last executing test programs: 2m25.536570178s ago: executing program 0 (id=2692): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x50) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000480)={@map=r0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 2m25.388103521s ago: executing program 0 (id=2695): r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000006c0)=ANY=[@ANYBLOB="c00000001200050929bd7000fddbdf25230902064e224e24fbffffff240900000600000006000000fdffffff05000000feffffff07000000", @ANYRES32=0x0, @ANYBLOB="0000010000100000080000000000000071000100006cae4f89d499a3616bd59b8af6f89e6a6066265654f4034787f2c91fa476ffcdb376405072b9d28ea842fb58c3219f095d3ac77216d25521e5636a878b4b90a80668110511a0b21602f14b9c1b66272e0a83ddd3633ca7c982014ec7ff63af705efc5b3e2b7d2cba9101f704"], 0xc0}, 0x1, 0x0, 0x0, 0x2000051}, 0x800) 2m25.131909272s ago: executing program 0 (id=2700): r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc018937e, &(0x7f0000001280)={{0x1, 0x1, 0x61}, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00'}) 2m24.931504178s ago: executing program 0 (id=2703): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) 2m24.813991887s ago: executing program 0 (id=2706): syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000001180)=ANY=[], 0x1, 0x17c, &(0x7f0000000500)="$eJzskr9OAkEQxr+9O/5oFDWxooGC+KdQjkONnZbY29lI4ETiocKRKITijDEUFsbSJ+A1THwBLYwPQE1BrM2ZvZ3bLL6C+yvu2/l2ZnZ2c+d+208B+JkOajhEhIkMPhiDBSDHhDcxhD6TfpI+CcE75R2Rf0+a9Xv9JAC+nceKMC6qnud28gC+I09a/sGdgUnU6ms6qPHFKYAwDEPu1QGejgUlxwTQVnKyFrAaXSKUORYNsA6g2G1dF/1ef6vZqjbchnvpmOU9e8e2d53iWdNzbfFlyhF0FXDdBJBKQ8L3EwAeKJ7HLEwZjfbZHE5kbTJ+www9IExZayi1sTK8yrlSSsUx1sDHugmWFLcQdbEQXakCBpOCkqXMJ85KRxvbtSuvPgQDi8tGsGSP0hgJGThqUN4PsChaDallgbRCOiIdk+b+/DJWwL+PFG0EQBK31W63U+KPJFYsXjnSc5YD9cH4qS/G7OXeDGg0Go1Go9FoNBrNf+c3AAD//8PfdhM=") open(&(0x7f0000000400)='./file2\x00', 0x40, 0x82) 2m23.807345158s ago: executing program 0 (id=2718): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x5, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000000000000000008500000011000000850000000500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 2m21.55728287s ago: executing program 3 (id=2758): r0 = socket$can_raw(0x1d, 0x3, 0x1) sendmsg$can_raw(r0, &(0x7f0000000340)={&(0x7f0000000080), 0x3, &(0x7f0000000000)={&(0x7f0000000600)=@can={{0x4, 0x1, 0x1, 0x1}, 0x0, 0x1, 0x0, 0x0, "977e809d15632d16"}, 0x10}}, 0x1) 2m21.426938731s ago: executing program 3 (id=2761): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)={0x68, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}, @CTA_LABELS={0x4}]}, 0x68}}, 0x0) 2m21.272334304s ago: executing program 3 (id=2764): setrlimit(0x2, &(0x7f0000000040)={0x0, 0x2400000}) mprotect(&(0x7f000033a000/0x4000)=nil, 0x4000, 0x3) 2m21.160301172s ago: executing program 3 (id=2766): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/profiling', 0xa0042, 0x0) read$qrtrtun(r0, &(0x7f00000003c0)=""/131, 0x83) 2m21.036960882s ago: executing program 3 (id=2769): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000d00)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e06bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112b0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01ac69398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ef6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b27663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b6214912a517810200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3800000000000000009c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488a0200000000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e4a59414329a7c7f2fad6bc871f5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561fe589e0d12969bc982ff3f0000006c0c6c747d9a1cc500bb89283a16ff10feea20bdac0000000000000000ca06f256a55591019465f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ee40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734837ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a6d072034cecc457776c5fa1f33b0203c07052c6bc314b0ac5c63bc2083c9cda0b7480e0b17854ffcc76176ce266bc698f7921b8afe798a7a5ed33ab0374455ee368fda99a0e681bf9426831b193395cb01a7332a50aac841cb7d48a1768a7640a9820631ba775a3dc4e97f7fda840bcdd3afaa0d7c3c229de4f0f4ac4d04f1a4e52e38325ca2e5f1f9caaa7234053eca09ec3c8c16940bc3edfb2e016f355391c0e7"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f008004be0ffff00124000638477fbac141416ac14141604089f034d2f87e5440c05ab845013f2325f1a39014403038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c) 2m20.81965501s ago: executing program 3 (id=2772): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) sync() 2m8.776027603s ago: executing program 32 (id=2718): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x5, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000000000000000008500000011000000850000000500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 2m5.762401797s ago: executing program 33 (id=2772): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) sync() 3.072563812s ago: executing program 5 (id=4525): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000900000030000380140002007369743000000000000000000000000006000400ffff00000800030000000000080001"], 0x44}}, 0x0) 3.012032997s ago: executing program 5 (id=4527): r0 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000c80)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x10, &(0x7f0000001cc0)=ANY=[@ANYBLOB='\f@\x00N']) syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x4, &(0x7f0000000140)={[{}]}) 1.662855616s ago: executing program 2 (id=4535): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="180200000010000000000000000000008500000053000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000000500000095"], &(0x7f0000000080)='GPL\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000100)="b34715ecd04550d3abc89b6f7bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.593337641s ago: executing program 4 (id=4536): r0 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2) ioctl$VIDIOC_S_OUTPUT(r0, 0xc004562f, &(0x7f0000000280)=0x1) ioctl$VIDIOC_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000380)={0x0, @bt={0x2d0, 0x7c5, 0x1, 0x3, 0xd59f80, 0x4, 0x5, 0xb, 0xb, 0x5, 0x720, 0xe72, 0x7, 0x5, 0xa, 0x13, {0xffffffff, 0x7}, 0x3, 0xec}}) 1.523464977s ago: executing program 2 (id=4538): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000380)={'pimreg\x00', 0x5005}) write$tun(r0, &(0x7f00000004c0)=ANY=[@ANYRESHEX], 0x1259) 1.256241279s ago: executing program 2 (id=4540): r0 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f00000001c0)={0x5fa, 0x3, 0x1, {0x1, @pix_mp={0xcf6, 0x1c00, 0x3432564e, 0x5, 0x8, [{0x2a302c, 0x10000}, {0x1, 0xfffffffc}, {0x5, 0x9}, {0x7fff0, 0x10001}, {0x2, 0xfffffffd}, {0x6, 0x5}, {0x9, 0x8}, {0x8, 0x10000}], 0x7f, 0x5, 0x2, 0x1}}, 0x7f}) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f00000003c0)={0x3, 0x6, 0x2, {0x1, @pix_mp={0x131c, 0x9, 0x20363159, 0x2, 0x0, [{0x2776463d, 0x7}, {0x0, 0x7f}, {0xffffffff, 0xffff}, {0x1, 0x42}, {0x7, 0x310cb2b8}, {0x7fffffff, 0x80}, {0x614, 0xfffffffc}, {0x81, 0x6}], 0xa0, 0x7f, 0x7, 0x1, 0x7}}, 0x8}) 1.078684743s ago: executing program 1 (id=4541): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_VM_DISABLE_NX_HUGE_PAGES(r1, 0x4068aea3, &(0x7f0000000200)={0xc0, 0x0, 0x1000000}) 1.049083535s ago: executing program 4 (id=4542): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000007440), 0xffffffffffffffff) sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000007580)={0x0, 0x0, &(0x7f0000007540)={&(0x7f0000000000)={0x34, r1, 0x1, 0x70bd28, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_DAEMON={0x20, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'bridge_slave_0\x00'}]}]}, 0x34}}, 0x48040) 947.467083ms ago: executing program 5 (id=4543): unshare(0x22020600) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x10, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000ffffff1f18230000", @ANYRES32=r0, @ANYBLOB="0000000000ce0d64b70500000800000085000000a5000000951e000000000000b75bb24cf8e4eccbf7a520994372046bca2db9e108bbfa12c884d3d0a1ceca059f3b795d1bff6841aad9b8ee773b9bd0b6bf0e7aa9ee"], &(0x7f0000000300)='GPL\x00', 0x4, 0x14, &(0x7f0000001e00)=""/4088}, 0x90) 826.185613ms ago: executing program 4 (id=4544): r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, &(0x7f0000000380)={0x0, 0x0, "5a77bd038786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500031681905db88235f8a5447dd2a2fd6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd500800000000000000e4a62fb73c33424b437bb192c9b06ea6ed04983fe5c5ca033dfce0a82577ef14eee5e6be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b394de70400d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca147df97db"}) ioctl$USBDEVFS_SETINTERFACE(r0, 0x80085504, &(0x7f0000000180)) 814.087314ms ago: executing program 1 (id=4545): r0 = socket(0x40000000015, 0x5, 0x0) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f0000000240)=[@mask_cswp={0x58, 0x114, 0x9, {{0x4, 0x2}, 0x0, 0x0, 0x376, 0x4, 0x5, 0x10001, 0x2, 0x8}}], 0x58, 0x80}, 0x4000000) 798.411606ms ago: executing program 5 (id=4546): syz_mount_image$hfs(&(0x7f0000000040), &(0x7f0000000a80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x14013, &(0x7f0000000480)={[{@gid}, {@uid}, {@iocharset={'iocharset', 0x3d, 'macgaelic'}}]}, 0x4, 0x339, &(0x7f0000000140)="$eJzs3U9P1EwcB/DvtLtL94EHK2BIPBmUxBMBPGi8QAzxNXgwRIQlIayYKCZKTETPxngzMfHIzbPRt6AX4xvQEwfjSS/EgzUzne5Ol5m2C7iF7PeTuHbb+fObttPO7GYpiKhvXVv4unNpV/4TVQA+gKuAByAAKgDOYDx4sLGZW5DfWhKIc4p9aZY3GrasAXQOLZTvKhgy19G/EUVR9C031c+exELlEWYPNnjAgO6danvQ88gObc62cjtuV38xjrDYwx4eYrjMcIiIqHz6/u/pu8SQHr97HjCpx+En9f6fSI1v9sqL41ho3f+9+H0k5P45pTbJ+d7aZrOxEk/h5NH3klmirSzrORG1d3cN8ZnlDxpDLqMWOxWLV19dazamtlUBzzCnGcnG1OsKkoYormhrwAyACcvcNENW27MNqjZUZRtmHfGPZtVonQB/+I5X9uoWPxWISXwUn8WiCPEaK63xXyUScueoIxV2dJU4/ml3iaqVYZwq1cp2+KdVJWd1DXj/tt3Kumu/BvBlLDayFNE5fg+TOF/W3LkwgvTHCnHrZtytU7lGgYpQswYz12wr0W9rrrHOuuqr1WZjavlu03XSHy3rjE68EDfEBH7gHRaM8b8nU0/C3TNTvVyolPrMyGxPRaV0HMcU1YHvdNUzSbmeuvgV8xy3cQXD9x9trS81m4175S8kXeWA2c8dcTzxiahPR7lG/m+kQSAXqgCc5VTdm6wLf6Iosm6qoBeHoKqaevlNu8lb60tCX/MOV4W8cnZsmncnBjAPQK9JrggHqf1JK9dAu8BC2X/Jo63W2E/IJKoedJCkqtQmHwOFekp935qdnFyP/z/YVYhOoPbRx/jNsoOhMsixg4jnf8Z8ZVpddeRLmDH/ifIKN0qcccyARtTrf8VmcK1inePEwWQhZ851/iJwoaNGD0mNTzuLDXWcOI7fSnb/VYZYwBfc4uf/REREREREREREREREREREREREREQnTbe/Rtj/c4L8hXSNu334hzeIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiA7HeP4v4KsnxtRsz//NelKT4sdPiAmO4vm/foHn/4rtLlpJRDZ/AwAA//9eD1xQ") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f00000002c0)=""/174, 0xae) 679.683105ms ago: executing program 2 (id=4547): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) write$UHID_INPUT(r1, &(0x7f0000000a00)={0xf, {"a2e3ad21ed0d1bf91b28090955f70e06d038e7ff7fc6e5539b0d650e8b089b3f36076d090890e0878f0e1ac6e7049b3360959b669a240d5b67f3988f7ef319520150ffe8d178708c523c921b1b5b31070d07450936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400", 0xfffffffffffffd6a}}, 0x1006) 577.073203ms ago: executing program 4 (id=4548): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000000000000000000020000085000000870000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009b0000009500000000000000"], &(0x7f0000000080)='syzkaller\x00'}, 0x88) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 575.729644ms ago: executing program 1 (id=4549): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000280)={0x28, 0x4, r1, 0x0, &(0x7f0000000200)='(', 0xdfeb6c186c36ebfc, 0x34e}) 509.872739ms ago: executing program 5 (id=4550): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x4, 0xd, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0xffeffffd, 0x0, 0x0, 0x0, 0xe3d}, [@call={0x85, 0x0, 0x0, 0x13}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x101}}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xe, 0x0, &(0x7f0000000000)="e06921e8682d85ff9782762f86dd", 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 375.39003ms ago: executing program 1 (id=4551): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000180)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_DIRECTION={0x5, 0x3, 0x20776f0ef85ae476}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x8}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x9}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x80}, 0x1, 0x0, 0x0, 0x4008091}, 0x24000000) 341.265083ms ago: executing program 2 (id=4552): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000001840), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r0, &(0x7f00000019c0)={0x0, 0x0, &(0x7f0000001980)={&(0x7f0000001880)={0x4c, r1, 0x1, 0x0, 0x0, {0x21}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5}}]}, 0x4c}}, 0x0) 273.941188ms ago: executing program 4 (id=4553): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x2, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x208000000000002}) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000100)={0x2}) 223.315272ms ago: executing program 5 (id=4554): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_VM_DISABLE_NX_HUGE_PAGES(r1, 0x4068aea3, &(0x7f0000000200)={0xc0, 0x0, 0x1000000}) 174.285096ms ago: executing program 1 (id=4555): iopl(0x3) ioperm(0x10, 0x6, 0x400) iopl(0x2) 133.164699ms ago: executing program 2 (id=4556): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000780), r0) sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000040)={0x2c, r1, 0x1, 0x400000, 0x0, {}, [@NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @multicast2}, @NLBL_MGMT_A_DOMAIN={0x5, 0x1, '\x00'}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x44000}, 0x0) 84.421613ms ago: executing program 4 (id=4557): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x2a08000, &(0x7f0000000140), 0xfc, 0x474, &(0x7f00000003c0)="$eJzs3MtrXFUYAPBv7mTSpM/4qNqHGl9YfDRN+rALN4qCCwVBF9VdTNNSm1ppIthSTBSpSym4F5eCf4Er3Yi6EtzqXgpBsml8gFfunXvzfk0yyUTn94MJ59x7Zu75zrlncu65MxNA2+rN/lQidkfEL1k6ybMz0qJQVm566vrQH1PXhyqRpq/9Xsn33Z66PlSWLZ+3u8gcSSKSjytxaInjjl69dnFwZGT4SpHvG7v0bt/o1WtPX7g0eH74/PA7A6dPnzje/8ypgZNNiXNPVteDH1w+fOClN26+MnTm5ls/fNVR1nVBHM3SG73z2nKux5p9sBbbMydd6WhhRWhINSKy7qrl439fVGO28/bFix+1tHLApkrTNN27/O6JFPgfq0SrawC0RvmP/vZUd3Rt0nXwdjb5XP0CKIt7unjU93REUpSpLbi+baauYt3kzMSfn0fe/jvaqv0BgK33TTb/eao+/ykf9T09cc+ccnvz9eBsa8QdEXFnRNwVEXdHxP6IvOy9EXFfg8fvXZBfPP9Mbq0rsDXK5n/PFve25s//itnfP2lPtcjtie7oiVrl3IWR4WNFmxyJ2o4s37/CMb594edPl9vXW8z9ykd2/HIuWNTjVseO+c85Ozg2uLGoZ01+mK8Bji+Of/bOVZY6EBEH1/H62bz5whNfHl5u/+rxr6AJ95nSLyIer/f/RKwQ/8L7k93FvlMDJ/u6YmT4WF95Viz24083Xl3u+BuKvwmy/t+55Pk/E39PZe792tHGj3Hj10+WvaZp4Px/s9ySnf+dldfzdGex7f3BsbEr/RGdlZcXbx+YfbUyX5af3L0/4pGlx3/2HpedY1n8hyIiO4nvj4gHIuLBou4PRcTDkb/EUsanI+L75x99ez3xJ6s1bBNk/X92Xv/HKv3feKJ68buv1xN/Xdb/J/LUkWLLWt7/1lrBjbQdAAAA/Fck+WfgK8nRmXSSHD0asStf292ZjFweHXvy3OX3/jpb/6x8T9SScqWrvh5cXw/tL9aGy/zAgvzxYt34s2p3nt9Z3PsGWmfX3PGfLzjWx3/mt2qLKwdsPt/XgvZl/EP7Mv6hfRn/0L7WOv7TTa4HsPWWGv/jLagHsPXM/6F9Gf/Qvox/aF/GP7SljXyvX2KVxHjDzdsVK5Xp3CZx5YlI8kQ63sJq/F38DMvaCm9efcpfy1i9cK0Yd9uhB1dOtO49CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoJn+DQAA//85XdxN") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000840)={0x0, 0x2904c, 0x0, 0x10003, '\x00', [{0x0, 0x0, 0xfc}, {0x0, 0x0, 0x0, 0x1, 0x0, 0x400000000000000}]}) 0s ago: executing program 1 (id=4558): setresuid(0xee01, 0xee01, 0x0) shmget(0x0, 0x4000, 0x602, &(0x7f0000ff9000/0x4000)=nil) shmget(0x0, 0x2000, 0x64, &(0x7f0000ffc000/0x2000)=nil) kernel console output (not intermixed with test programs): d not claim interface 0 before use [ 228.350600][T11018] loop0: detected capacity change from 0 to 32768 [ 228.397618][T11018] (syz.0.2358,11018,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 228.456993][T11018] (syz.0.2358,11018,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 228.562398][T11018] JBD2: Ignoring recovery information on journal [ 228.582577][T11054] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2378'. [ 228.746482][T11018] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 229.053784][ T5883] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 229.072991][ T5783] ocfs2: Unmounting device (7,0) on (node local) [ 229.291676][ T5883] usb 2-1: config 0 interface 0 altsetting 12 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 229.312322][ T5883] usb 2-1: config 0 interface 0 has no altsetting 0 [ 229.344986][ T5883] usb 2-1: New USB device found, idVendor=06cd, idProduct=0115, bcdDevice=d9.c3 [ 229.363763][ T5883] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 229.372426][ T5883] usb 2-1: Product: syz [ 229.394291][ T5883] usb 2-1: Manufacturer: syz [ 229.398969][ T5883] usb 2-1: SerialNumber: syz [ 229.431580][ T5883] usb 2-1: config 0 descriptor?? [ 229.449941][ T5883] keyspan 2-1:0.0: Keyspan 2 port adapter converter detected [ 229.477458][ T5883] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 7 [ 229.490199][T11083] loop2: detected capacity change from 0 to 64 [ 229.493161][ T5883] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 81 [ 229.515851][T11085] Zero length message leads to an empty skb [ 229.522017][ T5883] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 1 [ 229.538069][ T5883] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 2 [ 229.562255][ T5883] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 85 [ 229.603178][ T5883] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 5 [ 229.623436][T11087] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check. [ 229.678101][ T5883] usb 2-1: Keyspan 2 port adapter converter now attached to ttyUSB0 [ 229.700605][ T5883] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 83 [ 229.723679][ T5883] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 3 [ 229.743813][ T5883] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 4 [ 229.756066][ T5883] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 86 [ 229.773969][ T5883] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 6 [ 229.795530][ T5883] usb 2-1: Keyspan 2 port adapter converter now attached to ttyUSB1 [ 229.856120][ T5883] usb 2-1: USB disconnect, device number 12 [ 229.904634][ T5883] keyspan_2 ttyUSB0: Keyspan 2 port adapter converter now disconnected from ttyUSB0 [ 229.982587][ T5883] keyspan_2 ttyUSB1: Keyspan 2 port adapter converter now disconnected from ttyUSB1 [ 230.017520][ T5883] keyspan 2-1:0.0: device disconnected [ 230.119841][T11099] netlink: 'syz.0.2399': attribute type 2 has an invalid length. [ 230.129880][T11099] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 230.250224][T11101] netlink: 'syz.3.2400': attribute type 2 has an invalid length. [ 230.736756][T11115] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 231.459814][T11151] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 231.472033][T11151] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 232.536892][T11189] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 232.958099][T11199] netlink: 'syz.1.2442': attribute type 4 has an invalid length. [ 232.958123][T11199] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.2442'. [ 233.017216][T11184] loop0: detected capacity change from 0 to 32768 [ 233.036851][T11184] jfs_strtoUCS: char2uni returned -22. [ 233.036951][T11184] charset = iso8859-3, char = 0xbe [ 233.371904][T11210] netlink: 'syz.1.2447': attribute type 7 has an invalid length. [ 233.900992][T11224] netlink: 260 bytes leftover after parsing attributes in process `syz.3.2454'. [ 233.914679][T11226] loop0: detected capacity change from 0 to 8 [ 234.778399][T11261] xt_CT: You must specify a L4 protocol and not use inversions on it [ 234.912748][T11265] netlink: 156 bytes leftover after parsing attributes in process `syz.2.2474'. [ 235.315281][T11283] netlink: 'syz.1.2483': attribute type 5 has an invalid length. [ 235.550075][T11295] (unnamed net_device) (uninitialized): down delay (128) is not a multiple of miimon (7), value rounded to 126 ms [ 235.568910][T11295] (unnamed net_device) (uninitialized): peer notification delay (5) is not a multiple of miimon (7), value rounded to 0 ms [ 235.631798][T11295] bond1: entered allmulticast mode [ 235.643476][T11294] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2488'. [ 235.683070][ T8] usb 4-1: new full-speed USB device number 12 using dummy_hcd [ 235.897344][ T8] usb 4-1: config 1 has an invalid interface number: 128 but max is 1 [ 235.920150][ T8] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 235.940821][ T8] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 235.971282][ T8] usb 4-1: config 1 has no interface number 0 [ 236.006295][ T8] usb 4-1: config 1 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 236.027925][ T8] usb 4-1: config 1 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 236.038874][T11312] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2497'. [ 236.050769][ T8] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 236.064087][ T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 236.072165][ T8] usb 4-1: Product: syz [ 236.092787][ T8] usb 4-1: Manufacturer: syz [ 236.107754][ T8] usb 4-1: SerialNumber: syz [ 236.136816][ T8] cdc_wdm 4-1:1.128: skipping garbage [ 236.159983][ T8] cdc_wdm 4-1:1.128: cdc-wdm0: USB WDM device [ 236.181268][ T8] cdc_wdm 4-1:1.128: Unknown control protocol [ 236.271520][T11318] (unnamed net_device) (uninitialized): option min_links: invalid value (18446744071562067969) [ 236.296975][T11318] (unnamed net_device) (uninitialized): option min_links: allowed values 0 - 2147483647 [ 236.418694][ T8] usb 4-1: USB disconnect, device number 12 [ 237.708876][T11373] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2527'. [ 237.740898][T11373] veth1_to_team: entered allmulticast mode [ 237.984358][T11381] netlink: 'syz.0.2531': attribute type 2 has an invalid length. [ 237.992213][T11381] netlink: 'syz.0.2531': attribute type 1 has an invalid length. [ 238.501588][T11391] loop3: detected capacity change from 0 to 4096 [ 239.103825][T11418] netlink: 'syz.2.2549': attribute type 30 has an invalid length. [ 239.111707][T11418] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2549'. [ 239.150641][T11418] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0) [ 239.167592][T11418] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255 [ 240.241773][T11467] netlink: 'syz.3.2574': attribute type 5 has an invalid length. [ 240.356077][T11471] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2576'. [ 240.385998][T11471] erspan0: default FDB implementation only supports local addresses [ 240.421040][T11475] loop3: detected capacity change from 0 to 1024 [ 241.283388][T11507] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2594'. [ 241.772633][ T5851] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 241.984309][ T5851] usb 3-1: config 0 has an invalid interface number: 69 but max is 0 [ 242.007559][ T5851] usb 3-1: config 0 has no interface number 0 [ 242.021023][ T5851] usb 3-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023 [ 242.047907][ T5851] usb 3-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 242.066353][ T5851] usb 3-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca [ 242.087990][ T5851] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 242.105503][ T5851] usb 3-1: Product: syz [ 242.114319][ T5851] usb 3-1: Manufacturer: syz [ 242.126391][ T5851] usb 3-1: SerialNumber: syz [ 242.148265][ T5851] usb 3-1: config 0 descriptor?? [ 242.162941][T11515] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 242.181949][ T5851] cyberjack 3-1:0.69: Reiner SCT Cyberjack USB card reader converter detected [ 242.208682][ T5851] usb 3-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0 [ 242.419642][T11531] trusted_key: encrypted_key: keylen for the ecryptfs format must be equal to 64 bytes [ 242.674011][ T5883] usb 3-1: USB disconnect, device number 13 [ 242.726855][ T5883] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0 [ 242.759402][ T5883] cyberjack 3-1:0.69: device disconnected [ 242.904201][T11549] exFAT-fs (nullb0): mounting with "discard" option, but the device does not support discard [ 242.927167][T11549] exFAT-fs (nullb0): invalid boot record signature [ 242.952444][T11549] exFAT-fs (nullb0): failed to read boot sector [ 242.958809][T11549] exFAT-fs (nullb0): failed to recognize exfat type [ 243.379543][T11565] netlink: 5064 bytes leftover after parsing attributes in process `syz.2.2623'. [ 243.484997][T11571] bio_check_eod: 2 callbacks suppressed [ 243.485014][T11571] syz.3.2625: attempt to access beyond end of device [ 243.485014][T11571] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 244.005161][T11591] kAFS: unparsable volume name [ 244.072120][T11593] netlink: 'syz.1.2637': attribute type 21 has an invalid length. [ 244.080041][T11593] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2637'. [ 244.491329][T11614] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2646'. [ 244.701963][T11620] netlink: 'syz.2.2649': attribute type 2 has an invalid length. [ 245.344817][T11650] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2665'. [ 245.886232][ T27] audit: type=1326 audit(1755183016.412:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11666 comm="syz.1.2673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f861718ebe9 code=0x7ffc0000 [ 245.941672][ T27] audit: type=1326 audit(1755183016.412:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11666 comm="syz.1.2673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f861718ebe9 code=0x7ffc0000 [ 245.964353][ C0] vkms_vblank_simulate: vblank timer overrun [ 245.999546][ T27] audit: type=1326 audit(1755183016.452:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11666 comm="syz.1.2673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7f861718ebe9 code=0x7ffc0000 [ 246.069538][ T27] audit: type=1326 audit(1755183016.452:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11666 comm="syz.1.2673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f861718ebe9 code=0x7ffc0000 [ 246.103674][ T27] audit: type=1326 audit(1755183016.452:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11666 comm="syz.1.2673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f861718ebe9 code=0x7ffc0000 [ 246.236014][T11675] x_tables: unsorted entry at hook 2 [ 246.301985][T11678] CIFS mount error: No usable UNC path provided in device string! [ 246.301985][T11678] [ 246.371546][T11678] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 246.588458][T11689] netlink: 798 bytes leftover after parsing attributes in process `syz.3.2684'. [ 246.981084][T11705] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2691'. [ 247.051889][T11707] netlink: 'syz.3.2693': attribute type 21 has an invalid length. [ 247.060355][T11707] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2693'. [ 247.087963][T11707] netlink: 'syz.3.2693': attribute type 1 has an invalid length. [ 247.388912][T11722] autofs4:pid:11722:validate_dev_ioctl: path string terminator missing for cmd(0xc018937e) [ 247.669308][T11733] loop0: detected capacity change from 0 to 8 [ 248.431464][ T5789] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 248.502265][ T27] audit: type=1800 audit(1755183019.032:72): pid=11733 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2706" name="file2" dev="loop0" ino=6 res=0 errno=0 [ 248.662458][ T5789] usb 3-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc [ 248.679048][ T5789] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 248.688746][ T5789] usb 3-1: Product: syz [ 248.698629][ T5789] usb 3-1: Manufacturer: syz [ 248.703689][ T5789] usb 3-1: SerialNumber: syz [ 248.715881][ T5789] usb 3-1: config 0 descriptor?? [ 248.727333][ T5789] i2c-tiny-usb 3-1:0.0: version 6d.cc found at bus 003 address 014 [ 248.838068][T11760] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2720'. [ 249.081200][T11748] comedi comedi2: reset error (fatal) [ 249.161708][ T5789] (null): failure reading functionality [ 249.169279][ T5789] i2c i2c-1: failure reading functionality [ 249.218501][ T5789] i2c i2c-1: connected i2c-tiny-usb device [ 249.221069][T11770] trusted_key: encrypted_key: master key parameter 'user:' is invalid [ 249.231943][ T5789] usb 3-1: USB disconnect, device number 14 [ 249.556590][T11782] __vm_enough_memory: pid: 11782, comm: syz.3.2731, not enough memory for the allocation [ 249.950007][T11796] xt_l2tp: invalid flags combination: c [ 251.597758][ T27] audit: type=1326 audit(1755183022.122:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11863 comm="syz.3.2772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f733eb8ebe9 code=0x7ffc0000 [ 251.638997][ T27] audit: type=1326 audit(1755183022.122:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11863 comm="syz.3.2772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f733eb8ebe9 code=0x7ffc0000 [ 251.669698][ T27] audit: type=1326 audit(1755183022.122:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11863 comm="syz.3.2772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=162 compat=0 ip=0x7f733eb8ebe9 code=0x7ffc0000 [ 252.428256][ T27] audit: type=1326 audit(1755183022.952:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11884 comm="syz.2.2783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe94eb8ebe9 code=0x7ffc0000 [ 252.489163][ T27] audit: type=1326 audit(1755183022.952:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11884 comm="syz.2.2783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe94eb8ebe9 code=0x7ffc0000 [ 252.528459][ T27] audit: type=1326 audit(1755183022.952:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11884 comm="syz.2.2783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=265 compat=0 ip=0x7fe94eb8ebe9 code=0x7ffc0000 [ 252.557148][ T27] audit: type=1326 audit(1755183022.952:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11884 comm="syz.2.2783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe94eb8ebe9 code=0x7ffc0000 [ 252.597762][ T27] audit: type=1326 audit(1755183022.952:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11884 comm="syz.2.2783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe94eb8ebe9 code=0x7ffc0000 [ 252.816935][T11897] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2788'. [ 252.838783][T11899] x_tables: unsorted underflow at hook 4 [ 252.844918][T11897] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2788'. [ 255.335985][T11990] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2834'. [ 256.044150][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.051421][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.257821][T12025] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2851'. [ 256.809924][T12045] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2861'. [ 257.293371][T12064] bond3: entered promiscuous mode [ 257.298537][T12064] bond3: entered allmulticast mode [ 258.815889][T12102] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2890'. [ 258.929515][T12106] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2891'. [ 259.715994][T12136] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2905'. [ 259.841153][ T27] audit: type=1326 audit(1755183034.365:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12140 comm="syz.2.2908" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe94eb8ebe9 code=0x0 [ 260.068726][T12150] xt_CT: You must specify a L4 protocol and not use inversions on it [ 260.137279][T12154] IPVS: sync thread started: state = BACKUP, mcast_ifn = dummy0, syncid = 1, id = 0 [ 260.279088][T12159] xt_connbytes: Forcing CT accounting to be enabled [ 262.412618][T12223] mac80211_hwsim hwsim6 wlan0: entered promiscuous mode [ 262.431069][T12223] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 262.799713][T12237] binder: 12236:12237 ioctl c00c6211 ffffffffffffffff returned -14 [ 263.020958][T12243] netlink: 136 bytes leftover after parsing attributes in process `syz.1.2958'. [ 263.046437][T12243] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check. [ 263.710949][T12271] netlink: 'syz.2.2972': attribute type 1 has an invalid length. [ 264.032919][T12279] netlink: 'syz.2.2976': attribute type 6 has an invalid length. [ 264.228726][ T5792] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 264.244935][ T5792] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 264.253964][ T5792] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 264.330170][ T5792] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 264.339078][ T5792] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 264.346857][ T5792] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 264.369001][ T5787] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 264.379828][ T5787] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 264.391010][ T5787] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 264.402269][ T5787] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 264.411114][ T5787] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 264.418761][ T5787] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 264.447396][T12289] netlink: 'syz.2.2980': attribute type 2 has an invalid length. [ 264.455311][T12289] netlink: 'syz.2.2980': attribute type 1 has an invalid length. [ 264.463542][T12289] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2980'. [ 265.014001][T12280] chnl_net:caif_netlink_parms(): no params data found [ 265.066063][ T27] audit: type=1326 audit(1755183039.595:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12307 comm="syz.2.2988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe94eb8ebe9 code=0x7ffc0000 [ 265.110615][ T27] audit: type=1326 audit(1755183039.595:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12307 comm="syz.2.2988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe94eb8ebe9 code=0x7ffc0000 [ 265.161921][ T27] audit: type=1326 audit(1755183039.625:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12307 comm="syz.2.2988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=84 compat=0 ip=0x7fe94eb8ebe9 code=0x7ffc0000 [ 265.190021][ T27] audit: type=1326 audit(1755183039.625:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12307 comm="syz.2.2988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe94eb8ebe9 code=0x7ffc0000 [ 265.239045][ T27] audit: type=1326 audit(1755183039.625:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12307 comm="syz.2.2988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe94eb8ebe9 code=0x7ffc0000 [ 265.345299][T12280] bridge0: port 1(bridge_slave_0) entered blocking state [ 265.356424][T12280] bridge0: port 1(bridge_slave_0) entered disabled state [ 265.364182][T12280] bridge_slave_0: entered allmulticast mode [ 265.371821][T12280] bridge_slave_0: entered promiscuous mode [ 265.382388][T12280] bridge0: port 2(bridge_slave_1) entered blocking state [ 265.389768][T12280] bridge0: port 2(bridge_slave_1) entered disabled state [ 265.397490][T12280] bridge_slave_1: entered allmulticast mode [ 265.409066][T12280] bridge_slave_1: entered promiscuous mode [ 265.508955][ T27] audit: type=1326 audit(1755183040.035:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12316 comm="syz.2.2990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe94eb8ebe9 code=0x7ffc0000 [ 265.544627][T12280] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 265.550087][ T27] audit: type=1326 audit(1755183040.065:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12316 comm="syz.2.2990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe94eb8ebe9 code=0x7ffc0000 [ 265.589240][T12280] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 265.649742][ T27] audit: type=1326 audit(1755183040.065:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12316 comm="syz.2.2990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7fe94eb8ebe9 code=0x7ffc0000 [ 265.690801][ T27] audit: type=1326 audit(1755183040.065:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12316 comm="syz.2.2990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe94eb8ebe9 code=0x7ffc0000 [ 265.724623][T12280] team0: Port device team_slave_0 added [ 265.735658][T12280] team0: Port device team_slave_1 added [ 265.818932][T12280] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 265.826181][T12280] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 265.890006][T12280] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 265.931843][T12280] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 265.939030][T12280] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 265.975831][T12280] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 266.044398][T12329] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2997'. [ 266.078039][T12329] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2997'. [ 266.127298][T12280] hsr_slave_0: entered promiscuous mode [ 266.144491][T12280] hsr_slave_1: entered promiscuous mode [ 266.158219][T12280] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 266.180057][T12280] Cannot create hsr debugfs directory [ 266.520343][ T5787] Bluetooth: hci4: command tx timeout [ 266.707198][T12280] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 266.735315][T12280] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 266.757261][T12280] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 266.783896][T12280] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 267.175745][T12280] 8021q: adding VLAN 0 to HW filter on device bond0 [ 267.248513][T12280] 8021q: adding VLAN 0 to HW filter on device team0 [ 267.291053][ T2973] bridge0: port 1(bridge_slave_0) entered blocking state [ 267.291137][ T5792] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 267.298276][ T2973] bridge0: port 1(bridge_slave_0) entered forwarding state [ 267.316774][ T5792] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 267.325618][ T5792] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 267.342097][ T5792] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 267.355188][ T5792] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 267.362711][ T5792] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 267.399511][ T2973] bridge0: port 2(bridge_slave_1) entered blocking state [ 267.406761][ T2973] bridge0: port 2(bridge_slave_1) entered forwarding state [ 267.438158][T12280] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 267.458806][T12280] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 267.541095][T12367] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3011'. [ 267.944532][T12280] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 268.085428][T12362] chnl_net:caif_netlink_parms(): no params data found [ 268.118926][ T27] audit: type=1326 audit(1755183042.645:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12384 comm="syz.1.3016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f861718ebe9 code=0x7ffc0000 [ 268.479443][T12362] bridge0: port 1(bridge_slave_0) entered blocking state [ 268.507074][T12362] bridge0: port 1(bridge_slave_0) entered disabled state [ 268.531636][T12362] bridge_slave_0: entered allmulticast mode [ 268.560125][T12362] bridge_slave_0: entered promiscuous mode [ 268.601158][T12362] bridge0: port 2(bridge_slave_1) entered blocking state [ 268.608840][T12362] bridge0: port 2(bridge_slave_1) entered disabled state [ 268.616093][ T5787] Bluetooth: hci4: command tx timeout [ 268.635453][T12362] bridge_slave_1: entered allmulticast mode [ 268.651331][T12362] bridge_slave_1: entered promiscuous mode [ 268.721094][T12362] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 268.839720][T12362] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 268.918847][T12415] lo: entered promiscuous mode [ 268.924301][T12415] lo: entered allmulticast mode [ 268.950432][T12415] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 268.986958][T12362] team0: Port device team_slave_0 added [ 269.030770][T12362] team0: Port device team_slave_1 added [ 269.223039][T12362] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 269.251461][T12362] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 269.277553][ C1] vkms_vblank_simulate: vblank timer overrun [ 269.320159][T12362] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 269.334516][T12362] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 269.342545][T12362] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 269.379644][T12427] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3033'. [ 269.401056][T12362] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 269.410017][ T5787] Bluetooth: hci5: command tx timeout [ 269.653407][T12362] hsr_slave_0: entered promiscuous mode [ 269.666915][T12362] hsr_slave_1: entered promiscuous mode [ 269.683634][T12362] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 269.700922][T12362] Cannot create hsr debugfs directory [ 269.714275][T12280] veth0_vlan: entered promiscuous mode [ 269.870766][T12280] veth1_vlan: entered promiscuous mode [ 270.063698][T12280] veth0_macvtap: entered promiscuous mode [ 270.127725][T12280] veth1_macvtap: entered promiscuous mode [ 270.228019][T12280] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 270.266789][T12280] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 270.277084][T12280] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 270.277433][T12451] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3051'. [ 270.287959][T12280] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 270.287976][T12280] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 270.287992][T12280] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 270.289628][T12280] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 270.383716][T12280] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 270.405870][T12280] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 270.426128][T12280] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 270.480077][T12280] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 270.500105][T12280] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 270.517611][T12280] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 270.528833][T12280] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 270.547709][T12280] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 270.567610][T12280] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 270.669535][T12280] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 270.687929][ T5787] Bluetooth: hci4: command tx timeout [ 270.695769][T12280] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 270.710635][T12280] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 270.719479][T12280] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 270.815076][T12362] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 270.911620][ T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 270.942900][ T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 270.967027][T12362] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 271.028341][T12362] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 271.047106][ T3003] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 271.055772][ T3003] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 271.057000][T12362] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 271.326582][T12362] 8021q: adding VLAN 0 to HW filter on device bond0 [ 271.410314][T12362] 8021q: adding VLAN 0 to HW filter on device team0 [ 271.433975][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 271.441222][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 271.490657][ T5787] Bluetooth: hci5: command tx timeout [ 271.512422][ T3003] bridge0: port 2(bridge_slave_1) entered blocking state [ 271.519702][ T3003] bridge0: port 2(bridge_slave_1) entered forwarding state [ 271.544749][T12473] loop4: detected capacity change from 0 to 256 [ 271.607509][T12473] FAT-fs (loop4): Directory bread(block 64) failed [ 271.618953][T12473] FAT-fs (loop4): Directory bread(block 65) failed [ 271.658152][T12473] FAT-fs (loop4): Directory bread(block 66) failed [ 271.688375][T12473] FAT-fs (loop4): Directory bread(block 67) failed [ 271.708327][T12473] FAT-fs (loop4): Directory bread(block 68) failed [ 271.734038][T12473] FAT-fs (loop4): Directory bread(block 69) failed [ 271.770564][T12473] FAT-fs (loop4): Directory bread(block 70) failed [ 271.777196][T12473] FAT-fs (loop4): Directory bread(block 71) failed [ 271.810089][T12473] FAT-fs (loop4): Directory bread(block 72) failed [ 271.830719][T12473] FAT-fs (loop4): Directory bread(block 73) failed [ 272.266073][T12362] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 272.277827][T12481] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3054'. [ 272.748202][T12500] : renamed from bond_slave_0 (while UP) [ 272.760935][ T5787] Bluetooth: hci4: command tx timeout [ 272.982824][T12362] veth0_vlan: entered promiscuous mode [ 273.063171][T12362] veth1_vlan: entered promiscuous mode [ 273.175766][T12362] veth0_macvtap: entered promiscuous mode [ 273.205329][T12362] veth1_macvtap: entered promiscuous mode [ 273.283330][T12362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 273.310541][T12362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 273.330302][T12362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 273.343246][T12362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 273.384493][T12362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 273.420130][T12362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 273.441361][T12362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 273.478790][T12362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 273.511614][T12362] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 273.535418][T12362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 273.570882][ T5787] Bluetooth: hci5: command tx timeout [ 273.575586][T12362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 273.608363][T12362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 273.629699][T12362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 273.639780][T12362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 273.651791][T12362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 273.669961][T12362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 273.681253][T12362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 273.691870][T12362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 273.702921][T12362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 273.739070][T12362] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 273.751642][ T27] kauditd_printk_skb: 4 callbacks suppressed [ 273.751658][ T27] audit: type=1326 audit(1755183048.275:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12527 comm="syz.1.3074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f861718ebe9 code=0x7ffc0000 [ 273.807810][T12362] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.817408][T12362] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.850153][ T27] audit: type=1326 audit(1755183048.275:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12527 comm="syz.1.3074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f861718ebe9 code=0x7ffc0000 [ 273.880481][T12362] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.889387][T12362] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.938144][ T27] audit: type=1326 audit(1755183048.285:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12527 comm="syz.1.3074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=253 compat=0 ip=0x7f861718ebe9 code=0x7ffc0000 [ 273.997370][T12532] x_tables: unsorted entry at hook 1 [ 274.015588][ T27] audit: type=1326 audit(1755183048.285:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12527 comm="syz.1.3074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f861718ebe9 code=0x7ffc0000 [ 274.055176][T12533] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3076'. [ 274.247101][ T78] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 274.289807][ T78] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 274.416831][ T2948] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 274.480038][ T2948] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 274.723821][T12551] libceph: resolve '40.' (ret=-3): failed [ 274.861363][T12560] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3088'. [ 275.274154][T12576] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3098'. [ 275.491347][T12582] QAT: Stopping all acceleration devices. [ 275.649941][ T5787] Bluetooth: hci5: command tx timeout [ 275.870193][ T5773] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 275.890493][T12603] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3109'. [ 275.899675][T12603] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3109'. [ 275.940416][T12603] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3109'. [ 276.067775][ T5773] usb 3-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 276.097740][ T5773] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 276.126752][ T5773] usb 3-1: Product: syz [ 276.142146][ T5773] usb 3-1: Manufacturer: syz [ 276.157026][ T5773] usb 3-1: SerialNumber: syz [ 276.178403][ T5773] usb 3-1: config 0 descriptor?? [ 276.293746][T12616] netlink: 128 bytes leftover after parsing attributes in process `syz.4.3115'. [ 276.330244][T12616] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 276.369955][T12619] netlink: 'syz.5.3117': attribute type 10 has an invalid length. [ 276.419240][ T5773] hso 3-1:0.0: Failed to find INT IN ep [ 276.428049][T12619] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 276.442009][ T5773] usb-storage 3-1:0.0: USB Mass Storage device detected [ 276.463561][T12619] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 276.681997][ T5773] usb 3-1: USB disconnect, device number 15 [ 277.009592][T12641] tmpfs: Bad value for 'mpol' [ 277.890065][T12665] process 'syz.2.3140' launched './file0/file0' with NULL argv: empty string added [ 278.269608][T12683] AppArmor: change_hat: Invalid input '0' [ 278.505974][T12690] loop4: detected capacity change from 0 to 4096 [ 278.610122][ T9] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 278.800079][ T9] usb 3-1: Using ep0 maxpacket: 32 [ 278.825677][ T9] usb 3-1: config 1 interface 0 altsetting 14 endpoint 0x82 has invalid wMaxPacketSize 0 [ 278.860204][ T9] usb 3-1: config 1 interface 0 altsetting 14 bulk endpoint 0x82 has invalid maxpacket 0 [ 278.886276][ T9] usb 3-1: config 1 interface 0 altsetting 14 endpoint 0x3 has invalid maxpacket 1600, setting to 1024 [ 278.910005][ T9] usb 3-1: config 1 interface 0 altsetting 14 bulk endpoint 0x3 has invalid maxpacket 1024 [ 278.938322][ T9] usb 3-1: config 1 interface 0 has no altsetting 0 [ 278.962425][ T9] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 278.984269][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 279.008082][ T9] usb 3-1: Product: syz [ 279.018884][ T9] usb 3-1: Manufacturer: syz [ 279.027997][ T9] usb 3-1: SerialNumber: syz [ 279.042963][T12705] loop5: detected capacity change from 0 to 128 [ 279.043805][T12685] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 279.099399][T12705] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 279.140286][T12705] ext4 filesystem being mounted at /24/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 279.175908][T12705] EXT4-fs warning (device loop5): verify_group_input:151: Cannot add at group 16387 (only 1 groups) [ 279.365267][T12362] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 279.399105][ T9] cdc_ether: probe of 3-1:1.0 failed with error -22 [ 279.440624][ T9] usb 3-1: USB disconnect, device number 16 [ 279.651899][T12725] loop5: detected capacity change from 0 to 512 [ 279.664797][T12727] nvme_fabrics: unknown parameter or missing value 'V' in ctrl creation request [ 279.668003][T12725] EXT4-fs: Ignoring removed i_version option [ 279.683697][T12725] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 279.724799][T12725] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2802e12c, mo2=0002] [ 279.748055][T12725] System zones: 1-12 [ 279.760297][T12725] EXT4-fs (loop5): orphan cleanup on readonly fs [ 279.767779][T12725] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #11: comm syz.5.3169: invalid indirect mapped block 12 (level 1) [ 279.800183][T12725] EXT4-fs (loop5): Remounting filesystem read-only [ 279.809779][T12725] EXT4-fs (loop5): 1 truncate cleaned up [ 279.817289][T12725] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 279.943093][T12362] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 280.317070][T12747] trusted_key: encrypted_key: master key parameter 'trusted:' is invalid [ 280.726364][T12760] geneve3: entered promiscuous mode [ 280.734909][T12760] geneve3: entered allmulticast mode [ 281.334509][T12787] loop4: detected capacity change from 0 to 1024 [ 281.504570][ T3003] hfsplus: b-tree write err: -5, ino 4 [ 282.123214][T12798] loop4: detected capacity change from 0 to 512 [ 282.180095][T12798] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 282.222117][T12798] EXT4-fs (loop4): 1 orphan inode deleted [ 282.227918][T12798] EXT4-fs (loop4): 1 truncate cleaned up [ 282.251380][T12798] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 282.317302][T12783] loop5: detected capacity change from 0 to 32768 [ 282.322605][T12798] EXT4-fs error (device loop4): ext4_search_dir:1549: inode #12: block 7: comm syz.4.3203: bad entry in directory: directory entry overrun - offset=0, inode=13, rec_len=784, size=56 fake=0 [ 282.350133][T12783] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop5 scanned by syz.5.3196 (12783) [ 282.395551][T12783] BTRFS info (device loop5): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 282.462258][T12783] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm [ 282.504657][T12783] BTRFS info (device loop5): enabling ssd optimizations [ 282.515610][T12783] BTRFS info (device loop5): not using ssd optimizations [ 282.524982][T12783] BTRFS info (device loop5): turning off barriers [ 282.533345][T12783] BTRFS info (device loop5): using free space tree [ 282.535030][T12280] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 282.679183][T12820] loop4: detected capacity change from 0 to 1024 [ 282.747064][ T5883] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 282.788616][T12783] BTRFS warning (device loop5): can't clear the compat:0,compat:1 feature bits while mounted [ 282.882000][T12362] BTRFS info (device loop5): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 282.940152][ T5883] usb 2-1: Using ep0 maxpacket: 16 [ 282.998453][ T5883] usb 2-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88 [ 283.018415][ T5883] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 283.046978][ T5883] usb 2-1: Product: syz [ 283.067615][ T5883] usb 2-1: Manufacturer: syz [ 283.073791][ T5883] usb 2-1: SerialNumber: syz [ 283.131580][ T5883] usb 2-1: config 0 descriptor?? [ 283.343704][ T5883] speedtch 2-1:0.0: speedtch_bind: data interface not found! [ 283.364983][ T5883] speedtch 2-1:0.0: usbatm_usb_probe: bind failed: -19! [ 283.556241][ T42] usb 2-1: USB disconnect, device number 13 [ 285.201281][T12894] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3242'. [ 285.334781][T12901] (unnamed net_device) (uninitialized): option ad_user_port_key: mode dependency failed, not supported in mode active-backup(1) [ 286.175337][T12933] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3261'. [ 286.400212][ T5789] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 286.509928][ T27] audit: type=1326 audit(1755183061.035:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12944 comm="syz.2.3267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe94eb8ebe9 code=0x7ffc0000 [ 286.537035][ T27] audit: type=1326 audit(1755183061.035:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12944 comm="syz.2.3267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe94eb8ebe9 code=0x7ffc0000 [ 286.580600][ T27] audit: type=1326 audit(1755183061.035:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12944 comm="syz.2.3267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=126 compat=0 ip=0x7fe94eb8ebe9 code=0x7ffc0000 [ 286.603080][ C0] vkms_vblank_simulate: vblank timer overrun [ 286.643918][ T5789] usb 6-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5 [ 286.657381][ T5789] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 286.670022][ T27] audit: type=1326 audit(1755183061.035:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12944 comm="syz.2.3267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe94eb8ebe9 code=0x7ffc0000 [ 286.719774][ T5789] usb 6-1: config 0 descriptor?? [ 287.144126][ T5789] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 287.176137][ T5789] asix 6-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 287.197393][ T5789] asix: probe of 6-1:0.0 failed with error -71 [ 287.231417][ T5789] usb 6-1: USB disconnect, device number 2 [ 287.743694][T12975] loop4: detected capacity change from 0 to 4096 [ 287.876102][T12975] ntfs: volume version 3.1. [ 288.800595][ T5789] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 288.982285][ T5789] usb 6-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 255 [ 288.999933][ T5789] usb 6-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 61 [ 289.033406][ T5789] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 289.060916][ T5789] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 73, using maximum allowed: 30 [ 289.080696][ T5789] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 73 [ 289.147874][ T5789] usb 6-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00 [ 289.174636][ T5789] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 289.226654][ T27] audit: type=1326 audit(1755183063.755:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13014 comm="syz.2.3303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe94eb8ebe9 code=0x7ffc0000 [ 289.259714][ T5789] usb 6-1: config 0 descriptor?? [ 289.265639][ T27] audit: type=1326 audit(1755183063.755:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13014 comm="syz.2.3303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe94eb8ebe9 code=0x7ffc0000 [ 289.267762][ T5789] usb-storage 6-1:0.0: USB Mass Storage device detected [ 289.290471][ C0] vkms_vblank_simulate: vblank timer overrun [ 289.321495][ T27] audit: type=1326 audit(1755183063.805:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13014 comm="syz.2.3303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7fe94eb8ebe9 code=0x7ffc0000 [ 289.362149][ T27] audit: type=1326 audit(1755183063.805:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13014 comm="syz.2.3303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe94eb8ebe9 code=0x7ffc0000 [ 289.385830][ T27] audit: type=1326 audit(1755183063.805:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13014 comm="syz.2.3303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe94eb8ebe9 code=0x7ffc0000 [ 289.431513][ T5789] usb-storage 6-1:0.0: Quirks match for vid 1908 pid 1315: 20000 [ 289.536450][ T42] usb 6-1: USB disconnect, device number 3 [ 289.814850][T13037] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app [ 290.258472][T13049] loop4: detected capacity change from 0 to 2048 [ 290.312203][T13049] UDF-fs: error (device loop4): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 290.339352][T13049] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 290.384139][T13049] UDF-fs: Scanning with blocksize 512 failed [ 290.422457][T13049] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 290.792386][ T5773] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 291.190233][ T2948] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 291.430436][ T5851] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 291.489326][ T42] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 291.640622][ T5851] usb 2-1: Using ep0 maxpacket: 16 [ 291.658628][ T5851] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 3233, setting to 64 [ 291.701256][ T5851] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=7b.55 [ 291.711392][ T5851] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 291.719666][ T5851] usb 2-1: Product: syz [ 291.744468][ T5851] usb 2-1: Manufacturer: syz [ 291.749163][ T5851] usb 2-1: SerialNumber: syz [ 291.773689][ T5851] usb 2-1: config 0 descriptor?? [ 291.836745][ T5851] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 292.051164][ T5851] usb 2-1: USB disconnect, device number 14 [ 292.060370][ T2973] usb 2-1: Failed to submit usb control message: -71 [ 292.073167][ T2973] usb 2-1: unable to send the bmi data to the device: -71 [ 292.086405][ T2973] usb 2-1: unable to get target info from device [ 292.100137][ T2973] usb 2-1: could not get target info (-71) [ 292.106338][ T2973] usb 2-1: could not probe fw (-71) [ 292.202026][ T2973] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 292.247446][ T2973] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 292.495176][T13121] netlink: 132 bytes leftover after parsing attributes in process `syz.4.3353'. [ 292.505312][T13122] netlink: 'syz.2.3352': attribute type 63 has an invalid length. [ 292.515777][T13122] netlink: 5 bytes leftover after parsing attributes in process `syz.2.3352'. [ 292.951388][T13141] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks [ 293.011111][ T787] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 294.002063][T13178] loop5: detected capacity change from 0 to 4096 [ 294.032442][T13178] ntfs3: loop5: Different NTFS sector size (2048) and media sector size (512). [ 294.196573][T13178] ntfs3: loop5: Failed to initialize $Extend/$ObjId. [ 294.293265][T13192] syz.1.3388 (13192): /proc/13191/oom_adj is deprecated, please use /proc/13191/oom_score_adj instead. [ 294.504445][T13198] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.3390'. [ 294.518017][T13198] openvswitch: netlink: Tunnel attr 0 has unexpected len 3060 expected 8 [ 295.581498][T13233] netdevsim netdevsim1 netdevsim0: left promiscuous mode [ 295.898772][T13243] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 296.570828][T13272] overlayfs: missing 'lowerdir' [ 296.680093][ C0] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 297.630910][ T787] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 297.754157][T13318] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 297.806172][T13318] overlayfs: missing 'lowerdir' [ 297.827064][ T787] usb 6-1: config 0 has an invalid interface number: 117 but max is 0 [ 297.841190][ T787] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 297.858655][ T787] usb 6-1: config 0 has no interface number 0 [ 297.875577][ T787] usb 6-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 297.898734][ T787] usb 6-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 297.930585][ T787] usb 6-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0 [ 297.940377][ T787] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 297.948410][ T787] usb 6-1: Product: syz [ 297.977568][ T787] usb 6-1: Manufacturer: syz [ 297.983455][ T787] usb 6-1: SerialNumber: syz [ 297.994622][ T787] usb 6-1: config 0 descriptor?? [ 298.421972][ T787] usbtouchscreen: probe of 6-1:0.117 failed with error -71 [ 298.453439][ T787] usb 6-1: USB disconnect, device number 4 [ 299.210260][T13355] afs: Bad value for 'source' [ 299.453873][T13367] loop5: detected capacity change from 0 to 64 [ 299.488202][T13368] loop4: detected capacity change from 0 to 512 [ 299.508989][T13367] MINIX-fs: mounting file system with errors, running fsck is recommended [ 299.560330][T13368] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 299.598108][T13368] ext4 filesystem being mounted at /128/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 299.708343][T13368] EXT4-fs error (device loop4): ext4_xattr_block_find:1886: inode #15: comm syz.4.3472: corrupted xattr block 33: invalid ea_ino [ 299.753894][T13368] EXT4-fs (loop4): Remounting filesystem read-only [ 299.888949][T12280] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 299.901385][ T2973] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 299.949439][ T2973] Quota error (device loop4): write_blk: dquota write failed [ 299.983754][ T2973] Quota error (device loop4): remove_free_dqentry: Can't write block (5) with free entries [ 300.001369][T13383] xt_CT: No such helper "snmp" [ 300.004144][ T2973] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 300.017019][ T2973] Quota error (device loop4): write_blk: dquota write failed [ 300.037362][ T2973] Quota error (device loop4): free_dqentry: Can't move quota data block (5) to free list [ 300.047803][ T2973] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started [ 300.065541][ T2973] Quota error (device loop4): v2_write_file_info: Can't write info structure [ 300.191690][T13393] loop5: detected capacity change from 0 to 8 [ 300.198788][T13393] MTD: Attempt to mount non-MTD device "/dev/loop5" [ 300.243134][ T5774] udevd[5774]: incorrect cramfs checksum on /dev/loop5 [ 300.266648][T13393] cramfs: Error -3 while decompressing! [ 300.318529][T13393] cramfs: ffffffff96fd8308(26)->ffff888059bcd000(4096) [ 300.336058][ T5774] udevd[5774]: incorrect cramfs checksum on /dev/loop5 [ 300.343726][T13393] cramfs: Error -3 while decompressing! [ 300.380374][T13393] cramfs: ffffffff96fd8322(26)->ffff888059a5f000(4096) [ 300.416631][T13393] cramfs: Error -3 while decompressing! [ 300.429275][T13393] cramfs: ffffffff96fd833c(16)->ffff888059a5b000(4096) [ 300.436782][T13393] cramfs: Error -3 while decompressing! [ 300.447330][T13393] cramfs: ffffffff96fd8308(26)->ffff888059bcd000(4096) [ 300.456942][ T5774] udevd[5774]: incorrect cramfs checksum on /dev/loop5 [ 300.473509][ T27] audit: type=1800 audit(1755183074.985:109): pid=13393 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.3485" name="file2" dev="loop5" ino=348 res=0 errno=0 [ 300.552594][T13402] loop4: detected capacity change from 0 to 64 [ 300.917978][T13412] loop4: detected capacity change from 0 to 512 [ 300.980936][T13412] EXT4-fs: Ignoring removed nomblk_io_submit option [ 301.020227][T13412] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 301.068509][T13412] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 301.091898][T13412] EXT4-fs (loop4): 1 truncate cleaned up [ 301.131519][T13412] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 301.233166][T13427] netlink: 'syz.5.3499': attribute type 2 has an invalid length. [ 301.260046][T13427] netlink: 723 bytes leftover after parsing attributes in process `syz.5.3499'. [ 301.426913][T13433] loop5: detected capacity change from 0 to 8 [ 301.504582][T12280] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 302.433866][T13471] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3522'. [ 302.470007][T13471] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3522'. [ 303.019096][T13495] netlink: 144 bytes leftover after parsing attributes in process `syz.4.3534'. [ 303.124168][T13497] netlink: 'syz.2.3535': attribute type 10 has an invalid length. [ 303.134659][T13497] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.3535'. [ 303.618462][T13511] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 303.663210][T13511] bond0: (slave lo): Error: Device can not be enslaved while up [ 303.680287][T13513] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3543'. [ 304.208805][T13503] loop4: detected capacity change from 0 to 32768 [ 304.269066][T13503] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 304.541115][T13503] XFS (loop4): Ending clean mount [ 304.750345][T12280] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 305.147798][T13558] loop5: detected capacity change from 0 to 512 [ 305.198400][T13558] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 305.266654][T13558] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 305.301312][T13558] ext4 filesystem being mounted at /117/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 305.386996][T13570] netlink: 'syz.2.3567': attribute type 1 has an invalid length. [ 305.525230][T13558] EXT4-fs error (device loop5): ext4_get_verity_descriptor_location:335: inode #15: comm syz.5.3561: verity file corrupted; can't find descriptor [ 305.607256][T13558] EXT4-fs (loop5): Remounting filesystem read-only [ 305.647986][T13558] fs-verity (loop5, inode 15): Error -117 getting verity descriptor size [ 305.769940][T12362] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 305.960122][ C0] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 306.080615][T13594] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3578'. [ 307.319800][T13604] loop5: detected capacity change from 0 to 32768 [ 307.357269][T13604] XFS: ikeep mount option is deprecated. [ 307.477138][T13604] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 307.569962][ T787] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 307.700824][T13604] XFS (loop5): Ending clean mount [ 307.716208][T13604] XFS (loop5): Quotacheck needed: Please wait. [ 307.780055][ T787] usb 5-1: Using ep0 maxpacket: 16 [ 307.789534][ T787] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 307.813630][ T787] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 307.834128][ T787] usb 5-1: Product: syz [ 307.838364][ T787] usb 5-1: Manufacturer: syz [ 307.844111][T13604] XFS (loop5): Quotacheck: Done. [ 307.870962][ T787] usb 5-1: SerialNumber: syz [ 307.910247][ T787] r8152-cfgselector 5-1: config 0 descriptor?? [ 308.057164][T12362] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 308.371913][ T787] r8152-cfgselector 5-1: Unknown version 0x0000 [ 308.418062][ T787] r8152-cfgselector 5-1: USB disconnect, device number 2 [ 309.223161][T13672] loop4: detected capacity change from 0 to 4096 [ 309.302897][T13677] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 309.581343][T13685] netlink: 92 bytes leftover after parsing attributes in process `syz.4.3619'. [ 309.601178][T13685] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3619'. [ 310.681864][T13730] loop5: detected capacity change from 0 to 512 [ 310.736544][T13730] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 310.769570][T13730] ext4 filesystem being mounted at /132/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 310.770195][ T5773] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 310.927724][T12362] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 310.976748][ T5773] usb 5-1: Using ep0 maxpacket: 16 [ 310.985892][ T5773] usb 5-1: config 1 has an invalid interface number: 105 but max is 0 [ 310.995317][ T5773] usb 5-1: config 1 has no interface number 0 [ 311.003192][ T5773] usb 5-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 311.013779][ T5773] usb 5-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 311.046014][ T5773] usb 5-1: config 1 interface 105 has no altsetting 0 [ 311.057000][ T5773] usb 5-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 311.066636][ T5773] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 311.089645][ T5773] usb 5-1: Product: syz [ 311.094602][ T5773] usb 5-1: Manufacturer: syz [ 311.106485][ T5773] usb 5-1: SerialNumber: syz [ 311.126362][T13724] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 311.145489][T13724] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 311.601922][T13724] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 311.620999][T13724] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 311.853415][ T5773] aqc111 5-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x20) reg index 0x0000: -71 [ 311.877973][ T5773] aqc111: probe of 5-1:1.105 failed with error -71 [ 311.919748][ T5773] usb 5-1: USB disconnect, device number 3 [ 312.101167][T13768] capability: warning: `syz.1.3658' uses 32-bit capabilities (legacy support in use) [ 312.329047][T13775] sp0: Synchronizing with TNC [ 312.738729][T13787] loop5: detected capacity change from 0 to 4096 [ 312.858720][T13794] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 313.015101][T13787] NILFS error (device loop5): nilfs_dotdot: directory #12 missing '.' [ 313.086672][T13787] Remounting filesystem read-only [ 313.207246][T12362] NILFS (loop5): disposed unprocessed dirty file(s) when detaching log writer [ 313.250174][T12362] NILFS (loop5): discard dirty page: offset=0, ino=18 [ 313.272444][T12362] NILFS (loop5): discard dirty block: blocknr=0, size=4096 [ 313.301497][T12362] NILFS (loop5): discard dirty page: offset=0, ino=2 [ 313.325441][T12362] NILFS (loop5): discard dirty block: blocknr=14, size=4096 [ 313.337631][T12362] NILFS (loop5): discard dirty page: offset=0, ino=6 [ 313.365008][T12362] NILFS (loop5): discard dirty block: blocknr=23, size=4096 [ 313.380627][T12362] NILFS (loop5): discard dirty page: offset=4096, ino=6 [ 313.398949][T12362] NILFS (loop5): discard dirty block: blocknr=24, size=4096 [ 313.410122][T12362] NILFS (loop5): discard dirty page: offset=8192, ino=6 [ 313.417439][T12362] NILFS (loop5): discard dirty block: blocknr=25, size=4096 [ 313.454508][T12362] NILFS (loop5): discard dirty page: offset=0, ino=3 [ 313.480046][T12362] NILFS (loop5): discard dirty block: blocknr=28, size=4096 [ 313.511314][T12362] NILFS (loop5): discard dirty page: offset=4096, ino=3 [ 313.518455][T12362] NILFS (loop5): discard dirty block: blocknr=29, size=4096 [ 313.540054][T12362] NILFS (loop5): discard dirty page: offset=270336, ino=3 [ 313.554148][T12362] NILFS (loop5): discard dirty block: blocknr=0, size=4096 [ 313.834922][T13792] loop4: detected capacity change from 0 to 32768 [ 313.871382][T13806] program syz.2.3675 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 313.889157][T13792] XFS: ikeep mount option is deprecated. [ 313.941553][T13792] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 314.124742][T13792] XFS (loop4): Ending clean mount [ 314.149017][T13792] XFS (loop4): Quotacheck needed: Please wait. [ 314.202793][ T787] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 314.223563][T13792] XFS (loop4): Quotacheck: Done. [ 314.410023][ T787] usb 6-1: Using ep0 maxpacket: 8 [ 314.438586][ T787] usb 6-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 314.460764][ T787] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 314.469183][T12280] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 314.478858][ T787] usb 6-1: Product: syz [ 314.483811][ T787] usb 6-1: Manufacturer: syz [ 314.488446][ T787] usb 6-1: SerialNumber: syz [ 314.502260][ T787] usb 6-1: config 0 descriptor?? [ 314.519149][ T787] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state. [ 314.533208][ T787] usb 6-1: setting power ON [ 314.538948][ T787] dvb-usb: bulk message failed: -22 (2/0) [ 314.581539][ T787] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 314.603694][ T1151] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 314.616574][ T787] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID)) [ 314.670796][ T787] usb 6-1: media controller created [ 314.732662][T13808] dvb-usb: bulk message failed: -22 (3/0) [ 314.750899][ T787] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 314.831303][ T1151] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 314.850265][ T1151] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 314.866378][ T787] usb 6-1: selecting invalid altsetting 6 [ 314.871430][ T1151] usb 2-1: New USB device found, idVendor=0458, idProduct=5019, bcdDevice= 0.00 [ 314.893528][ T1151] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 314.895043][ T787] usb 6-1: digital interface selection failed (-22) [ 314.929275][ T787] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)' [ 314.933020][ T1151] usb 2-1: config 0 descriptor?? [ 315.006488][ T787] usb 6-1: setting power OFF [ 315.044183][ T787] dvb-usb: bulk message failed: -22 (2/0) [ 315.070118][ T787] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected. [ 315.096857][ T787] (NULL device *): no alternate interface [ 315.185928][ T787] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected. [ 315.217892][ T787] usb 6-1: USB disconnect, device number 5 [ 315.374229][ T1151] kye 0003:0458:5019.0001: tablet report size too small, or kye_tablet_rdesc unexpectedly large [ 315.390119][ T5851] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 315.452231][ T1151] kye 0003:0458:5019.0001: hidraw0: USB HID v0.00 Device [HID 0458:5019] on usb-dummy_hcd.1-1/input0 [ 315.471341][ T1151] kye 0003:0458:5019.0001: tablet-enabling feature report not found [ 315.480234][ T1151] kye 0003:0458:5019.0001: tablet enabling failed [ 315.578175][ T1151] usb 2-1: USB disconnect, device number 15 [ 315.600204][ T5851] usb 3-1: Using ep0 maxpacket: 32 [ 315.621920][ T5851] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 315.630226][T13850] loop4: detected capacity change from 0 to 256 [ 315.640580][ T5851] usb 3-1: config 0 has no interface number 0 [ 315.666738][ T5851] usb 3-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 315.678423][T13847] fido_id[13847]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 315.686391][ T5851] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 315.728130][ T5851] usb 3-1: Product: syz [ 315.742130][ T5851] usb 3-1: Manufacturer: syz [ 315.751114][ T5851] usb 3-1: SerialNumber: syz [ 315.762295][ T27] audit: type=1800 audit(1755183090.295:110): pid=13850 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3692" name="file1" dev="loop4" ino=1048639 res=0 errno=0 [ 315.765616][T13850] FAT-fs (loop4): error, corrupted file size (i_pos 196, 2097152) [ 315.801410][ T5851] usb 3-1: config 0 descriptor?? [ 315.827384][T13850] FAT-fs (loop4): Filesystem has been set read-only [ 315.832272][ T5851] usb 3-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 315.870009][ T5851] usb 3-1: selecting invalid altsetting 1 [ 315.888611][ T5851] usb 3-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 315.948374][ T5851] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 315.973716][ T5851] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 315.999298][ T5851] usb 3-1: media controller created [ 316.034488][ T5851] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 316.113271][ T5851] usb 3-1: dvb_usb_ce6230: usb_control_msg() failed=-71 [ 316.121422][ T5851] zl10353_read_register: readreg error (reg=127, ret==-71) [ 316.140168][ T5851] usb 3-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 316.260044][ T5789] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 316.271795][ T5851] usb 3-1: USB disconnect, device number 17 [ 316.433870][T13865] x_tables: ip_tables: osf match: only valid for protocol 6 [ 316.480241][ T5789] usb 5-1: Using ep0 maxpacket: 32 [ 316.487637][ T5789] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 316.511838][ T5789] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 316.531127][ T5789] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00 [ 316.552193][ T5789] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 316.579285][ T5789] usb 5-1: config 0 descriptor?? [ 316.750390][T13874] sp0: Synchronizing with TNC [ 316.921403][T13880] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 317.035922][ T5789] kone 0003:1E7D:2CED.0002: hidraw0: USB HID v0.00 Device [HID 1e7d:2ced] on usb-dummy_hcd.4-1/input0 [ 317.225011][ T5789] kone 0003:1E7D:2CED.0002: couldn't init struct kone_device [ 317.238504][ T5789] kone 0003:1E7D:2CED.0002: couldn't install mouse [ 317.266665][ T5789] kone: probe of 0003:1E7D:2CED.0002 failed with error -5 [ 317.310472][ T5789] usb 5-1: USB disconnect, device number 4 [ 317.483961][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.491615][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.898534][ T5789] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 318.111968][ T5789] usb 3-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 318.125679][ T5789] usb 3-1: config 0 interface 0 has no altsetting 0 [ 318.132515][ T5789] usb 3-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00 [ 318.150867][ T5789] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 318.172364][ T5789] usb 3-1: config 0 descriptor?? [ 318.630912][ T5789] logitech 0003:046D:C29C.0003: hidraw0: USB HID v1.01 Device [HID 046d:c29c] on usb-dummy_hcd.2-1/input0 [ 318.817791][ T5789] logitech 0003:046D:C29C.0003: no inputs found [ 318.864735][ T5789] usb 3-1: USB disconnect, device number 18 [ 319.163693][T13914] loop4: detected capacity change from 0 to 32768 [ 319.200344][T13914] ocfs2: Slot 0 on device (7,4) was already allocated to this node! [ 319.225335][T13914] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 319.530648][T12280] ocfs2: Unmounting device (7,4) on (node local) [ 320.537929][T13973] loop4: detected capacity change from 0 to 4096 [ 320.560097][ T1151] usb 2-1: new low-speed USB device number 16 using dummy_hcd [ 320.589423][T13973] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 320.597015][T13973] ntfs3: loop4: Failed to load $Extend (-22). [ 320.603799][T13973] ntfs3: loop4: Failed to initialize $Extend. [ 320.670134][T13973] ntfs3: loop4: ino=1e, "file1" attr_set_size [ 320.752194][ T1151] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 320.774767][ T1151] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 320.797001][ T1151] usb 2-1: New USB device found, idVendor=046d, idProduct=c52f, bcdDevice= 0.00 [ 320.818768][ T1151] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 320.849085][ T1151] usb 2-1: config 0 descriptor?? [ 321.204073][T13994] loop5: detected capacity change from 0 to 1024 [ 321.348736][ T3003] hfsplus: b-tree write err: -5, ino 4 [ 321.497458][ T5789] usb 2-1: USB disconnect, device number 16 [ 321.921230][T14016] loop5: detected capacity change from 0 to 512 [ 321.987326][T14016] Quota error (device loop5): find_tree_dqentry: Cycle in quota tree detected: block 3 index 0 [ 322.020100][T14016] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0 [ 322.029618][T14016] EXT4-fs error (device loop5): ext4_acquire_dquot:6938: comm syz.5.3768: Failed to acquire dquot type 1 [ 322.077380][T14016] EXT4-fs (loop5): 1 truncate cleaned up [ 322.091148][T14016] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 322.104390][T14016] ext4 filesystem being mounted at /170/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 322.122781][T14016] Quota error (device loop5): find_tree_dqentry: Cycle in quota tree detected: block 3 index 0 [ 322.136164][T14016] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0 [ 322.159989][T14016] EXT4-fs error (device loop5): ext4_acquire_dquot:6938: comm syz.5.3768: Failed to acquire dquot type 1 [ 322.322397][T12362] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 322.409611][T14028] IPVS: sync thread started: state = MASTER, mcast_ifn = veth1_to_hsr, syncid = 4, id = 0 [ 322.970283][T14043] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3779'. [ 322.979199][T14043] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3779'. [ 323.003565][T14043] netlink: 'syz.5.3779': attribute type 19 has an invalid length. [ 323.022155][T14043] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3779'. [ 323.880062][ C0] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 323.898522][ T9] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 324.110068][ T9] usb 5-1: Using ep0 maxpacket: 8 [ 324.118758][T14085] loop5: detected capacity change from 0 to 1024 [ 324.124478][ T9] usb 5-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 324.145143][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 324.160582][ T5883] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 324.182822][ T9] usb 5-1: Product: syz [ 324.187087][ T9] usb 5-1: Manufacturer: syz [ 324.196746][ T9] usb 5-1: SerialNumber: syz [ 324.208041][ T9] usb 5-1: config 0 descriptor?? [ 324.225487][T14085] hfsplus: invalid catalog entry type in lookup [ 324.245074][ T9] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state. [ 324.259099][ T9] usb 5-1: setting power ON [ 324.267580][ T9] dvb-usb: bulk message failed: -22 (2/0) [ 324.291772][ T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 324.320388][ T9] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID)) [ 324.337345][ T9] usb 5-1: media controller created [ 324.341586][ T5883] usb 2-1: Using ep0 maxpacket: 8 [ 324.349638][ T5883] usb 2-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 324.363042][ T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 324.365609][ T5883] usb 2-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0 [ 324.390747][ T5883] usb 2-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 324.395687][ T9] usb 5-1: selecting invalid altsetting 6 [ 324.404239][ T5883] usb 2-1: config 0 interface 0 has no altsetting 0 [ 324.417079][ T5883] usb 2-1: New USB device found, idVendor=17ef, idProduct=60ee, bcdDevice= 0.00 [ 324.426195][ T9] usb 5-1: digital interface selection failed (-22) [ 324.426214][ T9] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)' [ 324.431105][ T9] usb 5-1: setting power OFF [ 324.450701][T14068] dvb-usb: bulk message failed: -22 (3/0) [ 324.457851][ T5883] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 324.468149][ T9] dvb-usb: bulk message failed: -22 (2/0) [ 324.486746][ T9] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected. [ 324.491344][ T5883] usb 2-1: config 0 descriptor?? [ 324.505322][ T9] (NULL device *): no alternate interface [ 324.586934][ T9] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected. [ 324.627521][ T9] usb 5-1: USB disconnect, device number 5 [ 324.925579][ T5883] lenovo 0003:17EF:60EE.0005: unknown main item tag 0xe [ 324.936854][ T5883] lenovo 0003:17EF:60EE.0005: hidraw0: USB HID vff.fd Device [HID 17ef:60ee] on usb-dummy_hcd.1-1/input0 [ 325.069371][T14101] loop5: detected capacity change from 0 to 64 [ 325.149252][ T5883] lenovo 0003:17EF:60EE.0005: Failed to switch middle button: -71 [ 325.200098][ T5883] lenovo 0003:17EF:60EE.0005: Fn-lock setting failed: -71 [ 325.227978][ T5883] lenovo 0003:17EF:60EE.0005: Sensitivity setting failed: -71 [ 325.268664][ T5883] usb 2-1: USB disconnect, device number 17 [ 325.875839][T14119] loop5: detected capacity change from 0 to 256 [ 325.942100][ T27] audit: type=1800 audit(1755183100.475:111): pid=14119 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3814" name="file1" dev="loop5" ino=1048640 res=0 errno=0 [ 325.955967][T14119] FAT-fs (loop5): error, corrupted file size (i_pos 196, 2097152) [ 326.009729][T14119] FAT-fs (loop5): Filesystem has been set read-only [ 326.380117][ T5773] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 326.590780][ T5773] usb 2-1: Using ep0 maxpacket: 8 [ 326.615571][ T5773] usb 2-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 326.640466][ T5773] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 326.650454][ T5773] usb 2-1: Product: syz [ 326.654662][ T5773] usb 2-1: Manufacturer: syz [ 326.659276][ T5773] usb 2-1: SerialNumber: syz [ 326.680918][ T5883] usb 3-1: new full-speed USB device number 19 using dummy_hcd [ 326.707126][ T5773] usb 2-1: config 0 descriptor?? [ 326.722213][ T5773] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state. [ 326.750128][ T5773] usb 2-1: setting power ON [ 326.754814][ T5773] dvb-usb: bulk message failed: -22 (2/0) [ 326.773903][ T5773] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 326.795100][T14143] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3826'. [ 326.800760][ T5773] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID)) [ 326.817836][ T5773] usb 2-1: media controller created [ 326.874189][ T5773] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 326.893094][ T5883] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 326.930105][ T5883] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 326.942008][T14147] overlayfs: conflicting options: verity=require,redirect_dir=nofollow [ 326.951408][T14123] dvb-usb: bulk message failed: -22 (3/0) [ 326.970604][ T5773] usb 2-1: selecting invalid altsetting 6 [ 326.976821][ T5773] usb 2-1: digital interface selection failed (-22) [ 326.983998][ T5883] usb 3-1: New USB device found, idVendor=13ec, idProduct=0006, bcdDevice= 0.00 [ 327.000797][ T5773] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)' [ 327.010313][ T5883] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 327.023507][ T5773] usb 2-1: setting power OFF [ 327.028160][ T5773] dvb-usb: bulk message failed: -22 (2/0) [ 327.037063][ T5773] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected. [ 327.048123][ T5883] usb 3-1: config 0 descriptor?? [ 327.059982][ T5773] (NULL device *): no alternate interface [ 327.148951][ T5773] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected. [ 327.225942][ T5773] usb 2-1: USB disconnect, device number 18 [ 327.282135][T14153] netlink: 52 bytes leftover after parsing attributes in process `syz.4.3832'. [ 327.298225][T14153] netlink: 'syz.4.3832': attribute type 1 has an invalid length. [ 327.437949][T14157] loop5: detected capacity change from 0 to 1024 [ 327.477093][T14157] EXT4-fs: Ignoring removed bh option [ 327.486200][ T5883] zydacron 0003:13EC:0006.0006: unknown main item tag 0x6 [ 327.498542][ T5883] zydacron 0003:13EC:0006.0006: hidraw0: USB HID v0.00 Device [HID 13ec:0006] on usb-dummy_hcd.2-1/input0 [ 327.544510][T14157] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 327.560150][ T5787] Bluetooth: hci5: command tx timeout [ 327.697369][ T5851] usb 3-1: USB disconnect, device number 19 [ 327.710280][ T27] audit: type=1800 audit(1755183102.235:112): pid=14157 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3834" name="bus" dev="loop5" ino=18 res=0 errno=0 [ 327.815627][T12362] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 327.964119][T14175] netlink: 'syz.5.3838': attribute type 4 has an invalid length. [ 328.065050][T14177] loop5: detected capacity change from 0 to 1024 [ 328.119138][T14177] hfsplus: bad catalog entry type [ 328.131418][ T5789] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 328.190356][ T12] hfsplus: b-tree write err: -5, ino 4 [ 328.360972][ T5789] usb 5-1: Using ep0 maxpacket: 16 [ 328.371430][ T5789] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 328.395252][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 328.417162][ T5789] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 328.449320][ T5789] usb 5-1: New USB device found, idVendor=056a, idProduct=0090, bcdDevice= 0.00 [ 328.470529][ T5789] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 328.497962][ T5789] usb 5-1: config 0 descriptor?? [ 328.621888][T14192] syz.1.3845 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 328.956015][ T5789] wacom 0003:056A:0090.0007: hidraw0: USB HID v1f.ff Device [HID 056a:0090] on usb-dummy_hcd.4-1/input0 [ 329.113066][T14206] Bluetooth: MGMT ver 1.22 [ 329.124092][ T1151] usb 5-1: USB disconnect, device number 6 [ 329.177765][T14204] fido_id[14204]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory [ 329.289185][T14212] loop5: detected capacity change from 0 to 256 [ 329.340834][T14212] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 329.387177][T14212] exFAT-fs (loop5): Medium has reported failures. Some data may be lost. [ 329.438926][T14212] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 329.657957][T14221] loop5: detected capacity change from 0 to 1024 [ 330.914187][T14269] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3884'. [ 331.160111][ T5787] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 331.342481][ T27] audit: type=1326 audit(1755183105.865:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14253 comm="syz.1.3877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f861718ebe9 code=0x7fc00000 [ 331.730387][T14297] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3898'. [ 332.012231][T14283] loop5: detected capacity change from 0 to 32768 [ 332.027546][T14283] (syz.5.3890,14283,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 332.060978][T14283] (syz.5.3890,14283,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 332.137731][T14283] JBD2: Ignoring recovery information on journal [ 332.305740][T14310] netlink: 124 bytes leftover after parsing attributes in process `syz.2.3903'. [ 332.308290][T14283] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 332.573375][T12362] ocfs2: Unmounting device (7,5) on (node local) [ 332.583478][T14312] loop4: detected capacity change from 0 to 4096 [ 332.755424][T14312] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 334.266827][T14353] loop5: detected capacity change from 0 to 1024 [ 334.321439][T14353] EXT4-fs: Ignoring removed nobh option [ 334.327081][T14353] EXT4-fs: Ignoring removed bh option [ 334.371136][T14353] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 334.431319][T14353] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 334.514558][T12362] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 334.550451][ T5789] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 334.757278][ T5789] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 334.798160][ T5789] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 334.815126][ T5789] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 334.850234][ T5789] usb 3-1: New USB device found, idVendor=0755, idProduct=2626, bcdDevice= 0.00 [ 334.879556][ T5789] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 334.949676][ T5789] usb 3-1: config 0 descriptor?? [ 335.384087][ T5789] aureal 0003:0755:2626.0008: hidraw0: USB HID v0.00 Device [HID 0755:2626] on usb-dummy_hcd.2-1/input0 [ 335.586314][ T5789] usb 3-1: USB disconnect, device number 20 [ 335.714576][T14365] loop5: detected capacity change from 0 to 40427 [ 335.765863][T14365] F2FS-fs (loop5): build fault injection attr: rate: 771, type: 0x7ffff [ 335.804065][T14365] F2FS-fs (loop5): invalid crc value [ 335.854919][T14365] F2FS-fs (loop5): Found nat_bits in checkpoint [ 336.047014][T14365] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 336.232444][T12362] syz-executor: attempt to access beyond end of device [ 336.232444][T12362] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 336.270106][ T5789] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 336.277749][T12362] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 336.480226][ T5789] usb 5-1: Using ep0 maxpacket: 8 [ 336.513374][ T5789] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 336.538921][ T5789] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 336.570432][ T5789] usb 5-1: Product: syz [ 336.574648][ T5789] usb 5-1: Manufacturer: syz [ 336.579266][ T5789] usb 5-1: SerialNumber: syz [ 336.601245][ T5789] usb 5-1: config 0 descriptor?? [ 336.849292][ T5789] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 336.871585][T14400] raw_sendmsg: syz.1.3944 forgot to set AF_INET. Fix it! [ 337.243459][ T5789] dvb_usb_rtl28xxu: probe of 5-1:0.0 failed with error -71 [ 337.253829][ T5789] usb 5-1: USB disconnect, device number 7 [ 337.480479][ T5773] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 337.682601][ T5773] usb 2-1: unable to get BOS descriptor or descriptor too short [ 337.692532][ T5773] usb 2-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config [ 337.712481][ T5773] usb 2-1: New USB device found, idVendor=0cf3, idProduct=1010, bcdDevice=26.db [ 337.723922][ T5773] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 337.740041][ T5773] usb 2-1: Product: syz [ 337.744342][ T5773] usb 2-1: Manufacturer: syz [ 337.749043][ T5773] usb 2-1: SerialNumber: syz [ 338.466931][T14437] loop5: detected capacity change from 0 to 256 [ 338.475220][T14437] exfat: Deprecated parameter 'utf8' [ 338.498720][T14437] exfat: Deprecated parameter 'namecase' [ 338.526665][T14437] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xb5f96684, utbl_chksum : 0xe619d30d) [ 338.734685][T14444] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3965'. [ 338.744064][ T5773] usb 2-1: reset high-speed USB device number 19 using dummy_hcd [ 338.984864][ T5773] usb 2-1: unable to get BOS descriptor or descriptor too short [ 339.032985][T14453] loop5: detected capacity change from 0 to 1024 [ 339.343319][ T1151] usb 2-1: USB disconnect, device number 19 [ 339.678942][T14469] batadv0: entered promiscuous mode [ 339.694767][T14469] macvtap1: entered promiscuous mode [ 339.711610][T14469] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 339.744293][T14469] batadv0: left promiscuous mode [ 340.160931][T14477] loop4: detected capacity change from 0 to 2048 [ 340.202112][T14463] loop5: detected capacity change from 0 to 40427 [ 340.218846][T14477] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 340.284059][T14463] F2FS-fs (loop5): Found nat_bits in checkpoint [ 340.489177][T14463] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 340.543350][T14463] syz.5.3973: attempt to access beyond end of device [ 340.543350][T14463] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 340.692344][T14491] No buffer was provided with the request [ 340.704835][T12362] syz-executor: attempt to access beyond end of device [ 340.704835][T12362] loop5: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 340.740432][T12362] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 341.848998][T14501] loop4: detected capacity change from 0 to 32768 [ 341.896045][T14501] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 342.331845][T14501] XFS (loop4): Ending clean mount [ 342.403393][T14501] XFS (loop4): Quotacheck needed: Please wait. [ 342.540660][T14501] XFS (loop4): Quotacheck: Done. [ 342.546513][T14543] netlink: 'syz.1.4004': attribute type 3 has an invalid length. [ 342.827641][T12280] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 343.577210][T14574] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4015'. [ 343.764524][T14582] loop5: detected capacity change from 0 to 256 [ 343.932929][T14582] FAT-fs (loop5): Directory bread(block 64) failed [ 343.939521][T14582] FAT-fs (loop5): Directory bread(block 65) failed [ 344.020760][T14582] FAT-fs (loop5): Directory bread(block 66) failed [ 344.057260][T14582] FAT-fs (loop5): Directory bread(block 67) failed [ 344.080153][T14582] FAT-fs (loop5): Directory bread(block 68) failed [ 344.086835][T14582] FAT-fs (loop5): Directory bread(block 69) failed [ 344.116731][T14582] FAT-fs (loop5): Directory bread(block 70) failed [ 344.130401][ T9] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 344.152573][T14582] FAT-fs (loop5): Directory bread(block 71) failed [ 344.159345][T14582] FAT-fs (loop5): Directory bread(block 72) failed [ 344.166565][T14582] FAT-fs (loop5): Directory bread(block 73) failed [ 344.369356][ T9] usb 5-1: config 0 has an invalid interface number: 20 but max is 0 [ 344.377952][ T9] usb 5-1: config 0 has no interface number 0 [ 344.384708][ T9] usb 5-1: config 0 interface 20 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 344.396509][ T9] usb 5-1: config 0 interface 20 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0 [ 344.416318][ T9] usb 5-1: config 0 interface 20 has no altsetting 0 [ 344.424496][ T9] usb 5-1: New USB device found, idVendor=046d, idProduct=c534, bcdDevice= 0.00 [ 344.441685][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 344.461930][ T9] usb 5-1: config 0 descriptor?? [ 344.880565][ T9] logitech-djreceiver 0003:046D:C534.0009: unknown main item tag 0x0 [ 344.888745][ T9] logitech-djreceiver 0003:046D:C534.0009: unknown main item tag 0x0 [ 344.897628][ T9] logitech-djreceiver 0003:046D:C534.0009: unknown main item tag 0x0 [ 344.908698][ T9] logitech-djreceiver 0003:046D:C534.0009: hidraw0: USB HID v0.00 Device [HID 046d:c534] on usb-dummy_hcd.4-1/input20 [ 345.082211][ T9] usb 5-1: USB disconnect, device number 8 [ 346.594165][ T42] IPVS: starting estimator thread 0... [ 346.720352][T14652] IPVS: using max 20 ests per chain, 48000 per kthread [ 346.802781][T14658] lo: left allmulticast mode [ 346.807602][T14658] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 347.278007][T14643] loop4: detected capacity change from 0 to 40427 [ 347.310082][T14643] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 347.350022][T14643] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 347.375206][T14643] F2FS-fs (loop4): heap/no_heap options were deprecated [ 347.427067][T14643] F2FS-fs (loop4): invalid crc value [ 347.457084][T14643] F2FS-fs (loop4): Found nat_bits in checkpoint [ 347.633529][T14643] F2FS-fs (loop4): Try to recover 1th superblock, ret: -30 [ 347.654061][T14643] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 348.462293][T14681] netlink: 'syz.2.4055': attribute type 281 has an invalid length. [ 348.814960][T14695] cifs: Bad value for 'port' [ 349.158580][T14707] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4067'. [ 349.509510][T14722] loop4: detected capacity change from 0 to 1024 [ 349.730068][T14722] hfsplus: inconsistency in B*Tree (1,0,1,0,1) [ 349.758166][T14722] hfsplus: inconsistency in B*Tree (1,0,1,0,1) [ 349.904969][ T59] hfsplus: b-tree write err: -5, ino 4 [ 350.191916][T14747] program syz.5.4086 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 350.317844][T14749] loop5: detected capacity change from 0 to 2048 [ 350.333424][T14749] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024) [ 350.357877][T14752] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 350.380847][ T5774] udevd[5774]: incorrect nilfs2 checksum on /dev/loop5 [ 350.533055][T14756] loop4: detected capacity change from 0 to 64 [ 350.854308][T14762] loop5: detected capacity change from 0 to 2048 [ 350.886555][T14762] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 350.912569][T14762] ext4 filesystem being mounted at /265/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 350.991933][T12362] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 351.115864][T14775] Bluetooth: MGMT ver 1.22 [ 351.130036][ T42] usb 2-1: new full-speed USB device number 20 using dummy_hcd [ 351.338217][T14781] loop5: detected capacity change from 0 to 1024 [ 351.346761][ T42] usb 2-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 351.365791][ T42] usb 2-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0 [ 351.398218][ T42] usb 2-1: config 0 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 351.412511][ T42] usb 2-1: config 0 interface 0 has no altsetting 0 [ 351.419275][ T42] usb 2-1: New USB device found, idVendor=2179, idProduct=0077, bcdDevice= 0.00 [ 351.428628][ T42] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 351.460738][ T42] usb 2-1: config 0 descriptor?? [ 351.668407][T14787] loop4: detected capacity change from 0 to 4096 [ 351.680167][T14787] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 351.781187][T14787] ntfs3: loop4: Failed to initialize $Extend/$Reparse. [ 351.857552][T14787] ntfs3: loop4: ino=5, "/" directory corrupted [ 351.864460][T14787] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 351.886156][T14787] ntfs3: loop4: ino=5, "/" directory corrupted [ 351.913783][ T42] uclogic 0003:2179:0077.000A: interface is invalid, ignoring [ 351.935243][T12280] ntfs3: loop4: ino=1a, ntfs_sync_fs failed, -22. [ 351.966379][T14793] loop5: detected capacity change from 0 to 22 [ 351.994836][T14793] MTD: Attempt to mount non-MTD device "/dev/loop5" [ 352.022108][T14793] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 352.171286][ T9] usb 2-1: USB disconnect, device number 20 [ 352.270886][T14801] mac80211_hwsim hwsim12 wlan0: entered promiscuous mode [ 352.278943][T14800] mac80211_hwsim hwsim12 wlan0: left promiscuous mode [ 352.331314][T14803] loop5: detected capacity change from 0 to 1024 [ 352.442016][T14803] hfsplus: inconsistency in B*Tree (1,0,1,0,1) [ 352.461875][T14803] hfsplus: inconsistency in B*Tree (1,0,1,0,1) [ 352.550443][ T59] hfsplus: b-tree write err: -5, ino 4 [ 352.786649][T14813] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4116'. [ 353.304788][T14827] 9pnet_fd: p9_fd_create_tcp (14827): problem binding to privport [ 354.500624][ T5773] usb 2-1: new full-speed USB device number 21 using dummy_hcd [ 354.621022][T14862] loop4: detected capacity change from 0 to 4096 [ 354.655207][T14862] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 354.711744][ T5773] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 354.730504][ T5773] usb 2-1: New USB device found, idVendor=5543, idProduct=0005, bcdDevice= 0.00 [ 354.747183][ T5773] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 354.777451][ T5773] usb 2-1: config 0 descriptor?? [ 354.790704][T14853] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 354.835190][T14862] ntfs3: loop4: Failed to initialize $Extend/$Reparse. [ 354.962190][T14866] loop5: detected capacity change from 0 to 256 [ 354.983317][T14866] exfat: Deprecated parameter 'utf8' [ 354.988735][T14866] exfat: Deprecated parameter 'utf8' [ 354.998677][T14866] exfat: Deprecated parameter 'namecase' [ 355.035958][T14866] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 355.109797][ T27] audit: type=1800 audit(1755183129.635:114): pid=14866 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.4141" name="file1" dev="loop5" ino=1048663 res=0 errno=0 [ 355.224788][ T5773] uclogic 0003:5543:0005.000B: unknown main item tag 0x0 [ 355.246076][ T5773] uclogic 0003:5543:0005.000B: item fetching failed at offset 3/5 [ 355.256408][ T5773] uclogic 0003:5543:0005.000B: parse failed [ 355.262594][ T5773] uclogic: probe of 0003:5543:0005.000B failed with error -22 [ 355.338381][T14870] netlink: 209836 bytes leftover after parsing attributes in process `syz.5.4143'. [ 355.348266][T14870] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 355.357614][T14870] openvswitch: netlink: Message has 1 unknown bytes. [ 355.423298][ T5773] usb 2-1: USB disconnect, device number 21 [ 355.660102][T14877] IPVS: sync thread started: state = MASTER, mcast_ifn = geneve1, syncid = 10802, id = 0 [ 356.637557][T14882] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 356.818714][T14906] netlink: 36 bytes leftover after parsing attributes in process `syz.5.4158'. [ 356.990887][T14908] loop4: detected capacity change from 0 to 1024 [ 357.760065][ T42] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 357.962035][ T42] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 357.993633][ T42] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 358.014916][ T42] usb 6-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00 [ 358.028991][ T42] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 358.053817][ T42] usb 6-1: config 0 descriptor?? [ 358.240074][ T9] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 358.434142][ T9] usb 5-1: New USB device found, idVendor=0b95, idProduct=772b, bcdDevice=a2.4c [ 358.445434][ C0] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 358.464558][ T9] usb 5-1: New USB device strings: Mfr=24, Product=2, SerialNumber=3 [ 358.473419][ T9] usb 5-1: Product: syz [ 358.477794][ T9] usb 5-1: Manufacturer: syz [ 358.485240][ T9] usb 5-1: SerialNumber: syz [ 358.485798][ T42] hid (null): report_id 0 is invalid [ 358.505637][ T9] usb 5-1: config 0 descriptor?? [ 358.515507][ T42] hid-steam 0003:28DE:1142.000C: report_id 0 is invalid [ 358.540044][ T42] hid-steam 0003:28DE:1142.000C: item 0 1 1 8 parsing failed [ 358.550989][ T42] hid-steam 0003:28DE:1142.000C: steam_probe:parse of hid interface failed [ 358.567989][ T42] hid-steam: probe of 0003:28DE:1142.000C failed with error -22 [ 358.722765][ T5851] usb 6-1: USB disconnect, device number 6 [ 359.139472][T14956] pim6reg9: entered allmulticast mode [ 359.158309][ T9] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 359.188240][ T9] asix: probe of 5-1:0.0 failed with error -71 [ 359.220381][ T9] usb 5-1: USB disconnect, device number 9 [ 359.312031][T14960] netlink: 'syz.2.4185': attribute type 3 has an invalid length. [ 359.356309][T14959] nbd: socks must be embedded in a SOCK_ITEM attr [ 360.220251][ T1151] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 360.270241][ T5773] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 360.413331][ T1151] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 360.429659][ T1151] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 360.440606][ T1151] usb 5-1: New USB device found, idVendor=18d1, idProduct=9400, bcdDevice= 0.00 [ 360.449811][ T1151] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 360.460873][ T1151] usb 5-1: config 0 descriptor?? [ 360.470116][ T5773] usb 6-1: Using ep0 maxpacket: 32 [ 360.491855][ T5773] usb 6-1: config 0 has an invalid interface number: 51 but max is 0 [ 360.510175][ T5773] usb 6-1: config 0 has no interface number 0 [ 360.519369][ T5773] usb 6-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 360.532806][ T5773] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=9 [ 360.545416][ T5773] usb 6-1: Product: syz [ 360.549657][ T5773] usb 6-1: Manufacturer: syz [ 360.570313][ T5773] usb 6-1: SerialNumber: syz [ 360.582895][ T5773] usb 6-1: config 0 descriptor?? [ 360.603190][ T5773] quatech2 6-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 360.817624][ T5773] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 360.858136][ T5773] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 360.914684][ T1151] stadia 0003:18D1:9400.000D: unknown main item tag 0x0 [ 360.938021][ T1151] stadia 0003:18D1:9400.000D: unknown main item tag 0x0 [ 360.950096][ T1151] stadia 0003:18D1:9400.000D: unknown main item tag 0x0 [ 360.966450][ T1151] stadia 0003:18D1:9400.000D: unknown main item tag 0x0 [ 360.976836][ T1151] stadia 0003:18D1:9400.000D: unknown main item tag 0x0 [ 361.002482][ T1151] stadia 0003:18D1:9400.000D: hidraw0: USB HID v0.00 Device [HID 18d1:9400] on usb-dummy_hcd.4-1/input0 [ 361.025620][ T1151] stadia 0003:18D1:9400.000D: no inputs found [ 361.040088][ T1151] stadia 0003:18D1:9400.000D: force feedback init failed [ 361.198643][T15002] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4204'. [ 361.201377][ T42] usb 5-1: USB disconnect, device number 10 [ 361.296706][ C1] usb 6-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 361.297037][ T9] usb 6-1: USB disconnect, device number 7 [ 361.349028][ T9] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 361.391159][ T9] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 361.430931][ T9] quatech2 6-1:0.51: device disconnected [ 362.070089][ T9] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 362.273070][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 362.294432][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 362.307865][ T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 362.328639][ T9] usb 5-1: New USB device found, idVendor=04f2, idProduct=1421, bcdDevice= 0.00 [ 362.339791][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 362.359499][ T9] usb 5-1: config 0 descriptor?? [ 362.368790][ T5789] usb 2-1: new high-speed USB device number 22 using dummy_hcd [ 362.581355][ T5789] usb 2-1: Using ep0 maxpacket: 8 [ 362.606833][ T5789] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 362.617545][ T5789] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 362.626877][ T5789] usb 2-1: Product: syz [ 362.631391][ T5789] usb 2-1: Manufacturer: syz [ 362.636082][ T5789] usb 2-1: SerialNumber: syz [ 362.645261][ T5789] usb 2-1: config 0 descriptor?? [ 362.673807][ T5789] gspca_main: se401-2.14.0 probing 047d:5003 [ 362.809521][ T9] chicony 0003:04F2:1421.000E: unbalanced delimiter at end of report description [ 362.819631][ T9] chicony 0003:04F2:1421.000E: Chicony hid parse failed: -22 [ 362.827347][ T9] chicony: probe of 0003:04F2:1421.000E failed with error -22 [ 362.990123][ T787] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 363.012253][ T42] usb 5-1: USB disconnect, device number 11 [ 363.093055][ T5789] gspca_se401: Bayer format not supported! [ 363.180248][ T787] usb 6-1: Using ep0 maxpacket: 32 [ 363.188192][ T787] usb 6-1: config 0 has an invalid interface number: 51 but max is 0 [ 363.206940][ T787] usb 6-1: config 0 has no interface number 0 [ 363.231391][ T787] usb 6-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 363.263376][ T787] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 363.280112][ T787] usb 6-1: Product: syz [ 363.284403][ T787] usb 6-1: Manufacturer: syz [ 363.289030][ T787] usb 6-1: SerialNumber: syz [ 363.296874][ T787] usb 6-1: config 0 descriptor?? [ 363.313209][ T787] quatech2 6-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 363.342526][ T42] usb 2-1: USB disconnect, device number 22 [ 363.939089][ T787] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 363.992787][ T787] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 364.199858][ C0] usb 6-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 364.201754][ T1151] usb 6-1: USB disconnect, device number 8 [ 364.264798][ T1151] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 364.328492][ T1151] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 364.357351][ T1151] quatech2 6-1:0.51: device disconnected [ 364.447952][T15073] loop4: detected capacity change from 0 to 256 [ 364.486547][T15073] exfat: Deprecated parameter 'namecase' [ 364.548659][T15073] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36bd6320, utbl_chksum : 0xe619d30d) [ 364.941190][T15080] loop5: detected capacity change from 0 to 8 [ 365.271121][T15086] loop4: detected capacity change from 0 to 128 [ 365.694963][T15101] loop4: detected capacity change from 0 to 16 [ 365.756038][T15101] erofs: (device loop4): mounted with root inode @ nid 36. [ 365.901477][T15103] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4251'. [ 366.833374][T15135] sp0: Synchronizing with TNC [ 366.878271][T15135] sp0: Found TNC [ 366.888335][T15134] [U] è` [ 367.232218][T15145] netlink: 'syz.4.4273': attribute type 1 has an invalid length. [ 367.260264][T15145] netlink: 236 bytes leftover after parsing attributes in process `syz.4.4273'. [ 367.528108][ T5787] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci5/hci5:201' [ 367.543011][ T5787] CPU: 0 PID: 5787 Comm: kworker/u5:2 Not tainted 6.6.101-syzkaller #0 [ 367.551424][ T5787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 367.561608][ T5787] Workqueue: hci5 hci_rx_work [ 367.566333][ T5787] Call Trace: [ 367.569632][ T5787] [ 367.572600][ T5787] dump_stack_lvl+0x16c/0x230 [ 367.577323][ T5787] ? show_regs_print_info+0x20/0x20 [ 367.582562][ T5787] ? load_image+0x3b0/0x3b0 [ 367.587217][ T5787] sysfs_create_dir_ns+0x256/0x280 [ 367.592376][ T5787] ? hci_rx_work+0x43a/0xd80 [ 367.596997][ T5787] ? sysfs_warn_dup+0xa0/0xa0 [ 367.601720][ T5787] ? do_raw_spin_unlock+0x121/0x230 [ 367.607000][ T5787] kobject_add_internal+0x6b8/0xc70 [ 367.612258][ T5787] kobject_add+0x156/0x220 [ 367.616811][ T5787] ? __rwlock_init+0x150/0x150 [ 367.621615][ T5787] ? kobject_init+0x1e0/0x1e0 [ 367.626329][ T5787] ? _raw_spin_unlock+0x28/0x40 [ 367.631303][ T5787] ? get_device_parent+0x366/0x390 [ 367.636453][ T5787] device_add+0x408/0xc20 [ 367.640835][ T5787] hci_conn_add_sysfs+0xd5/0x1e0 [ 367.645818][ T5787] le_conn_complete_evt+0xc37/0x1220 [ 367.651137][ T5787] ? hci_event_packet+0x4a7/0x1210 [ 367.656354][ T5787] ? hci_le_big_info_adv_report_evt+0x8e0/0x8e0 [ 367.662632][ T5787] ? __copy_skb_header+0xa7/0x550 [ 367.667705][ T5787] ? __mutex_unlock_slowpath+0x1a2/0x6a0 [ 367.673567][ T5787] ? skb_pull_data+0xfb/0x200 [ 367.678293][ T5787] hci_le_enh_conn_complete_evt+0x189/0x460 [ 367.684235][ T5787] ? hci_le_remote_conn_param_req_evt+0xcc0/0xcc0 [ 367.690695][ T5787] ? hci_remote_host_features_evt+0x160/0x160 [ 367.696827][ T5787] hci_event_packet+0x795/0x1210 [ 367.701916][ T5787] ? bis_list+0x290/0x290 [ 367.706293][ T5787] ? lockdep_hardirqs_on+0x98/0x150 [ 367.711561][ T5787] ? hci_send_to_monitor+0xd7/0x4f0 [ 367.716860][ T5787] hci_rx_work+0x43a/0xd80 [ 367.721342][ T5787] ? process_scheduled_works+0x957/0x15b0 [ 367.727114][ T5787] process_scheduled_works+0xa45/0x15b0 [ 367.732743][ T5787] ? assign_work+0x400/0x400 [ 367.737400][ T5787] ? assign_work+0x39e/0x400 [ 367.742039][ T5787] worker_thread+0xa55/0xfc0 [ 367.746726][ T5787] kthread+0x2fa/0x390 [ 367.750814][ T5787] ? pr_cont_work+0x560/0x560 [ 367.755513][ T5787] ? kthread_blkcg+0xd0/0xd0 [ 367.760127][ T5787] ret_from_fork+0x48/0x80 [ 367.764567][ T5787] ? kthread_blkcg+0xd0/0xd0 [ 367.769176][ T5787] ret_from_fork_asm+0x11/0x20 [ 367.773994][ T5787] [ 367.780782][ T5787] kobject: kobject_add_internal failed for hci5:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 367.795032][ T5787] Bluetooth: hci5: failed to register connection device [ 368.832512][T15196] loop5: detected capacity change from 0 to 256 [ 368.871440][T15196] exfat: Deprecated parameter 'utf8' [ 368.876946][T15196] exfat: Deprecated parameter 'utf8' [ 368.920695][T15196] exfat: Deprecated parameter 'utf8' [ 368.998801][T15196] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d) [ 370.451833][T15211] loop5: detected capacity change from 0 to 32768 [ 370.499134][T15211] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 scanned by syz.5.4295 (15211) [ 370.561408][T15211] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 370.614083][T15211] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm [ 370.643115][T15211] BTRFS info (device loop5): setting nodatacow, compression disabled [ 370.680231][T15211] BTRFS info (device loop5): max_inline at 0 [ 370.686293][T15211] BTRFS info (device loop5): enabling disk space caching [ 370.723915][T15211] BTRFS info (device loop5): turning off barriers [ 370.744370][T15211] BTRFS info (device loop5): turning on flush-on-commit [ 370.784733][T15211] BTRFS info (device loop5): doing ref verification [ 370.811173][T15211] BTRFS info (device loop5): force clearing of disk cache [ 370.852598][T15211] BTRFS info (device loop5): enabling ssd optimizations [ 370.874127][T15211] BTRFS info (device loop5): max_inline at 4096 [ 370.903771][T15211] BTRFS info (device loop5): disk space caching is enabled [ 371.150140][T15211] BTRFS info (device loop5): auto enabling async discard [ 371.210898][T15211] BTRFS info (device loop5): rebuilding free space tree [ 371.263683][T15211] BTRFS info (device loop5): disabling free space tree [ 371.292812][T15211] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 371.340103][T15211] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 371.799129][T15290] nbd: must specify at least one socket [ 372.046730][T15294] loop4: detected capacity change from 0 to 136 [ 372.111768][T12362] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 372.160200][ T7633] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 374.087734][T15361] netlink: 76 bytes leftover after parsing attributes in process `syz.2.4337'. [ 375.203664][ T5789] IPVS: starting estimator thread 0... [ 375.290073][T15404] IPVS: using max 17 ests per chain, 40800 per kthread [ 376.225744][T15439] loop4: detected capacity change from 0 to 512 [ 376.291931][T15439] EXT4-fs (loop4): orphan cleanup on readonly fs [ 376.298423][T15439] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2244: inode #15: comm syz.4.4364: corrupted in-inode xattr: overlapping e_value [ 376.323196][T15439] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.4364: couldn't read orphan inode 15 (err -117) [ 376.367118][T15439] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 376.438273][T15446] loop5: detected capacity change from 0 to 64 [ 376.521375][T15439] EXT4-fs error (device loop4): ext4_inlinedir_to_tree:1404: inode #12: block 7: comm syz.4.4364: path /327/file0/file0: bad entry in directory: rec_len % 4 != 0 - offset=259, inode=4278190093, rec_len=255, size=60 fake=0 [ 376.523133][T15448] tipc: Started in network mode [ 376.569686][T15448] tipc: Node identity ac14142a, cluster identity 4711 [ 376.589313][T15446] hfs: hfs: Invalid key length: 94 [ 376.612716][T12280] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 376.624355][T15448] tipc: Enabled bearer , priority 26 [ 376.751707][T12362] hfs: node 4:3 still has 1 user(s)! [ 377.069182][T15463] sch_tbf: peakrate 12 is lower than or equals to rate 6561010854487373889 ! [ 377.326893][T15474] loop5: detected capacity change from 0 to 22 [ 377.336456][T15474] MTD: Attempt to mount non-MTD device "/dev/loop5" [ 377.370621][T15474] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 377.743675][ T5773] tipc: Node number set to 2886997034 [ 378.178522][T15500] loop4: detected capacity change from 0 to 1024 [ 378.300985][ T27] audit: type=1800 audit(1755183152.825:115): pid=15500 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4390" name="file2" dev="loop4" ino=21 res=0 errno=0 [ 378.897111][T15525] program syz.5.4403 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 378.925369][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.932020][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.579845][ T5773] usb 2-1: new high-speed USB device number 23 using dummy_hcd [ 379.600765][T15549] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4415'. [ 379.772101][ T5773] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 379.800175][ T5773] usb 2-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00 [ 379.833828][ T5773] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 379.845703][ T5773] usb 2-1: config 0 descriptor?? [ 380.288561][ T5773] logitech 0003:046D:C295.000F: unbalanced delimiter at end of report description [ 380.330868][ T5773] logitech 0003:046D:C295.000F: parse failed [ 380.337040][ T5773] logitech: probe of 0003:046D:C295.000F failed with error -22 [ 380.403343][T15575] comedi comedi1: pcl711: I/O port conflict (0x2f00,16) [ 380.427657][T15577] loop5: detected capacity change from 0 to 256 [ 380.487319][ T5773] usb 2-1: USB disconnect, device number 23 [ 380.539641][T15579] program syz.4.4430 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 380.542817][T15577] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d) [ 381.184257][T15594] tipc: Started in network mode [ 381.210134][T15594] tipc: Node identity ff000000000000000000000000000001, cluster identity 4711 [ 381.234296][T15594] tipc: Enabling of bearer rejected, failed to enable media [ 381.427353][T15599] tipc: New replicast peer: 255.255.255.255 [ 381.462223][T15599] tipc: Enabled bearer , priority 26 [ 381.624247][T15605] loop5: detected capacity change from 0 to 64 [ 381.939982][ T5773] usb 2-1: new low-speed USB device number 24 using dummy_hcd [ 382.158077][ T5773] usb 2-1: No LPM exit latency info found, disabling LPM. [ 382.178357][ T5773] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 382.197081][ T5773] usb 2-1: config 1 interface 0 altsetting 195 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 382.215141][ T5773] usb 2-1: config 1 interface 0 has no altsetting 0 [ 382.236395][ T5773] usb 2-1: string descriptor 0 read error: -22 [ 382.243547][ T5773] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 382.270073][ T5773] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 382.301249][ T5773] usb 2-1: bad CDC descriptors [ 382.449056][T15629] netlink: 'syz.2.4454': attribute type 4 has an invalid length. [ 382.460172][ T5789] tipc: Node number set to 4278190081 [ 382.545777][T15607] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 382.647801][T15607] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 382.668009][ T5773] usb 2-1: USB disconnect, device number 24 [ 382.757023][T15617] loop5: detected capacity change from 0 to 32768 [ 382.830329][T15617] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 383.066428][T15617] XFS (loop5): Ending clean mount [ 383.085425][T15617] XFS (loop5): Quotacheck needed: Please wait. [ 383.169472][T15617] XFS (loop5): Quotacheck: Done. [ 383.278123][T15635] loop4: detected capacity change from 0 to 32768 [ 383.348457][T15635] JBD2: Ignoring recovery information on journal [ 383.412186][T12362] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 383.468503][T15635] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 383.882994][T12280] ocfs2: Unmounting device (7,4) on (node local) [ 384.785616][T15677] netlink: 16186 bytes leftover after parsing attributes in process `syz.5.4473'. [ 385.308212][T15686] loop4: detected capacity change from 0 to 4096 [ 385.789574][T15702] netlink: 71 bytes leftover after parsing attributes in process `syz.4.4485'. [ 385.960078][ T5851] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 386.160340][ T5851] usb 6-1: Using ep0 maxpacket: 16 [ 386.167705][ T5851] usb 6-1: New USB device found, idVendor=046a, idProduct=0027, bcdDevice= 0.00 [ 386.188773][ T5851] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 386.211677][ T5851] usb 6-1: config 0 descriptor?? [ 386.655219][ T5851] cherry 0003:046A:0027.0010: hidraw0: USB HID v0.00 Device [HID 046a:0027] on usb-dummy_hcd.5-1/input0 [ 386.935571][ T9] usb 6-1: USB disconnect, device number 9 [ 387.472379][T15744] loop4: detected capacity change from 0 to 4096 [ 387.520896][T15745] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 387.744217][T15751] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4507'. [ 387.863703][T15753] loop5: detected capacity change from 0 to 1024 [ 387.968209][T15757] loop4: detected capacity change from 0 to 1024 [ 388.090648][ T2973] hfsplus: b-tree write err: -5, ino 4 [ 388.191200][ T48] hfsplus: b-tree write err: -5, ino 4 [ 388.597464][T15771] netlink: 'syz.4.4516': attribute type 1 has an invalid length. [ 388.875304][T15777] loop5: detected capacity change from 0 to 512 [ 389.009476][T15777] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.4519: invalid indirect mapped block 10 (level 1) [ 389.078960][T15777] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.4519: invalid indirect mapped block 8 (level 1) [ 389.107875][T15777] EXT4-fs (loop5): 1 truncate cleaned up [ 389.116285][T15777] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 389.202633][T12362] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 389.330225][ T42] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 389.530219][ T42] usb 2-1: Using ep0 maxpacket: 16 [ 389.543985][ T42] usb 2-1: config 252 has an invalid interface number: 15 but max is 0 [ 389.553765][ T42] usb 2-1: config 252 has no interface number 0 [ 389.560713][ T42] usb 2-1: config 252 interface 15 altsetting 0 endpoint 0x83 has invalid maxpacket 1023, setting to 64 [ 389.577641][ T42] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=2b.29 [ 389.587503][ T42] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 389.595971][ T42] usb 2-1: Product: syz [ 389.600612][ T42] usb 2-1: Manufacturer: syz [ 389.609987][ T42] usb 2-1: SerialNumber: syz [ 389.650695][ T42] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 389.669141][T15805] usb usb1: usbfs: process 15805 (syz.4.4530) did not claim interface 0 before use [ 389.710205][ T5789] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 389.896680][ T42] usb 2-1: USB disconnect, device number 25 [ 389.903123][T13890] usb 2-1: Failed to submit usb control message: -71 [ 389.922713][T13890] usb 2-1: unable to send the bmi data to the device: -71 [ 389.925301][ T5789] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 389.936728][T13890] usb 2-1: unable to get target info from device [ 389.946023][T13890] usb 2-1: could not get target info (-71) [ 389.949177][ T5789] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 389.962864][T13890] usb 2-1: could not probe fw (-71) [ 389.969958][ T5789] usb 6-1: Product: syz [ 389.974264][ T5789] usb 6-1: Manufacturer: syz [ 389.983716][ T5789] usb 6-1: SerialNumber: syz [ 390.005449][ T5789] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 390.126019][ T5851] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 390.261054][T15809] loop4: detected capacity change from 0 to 32768 [ 390.301860][T15809] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 390.424741][T15809] XFS (loop4): Ending clean mount [ 390.476184][T15809] XFS (loop4): Quotacheck needed: Please wait. [ 390.587717][T15809] XFS (loop4): Quotacheck: Done. [ 390.588634][T15819] netlink: 52 bytes leftover after parsing attributes in process `syz.2.4533'. [ 390.681555][T15821] netlink: 830 bytes leftover after parsing attributes in process `syz.1.4534'. [ 390.713296][T15821] bond_slave_0: entered promiscuous mode [ 390.719757][T15821] bond_slave_1: entered promiscuous mode [ 390.755116][ T5773] usb 6-1: USB disconnect, device number 10 [ 390.817147][T12280] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 391.172379][ T5851] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive [ 391.193659][ T5851] ath9k_htc: Failed to initialize the device [ 391.240302][T15786] Bluetooth: hci4: command 0x0406 tx timeout [ 391.256734][ T5773] usb 6-1: ath9k_htc: USB layer deinitialized [ 391.688363][T15848] loop5: detected capacity change from 0 to 64 [ 392.360284][ T28] INFO: task syz-executor:5783 blocked for more than 143 seconds. [ 392.380519][ T28] Not tainted 6.6.101-syzkaller #0 [ 392.386200][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 392.423430][ T28] task:syz-executor state:D stack:21424 pid:5783 ppid:1 flags:0x00004004 [ 392.443124][ T28] Call Trace: [ 392.451677][T15872] loop4: detected capacity change from 0 to 512 [ 392.464489][ T28] [ 392.484199][ T28] __schedule+0x14d2/0x44d0 [ 392.498928][ T28] ? asan.module_dtor+0x20/0x20 [ 392.511342][T15872] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.4557: invalid indirect mapped block 10 (level 1) [ 392.529472][ T28] ? mark_lock+0x94/0x320 [ 392.544859][ T28] ? lock_chain_count+0x20/0x20 [ 392.553225][ T28] ? _raw_spin_lock_irq+0xaf/0xe0 [ 392.569672][ T28] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 392.569717][T15872] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.4557: invalid indirect mapped block 8 (level 1) [ 392.576009][ T28] schedule+0xbd/0x170 [ 392.593649][ T28] io_schedule+0x80/0xd0 [ 392.598128][ T28] folio_wait_bit_common+0x6eb/0xf70 [ 392.603615][ T28] ? folio_wait_bit+0x30/0x30 [ 392.617652][T15872] EXT4-fs (loop4): 1 truncate cleaned up [ 392.617681][ T28] ? filemap_get_entry+0x35c/0x3c0 [ 392.630549][ T28] ? _compound_head+0x120/0x120 [ 392.635609][ T28] ? find_lock_entries+0xc38/0xfe0 [ 392.645226][T15872] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 392.660223][ T28] __filemap_get_folio+0xbc/0xbc0 [ 392.665603][ T28] truncate_inode_pages_range+0x40a/0xf00 [ 392.678049][ T28] ? mapping_evict_folio+0x510/0x510 [ 392.683992][ T28] ? _raw_spin_lock_irq+0xaf/0xe0 [ 392.689082][ T28] ? _raw_spin_unlock_irq+0x23/0x50 [ 392.699928][ T28] ? lockdep_hardirqs_on+0x98/0x150 [ 392.709995][ T28] evict+0x499/0x870 [ 392.713977][ T28] ? proc_nr_inodes+0x230/0x230 [ 392.739932][ T28] ? do_raw_spin_unlock+0x121/0x230 [ 392.745244][ T28] ? do_raw_spin_unlock+0x121/0x230 [ 392.759955][ T28] evict_inodes+0x5fe/0x690 [ 392.764531][ T28] ? clear_inode+0x150/0x150 [ 392.769136][ T28] generic_shutdown_super+0x97/0x2b0 [ 392.781134][ T28] kill_block_super+0x44/0x90 [ 392.785873][ T28] deactivate_locked_super+0x97/0x100 [ 392.791348][ T28] cleanup_mnt+0x429/0x4c0 [ 392.795796][ T28] task_work_run+0x1ce/0x250 [ 392.800728][ T28] ? task_work_cancel+0x240/0x240 [ 392.805787][ T28] ? exit_to_user_mode_loop+0x3b/0x110 [ 392.811424][ T28] exit_to_user_mode_loop+0xe6/0x110 [ 392.816738][ T28] exit_to_user_mode_prepare+0xb1/0x140 [ 392.822519][ T28] syscall_exit_to_user_mode+0x1a/0x50 [ 392.828057][ T28] do_syscall_64+0x61/0xb0 [ 392.832765][ T28] ? clear_bhb_loop+0x40/0x90 [ 392.837477][ T28] ? clear_bhb_loop+0x40/0x90 [ 392.842491][ T28] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 392.848543][ T28] RIP: 0033:0x7f9fcf18ff17 [ 392.853045][ T28] RSP: 002b:00007ffc32f8e808 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 392.861668][ T28] RAX: 0000000000000000 RBX: 00007f9fcf211c05 RCX: 00007f9fcf18ff17 [ 392.869836][ T28] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc32f8e8c0 [ 392.878069][ T28] RBP: 00007ffc32f8e8c0 R08: 0000000000000000 R09: 0000000000000000 [ 392.886396][ T28] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc32f8f950 [ 392.894446][ T28] R13: 00007f9fcf211c05 R14: 000000000003caaa R15: 00007ffc32f8f990 [ 392.902625][ T28] [ 392.905747][ T28] [ 392.905747][ T28] Showing all locks held in the system: [ 392.917640][ T28] 1 lock held by khungtaskd/28: [ 392.922945][ T28] #0: ffffffff8cd2fba0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x290 [ 392.936512][ T28] 3 locks held by kworker/u4:10/3003: [ 392.961393][T12280] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 392.974030][ T28] #0: ffff8880b8f3c458 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 392.984757][ T28] #1: ffff8880b8f288c8 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 393.011396][ T28] #2: ffffffff8cd2fc00 (rcu_read_lock_bh){....}-{1:2}, at: mod_peer_timer+0x1f/0x250 [ 393.048815][ T28] 2 locks held by getty/5543: [ 393.053938][ T28] #0: ffff88802d6b40a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 393.064761][ T28] #1: ffffc9000327b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x425/0x1380 [ 393.075073][ T28] 1 lock held by syz-executor/5783: [ 393.080632][ T28] #0: ffff888023dee0e0 (&type->s_umount_key#100){++++}-{3:3}, at: deactivate_super+0xa4/0xe0 [ 393.091406][ T28] 2 locks held by kworker/0:3/5789: [ 393.096648][ T28] #0: ffff888017872538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 393.107966][ T28] #1: ffffc9000460fd00 ((work_completion)(&rew->rew_work)){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 393.120380][ T28] 1 lock held by syz.3.2772/11864: [ 393.125510][ T28] #0: ffff888023dee0e0 (&type->s_umount_key#100){++++}-{3:3}, at: super_lock+0x167/0x360 [ 393.135540][ T28] 1 lock held by syz.5.4554/15863: [ 393.140935][ T28] #0: ffffffff8cd35a40 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x4c/0x580 [ 393.154515][ T28] [ 393.156883][ T28] ============================================= [ 393.156883][ T28] [ 393.165900][ T28] NMI backtrace for cpu 0 [ 393.170460][ T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted 6.6.101-syzkaller #0 [ 393.178360][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 393.188795][ T28] Call Trace: [ 393.192185][ T28] [ 393.195219][ T28] dump_stack_lvl+0x16c/0x230 [ 393.200025][ T28] ? show_regs_print_info+0x20/0x20 [ 393.205247][ T28] ? load_image+0x3b0/0x3b0 [ 393.209805][ T28] nmi_cpu_backtrace+0x39b/0x3d0 [ 393.214754][ T28] ? nmi_trigger_cpumask_backtrace+0x2f0/0x2f0 [ 393.220937][ T28] ? _printk+0xd0/0x110 [ 393.225161][ T28] ? load_image+0x3b0/0x3b0 [ 393.229675][ T28] ? load_image+0x3b0/0x3b0 [ 393.234201][ T28] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 393.240390][ T28] nmi_trigger_cpumask_backtrace+0x17a/0x2f0 [ 393.246421][ T28] watchdog+0xf41/0xf80 [ 393.250683][ T28] ? watchdog+0x1e1/0xf80 [ 393.255036][ T28] kthread+0x2fa/0x390 [ 393.259170][ T28] ? hungtask_pm_notify+0x90/0x90 [ 393.264196][ T28] ? kthread_blkcg+0xd0/0xd0 [ 393.268892][ T28] ret_from_fork+0x48/0x80 [ 393.273504][ T28] ? kthread_blkcg+0xd0/0xd0 [ 393.278207][ T28] ret_from_fork_asm+0x11/0x20 [ 393.283072][ T28] [ 393.286655][ T28] Sending NMI from CPU 0 to CPUs 1: [ 393.292266][ C1] NMI backtrace for cpu 1 [ 393.292282][ C1] CPU: 1 PID: 5147 Comm: klogd Not tainted 6.6.101-syzkaller #0 [ 393.292296][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 393.292304][ C1] RIP: 0010:rcu_is_watching+0x1c/0xb0 [ 393.292329][ C1] Code: e9 53 ff ff ff 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 41 57 41 56 53 65 ff 05 28 1a 94 7e e8 bb 8d fd 08 89 c3 83 f8 08 73 60 <49> bf 00 00 00 00 00 fc ff df 4c 8d 34 dd 30 0a 7d 8c 4c 89 f0 48 [ 393.292342][ C1] RSP: 0018:ffffc90003227340 EFLAGS: 00000097 [ 393.292354][ C1] RAX: 0000000000000001 RBX: 0000000000000001 RCX: b54cf76636319200 [ 393.292364][ C1] RDX: 0000000000000000 RSI: ffffffff8afc6760 RDI: ffffffff8afc6720 [ 393.292373][ C1] RBP: ffffc90003227478 R08: ffffffff8e4a84ef R09: 1ffffffff1c9509d [ 393.292383][ C1] R10: dffffc0000000000 R11: fffffbfff1c9509e R12: 1ffff92000644e78 [ 393.292393][ C1] R13: ffffffff8cd35418 R14: 0000000000000001 R15: dffffc0000000000 [ 393.292403][ C1] FS: 00007ff0ecad3c80(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 393.292416][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 393.292425][ C1] CR2: 0000001b30a1cff8 CR3: 00000000308f0000 CR4: 00000000003526e0 [ 393.292437][ C1] Call Trace: [ 393.292442][ C1] [ 393.292449][ C1] lock_acquire+0xcb/0x410 [ 393.292469][ C1] ? read_lock_is_recursive+0x20/0x20 [ 393.292492][ C1] _raw_spin_lock+0x2e/0x40 [ 393.292512][ C1] ? rcu_note_context_switch+0x270/0x1110 [ 393.292534][ C1] rcu_note_context_switch+0x270/0x1110 [ 393.292565][ C1] ? cond_synchronize_rcu_expedited_full+0x90/0x90 [ 393.292589][ C1] ? rcu_is_watching+0x15/0xb0 [ 393.292607][ C1] __schedule+0x2d3/0x44d0 [ 393.292623][ C1] ? __update_load_avg_se+0x6ed/0xb90 [ 393.292652][ C1] ? asan.module_dtor+0x20/0x20 [ 393.292667][ C1] ? try_to_wake_up+0x6c5/0x10b0 [ 393.292688][ C1] ? __lock_acquire+0x7c80/0x7c80 [ 393.292709][ C1] ? preempt_schedule+0xab/0xc0 [ 393.292726][ C1] preempt_schedule_common+0x82/0xc0 [ 393.292743][ C1] preempt_schedule+0xab/0xc0 [ 393.292760][ C1] ? schedule_preempt_disabled+0x20/0x20 [ 393.292776][ C1] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 393.292793][ C1] ? lock_chain_count+0x20/0x20 [ 393.292808][ C1] preempt_schedule_thunk+0x1a/0x30 [ 393.292831][ C1] _raw_spin_unlock_irqrestore+0xfa/0x110 [ 393.292853][ C1] ? _raw_spin_unlock+0x40/0x40 [ 393.292873][ C1] ? __wake_up_common+0x2a4/0x4e0 [ 393.292893][ C1] __wake_up_sync_key+0x11f/0x190 [ 393.292909][ C1] ? __wake_up_locked_key_bookmark+0x20/0x20 [ 393.292926][ C1] ? __lock_acquire+0x7c80/0x7c80 [ 393.292946][ C1] ? sock_def_readable+0xad/0x430 [ 393.292963][ C1] sock_def_readable+0x1e1/0x430 [ 393.292981][ C1] unix_dgram_sendmsg+0x10cc/0x1720 [ 393.293012][ C1] ? unix_dgram_poll+0x670/0x670 [ 393.293028][ C1] ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0 [ 393.293056][ C1] ? aa_sock_msg_perm+0x94/0x150 [ 393.293072][ C1] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 393.293089][ C1] ? security_socket_sendmsg+0x80/0xa0 [ 393.293105][ C1] __sys_sendto+0x46a/0x620 [ 393.293124][ C1] ? __might_fault+0xaa/0x120 [ 393.293139][ C1] ? __ia32_sys_getpeername+0x90/0x90 [ 393.293169][ C1] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 393.293189][ C1] ? lock_chain_count+0x20/0x20 [ 393.293207][ C1] __x64_sys_sendto+0xde/0xf0 [ 393.293226][ C1] do_syscall_64+0x55/0xb0 [ 393.293248][ C1] ? clear_bhb_loop+0x40/0x90 [ 393.293261][ C1] ? clear_bhb_loop+0x40/0x90 [ 393.293274][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 393.293296][ C1] RIP: 0033:0x7ff0ecc23407 [ 393.293307][ C1] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff [ 393.293318][ C1] RSP: 002b:00007ffe50b717c0 EFLAGS: 00000202 ORIG_RAX: 000000000000002c [ 393.293331][ C1] RAX: ffffffffffffffda RBX: 00007ff0ecad3c80 RCX: 00007ff0ecc23407 [ 393.293341][ C1] RDX: 0000000000000072 RSI: 00007ffe50b71900 RDI: 0000000000000003 [ 393.293350][ C1] RBP: 00007ffe50b71d30 R08: 0000000000000000 R09: 0000000000000000 [ 393.293358][ C1] R10: 0000000000004000 R11: 0000000000000202 R12: 00007ffe50b71d48 [ 393.293367][ C1] R13: 00007ffe50b71900 R14: 0000000000000057 R15: 00007ffe50b71900 [ 393.293385][ C1] [ 393.296845][ T28] Kernel panic - not syncing: hung_task: blocked tasks [ 393.724103][ T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted 6.6.101-syzkaller #0 [ 393.732005][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 393.742118][ T28] Call Trace: [ 393.745390][ T28] [ 393.748337][ T28] dump_stack_lvl+0x16c/0x230 [ 393.753069][ T28] ? show_regs_print_info+0x20/0x20 [ 393.758261][ T28] ? load_image+0x3b0/0x3b0 [ 393.762765][ T28] panic+0x2c0/0x710 [ 393.766740][ T28] ? schedule_preempt_disabled+0x20/0x20 [ 393.772378][ T28] ? bpf_jit_dump+0xd0/0xd0 [ 393.776883][ T28] ? __irq_work_queue_local+0x13a/0x3b0 [ 393.782443][ T28] ? nmi_trigger_cpumask_backtrace+0x2a4/0x2f0 [ 393.789046][ T28] watchdog+0xf80/0xf80 [ 393.793204][ T28] ? watchdog+0x1e1/0xf80 [ 393.797547][ T28] kthread+0x2fa/0x390 [ 393.801628][ T28] ? hungtask_pm_notify+0x90/0x90 [ 393.806706][ T28] ? kthread_blkcg+0xd0/0xd0 [ 393.811292][ T28] ret_from_fork+0x48/0x80 [ 393.815789][ T28] ? kthread_blkcg+0xd0/0xd0 [ 393.820369][ T28] ret_from_fork_asm+0x11/0x20 [ 393.825135][ T28] [ 393.828540][ T28] Kernel Offset: disabled [ 393.832962][ T28] Rebooting in 86400 seconds..