last executing test programs: 3m49.713200363s ago: executing program 2 (id=2452): r0 = socket(0x1e, 0x4, 0x0) fcntl$lock(r0, 0x6, &(0x7f0000000140)={0x1, 0x3, 0x8, 0x2}) 3m49.433852795s ago: executing program 2 (id=2455): r0 = fanotify_init(0x0, 0x101000) write$binfmt_elf64(r0, &(0x7f00000006c0)=ANY=[@ANYBLOB="7f454c4622"], 0x18) 3m49.303948585s ago: executing program 2 (id=2457): r0 = socket$kcm(0x2, 0x3, 0x2) sendmsg$inet(r0, &(0x7f0000001640)={&(0x7f0000000300)={0x2, 0x4e24, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x11}, @multicast1}}}, @ip_retopts={{0x14, 0x0, 0x7, {[@generic={0x88, 0x2}]}}}], 0x38}, 0x20002880) 3m49.070154244s ago: executing program 2 (id=2461): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000400)={[{@umask={'umask', 0x3d, 0x8}}, {@discard}, {@gid={'gid', 0x3d, 0xee00}}, {@utf8}, {@iocharset={'iocharset', 0x3d, 'cp863'}}, {@errors_continue}, {@dmask={'dmask', 0x3d, 0x1ff}}, {@umask={'umask', 0x3d, 0x7}}, {@umask={'umask', 0x3d, 0x400}}, {@dmask={'dmask', 0x3d, 0x5}}]}, 0x1, 0x1534, &(0x7f0000002d00)="$eJzs3AucTtX6OPDnWWvtMSbpbZLLsNZ6Nm8SyyRJLklySZIkSXJLSJrkSEJiyC1pSJJch+QyhOQyMWnc7/dLQpI0SRKSW7L+H8Vfnep3zvmdfjmfM8/383k/1jNrP2s/+33ey94b83WnwdUb1qhSn4jg34I//5EMALEA0B8ArgKAAADKxJeJPz+fU2Lyv7cT9ud6MO1yV8AuJ+5/9sb9z964/9kb9z974/5nb9z/7I37n71x/xnLzjZOLXA1P7Lvg+////er+4cz/P3/XySr5OjPV5e8tjNAzD+bwv3P3rj//7WCf2Yj7n/2xv3PrmIvdwHsPwC//7ODHH84w/3P3rj/jGVnl/v+8+V+QCR7PweX+/XHGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYYyx7OOUvUQBwcXy562KMMcYYY4wxxtifx+e43BUwxhhjjDHGGGPs/x6CAAkKAoiBHBALOSEOBABcCbnhKojA1RAP10AeuBbyQj7IDwUgAQpCIdBgwAJBCIWhCEThOigK10MxuAGKQwlwUBIS4UYoBTdBabgZysAtUBZuhXJQHipARbgNKsHtUBnugCpwJ1SFalAdasBdUBPuhlpwD9SGe6EO3Ad14X6oBw9AfXgQGsBD0BAehkbwCDSGJtAUmkHz/1X+89ANXoDu0AOSoSf0ghehN/SBvtAP+sNLMABehoHwCqTAIBgMr8IQeA2GwuswDN6A4fAmjICRMApGwxgYC6kwDsbDWzAB3oaJMAkmwxRIg6kwDd6B6TADZsK7MAveg9kwB+bCPEiH92E+LIAM+AAWwoeQCYtgMSyBpbAMlsMKWAmrYDWsgbWwDtbDBtgIm2AzbIGtsA22w0ewAz6GnbALdsMnsAc+/RfzT/5dfmcEBBQoUKHCGIzBWIzFOIzDXJgLc2NujGAE4zEe82AezIt5MT/mxwRMwEJYCA0aJCQsjIUxilEsikWxGBbD4lgcHTpMxEQshTdhaSyNZbAMlsWyWA7LY3msiBWxElbCylgZq2AVrIpVsTpWx7vwLuyJtbAW1sbaWAfrXLw9hfWxPjbABtgQG2IjbISNsTE2xabYHJtjC2yBLbEltsbW2AbbYFtsi0mYhO2wHbbH9tgBO2BH7IidsBN2xi7YJev5HIAv4AvYA6uKntgLe2FvTMnRF/thP3wJB+DL+DK+gik4CAfjq/gqvoZD8QQOwzdwOA7HSmIkjsLRSGIspmIqjsfxOAEn4ESchJNwCqbhVJyG03A6zsAZ+C7OwvfwPZyDc3AepmM6zscFmIEZuBBPYiYuwsW4BJfiMlyKK3AlrsDVuAZX4zpchxtwA27CTbgFt+A23AYfoQLAj3EX7sIU3IN7cC/uxX24D/fjfszCLDyAB/AgHsRDeAgP42E8gkfxGB7F43gcT+BJPIWn8AyewbP4bMKXDT66YVUKiPOUUCJGxIhYESviRJzIJXKJ3CK3iIiIiBfxIo/II/KKvCK/yC8SRIIoJAoJI4wgEcYAgIiKqCgqiopiopgoLooLJ5xIFImilCglSovSooy4RZQVt4pyorxo5SqKiqKSaO0qiztEFVFFVBXVRHVRQ9QQNUVNUUvUErVFbVFH1BF1xf2inuiJffFBcb4zDcUgbCQGY2PRRMgLn2AtxFBsKVqJ1uJx8QYOw7aihUsST4l2YhS2F38To/EZ0VGMxU7iOdFZdBFdxfOim2jpuoseYiL2FL3EFOwt+oi+op+YjtXEuzgrZ3XxikgRg8Rg8aqYh6+JoeJ1MeynI31TjBAjxSgxWowRY0WqGCfGi7fEBPG2mCgmicliikgTU8U08Y6YLmaImeJdMUu8J2aLOWKumCfSxftivlggMsQHYqH4UGSKRWKxWCKWimViuVghVopVYrVYI9aKdWK92CA2ik1is9gitoptYrv4SOwQH4udYpfYLT4Re8SnYq/4TOwTn4v94guRJb4UB8RX4qD4WhwS34jD4ltxRBwVx8R34rj4XpwQJ8UpcVqcET+Is+JHcU54ARKlkFIqGcgYmUPGypwyTl4hc8ngwrN7tYyX18g88lqZV+aT+WUBmSALykJSSyOtJBnKwrKIjMrrZFF5vSwmb5DFZQnpZEmZKG+UpeRNsrS8WZaRt8iy8lZZTpaXFWRFeZusJG+XEPl5H1VlNVld1pB3yWS4W9aS98ja8l5ZR94n68r7ZT35gKwvH5QN5EOyoXxYNpKPyMayiWwqm8nm8lHZQj4mW8pWsrV8XLaRT8i28kmZJJ+S7aS/8BJ5RnaUz8pO8jnZWXaRXeWP8pz0srvsIaEnyF7yRdlb9pF9ZT/ZX74kB8iX5UD5ikyRg+Rg+aocIl+TQ+Xrcph8Qw6Xb8oRcqQcJUfLMXKsTJXj5Hj5lpwg35YT5SQ5WU6RaXKq7HthpZlS/sP8t34nf+BPe98gN8pNcrPcIrfKbXK7/EjukDvkTrlT7pa75R65R+6Ve+U+uU/ul/tllsySB+QBeVAelIfkIXlYHpZH5FF5Wn4nj8vv5Ql5Up6Up+UZeUaevfAcgEIllFRKBSpG5VCxKqeKU1eoXOpKlVtdpSLqahWvrlF51LUqr8qn8qsCKkEVVIWUVkZZRSpUhVURFVXX4YUXjCquSiinSqpEdeO/kq+KqutVMXXDr/Iv1pf8B/U1V81VC9VCtVQtVWvVWrVRbVRb1VYlqSTVTrVT7VV71UF1UB1VR9VJdVKdVWfVVXVV3VQ31V11V8kqWfVSL6reqo/qq/qp/uolNUANUAPVQJWiUtRgNVgNUUPUUDVUDVPD1HA1XI1QI9QoNUqNUWNUqkpV49V4NUFNUBPVRDVZTVZpKk1NU9PUdDVdzVQz1Sw1S81Ws9VcNVelq3Q1X81XGSpDLVQLVaZapBapJWqJWqaWqRVqhVqlVqk1ao1ap9apTLVRbVSb1Wa1VW1V29V2tUPtUDvVTrVb7VZ71B61V+1V+9Q+tV/tV1kqSx1QB9RBdVAdUofUYXVYHVFH1DF1TB1Xx9UJdUKdUqfUGXVGnVVn1Tl17vxpXyACEahABTFBTBAbxAZxQVyQK8gV5A5yB5EgEsQH8UGe4Nogb5AvyB8UCBKCgkGhQAcmsIG40PRocF1QNLg+KBbcEBQPSgQuKBkkBjcGpYKbgtLBzUGZ4JagbHBrUC4oH1QIKga3BZWC24PKwR1BleDOoGpQLage1AjuCmoGdwe1gnuC2sG9QZ3gvqBucH9QL3ggqB88GDQIHgoaBg8HjYJHgsZBk6Bp0Cxo/qeu7/2JfI+57rqHTtY9dS/9ou6t++i+up/ur1/SA/TLeqB+RafoQXqwflUP0a/pofp1PUy/oYfrN/UIPVKP0qP1GD1Wp+pxerx+S0/Qb+uJepKerKfoND1VT9Pv6Ol6hp6p39Wz9Ht6tp6j5+p5Ol2/r+frBTpDf6AX6g91pl6kF+sleqleppfrFXqlXqVX6zV6rV6n1+sNeqPepDfrLXqr3qa364/0Dv2x3ql36d36E71Hf6r36s/0Pv253q+/0Fn6S31Af6UP6q/1If2NPqy/1Uf0UX1Mf6eP6+/1CX1Sn9Kn9Rn9gz6rf9TntD9/cn/+690oo0yMiTGxJtbEmTiTy+QyuU1uEzERE2/iTR6Tx+Q1eU1+k98kmARTyBQy55EhU9gUNlETNUVNUVPMFDPFTXHjjDOJJtGUMqVMaVPalDFlTFlT1pQz5UwFU8HcZm4zt5vbzR3mDnOnudNUM9VMDVPD1DQ1TS1Ty9Q2tU0dU8fUNXVNPVPP1Df1TQPTwDQ0DU0j08g0No1NU9PUNDfNTQvTwrQ0LU1r09q0MW1MW9PWJJkk0860M+1Ne9PBdDAdTUfTyXQynU1n09V0Nd1MN9PddDfJJtn0Mr1Mb9Pb9DV9TX/T3wwwA8xAM9CkmBQz2Aw2Q8wQM9QMNcPMG2b4+RNVM9KMMqPNGDPWpJpUM96MNxPMBDPRTDSTzWSTZtLMNDPNTDfTzUwz08wys8xsM9vMNXNNukk38818k2EyzEKz0GSaTLPYLDZLzVKz3Cw3K81Ks9qsNmthrVlv1puNZqPZbDabrWar2W62mx1mh9lpdprdZrfZY/aYvWav2Wf2mf1mv8kyWeaAOWAOmoPmkDlkDpvD5og5Yo6ZY+a4OW5OmBPmlDllzph8F74vvYm1OW2cvcLmslfa3PYq+/dxflvAJtiCtpDVNq/N96vYWGuL2RtscVvCOlvSJtobfxOXs+VtBVvR3mYr2dtt5d/ENe3dtpa9x9a299oa9q5fxXXsfbaufdjWQwSwTWwD28w2tA/bRvYR29g2sU1tM9vGPmHb2idtkn3KtrNP/yaebxfYlXaVXW3X2J12lz1lT9uD9mt7xv5gu9setr99yQ6wL9uB9hWbYgf9Jh5u37Qj7Eg7yo62Y+zY38ST7RSbZqfaafYdO93O+E2cbt+3s2yGnW3n2Ll23k/x+Zoy7Ad2of3QZtoAFtsldqldZpfbFf+/1iV2nV1vN9gd9mO72W6xW+02u/3iibDdZXfbT+we+6k9YL+y++zndr89ZLPslz/F54/vkP3GHrbf2iP2qD1mv7PH7ffqp9yRvQHsD/Y7+6M9Z70FQgKSpCigGMpBsZST4ugKykVXUm66iiJ0NcXTNZSHrqW8lI/yUwFKoIJUiDQZskQUUmEqQlG6ji6WV5xKkKOSlEg3Uim6iUrTzVSGbqGydCuVo/JUgSrSbVSJbqfKdAdVoTupKlWj6lSD7qKadDfVonuoNt1Ldeg+qkv3Uz16gOrTg9SAHqKG9DA1okeoMTWhptSMmtOj1IIeo5bUilrT49SGnqC29CQl0VPUjp6m9vQ36kDPUEd6ljrRc9SZulBXep660QvUnXpQMvWkXvQi9aY+1Jf6UX96iQbQyzSQXqEUGkSD6VUaQq/RUHqdhtEbNJzepBE0kkbRaBpDYymVxtF4eosm0Ns0kSbRZJpCaTSVptE7NJ1m0Ex6l2bRezSb5tBcmkfp9D7NpwWUQR/QQvqQMmkRLaYltJSW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lbbRdvqIdtDHtJN20W76hPbQp7SXPqN99Dntpy8oi76kA/QVHaSv6RB943vQt3SEjtIx+o6O0/d0gk7SKTpNZ+gHOks/0jnyBCGGIpShCoMwJswRxoY5w7jwijBXeGWYO7wqjIRXh/HhNWGe8Nowb5gvzB8WCBPCgmGhUIcmtCGFYVg4LBJGw+vCouH1YbEQw+JhidCFJcPE8MawVHhTWDq8OSwT3hKWDW8Ny4Xlw4fvrRjeFlYKbw8rh3eEVcI7w6phtbB6WCO8K6wZ3h3WCu8Ja4f3hqXD+8K64f1hvfCBsH74YNggfChsGD4cNgofCRuHTcKmYbOwefho2CJ8LGwZtgpbh4+HbcInwrbhk2FS+FTYLnz6p/n7FvzxfHLYM+wVvhi+GHp/j5wbnRdNj74fnR9dEM2IfhBdGP0wmhldFF0cXRJdGl0WXR5dEV0ZXRVdHV0TXRtdF10f3RD1vkYOcOiEk065wMW4HC7W5XRx7gqXy13pcrurXMRd7eLdNS6Pu9bldflcflfAJbiCrpDTzjjryIWusCviou46V9Rd74q5G1xxV8I5V9IlumauuWvuWrjHXEvXyrV2j7vH3RPuCfeke9I95dq5p1179zfXwT3jOrpn3bPuOdfZdXFd3fOumxuX++f3ZLLr5Xq53q636+v6uv6uvxvgBriBbqBLcSlusBvshrghbqgb6oa5YW64G+5GuBFulBvlxrgxLtWluvFuvJvgJriJbqKb7Ca7NJfmprlpbrqb7irN+Hkvs91sN9fNdeku3c13588ZM9xCt9Bluky32C12S91St9wtdyvdSrfarXZr3Vq33q13G91Gt9ltdlvdVrfdbXc73A6301/186Juj9vr9rp9bp/b775wWe5Ld8B95Q66r90h94077L51R9xRd8x95467790Jd9KdcqfdGfeDO+t+dOecd6mRcZHxkbciEyJvRyZGJkUmR6ZE0iJTI9Mi70SmR2ZEZkbejcyKvBeZHZkTmRuZF0mPvB+ZH1kQyYh8EFkY+TCSGVkUWRxZElkaWRbxvuDm0Bf2RXzUX+eL+ut9MX+DL+5LeOdL+kR/oy/lb/Kl/c2+jL/Fl/W3+nK+vK/gH/GNfRPf1Dfzzf2jvoV/zLf0rXxr/7hv45/wbf2TPsk/5dv5p317/zffwT/jO/pnfSf/nO/su/iu/nnfzb/gu/sePtn39L38i7637+P7+n6+v3/JD/Av+4H+FZ/iB/nB/lU/xL/mh/rX/TD/hh8e86YfcfESGcb6VD/Oj/dv+Qn+bT/RT/KT/RSf5qf6af4dP93P8DP9u36Wf8/P9nP8XD/Pp/v3/Xy/wGf4D/xC/6HP9Isu3lT2y/0Kv9Kv8qv9Gr/Wr/Pr/Qa/0W/ym/0Wv9Vv89v9R36H/9jv9Lv8bv+J3+M/9Xv9Z36f/9zv91/4LP+lP+C/8gf91/6Q/8Yf9t/6I/6oP+a/88f99/6EP+lP+dP+jP/Bn/U/+nP8f9YYY4wxxv4p4y4Nxa9nfr6d3/N3csQvNu4FAFduKZD1y/nzZ5Rr8/487iMS2kQA4KkenR68+KhaNTk5+cK2mRKCInMALv5N0HkxcCleBK3hCUiCVlDqd+vvI7qcoX+wfvQWgLhf5MTCpfjS+p8BYPLvrP/o48Pnlw1Pxf8P688BKFbkUk5OuBQvgtY/3V9pBaX/oP58LX5Zf+xv18/5eSpAy1/k5IJL8aX6E+ExeBqSfrUlY4wxxhhjjDH2sz6iQoeL158X/8Xn712fJ6hLOTngUvyPrs8ZY4wxxhhjjDF2+T3TpeuTjyYlterwrw8q/6+y/ulBI/i/WvkvGdzxn1HGvzDwHuDiTxQA/JsLApwfyL/yKDb9JftKufDW+fuppad9AP8ZrfwzBpf5g4kxxhhjjDH2p7t00v/rn6vLVRBjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMZYN/RW/TuyX++tx+Q6VMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYu2z+XwAAAP//dMcCKA==") mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) 3m48.678118516s ago: executing program 2 (id=2468): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x28, 0x6, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x9c}}, 0x0) 3m48.229788902s ago: executing program 2 (id=2471): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched_retired(r0, &(0x7f000000b0c0)={0x0, 0x0, &(0x7f000000b080)={&(0x7f00000002c0)=@newtaction={0x4c, 0x30, 0x1, 0x70bd27, 0x25dfdc01, {}, [{0x38, 0x1, [@m_ipt={0x34, 0x1, 0x0, 0x0, {{0x8}, {0xc, 0x2, 0x0, 0x1, [@TCA_IPT_HOOK={0x8, 0x2, 0x4000000}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000080}, 0x0) 3m47.785462478s ago: executing program 32 (id=2471): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched_retired(r0, &(0x7f000000b0c0)={0x0, 0x0, &(0x7f000000b080)={&(0x7f00000002c0)=@newtaction={0x4c, 0x30, 0x1, 0x70bd27, 0x25dfdc01, {}, [{0x38, 0x1, [@m_ipt={0x34, 0x1, 0x0, 0x0, {{0x8}, {0xc, 0x2, 0x0, 0x1, [@TCA_IPT_HOOK={0x8, 0x2, 0x4000000}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000080}, 0x0) 3m20.967891246s ago: executing program 3 (id=2764): syz_mount_image$udf(&(0x7f0000000c40), &(0x7f0000000c80)='./file1\x00', 0x2818c02, &(0x7f0000002580)=ANY=[], 0x1, 0xc3b, &(0x7f0000001940)="$eJzs3V9oXOl5B+D3myOtJadJZjcb549zMbCBbL3ZRbK8axVvQI4VEYPxmpWVi4WCx5bsDiuNZEku3lCCCwklpC0uuchlDZtAe1VftRCa4lxtSwiI9qb0orjtxmwvCpNA2tKLqJyZb6SR1ra0a1uS189j7N/MOe+Z+c7Yr+ac8TlzAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACI+OrXjg8Np90eBQCwk05Pvj404v0fAJ4oZ+3/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwtRRFfDtSvP29VjrXvt8xcKrRvHJ1anzi7osNpkhRiaJdX/4eGD48cuTlV46OdvP+yz9sn4vXJs8er52Yn1tYnFlampmuTTUbF+anZ7b9CA+6/GaH2i9Abe7NK9MXLy7VDr80smH21eqdfR87UD02enDkjW7t1PjExGRPTV//h37290kP76H4CHkqivh6pHjnxfdSPSIq8eC9sMXPjkdtMPrK/muvxNT4RHtFZhv15nI5M1VyVV9EtWehsW6P7EAvPpCxiGvl31M54EPl6k0u1Bfr52dnamfqi8uN5cZ8M1U6oy3XpxqVGE0RCxHRKnZ78Ow1/VHEkUhx51etdD4iim4fvHB68vWhka0foG8HBnmPp60WESvxGPQs7FH7oog/ixTfPzcUF3Jftdvm3YgvlflqxOUyb6W4nu+n8gfEaMQvvZ/AY60vivh5pJhPrTTd7f32duWpb9RONi/O99R2tysf+/2DnWTbhD1sIIo4397ib6UP/2EXAAAAAAAAAAAAALAzivhxpLg593xaiN5zShvNS7Wz9fOznaOCu8f+1/JSq6urq9XUyVrOoZxjOc+kiL/7RMS5fH8h57Wc13PeyHkz562cKzlv52zljEp+/py1nEM5x3KeyXku50LOazmv57yR82bOWzlXct7O2coZznsCAAAAAAAAAAAAAAAAAADgIRuMIiYixY23f799XeloX5f+k8dGT48/23vN+M9s8Thl7UsR8ePY3jV5+/O1xlOl/PXw1wvY2kAU8a18/b8/3O3BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAe0Ilivh2pPjBr1tpdXV1NcYizpUzxiJuF7s9OgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNJCKOBEp/vNrA+37KxHx+Yj4zWr5K+J/Vzfb7REDAAAAAAAAAAAAAAAAAADAR1Aq4nKk+OE7rVSNiKvVO/s+dqB6bPTgyBtFFJHKkt761ybPHq+dmJ9bWJxZWpqZrk01Gxfmp2e2+3QDpxrNK1enxiceycpsafARj39w4MT8wluLjUu/t3zX+fsHjp9fWl6sX7j77BiMvoih3imH2gOeGp9oD3q2UW+2F02VewywL6K23ZUBAAAAAAAAAAAAAAAAAABgz9ifihiPFM/95Ejqnjfe1znn/+Ode8Va7Y/+YP27AGY3ZVfv9wds53ba7kAPtU+8r02NT0xM9kzu639/aTmmlIr4dKQ4+LefbZ8Pn2L/Xc+NL+v+OFKM/t+RXFc9WNaNbagaODQ1PlE7Pd988fjs7PyF+nL9/OxMbXKhfmHbXxwAAAAAAAAAAAAAAAAAAAAA97E/FfEnkeLIyZXUve58Pv+/r3Ov5/z/VyO6l50fSBtzTfvc/k+0z+3v3P7ksdGTh5+71/RHcf5/OaaUivhNpHj6zz/bvp5+9/z/oU21Zd0PI8XPv/OFXFd5qqwb7q5O5xEvNmZnhsraFyLFd890a6Nd+0qu/dR67XBZ+9NI8czvbqw9mmufXa89XNbeiRQTp+9e++n12pGydjBSfPmPat3a/WXtV3PtgfXaly7Mz05v9+XlyVT2/79Gii8Ofz11/83fs/97vv/j2qZc876ev//th9X/1Z5p13Jfr+b+H96i/y9Hij+9/oVc1+m9w3n+0+0/1/v/u5Hitz++sfblXPvMeu3wdlcLdlPZ//8QKVZu//Pav/nc/7mz1ju0t/8/37cxu9sFu9X/T/dMq+ZxjXzA1wKeNEtvffPN+uzszKIbbrjxpN34r5P3nLXbP5mAR63c/v/vSPGVy0Xq7sfm7f/f6txb3///n2+tb/8f25Rrdmn7/5meacfyXkt/X8TA8txC/2ciBpbe+uaLjbn6pZlLM82RkdGjv3Nk+PDR4f6nujv367e2/drB467s/zcjxY/+6h/XPsfeuP9/98//9m/KNbvU/5/qXacN+zXbfingiVP2/19Ein+58d7a/zfd7/O/7ud8zz+3MQe7RbvU/8/2TKvlP0Z7pt3lvwkBAAAAAAAAAOCxtz8V8ZNI8detv1+75v3G43/ii93a3uP/7mUvXP8fALi/8v1/MlL8bP+XU/c7ZLZz/P/0plzzwY///ae/3M5At3j/P9AzbXqHzmv+QC80AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8CCmK2Bcp3v5eK90uyvsdA6cazStXp8Yn7r7YYIoUlSja9eXvgeHDI0defuXoaDfvv/zD9rl4bfLs8dqJ+bmFxZmlpZnp2lSzcWF+embbj/Cgy292qP0C1ObevDJ98eJS7fBLIxtmX63e2fexA9VjowdH3ujWTo1PTEz21PT1f+hnf5/08B6Kj5CnooifRYp3Xnwv/VsRUYkH74UtfnY8aoPRV/ZfeyWmxifaKzLbqDeXy5mpkqv6Iqo9C411e2QHevGBjEVci4hKOeBD5epNLtQX6+dnZ2pn6ovLjeXGfDNVOqMt16calRhNEQsR0Sp2e/DsNf1RxN9Eiju/aqV/LyKKbh+8cHry9aGRrR+gbwcGeY+nrRYRK/EY9CzsUfuiiGcjxffPDcV/FJ2+arfNuxFfKvPViMtl3kpxPd9P5Q+I0Yhfej+Bx1pfFHEmUsynVnq3yL3f3q489Y3ayebF+Z7a7nblY79/sJNsm7CHDUQRv2hv8bfSL7yfAwAAAAAAAAAAAMAeV8RXIsXNuedT+/zQtXNKG81LtbP187Odw/q7x/7X8lKrq6ur1dTJWs6hnGM5z+T8ac6FnNdyXs95I+fNnLdyruS8nbOVMyr5+XPWcg7lHMt5Jue5nAs5r+W8nvNGzps5b+VcyXk7ZytnOE4aAAAAAAAAAAAAAAAAAIBHpBJFfCdS/ODXrbRadK4vey46edt5rvCR9v8BAAD//5M7Saw=") r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x4842, 0x0) writev(r0, &(0x7f0000000a40)=[{0x0, 0x3c}, {&(0x7f0000000e00)='t', 0x2fd200}, {0x0}, {&(0x7f0000001000)="d6", 0x20c00}], 0x21) 3m20.956986137s ago: executing program 4 (id=2765): r0 = timerfd_create(0x7, 0x80000) timerfd_settime(r0, 0x3, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) timerfd_gettime(r0, 0x0) 3m20.855227845s ago: executing program 4 (id=2766): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0) syz_emit_ethernet(0x7a, &(0x7f0000000340)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x6c, 0x0, 0x0, 0xe, 0x6, 0x0, @empty, @empty}, {{0x10, 0x4e26, 0x41424344, 0x41424344, 0x0, 0x0, 0x16, 0xc2, 0x1, 0x0, 0x0, {[@generic={0x3, 0x2}, @window={0x3, 0x3, 0x9}, @mptcp=@synack={0x1e, 0x10, 0x1, 0x2, 0xa, 0x7, 0xe3}, @sack={0x5, 0x22, [0x91, 0x4, 0x2, 0x0, 0x31f3, 0x2a66645e, 0x9, 0x4]}, @timestamp={0x8, 0xa, 0x8, 0xffffffff}]}}}}}}}, 0x0) 3m20.601577555s ago: executing program 0 (id=2769): r0 = socket$kcm(0xa, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000380)={&(0x7f0000000040)={0xa, 0xa, @local}, 0x1c, &(0x7f0000000180)=[{&(0x7f0000000080)="a2", 0xff0e}], 0x4, 0x0, 0x0, 0xa6820000}, 0xafe6) sendmsg$kcm(r0, &(0x7f0000000ec0)={0x0, 0x0, &(0x7f0000001240)=[{&(0x7f0000000fc0)="d8", 0x1}], 0x1}, 0x4000000) 3m20.427363689s ago: executing program 4 (id=2770): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000580)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000000}}, {@noauto_da_alloc}, {@dioread_nolock}, {@block_validity}, {@nobarrier}, {@nodelalloc}, {@minixdf}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x40}}]}, 0x1, 0xba6, &(0x7f0000001900)="$eJzs3M1rXFUUAPDzXj7bRicVEeumEZEWxGlaSbFFsJWKGxeCboWGdFJCph8kkZo0i4n+A6KuBTeCWpQu7LobBbdutG4tLoQisVEQ0cibjyQ2M0naTvJq8vvBzbt3zpvcc/KYeffCTALYsQayH2nEvog4nUQU6o+nEdFd7fVGVGrnLczPjvwxPzuSxOLi678mkUTE7fnZkcbvSurHPfVBb0R891ISj7y7et7J6Znx4XK5NFEfH5o6d/HQ5PTMs2Pnhs+WzpbOHz76/NCRoaODx4baVuufP5249vuTr/xc+euzv6/89sEnSZyIvnpsZR3tMhADS3+TlTojYrjdk+Wko17PyjqTznWelG5yUgAAtJSuWMM9FoXoiOXFWyG+/j7X5AAAAIC2WOyIWAQAAAC2ucT+HwAAALa5xucAbs/PjjRavp9I2Fq3TkZEf63+hXqrRTqjUj32RldE7L6dxMqvtSa1p923gYi4+eOxL7MWm/Q95LVU5iLi8WbXP6nW31/9Fvfq+tOIGGzD/AN3jP9P9Z9ow/x51w/AznT9ZO1Gtvr+ly6tf6LJ/a+zyb3rXuR9/2us/xZWrf+W6+9osf57bYNzXP70o0utYln9L1x7+YtGy+bPjvdV1F24NRfxRGez+pOl+pMW9Z/e4ByFfy6VWsXyrn/x44gD0bz+hmTt/090aHSsXBqs/Ww6x9y3Q5+3mj/v+rPrv7tF/etd/4sbnOPNU6eutoqtX3/6S3fyRrXXXX/k7eGpqYnDEd3Jq6sfP7J2Lo1zGr8jq//gU2u//pvVn70nVOp/h2wvMFc/ZuN37pjzxSuXv1qr/mzvl+f1P3OP1/+9Dc7x9DfvH2wVW7n/zVo2/82kthcGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIY0IvoiSYtL/TQtFiP2RMSjsTstX5icemb0wlvnz2SxiP7oSkfHyqXBiCjUxkk2PlztL4+P3DF+LiL2RsSHhV3VcXHkQvlM3sUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwZE9E9EWSFiMijYiFQpoWi3lnBQAAALRdf94JAAAAAJvO/h8AAAC2P/t/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANtne/ddvJBFROb6r2jLd9VhXrpkBmy3NOwEgNx15JwDkpjPvBIDc3OUe33IBtqFknXhvy0hP23MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4MF1YN/1G0lEVI7vqrZMdz3W1fQZ+7cwO2AzpXknAOSmY61g59blAWw9L3HYuZrv8YGdJFkn3rt8TuW/kZ5NywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAB09ftSVpMSLSaj9Ni8WIhyKiP7qS0bFyaTAiHo6IHwpdPdm4J++kAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaLvJ6Znx4XK5NKGjo5NvJ3kw0qh18n5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD5PTM+PD5XJpYjLvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC8TU7PjA+Xy6WJDXSu3s3JKzp51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+DQAA//+LYA3r") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x42, 0xc0) fchown(r0, 0x0, 0xee00) 3m20.408953371s ago: executing program 1 (id=2771): r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x76, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)) 3m20.214406787s ago: executing program 3 (id=2772): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000280)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha1\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="a9", 0x1) 3m20.206532247s ago: executing program 0 (id=2773): r0 = syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000140)={0x3, 0x98f90f, 0x1}) ioctl$VIDIOC_DQEVENT(r0, 0x80885659, &(0x7f0000000080)) 3m20.014436622s ago: executing program 1 (id=2774): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x98, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x6c, 0x4, 0x0, 0x1, [{0x68, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x58, 0x2, 0x0, 0x1, [@NFTA_INNER_TYPE={0x8, 0x2, 0x1, 0x0, 0x84}, @NFTA_INNER_FLAGS={0x8, 0x3, 0x1, 0x0, 0x7}, @NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0xf}, @NFTA_INNER_NUM={0x8}, @NFTA_INNER_EXPR={0x34, 0x5, 0x0, 0x1, @payload={{0xc}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_LEN={0x8, 0x4, 0x1, 0x0, 0x56}, @NFTA_PAYLOAD_OFFSET={0xfffffffffffffdc6, 0x3, 0x1, 0x0, 0xb9}, @NFTA_PAYLOAD_DREG={0x8, 0x1, 0x1, 0x0, 0xa}, @NFTA_PAYLOAD_BASE={0x8}]}}}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0xc0}}, 0x0) 3m19.816279958s ago: executing program 0 (id=2775): openat$adsp1(0xffffffffffffff9c, &(0x7f0000000500), 0xa0201, 0x0) r0 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x1, 0x103001) ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r0, 0xc4c85512, &(0x7f0000000480)={{0x3, 0x3, 0x24000000, 0x3ff, '\x00', 0x6}, 0x1, [0x9, 0x11, 0xfffffffffffffff9, 0x5, 0xf, 0x1, 0x0, 0xff, 0xffffffffffffffff, 0x9, 0x1, 0x8, 0xfffffffffffffff7, 0x4, 0x3ff, 0x1, 0x36, 0x482, 0xc0010, 0x9, 0x1, 0x3ff, 0x7ff, 0x5, 0x80, 0x0, 0x4, 0x6, 0xffffffff, 0x9, 0x1, 0x71, 0xa, 0x2, 0x1ff, 0x7fffffff, 0x9, 0x4, 0x5, 0x10, 0xfffffffffffffff7, 0x16, 0x9db6, 0x7f, 0xfffffffffffffff6, 0x2, 0x5, 0x7, 0x0, 0x8, 0x3, 0x303, 0xa2, 0x8000, 0x3, 0x400, 0x9, 0x1fd, 0x3, 0x2, 0xc9a8, 0xffffffff, 0x3, 0x8, 0xffff, 0x0, 0x10000, 0xffffffffffffffff, 0x5, 0x3, 0x5, 0x9, 0xec, 0x7f, 0xffffffffffffffff, 0x100000000, 0x9f1a, 0xffffffffffffffff, 0xffffffff, 0x8, 0x0, 0x9, 0x3, 0x9, 0x1, 0x4, 0x3, 0xa, 0x8, 0x8, 0x1, 0x2, 0x4, 0xbf, 0xe70, 0xfffffffffffffff7, 0xb, 0x8000000000000000, 0x6, 0x9, 0x5, 0x639, 0x8000000000000000, 0x4, 0x400, 0x9a06, 0x9, 0xffffffff00000000, 0x3, 0xb3, 0x200080000001, 0x5, 0xd30, 0x7, 0x4, 0x256, 0x6ff, 0x3, 0x7, 0x1ff, 0x6, 0x9, 0x0, 0x1b485fe1, 0x7, 0x7, 0xfffffffffffffff7, 0x9]}) 3m19.451718738s ago: executing program 3 (id=2776): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) syz_emit_ethernet(0x0, 0x0, 0x0) getgid() 3m19.376435504s ago: executing program 1 (id=2777): r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0) ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0) ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000000c0)={'das16m1\x00', [0x4f27, 0x9, 0x1, 0x16, 0x5, 0x5, 0x8, 0x3, 0xa, 0xfd, 0x2, 0x1, 0x1, 0x1, 0x6, 0x101, 0xfffffffe, 0x7f, 0x3, 0x40000003, 0x89, 0xca9f, 0x0, 0x20001e58, 0xb, 0xe66, 0x3, 0x8, 0x4085, 0x0, 0xfffffff8]}) 3m19.335564388s ago: executing program 4 (id=2778): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) listen(r0, 0xd) sendmmsg(r0, &(0x7f00000001c0)=[{{&(0x7f00000000c0)=@l2tp6={0xa, 0x0, 0xe82, @dev={0xfe, 0x80, '\x00', 0x11}, 0xa, 0xffffffff}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000140)="b7a9", 0x2}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=[{0x10, 0x84, 0x8}], 0x10}}], 0x2, 0xc8844) 3m19.169177381s ago: executing program 3 (id=2779): sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x4000) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="7c010000100033060000000000000000fc000000000000000000000000000000ffffffff00000000000000000000000000004000000080040000000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac14143b0000000000000000000000000000000032000000fe80000000000000000000000000001a2703000000000000000000000000000000000000000000000000000000000000ff0f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008f000000000000000000000029bd7000000000000a0004003b000000000000f51b00200000004e2200000000ac1414bb00000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c0004"], 0x17c}}, 0x0) 3m19.129643774s ago: executing program 0 (id=2780): r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$int_in(r0, 0x40000000af01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000240)={0x2, 0x0, [{0x8000000, 0x39, &(0x7f0000000040)=""/57}, {0xf000, 0x0, 0x0}]}) 3m19.012707413s ago: executing program 1 (id=2781): syz_mount_image$udf(&(0x7f0000000c40), &(0x7f0000000c80)='./file1\x00', 0x2818c02, &(0x7f0000002580)=ANY=[], 0x1, 0xc3b, &(0x7f0000001940)="$eJzs3V9oXOl5B+D3myOtJadJZjcb549zMbCBbL3ZRbK8axVvQI4VEYPxmpWVi4WCx5bsDiuNZEku3lCCCwklpC0uuchlDZtAe1VftRCa4lxtSwiI9qb0orjtxmwvCpNA2tKLqJyZb6SR1ra0a1uS189j7N/MOe+Z+c7Yr+ac8TlzAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACI+OrXjg8Np90eBQCwk05Pvj404v0fAJ4oZ+3/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwtRRFfDtSvP29VjrXvt8xcKrRvHJ1anzi7osNpkhRiaJdX/4eGD48cuTlV46OdvP+yz9sn4vXJs8er52Yn1tYnFlampmuTTUbF+anZ7b9CA+6/GaH2i9Abe7NK9MXLy7VDr80smH21eqdfR87UD02enDkjW7t1PjExGRPTV//h37290kP76H4CHkqivh6pHjnxfdSPSIq8eC9sMXPjkdtMPrK/muvxNT4RHtFZhv15nI5M1VyVV9EtWehsW6P7EAvPpCxiGvl31M54EPl6k0u1Bfr52dnamfqi8uN5cZ8M1U6oy3XpxqVGE0RCxHRKnZ78Ow1/VHEkUhx51etdD4iim4fvHB68vWhka0foG8HBnmPp60WESvxGPQs7FH7oog/ixTfPzcUF3Jftdvm3YgvlflqxOUyb6W4nu+n8gfEaMQvvZ/AY60vivh5pJhPrTTd7f32duWpb9RONi/O99R2tysf+/2DnWTbhD1sIIo4397ib6UP/2EXAAAAAAAAAAAAALAzivhxpLg593xaiN5zShvNS7Wz9fOznaOCu8f+1/JSq6urq9XUyVrOoZxjOc+kiL/7RMS5fH8h57Wc13PeyHkz562cKzlv52zljEp+/py1nEM5x3KeyXku50LOazmv57yR82bOWzlXct7O2coZznsCAAAAAAAAAAAAAAAAAADgIRuMIiYixY23f799XeloX5f+k8dGT48/23vN+M9s8Thl7UsR8ePY3jV5+/O1xlOl/PXw1wvY2kAU8a18/b8/3O3BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAe0Ilivh2pPjBr1tpdXV1NcYizpUzxiJuF7s9OgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNJCKOBEp/vNrA+37KxHx+Yj4zWr5K+J/Vzfb7REDAAAAAAAAAAAAAAAAAADAR1Aq4nKk+OE7rVSNiKvVO/s+dqB6bPTgyBtFFJHKkt761ybPHq+dmJ9bWJxZWpqZrk01Gxfmp2e2+3QDpxrNK1enxiceycpsafARj39w4MT8wluLjUu/t3zX+fsHjp9fWl6sX7j77BiMvoih3imH2gOeGp9oD3q2UW+2F02VewywL6K23ZUBAAAAAAAAAAAAAAAAAABgz9ifihiPFM/95Ejqnjfe1znn/+Ode8Va7Y/+YP27AGY3ZVfv9wds53ba7kAPtU+8r02NT0xM9kzu639/aTmmlIr4dKQ4+LefbZ8Pn2L/Xc+NL+v+OFKM/t+RXFc9WNaNbagaODQ1PlE7Pd988fjs7PyF+nL9/OxMbXKhfmHbXxwAAAAAAAAAAAAAAAAAAAAA97E/FfEnkeLIyZXUve58Pv+/r3Ov5/z/VyO6l50fSBtzTfvc/k+0z+3v3P7ksdGTh5+71/RHcf5/OaaUivhNpHj6zz/bvp5+9/z/oU21Zd0PI8XPv/OFXFd5qqwb7q5O5xEvNmZnhsraFyLFd890a6Nd+0qu/dR67XBZ+9NI8czvbqw9mmufXa89XNbeiRQTp+9e++n12pGydjBSfPmPat3a/WXtV3PtgfXaly7Mz05v9+XlyVT2/79Gii8Ofz11/83fs/97vv/j2qZc876ev//th9X/1Z5p13Jfr+b+H96i/y9Hij+9/oVc1+m9w3n+0+0/1/v/u5Hitz++sfblXPvMeu3wdlcLdlPZ//8QKVZu//Pav/nc/7mz1ju0t/8/37cxu9sFu9X/T/dMq+ZxjXzA1wKeNEtvffPN+uzszKIbbrjxpN34r5P3nLXbP5mAR63c/v/vSPGVy0Xq7sfm7f/f6txb3///n2+tb/8f25Rrdmn7/5meacfyXkt/X8TA8txC/2ciBpbe+uaLjbn6pZlLM82RkdGjv3Nk+PDR4f6nujv367e2/drB467s/zcjxY/+6h/XPsfeuP9/98//9m/KNbvU/5/qXacN+zXbfingiVP2/19Ein+58d7a/zfd7/O/7ud8zz+3MQe7RbvU/8/2TKvlP0Z7pt3lvwkBAAAAAAAAAOCxtz8V8ZNI8detv1+75v3G43/ii93a3uP/7mUvXP8fALi/8v1/MlL8bP+XU/c7ZLZz/P/0plzzwY///ae/3M5At3j/P9AzbXqHzmv+QC80AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8CCmK2Bcp3v5eK90uyvsdA6cazStXp8Yn7r7YYIoUlSja9eXvgeHDI0defuXoaDfvv/zD9rl4bfLs8dqJ+bmFxZmlpZnp2lSzcWF+embbj/Cgy292qP0C1ObevDJ98eJS7fBLIxtmX63e2fexA9VjowdH3ujWTo1PTEz21PT1f+hnf5/08B6Kj5CnooifRYp3Xnwv/VsRUYkH74UtfnY8aoPRV/ZfeyWmxifaKzLbqDeXy5mpkqv6Iqo9C411e2QHevGBjEVci4hKOeBD5epNLtQX6+dnZ2pn6ovLjeXGfDNVOqMt16calRhNEQsR0Sp2e/DsNf1RxN9Eiju/aqV/LyKKbh+8cHry9aGRrR+gbwcGeY+nrRYRK/EY9CzsUfuiiGcjxffPDcV/FJ2+arfNuxFfKvPViMtl3kpxPd9P5Q+I0Yhfej+Bx1pfFHEmUsynVnq3yL3f3q489Y3ayebF+Z7a7nblY79/sJNsm7CHDUQRv2hv8bfSL7yfAwAAAAAAAAAAAMAeV8RXIsXNuedT+/zQtXNKG81LtbP187Odw/q7x/7X8lKrq6ur1dTJWs6hnGM5z+T8ac6FnNdyXs95I+fNnLdyruS8nbOVMyr5+XPWcg7lHMt5Jue5nAs5r+W8nvNGzps5b+VcyXk7ZytnOE4aAAAAAAAAAAAAAAAAAIBHpBJFfCdS/ODXrbRadK4vey46edt5rvCR9v8BAAD//5M7Saw=") r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x4842, 0x0) writev(r0, &(0x7f0000000a40)=[{0x0, 0x3c}, {&(0x7f0000000e00)='t', 0x2fd200}, {0x0}, {&(0x7f0000001000)="d6", 0x20c00}], 0x21) 3m18.69059918s ago: executing program 0 (id=2782): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000f40), r0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x34, r1, 0x1, 0x7ffffc, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy0\x00'}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x34}}, 0x0) 3m18.544520901s ago: executing program 4 (id=2783): syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x280008a, &(0x7f0000000240)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00'], 0x97, 0x2ad, &(0x7f0000000a80)="$eJzs3b9rO2UYAPDn0jQJOiSCkwge6OD05dvv6pIiLRQzKRnUQYttQZogtFDwB8ZOri6Ori6C4OY/4eJ/ILgKbhYsnNzlrklqGpPatP74fJa+fe953nve69uWDvf03eeHxwdpHJ1/8lO0WknUutGNiyQ6UYvKZzGj+0UAAP9mF1kWv2Zjq+QlEdFaX1kAwBqt/Pv/u7WXBACs2RtvvvXadq+383qatmJ3+PlZP//LPv84vr59FO/HIA7jcbTjMiK7Mh7vZlk2qqe5Trw0HJ3188zhOz+U62//ElHkb0U7OsXUbP5eb2crHZvKH+V1PFXev5vnP4l2PDvn/nu9nSdz8qPfiJdfnKr/UbTjx/figxjEQVHEOD9qEZ9upemr2Ze/ffx2Xl6en4zO+s0ibiLbuOcvDQAAAAAAAAAAAAAAAAAAAAAA/2GPyt45zSj69+RTZf+djcv8k81IK53Z/jzj/KRa6Fp/oFEWX1X9eR6naZqVgZP8ejxXj/rD7BoAAAAAAAAAAAAAAAAAAAD+WU4//Oh4fzA4PLmTQdUNoHqt/7brdKdmXojFwc3JvWrlcMHKsVHFJBELy8g3sXTNv5dtD2736J65qeZvvl16na//eu/lYHOJmL85qE7X8X4y/xk2o5ppVYfk++mYRix5r8ZNl7KVjl9j7qX2yntvPF0MRgtiIllU2Cs/j59cOZNc30WjeKpz0zfLwVT6bExr+fOcf6f8SXLVrSO52x9CAAAAAAAAAAAAAAAAAABAYfLS75yL5wtTa1lzbWUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwL2a/P//FQajMnmJ4EacnD7wFgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgf+CMAAP//SfdjDw==") r0 = open(&(0x7f00000000c0)='.\x00', 0x8000, 0x50) getdents(r0, &(0x7f0000000100)=""/197, 0xc5) 3m18.150915993s ago: executing program 1 (id=2784): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x2, 0x4, 0x4, 0x1, 0x84}, 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r0}, 0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x6, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018200000", @ANYRES32=r0, @ANYBLOB="0000000000000000610300000000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) 3m18.112069476s ago: executing program 3 (id=2785): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x400448ca, 0x0) bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6) 3m17.902254273s ago: executing program 4 (id=2786): r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000180)=0x1, 0x23) connect$inet6(r0, &(0x7f0000000440)={0xa, 0xfffe, 0x380000, @empty, 0x401}, 0x1c) 3m17.731836936s ago: executing program 1 (id=2787): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0) ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x201, 0xa, 0x1}) ioctl$VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000200)=@multiplanar_mmap={0x9, 0xa, 0x4, 0x2, 0xfc, {0x77359400}, {0x1, 0x8, 0x8, 0x6a, 0x2, 0x4, "00200004"}, 0x8, 0x1, {&(0x7f00000000c0)=[{0x400, 0x6, {0x4}, 0x1000}, {0xffffffff, 0x39, {0x4}, 0x80fff}]}, 0x7}) 3m17.674469281s ago: executing program 3 (id=2788): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002e00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x0, 0x10, 0x6, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000580), 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 3m0.550919259s ago: executing program 0 (id=2789): syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f00000005c0)={[{@barrier_val={'barrier', 0x3d, 0x101}}, {@errors_remount}]}, 0x3, 0x445, &(0x7f0000000b00)="$eJzs28+PE1UcAPDvTLeLCLgr4g9+qKto3PhjlwVUDh7UaOIBExM96HGzuxCksIZdEyFEwRg8GWPi3Xj0X/CkF2M8mXjVuyEhhgvgqWbaGbYtbdktLUX6+SQD78282fe+nXnte/PaAEbWVPZPErE1Iv6MiIl6trnAVP2/q5fPLly7fHYhiWr13X+SWrkrl88uFEWL87bkmek0Iv0iid1t6l05feb4fKWydCrPz66e+Gh25fSZF46dmD+6dHTp5P5Dhw4emHv5pf0v9iXOrE1Xdn26vGfnWx988/bhr5rib4mjT6a6HXy6Wu1zdcO1rSGdjA2xIWxIKSKyy1Wu9f+JKMXaxZuINz8fauOAgapWq9UtnQ+fqwJ3sSSa87o8jIrigz6b/xZb6yDg1cENP4bu0mv1CVAW99V8qx8ZizQvU26Z3/bTVES8f+7f77ItBvMcAgCgyU/Z+Of5duO/NB5qKHdfvjY0GRH3R8T2iHggInZExIMRtbIPR8QjG6y/dZHkxvFPerGnwNYpG/+9kq9tNY//itFfTJby3LZa/OXkyLHK0r78NZmO8qYsP9eljp/f+OPrTscax3/ZltVfjAXzdlwc29R8zuL86vytxNzo0vmIXWPt4k+urwQkEbEzInb1WMexZ3/Y0+nYzePvog/rTNXvI56pX/9z0RJ/Iem+Pjl7T1SW9s0Wd8WNfvv9wjud6r+l+Psgu/73tr3/r8c/mTSu165svI4Lf33ZcU7T6/0/nrxXS4/n+z6ZX109NRcxnhyuN7px//61c4t8UT6Lf3pv+/6/PdZeid0Rkd3Ej0bEYxHxeN72JyLiyYjY2yX+X19/6sPe4x+sLP7FDV3/tcR4tO5pnygd/+XHpkonb4j/Wvfrf7CWms73rOf9bz3t6u1uBgAAgP+fNCK2RpLOXE+n6cxM/fvyOyLSyvLK6nNHlj8+uVj/jcBklNPiSddEw/PQuXxaX8+fj4j6VwuK4wfy58bfljbX8jMLy5XFYQcPI25Lh/6f+bs07NYBA+f3WjC69H8YXfo/jC79H0ZXm/6/eRjtAG6/dp//nw2hHcDt19L/LfvBCDH/h9Gl/8Po0v9hJK1sjpv/SL5rovhLPZ5+1yaifEc0Y2CJSO+IZkgMKDHc9yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB++S8AAP///fHg0g==") r0 = open(&(0x7f0000000480)='.\x00', 0x0, 0x0) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000240)={0x0, 0x2904c, 0x0, 0x10003, '\x00', [{0x0, 0x0, 0x0, 0x0, 0x0, 0xf001}, {0xffffffff}]}) 2m44.675643097s ago: executing program 33 (id=2787): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0) ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x201, 0xa, 0x1}) ioctl$VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000200)=@multiplanar_mmap={0x9, 0xa, 0x4, 0x2, 0xfc, {0x77359400}, {0x1, 0x8, 0x8, 0x6a, 0x2, 0x4, "00200004"}, 0x8, 0x1, {&(0x7f00000000c0)=[{0x400, 0x6, {0x4}, 0x1000}, {0xffffffff, 0x39, {0x4}, 0x80fff}]}, 0x7}) 0s ago: executing program 34 (id=2786): r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000180)=0x1, 0x23) connect$inet6(r0, &(0x7f0000000440)={0xa, 0xfffe, 0x380000, @empty, 0x401}, 0x1c) kernel console output (not intermixed with test programs): 7.128460][ T5844] usb 4-1: new full-speed USB device number 9 using dummy_hcd [ 137.129852][ T8] usb 3-1: config 0 has an invalid interface number: 199 but max is 1 [ 137.150925][ T8] usb 3-1: config 0 has no interface number 1 [ 137.157367][ T8] usb 3-1: config 0 interface 199 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 137.216352][ T8] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 137.230600][ T8] usb 3-1: New USB device found, idVendor=0002, idProduct=0000, bcdDevice= 0.00 [ 137.243444][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 137.261286][ T8] usb 3-1: SerialNumber: syz [ 137.276787][ T8] usb 3-1: config 0 descriptor?? [ 137.299494][ T8] usb 3-1: Found UVC 0.00 device (0002:0000) [ 137.313064][ T8] usb 3-1: No valid video chain found. [ 137.340270][ T5844] usb 4-1: config 0 has an invalid interface number: 120 but max is 0 [ 137.358592][ T5844] usb 4-1: config 0 has no interface number 0 [ 137.364855][ T5844] usb 4-1: config 0 interface 120 altsetting 0 endpoint 0x8A has invalid maxpacket 12349, setting to 64 [ 137.412824][ T5844] usb 4-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58 [ 137.424091][ T5844] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 137.443595][ T5844] usb 4-1: config 0 descriptor?? [ 137.452541][ T8258] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 137.484146][ T5844] input: USB Touchscreen 16e3:f9e9 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.120/input/input7 [ 137.512022][ T8288] netlink: 160 bytes leftover after parsing attributes in process `syz.0.1136'. [ 137.549186][ C1] usbtouchscreen 4-1:0.120: usbtouch_irq - usb_submit_urb failed with result: -1 [ 137.594789][ T5843] usb 3-1: USB disconnect, device number 5 [ 137.719375][ T8292] loop0: detected capacity change from 0 to 1024 [ 137.794515][ T8] usb 4-1: USB disconnect, device number 9 [ 137.894807][ T8297] loop0: detected capacity change from 0 to 1024 [ 138.025851][ T11] hfsplus: b-tree write err: -5, ino 4 [ 138.291951][ T8310] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.429265][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 138.443495][ T8314] xt_CT: You must specify a L4 protocol and not use inversions on it [ 138.603563][ T8318] loop2: detected capacity change from 0 to 512 [ 138.649613][ T8318] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 138.743571][ T8318] EXT4-fs (loop2): 1 truncate cleaned up [ 138.802073][ T8318] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 138.913772][ T8318] EXT4-fs error (device loop2): ext4_get_parent:1910: comm syz.2.1152: inode #2: comm syz.2.1152: iget: illegal inode # [ 139.069349][ T8335] netlink: 200 bytes leftover after parsing attributes in process `syz.3.1158'. [ 139.158738][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 139.587579][ T8357] loop0: detected capacity change from 0 to 256 [ 139.637743][ T8357] FAT-fs (loop0): Directory bread(block 64) failed [ 139.653611][ T8357] FAT-fs (loop0): Directory bread(block 65) failed [ 139.672962][ T8357] FAT-fs (loop0): Directory bread(block 66) failed [ 139.698280][ T8357] FAT-fs (loop0): Directory bread(block 67) failed [ 139.705151][ T8357] FAT-fs (loop0): Directory bread(block 68) failed [ 139.730050][ T8357] FAT-fs (loop0): Directory bread(block 69) failed [ 139.736733][ T8357] FAT-fs (loop0): Directory bread(block 70) failed [ 139.782221][ T8357] FAT-fs (loop0): Directory bread(block 71) failed [ 139.797010][ T8357] FAT-fs (loop0): Directory bread(block 72) failed [ 139.813409][ T8357] FAT-fs (loop0): Directory bread(block 73) failed [ 140.440655][ T8385] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1183'. [ 140.450036][ T8385] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1183'. [ 140.475506][ T8384] loop0: detected capacity change from 0 to 512 [ 140.541181][ T8384] EXT4-fs (loop0): Test dummy encryption mode enabled [ 140.548095][ T8384] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 140.594464][ T8384] EXT4-fs (loop0): 1 truncate cleaned up [ 140.633254][ T8384] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 140.765943][ T8396] geneve2: entered promiscuous mode [ 140.814391][ T8396] geneve2: entered allmulticast mode [ 140.904236][ T5781] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.064193][ T8407] program syz.3.1193 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 141.558923][ T8429] trusted_key: encrypted_key: master key parameter 'trusted:' is invalid [ 141.895003][ T8445] xt_TPROXY: Can be used only with -p tcp or -p udp [ 142.275173][ T8463] netlink: 'syz.2.1220': attribute type 1 has an invalid length. [ 142.286340][ T8463] netlink: 236 bytes leftover after parsing attributes in process `syz.2.1220'. [ 142.435162][ T8469] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 142.442418][ T8469] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 142.845900][ T8486] loop2: detected capacity change from 0 to 2048 [ 142.884673][ T8486] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 142.933364][ T8486] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 142.991088][ T8486] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 143.188625][ T8499] loop3: detected capacity change from 0 to 512 [ 143.213193][ T8499] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 143.303656][ T8499] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 143.360517][ T8499] ext4 filesystem being mounted at /281/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 143.431823][ T8513] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1245'. [ 143.440539][ T8499] EXT4-fs error (device loop3): ext4_xattr_block_get:596: inode #15: comm syz.3.1239: corrupted xattr block 32: bad e_name length [ 143.448582][ T8513] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1245'. [ 143.567220][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.795771][ T8526] geneve2: entered promiscuous mode [ 143.818270][ T8526] geneve2: entered allmulticast mode [ 143.828414][ T8527] [U]  [ 143.984500][ T8536] netlink: 1572 bytes leftover after parsing attributes in process `syz.0.1255'. [ 144.138300][ T1192] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 144.343354][ T8550] cgroup: Name too long [ 144.348475][ T1192] usb 3-1: Using ep0 maxpacket: 16 [ 144.356209][ T1192] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 144.378330][ T1192] usb 3-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 144.398424][ T1192] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 144.460213][ T1192] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 144.481112][ T1192] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 144.502291][ T1192] usb 3-1: SerialNumber: syz [ 144.533285][ T1192] cdc_acm 3-1:1.0: skipping garbage [ 144.578673][ T8558] loop0: detected capacity change from 0 to 512 [ 144.634571][ T8558] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 144.677440][ T8558] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 144.757691][ T8558] ext4 filesystem being mounted at /315/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 144.816204][ T1192] usb 3-1: USB disconnect, device number 6 [ 144.944325][ T5781] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 145.253967][ T8586] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1280'. [ 145.273627][ T8586] netlink: 'syz.3.1280': attribute type 2 has an invalid length. [ 145.288639][ T8586] netlink: 'syz.3.1280': attribute type 1 has an invalid length. [ 145.540477][ T8596] bond1: entered allmulticast mode [ 145.577282][ T8601] netlink: 92 bytes leftover after parsing attributes in process `syz.1.1287'. [ 145.587055][ T8601] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1287'. [ 145.718302][ T5861] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 145.802805][ T8607] ieee802154 phy0 wpan0: encryption failed: -90 [ 145.908547][ T5861] usb 3-1: Using ep0 maxpacket: 16 [ 145.927488][ T5861] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00 [ 145.957165][ T5861] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 145.986085][ T5861] usb 3-1: Product: syz [ 145.998939][ T5861] usb 3-1: Manufacturer: syz [ 146.004135][ T5861] usb 3-1: SerialNumber: syz [ 146.033436][ T8617] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1294'. [ 146.034567][ T5861] usb 3-1: config 0 descriptor?? [ 146.075067][ T8617] 0X: renamed from caif0 [ 146.080033][ T5861] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected [ 146.081072][ T5861] usb 3-1: Detected FT232H [ 146.113296][ T8617] 0X: entered allmulticast mode [ 146.122975][ T8617] A link change request failed with some changes committed already. Interface 60X may have been left with an inconsistent configuration, please check. [ 146.148933][ T8621] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1296'. [ 146.158637][ T8621] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1296'. [ 146.291242][ T5861] ftdi_sio ttyUSB0: Unable to read latency timer: -71 [ 146.324164][ T5861] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 146.334575][ T5861] ftdi_sio 3-1:0.0: GPIO initialisation failed: -71 [ 146.368533][ T8629] loop1: detected capacity change from 0 to 256 [ 146.375597][ T5861] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 146.414446][ T5861] usb 3-1: USB disconnect, device number 7 [ 146.432297][ T8631] loop0: detected capacity change from 0 to 128 [ 146.456543][ T5861] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 146.490323][ T5861] ftdi_sio 3-1:0.0: device disconnected [ 146.502556][ T8631] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 146.547861][ T8629] FAT-fs (loop1): Directory bread(block 64) failed [ 146.554819][ T8629] FAT-fs (loop1): Directory bread(block 65) failed [ 146.561846][ T8629] FAT-fs (loop1): Directory bread(block 66) failed [ 146.568683][ T8629] FAT-fs (loop1): Directory bread(block 67) failed [ 146.575555][ T8629] FAT-fs (loop1): Directory bread(block 68) failed [ 146.583237][ T8629] FAT-fs (loop1): Directory bread(block 69) failed [ 146.590057][ T8629] FAT-fs (loop1): Directory bread(block 70) failed [ 146.596774][ T8629] FAT-fs (loop1): Directory bread(block 71) failed [ 146.598980][ T8631] ext4 filesystem being mounted at /324/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 146.603692][ T8629] FAT-fs (loop1): Directory bread(block 72) failed [ 146.620886][ T8629] FAT-fs (loop1): Directory bread(block 73) failed [ 146.708506][ T8631] EXT4-fs warning (device loop0): verify_group_input:151: Cannot add at group 16387 (only 1 groups) [ 146.791279][ T5781] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 146.927729][ T8637] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1302'. [ 147.437608][ T8627] loop3: detected capacity change from 0 to 32768 [ 147.484004][ T8627] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 147.494412][ T8627] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 147.572412][ T8627] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 2ms [ 147.603840][ T42] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 147.612842][ T5844] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 147.621429][ T42] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 147.728976][ T42] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 107ms [ 147.749655][ T42] gfs2: fsid=syz:syz.0: jid=0: Done [ 147.756648][ T8627] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 147.814467][ T5844] usb 2-1: config 0 has an invalid interface number: 50 but max is 0 [ 147.823766][ T5844] usb 2-1: config 0 has no interface number 0 [ 147.830689][ T5844] usb 2-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 147.848064][ T5844] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc [ 147.858025][ T5844] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 147.878432][ T5844] usb 2-1: Product: syz [ 147.882667][ T5844] usb 2-1: Manufacturer: syz [ 147.906161][ T5844] usb 2-1: SerialNumber: syz [ 147.917171][ T5844] usb 2-1: config 0 descriptor?? [ 147.952805][ T5844] yurex 2-1:0.50: USB YUREX device now attached to Yurex #0 [ 148.304322][ C1] yurex 2-1:0.50: yurex_interrupt - overflow with length 8, actual length is 8 [ 148.511465][ T42] usb 2-1: USB disconnect, device number 5 [ 148.539684][ T42] yurex 2-1:0.50: USB YUREX #0 now disconnected [ 148.680338][ T8690] netlink: 'syz.0.1330': attribute type 10 has an invalid length. [ 148.704475][ T8690] macvlan1: entered allmulticast mode [ 148.710943][ T8690] veth1_vlan: entered allmulticast mode [ 148.716886][ T8690] team0: Device macvlan1 is up. Set it down before adding it as a team port [ 148.905541][ T8698] loop2: detected capacity change from 0 to 1024 [ 148.944735][ T8698] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 148.953393][ T8701] netlink: 'syz.3.1335': attribute type 5 has an invalid length. [ 148.977266][ T8701] : entered promiscuous mode [ 149.209195][ T8706] x_tables: duplicate underflow at hook 3 [ 149.603263][ T8726] xt_CT: You must specify a L4 protocol and not use inversions on it [ 149.934502][ T8737] loop3: detected capacity change from 0 to 4096 [ 149.981874][ T8737] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 150.027042][ T8737] ntfs3: loop3: Failed to initialize $Secure (-22). [ 150.098238][ T8] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 150.291801][ T8] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 150.318501][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 150.351955][ T8] usb 2-1: Product: syz [ 150.356176][ T8] usb 2-1: Manufacturer: syz [ 150.376777][ T8] usb 2-1: SerialNumber: syz [ 150.417497][ T8] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 150.466736][ T5843] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 150.795375][ T8770] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1370'. [ 150.825522][ T8770] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1370'. [ 150.835309][ T8770] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1370'. [ 150.989738][ T8] usb 2-1: USB disconnect, device number 6 [ 151.145286][ T8784] loop0: detected capacity change from 0 to 256 [ 151.416153][ T8793] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app [ 151.443925][ T8794] loop3: detected capacity change from 0 to 2048 [ 151.455915][ T8794] EXT4-fs: Ignoring removed mblk_io_submit option [ 151.477363][ T8794] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 151.528829][ T5843] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 151.537168][ T5843] ath9k_htc: Failed to initialize the device [ 151.549090][ T8] usb 2-1: ath9k_htc: USB layer deinitialized [ 151.567822][ T8794] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.1382: bg 0: block 234: padding at end of block bitmap is not set [ 151.631702][ T8794] EXT4-fs (loop3): Remounting filesystem read-only [ 151.642015][ T8794] EXT4-fs warning (device loop3): ext4_xattr_inode_lookup_create:1614: inode #18: comm syz.3.1382: cleanup dec ref error -28 [ 151.682535][ T8803] loop2: detected capacity change from 0 to 256 [ 151.761155][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 151.789989][ T8803] FAT-fs (loop2): Directory bread(block 64) failed [ 151.821777][ T8803] FAT-fs (loop2): Directory bread(block 65) failed [ 151.829532][ T8803] FAT-fs (loop2): Directory bread(block 66) failed [ 151.836095][ T8803] FAT-fs (loop2): Directory bread(block 67) failed [ 151.878377][ T8803] FAT-fs (loop2): Directory bread(block 68) failed [ 151.885074][ T8803] FAT-fs (loop2): Directory bread(block 69) failed [ 151.908397][ T8803] FAT-fs (loop2): Directory bread(block 70) failed [ 151.938475][ T8803] FAT-fs (loop2): Directory bread(block 71) failed [ 151.945235][ T8803] FAT-fs (loop2): Directory bread(block 72) failed [ 151.966708][ T8803] FAT-fs (loop2): Directory bread(block 73) failed [ 152.125643][ T8819] autofs4:pid:8819:validate_dev_ioctl: path string terminator missing for cmd(0xc018937e) [ 152.884154][ T27] audit: type=1326 audit(1755786270.699:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8849 comm="syz.0.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2eb38ebe9 code=0x7ffc0000 [ 152.937609][ T27] audit: type=1326 audit(1755786270.699:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8849 comm="syz.0.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2eb38ebe9 code=0x7ffc0000 [ 152.992125][ T8854] (unnamed net_device) (uninitialized): option downdelay: invalid value (18446744073709551609) [ 153.004527][ T27] audit: type=1326 audit(1755786270.739:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8849 comm="syz.0.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=193 compat=0 ip=0x7ff2eb38ebe9 code=0x7ffc0000 [ 153.052694][ T8854] (unnamed net_device) (uninitialized): option downdelay: allowed values 0 - 2147483647 [ 153.085054][ T27] audit: type=1326 audit(1755786270.739:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8849 comm="syz.0.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2eb38ebe9 code=0x7ffc0000 [ 153.167745][ T27] audit: type=1326 audit(1755786270.739:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8849 comm="syz.0.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2eb38ebe9 code=0x7ffc0000 [ 153.218721][ T8862] capability: warning: `syz.3.1413' uses 32-bit capabilities (legacy support in use) [ 153.437019][ T8872] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1418'. [ 153.484263][ T8867] loop2: detected capacity change from 0 to 8192 [ 153.536661][ T8867] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 153.563325][ T8867] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 153.572892][ T8867] REISERFS (device loop2): using ordered data mode [ 153.581563][ T8867] reiserfs: using flush barriers [ 153.618304][ T8867] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 153.708975][ T8867] REISERFS (device loop2): checking transaction log (loop2) [ 153.755338][ T8867] REISERFS (device loop2): Using r5 hash to sort names [ 153.797232][ T8868] loop0: detected capacity change from 0 to 32768 [ 153.818017][ T8868] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.1416 (8868) [ 153.835697][ T8867] reiserfs: enabling write barrier flush mode [ 153.844571][ T8877] loop3: detected capacity change from 0 to 4096 [ 153.856790][ T8879] devtmpfs: Cannot enable quota on remount [ 153.876853][ T8867] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 153.879797][ T8877] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 153.951005][ T8868] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 153.981821][ T8868] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 154.029581][ T8868] BTRFS info (device loop0): setting nodatacow, compression disabled [ 154.063071][ T8868] BTRFS info (device loop0): setting datasum, datacow enabled [ 154.084494][ T8868] BTRFS info (device loop0): enabling ssd optimizations [ 154.085030][ T8877] ntfs3: loop3: failed to convert "c46c" to cp857 [ 154.095037][ T8868] BTRFS info (device loop0): turning off barriers [ 154.116048][ T8868] BTRFS info (device loop0): turning on barriers [ 154.127237][ T8868] BTRFS info (device loop0): doing ref verification [ 154.147097][ T8868] BTRFS info (device loop0): force clearing of disk cache [ 154.205910][ T8868] BTRFS info (device loop0): turning on async discard [ 154.229175][ T8868] BTRFS info (device loop0): disabling tree log [ 154.236190][ T8868] BTRFS info (device loop0): using free space tree [ 154.664404][ T5781] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 154.783910][ T5917] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by udevd (5917) [ 155.458443][ T8942] netlink: 256 bytes leftover after parsing attributes in process `syz.3.1443'. [ 155.873301][ T8954] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1449'. [ 156.141231][ T8940] loop1: detected capacity change from 0 to 32768 [ 156.195289][ T8964] kAFS: unparsable volume name [ 156.295644][ T8948] loop3: detected capacity change from 0 to 32768 [ 156.301141][ T8940] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 156.309230][ T8948] XFS: noikeep mount option is deprecated. [ 156.389918][ T8948] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 156.536618][ T8940] XFS (loop1): Ending clean mount [ 156.597503][ T8940] XFS (loop1): Quotacheck needed: Please wait. [ 156.620641][ T8948] XFS (loop3): Ending clean mount [ 156.666881][ T8986] netlink: 248 bytes leftover after parsing attributes in process `syz.0.1457'. [ 156.693185][ T8948] XFS (loop3): Quotacheck needed: Please wait. [ 156.745476][ T8940] XFS (loop1): Quotacheck: Done. [ 156.803811][ T8948] XFS (loop3): Quotacheck: Done. [ 156.989033][ T5788] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 157.000008][ T5787] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 157.339231][ T9000] binder: 8999:9000 ioctl c018620c 200000000100 returned -22 [ 157.358333][ T5861] usb 1-1: new full-speed USB device number 9 using dummy_hcd [ 157.571760][ T5861] usb 1-1: config 1 has too many interfaces: 235, using maximum allowed: 32 [ 157.588291][ T5861] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 157.616890][ T5861] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 235 [ 157.642429][ T5861] usb 1-1: config 1 has no interface number 0 [ 157.650677][ T5861] usb 1-1: config 1 has no interface number 1 [ 157.656932][ T5861] usb 1-1: config 1 interface 105 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 157.688249][ T5861] usb 1-1: config 1 interface 105 has no altsetting 0 [ 157.698394][ T5861] usb 1-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 157.715254][ T5861] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 157.716192][ T9007] loop2: detected capacity change from 0 to 32768 [ 157.732036][ T5861] usb 1-1: Product: syz [ 157.736273][ T5861] usb 1-1: Manufacturer: syz [ 157.775798][ T5861] usb 1-1: SerialNumber: syz [ 157.781691][ T9009] loop1: detected capacity change from 0 to 8192 [ 157.792517][ T9007] (syz.2.1468,9007,1):ocfs2_find_slot:468 ERROR: no free slots available! [ 157.812228][ T9009] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 157.833375][ T9007] (syz.2.1468,9007,1):ocfs2_mount_volume:1809 ERROR: status = -22 [ 157.856711][ T9009] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 157.866355][ T9009] REISERFS (device loop1): using ordered data mode [ 157.880468][ T9009] reiserfs: using flush barriers [ 157.891706][ T9007] (syz.2.1468,9007,1):ocfs2_fill_super:1178 ERROR: status = -22 [ 157.903150][ T9009] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 157.929592][ T9009] REISERFS (device loop1): checking transaction log (loop1) [ 157.958391][ T9009] REISERFS (device loop1): Using r5 hash to sort names [ 157.976044][ T9007] NILFS (loop2): couldn't find nilfs on the device [ 158.037582][ T9009] reiserfs: enabling write barrier flush mode [ 158.051007][ T5861] aqc111: probe of 1-1:1.105 failed with error -22 [ 158.074921][ T9009] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 158.287294][ T42] usb 1-1: USB disconnect, device number 9 [ 158.581618][ T27] audit: type=1400 audit(1755786276.399:25): apparmor="DENIED" operation="setprocattr" info="fscreate" error=-22 profile="unconfined" pid=9017 comm="syz.3.1463" [ 158.939764][ T9032] loop0: detected capacity change from 0 to 8 [ 158.967355][ T9032] squashfs: Unknown parameter '00000000000000000000' [ 159.060180][ T9036] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1480'. [ 159.227043][ T9043] loop1: detected capacity change from 0 to 512 [ 159.308612][ T5861] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 159.508460][ T5861] usb 4-1: Using ep0 maxpacket: 16 [ 159.517167][ T27] audit: type=1326 audit(1755786277.329:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9053 comm="syz.2.1490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe4f38ebe9 code=0x7ffc0000 [ 159.527363][ T5861] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 159.570130][ T5861] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 159.608286][ T5861] usb 4-1: Product: syz [ 159.618377][ T27] audit: type=1326 audit(1755786277.359:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9053 comm="syz.2.1490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe4f38ebe9 code=0x7ffc0000 [ 159.668210][ T5861] usb 4-1: Manufacturer: syz [ 159.690906][ T5861] usb 4-1: SerialNumber: syz [ 159.702525][ T5861] r8152-cfgselector 4-1: config 0 descriptor?? [ 159.721018][ T27] audit: type=1326 audit(1755786277.359:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9053 comm="syz.2.1490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7efe4f38ebe9 code=0x7ffc0000 [ 159.805321][ T27] audit: type=1326 audit(1755786277.359:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9053 comm="syz.2.1490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe4f38ebe9 code=0x7ffc0000 [ 159.840690][ T27] audit: type=1326 audit(1755786277.359:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9053 comm="syz.2.1490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe4f38ebe9 code=0x7ffc0000 [ 160.066828][ T9070] syz.0.1497 uses obsolete (PF_INET,SOCK_PACKET) [ 160.187728][ T5861] r8152-cfgselector 4-1: Unknown version 0x0000 [ 160.196997][ T5861] r8152-cfgselector 4-1: USB disconnect, device number 10 [ 160.647416][ T9095] loop2: detected capacity change from 0 to 64 [ 161.231697][ T9121] virtiofs: Unknown parameter 'always' [ 161.726760][ T9139] loop1: detected capacity change from 0 to 1024 [ 161.889462][ T1082] hfsplus: b-tree write err: -5, ino 4 [ 162.119051][ T5843] usb 4-1: new full-speed USB device number 11 using dummy_hcd [ 162.137421][ T9161] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1543'. [ 162.371593][ T5843] usb 4-1: config 1 has too many interfaces: 235, using maximum allowed: 32 [ 162.383838][ T5843] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 162.404910][ T5843] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 235 [ 162.416868][ T5843] usb 4-1: config 1 has no interface number 0 [ 162.427734][ T5843] usb 4-1: config 1 has no interface number 1 [ 162.434439][ T5843] usb 4-1: config 1 interface 105 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 162.454097][ T5843] usb 4-1: config 1 interface 105 has no altsetting 0 [ 162.489497][ T5843] usb 4-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 162.508170][ T5843] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 162.543201][ T5843] usb 4-1: Product: syz [ 162.547454][ T5843] usb 4-1: Manufacturer: syz [ 162.568350][ T5843] usb 4-1: SerialNumber: syz [ 162.700074][ T9177] comedi comedi0: Minor 14 could not be opened [ 162.733621][ T9163] loop0: detected capacity change from 0 to 32768 [ 162.749182][ T9163] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz.0.1544 (9163) [ 162.801908][ T5843] aqc111: probe of 4-1:1.105 failed with error -22 [ 162.814745][ T9163] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 162.848811][ T9163] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm [ 162.848851][ T9163] BTRFS info (device loop0): force zlib compression, level 3 [ 162.848871][ T9163] BTRFS info (device loop0): force clearing of disk cache [ 162.848886][ T9163] BTRFS info (device loop0): setting nodatasum [ 162.848897][ T9163] BTRFS info (device loop0): use zlib compression, level 3 [ 162.848915][ T9163] BTRFS info (device loop0): allowing degraded mounts [ 162.848931][ T9163] BTRFS info (device loop0): enabling disk space caching [ 162.848945][ T9163] BTRFS info (device loop0): disk space caching is enabled [ 162.966787][ T9163] BTRFS info (device loop0): enabling ssd optimizations [ 162.966811][ T9163] BTRFS info (device loop0): auto enabling async discard [ 162.967909][ T9163] BTRFS info (device loop0): rebuilding free space tree [ 163.055023][ T5843] usb 4-1: USB disconnect, device number 11 [ 163.067697][ T9163] BTRFS info (device loop0): disabling free space tree [ 163.076558][ T9163] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 163.097414][ T9163] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 163.188286][ T42] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 163.225434][ T9163] BTRFS error (device loop0): balance: invalid convert data profile single [ 163.275246][ T5781] BTRFS info (device loop0): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 163.426256][ T42] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 163.468420][ T42] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 163.487451][ T42] usb 2-1: config 0 descriptor?? [ 163.935908][ T42] ath6kl: Failed to submit usb control message: -71 [ 163.948666][ T42] ath6kl: unable to send the bmi data to the device: -71 [ 163.961063][ T42] ath6kl: Unable to send get target info: -71 [ 163.980687][ T42] ath6kl: Failed to init ath6kl core: -71 [ 163.987757][ T42] ath6kl_usb: probe of 2-1:0.0 failed with error -71 [ 164.005910][ T42] usb 2-1: USB disconnect, device number 7 [ 164.038239][ T5844] usb 1-1: new full-speed USB device number 10 using dummy_hcd [ 164.061530][ T9226] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0) [ 164.157122][ T9230] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1569'. [ 164.166748][ T9230] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1569'. [ 164.242678][ T5844] usb 1-1: New USB device found, idVendor=055f, idProduct=c420, bcdDevice=6a.33 [ 164.252497][ T5844] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 164.264150][ T5844] usb 1-1: config 0 descriptor?? [ 164.285110][ T5844] gspca_main: sunplus-2.14.0 probing 055f:c420 [ 164.321838][ T9234] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1571'. [ 164.332422][ T9234] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 164.498615][ T1192] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 164.741490][ T5844] gspca_sunplus: reg_w_riv err -71 [ 164.746746][ T5844] sunplus: probe of 1-1:0.0 failed with error -71 [ 164.760617][ T1192] usb 4-1: Using ep0 maxpacket: 16 [ 164.777306][ T1192] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 164.798437][ T1192] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 164.823689][ T5844] usb 1-1: USB disconnect, device number 10 [ 164.846426][ T1192] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 164.865784][ T1192] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 164.888971][ T1192] usb 4-1: Product: syz [ 164.893201][ T1192] usb 4-1: Manufacturer: syz [ 164.897931][ T1192] usb 4-1: SerialNumber: syz [ 164.942225][ T9255] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1581'. [ 165.340204][ T1192] usb 4-1: cannot find UAC_HEADER [ 165.391117][ T1192] snd-usb-audio: probe of 4-1:1.0 failed with error -22 [ 165.433727][ T1192] usb 4-1: USB disconnect, device number 12 [ 165.506645][ T5917] udevd[5917]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 165.639945][ T9279] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1593'. [ 165.920762][ T9292] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1600'. [ 166.462807][ T9317] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1612'. [ 166.480178][ T9318] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1611'. [ 166.628986][ T5844] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 166.667318][ T9326] loop0: detected capacity change from 0 to 1764 [ 166.848891][ T5844] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 166.877807][ T5844] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 166.893766][ T5844] usb 2-1: Product: syz [ 166.898003][ T5844] usb 2-1: Manufacturer: syz [ 166.915048][ T5844] usb 2-1: SerialNumber: syz [ 166.941915][ T5844] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 166.981747][ T1192] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 167.218543][ T5844] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 167.413925][ T9350] loop0: detected capacity change from 0 to 4096 [ 167.433027][ T5844] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 167.452201][ T9350] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 167.603375][ T9350] ntfs3: loop0: failed to convert "c46c" to cp864 [ 167.618526][ T786] usb 2-1: USB disconnect, device number 8 [ 167.636699][ T5844] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 167.654474][ T5844] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 167.674137][ T5844] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 167.683572][ T5844] usb 3-1: SerialNumber: syz [ 167.749620][ T9355] x_tables: ip6_tables: CLASSIFY target: used from hooks PREROUTING, but only usable from FORWARD/OUTPUT/POSTROUTING [ 167.857042][ T9357] xt_connbytes: Forcing CT accounting to be enabled [ 167.922815][ T5844] usb 3-1: 0:2 : does not exist [ 167.927866][ T5844] usb 3-1: unit 5 not found! [ 167.963949][ T5844] usb 3-1: USB disconnect, device number 8 [ 167.995239][ T9362] loop0: detected capacity change from 0 to 128 [ 168.001667][ T5917] udevd[5917]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 168.044131][ T9362] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 168.066409][ T9362] ext4 filesystem being mounted at /413/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 168.082093][ T1192] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 168.099947][ T1192] ath9k_htc: Failed to initialize the device [ 168.107530][ T786] usb 2-1: ath9k_htc: USB layer deinitialized [ 168.136768][ T5781] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 168.148232][ T8] usb 4-1: new low-speed USB device number 13 using dummy_hcd [ 168.221800][ T9367] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1634'. [ 168.340129][ T8] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 168.355759][ T8] usb 4-1: config 0 has no interface number 0 [ 168.366717][ T8] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 168.391084][ T8] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 168.401727][ T8] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 168.422880][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 168.478564][ T9373] loop0: detected capacity change from 0 to 4096 [ 168.478785][ T8] usb 4-1: config 0 descriptor?? [ 168.520797][ T9373] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 168.523039][ T8] iowarrior 4-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 168.819169][ T9360] iowarrior 4-1:0.1: Error -90 while submitting URB [ 168.850378][ T5861] usb 4-1: USB disconnect, device number 13 [ 168.911922][ T8] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 169.116633][ T8] usb 3-1: Using ep0 maxpacket: 8 [ 169.135201][ T8] usb 3-1: config 179 has an invalid interface number: 65 but max is 0 [ 169.149633][ T8] usb 3-1: config 179 has no interface number 0 [ 169.166485][ T8] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 169.178933][ T8] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 169.192140][ T8] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 52, changing to 9 [ 169.204270][ T8] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 8241, setting to 1024 [ 169.216666][ T8] usb 3-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 169.235633][ T8] usb 3-1: config 179 interface 65 has no altsetting 0 [ 169.245309][ T9398] loop1: detected capacity change from 0 to 1024 [ 169.247368][ T8] usb 3-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 169.298353][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 169.330452][ T41] hfsplus: b-tree write err: -5, ino 4 [ 169.348392][ T8] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input9 [ 169.428809][ T5144] input input9: unable to receive magic message: -110 [ 169.550207][ T5144] input input9: unable to receive magic message: -32 [ 169.623080][ T5144] input input9: unable to receive magic message: -32 [ 169.694890][ T5144] input input9: unable to receive magic message: -32 [ 169.697969][ T9409] loop1: detected capacity change from 0 to 2048 [ 169.714456][ T5144] input input9: unable to receive magic message: -32 [ 169.733815][ T5144] input input9: unable to receive magic message: -32 [ 169.889046][ T5861] usb 3-1: USB disconnect, device number 9 [ 169.895028][ C0] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 169.933165][ T5861] xpad 3-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 170.260331][ T9424] loop3: detected capacity change from 0 to 8192 [ 170.287453][ T9424] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 170.441760][ T9429] ./file0: Can't lookup blockdev [ 170.673733][ T9436] tmpfs: Bad value for 'mpol' [ 170.708672][ T9425] loop1: detected capacity change from 0 to 32768 [ 170.745354][ T9425] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 scanned by syz.1.1660 (9425) [ 170.803720][ T9425] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 170.836716][ T9425] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 170.868265][ T9425] BTRFS info (device loop1): force zlib compression, level 3 [ 170.889039][ T9425] BTRFS info (device loop1): force clearing of disk cache [ 170.896998][ T9425] BTRFS info (device loop1): setting nodatasum [ 170.907861][ T9425] BTRFS info (device loop1): use zlib compression, level 3 [ 170.943763][ T9425] BTRFS info (device loop1): allowing degraded mounts [ 170.963610][ T9425] BTRFS info (device loop1): enabling disk space caching [ 170.993414][ T9425] BTRFS info (device loop1): disk space caching is enabled [ 171.035313][ T9445] sp0: Synchronizing with TNC [ 171.071581][ T9443] [U] [ 171.202104][ T9425] BTRFS info (device loop1): enabling ssd optimizations [ 171.222330][ T9425] BTRFS info (device loop1): auto enabling async discard [ 171.254404][ T9425] BTRFS info (device loop1): rebuilding free space tree [ 171.312766][ T9425] BTRFS info (device loop1): disabling free space tree [ 171.318378][ T9472] netlink: 'syz.2.1677': attribute type 9 has an invalid length. [ 171.322225][ T9425] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 171.363856][ T9425] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 171.593159][ T9425] BTRFS error (device loop1): balance: invalid convert data profile single [ 171.694108][ T5788] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 171.760185][ T8] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 171.950278][ T8] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 171.997642][ T8] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 172.028931][ T8] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 172.046841][ T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 172.081657][ T9476] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 172.109427][ T8] usb 1-1: Quirk or no altest; falling back to MIDI 1.0 [ 172.473716][ T9497] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1689'. [ 172.513593][ T9497] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0 [ 172.650128][ T8] usb 1-1: USB disconnect, device number 11 [ 172.862827][ T9509] loop2: detected capacity change from 0 to 512 [ 172.871705][ T9509] EXT4-fs: Ignoring removed orlov option [ 172.889046][ T9509] EXT4-fs (loop2): Test dummy encryption mode enabled [ 172.919393][ T9509] EXT4-fs (loop2): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 173.210831][ T9509] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 173.226633][ T9509] EXT4-fs error (device loop2): ext4_add_entry:2486: inode #2: comm syz.2.1696: Directory hole found for htree leaf block 0 [ 173.245957][ T9509] EXT4-fs (loop2): Remounting filesystem read-only [ 173.331202][ T9528] netlink: 'syz.1.1702': attribute type 1 has an invalid length. [ 173.348032][ T9528] netlink: 'syz.1.1702': attribute type 2 has an invalid length. [ 173.356712][ T9528] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1702'. [ 173.425092][ T5784] EXT4-fs (loop2): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 173.596507][ T9540] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1708'. [ 173.607017][ T9539] tmpfs: Bad value for 'mpol' [ 173.612415][ T9540] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1708'. [ 173.635576][ T9540] ip6gretap1: entered allmulticast mode [ 173.668309][ T5843] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 173.804313][ T9546] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1711'. [ 173.858292][ T5843] usb 4-1: Using ep0 maxpacket: 8 [ 173.885110][ T5843] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x1 has invalid maxpacket 512, setting to 64 [ 173.913583][ T5843] usb 4-1: config 0 interface 0 has no altsetting 0 [ 173.933949][ T5843] usb 4-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=bc.76 [ 173.949939][ T5843] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 173.968241][ T5843] usb 4-1: Product: syz [ 173.978614][ T5843] usb 4-1: Manufacturer: syz [ 173.988253][ T5843] usb 4-1: SerialNumber: syz [ 174.000712][ T5843] usb 4-1: config 0 descriptor?? [ 174.029503][ T5843] snd_usb_toneport 4-1:0.0: Line 6 TonePort UX2 found [ 174.245607][ T5843] snd_usb_toneport 4-1:0.0: cannot get proper max packet size [ 174.267116][ T5843] snd_usb_toneport 4-1:0.0: Line 6 TonePort UX2 now disconnected [ 174.305328][ T5843] snd_usb_toneport: probe of 4-1:0.0 failed with error -22 [ 174.332310][ T9544] loop2: detected capacity change from 0 to 32768 [ 174.351612][ T9544] XFS: attr2 mount option is deprecated. [ 174.378694][ T9544] XFS (loop2): DAX unsupported by block device. Turning off DAX. [ 174.397674][ T9544] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 174.504387][ T9544] XFS (loop2): Ending clean mount [ 174.523427][ T5880] usb 4-1: USB disconnect, device number 14 [ 174.571003][ T9544] XFS (loop2): Quotacheck needed: Please wait. [ 174.688069][ T9544] XFS (loop2): Quotacheck: Done. [ 174.856759][ T5784] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 174.864725][ T27] audit: type=1400 audit(1755786292.679:31): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=26260A3AF6EFF374925873ECE44CF3460B0BA260624F2A08BDBB6D3C92592016EA4E0F401876B1958B3F9AA5153386EED838C49D3A pid=9583 comm="syz.0.1726" [ 174.958453][ T27] audit: type=1326 audit(1755786292.679:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9585 comm="syz.1.1727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c4a18ebe9 code=0x7ffc0000 [ 175.052741][ T27] audit: type=1326 audit(1755786292.679:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9585 comm="syz.1.1727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c4a18ebe9 code=0x7ffc0000 [ 175.108249][ T27] audit: type=1326 audit(1755786292.719:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9585 comm="syz.1.1727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7f4c4a18ebe9 code=0x7ffc0000 [ 175.167502][ T27] audit: type=1326 audit(1755786292.719:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9585 comm="syz.1.1727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c4a18ebe9 code=0x7ffc0000 [ 175.238232][ T27] audit: type=1326 audit(1755786292.719:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9585 comm="syz.1.1727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c4a18ebe9 code=0x7ffc0000 [ 175.534336][ T9606] netlink: 216 bytes leftover after parsing attributes in process `syz.0.1738'. [ 175.562050][ T9609] xt_addrtype: input interface limitation not valid in POSTROUTING and OUTPUT [ 175.578891][ T5880] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 175.609411][ T9612] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1740'. [ 175.618881][ T9612] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1740'. [ 175.633372][ T9612] vlan0: entered promiscuous mode [ 175.707128][ T9614] loop2: detected capacity change from 0 to 512 [ 175.714944][ T9614] EXT4-fs: Ignoring removed nomblk_io_submit option [ 175.739507][ T9616] openvswitch: netlink: Missing valid actions attribute. [ 175.748938][ T9616] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 175.758356][ T5880] usb 2-1: Using ep0 maxpacket: 16 [ 175.765796][ T9614] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 175.792042][ T9614] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2 [ 175.792244][ T5880] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 175.821141][ T9614] EXT4-fs (loop2): 1 truncate cleaned up [ 175.855461][ T9614] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 175.873097][ T5880] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 175.911582][ T5880] usb 2-1: Product: syz [ 175.915790][ T5880] usb 2-1: Manufacturer: syz [ 175.915807][ T5880] usb 2-1: SerialNumber: syz [ 175.959613][ T5880] r8152-cfgselector 2-1: config 0 descriptor?? [ 175.994454][ T9614] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 227 vs 220 free clusters [ 176.152177][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 176.210498][ T5880] usbip-host 2-1: 2-1 is not in match_busid table... skip! [ 176.276579][ T9636] loop0: detected capacity change from 0 to 512 [ 176.327841][ T9636] EXT4-fs error (device loop0): ext4_orphan_get:1399: inode #15: comm syz.0.1750: casefold flag without casefold feature [ 176.418011][ T5880] usb 2-1: USB disconnect, device number 9 [ 176.421586][ T9636] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.1750: couldn't read orphan inode 15 (err -117) [ 176.489818][ T9636] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 176.655503][ T5781] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 176.769101][ T9653] xt_hashlimit: max too large, truncated to 1048576 [ 176.816831][ T9657] comedi comedi4: bad chanlist[0]=0x000040e3 chan=16611 range length=2 [ 176.831577][ T9656] netdevsim netdevsim2 netdevsim0: entered promiscuous mode [ 176.928627][ T9660] netlink: 'syz.3.1761': attribute type 13 has an invalid length. [ 176.975333][ T9663] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1763'. [ 177.153875][ T9671] loop2: detected capacity change from 0 to 256 [ 177.311190][ T9671] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x586fd6de, utbl_chksum : 0xe619d30d) [ 177.452775][ T27] audit: type=1326 audit(1755786295.269:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9680 comm="syz.2.1773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe4f38ebe9 code=0x7ffc0000 [ 177.526773][ T27] audit: type=1326 audit(1755786295.299:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9680 comm="syz.2.1773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe4f38ebe9 code=0x7ffc0000 [ 177.587359][ T27] audit: type=1326 audit(1755786295.319:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9680 comm="syz.2.1773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7efe4f38ebe9 code=0x7ffc0000 [ 177.680710][ T27] audit: type=1326 audit(1755786295.319:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9680 comm="syz.2.1773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe4f38ebe9 code=0x7ffc0000 [ 177.869460][ T9696] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1779'. [ 177.888711][ T9696] netlink: 'syz.1.1779': attribute type 1 has an invalid length. [ 177.896509][ T9696] netlink: 'syz.1.1779': attribute type 2 has an invalid length. [ 177.965122][ T9696] netlink: 116 bytes leftover after parsing attributes in process `syz.1.1779'. [ 178.045497][ T9704] loop0: detected capacity change from 0 to 512 [ 178.070393][ T9704] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 178.123383][ T9704] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #16: comm syz.0.1784: invalid indirect mapped block 83886080 (level 1) [ 178.148546][ T9704] EXT4-fs (loop0): Remounting filesystem read-only [ 178.166505][ T9704] EXT4-fs (loop0): 1 orphan inode deleted [ 178.172912][ T9704] EXT4-fs (loop0): 1 truncate cleaned up [ 178.185418][ T9704] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 178.196224][ T9708] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported [ 178.250482][ T5781] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 178.606524][ T9726] loop3: detected capacity change from 0 to 2048 [ 178.632677][ T9726] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 178.682230][ T9732] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 179.016607][ T9741] loop3: detected capacity change from 0 to 512 [ 179.077314][ T9741] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.1800: casefold flag without casefold feature [ 179.130359][ T9741] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.1800: couldn't read orphan inode 15 (err -117) [ 179.160111][ T9741] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 179.300022][ T9749] bond2: entered allmulticast mode [ 179.303020][ T9757] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1805'. [ 179.417207][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 179.621475][ T9766] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1809'. [ 179.871300][ T9779] loop2: detected capacity change from 0 to 512 [ 179.924202][ T9779] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.1818: casefold flag without casefold feature [ 179.997395][ T9779] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.1818: couldn't read orphan inode 15 (err -117) [ 180.020551][ T9779] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 180.108286][ T27] audit: type=1326 audit(1755786297.909:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9787 comm="syz.1.1822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c4a18ebe9 code=0x7ffc0000 [ 180.189458][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 180.202021][ T27] audit: type=1326 audit(1755786297.909:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9787 comm="syz.1.1822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c4a18ebe9 code=0x7ffc0000 [ 180.282520][ T9792] netlink: 'syz.3.1825': attribute type 1 has an invalid length. [ 180.290860][ T9792] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1825'. [ 180.318840][ T27] audit: type=1326 audit(1755786297.949:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9787 comm="syz.1.1822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7f4c4a18ebe9 code=0x7ffc0000 [ 180.387520][ T27] audit: type=1326 audit(1755786297.949:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9787 comm="syz.1.1822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c4a18ebe9 code=0x7ffc0000 [ 180.429347][ T9798] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1823'. [ 180.840182][ T9816] loop0: detected capacity change from 0 to 1024 [ 180.859508][ T9816] EXT4-fs: Ignoring removed bh option [ 181.001669][ T9816] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback. [ 181.239563][ T9833] loop1: detected capacity change from 0 to 512 [ 181.287932][ T5781] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-001000000000. [ 181.292270][ T9833] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 181.292396][ T9833] ext4 filesystem being mounted at /484/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 181.405907][ T5788] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 181.948309][ T5861] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 181.986155][ T9858] 8021q: adding VLAN 0 to HW filter on device bond0 [ 182.019734][ T9858] bond0: (slave rose0): Enslaving as an active interface with an up link [ 182.077764][ T9865] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1856'. [ 182.129231][ T5861] usb 1-1: Using ep0 maxpacket: 32 [ 182.150827][ T5861] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 182.177417][ T5861] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0 [ 182.234230][ T5861] usb 1-1: New USB device found, idVendor=ae6f, idProduct=79f4, bcdDevice=8f.99 [ 182.251474][ T5861] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 182.288394][ T5861] usb 1-1: Product: syz [ 182.292790][ T5861] usb 1-1: Manufacturer: syz [ 182.297624][ T5861] usb 1-1: SerialNumber: syz [ 182.326373][ T5861] usb 1-1: config 0 descriptor?? [ 182.625289][ T786] usb 1-1: USB disconnect, device number 12 [ 183.061458][ T9905] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1871'. [ 183.522330][ T9921] loop0: detected capacity change from 0 to 4096 [ 183.556319][ T9921] ntfs3: loop0: ino=3, Correct links count -> 2. [ 183.568707][ T5843] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 183.800162][ T5843] usb 3-1: config 0 has an invalid interface number: 156 but max is 0 [ 183.837805][ T5843] usb 3-1: config 0 has no interface number 0 [ 183.878203][ T27] audit: type=1326 audit(1755786301.689:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9937 comm="syz.1.1882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c4a18ebe9 code=0x7ffc0000 [ 183.880642][ T5843] usb 3-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 183.971769][ T27] audit: type=1326 audit(1755786301.689:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9937 comm="syz.1.1882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c4a18ebe9 code=0x7ffc0000 [ 184.024219][ T5843] usb 3-1: config 0 interface 156 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 184.073566][ T5843] usb 3-1: config 0 interface 156 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 184.082277][ T27] audit: type=1326 audit(1755786301.739:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9937 comm="syz.1.1882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=311 compat=0 ip=0x7f4c4a18ebe9 code=0x7ffc0000 [ 184.109342][ T5843] usb 3-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 184.148942][ T5843] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 184.189812][ T5843] usb 3-1: config 0 descriptor?? [ 184.198243][ T27] audit: type=1326 audit(1755786301.739:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9937 comm="syz.1.1882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c4a18ebe9 code=0x7ffc0000 [ 184.240808][ T5843] gspca_main: spca561-2.14.0 probing abcd:cdee [ 184.302907][ T27] audit: type=1326 audit(1755786301.739:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9937 comm="syz.1.1882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c4a18ebe9 code=0x7ffc0000 [ 184.514534][ T5843] spca561: probe of 3-1:0.156 failed with error -22 [ 184.545718][ T5843] usb 3-1: Quirk or no altest; falling back to MIDI 1.0 [ 184.565590][ T5843] usb 3-1: MIDIStreaming interface descriptor not found [ 184.689565][ T5843] usb 3-1: USB disconnect, device number 10 [ 184.706382][ T9962] netlink: 798 bytes leftover after parsing attributes in process `syz.0.1892'. [ 184.987042][ T9972] netlink: 9 bytes leftover after parsing attributes in process `syz.1.1896'. [ 185.013985][ T9972] 0: renamed from hsr0 (while UP) [ 185.051267][ T9972] 0: entered allmulticast mode [ 185.063452][ T9972] A link change request failed with some changes committed already. Interface 70 may have been left with an inconsistent configuration, please check. [ 185.978771][T10012] ipt_REJECT: TCP_RESET invalid for non-tcp [ 186.218512][T10023] vim2m vim2m.0: Fourcc format (0x47425247) invalid. [ 186.263594][T10025] Cannot find add_set index 0 as target [ 186.400641][ T5104] Bluetooth: hci2: command 0x0406 tx timeout [ 186.407990][ T5104] Bluetooth: hci1: command 0x0406 tx timeout [ 186.412227][ T5790] Bluetooth: hci3: command 0x0406 tx timeout [ 186.627375][T10038] netlink: 'syz.0.1923': attribute type 5 has an invalid length. [ 186.663595][T10038] ip6erspan0: entered promiscuous mode [ 187.319538][T10072] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1938'. [ 187.871221][T10096] loop2: detected capacity change from 0 to 1024 [ 187.907614][T10096] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 187.950159][T10098] loop0: detected capacity change from 0 to 1024 [ 187.968842][T10096] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 187.977347][T10096] EXT4-fs (loop2): orphan cleanup on readonly fs [ 188.061695][T10096] EXT4-fs error (device loop2): __ext4_get_inode_loc:4483: comm syz.2.1952: Invalid inode table block 0 in block_group 0 [ 188.170943][T10096] EXT4-fs (loop2): Remounting filesystem read-only [ 188.177911][T10096] Quota error (device loop2): write_blk: dquota write failed [ 188.189810][T10096] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 188.208853][T10096] EXT4-fs (loop2): 1 truncate cleaned up [ 188.222497][T10096] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 188.332471][T10113] netlink: 9 bytes leftover after parsing attributes in process `syz.0.1958'. [ 188.345275][T10113] 0: renamed from hsr0 (while UP) [ 188.367721][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 188.391765][T10113] 0: entered allmulticast mode [ 188.438760][T10113] A link change request failed with some changes committed already. Interface 70 may have been left with an inconsistent configuration, please check. [ 188.959673][T10134] loop0: detected capacity change from 0 to 256 [ 189.063575][T10134] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x08fbab18, utbl_chksum : 0xe619d30d) [ 189.078243][ T27] audit: type=1326 audit(1755786306.899:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10140 comm="syz.2.1973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe4f38ebe9 code=0x7ffc0000 [ 189.169110][ T27] audit: type=1326 audit(1755786306.899:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10140 comm="syz.2.1973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe4f38ebe9 code=0x7ffc0000 [ 189.278319][ T27] audit: type=1326 audit(1755786306.899:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10140 comm="syz.2.1973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7efe4f38ebe9 code=0x7ffc0000 [ 189.365312][ T27] audit: type=1326 audit(1755786306.899:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10140 comm="syz.2.1973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe4f38ebe9 code=0x7ffc0000 [ 189.432597][ T27] audit: type=1326 audit(1755786306.899:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10140 comm="syz.2.1973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe4f38ebe9 code=0x7ffc0000 [ 190.017292][T10178] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1991'. [ 190.032512][T10178] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1991'. [ 191.224248][T10233] loop2: detected capacity change from 0 to 256 [ 191.338715][T10239] loop0: detected capacity change from 0 to 16 [ 191.397062][T10239] erofs: (device loop0): mounted with root inode @ nid 36. [ 191.480192][T10242] loop3: detected capacity change from 0 to 16 [ 191.543182][T10242] erofs: (device loop3): mounted with root inode @ nid 36. [ 191.595528][T10242] syz.3.2024: attempt to access beyond end of device [ 191.595528][T10242] loop3: rw=0, sector=32, nr_sectors = 8 limit=16 [ 191.844704][T10252] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2028'. [ 191.861555][T10254] loop3: detected capacity change from 0 to 1024 [ 191.895247][T10256] xt_hashlimit: max too large, truncated to 1048576 [ 191.997223][ T1123] hfsplus: b-tree write err: -5, ino 4 [ 192.142796][T10265] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2034'. [ 192.262834][T10272] x_tables: unsorted entry at hook 1 [ 192.931373][T10273] loop0: detected capacity change from 0 to 32768 [ 192.963364][T10273] (syz.0.2038,10273,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 192.987631][T10273] (syz.0.2038,10273,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 193.047550][T10273] JBD2: Ignoring recovery information on journal [ 193.091361][ T1192] IPVS: starting estimator thread 0... [ 193.188450][T10304] IPVS: using max 23 ests per chain, 55200 per kthread [ 193.253574][T10273] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 193.339140][T10312] loop1: detected capacity change from 0 to 256 [ 193.401727][T10312] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 193.462804][T10312] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 193.522372][ T5781] ocfs2: Unmounting device (7,0) on (node local) [ 193.536476][T10312] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 193.597996][T10312] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 193.624772][T10320] loop2: detected capacity change from 0 to 1024 [ 193.814170][ T11] hfsplus: b-tree write err: -5, ino 4 [ 194.140278][T10336] netlink: 'syz.2.2068': attribute type 66 has an invalid length. [ 194.452373][T10349] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2074'. [ 194.481512][T10349] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2074'. [ 194.567262][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.574438][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.881399][T10363] 8021q: adding VLAN 0 to HW filter on device bond2 [ 195.594349][T10390] netlink: 'syz.1.2094': attribute type 1 has an invalid length. [ 196.110886][T10379] loop3: detected capacity change from 0 to 32768 [ 196.176234][T10379] [ 196.176234][T10379] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 196.176234][T10379] [ 196.235578][T10379] [ 196.235578][T10379] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 196.235578][T10379] [ 196.278885][T10379] [ 196.278885][T10379] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 196.278885][T10379] [ 196.333402][ T111] [ 196.333402][ T111] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 196.333402][ T111] [ 196.421568][ T48] [ 196.421568][ T48] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 196.421568][ T48] [ 196.482848][ T48] [ 196.482848][ T48] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 196.482848][ T48] [ 196.552244][ T112] [ 196.552244][ T112] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 196.552244][ T112] [ 196.614497][ T5787] [ 196.614497][ T5787] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 196.614497][ T5787] [ 196.657404][ T5787] [ 196.657404][ T5787] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 196.657404][ T5787] [ 197.028553][T10435] netlink: 'syz.2.2117': attribute type 21 has an invalid length. [ 197.057454][T10435] IPv6: NLM_F_CREATE should be specified when creating new route [ 197.068682][T10435] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 197.076063][T10435] IPv6: NLM_F_CREATE should be set when creating new route [ 197.083682][T10435] IPv6: NLM_F_CREATE should be set when creating new route [ 197.091291][T10435] IPv6: NLM_F_CREATE should be set when creating new route [ 197.388411][ T1192] usb 2-1: new full-speed USB device number 10 using dummy_hcd [ 197.601644][ T1192] usb 2-1: config 0 has an invalid interface number: 235 but max is 0 [ 197.620575][ T1192] usb 2-1: config 0 has no interface number 0 [ 197.643659][ T1192] usb 2-1: config 0 interface 235 altsetting 16 endpoint 0x5 has invalid wMaxPacketSize 0 [ 197.665053][ T1192] usb 2-1: config 0 interface 235 has no altsetting 0 [ 197.684964][ T1192] usb 2-1: New USB device found, idVendor=06cd, idProduct=0112, bcdDevice=3e.18 [ 197.705789][ T1192] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 197.736891][ T1192] usb 2-1: Product: syz [ 197.760608][ T1192] usb 2-1: Manufacturer: syz [ 197.772043][ T1192] usb 2-1: SerialNumber: syz [ 197.790947][ T1192] usb 2-1: config 0 descriptor?? [ 197.812362][ T1192] keyspan 2-1:0.235: Keyspan 1 port adapter converter detected [ 197.841374][ T1192] keyspan 2-1:0.235: found no endpoint descriptor for endpoint 87 [ 197.868805][ T1192] keyspan 2-1:0.235: found no endpoint descriptor for endpoint 7 [ 197.899080][ T1192] keyspan 2-1:0.235: found no endpoint descriptor for endpoint 81 [ 197.917178][ T1192] keyspan 2-1:0.235: found no endpoint descriptor for endpoint 1 [ 197.946385][ T1192] keyspan 2-1:0.235: found no endpoint descriptor for endpoint 85 [ 197.994796][ T1192] usb 2-1: Keyspan 1 port adapter converter now attached to ttyUSB0 [ 198.044075][ T1192] usb 2-1: USB disconnect, device number 10 [ 198.076702][ T1192] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0 [ 198.109742][ T1192] keyspan 2-1:0.235: device disconnected [ 198.332179][T10455] loop2: detected capacity change from 0 to 32768 [ 198.389171][T10455] (syz.2.2122,10455,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 198.419784][T10455] (syz.2.2122,10455,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 198.454080][T10483] kAFS: unable to lookup cell '' [ 198.466485][T10455] JBD2: Ignoring recovery information on journal [ 198.545865][T10455] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 198.823761][ T5784] ocfs2: Unmounting device (7,2) on (node local) [ 199.089802][T10501] loop1: detected capacity change from 0 to 64 [ 199.347043][T10510] IPv6: Can't replace route, no match found [ 199.368765][T10512] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2146'. [ 199.902663][T10530] loop1: detected capacity change from 0 to 4096 [ 199.928420][ T5861] usb 3-1: new full-speed USB device number 11 using dummy_hcd [ 199.937301][T10534] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2157'. [ 200.150663][ T5861] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 200.178202][ T5861] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 200.198425][ T5861] usb 3-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice= 1.00 [ 200.218192][ T5861] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 200.252478][ T5861] usb 3-1: config 0 descriptor?? [ 200.300833][ T5861] xbox_remote_probe: endpoint_in message size==0? [ 200.484811][T10548] netlink: 'syz.1.2164': attribute type 21 has an invalid length. [ 200.505978][ T5861] usbhid 3-1:0.0: can't add hid device: -71 [ 200.528285][ T5861] usbhid: probe of 3-1:0.0 failed with error -71 [ 200.544189][T10548] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2164'. [ 200.550263][ T5861] usb 3-1: USB disconnect, device number 11 [ 200.689025][T10553] loop0: detected capacity change from 0 to 128 [ 200.750799][T10553] sysv_free_block: flc_count > flc_size [ 200.756685][T10553] sysv_free_block: flc_count > flc_size [ 200.771815][T10553] sysv_free_block: flc_count > flc_size [ 200.777672][T10553] sysv_free_block: flc_count > flc_size [ 200.783981][T10553] sysv_free_block: flc_count > flc_size [ 200.790368][T10553] sysv_free_block: flc_count > flc_size [ 200.797690][T10553] sysv_free_block: flc_count > flc_size [ 200.835974][T10553] sysv_free_block: flc_count > flc_size [ 200.852035][T10553] sysv_free_block: flc_count > flc_size [ 200.863510][T10553] sysv_free_block: flc_count > flc_size [ 200.902025][T10553] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 201.411521][T10577] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2178'. [ 201.757282][T10597] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 201.816073][T10597] overlayfs: missing 'lowerdir' [ 201.988333][ T5861] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 202.090785][T10611] netlink: 'syz.1.2195': attribute type 3 has an invalid length. [ 202.188788][ T5861] usb 4-1: Using ep0 maxpacket: 16 [ 202.207341][ T5861] usb 4-1: unable to get BOS descriptor or descriptor too short [ 202.226168][ T5861] usb 4-1: config 1 has an invalid interface number: 231 but max is 0 [ 202.246016][ T5861] usb 4-1: config 1 has no interface number 0 [ 202.256211][ T5861] usb 4-1: config 1 interface 231 has no altsetting 0 [ 202.280555][ T5861] usb 4-1: string descriptor 0 read error: -22 [ 202.287378][ T5861] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=5c.f5 [ 202.298214][ T8] usb 1-1: new low-speed USB device number 13 using dummy_hcd [ 202.320570][ T5861] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 202.490784][ T8] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 202.507559][ T8] usb 1-1: config 0 has no interface number 0 [ 202.514800][ T8] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 202.521218][T10627] netlink: 'syz.1.2203': attribute type 6 has an invalid length. [ 202.539414][ T8] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8 [ 202.568649][ T8] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 202.579967][ T5861] usbtest 4-1:1.231: Linux gadget zero [ 202.588199][ T5861] usbtest 4-1:1.231: high-speed {control in/out int-out} tests (+alt) [ 202.597663][ T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 202.620969][ T8] usb 1-1: config 0 descriptor?? [ 202.626889][T10609] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 202.680278][ T8] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 202.732603][T10630] loop1: detected capacity change from 0 to 4096 [ 202.747536][T10630] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 202.831911][ T54] usb 4-1: USB disconnect, device number 15 [ 202.850640][T10630] ntfs3: loop1: Failed to initialize $Extend/$Reparse. [ 202.929985][ T5861] usb 1-1: USB disconnect, device number 13 [ 203.070873][ T8] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 203.203425][T10644] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2211'. [ 203.258966][ T8] usb 3-1: Using ep0 maxpacket: 32 [ 203.267101][ T8] usb 3-1: config 0 has an invalid interface number: 108 but max is 0 [ 203.277743][ T8] usb 3-1: config 0 has no interface number 0 [ 203.292605][ T8] usb 3-1: config 0 interface 108 has no altsetting 0 [ 203.304308][ T8] usb 3-1: New USB device found, idVendor=99fa, idProduct=8988, bcdDevice=65.cd [ 203.317021][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 203.330732][ T8] usb 3-1: Product: syz [ 203.334989][ T8] usb 3-1: Manufacturer: syz [ 203.341023][ T8] usb 3-1: SerialNumber: syz [ 203.351900][ T8] usb 3-1: config 0 descriptor?? [ 203.373646][ T8] gspca_main: spca506-2.14.0 probing 99fa:8988 [ 203.684974][T10658] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks [ 203.753061][ T8] usb 3-1: USB disconnect, device number 12 [ 204.281737][T10681] netlink: 'syz.0.2227': attribute type 1 has an invalid length. [ 204.301966][T10681] netlink: 244 bytes leftover after parsing attributes in process `syz.0.2227'. [ 205.255539][T10723] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2248'. [ 205.695695][T10735] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2255'. [ 206.223773][T10763] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2269'. [ 206.234350][T10763] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2269'. [ 206.378277][ T5880] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 206.568211][ T5880] usb 2-1: Using ep0 maxpacket: 32 [ 206.576819][ T5880] usb 2-1: config index 0 descriptor too short (expected 35577, got 27) [ 206.592649][ T5880] usb 2-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 206.602407][ T5880] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 206.612257][ T5880] usb 2-1: config 1 has no interface number 0 [ 206.619321][ T5880] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 206.630386][ T5880] usb 2-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 206.646906][ T5880] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 206.658929][ T5880] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 206.691230][ T5880] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found [ 206.929381][ T5880] snd_usb_pod 2-1:1.1: invalid control EP [ 206.935368][ T5880] snd_usb_pod 2-1:1.1: cannot start listening: -22 [ 206.955248][ T5880] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected [ 206.965585][ T5880] snd_usb_pod: probe of 2-1:1.1 failed with error -22 [ 206.979324][T10789] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2282'. [ 207.159412][ T5880] usb 2-1: USB disconnect, device number 11 [ 207.609996][T10811] comedi comedi4: bad chanlist[0]=0x00001001 chan=4097 range length=2 [ 208.062609][T10830] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2302'. [ 208.555113][T10852] netlink: 'syz.1.2313': attribute type 9 has an invalid length. [ 208.564751][T10852] netlink: 'syz.1.2313': attribute type 7 has an invalid length. [ 208.572701][T10852] netlink: 'syz.1.2313': attribute type 8 has an invalid length. [ 208.906032][T10862] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 209.014835][T10840] loop0: detected capacity change from 0 to 40427 [ 209.029063][ T5880] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 209.061430][T10840] F2FS-fs (loop0): Image doesn't support compression [ 209.092650][T10840] F2FS-fs (loop0): invalid crc value [ 209.152291][T10840] F2FS-fs (loop0): Found nat_bits in checkpoint [ 209.168639][T10871] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2321'. [ 209.241401][T10840] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 209.253100][ T5880] usb 2-1: New USB device found, idVendor=2c42, idProduct=16f8, bcdDevice=30.20 [ 209.288269][ T5880] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 209.316173][ T5880] usb 2-1: Product: syz [ 209.334640][ T5880] usb 2-1: Manufacturer: syz [ 209.345143][ T5880] usb 2-1: SerialNumber: syz [ 209.370219][ T5880] usb 2-1: config 0 descriptor?? [ 209.447066][ T5781] syz-executor: attempt to access beyond end of device [ 209.447066][ T5781] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 209.502385][ T5781] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 209.679295][T10885] vim2m vim2m.0: Fourcc format (0x56595559) invalid. [ 209.796971][ T1192] usb 2-1: USB disconnect, device number 12 [ 209.833192][ T1192] f81534a_ctrl 2-1:0.0: failed to set register 0x116: -19 [ 209.853560][ T1192] f81534a_ctrl 2-1:0.0: failed to enable ports: -19 [ 210.716625][T10912] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 210.737888][T10912] batadv_slave_0: entered promiscuous mode [ 210.743994][T10912] batadv_slave_0: entered allmulticast mode [ 210.790209][T10912] netlink: 'syz.0.2341': attribute type 8 has an invalid length. [ 210.807594][T10896] loop2: detected capacity change from 0 to 32768 [ 210.824048][T10898] loop3: detected capacity change from 0 to 40427 [ 210.842941][T10896] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.2334 (10896) [ 210.867989][T10898] F2FS-fs (loop3): Image doesn't support compression [ 210.942175][T10896] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 210.954933][T10898] F2FS-fs (loop3): invalid crc value [ 210.994565][T10896] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 211.003769][T10898] F2FS-fs (loop3): Found nat_bits in checkpoint [ 211.043036][T10896] BTRFS info (device loop2): setting nodatacow, compression disabled [ 211.068266][T10896] BTRFS info (device loop2): max_inline at 0 [ 211.077110][T10896] BTRFS info (device loop2): enabling disk space caching [ 211.098836][T10896] BTRFS info (device loop2): turning off barriers [ 211.105518][T10896] BTRFS info (device loop2): turning on flush-on-commit [ 211.150151][T10896] BTRFS info (device loop2): doing ref verification [ 211.157651][T10896] BTRFS info (device loop2): force clearing of disk cache [ 211.187004][T10898] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 211.201162][T10896] BTRFS info (device loop2): enabling ssd optimizations [ 211.241710][T10896] BTRFS info (device loop2): max_inline at 4096 [ 211.268263][T10896] BTRFS info (device loop2): disk space caching is enabled [ 211.456943][T10896] BTRFS info (device loop2): auto enabling async discard [ 211.467928][ T5787] syz-executor: attempt to access beyond end of device [ 211.467928][ T5787] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 211.496200][ T5787] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 211.496797][T10896] BTRFS info (device loop2): rebuilding free space tree [ 211.605992][T10896] BTRFS info (device loop2): disabling free space tree [ 211.628270][T10896] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 211.666719][T10896] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 211.925185][T10953] loop1: detected capacity change from 0 to 512 [ 211.955798][T10953] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 212.345058][ T5784] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 212.398661][T10964] loop1: detected capacity change from 0 to 2048 [ 212.407732][T10964] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=26504, location=26504 [ 212.435415][T10964] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 212.903581][T10977] tmpfs: Bad value for 'mpol' [ 213.025784][T10981] loop1: detected capacity change from 0 to 1764 [ 213.051388][T10983] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 213.058738][T10983] IPv6: NLM_F_CREATE should be set when creating new route [ 213.065995][T10983] IPv6: NLM_F_CREATE should be set when creating new route [ 213.150876][T10987] loop0: detected capacity change from 0 to 64 [ 213.798214][ T5861] usb 2-1: new full-speed USB device number 13 using dummy_hcd [ 213.996084][T10989] loop2: detected capacity change from 0 to 40427 [ 214.006813][ T5861] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 10 [ 214.028991][ T5861] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 214.052789][ T5861] usb 2-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66 [ 214.062822][ T5861] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 214.071482][T10989] F2FS-fs (loop2): invalid crc value [ 214.091069][T10989] F2FS-fs (loop2): Found nat_bits in checkpoint [ 214.107310][ T5861] usb 2-1: Product: syz [ 214.123224][ T5861] usb 2-1: Manufacturer: syz [ 214.138293][ T5861] usb 2-1: SerialNumber: syz [ 214.150111][ T5861] usb 2-1: config 0 descriptor?? [ 214.169264][ T5861] snd-usb-audio: probe of 2-1:0.0 failed with error -90 [ 214.209841][T10989] F2FS-fs (loop2): Start checkpoint disabled! [ 214.272129][ T8] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 214.290213][T10989] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6 [ 214.370310][ T27] audit: type=1326 audit(1755786332.189:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11020 comm="syz.3.2384" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fefa4d8ebe9 code=0x0 [ 214.404151][ T5861] usb 2-1: USB disconnect, device number 13 [ 214.468473][ T8] usb 1-1: Using ep0 maxpacket: 32 [ 214.483271][ T8] usb 1-1: config 0 has an invalid interface number: 74 but max is 1 [ 214.510171][ T8] usb 1-1: config 0 has no interface number 1 [ 214.530142][ T8] usb 1-1: New USB device found, idVendor=07fd, idProduct=0004, bcdDevice=8e.fa [ 214.548168][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 214.556241][ T8] usb 1-1: Product: syz [ 214.586209][ T8] usb 1-1: Manufacturer: syz [ 214.592224][ T8] usb 1-1: SerialNumber: syz [ 214.612482][ T8] usb 1-1: config 0 descriptor?? [ 214.676192][ T8] snd-usb-audio: probe of 1-1:0.74 failed with error -22 [ 214.744620][ T5917] udevd[5917]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.74/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 214.955547][ T786] usb 1-1: USB disconnect, device number 14 [ 215.245320][T11045] gtp0: entered promiscuous mode [ 215.271088][T11045] gtp0: entered allmulticast mode [ 215.477219][T11053] netlink: 372 bytes leftover after parsing attributes in process `syz.1.2400'. [ 215.777239][T11070] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 215.918692][ T5793] Bluetooth: hci1: command tx timeout [ 216.251328][T11084] bond1: entered promiscuous mode [ 216.268228][T11084] bond1: entered allmulticast mode [ 216.293321][T11084] 8021q: adding VLAN 0 to HW filter on device bond1 [ 216.363817][T11097] loop1: detected capacity change from 0 to 2048 [ 216.407566][T11098] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 216.496000][T11097] NILFS (loop1): error -2 truncating bmap (ino=16) [ 216.664232][T11106] loop2: detected capacity change from 0 to 256 [ 216.705917][T11098] NILFS (loop1): vblocknr = 15 has abnormal lifetime: start cno (= 4128770) > current cno (= 3) [ 216.756170][T11098] NILFS error (device loop1): nilfs_bmap_propagate: broken bmap (inode number=16) [ 216.804024][T11098] Remounting filesystem read-only [ 216.829020][ T11] NILFS (loop1): discard dirty page: offset=0, ino=3 [ 216.845681][ T11] NILFS (loop1): discard dirty block: blocknr=42, size=1024 [ 216.861645][ T11] NILFS (loop1): discard dirty block: blocknr=43, size=1024 [ 216.897721][ T11] NILFS (loop1): discard dirty block: blocknr=44, size=1024 [ 216.924096][ T11] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 216.944804][ T11] NILFS (loop1): discard dirty page: offset=4096, ino=6 [ 216.960759][ T11] NILFS (loop1): discard dirty block: blocknr=39, size=1024 [ 216.978302][ T11] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 216.997787][ T11] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 217.017003][ T11] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 217.041703][ T11] NILFS (loop1): discard dirty page: offset=0, ino=5 [ 217.058325][ T11] NILFS (loop1): discard dirty block: blocknr=41, size=1024 [ 217.080708][ T11] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 217.111841][ T11] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 217.158387][ T11] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 217.168449][ T5788] NILFS (loop1): disposed unprocessed dirty file(s) when stopping log writer [ 217.178017][ T5788] NILFS (loop1): discard dirty page: offset=0, ino=16 [ 217.203824][ T5788] NILFS (loop1): discard dirty block: blocknr=23, size=1024 [ 217.230987][ T5788] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 217.278858][ T5788] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 217.295118][ T5788] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 217.324916][T11123] loop0: detected capacity change from 0 to 164 [ 217.402139][T11123] rock: directory entry would overflow storage [ 217.422098][T11123] rock: sig=0x66, size=4, remaining=3 [ 217.464666][T11123] rock: directory entry would overflow storage [ 217.473712][T11127] netlink: 'syz.2.2434': attribute type 3 has an invalid length. [ 217.483817][T11123] rock: sig=0x66, size=4, remaining=3 [ 217.508403][T11123] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 217.755944][T11113] loop3: detected capacity change from 0 to 32768 [ 217.798355][T11113] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.2430 (11113) [ 217.887021][T11113] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 217.899510][T11113] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 217.912187][T11113] BTRFS info (device loop3): setting nodatacow, compression disabled [ 217.973982][T11113] BTRFS info (device loop3): max_inline at 0 [ 218.002202][T11113] BTRFS info (device loop3): enabling disk space caching [ 218.018560][T11113] BTRFS info (device loop3): turning off barriers [ 218.026676][T11113] BTRFS info (device loop3): turning on flush-on-commit [ 218.045071][T11113] BTRFS info (device loop3): doing ref verification [ 218.052644][T11113] BTRFS info (device loop3): force clearing of disk cache [ 218.082783][T11113] BTRFS info (device loop3): enabling ssd optimizations [ 218.111298][T11113] BTRFS info (device loop3): max_inline at 4096 [ 218.132268][T11113] BTRFS info (device loop3): disk space caching is enabled [ 218.278257][ T786] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 218.291907][T11113] BTRFS info (device loop3): auto enabling async discard [ 218.302441][T11113] BTRFS info (device loop3): rebuilding free space tree [ 218.334511][T11113] BTRFS info (device loop3): disabling free space tree [ 218.350518][T11113] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 218.373376][T11113] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 218.397607][T11169] loop1: detected capacity change from 0 to 256 [ 218.417644][T11169] exfat: Deprecated parameter 'namecase' [ 218.452377][T11169] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e0d861, utbl_chksum : 0xe619d30d) [ 218.508393][ T786] usb 1-1: Using ep0 maxpacket: 32 [ 218.515985][ T786] usb 1-1: config 0 has an invalid interface number: 89 but max is 0 [ 218.547510][ T786] usb 1-1: config 0 has no interface number 0 [ 218.562255][ T786] usb 1-1: config 0 interface 89 altsetting 225 bulk endpoint 0x82 has invalid maxpacket 6 [ 218.588917][ T786] usb 1-1: config 0 interface 89 has no altsetting 0 [ 218.616835][ T786] usb 1-1: New USB device found, idVendor=12d1, idProduct=7ef3, bcdDevice=54.68 [ 218.658334][ T786] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 218.666381][ T786] usb 1-1: Product: syz [ 218.692919][ T786] usb 1-1: Manufacturer: syz [ 218.697585][ T786] usb 1-1: SerialNumber: syz [ 218.713297][ T786] usb 1-1: config 0 descriptor?? [ 218.721320][ T5787] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 218.748653][T11143] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 218.757274][ T786] hub 1-1:0.89: bad descriptor, ignoring hub [ 218.778249][ T786] hub: probe of 1-1:0.89 failed with error -5 [ 218.785316][ T786] option 1-1:0.89: GSM modem (1-port) converter detected [ 218.820653][ T786] usb 1-1: GSM modem (1-port) converter now attached to ttyUSB0 [ 219.096228][T11183] netlink: 164 bytes leftover after parsing attributes in process `syz.1.2454'. [ 219.208448][ T786] usb 1-1: USB disconnect, device number 15 [ 219.270286][ T786] option1 ttyUSB0: GSM modem (1-port) converter now disconnected from ttyUSB0 [ 219.311545][ T786] option 1-1:0.89: device disconnected [ 219.513418][T11198] loop2: detected capacity change from 0 to 256 [ 219.537739][T11198] exfat: Deprecated parameter 'utf8' [ 219.612591][T11198] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d) [ 219.927908][T11212] loop3: detected capacity change from 0 to 256 [ 220.023150][T11212] FAT-fs (loop3): Directory bread(block 64) failed [ 220.038366][T11212] FAT-fs (loop3): Directory bread(block 65) failed [ 220.045088][T11212] FAT-fs (loop3): Directory bread(block 66) failed [ 220.091626][T11212] FAT-fs (loop3): Directory bread(block 67) failed [ 220.106468][T11212] FAT-fs (loop3): Directory bread(block 68) failed [ 220.124312][T11212] FAT-fs (loop3): Directory bread(block 69) failed [ 220.132477][T11212] FAT-fs (loop3): Directory bread(block 70) failed [ 220.140516][T11212] FAT-fs (loop3): Directory bread(block 71) failed [ 220.147493][T11212] FAT-fs (loop3): Directory bread(block 72) failed [ 220.154323][T11212] FAT-fs (loop3): Directory bread(block 73) failed [ 220.228498][ T8] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 220.402144][ T11] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.444756][ T8] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 220.464673][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 220.484953][ T8] usb 1-1: Product: syz [ 220.495091][ T8] usb 1-1: Manufacturer: syz [ 220.500169][ T8] usb 1-1: SerialNumber: syz [ 220.524575][ T8] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 220.558788][ T54] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 220.640197][T11210] loop1: detected capacity change from 0 to 32768 [ 220.662997][ T11] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.673863][T11210] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.2467 (11210) [ 220.725154][T11210] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 220.779759][T11210] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 220.790672][T11210] BTRFS info (device loop1): using free space tree [ 220.841199][ T11] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.975371][T11210] BTRFS info (device loop1): enabling ssd optimizations [ 220.983476][T11210] BTRFS info (device loop1): auto enabling async discard [ 221.091371][ T11] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.163089][ T5843] usb 1-1: USB disconnect, device number 16 [ 221.163979][ T5788] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 221.341552][ T5917] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 9 /dev/loop1 scanned by udevd (5917) [ 221.610997][ T54] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive [ 221.636011][ T54] ath9k_htc: Failed to initialize the device [ 221.650029][ T50] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 221.671199][ T50] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 221.684369][ T50] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 221.698544][ T50] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 221.712072][ T50] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 221.723039][ T50] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 221.730617][ T5843] usb 1-1: ath9k_htc: USB layer deinitialized [ 222.132165][T11261] loop1: detected capacity change from 0 to 256 [ 222.217867][T11261] FAT-fs (loop1): Directory bread(block 64) failed [ 222.231976][T11261] FAT-fs (loop1): Directory bread(block 65) failed [ 222.241461][T11261] FAT-fs (loop1): Directory bread(block 66) failed [ 222.271613][T11261] FAT-fs (loop1): Directory bread(block 67) failed [ 222.283496][T11261] FAT-fs (loop1): Directory bread(block 68) failed [ 222.305973][T11261] FAT-fs (loop1): Directory bread(block 69) failed [ 222.324994][T11261] FAT-fs (loop1): Directory bread(block 70) failed [ 222.369597][T11261] FAT-fs (loop1): Directory bread(block 71) failed [ 222.376284][T11261] FAT-fs (loop1): Directory bread(block 72) failed [ 222.431563][T11261] FAT-fs (loop1): Directory bread(block 73) failed [ 222.522850][T11266] loop3: detected capacity change from 0 to 4096 [ 222.560977][T11266] ntfs: (device loop3): check_mft_mirror(): Incomplete multi sector transfer detected in mft record 2. [ 222.596328][T11266] ntfs: (device loop3): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 222.675820][T11266] ntfs: volume version 3.1. [ 222.685554][T11266] ntfs: (device loop3): map_mft_record_page(): Mft record 0x2 is corrupt. Run chkdsk. [ 222.699953][T11266] ntfs: (device loop3): map_mft_record(): Failed with error code 5. [ 222.707998][T11266] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0x2 as bad. Run chkdsk. [ 222.736316][T11266] ntfs: (device loop3): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 222.891877][T11266] ntfs: (device loop3): ntfs_read_locked_inode(): Index block size (0) < NTFS_BLOCK_SIZE (512) is not supported. Sorry. [ 222.934517][T11266] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -95. Marking corrupt inode 0x40 as bad. Run chkdsk. [ 223.216087][T11287] overlayfs: empty lowerdir [ 223.622346][T11304] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2498'. [ 223.848473][ T5793] Bluetooth: hci1: command tx timeout [ 223.908052][T11243] chnl_net:caif_netlink_parms(): no params data found [ 223.928541][T11315] ipt_REJECT: TCP_RESET invalid for non-tcp [ 224.206492][T11320] gretap1: entered allmulticast mode [ 224.348490][T11337] loop3: detected capacity change from 0 to 128 [ 224.534559][T11346] loop1: detected capacity change from 0 to 4096 [ 224.624754][T11347] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 224.762386][T11352] loop3: detected capacity change from 0 to 4096 [ 224.798876][T11352] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 224.884683][T11356] trusted_key: encrypted_key: hex blob is missing [ 224.923292][T11243] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.958798][T11243] bridge0: port 1(bridge_slave_0) entered disabled state [ 224.966076][T11243] bridge_slave_0: entered allmulticast mode [ 225.018204][T11352] ntfs3: loop3: failed to convert "c46c" to koi8-u [ 225.026525][T11243] bridge_slave_0: entered promiscuous mode [ 225.059049][T11243] bridge0: port 2(bridge_slave_1) entered blocking state [ 225.070457][T11243] bridge0: port 2(bridge_slave_1) entered disabled state [ 225.077925][T11243] bridge_slave_1: entered allmulticast mode [ 225.129528][T11243] bridge_slave_1: entered promiscuous mode [ 225.424046][T11243] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 225.436676][T11243] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 225.594541][T11243] team0: Port device team_slave_0 added [ 225.620175][T11243] team0: Port device team_slave_1 added [ 225.660704][ T11] hsr_slave_0: left promiscuous mode [ 225.668837][ T11] hsr_slave_1: left promiscuous mode [ 225.675536][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 225.691942][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 225.719944][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 225.727410][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 225.740251][ T11] bridge_slave_1: left allmulticast mode [ 225.748183][ T11] bridge_slave_1: left promiscuous mode [ 225.760461][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 225.783978][ T11] bridge_slave_0: left allmulticast mode [ 225.791047][ T11] bridge_slave_0: left promiscuous mode [ 225.798996][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 225.808382][ T786] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 225.928992][ T5793] Bluetooth: hci1: command tx timeout [ 225.971363][ T11] veth1_macvtap: left promiscuous mode [ 225.988464][ T11] veth1_vlan: left promiscuous mode [ 226.004066][ T11] veth0_vlan: left promiscuous mode [ 226.028182][ T786] usb 4-1: Using ep0 maxpacket: 32 [ 226.039744][ T786] usb 4-1: config 0 has an invalid interface number: 89 but max is 0 [ 226.047873][ T786] usb 4-1: config 0 has no interface number 0 [ 226.054898][ T786] usb 4-1: config 0 interface 89 altsetting 225 bulk endpoint 0x82 has invalid maxpacket 6 [ 226.065689][ T786] usb 4-1: config 0 interface 89 has no altsetting 0 [ 226.077202][ T786] usb 4-1: New USB device found, idVendor=12d1, idProduct=7ef3, bcdDevice=54.68 [ 226.088181][ T786] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 226.096304][ T786] usb 4-1: Product: syz [ 226.118177][ T786] usb 4-1: Manufacturer: syz [ 226.122869][ T786] usb 4-1: SerialNumber: syz [ 226.141403][ T786] usb 4-1: config 0 descriptor?? [ 226.150334][T11373] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 226.169272][ T786] hub 4-1:0.89: bad descriptor, ignoring hub [ 226.175977][ T786] hub: probe of 4-1:0.89 failed with error -5 [ 226.193704][ T786] option 4-1:0.89: GSM modem (1-port) converter detected [ 226.214001][ T786] usb 4-1: GSM modem (1-port) converter now attached to ttyUSB0 [ 226.568560][ T786] usb 4-1: USB disconnect, device number 16 [ 226.590174][ T786] option1 ttyUSB0: GSM modem (1-port) converter now disconnected from ttyUSB0 [ 226.626985][ T786] option 4-1:0.89: device disconnected [ 226.837639][ T11] bond1 (unregistering): Released all slaves [ 226.971863][T11397] Lens B: ================= START STATUS ================= [ 226.979417][T11397] Lens B: Focus, Absolute: 0 [ 227.040830][T11397] Lens B: ================== END STATUS ================== [ 227.512748][T11411] loop3: detected capacity change from 0 to 64 [ 227.824825][T11417] libceph: resolve '00' (ret=-3): failed [ 227.950874][T11419] netlink: 'syz.3.2547': attribute type 4 has an invalid length. [ 228.012484][ T5793] Bluetooth: hci1: command tx timeout [ 228.119303][ T5793] Bluetooth: hci2: unexpected event for opcode 0x0c46 [ 228.423041][ T11] team0 (unregistering): Port device team_slave_1 removed [ 228.517077][ T11] team0 (unregistering): Port device team_slave_0 removed [ 228.649872][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 228.759161][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 228.865728][ T27] audit: type=1326 audit(1755786346.679:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11444 comm="syz.3.2559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefa4d8ebe9 code=0x7ffc0000 [ 228.895744][ T27] audit: type=1326 audit(1755786346.679:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11444 comm="syz.3.2559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefa4d8ebe9 code=0x7ffc0000 [ 228.943514][ T27] audit: type=1326 audit(1755786346.679:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11444 comm="syz.3.2559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=199 compat=0 ip=0x7fefa4d8ebe9 code=0x7ffc0000 [ 229.014721][ T27] audit: type=1326 audit(1755786346.679:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11444 comm="syz.3.2559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefa4d8ebe9 code=0x7ffc0000 [ 229.037773][ T27] audit: type=1326 audit(1755786346.679:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11444 comm="syz.3.2559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefa4d8ebe9 code=0x7ffc0000 [ 229.550229][ T11] bond0 (unregistering): Released all slaves [ 229.662566][T11243] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 229.677168][T11243] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 229.790869][T11243] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 229.807339][T11455] loop0: detected capacity change from 0 to 128 [ 229.831935][T11243] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 229.840572][T11243] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 229.948454][T11243] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 230.078348][ T5793] Bluetooth: hci1: command tx timeout [ 230.310313][T11243] hsr_slave_0: entered promiscuous mode [ 230.362600][T11243] hsr_slave_1: entered promiscuous mode [ 230.747202][T11485] loop3: detected capacity change from 0 to 1024 [ 231.000148][ T1102] hfsplus: b-tree write err: -5, ino 4 [ 231.135718][ T11] IPVS: stop unused estimator thread 0... [ 231.193043][T11243] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 231.233445][T11243] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 231.274702][T11243] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 231.319909][T11243] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 231.388739][ T54] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 231.582720][ T54] usb 1-1: config 0 has no interfaces? [ 231.615945][ T54] usb 1-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 231.652547][ T54] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 231.673079][T11243] 8021q: adding VLAN 0 to HW filter on device bond0 [ 231.677720][ T54] usb 1-1: Product: syz [ 231.688602][ T54] usb 1-1: Manufacturer: syz [ 231.693242][ T54] usb 1-1: SerialNumber: syz [ 231.701387][ T54] r8152-cfgselector 1-1: config 0 descriptor?? [ 231.720674][T11243] 8021q: adding VLAN 0 to HW filter on device team0 [ 231.799985][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 231.807159][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 231.843798][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 231.852387][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 231.940755][ T54] usbip-host 1-1: 1-1 is not in match_busid table... skip! [ 232.182680][ T54] usb 1-1: USB disconnect, device number 17 [ 232.254845][T11544] netlink: 'syz.3.2593': attribute type 3 has an invalid length. [ 232.462562][T11553] loop3: detected capacity change from 0 to 1024 [ 232.469327][T11555] loop1: detected capacity change from 0 to 256 [ 232.541734][T11243] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 232.620277][ T1123] hfsplus: b-tree write err: -5, ino 4 [ 233.233588][T11581] loop1: detected capacity change from 0 to 2048 [ 233.283575][T11581] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 233.485639][T11243] veth0_vlan: entered promiscuous mode [ 233.557918][T11243] veth1_vlan: entered promiscuous mode [ 233.719529][T11243] veth0_macvtap: entered promiscuous mode [ 233.738850][T11243] veth1_macvtap: entered promiscuous mode [ 233.790563][T11598] loop1: detected capacity change from 0 to 1024 [ 233.820744][T11243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 233.888228][T11243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 233.919854][T11243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 233.948128][T11243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 233.974588][T11243] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 233.990015][T11243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 234.040315][T11243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 234.060411][T11243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 234.072683][T11243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 234.099459][T11243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 234.119311][T11574] loop0: detected capacity change from 0 to 32768 [ 234.128230][T11243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 234.155941][T11243] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 234.213462][T11243] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.253318][T11243] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.290269][T11243] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.317785][T11243] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.637387][ T1123] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 234.673817][ T1123] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 234.773033][ T1123] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 234.835925][ T1123] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 234.956880][T11620] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 235.287854][T11605] loop3: detected capacity change from 0 to 32768 [ 235.306534][T11605] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 235.348216][ T5861] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 235.370314][T11605] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 235.453898][T11613] loop0: detected capacity change from 0 to 32768 [ 235.482633][T11605] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms [ 235.494797][T11613] sysfs: cannot create duplicate filename '/fs/gfs2/syz:syz' [ 235.522863][T11613] CPU: 1 PID: 11613 Comm: syz.0.2611 Not tainted 6.6.102-syzkaller #0 [ 235.531094][T11613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 235.541198][T11613] Call Trace: [ 235.544504][T11613] [ 235.547634][T11613] dump_stack_lvl+0x16c/0x230 [ 235.552385][T11613] ? show_regs_print_info+0x20/0x20 [ 235.557626][T11613] ? load_image+0x3b0/0x3b0 [ 235.562193][T11613] sysfs_create_dir_ns+0x256/0x280 [ 235.567358][T11613] ? sysfs_warn_dup+0xa0/0xa0 [ 235.572092][T11613] ? do_raw_spin_unlock+0x121/0x230 [ 235.577340][T11613] kobject_add_internal+0x6b8/0xc70 [ 235.582741][T11613] kobject_init_and_add+0x126/0x190 [ 235.587982][T11613] ? lockdep_softirqs_off+0x430/0x430 [ 235.593397][T11613] ? kobject_add+0x220/0x220 [ 235.598041][T11613] ? __init_swait_queue_head+0xa9/0x150 [ 235.603814][T11613] gfs2_sys_fs_add+0x238/0x470 [ 235.604970][ T5861] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 235.608689][T11613] ? gfs2_recover_set+0x250/0x250 [ 235.608782][T11613] ? apply_workqueue_attrs+0x180/0x180 [ 235.608810][T11613] gfs2_fill_super+0x1323/0x1f80 [ 235.608844][T11613] ? gfs2_reconfigure+0xb10/0xb10 [ 235.640079][T11613] ? setup_bdev_super+0x56b/0x660 [ 235.645145][T11613] get_tree_bdev+0x3e4/0x510 [ 235.649872][T11613] ? end_current_label_crit_section+0x170/0x170 [ 235.656271][T11613] ? gfs2_reconfigure+0xb10/0xb10 [ 235.661374][T11613] ? setup_bdev_super+0x660/0x660 [ 235.666455][T11613] gfs2_get_tree+0x51/0x1e0 [ 235.671009][T11613] vfs_get_tree+0x8c/0x280 [ 235.675459][T11613] do_new_mount+0x24b/0xa40 [ 235.680014][T11613] __se_sys_mount+0x2da/0x3c0 [ 235.684724][T11613] ? __x64_sys_mount+0xc0/0xc0 [ 235.687880][ T5861] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18 [ 235.689593][T11613] ? lockdep_hardirqs_on+0x98/0x150 [ 235.689622][T11613] ? __x64_sys_mount+0x20/0xc0 [ 235.689640][T11613] do_syscall_64+0x55/0xb0 [ 235.689656][T11613] ? clear_bhb_loop+0x40/0x90 [ 235.689671][T11613] ? clear_bhb_loop+0x40/0x90 [ 235.689685][T11613] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 235.689709][T11613] RIP: 0033:0x7ff2eb39038a [ 235.689739][T11613] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 235.689754][T11613] RSP: 002b:00007ff2ec192e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 235.689773][T11613] RAX: ffffffffffffffda RBX: 00007ff2ec192ef0 RCX: 00007ff2eb39038a [ 235.689786][T11613] RDX: 00002000000002c0 RSI: 0000200000000100 RDI: 00007ff2ec192eb0 [ 235.689797][T11613] RBP: 00002000000002c0 R08: 00007ff2ec192ef0 R09: 0000000000008c9b [ 235.689807][T11613] R10: 0000000000008c9b R11: 0000000000000246 R12: 0000200000000100 [ 235.746268][T11605] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 235.756797][T11613] R13: 00007ff2ec192eb0 R14: 0000000000012760 R15: 0000200000000dc0 [ 235.756835][T11613] [ 235.802676][T11613] kobject: kobject_add_internal failed for syz:syz with -EEXIST, don't try to register things with the same name in the same directory. [ 235.811259][ T5861] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 235.813997][T11613] gfs2: fsid=syz:syz: error -17 adding sysfs files [ 235.821016][ T5861] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 235.905026][ T5861] usb 5-1: SerialNumber: syz [ 235.924843][ T5861] usb 5-1: bad CDC descriptors [ 236.212227][T11642] SET target dimension over the limit! [ 236.280884][ T5861] usb 5-1: USB disconnect, device number 2 [ 237.191928][T11678] CUSE: unknown device info "KJ H+ۤ2LhnL1`Ccn80(3նi>f_ٮ,<_eF" [ 237.256334][T11678] CUSE: unknown device info "3ܟ,̘" [ 237.283419][T11678] CUSE: unknown device info "J2S Z !e/J+-na4D|G$5O~q [ 237.283419][T11678] fzXSAxjTǔw xRɐQ(hҏj pVdY0|M?2JIv^R@" [ 237.318726][T11678] CUSE: unknown device info "!To}ݝ&|L+Uoϲ"FstV:׌E gJ<@c4TMM|" [ 237.393866][T11678] CUSE: DEVNAME unspecified [ 237.591175][T11694] tipc: Started in network mode [ 237.614075][T11694] tipc: Node identity 2, cluster identity 4711 [ 237.638582][T11694] tipc: Node number set to 2 [ 237.828439][T11706] vivid-000: disconnect [ 237.858233][T11705] vivid-000: reconnect [ 238.728613][T11704] loop3: detected capacity change from 0 to 32768 [ 238.881575][ T1130] read_mapping_page failed! [ 238.886146][ T1130] ERROR: (device loop3): txCommit: [ 238.886146][ T1130] [ 238.952619][ T1130] jfs_write_inode: jfs_commit_inode failed! [ 239.169958][T11753] loop0: detected capacity change from 0 to 1024 [ 239.291317][T11753] UBIFS error (pid: 11753): cannot open "74EU%8`ݺ Fug5ڌOݎl3j#d(]l6Kuf I{ܑ [ 239.291317][T11753] T{t Vzm9[ [ 239.291317][T11753] zYˮH9VAX:=jAjffݐ(ۛ rejected, failed to enable media [ 248.020554][ T27] audit: type=1800 audit(1755786365.839:62): pid=12030 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2764" name="file0" dev="loop3" ino=834 res=0 errno=0 [ 248.457275][T12041] loop4: detected capacity change from 0 to 4096 [ 248.675367][T12041] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 248.842717][T12051] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2774'. [ 249.213258][T11243] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 249.536405][T12061] netlink: 'syz.3.2779': attribute type 32 has an invalid length. [ 249.592321][T12061] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2779'. [ 249.816600][T12069] loop1: detected capacity change from 0 to 2048 [ 250.123083][ T27] audit: type=1800 audit(1755786367.939:63): pid=12069 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2781" name="file0" dev="loop1" ino=834 res=0 errno=0 [ 250.265974][T12075] loop4: detected capacity change from 0 to 256 [ 256.149647][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.168443][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 320.914080][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 320.928588][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 347.534190][ T5783] Bluetooth: hci1: command 0x0406 tx timeout [ 379.438766][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.453746][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.621375][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.634835][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 448.424945][ T28] INFO: task kworker/1:3:1192 blocked for more than 143 seconds. [ 448.432870][ T28] Not tainted 6.6.102-syzkaller #0 [ 448.443423][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 448.568143][ T28] task:kworker/1:3 state:D stack:21960 pid:1192 ppid:2 flags:0x00004000 [ 448.577423][ T28] Workqueue: events_power_efficient reg_check_chans_work [ 448.878130][ T28] Call Trace: [ 448.881553][ T28] [ 448.884504][ T28] __schedule+0x14d2/0x44d0 [ 449.068132][ T28] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 449.074135][ T28] ? mark_lock+0x94/0x320 [ 449.198114][ T28] ? asan.module_dtor+0x20/0x20 [ 449.203054][ T28] ? lockdep_hardirqs_on+0x98/0x150 [ 449.318054][ T28] schedule+0xbd/0x170 [ 449.322221][ T28] schedule_preempt_disabled+0x13/0x20 [ 449.327799][ T28] __mutex_lock+0x6b7/0xcc0 [ 449.468142][ T28] ? __mutex_lock+0x4e8/0xcc0 [ 449.472903][ T28] ? reg_check_chans_work+0x104/0xd70 [ 449.578060][ T28] ? mutex_lock_nested+0x20/0x20 [ 449.583098][ T28] ? process_scheduled_works+0x957/0x15b0 [ 449.708195][ T28] reg_check_chans_work+0x104/0xd70 [ 449.713477][ T28] ? reg_process_ht_flags+0xb80/0xb80 [ 449.838175][ T28] ? _raw_spin_unlock_irq+0x23/0x50 [ 449.843454][ T28] ? process_scheduled_works+0x957/0x15b0 [ 449.948130][ T28] ? process_scheduled_works+0x957/0x15b0 [ 449.954630][ T28] process_scheduled_works+0xa45/0x15b0 [ 450.058206][ T28] ? assign_work+0x400/0x400 [ 450.062878][ T28] ? assign_work+0x39e/0x400 [ 450.067581][ T28] worker_thread+0xa55/0xfc0 [ 450.158141][ T28] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 450.164805][ T28] ? _raw_spin_unlock+0x40/0x40 [ 450.218064][ T28] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 450.224050][ T28] kthread+0x2fa/0x390 [ 450.263866][ T28] ? pr_cont_work+0x560/0x560 [ 450.288282][ T28] ? kthread_blkcg+0xd0/0xd0 [ 450.293028][ T28] ret_from_fork+0x48/0x80 [ 450.297468][ T28] ? kthread_blkcg+0xd0/0xd0 [ 450.362057][ T28] ret_from_fork_asm+0x11/0x20 [ 450.408343][ T28] [ 450.441407][ T28] [ 450.441407][ T28] Showing all locks held in the system: [ 450.502581][ T28] 1 lock held by pool_workqueue_/3: [ 450.507853][ T28] #0: ffffffff8cd35bb8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x360/0x830 [ 450.691494][ T28] 1 lock held by khungtaskd/28: [ 450.696404][ T28] #0: ffffffff8cd2fbe0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x290 [ 450.872148][ T28] 2 locks held by kworker/1:1/42: [ 450.938180][ T28] #0: ffff888017870938 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 451.096476][ T28] #1: ffffc90000b2fd00 (free_ipc_work){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 451.206292][ T28] 1 lock held by klogd/5148: [ 451.262411][ T28] 2 locks held by udevd/5159: [ 451.267241][ T28] 2 locks held by getty/5547: [ 451.361385][ T28] #0: ffff88802dcb40a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 451.419375][ T28] #1: ffffc9000327b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x425/0x1380 [ 451.498054][ T28] 1 lock held by syz-executor/5772: [ 451.503313][ T28] 1 lock held by syz-executor/5781: [ 451.538073][ T28] #0: ffff88814c41a308 (&xt[i].mutex){+.+.}-{3:3}, at: xt_find_table_lock+0x54/0x3e0 [ 451.547735][ T28] 3 locks held by syz-executor/5787: [ 451.628067][ T28] 1 lock held by syz-executor/5788: [ 451.633324][ T28] #0: ffffffff8dfbba48 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x41/0x1c0 [ 451.698088][ T28] 4 locks held by udevd/7129: [ 451.702925][ T28] 3 locks held by dhcpcd-run-hook/12085: [ 451.758162][ T28] 3 locks held by kworker/0:6/12084: [ 451.763519][ T28] 2 locks held by syz-executor/12089: [ 451.818062][ T28] 2 locks held by kworker/0:7/12093: [ 451.823406][ T28] #0: ffff888017872538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 451.928069][ T28] #1: ffffc9000523fd00 ((work_completion)(&rew->rew_work)){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 451.978536][ T28] [ 451.980961][ T28] ============================================= [ 451.980961][ T28] [ 452.048084][ T28] NMI backtrace for cpu 0 [ 452.052481][ T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted 6.6.102-syzkaller #0 [ 452.060394][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 452.070479][ T28] Call Trace: [ 452.073773][ T28] [ 452.076713][ T28] dump_stack_lvl+0x16c/0x230 [ 452.081415][ T28] ? preempt_count_add+0x91/0x1a0 [ 452.086480][ T28] ? show_regs_print_info+0x20/0x20 [ 452.091705][ T28] ? load_image+0x3b0/0x3b0 [ 452.096246][ T28] nmi_cpu_backtrace+0x39b/0x3d0 [ 452.101212][ T28] ? nmi_trigger_cpumask_backtrace+0x2f0/0x2f0 [ 452.107393][ T28] ? _printk+0xd0/0x110 [ 452.111570][ T28] ? load_image+0x3b0/0x3b0 [ 452.116165][ T28] ? load_image+0x3b0/0x3b0 [ 452.120676][ T28] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 452.126749][ T28] nmi_trigger_cpumask_backtrace+0x17a/0x2f0 [ 452.132832][ T28] watchdog+0xf41/0xf80 [ 452.137015][ T28] ? watchdog+0x1e1/0xf80 [ 452.141345][ T28] kthread+0x2fa/0x390 [ 452.145406][ T28] ? hungtask_pm_notify+0x90/0x90 [ 452.150442][ T28] ? kthread_blkcg+0xd0/0xd0 [ 452.155050][ T28] ret_from_fork+0x48/0x80 [ 452.159461][ T28] ? kthread_blkcg+0xd0/0xd0 [ 452.164048][ T28] ret_from_fork_asm+0x11/0x20 [ 452.168900][ T28] [ 452.173290][ T28] Sending NMI from CPU 0 to CPUs 1: [ 452.178711][ C1] NMI backtrace for cpu 1 [ 452.178727][ C1] CPU: 1 PID: 12089 Comm: syz-executor Not tainted 6.6.102-syzkaller #0 [ 452.178743][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 452.178752][ C1] RIP: 0010:unwind_next_frame+0x1754/0x2970 [ 452.178781][ C1] Code: 00 00 41 80 3f 01 0f 85 8b 04 00 00 e8 25 d1 4a 00 e9 ad 04 00 00 4c 8d 73 02 48 83 c3 03 4c 89 f0 48 c1 e8 03 42 0f b6 04 28 <84> c0 0f 85 d9 10 00 00 48 89 d8 48 c1 e8 03 42 0f b6 04 28 84 c0 [ 452.178794][ C1] RSP: 0018:ffffc9000ba473d8 EFLAGS: 00000a07 [ 452.178807][ C1] RAX: 0000000000000000 RBX: ffffffff8ed9157d RCX: 0000000000000003 [ 452.178817][ C1] RDX: ffffffff813ab999 RSI: ffffffff8cb9e5a0 RDI: 0000000000000001 [ 452.178828][ C1] RBP: ffffc9000ba474f8 R08: ffff8880290b9e00 R09: 0000000000000003 [ 452.178837][ C1] R10: 0000000000000004 R11: 0000000000000000 R12: ffffc9000ba474a8 [ 452.178847][ C1] R13: dffffc0000000000 R14: ffffffff8ed9157c R15: ffffffff8ed9157e [ 452.178858][ C1] FS: 000055557a93e500(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 452.178871][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 452.178881][ C1] CR2: 00007f6aef4e56e8 CR3: 00000001a1684000 CR4: 00000000003506e0 [ 452.178895][ C1] Call Trace: [ 452.178900][ C1] [ 452.178910][ C1] ? kmem_cache_alloc+0x11e/0x2e0 [ 452.178931][ C1] ? kmem_cache_alloc+0x11e/0x2e0 [ 452.178948][ C1] ? stack_trace_save+0xe0/0xe0 [ 452.178965][ C1] arch_stack_walk+0x144/0x190 [ 452.178982][ C1] ? vm_area_alloc+0x24/0x1d0 [ 452.178997][ C1] stack_trace_save+0x9c/0xe0 [ 452.179012][ C1] ? stack_trace_snprint+0xf0/0xf0 [ 452.179027][ C1] ? mark_lock+0x94/0x320 [ 452.179046][ C1] save_stack+0xf7/0x1f0 [ 452.179067][ C1] ? __reset_page_owner+0x190/0x190 [ 452.179085][ C1] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 452.179105][ C1] ? free_unref_page_prepare+0x7ce/0x8e0 [ 452.179126][ C1] ? free_unref_page+0x32/0x2e0 [ 452.179143][ C1] ? __unfreeze_partials+0x1cf/0x210 [ 452.179163][ C1] ? put_cpu_partial+0x17c/0x250 [ 452.179180][ C1] ? __slab_free+0x31d/0x410 [ 452.179198][ C1] ? qlist_free_all+0x75/0xe0 [ 452.179215][ C1] ? kasan_quarantine_reduce+0x143/0x160 [ 452.179232][ C1] ? __kasan_slab_alloc+0x22/0x80 [ 452.179246][ C1] ? slab_post_alloc_hook+0x6e/0x4d0 [ 452.179263][ C1] ? kmem_cache_alloc+0x11e/0x2e0 [ 452.179285][ C1] ? page_ext_get+0x1e2/0x2b0 [ 452.179303][ C1] __reset_page_owner+0x4e/0x190 [ 452.179321][ C1] ? rcu_is_watching+0x15/0xb0 [ 452.179340][ C1] free_unref_page_prepare+0x7ce/0x8e0 [ 452.179361][ C1] free_unref_page+0x32/0x2e0 [ 452.179382][ C1] __unfreeze_partials+0x1cf/0x210 [ 452.179404][ C1] put_cpu_partial+0x17c/0x250 [ 452.179422][ C1] ? put_cpu_partial+0x6e/0x250 [ 452.179442][ C1] __slab_free+0x31d/0x410 [ 452.179461][ C1] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 452.179489][ C1] ? _raw_spin_unlock+0x40/0x40 [ 452.179507][ C1] ? __phys_addr+0xba/0x170 [ 452.179524][ C1] qlist_free_all+0x75/0xe0 [ 452.179542][ C1] kasan_quarantine_reduce+0x143/0x160 [ 452.179561][ C1] __kasan_slab_alloc+0x22/0x80 [ 452.179576][ C1] slab_post_alloc_hook+0x6e/0x4d0 [ 452.179598][ C1] kmem_cache_alloc+0x11e/0x2e0 [ 452.179615][ C1] ? vm_area_alloc+0x24/0x1d0 [ 452.179629][ C1] vm_area_alloc+0x24/0x1d0 [ 452.179642][ C1] mmap_region+0xbe6/0x1f80 [ 452.179668][ C1] ? mt_find+0x13e/0x5b0 [ 452.179684][ C1] ? file_mmap_ok+0x170/0x170 [ 452.179699][ C1] ? mt_find+0x585/0x5b0 [ 452.179715][ C1] ? mtree_destroy+0x30/0x30 [ 452.179736][ C1] do_mmap+0x8d1/0xfd0 [ 452.179757][ C1] ? mlock_future_ok+0xf0/0xf0 [ 452.179773][ C1] ? down_write+0x1f0/0x1f0 [ 452.179789][ C1] ? blkcg_maybe_throttle_current+0x19e/0xa40 [ 452.179812][ C1] vm_mmap_pgoff+0x1c0/0x400 [ 452.179833][ C1] ? account_locked_vm+0x210/0x210 [ 452.179852][ C1] ? ksys_mmap_pgoff+0xea/0x700 [ 452.179868][ C1] ? __x64_sys_mmap+0x7a/0x130 [ 452.179892][ C1] do_syscall_64+0x55/0xb0 [ 452.179907][ C1] ? clear_bhb_loop+0x40/0x90 [ 452.179921][ C1] ? clear_bhb_loop+0x40/0x90 [ 452.179935][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 452.179955][ C1] RIP: 0033:0x7f6aee78ec23 [ 452.179968][ C1] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7 [ 452.179980][ C1] RSP: 002b:00007ffdffc1bca8 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 452.179994][ C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f6aee78ec23 [ 452.180004][ C1] RDX: 0000000000000007 RSI: 0000000001000000 RDI: 0000200000000000 [ 452.180013][ C1] RBP: 0000000000000002 R08: 00000000ffffffff R09: 0000000000000000 [ 452.180022][ C1] R10: 0000000000100022 R11: 0000000000000246 R12: 0000200000000000 [ 452.180031][ C1] R13: 00007ffdffc1bf98 R14: 0000000000000009 R15: 0000000000000009 [ 452.180048][ C1] [ 452.994159][ T28] Kernel panic - not syncing: hung_task: blocked tasks [ 453.001064][ T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted 6.6.102-syzkaller #0 [ 453.008979][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 453.019045][ T28] Call Trace: [ 453.022342][ T28] [ 453.025280][ T28] dump_stack_lvl+0x16c/0x230 [ 453.029981][ T28] ? show_regs_print_info+0x20/0x20 [ 453.035299][ T28] ? load_image+0x3b0/0x3b0 [ 453.039846][ T28] panic+0x2c0/0x710 [ 453.043800][ T28] ? schedule_preempt_disabled+0x20/0x20 [ 453.049460][ T28] ? bpf_jit_dump+0xd0/0xd0 [ 453.053989][ T28] ? __irq_work_queue_local+0x13a/0x3b0 [ 453.059649][ T28] ? nmi_trigger_cpumask_backtrace+0x2a4/0x2f0 [ 453.065844][ T28] watchdog+0xf80/0xf80 [ 453.070037][ T28] ? watchdog+0x1e1/0xf80 [ 453.074393][ T28] kthread+0x2fa/0x390 [ 453.078621][ T28] ? hungtask_pm_notify+0x90/0x90 [ 453.083676][ T28] ? kthread_blkcg+0xd0/0xd0 [ 453.088275][ T28] ret_from_fork+0x48/0x80 [ 453.092705][ T28] ? kthread_blkcg+0xd0/0xd0 [ 453.097305][ T28] ret_from_fork_asm+0x11/0x20 [ 453.102094][ T28] [ 453.105348][ T28] Kernel Offset: disabled [ 453.109676][ T28] Rebooting in 86400 seconds..