5cb/0x7e0 [ 1123.862275][ T32] ? genl_family_rcv_msg_dumpit+0x213/0x310 [ 1123.868384][ T32] ? genl_rcv_msg+0x5e8/0x7a0 [ 1123.877465][ T32] ? netlink_rcv_skb+0x232/0x4b0 [ 1123.883751][ T32] ? genl_rcv+0x28/0x40 [ 1123.887921][ T32] ? netlink_unicast+0x80f/0x9b0 [ 1123.893473][ T32] ? netlink_sendmsg+0x813/0xb40 [ 1123.898418][ T32] ? ____sys_sendmsg+0x972/0x9f0 [ 1123.906151][ T32] ? ___sys_sendmsg+0x2a5/0x360 [ 1123.911796][ T32] ? __x64_sys_sendmsg+0x1bd/0x2a0 [ 1123.916928][ T32] ? do_syscall_64+0x14d/0xf80 [ 1123.921870][ T32] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1123.929631][ T32] ? __pfx_nfsd_nl_rpc_status_get_dumpit+0x10/0x10 [ 1123.936178][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1123.941930][ T32] ? rcu_is_watching+0x15/0xb0 [ 1123.946715][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1123.952739][ T32] ? trace_kmalloc+0x2a/0x110 [ 1123.957756][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1123.963537][ T32] ? __kmalloc_node_track_caller_noprof+0x4f9/0x7b0 [ 1123.970483][ T32] genl_dumpit+0x10b/0x1b0 [ 1123.974910][ T32] netlink_dump+0x722/0xe80 [ 1123.979520][ T32] ? __pfx_netlink_dump+0x10/0x10 [ 1123.984572][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1123.990440][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1123.996185][ T32] ? genl_start+0x499/0x6c0 [ 1124.000714][ T32] __netlink_dump_start+0x5cb/0x7e0 [ 1124.006658][ T32] genl_family_rcv_msg_dumpit+0x213/0x310 [ 1124.012409][ T32] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 1124.018722][ T32] ? genl_get_cmd+0x4a8/0x930 [ 1124.023834][ T32] ? __pfx_genl_start+0x10/0x10 [ 1124.028728][ T32] ? __pfx_genl_dumpit+0x10/0x10 [ 1124.033763][ T32] ? __pfx_genl_done+0x10/0x10 [ 1124.038551][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1124.044329][ T32] ? __lock_acquire+0x6b5/0x2cf0 [ 1124.049311][ T32] genl_rcv_msg+0x5e8/0x7a0 [ 1124.053926][ T32] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1124.058973][ T32] ? __pfx_nfsd_nl_rpc_status_get_dumpit+0x10/0x10 [ 1124.065601][ T32] ? __lock_acquire+0x6b5/0x2cf0 [ 1124.070594][ T32] netlink_rcv_skb+0x232/0x4b0 [ 1124.075683][ T32] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1124.080768][ T32] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1124.086063][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1124.091746][ T32] ? down_read+0x272/0x2e0 [ 1124.096179][ T32] ? genl_rcv+0xd/0x40 [ 1124.100292][ T32] genl_rcv+0x28/0x40 [ 1124.104823][ T32] netlink_unicast+0x80f/0x9b0 [ 1124.109715][ T32] ? __pfx_netlink_unicast+0x10/0x10 [ 1124.115026][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1124.120743][ T32] ? skb_put+0x11b/0x210 [ 1124.125011][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1124.130742][ T32] netlink_sendmsg+0x813/0xb40 [ 1124.135537][ T32] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1124.140918][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1124.146573][ T32] ? aa_sock_msg_perm+0xf1/0x1b0 [ 1124.152135][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1124.157829][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1124.163497][ T32] ____sys_sendmsg+0x972/0x9f0 [ 1124.168423][ T32] ? futex_unqueue+0x211/0x240 [ 1124.173204][ T32] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1124.179319][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1124.184972][ T32] ? import_iovec+0x73/0xa0 [ 1124.189581][ T32] ___sys_sendmsg+0x2a5/0x360 [ 1124.194280][ T32] ? __pfx____sys_sendmsg+0x10/0x10 [ 1124.199526][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1124.205864][ T32] ? futex_wait+0x29a/0x380 [ 1124.210402][ T32] ? __fget_files+0x2a/0x420 [ 1124.215939][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1124.221593][ T32] ? __fget_files+0x3a0/0x420 [ 1124.226370][ T32] __x64_sys_sendmsg+0x1bd/0x2a0 [ 1124.231332][ T32] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 1124.236862][ T32] ? rcu_is_watching+0x15/0xb0 [ 1124.241645][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1124.247725][ T32] do_syscall_64+0x14d/0xf80 [ 1124.252453][ T32] ? trace_irq_disable+0x3b/0x150 [ 1124.257489][ T32] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1124.263641][ T32] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1124.269546][ T32] RIP: 0033:0x7f5f0c59c819 [ 1124.274063][ T32] RSP: 002b:00007f5f0d3b6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1124.282832][ T32] RAX: ffffffffffffffda RBX: 00007f5f0c815fa0 RCX: 00007f5f0c59c819 [ 1124.290926][ T32] RDX: 0000000000004000 RSI: 0000200000000180 RDI: 0000000000000003 [ 1124.299583][ T32] RBP: 00007f5f0c632c91 R08: 0000000000000000 R09: 0000000000000000 [ 1124.307616][ T32] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1124.315703][ T32] R13: 00007f5f0c816038 R14: 00007f5f0c815fa0 R15: 00007fff98638608 [ 1124.323804][ T32] [ 1124.326865][ T32] [ 1124.326865][ T32] Showing all locks held in the system: [ 1124.334645][ T32] 1 lock held by khungtaskd/32: [ 1124.339560][ T32] #0: ffffffff8e75e5e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 1124.350061][ T32] 6 locks held by kworker/0:2/1203: [ 1124.355261][ T32] #0: ffff888021aa3548 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0 [ 1124.374969][ T32] #1: ffffc90004bcfc40 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0 [ 1124.387347][ T32] #2: ffff888029a621e0 (&dev->mutex){....}-{4:4}, at: hub_event+0x17f/0x4f30 [ 1124.396974][ T32] #3: ffff888031f4d1e0 (&dev->mutex){....}-{4:4}, at: usb_disconnect+0xf8/0x990 [ 1124.407717][ T32] #4: ffff888059a921a8 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xb6/0x870 [ 1124.418354][ T32] #5: ffff888055d2c188 (&hdw->big_lock_mutex){+.+.}-{4:4}, at: pvr2_hdw_disconnect+0x6d/0x500 [ 1124.428885][ T32] 2 locks held by pvrusb2-context/2340: [ 1124.434781][ T32] #0: ffff888055d2c188 (&hdw->big_lock_mutex){+.+.}-{4:4}, at: pvr2_hdw_initialize+0xe4/0x3c50 [ 1124.445418][ T32] #1: ffffffff8e5fb9b0 (umhelper_sem){++++}-{4:4}, at: usermodehelper_read_trylock+0xfc/0x2c0 [ 1124.456963][ T32] 2 locks held by getty/5572: [ 1124.464018][ T32] #0: ffff888036d290a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 1124.473845][ T32] #1: ffffc9000331e2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x45c/0x13c0 [ 1124.488470][ T32] 3 locks held by kworker/1:10/26681: [ 1124.494561][ T32] #0: ffff88813fe0f148 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0 [ 1124.505672][ T32] #1: ffffc90003677c40 ((work_completion)(&data->fib_event_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0 [ 1124.518422][ T32] #2: ffff88802580f240 (&data->fib_lock){+.+.}-{4:4}, at: nsim_fib_event_work+0x202/0x3d0 [ 1124.528539][ T32] 2 locks held by syz.0.11205/30699: [ 1124.533815][ T32] #0: ffffffff8fc3de70 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 1124.542124][ T32] #1: ffffffff8ea86b88 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x2b5/0x9a0 [ 1124.552256][ T32] 3 locks held by syz.1.12206/478: [ 1124.558019][ T32] #0: ffffffff8fc3de70 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 1124.566260][ T32] #1: ffff8880594136f0 (nlk_cb_mutex-GENERIC){+.+.}-{4:4}, at: __netlink_dump_start+0xfe/0x7e0 [ 1124.576841][ T32] #2: ffffffff8ea86b88 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_rpc_status_get_dumpit+0xdc/0x1410 [ 1124.587449][ T32] 5 locks held by kworker/u8:2/564: [ 1124.593361][ T32] #0: ffff8880b873ae60 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x31/0x150 [ 1124.603578][ T32] #1: ffff8880b8724588 (psi_seq){-.-.}-{0:0}, at: psi_task_switch+0x53/0x880 [ 1124.612566][ T32] #2: ffff8880549c8788 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xb4/0x4a0 [ 1124.623683][ T32] #3: ffffffff8e75e5e0 (rcu_read_lock){....}-{1:3}, at: ieee80211_sta_active_ibss+0xc3/0x330 [ 1124.634144][ T32] #4: ffffffff8e75e5e0 (rcu_read_lock){....}-{1:3}, at: unwind_next_frame+0xa5/0x23c0 [ 1124.643934][ T32] [ 1124.646258][ T32] ============================================= [ 1124.646258][ T32] [ 1124.654795][ T32] NMI backtrace for cpu 0 [ 1124.654817][ T32] CPU: 0 UID: 0 PID: 32 Comm: khungtaskd Tainted: G L syzkaller #0 PREEMPT(full) [ 1124.654850][ T32] Tainted: [L]=SOFTLOCKUP [ 1124.654859][ T32] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1124.654874][ T32] Call Trace: [ 1124.654884][ T32] [ 1124.654896][ T32] dump_stack_lvl+0xe8/0x150 [ 1124.654936][ T32] nmi_cpu_backtrace+0x274/0x2d0 [ 1124.654963][ T32] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 1124.655007][ T32] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 1124.655037][ T32] sys_info+0x135/0x170 [ 1124.655073][ T32] watchdog+0xfd9/0x1030 [ 1124.655104][ T32] ? watchdog+0x21a/0x1030 [ 1124.655136][ T32] kthread+0x388/0x470 [ 1124.655162][ T32] ? __pfx_watchdog+0x10/0x10 [ 1124.655183][ T32] ? __pfx_kthread+0x10/0x10 [ 1124.655210][ T32] ret_from_fork+0x51e/0xb90 [ 1124.655248][ T32] ? __pfx_ret_from_fork+0x10/0x10 [ 1124.655280][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1124.655310][ T32] ? __switch_to+0xc7d/0x1450 [ 1124.655344][ T32] ? __pfx_kthread+0x10/0x10 [ 1124.655371][ T32] ret_from_fork_asm+0x1a/0x30 [ 1124.655427][ T32] [ 1124.655437][ T32] Sending NMI from CPU 0 to CPUs 1: [ 1124.777030][ C1] NMI backtrace for cpu 1 [ 1124.777054][ C1] CPU: 1 UID: 0 PID: 564 Comm: kworker/u8:2 Tainted: G L syzkaller #0 PREEMPT(full) [ 1124.777085][ C1] Tainted: [L]=SOFTLOCKUP [ 1124.777093][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1124.777109][ C1] Workqueue: events_unbound nsim_dev_trap_report_work [ 1124.777152][ C1] RIP: 0010:preempt_count_sub+0xf3/0x170 [ 1124.777186][ C1] Code: 72 83 3d 33 10 7e 0e 00 75 13 48 8d 3d 76 ee 80 0e 48 c7 c6 e0 02 cc 8b 67 48 0f b9 3a 90 e9 79 ff ff ff 48 c7 c1 80 f4 27 9a <80> e1 07 80 c1 03 38 c1 0f 8c 26 ff ff ff 89 fd 48 c7 c7 80 f4 27 [ 1124.777205][ C1] RSP: 0018:ffffc90004f6f918 EFLAGS: 00000202 [ 1124.777224][ C1] RAX: 0000000000000004 RBX: dffffc0000000000 RCX: ffffffff9a27f480 [ 1124.777240][ C1] RDX: 0000000000000004 RSI: ffffffff8e16b29d RDI: 0000000000000001 [ 1124.777261][ C1] RBP: 0000000000082820 R08: ffffffff82242f6a R09: ffff8880b873f598 [ 1124.777277][ C1] R10: dffffc0000000000 R11: ffffed1009036c19 R12: ffff88813fea7140 [ 1124.777294][ C1] R13: ffff8880b873f598 R14: 0000000000001000 R15: 0000000000000001 [ 1124.777312][ C1] FS: 0000000000000000(0000) GS:ffff888125557000(0000) knlGS:0000000000000000 [ 1124.777331][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1124.777346][ C1] CR2: 0000555562674a68 CR3: 000000007c1ca000 CR4: 0000000000350ef0 [ 1124.777364][ C1] Call Trace: [ 1124.777373][ C1] [ 1124.777384][ C1] __kmalloc_node_track_caller_noprof+0x44a/0x7b0 [ 1124.777415][ C1] ? nsim_dev_trap_report_work+0x29a/0xb80 [ 1124.777451][ C1] ? __kmalloc_node_track_caller_noprof+0x34a/0x7b0 [ 1124.777482][ C1] __alloc_skb+0x2c1/0x7d0 [ 1124.777512][ C1] nsim_dev_trap_report_work+0x29a/0xb80 [ 1124.777559][ C1] ? process_scheduled_works+0xa8d/0x18c0 [ 1124.777592][ C1] process_scheduled_works+0xb6e/0x18c0 [ 1124.777644][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 1124.777678][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1124.777705][ C1] ? assign_work+0x3d5/0x5e0 [ 1124.777737][ C1] worker_thread+0xa53/0xfc0 [ 1124.777770][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1124.777807][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1124.777839][ C1] kthread+0x388/0x470 [ 1124.777862][ C1] ? __pfx_worker_thread+0x10/0x10 [ 1124.777905][ C1] ? __pfx_kthread+0x10/0x10 [ 1124.777928][ C1] ret_from_fork+0x51e/0xb90 [ 1124.777960][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 1124.777990][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1124.778016][ C1] ? __switch_to+0xc7d/0x1450 [ 1124.778045][ C1] ? __pfx_kthread+0x10/0x10 [ 1124.778068][ C1] ret_from_fork_asm+0x1a/0x30 [ 1124.778114][ C1] [ 1125.041661][ T32] Kernel panic - not syncing: hung_task: blocked tasks [ 1125.048529][ T32] CPU: 0 UID: 0 PID: 32 Comm: khungtaskd Tainted: G L syzkaller #0 PREEMPT(full) [ 1125.059212][ T32] Tainted: [L]=SOFTLOCKUP [ 1125.063543][ T32] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1125.073639][ T32] Call Trace: [ 1125.076909][ T32] [ 1125.079835][ T32] vpanic+0x56c/0xa60 [ 1125.083831][ T32] ? __pfx___schedule+0x10/0x10 [ 1125.088686][ T32] ? __pfx_vpanic+0x10/0x10 [ 1125.093194][ T32] ? __pfx_console_unlock+0x10/0x10 [ 1125.098413][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1125.104069][ T32] panic+0xc5/0xd0 [ 1125.107791][ T32] ? __pfx_panic+0x10/0x10 [ 1125.112207][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1125.117834][ T32] ? preempt_schedule_thunk+0x16/0x30 [ 1125.123216][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1125.128842][ T32] ? nmi_trigger_cpumask_backtrace+0x2bb/0x300 [ 1125.135007][ T32] watchdog+0x1023/0x1030 [ 1125.139351][ T32] ? watchdog+0x21a/0x1030 [ 1125.143781][ T32] kthread+0x388/0x470 [ 1125.147847][ T32] ? __pfx_watchdog+0x10/0x10 [ 1125.152513][ T32] ? __pfx_kthread+0x10/0x10 [ 1125.157097][ T32] ret_from_fork+0x51e/0xb90 [ 1125.161700][ T32] ? __pfx_ret_from_fork+0x10/0x10 [ 1125.166818][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1125.172450][ T32] ? __switch_to+0xc7d/0x1450 [ 1125.177126][ T32] ? __pfx_kthread+0x10/0x10 [ 1125.181714][ T32] ret_from_fork_asm+0x1a/0x30 [ 1125.186502][ T32] [ 1125.189599][ T32] Kernel Offset: disabled [ 1125.193905][ T32] Rebooting in 86400 seconds..