last executing test programs: 6m59.381365132s ago: executing program 1 (id=559): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='./file0\x00', r0}, 0x18) msync(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x6) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) getcwd(&(0x7f0000000140)=""/115, 0x73) setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f0000000040), 0x4) r5 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0) ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, 0x0) ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, &(0x7f00000000c0)={'pcl812\x00', [0x8001, 0x6, 0x1, 0x0, 0x0, 0xcc7, 0x8, 0x7, 0xa, 0x100, 0x2, 0x1, 0x8, 0x4, 0x6, 0xffffffff, 0x1, 0x1a449, 0x3, 0x40000003, 0x89, 0x2, 0xf27, 0x6, 0xb, 0x8, 0x5, 0x8, 0x4, 0x10000, 0xfffffff8]}) 6m58.066709451s ago: executing program 1 (id=562): syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000340)='./file0\x00', 0x3000010, &(0x7f00000000c0)={[{@adinicb}, {@noadinicb}, {@uid}, {@umask={'umask', 0x3d, 0x3d}}, {@iocharset={'iocharset', 0x3d, 'cp775'}}, {@utf8}, {@shortad}, {@uid_forget}, {@adinicb}]}, 0x1, 0xc59, &(0x7f0000001640)="$eJzs3U9sHNd9B/DfGy3FldJWTJwqThoHm7ZIZcVy9S+iYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFEjQw2iLokWldILn4UOTUE9HCRlD0wBYBAhQIWMzsW3FJkbYs/hElfz429d2ZeW/mvZn1jCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xr58+kzaYsOhR9AYAGBfXB396umzWz3/AYAn1rXt/v8fAAAAAAAAAAAAAAA4KFIU8VSkmL26msar5Y76lXbfnbtjQ8NbVzuSqpqHqvLlT/3M2XPnv3Rh8GI3r7Sn36f+bvtMvDp67XLjpZnbs3OT8/OTE42x6faNmYnJB97DTutvdrI6AY3br92ZuHlzvnH2+XMbNt8deK//Y8cHLg0+e+qZbtmxoeHh0fUi9d7ytYduSMd2IzwORxGnIsVz3/9pakVEETs/F/X9vfabHak6cbLqxNjQcNWRqXZreqHcONI9EUVEo6dSs3uOtr4WUevb1z5srxmxWDa/bPDJsnujs6251vWpycZIa26hvdCemR5JndaW/WlEERdTxFJErPTfv7u+KKIWKb5zbDVdz2/9qM7DF6uBwdu3o9jDPj6Asp2Nvoil4jG4ZgdYfxTxSqT42dsn4ka+z1T3mi9EvFLmDyLeLPPFiFR+Mc5HvLvF94jHUy2K+PPy+l9aTRPV/aB7X7nytcZXpm/O9JTt3lc+5PPhvjvFI3o+HNmU++OA35vqUUSruuOvpof/zQ4AAAAAAAAAAAAAAAAAu+1IFPHpSPHyv/1RNa44qnHpxy4N/v7AL/eOGX/6A/ZTln0+IhaLBxuTezgPDBxJIyk94rHEH2X1KOKP8/i/bz3qxgAAAAAAAAAAAAAAAAAAAHykFfGTSPHCOyfSUvTOKd6evtW41ro+1ZkVtjv3b3fO9LW1tbVGqjIG8vJ4Z3ltMedSzuWcKynPL9ytX3SymXM852LOpZzLOVdyxqFcP2cz53jOxZxLOZdzruSMWq6fs5lzPOdizqWcyzlXcsYBmbsXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBJUkQRv4gU3/7GaooUEc2I8ejkcv+jbh0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUOpPRfxDpGj8QfPeulpEpOrfjhPlL+ejebjMT0RzsMwXo3k5Z6vKWvNbj6D97ExfKuLHkaK//ta9C56vf19n6d7XIN785vrSZ2qdPNTdOPBe/8eOH7s0OPy5p7f7nLZqwMkr7ek7dxtjQ8PDoz2ra/non+hZN5CPW+xO14mI+dffeK01NTU59/Afyq/AQ1bvXskdHH0/P6TaLja1/+D3PWoHohmP7kPUDkQzHk3fN6jv942JfVE+/9+NFL/9zr93H/id5389fqmzdO8JHz//k/Xn/wubd/SAz//a5nr5+V8+CbZ6/j/Vs+6F/LuRvlpEfeH2bN/xiPr862+cat9u3Zq8NTl9/vTpLw8Ofvnc6b7DEfWb7anJnk+7croAAAAAAAAAAAAAAAAA9k8q4ncjRevHq6kREXer8VoDlwafPfXMoThUjbfaMG771dFrlxsvzdyenZucn5+caIxNt2/MTEw+6OHq1XCvsaHhPenMBzqyx+0/Un9pZvb1ufatP1zYcvvR+uXr8wtzrRtbb44jUUQ0e9ecrBo8NjRcNXqq3Zquqo5sOZj+w+tLRfxHpLhxvpE+n9fl8f+bR/hvGP+/uHlHuzj+/3NH18f/fbwTRfeYKRXx80jxW3/xdHy+aufRuO+c5XJ/EylOXvxsLheHy3LdNnTeK9AZGViW/Z9I8fe/2Fi2Ox7yqfWyZz70CT7gyut/LNIr3/uz78av53Ub3/+w9fU/unlHe/T+h0/2rDu64X0FO+46+fqfihQvPvVW/Ea15v/e9/0f3Tc2nOgUXn8/xx5d/1/tWTeQj/ubu9V5AAAAAAAAAACAx1hfKuJvI8UPh2vpQl73IH//b2Lzjvbo7399qmfdxO7MV/TB094AAAAAwBOiLxXxk0hxa+Gte2OoN47/7hn/+Tvr4z+H0qat1Z/z/Ur13oDd/PO/XgP5uOM77zYAAAAAAAAAAAAAAAAAAAAcKCkVcSHPpz5ejeef2HY+9eVI8fJ/PZfLpeNlue488APVr/Wra9OnLk9NzdRjoXV9arIxOtu6MVnW/WSkWP3rz+a6RTW/ene++c4c7+tzsc9FiuHvdct25mLvzk3emQ+8vrYWcaYs+/FI8Z9/t7Fsnpo6zx1d7fdsWfavIsXX/2nrssfXy54ry343Uvzo641u2aNl2Qv5ZaifWi/7/I2ZYm8uDAAAAAAAAAAAAAAAAAAAAB8pfamIP40U/3176d5Y/jz/f1/PYuXNb/bM97/J3Wqe/4Fq/v/tPj/M/P/VewUWtzsqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8mVIU8UakmL26mpb7y+WO+pX29J27Y0PDW1c7kqqah6ry5U/9zNlz5790YfBiN9+//m77dLw6eu1y46WZ27Nzk/PzkxONsen2jZmJyQfew07rb3ayOgGN26/dmbh5c75x9vlzGzbfHXiv/2PHBy4NPnvqmW7ZsaHh4dGeMrW+hz76fdI26w9HEX8ZKZ77/k/TD/sjitj5ufiA785eO1J14mTVibGh4aojU+3W9EK5caR7IoqIRk+lZvcc7cO12JFmxGLZ/LLBJ8vujc625lrXpyYbI625hfZCe2Z6JHVaW/anEUVcTBFLEbHSf//u+qKI1yLFd46tpn/ujzjUPQ9fvDr61dNnt29HsYd9fABlOxt9EUvFY3DNDrD+KOIfI8XP3j4R/9IfUYvOT3wh4pUyfxDxZnSudyq/GOcj3t3ie8TjqRZF/G95/S+tprf7y/tB975y5WuNr0zfnOkp272vPPbPh/10wO9N9SjiR9UdfzX9q/+uAQAAAAAAAAAAAAAAAA6QIn4tUrzwzolUjQ++N6a4PX2rca11faozrK879q87ZnptbW2tkTrZzDmeczHnUs7lnCs5o8j1czbLrK+tjeflxZxLOZdzruSMQ7l+zmbO8ZyLOZdyLudcyRm1XD9nM+d4zsWcSzmXc67kjAMydg8AAAAAAAAAAAAAAAAAAHiyFNU/Kb79jdW01t+ZX3o8OrlsPtAn3v8HAAD//9/q7Wc=") setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r1, &(0x7f0000000140)='2', 0xff10, 0x8000c61) sendfile(r0, r0, 0x0, 0xe3aa6ea) 6m56.900187296s ago: executing program 1 (id=568): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x8) open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0) setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, 0x0, 0x2c) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)}, {0x0}], 0x2) mq_open(0x0, 0x1, 0x83, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x8, 0x0) get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000117000/0x2000)=nil, 0x2) 6m56.051852639s ago: executing program 1 (id=571): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='./file0\x00', r0}, 0x18) msync(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x6) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) getcwd(&(0x7f0000000140)=""/115, 0x73) setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f0000000040), 0x4) r5 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0) ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, 0x0) ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, &(0x7f00000000c0)={'pcl812\x00', [0x8001, 0x6, 0x1, 0x0, 0x0, 0xcc7, 0x8, 0x7, 0xa, 0x100, 0x2, 0x1, 0x8, 0x4, 0x6, 0xffffffff, 0x1, 0x1a449, 0x3, 0x40000003, 0x89, 0x2, 0xf27, 0x6, 0xb, 0x8, 0x5, 0x8, 0x4, 0x10000, 0xfffffff8]}) 6m54.951593087s ago: executing program 1 (id=573): unshare(0x62040200) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x0, 0x82, &(0x7f0000000140)={'filter\x00', 0x0, 0x0, 0x0, [0x9, 0x4009, 0x3, 0x2, 0x2, 0x7]}, &(0x7f0000000000)=0x78) 6m50.43177144s ago: executing program 1 (id=584): recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[], 0x50) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x40}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x4c}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00'}, 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x48, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0xffff060e}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$VIDIOC_QBUF(0xffffffffffffffff, 0xc058565d, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2) 6m34.988550555s ago: executing program 32 (id=584): recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[], 0x50) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x40}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x4c}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00'}, 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x48, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0xffff060e}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$VIDIOC_QBUF(0xffffffffffffffff, 0xc058565d, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2) 16.727199844s ago: executing program 0 (id=1330): getpid() prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) ioctl$VIDIOC_S_OUTPUT(0xffffffffffffffff, 0xc004562f, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r4 = syz_io_uring_setup(0xa0, &(0x7f0000000100)={0x0, 0x200089bb, 0x1, 0x5, 0x1c3}, 0x0, &(0x7f00000000c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(0x0, r5, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r3, 0xc000000, &(0x7f0000000000)=[{&(0x7f0000001600)=""/4096, 0x1000}], 0x1, 0x1e}) io_uring_enter(r4, 0x847ba, 0x0, 0xe, 0x0, 0x0) 15.488952976s ago: executing program 0 (id=1334): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@struct={0x0, 0x2, 0x0, 0x4, 0x0, 0xffffffff, [{0x0, 0x3, 0xffffffff}, {0x0, 0x1}]}]}}, 0x0, 0x3e}, 0x28) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000600)=@updpolicy={0xfc, 0x19, 0x1, 0x70bd2d, 0x0, {{@in6=@loopback, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xc, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x200000000000}, {0x0, 0xa00, 0x407ffffffffffe, 0x800000000000002}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@empty, 0x0, 0x3c}, 0x2, @in=@broadcast, 0x6, 0x4, 0x1}]}]}, 0xfc}}, 0x0) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC, @ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) syz_init_net_socket$ax25(0x3, 0x5, 0xc4) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8ec, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) bpf$PROG_LOAD(0x5, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x6) ioctl$KVM_SET_CPUID(r5, 0x4008ae8a, &(0x7f0000000600)) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r6, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_STRSET_GET(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)={0x1c, r8, 0x3141e0b2751b0f9b, 0x70bd2a, 0x25dfdbff, {}, [@ETHTOOL_A_STRSET_STRINGSETS={0x4}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x60c5}, 0x80) syz_init_net_socket$ax25(0x3, 0x7, 0xcc) prctl$PR_SET_SECUREBITS(0x1c, 0x8) sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x6c, r2, 0x1, 0x0, 0x3, {}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x44, @dev={0xfe, 0x80, '\x00', 0x16}, 0xff8}}, {0x20, 0x2, @in6={0xa, 0x0, 0xfffffffc, @mcast2}}}}]}]}, 0x6c}}, 0x0) 10.624191181s ago: executing program 4 (id=1347): syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000009b768405e0483020b9901e40201090227000100000000090400fb015cc7aa00090509"], 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x3, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xfffffffffffffd63}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c) unlink(0x0) sendto$inet6(r3, &(0x7f0000000280)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r4 = syz_open_dev$I2C(&(0x7f0000000040), 0x0, 0x0) r5 = socket$pptp(0x18, 0x1, 0x2) setsockopt(r5, 0xfffffffe, 0xcc, &(0x7f0000000300)="ba5746bd702db8369f1f11ade7825c538cb388fc610c81b9e258b4488467a87c9bb994cad512338699559fca99d923c5c5a7a5aaf42c47f32b39512fbff612ed9969e2743f9743096107760cee138deadc419e09566f22048770a1e7d55231481eb32653e1f317a97cbb85c5cd49aa11743600bd32fffe6ded0fbd2b844bebdaad5a74a089197db584872a07579cd0dc398701d8ae6ec11f", 0x98) ioctl$I2C_SMBUS(r4, 0x720, &(0x7f0000000000)={0x0, 0x0, 0x3, 0x0}) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0xd, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007911a800000000003f74fdc346f3579895007400000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f00000004c0)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x94) r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_DAEMON(r7, &(0x7f0000007580)={0x0, 0x0, &(0x7f0000007540)={&(0x7f0000000000)={0x44, r6, 0x1, 0x70bd25, 0x25dfdc00, {}, [@IPVS_CMD_ATTR_DAEMON={0x30, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'bridge_slave_0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x1661}]}]}, 0x44}}, 0x48040) mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103) 10.012993811s ago: executing program 3 (id=1348): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='./file0\x00', r0}, 0x18) msync(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x6) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) getcwd(&(0x7f0000000140)=""/115, 0x73) setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000040), 0x4) setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000000180)=@gcm_128={{0x303}, "345aa3593519c7e1", "e8a1056a7c356ba2b862ef93136b1587", "28bc90f4", "790f59276094db31"}, 0x28) r3 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0) ioctl$COMEDI_DEVCONFIG(r3, 0x40946400, 0x0) ioctl$COMEDI_DEVCONFIG(r3, 0x40946400, &(0x7f00000000c0)={'pcl812\x00', [0x8001, 0x6, 0x1, 0x0, 0x0, 0xcc7, 0x8, 0x7, 0xa, 0x100, 0x2, 0x1, 0x8, 0x4, 0x6, 0xffffffff, 0x1, 0x1a449, 0x3, 0x40000003, 0x89, 0x2, 0xf27, 0x6, 0xb, 0x8, 0x5, 0x8, 0x4, 0x10000, 0xfffffff8]}) 9.20512425s ago: executing program 3 (id=1350): r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x200000001000, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1}) ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000100)=0x2) r1 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x10c4, 0x0, 0x0, 0x80000}, 0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}) io_uring_enter(r1, 0x45f7, 0x0, 0x0, 0x0, 0x0) 8.620987877s ago: executing program 2 (id=1351): getpid() prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) ioctl$VIDIOC_S_OUTPUT(0xffffffffffffffff, 0xc004562f, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r4 = syz_io_uring_setup(0xa0, &(0x7f0000000100)={0x0, 0x200089bb, 0x1, 0x5, 0x1c3}, &(0x7f0000000240)=0x0, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r5, 0x0, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r3, 0xc000000, &(0x7f0000000000)=[{&(0x7f0000001600)=""/4096, 0x1000}], 0x1, 0x1e}) io_uring_enter(r4, 0x847ba, 0x0, 0xe, 0x0, 0x0) 8.228103985s ago: executing program 3 (id=1352): sendmmsg$inet(0xffffffffffffffff, &(0x7f00000017c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@ip_ttl={{0x14, 0x0, 0x2, 0x7}}], 0x18}}], 0x1, 0x0) r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e000"], 0x57) 7.519036144s ago: executing program 2 (id=1353): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, 0x0) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='./file0\x00', r0}, 0x18) msync(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x6) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) getcwd(&(0x7f0000000140)=""/115, 0x73) setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f0000000040), 0x4) r5 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0) ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, 0x0) ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, &(0x7f00000000c0)={'pcl812\x00', [0x8001, 0x6, 0x1, 0x0, 0x0, 0xcc7, 0x8, 0x7, 0xa, 0x100, 0x2, 0x1, 0x8, 0x4, 0x6, 0xffffffff, 0x1, 0x1a449, 0x3, 0x40000003, 0x89, 0x2, 0xf27, 0x6, 0xb, 0x8, 0x5, 0x8, 0x4, 0x10000, 0xfffffff8]}) 7.191743077s ago: executing program 3 (id=1354): sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4800}, 0x24044884) syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6016000000102b00fc0100000000000000e2ff0000000000fe8000000000000000000400000000aa"], 0x0) connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty, 0xa, 0x4}, 0x20) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000002840)={0x1, &(0x7f0000000100)=[{0x80000006, 0x0, 0x0, 0x4}]}, 0x8) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CLEAR_DIRTY_LOG(0xffffffffffffffff, 0xc018aec0, &(0x7f0000000140)={0x10201, 0x240, 0x380, &(0x7f0000000180)=[0x6bd1a312, 0xec66, 0xff, 0x8, 0x98bd, 0x800000000000009, 0x0, 0x4, 0x10000, 0x7, 0x9004, 0x9, 0x8, 0x9, 0x5, 0x49, 0x3ff, 0x5, 0x2, 0x6, 0x8, 0x7, 0xc1, 0x1, 0x7ff, 0x6, 0x40006, 0x9, 0x96, 0xffffffff, 0xfbffffff00000000, 0x0, 0x5, 0x7, 0x4, 0x8000, 0x9, 0x888f, 0x1, 0xb, 0x46, 0x6, 0x3, 0xa3de, 0x20000000006, 0x8, 0x7, 0x400, 0x2, 0xfffffffffffffff7, 0xfffffffffffffffa, 0x2, 0xe, 0x6, 0x4, 0xe6, 0x200000000000101, 0x5, 0x5, 0x66, 0x6, 0x7, 0x40000005, 0xfffffffeffffffff, 0x5, 0xd, 0x10001, 0xbbd9, 0x7ffffffe, 0xfffffffffffffc00, 0xe, 0x7, 0x7fffffff, 0xcdc, 0x4000000007, 0x2, 0x3, 0x2, 0x2, 0xfff, 0x8, 0x4, 0x11, 0xab6, 0x0, 0x8, 0x0, 0xffffffffffffff81, 0x9, 0xff, 0x6, 0x28000000, 0x0, 0x8061d, 0x3, 0x7, 0xf6, 0x4, 0x6, 0x200, 0x7, 0xe53e, 0x4, 0x8, 0x2293332f, 0x6, 0x5, 0x1e, 0xd, 0x2, 0x4, 0xfffffffffffffffb, 0xffffffffffffffff, 0x7, 0xdfd4, 0xfffd, 0x10, 0x5, 0x8, 0x1, 0x53e0f0fe, 0xeb5, 0x0, 0xfffffffffffffffe, 0xa692, 0xcc, 0x8, 0x1000003]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66b80e010f00d0b0060f21a20f01c40f009b2700000066b80c008ee00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a00b9730200000f32328fe858b660002fb90d090000b800680000ba000000000f30", 0x65}], 0x1, 0x0, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 6.892052336s ago: executing program 4 (id=1355): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) write$FUSE_NOTIFY_RETRIEVE(0xffffffffffffffff, 0x0, 0x0) recvmsg$kcm(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000002240)=[{0x0}, {&(0x7f00000000c0)=""/118, 0x76}, {&(0x7f0000000140)=""/70, 0x46}], 0x3}, 0x0) 6.511391003s ago: executing program 3 (id=1356): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) iopl(0x3) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @pix={0x434c, 0x8, 0x584e4f53, 0x4, 0x2, 0x7, 0x0, 0x5, 0x1, 0x4, 0x2, 0x7}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x1) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$KVM_GET_PIT2(0xffffffffffffffff, 0x8070ae9f, &(0x7f0000000300)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0) ftruncate(r1, 0x8800000) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r2, &(0x7f00000034c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x700, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) pipe(0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x0, @thr={&(0x7f0000000300), &(0x7f0000000380)}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, 0x0, 0x0) 5.749471187s ago: executing program 4 (id=1357): socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000000c0)}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000700), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x54, r3, 0x1, 0x0, 0x3, {0x22}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}, {0xc}, {0xc}}]}, 0x54}, 0x1, 0x0, 0x0, 0xc0}, 0x0) 5.644007828s ago: executing program 0 (id=1358): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='./file0\x00', r0}, 0x18) msync(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x6) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) getcwd(&(0x7f0000000140)=""/115, 0x73) setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000040), 0x4) setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000000180)=@gcm_128={{0x303}, "345aa3593519c7e1", "e8a1056a7c356ba2b862ef93136b1587", "28bc90f4", "790f59276094db31"}, 0x28) r3 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0) ioctl$COMEDI_DEVCONFIG(r3, 0x40946400, 0x0) ioctl$COMEDI_DEVCONFIG(r3, 0x40946400, &(0x7f00000000c0)={'pcl812\x00', [0x8001, 0x6, 0x1, 0x0, 0x0, 0xcc7, 0x8, 0x7, 0xa, 0x100, 0x2, 0x1, 0x8, 0x4, 0x6, 0xffffffff, 0x1, 0x1a449, 0x3, 0x40000003, 0x89, 0x2, 0xf27, 0x6, 0xb, 0x8, 0x5, 0x8, 0x4, 0x10000, 0xfffffff8]}) 5.094955942s ago: executing program 0 (id=1359): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48) close(r3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)=ANY=[@ANYRES32=r6, @ANYRES32=r5, @ANYBLOB='&'], 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r6}, &(0x7f0000000000), &(0x7f0000000080)=r3}, 0x20) sendmsg$inet(r4, &(0x7f0000000500)={0x0, 0x4003e80, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x20000281}], 0x1}, 0x0) 3.810832247s ago: executing program 2 (id=1360): r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x200000001000, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1}) ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000100)=0x2) r1 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x10c4, 0x0, 0x0, 0x80000}, &(0x7f0000000340)=0x0, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}) io_uring_enter(r1, 0x45f7, 0x0, 0x0, 0x0, 0x0) 3.555329272s ago: executing program 0 (id=1361): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0x5c, 0x30, 0x1, 0x0, 0x0, {}, [{0x48, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000002340)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4509c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a900d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) creat(&(0x7f0000000440)='./file0\x00', 0x0) syz_clone(0x1010000, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x0) r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0) sendfile(r3, r3, 0x0, 0x40008) 3.16790505s ago: executing program 2 (id=1362): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x6, 0x4, 0x5b, 0x8a}, 0x48) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) ptrace$ARCH_MAP_VDSO_32(0x1e, 0x0, 0x0, 0x2002) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0) ptrace$getsig(0x4202, 0x0, 0x40, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) socket(0x1d, 0x2, 0x6) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0xffffffffffffffff, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3fb, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0) 3.06561883s ago: executing program 3 (id=1363): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) socket$netlink(0x10, 0x3, 0x14) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=@newtaction={0x4a4, 0x30, 0x1, 0x0, 0x0, {}, [{0x490, 0x1, [@m_ct={0x44, 0x6, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x395, 0xffffffffffffffff, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0xffffffff, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}, @m_skbmod={0x140, 0x16, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBMOD_PARMS={0x20, 0x2, {{0x2, 0x8, 0x3, 0xad6, 0x9a80}, 0xf}}]}, {0xf4, 0x6, "aa53fb2850f02424d5f9ec991b94f3850dd5640bfcf65b22f9ec22d10b650e55961863216efb67a66e9c007a2eea0db39baa5bcf0387f2a3967be95089d3bf15f548671109061e5adcd693c4fd019393cfffdc0b294c24c2631d3c054ee2f94c0f7fede59405f05c268e2bc19f78864411aeea61778bf8c2cd2061b5ace0be15ac781901a68818f78b78a5b072d0479dc8933950735dd7cf06dfa7e163d172bb6c8196dadba7905b546c8e80a972d5f1cc01f96017fda5cfa196397470efcdbe6484b3a278bfc3160cc29a5c5f6c69f88377b846bac453e1556d8316a60b682ab52c5821c8e482e71f0f21dab2b0937e"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_nat={0x15c, 0xa, 0x0, 0x0, {{0x8}, {0xcc, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x6, 0x2, 0xffffffffffffffff, 0x403, 0x6}, @dev={0xac, 0x14, 0x14, 0x23}, @remote, 0xffffff00, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x400, 0x8, 0x0, 0x8, 0x6}, @multicast2, @multicast1, 0xffffffff, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x9, 0x7, 0x1, 0x1, 0x5c5}, @private=0xa010100, @broadcast}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x8187, 0x8, 0xfffffffffffffffb, 0x0, 0x401}, @multicast1, @private=0xa010101, 0xff}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x5, 0x3, 0x10000000, 0x7ff, 0x4}, @multicast2, @multicast1}}]}, {0x69, 0x6, "8a787b5e2dec954a39888487f543d4ae155b888a47404c721177bac12930686f7e194d017457a3a9e37589e79ef5a4922ebe80d22cbfc5fc188687f57f45329c3af89085cea52eab99d6695974f550729cab88f21e4e04a73e301902aba3bb9b59b25edbb8"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_csum={0xac, 0x1, 0x0, 0x0, {{0x9}, {0x4}, {0x80, 0x6, "7388e5e2316d892002b0e0ae547a061da75aa937c79e9c5ea979fb4b781c4af7f827800bd00c0349ee697ac42e7695a692378592201b6b586471dfa7ba86200441afa744982bea713091c7be9c7af7f157eb421f005bb471da982844394952fe4550ca81ad540acbd9ab5879a529944a8a9bbef6d8f53249dc0011cf"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x6}}}}, @m_bpf={0xb8, 0xe, 0x0, 0x0, {{0x8}, {0x24, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0xa}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x80000000, 0x6, 0x20000000, 0x7, 0x9}}]}, {0x6d, 0x6, "e071056665f2b4c42627ecf0faa4a042831027a7dcbca68c7261fc1dd6dd9cb11f6372cdc64a78fd3efcb7faa73a3c7c27ec485dbd8f74e9f5a870e67e7ee28d265e914138cbd7302a998230055fa11c3a303fc0c08babbc2cf08473671f5223c09a7f60fcac37f055"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}]}, 0x4a4}, 0x1, 0x0, 0x0, 0x804}, 0x2002c810) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2000000000002) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_RES_CM_ID_GET(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="18bd7001fbdb04010800fdff00000000"], 0x18}, 0x1, 0x0, 0x0, 0x48010}, 0x20004000) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sysvipc/msg\x00', 0x0, 0x0) bind$netlink(r5, &(0x7f0000000500)={0x10, 0x0, 0x25dfdbfc, 0x2000000}, 0xc) prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil) syz_open_procfs(r1, 0x0) r6 = socket$unix(0x1, 0x2, 0x0) r7 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r7, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000a00)=ANY=[@ANYRESDEC=r6, @ANYRES64=0x0, @ANYRES32, @ANYBLOB="153d6b57407ba47967aeb31f1500433176c0584320c584cae5a6f7c1283fc5dcfb2d4ff4d17abd39efd4768ecac65d3f75489c77ca7d32e2188adb8d4cfcfd87d98160f82c70921bf0c7f444c8e2eadf12146a05d0b07ff79b32ba03359d34fa786d0ee0c8be23c954fdcb5e7c1c5631e9b79b8bb8ff17b3eea25bd460ade5f2de1d052ed41a71cf272194c119a3dcbfa1e9837691e190cd136d5f9b168f442e6b81d75a6b8930577948b3a8eafde25e6580ea787d2c27304d3f6ac9358721a23b1be8523496c9c1bd70466b09987035bee423d0d068512a8c7aa35d", @ANYRES64=r6, @ANYBLOB="b7eb290aca"], 0x20000600}}, 0x11) r8 = dup(r0) setsockopt$TIPC_MCAST_BROADCAST(r8, 0x12, 0x85) r9 = syz_io_uring_setup(0x18d7, &(0x7f0000000040)={0x0, 0x6c92, 0x2, 0x0, 0x9e}, &(0x7f0000ffe000), &(0x7f0000000100)) io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r9, 0x2, &(0x7f0000000180), 0xfe) r10 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/3\x00') read$FUSE(r10, &(0x7f00000020c0)={0x2020}, 0xce) 1.950734549s ago: executing program 2 (id=1364): syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) socket$netlink(0x10, 0x3, 0x10) socket$netlink(0x10, 0x3, 0x10) socket$inet_udp(0x2, 0x2, 0x0) socket$inet(0x10, 0x3, 0x0) socket$kcm(0xa, 0x1, 0x0) pipe(&(0x7f0000000040)) socket$nl_generic(0x10, 0x3, 0x10) socket$inet6_sctp(0xa, 0x5, 0x84) r0 = socket$netlink(0x10, 0x3, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) socket$inet_sctp(0x2, 0x1, 0x84) socket$inet_sctp(0x2, 0x5, 0x84) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000001000010400000000000000ffff000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000060002000100000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r2], 0x54}, 0x1, 0x0, 0x0, 0x40814}, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 1.73362359s ago: executing program 4 (id=1365): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) write$FUSE_NOTIFY_RETRIEVE(0xffffffffffffffff, 0x0, 0x0) recvmsg$kcm(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000002240)=[{0x0}, {&(0x7f00000000c0)=""/118, 0x76}, {&(0x7f0000000140)=""/70, 0x46}], 0x3}, 0x0) 524.026698ms ago: executing program 2 (id=1366): syz_init_net_socket$llc(0x1a, 0x2, 0x0) ptrace(0x10, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6", 0xd) timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x7) futex(&(0x7f000000cffc)=0x1, 0xd, 0x0, 0x0, 0x0, 0x1) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) 457.203955ms ago: executing program 4 (id=1367): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='./file0\x00', r0}, 0x18) msync(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x6) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) getcwd(&(0x7f0000000140)=""/115, 0x73) setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000040), 0x4) setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000000180)=@gcm_128={{0x303}, "345aa3593519c7e1", "e8a1056a7c356ba2b862ef93136b1587", "28bc90f4", "790f59276094db31"}, 0x28) r3 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0) ioctl$COMEDI_DEVCONFIG(r3, 0x40946400, 0x0) ioctl$COMEDI_DEVCONFIG(r3, 0x40946400, &(0x7f00000000c0)={'pcl812\x00', [0x8001, 0x6, 0x1, 0x0, 0x0, 0xcc7, 0x8, 0x7, 0xa, 0x100, 0x2, 0x1, 0x8, 0x4, 0x6, 0xffffffff, 0x1, 0x1a449, 0x3, 0x40000003, 0x89, 0x2, 0xf27, 0x6, 0xb, 0x8, 0x5, 0x8, 0x4, 0x10000, 0xfffffff8]}) 69.016743ms ago: executing program 4 (id=1368): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, 0x0) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='./file0\x00', r0}, 0x18) msync(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x6) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) getcwd(&(0x7f0000000140)=""/115, 0x73) setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f0000000040), 0x4) r5 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0) ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, 0x0) ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, &(0x7f00000000c0)={'pcl812\x00', [0x8001, 0x6, 0x1, 0x0, 0x0, 0xcc7, 0x8, 0x7, 0xa, 0x100, 0x2, 0x1, 0x8, 0x4, 0x6, 0xffffffff, 0x1, 0x1a449, 0x3, 0x40000003, 0x89, 0x2, 0xf27, 0x6, 0xb, 0x8, 0x5, 0x8, 0x4, 0x10000, 0xfffffff8]}) 0s ago: executing program 0 (id=1369): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, 0x0, 0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48) close(r3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)=ANY=[@ANYRES32=r6, @ANYRES32=r5, @ANYBLOB='&'], 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r6}, &(0x7f0000000000), &(0x7f0000000080)=r3}, 0x20) sendmsg$inet(r4, &(0x7f0000000500)={0x0, 0x4003e80, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x20000281}], 0x1}, 0x0) kernel console output (not intermixed with test programs): =2, SerialNumber=3 [ 260.895008][ T2133] usb 3-1: Product: syz [ 260.904996][ T2133] usb 3-1: Manufacturer: syz [ 260.935797][ T2133] usb 3-1: SerialNumber: syz [ 260.985357][ T2133] usb 3-1: config 0 descriptor?? [ 261.049393][ T2133] smsc95xx v2.0.0 [ 261.133793][ T7031] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 275: padding at end of block bitmap is not set [ 261.323774][ T7034] loop0: detected capacity change from 0 to 1024 [ 261.331969][ T7034] EXT4-fs: Ignoring removed nobh option [ 261.340620][ T7034] EXT4-fs: Ignoring removed bh option [ 261.405956][ T7034] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 261.500075][ T7034] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 261.594542][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 261.842028][ T7043] Cannot find add_set index 0 as target [ 261.898952][ T7042] binder: 7041:7042 ioctl c0306201 0 returned -14 [ 262.238031][ T2133] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71 [ 262.256369][ T2133] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 262.268407][ T2133] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 262.295423][ T2133] smsc95xx: probe of 3-1:0.67 failed with error -71 [ 262.321314][ T2133] usb 3-1: USB disconnect, device number 4 [ 262.632620][ T7050] loop1: detected capacity change from 0 to 16 [ 262.732776][ T7050] erofs: (device loop1): mounted with root inode @ nid 36. [ 264.266934][ T7062] loop1: detected capacity change from 0 to 4096 [ 264.378652][ T7063] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 264.766617][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 265.392022][ T7071] loop3: detected capacity change from 0 to 64 [ 266.041571][ T7067] loop2: detected capacity change from 0 to 40427 [ 266.085338][ T7067] F2FS-fs (loop2): invalid crc value [ 266.110733][ T7067] F2FS-fs (loop2): Found nat_bits in checkpoint [ 266.214177][ T7067] F2FS-fs (loop2): Start checkpoint disabled! [ 266.227357][ T7067] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6 [ 266.303345][ T7080] Cannot find add_set index 0 as target [ 266.425291][ T7067] syz.2.316: attempt to access beyond end of device [ 266.425291][ T7067] loop2: rw=2049, sector=77824, nr_sectors = 136 limit=40427 [ 266.666598][ T7074] loop1: detected capacity change from 0 to 32768 [ 266.775357][ T7074] XFS (loop1): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 266.801195][ T1107] kworker/u4:8: attempt to access beyond end of device [ 266.801195][ T1107] loop2: rw=1, sector=77944, nr_sectors = 16 limit=40427 [ 266.847429][ T58] kworker/u4:4: attempt to access beyond end of device [ 266.847429][ T58] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 267.029012][ T7074] XFS (loop1): Ending clean mount [ 267.034646][ T58] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 267.085832][ T58] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 267.272037][ T5798] XFS (loop1): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 267.811591][ T7094] loop1: detected capacity change from 0 to 16 [ 267.858971][ T7094] erofs: (device loop1): mounted with root inode @ nid 36. [ 271.711891][ T7108] loop1: detected capacity change from 0 to 1024 [ 272.224046][ T7108] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 272.267943][ T7122] loop3: detected capacity change from 0 to 4096 [ 273.978908][ T7135] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 274.152286][ T7137] loop0: detected capacity change from 0 to 64 [ 274.732327][ T7141] Cannot find add_set index 0 as target [ 275.021696][ T5798] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 275.062410][ T7144] loop3: detected capacity change from 0 to 16 [ 275.083033][ T7144] erofs: (device loop3): mounted with root inode @ nid 36. [ 276.741331][ T7160] fuse: Bad value for 'fd' [ 277.119657][ T7160] loop1: detected capacity change from 0 to 40427 [ 277.127471][ T7160] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 277.135353][ T7160] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 277.165213][ T7160] F2FS-fs (loop1): invalid crc value [ 277.196039][ T7148] loop3: detected capacity change from 0 to 32768 [ 277.218300][ T7160] F2FS-fs (loop1): Found nat_bits in checkpoint [ 277.303310][ T7148] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 277.318441][ T7148] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 277.328001][ T7160] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 277.335290][ T7160] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 280.148455][ T27] audit: type=1800 audit(1760236999.377:18): pid=7172 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.336" name="file1" dev="loop1" ino=10 res=0 errno=0 [ 280.356990][ T7148] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms [ 280.366248][ T5798] syz-executor: attempt to access beyond end of device [ 280.366248][ T5798] loop1: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 280.441189][ T5905] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 280.449824][ T5798] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 280.473523][ T5905] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 281.066979][ T5905] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 593ms [ 281.108068][ T5905] gfs2: fsid=syz:syz.0: jid=0: Done [ 281.126374][ T7148] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 281.171245][ T7148] gfs2: fsid=syz:syz.0: can't create logd thread: -4 [ 281.809736][ T7180] loop0: detected capacity change from 0 to 16 [ 281.840760][ T7180] erofs: (device loop0): mounted with root inode @ nid 36. [ 281.957737][ T7180] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 282.009310][ T7180] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 282.425503][ T7187] loop1: detected capacity change from 0 to 4096 [ 282.604125][ T7190] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 283.576009][ T7197] loop0: detected capacity change from 0 to 64 [ 283.890499][ T7199] loop2: detected capacity change from 0 to 2048 [ 284.188821][ T7200] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 284.303765][ T7204] Cannot find add_set index 0 as target [ 285.856762][ T7213] fuse: Bad value for 'fd' [ 286.109674][ T7213] loop2: detected capacity change from 0 to 40427 [ 286.122390][ T7213] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 286.130296][ T7213] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 286.196487][ T7213] F2FS-fs (loop2): invalid crc value [ 286.275556][ T7213] F2FS-fs (loop2): Found nat_bits in checkpoint [ 286.338393][ T7213] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 286.345517][ T7213] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 287.481187][ T27] audit: type=1800 audit(1760237008.397:19): pid=7221 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.349" name="file1" dev="loop2" ino=10 res=0 errno=0 [ 287.984551][ T48] kworker/u4:3: attempt to access beyond end of device [ 287.984551][ T48] loop2: rw=1, sector=77824, nr_sectors = 2056 limit=40427 [ 288.055117][ T48] kworker/u4:3: attempt to access beyond end of device [ 288.055117][ T48] loop2: rw=1, sector=79880, nr_sectors = 2040 limit=40427 [ 288.098168][ T48] kworker/u4:3: attempt to access beyond end of device [ 288.098168][ T48] loop2: rw=1, sector=49152, nr_sectors = 2064 limit=40427 [ 288.167540][ T48] kworker/u4:3: attempt to access beyond end of device [ 288.167540][ T48] loop2: rw=1, sector=51216, nr_sectors = 1592 limit=40427 [ 288.780068][ T7240] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 288.788014][ T7240] IPv6: NLM_F_CREATE should be set when creating new route [ 289.075461][ T7245] fuse: Bad value for 'fd' [ 289.392434][ T7245] loop1: detected capacity change from 0 to 40427 [ 289.419114][ T7245] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 289.426949][ T7245] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 289.437132][ T7245] F2FS-fs (loop1): invalid crc value [ 289.475096][ T7245] F2FS-fs (loop1): Found nat_bits in checkpoint [ 289.563531][ T7245] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 289.570754][ T7245] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 292.436771][ T27] audit: type=1800 audit(1760237011.607:20): pid=7256 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.361" name="file1" dev="loop1" ino=10 res=0 errno=0 [ 292.457067][ C1] vkms_vblank_simulate: vblank timer overrun [ 292.528620][ T5798] syz-executor: attempt to access beyond end of device [ 292.528620][ T5798] loop1: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 292.663216][ T5798] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 293.085044][ T7262] loop0: detected capacity change from 0 to 64 [ 293.672156][ T7266] Cannot find add_set index 0 as target [ 293.711374][ T7264] loop3: detected capacity change from 0 to 4096 [ 293.761857][ T7264] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 296.398843][ T7289] snd_dummy snd_dummy.0: control 0:-3:0:syz0:0 is already present [ 297.021495][ T7292] fuse: Bad value for 'fd' [ 297.269980][ T7292] loop0: detected capacity change from 0 to 40427 [ 297.304179][ T7292] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 297.312039][ T7292] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 297.334584][ T7292] F2FS-fs (loop0): invalid crc value [ 297.371947][ T7292] F2FS-fs (loop0): Found nat_bits in checkpoint [ 297.482871][ T7292] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 297.490360][ T7292] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 300.426063][ T27] audit: type=1800 audit(1760237019.527:21): pid=7300 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.372" name="file1" dev="loop0" ino=10 res=0 errno=0 [ 300.475844][ T5791] syz-executor: attempt to access beyond end of device [ 300.475844][ T5791] loop0: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 300.501514][ T5791] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 303.271200][ T7326] fuse: Bad value for 'fd' [ 303.519010][ T7326] loop3: detected capacity change from 0 to 40427 [ 303.562434][ T7326] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 303.570354][ T7326] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 303.581141][ T7326] F2FS-fs (loop3): invalid crc value [ 303.679597][ T7326] F2FS-fs (loop3): Found nat_bits in checkpoint [ 303.771521][ T7324] sctp: failed to load transform for md5: -2 [ 303.795868][ T7326] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 303.803069][ T7326] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 306.125065][ T27] audit: type=1800 audit(1760237025.867:22): pid=7343 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.383" name="file1" dev="loop3" ino=10 res=0 errno=0 [ 306.471900][ T5792] syz-executor: attempt to access beyond end of device [ 306.471900][ T5792] loop3: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 306.497385][ T5792] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 306.520146][ T7345] netlink: 'syz.2.384': attribute type 1 has an invalid length. [ 308.969759][ T9] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 309.171131][ T9] usb 1-1: Using ep0 maxpacket: 8 [ 309.180651][ T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 309.212533][ T9] usb 1-1: config 0 has no interfaces? [ 309.231403][ T9] usb 1-1: New USB device found, idVendor=6d79, idProduct=4f80, bcdDevice=d7.15 [ 309.262716][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 309.294632][ T9] usb 1-1: Product: syz [ 309.308462][ T9] usb 1-1: Manufacturer: syz [ 309.313135][ T9] usb 1-1: SerialNumber: syz [ 309.353261][ T9] usb 1-1: config 0 descriptor?? [ 310.390145][ T7368] loop0: detected capacity change from 0 to 512 [ 312.149738][ T7368] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 312.329777][ T7368] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8802e02c, mo2=0002] [ 312.343478][ T7368] EXT4-fs (loop0): orphan cleanup on readonly fs [ 313.090472][ T7368] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm syz.0.386: bg 0: block 361: padding at end of block bitmap is not set [ 313.111714][ T7368] EXT4-fs (loop0): Remounting filesystem read-only [ 313.118816][ T7368] EXT4-fs (loop0): 1 truncate cleaned up [ 313.125916][ T7368] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 313.238027][ T5905] usb 1-1: USB disconnect, device number 3 [ 313.286229][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 314.986330][ T7386] loop3: detected capacity change from 0 to 1024 [ 315.003425][ T7386] hfsplus: unable to parse mount options [ 315.733895][ T5811] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 315.780472][ T7385] netlink: 'syz.3.392': attribute type 1 has an invalid length. [ 315.993693][ T7388] loop0: detected capacity change from 0 to 32768 [ 316.054235][ T7388] (syz.0.393,7388,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 316.069379][ T7388] (syz.0.393,7388,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 316.113076][ T7388] JBD2: Ignoring recovery information on journal [ 316.182044][ T7388] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 317.522679][ T1281] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.529171][ T1281] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.704946][ T7399] loop3: detected capacity change from 0 to 512 [ 317.798394][ T7399] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 321.055809][ T7423] input: syz1 as /devices/virtual/input/input5 [ 321.237835][ T7427] fuse: Bad value for 'fd' [ 321.257664][ T5791] ocfs2: Unmounting device (7,0) on (node local) [ 321.270661][ T7427] loop1: detected capacity change from 0 to 128 [ 322.361331][ T7437] netlink: 176 bytes leftover after parsing attributes in process `syz.0.405'. [ 322.446944][ T7440] fuse: Bad value for 'fd' [ 322.703682][ T7440] loop3: detected capacity change from 0 to 40427 [ 322.724083][ T7440] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 322.732002][ T7440] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 322.745189][ T7440] F2FS-fs (loop3): invalid crc value [ 322.799515][ T7440] F2FS-fs (loop3): Found nat_bits in checkpoint [ 322.865638][ T7440] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 322.872815][ T7440] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 325.740378][ T27] audit: type=1800 audit(1760237044.907:23): pid=7448 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.408" name="file1" dev="loop3" ino=10 res=0 errno=0 [ 325.797531][ T5792] syz-executor: attempt to access beyond end of device [ 325.797531][ T5792] loop3: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 325.837352][ T5792] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 327.386815][ T7468] loop0: detected capacity change from 0 to 512 [ 327.726896][ T7468] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1) [ 328.728068][ T7465] loop2: detected capacity change from 0 to 32768 [ 329.454497][ T7465] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 329.476659][ T7476] loop0: detected capacity change from 0 to 4096 [ 329.596484][ T7485] loop1: detected capacity change from 0 to 16 [ 329.615817][ T7486] fuse: Bad value for 'fd' [ 329.639839][ T7485] erofs: (device loop1): mounted with root inode @ nid 36. [ 329.834961][ T7465] XFS (loop2): Ending clean mount [ 329.881856][ T7465] XFS (loop2): Quotacheck needed: Please wait. [ 329.987843][ T7486] loop3: detected capacity change from 0 to 40427 [ 329.996720][ T7486] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 330.004637][ T7486] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 330.019545][ T7486] F2FS-fs (loop3): invalid crc value [ 330.057879][ T7486] F2FS-fs (loop3): Found nat_bits in checkpoint [ 330.119557][ T7486] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 330.126670][ T7486] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 330.198592][ T7465] XFS (loop2): Quotacheck: Done. [ 331.588035][ T27] audit: type=1800 audit(1760237052.247:24): pid=7495 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.419" name="file1" dev="loop3" ino=10 res=0 errno=0 [ 331.633520][ T5790] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 332.059791][ T1072] kworker/u4:6: attempt to access beyond end of device [ 332.059791][ T1072] loop3: rw=1, sector=77824, nr_sectors = 2048 limit=40427 [ 332.092198][ T1072] kworker/u4:6: attempt to access beyond end of device [ 332.092198][ T1072] loop3: rw=1, sector=79872, nr_sectors = 2048 limit=40427 [ 332.117577][ T1072] kworker/u4:6: attempt to access beyond end of device [ 332.117577][ T1072] loop3: rw=1, sector=49152, nr_sectors = 2056 limit=40427 [ 332.250942][ T7505] loop0: detected capacity change from 0 to 1024 [ 332.265249][ T7505] hfsplus: unable to parse mount options [ 332.348554][ T2133] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 332.399946][ T7505] netlink: 'syz.0.425': attribute type 1 has an invalid length. [ 332.602308][ T1072] kworker/u4:6: attempt to access beyond end of device [ 332.602308][ T1072] loop3: rw=1, sector=51208, nr_sectors = 2040 limit=40427 [ 332.762067][ T2133] usb 2-1: config index 0 descriptor too short (expected 23569, got 27) [ 332.790799][ T2133] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 332.827805][ T1072] kworker/u4:6: attempt to access beyond end of device [ 332.827805][ T1072] loop3: rw=1, sector=57344, nr_sectors = 2056 limit=40427 [ 332.865350][ T2133] usb 2-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 332.866865][ T1072] kworker/u4:6: attempt to access beyond end of device [ 332.866865][ T1072] loop3: rw=1, sector=59400, nr_sectors = 1408 limit=40427 [ 332.921115][ T2133] usb 2-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 332.951503][ T2133] usb 2-1: Manufacturer: syz [ 332.994832][ T2133] usb 2-1: config 0 descriptor?? [ 333.228590][ T2133] rc_core: IR keymap rc-hauppauge not found [ 333.236580][ T2133] Registered IR keymap rc-empty [ 333.254318][ T2133] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0 [ 333.419224][ T2133] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input6 [ 333.804514][ C1] igorplugusb 2-1:0.0: Error: urb status = -32 [ 333.872448][ T2133] usb 2-1: USB disconnect, device number 2 [ 335.939876][ T7523] ntfs3: nullb0: Primary boot signature is not NTFS. [ 335.947947][ T7523] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00 [ 336.350131][ T7528] loop2: detected capacity change from 0 to 16 [ 336.385514][ T7528] erofs: (device loop2): mounted with root inode @ nid 36. [ 336.593379][ T7526] loop1: detected capacity change from 0 to 4096 [ 336.680829][ T7534] fuse: Bad value for 'fd' [ 337.067389][ T7534] loop3: detected capacity change from 0 to 40427 [ 337.098928][ T7534] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 337.106798][ T7534] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 337.120367][ T7534] F2FS-fs (loop3): invalid crc value [ 338.101569][ T7534] F2FS-fs (loop3): Found nat_bits in checkpoint [ 338.394520][ T7534] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 338.401935][ T7534] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 338.809623][ T7551] loop0: detected capacity change from 0 to 64 [ 340.126218][ T27] audit: type=1800 audit(1760237060.897:25): pid=7556 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.434" name="file1" dev="loop3" ino=10 res=0 errno=0 [ 341.687208][ T5792] syz-executor: attempt to access beyond end of device [ 341.687208][ T5792] loop3: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 341.738372][ T5792] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 343.603693][ T7570] loop0: detected capacity change from 0 to 16 [ 343.652255][ T7570] erofs: (device loop0): mounted with root inode @ nid 36. [ 344.042876][ T7572] loop2: detected capacity change from 0 to 4096 [ 344.068275][ T7572] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 344.277882][ T7572] ntfs3: loop2: Failed to initialize $Extend/$Reparse. [ 345.863272][ T5790] ntfs3: loop2: ino=1a, ntfs_sync_fs failed, -22. [ 346.130578][ T7592] loop2: detected capacity change from 0 to 64 [ 346.604600][ T7594] loop3: detected capacity change from 0 to 4096 [ 346.612936][ T7595] Cannot find add_set index 0 as target [ 346.705357][ T7597] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 349.025948][ T7612] loop3: detected capacity change from 0 to 16 [ 349.068761][ T7612] erofs: (device loop3): mounted with root inode @ nid 36. [ 350.290922][ T7626] loop0: detected capacity change from 0 to 64 [ 350.315230][ T7627] loop3: detected capacity change from 0 to 4096 [ 350.427962][ T7630] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 351.236669][ T7619] loop1: detected capacity change from 0 to 32768 [ 351.382981][ T7619] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 351.638485][ T7632] Cannot find add_set index 0 as target [ 351.711936][ T7619] XFS (loop1): Ending clean mount [ 351.757056][ T7619] XFS (loop1): Quotacheck needed: Please wait. [ 351.934197][ T7619] XFS (loop1): Quotacheck: Done. [ 352.577257][ T7655] tmpfs: Bad value for 'mpol' [ 353.039477][ T5798] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 353.243299][ T7661] loop0: detected capacity change from 0 to 4096 [ 353.405866][ T7661] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 356.382043][ T7685] loop2: detected capacity change from 0 to 128 [ 356.587065][ T7688] loop3: detected capacity change from 0 to 64 [ 356.611303][ T7685] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 356.646943][ T7685] hpfs: filesystem error: improperly stopped [ 356.663580][ T7685] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 356.680330][ T7685] hpfs: You really don't want any checks? You are crazy... [ 356.694680][ T7685] hpfs: hpfs_map_sector(): read error [ 356.705308][ T7685] hpfs: code page support is disabled [ 356.741064][ T7685] hpfs: hpfs_map_4sectors(): unaligned read [ 356.784469][ T7685] hpfs: hpfs_map_4sectors(): unaligned read [ 356.800718][ T7685] hpfs: filesystem error: unable to find root dir [ 357.100585][ T7690] Cannot find add_set index 0 as target [ 357.663325][ T7692] hpfs: hpfs_map_4sectors(): unaligned read [ 359.963399][ T7714] loop2: detected capacity change from 0 to 256 [ 360.000015][ T7714] exfat: Deprecated parameter 'namecase' [ 360.027687][ T7714] exfat: Deprecated parameter 'utf8' [ 360.079755][ T7714] exfat: Deprecated parameter 'namecase' [ 360.085872][ T7714] exfat: Deprecated parameter 'utf8' [ 360.124885][ T7714] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012153, chksum : 0x555ffa9e, utbl_chksum : 0xe619d30d) [ 360.589991][ T7720] fuse: Bad value for 'fd' [ 360.832761][ T7720] loop1: detected capacity change from 0 to 40427 [ 360.872341][ T7720] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 360.880450][ T7720] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 360.893840][ T7720] F2FS-fs (loop1): invalid crc value [ 360.931087][ T7720] F2FS-fs (loop1): Found nat_bits in checkpoint [ 361.028028][ T7720] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 361.035240][ T7720] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 363.608631][ T27] audit: type=1800 audit(1760237083.087:26): pid=7730 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.483" name="file1" dev="loop1" ino=10 res=0 errno=0 [ 363.926159][ T5798] syz-executor: attempt to access beyond end of device [ 363.926159][ T5798] loop1: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 363.970516][ T5798] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 367.488010][ T7751] loop1: detected capacity change from 0 to 16 [ 367.511795][ T7751] erofs: (device loop1): mounted with root inode @ nid 36. [ 367.794183][ T7755] batadv_slave_1: entered promiscuous mode [ 367.849488][ T7754] batadv_slave_1: left promiscuous mode [ 371.036975][ T7784] comedi comedi3: Buffer allocation failed [ 371.236786][ T7786] lo speed is unknown, defaulting to 1000 [ 371.243532][ T7786] lo speed is unknown, defaulting to 1000 [ 371.271288][ T7786] lo speed is unknown, defaulting to 1000 [ 371.319792][ T7786] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 371.397640][ T7786] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 371.839117][ T7786] lo speed is unknown, defaulting to 1000 [ 371.847906][ T7786] lo speed is unknown, defaulting to 1000 [ 371.855409][ T7786] lo speed is unknown, defaulting to 1000 [ 371.864177][ T7786] lo speed is unknown, defaulting to 1000 [ 372.137104][ T7791] loop0: detected capacity change from 0 to 16 [ 372.157259][ T7791] erofs: (device loop0): mounted with root inode @ nid 36. [ 372.309899][ T7789] loop1: detected capacity change from 0 to 4096 [ 372.346933][ T7789] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 372.676915][ T7798] loop0: detected capacity change from 0 to 256 [ 372.721796][ T7798] exfat: Deprecated parameter 'namecase' [ 372.775678][ T7798] exfat: Deprecated parameter 'utf8' [ 372.808362][ T7798] exfat: Deprecated parameter 'namecase' [ 372.844029][ T7798] exfat: Deprecated parameter 'utf8' [ 372.926555][ T7798] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012153, chksum : 0x555ffa9e, utbl_chksum : 0xe619d30d) [ 375.768668][ T7814] loop0: detected capacity change from 0 to 4096 [ 376.061089][ T7823] loop1: detected capacity change from 0 to 16 [ 376.069094][ T7814] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 376.144225][ T7824] dlm: no local IP address has been set [ 376.150460][ T7824] dlm: cannot start dlm midcomms -107 [ 376.729821][ T7823] erofs: (device loop1): mounted with root inode @ nid 36. [ 376.825004][ T7814] ntfs3: loop0: Failed to load $Extend (-22). [ 376.876251][ T7814] ntfs3: loop0: Failed to initialize $Extend. [ 378.105187][ T7843] siw: device registration error -23 [ 379.274517][ T1281] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.281156][ T1281] ieee802154 phy1 wpan1: encryption failed: -22 [ 380.518638][ T7863] dlm: no local IP address has been set [ 380.524434][ T7863] dlm: cannot start dlm midcomms -107 [ 381.127665][ T7866] loop3: detected capacity change from 0 to 256 [ 383.979388][ T7896] loop3: detected capacity change from 0 to 128 [ 384.033973][ T7896] qnx6: superblock #1 checksum error [ 385.963816][ T7919] loop3: detected capacity change from 0 to 256 [ 386.320287][ T7919] exfat: Bad value for 'uid' [ 387.064937][ T5810] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 388.136409][ T7919] mac80211_hwsim hwsim7 wlan0: entered promiscuous mode [ 388.174636][ T7919] macsec1: entered promiscuous mode [ 388.183858][ T7919] macsec1: entered allmulticast mode [ 388.196171][ T7919] mac80211_hwsim hwsim7 wlan0: entered allmulticast mode [ 389.099125][ T7943] loop2: detected capacity change from 0 to 128 [ 389.141536][ T7943] qnx6: superblock #1 checksum error [ 389.953847][ T7942] loop0: detected capacity change from 0 to 32768 [ 389.982038][ T7942] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.544 (7942) [ 390.110880][ T7942] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 390.418782][ T7942] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 390.605770][ T7942] BTRFS info (device loop0): force clearing of disk cache [ 390.738607][ T7942] BTRFS info (device loop0): enabling auto defrag [ 390.745219][ T7942] BTRFS info (device loop0): enabling ssd optimizations [ 390.805942][ T7942] BTRFS info (device loop0): max_inline at 0 [ 390.832786][ T7942] BTRFS info (device loop0): enabling disk space caching [ 390.840086][ T7942] BTRFS info (device loop0): disk space caching is enabled [ 391.142752][ T7942] BTRFS info (device loop0): rebuilding free space tree [ 391.869816][ T7942] BTRFS info (device loop0): disabling free space tree [ 391.941248][ T7942] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 391.951629][ T7942] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 392.156665][ T5791] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 394.183902][ T6023] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 395.218851][ T6023] usb 4-1: Using ep0 maxpacket: 16 [ 395.238227][ T6023] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 395.270229][ T6023] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 395.328308][ T6023] usb 4-1: config 0 interface 0 has no altsetting 0 [ 395.354491][ T6023] usb 4-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00 [ 395.382890][ T6023] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 395.399075][ T6023] usb 4-1: config 0 descriptor?? [ 396.458402][ T8020] loop1: detected capacity change from 0 to 2048 [ 396.498840][ T6023] usbhid 4-1:0.0: can't add hid device: -71 [ 396.514039][ T8020] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 396.516109][ T6023] usbhid: probe of 4-1:0.0 failed with error -71 [ 396.603787][ T6023] usb 4-1: USB disconnect, device number 4 [ 398.607167][ T8029] loop0: detected capacity change from 0 to 40427 [ 398.640888][ T8029] F2FS-fs (loop0): build fault injection attr: rate: 14, type: 0x7ffff [ 399.805875][ T8051] lo speed is unknown, defaulting to 1000 [ 399.891236][ T8053] loop0: detected capacity change from 0 to 4096 [ 400.118403][ T8057] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 400.647267][ T8065] loop2: detected capacity change from 0 to 64 [ 400.738337][ T23] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 401.003922][ T23] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 401.078439][ T23] usb 4-1: New USB device found, idVendor=1e7d, idProduct=3264, bcdDevice= 0.00 [ 401.288544][ T8070] Cannot find add_set index 0 as target [ 401.708270][ T23] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 401.765893][ T23] usb 4-1: config 0 descriptor?? [ 402.331074][ T23] isku 0003:1E7D:3264.0001: item 0 1 0 9 parsing failed [ 402.339933][ T23] isku 0003:1E7D:3264.0001: parse failed [ 402.345707][ T23] isku: probe of 0003:1E7D:3264.0001 failed with error -22 [ 403.110487][ T23] usb 4-1: USB disconnect, device number 5 [ 404.429721][ T8098] loop3: detected capacity change from 0 to 4096 [ 404.506456][ T8101] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 404.798313][ T23] usb 3-1: new full-speed USB device number 5 using dummy_hcd [ 405.000170][ T23] usb 3-1: config 0 has an invalid interface number: 41 but max is 0 [ 405.046939][ T23] usb 3-1: config 0 has no interface number 0 [ 405.069782][ T23] usb 3-1: config 0 interface 41 has no altsetting 0 [ 405.140297][ T23] usb 3-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 405.517742][ T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 405.560350][ T23] usb 3-1: Product: syz [ 405.564618][ T23] usb 3-1: Manufacturer: syz [ 405.575321][ T23] usb 3-1: SerialNumber: syz [ 405.594171][ T23] usb 3-1: config 0 descriptor?? [ 406.999117][ T23] CoreChips: probe of 3-1:0.41 failed with error -71 [ 407.015537][ T23] usb 3-1: USB disconnect, device number 5 [ 407.313509][ T8114] fuse: Bad value for 'fd' [ 407.586463][ T8114] loop2: detected capacity change from 0 to 40427 [ 407.645465][ T8114] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 407.654311][ T8114] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 407.665414][ T8114] F2FS-fs (loop2): invalid crc value [ 407.699381][ T8114] F2FS-fs (loop2): Found nat_bits in checkpoint [ 407.775566][ T8114] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 407.782730][ T8114] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 411.042170][ T27] audit: type=1800 audit(1760237129.817:27): pid=8121 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.591" name="file1" dev="loop2" ino=10 res=0 errno=0 [ 411.092214][ T5790] syz-executor: attempt to access beyond end of device [ 411.092214][ T5790] loop2: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 411.148438][ T5790] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 411.504326][ T8123] fuse: Bad value for 'fd' [ 411.782660][ T8123] loop0: detected capacity change from 0 to 40427 [ 411.821322][ T8123] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 411.829315][ T8123] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 411.843415][ T8123] F2FS-fs (loop0): invalid crc value [ 411.940109][ T8123] F2FS-fs (loop0): Found nat_bits in checkpoint [ 412.039736][ T8123] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 412.046859][ T8123] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 414.128369][ T27] audit: type=1800 audit(1760237134.137:28): pid=8131 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.601" name="file1" dev="loop0" ino=10 res=0 errno=0 [ 415.431288][ T5791] syz-executor: attempt to access beyond end of device [ 415.431288][ T5791] loop0: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 415.488370][ T5791] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 418.706431][ T8143] loop2: detected capacity change from 0 to 4096 [ 419.461002][ T8153] vlan0: entered promiscuous mode [ 419.894856][ T8141] loop3: detected capacity change from 0 to 32768 [ 419.943067][ T8141] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop3 scanned by syz.3.597 (8141) [ 420.022291][ T8141] BTRFS info (device loop3): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 420.048352][ T8141] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 420.057148][ T8141] BTRFS info (device loop3): enabling auto defrag [ 420.074056][ T8141] BTRFS info (device loop3): enabling ssd optimizations [ 420.154512][ T8141] BTRFS info (device loop3): max_inline at 0 [ 420.188240][ T8141] BTRFS info (device loop3): using free space tree [ 420.524935][ T8141] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR [ 420.527856][ T8141] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR [ 420.639132][ T8141] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR [ 420.699467][ T8141] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR [ 420.742015][ T8141] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR [ 420.795101][ T8141] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR [ 420.849804][ T8141] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR [ 420.904330][ T8141] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR [ 420.978545][ T8141] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR [ 421.015223][ T8141] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR [ 421.120348][ T8141] BTRFS error (device loop3): open_ctree failed: -12 [ 421.189322][ T50] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 421.202231][ T50] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 421.211549][ T50] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 421.220814][ T50] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 421.229027][ T50] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 421.236485][ T50] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 421.456105][ T8174] loop0: detected capacity change from 0 to 512 [ 421.490141][ T8168] lo speed is unknown, defaulting to 1000 [ 421.531561][ T8174] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 421.566361][ T8174] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 421.596874][ T5810] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop3 scanned by udevd (5810) [ 421.618697][ T8174] System zones: 0-1, 15-15, 18-18, 34-34 [ 421.624837][ T8174] EXT4-fs (loop0): orphan cleanup on readonly fs [ 421.631913][ T8174] Quota error (device loop0): v2_read_header: Failed header read: expected=8 got=0 [ 421.643161][ T8174] EXT4-fs warning (device loop0): ext4_enable_quotas:7175: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 421.658629][ T8174] EXT4-fs (loop0): Cannot turn on quotas: error -22 [ 421.701603][ T8174] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm syz.0.609: bg 0: block 40: padding at end of block bitmap is not set [ 421.825747][ T8174] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6637: Corrupt filesystem [ 421.890725][ T8174] EXT4-fs (loop0): 1 truncate cleaned up [ 421.989204][ T8174] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 422.075881][ T8186] fuse: Bad value for 'fd' [ 422.623856][ T8174] EXT4-fs error (device loop0): ext4_encrypted_get_link:46: inode #16: comm syz.0.609: bad symlink. [ 422.699578][ T8188] EXT4-fs error (device loop0): ext4_encrypted_get_link:46: inode #16: comm syz.0.609: bad symlink. [ 423.288544][ T50] Bluetooth: hci4: command tx timeout [ 423.346615][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 424.273849][ T8168] chnl_net:caif_netlink_parms(): no params data found [ 424.562395][ T8092] Set syz1 is full, maxelem 65536 reached [ 425.368340][ T50] Bluetooth: hci4: command tx timeout [ 426.123145][ T8168] bridge0: port 1(bridge_slave_0) entered blocking state [ 426.138383][ T8168] bridge0: port 1(bridge_slave_0) entered disabled state [ 426.145683][ T8168] bridge_slave_0: entered allmulticast mode [ 426.162770][ T8168] bridge_slave_0: entered promiscuous mode [ 426.175807][ T8211] loop2: detected capacity change from 0 to 128 [ 426.218955][ T8168] bridge0: port 2(bridge_slave_1) entered blocking state [ 426.258393][ T8168] bridge0: port 2(bridge_slave_1) entered disabled state [ 426.281191][ T8168] bridge_slave_1: entered allmulticast mode [ 426.292086][ T8211] hpfs: hpfs_map_sector(): read error [ 426.306476][ T8211] hpfs: filesystem error: can't load hotfix map; already mounted read-only [ 426.339947][ T8168] bridge_slave_1: entered promiscuous mode [ 426.454929][ T8211] hpfs: hpfs_map_sector(): read error [ 426.492562][ T8203] loop3: detected capacity change from 0 to 32768 [ 426.534263][ T8203] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 426.543026][ T8168] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 426.563188][ T8168] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 426.641932][ T5905] kernel read not supported for file /dsp1 (pid: 5905 comm: kworker/1:8) [ 426.715012][ T8203] XFS (loop3): Ending clean mount [ 426.800635][ T8210] process 'syz.2.611' launched './file0' with NULL argv: empty string added [ 426.858308][ T27] audit: type=1800 audit(1760237148.617:29): pid=8203 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.610" name="file1" dev="loop3" ino=4422 res=0 errno=0 [ 427.225925][ T8168] team0: Port device team_slave_0 added [ 427.472972][ T50] Bluetooth: hci4: command tx timeout [ 427.497397][ T50] Bluetooth: hci2: Malformed LE Event: 0x0d [ 427.998506][ T8168] team0: Port device team_slave_1 added [ 428.365090][ T58] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 428.422715][ T8168] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 428.453201][ T8237] loop2: detected capacity change from 0 to 4096 [ 428.459790][ T8168] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 428.487492][ T8168] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 428.554368][ T8238] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 428.580520][ T58] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 428.634913][ T8168] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 428.801456][ T8168] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 428.839830][ T8168] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 429.246503][ T58] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 429.518436][ T50] Bluetooth: hci4: command tx timeout [ 430.030233][ T58] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 430.106447][ T8242] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 430.152953][ T8168] hsr_slave_0: entered promiscuous mode [ 430.165684][ T5792] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 430.197504][ T8168] hsr_slave_1: entered promiscuous mode [ 430.239611][ T8168] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 430.276524][ T8168] Cannot create hsr debugfs directory [ 430.293669][ T8235] loop0: detected capacity change from 0 to 32768 [ 430.359344][ T8235] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.615 (8235) [ 430.500159][ T8235] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 430.528453][ T8235] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 430.546759][ T8235] BTRFS info (device loop0): enabling auto defrag [ 430.574717][ T8235] BTRFS info (device loop0): using free space tree [ 430.821550][ T8235] BTRFS info (device loop0): enabling ssd optimizations [ 430.861617][ T8235] BTRFS info (device loop0): auto enabling async discard [ 431.952382][ T5791] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 433.074296][ T5810] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 10 /dev/loop0 scanned by udevd (5810) [ 434.121876][ T8168] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 434.192313][ T8271] loop2: detected capacity change from 0 to 32768 [ 434.345082][ T8271] XFS (loop2): DAX unsupported by block device. Turning off DAX. [ 434.397629][ T8271] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 434.485093][ T8168] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 434.638546][ T8168] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 434.665442][ T8168] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 434.774683][ T8271] XFS (loop2): Ending clean mount [ 434.835756][ T8271] XFS (loop2): Quotacheck needed: Please wait. [ 435.128891][ T8271] XFS (loop2): Quotacheck: Done. [ 435.196565][ T5790] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 436.611816][ T8168] 8021q: adding VLAN 0 to HW filter on device bond0 [ 437.883396][ T8168] 8021q: adding VLAN 0 to HW filter on device team0 [ 437.949555][ T8345] loop0: detected capacity change from 0 to 256 [ 437.956940][ T8345] exfat: Unknown parameter 'zero_size_dir' [ 438.635912][ T58] hsr_slave_0: left promiscuous mode [ 438.644707][ T58] hsr_slave_1: left promiscuous mode [ 438.670898][ T5810] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 438.724520][ T58] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 438.732974][ T58] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 438.756286][ T58] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 438.787772][ T58] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 438.849049][ T58] bridge_slave_1: left allmulticast mode [ 438.854775][ T58] bridge_slave_1: left promiscuous mode [ 438.921076][ T58] bridge0: port 2(bridge_slave_1) entered disabled state [ 438.990683][ T58] bridge_slave_0: left allmulticast mode [ 439.000030][ T58] bridge_slave_0: left promiscuous mode [ 439.005867][ T58] bridge0: port 1(bridge_slave_0) entered disabled state [ 439.672567][ T58] veth1_macvtap: left promiscuous mode [ 439.695682][ T58] veth0_macvtap: left promiscuous mode [ 439.704430][ T58] veth1_vlan: left promiscuous mode [ 439.716918][ T58] veth0_vlan: left promiscuous mode [ 440.405259][ T1281] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.411832][ T1281] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.510470][ T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 440.563839][ T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 440.970838][ T58] bond0 (unregistering): Released all slaves [ 441.076186][ T126] bridge0: port 1(bridge_slave_0) entered blocking state [ 441.083454][ T126] bridge0: port 1(bridge_slave_0) entered forwarding state [ 441.203839][ T126] bridge0: port 2(bridge_slave_1) entered blocking state [ 441.211081][ T126] bridge0: port 2(bridge_slave_1) entered forwarding state [ 441.385225][ T8168] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 441.407194][ T8168] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 441.431427][ T8368] netlink: 12 bytes leftover after parsing attributes in process `syz.2.635'. [ 442.411617][ T8364] loop3: detected capacity change from 0 to 128 [ 442.428827][ T8364] hpfs: hpfs_map_sector(): read error [ 442.434369][ T8364] hpfs: filesystem error: can't load hotfix map; already mounted read-only [ 442.447397][ T8364] hpfs: hpfs_map_sector(): read error [ 442.548437][ T5810] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 442.838697][ T5905] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 442.877786][ T8168] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 443.031623][ T5905] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 443.051366][ T5905] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 443.099930][ T5905] usb 1-1: config 0 descriptor?? [ 443.122739][ T5905] cp210x 1-1:0.0: cp210x converter detected [ 444.312494][ T5905] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 444.375589][ T5905] usb 1-1: cp210x converter now attached to ttyUSB0 [ 444.543133][ T787] usb 1-1: USB disconnect, device number 4 [ 444.589226][ T787] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 444.634694][ T787] cp210x 1-1:0.0: device disconnected [ 445.051205][ T8168] veth0_vlan: entered promiscuous mode [ 445.126475][ T8168] veth1_vlan: entered promiscuous mode [ 445.169211][ T8390] loop2: detected capacity change from 0 to 32768 [ 445.239838][ T8390] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 445.322239][ T8168] veth0_macvtap: entered promiscuous mode [ 445.344153][ T8417] loop0: detected capacity change from 0 to 4096 [ 445.381425][ T8168] veth1_macvtap: entered promiscuous mode [ 445.403851][ T8390] XFS (loop2): Ending clean mount [ 445.462518][ T8426] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 445.490777][ T8168] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 445.607496][ T8168] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 445.652823][ T27] audit: type=1800 audit(1760237167.417:30): pid=8428 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.639" name="file1" dev="loop2" ino=4422 res=0 errno=0 [ 445.676432][ T8168] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 445.723958][ T8168] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 445.738348][ T8168] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 445.750147][ T8168] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 445.763579][ T8168] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 446.615082][ T8168] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 446.658658][ T8168] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 446.719170][ T8168] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 446.773544][ T8168] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 446.821557][ T8168] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 446.850163][ T8438] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 446.876950][ T8168] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 446.923052][ T8168] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 446.998982][ T8168] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 447.051607][ T8168] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 447.078207][ T8168] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 447.111369][ T8168] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 447.138741][ T5984] libceph: connect (1)[c::]:6789 error -101 [ 447.145547][ T5984] libceph: mon0 (1)[c::]:6789 connect error [ 447.262912][ T5790] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 447.452696][ T8442] ceph: No mds server is up or the cluster is laggy [ 447.490688][ T787] libceph: connect (1)[c::]:6789 error -101 [ 447.500185][ T787] libceph: mon0 (1)[c::]:6789 connect error [ 448.835341][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 448.847463][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 449.167988][ T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 449.199152][ T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 449.779678][ T8465] loop4: detected capacity change from 0 to 512 [ 449.992203][ T8465] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 450.403583][ T8465] EXT4-fs (loop4): 1 truncate cleaned up [ 450.432131][ T8465] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 450.620248][ T8473] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 275: padding at end of block bitmap is not set [ 451.534794][ T8168] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 453.228527][ T8496] netlink: 8 bytes leftover after parsing attributes in process `syz.4.657'. [ 453.267164][ T8496] netlink: 8 bytes leftover after parsing attributes in process `syz.4.657'. [ 454.129516][ T8485] loop3: detected capacity change from 0 to 32768 [ 455.327963][ T8505] loop4: detected capacity change from 0 to 32768 [ 455.771591][ T8505] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 456.275385][ T8551] loop0: detected capacity change from 0 to 512 [ 456.297971][ T8505] XFS (loop4): Ending clean mount [ 456.372400][ T8551] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 456.387914][ T8505] XFS (loop4): Quotacheck needed: Please wait. [ 456.449975][ T8551] EXT4-fs (loop0): orphan cleanup on readonly fs [ 456.465300][ T8551] EXT4-fs warning (device loop0): ext4_enable_quotas:7175: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 456.559373][ T8522] loop2: detected capacity change from 0 to 32768 [ 456.594131][ T8551] EXT4-fs (loop0): Cannot turn on quotas: error -22 [ 456.634601][ T8522] BTRFS info (device loop2): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 456.653434][ T8505] XFS (loop4): Quotacheck: Done. [ 456.661755][ T8551] EXT4-fs error (device loop0): ext4_orphan_get:1399: inode #16: comm syz.0.667: iget: immutable or append flags not allowed on symlinks [ 456.689947][ T8522] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 456.708347][ T8551] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.667: couldn't read orphan inode 16 (err -117) [ 456.735826][ T8557] comedi comedi4: bad chanlist[0]=0x00000010 chan=16 range length=2 [ 456.748429][ T8522] BTRFS info (device loop2): enabling auto defrag [ 456.755392][ T8522] BTRFS info (device loop2): enabling ssd optimizations [ 456.765232][ T8168] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 456.774937][ T8522] BTRFS info (device loop2): max_inline at 0 [ 456.782391][ T8551] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 456.830336][ T8522] BTRFS info (device loop2): using free space tree [ 458.114615][ T8522] BTRFS error (device loop2): open_ctree failed: -4 [ 458.188264][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 459.577667][ T8596] loop0: detected capacity change from 0 to 32768 [ 460.122227][ T8596] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 460.620733][ T8596] XFS (loop0): Ending clean mount [ 460.996746][ T8633] dlm: no local IP address has been set [ 461.046885][ T8633] dlm: cannot start dlm midcomms -107 [ 461.893340][ T8641] 9pnet: Found fid 0 not clunked [ 461.972504][ T5791] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 462.072610][ T8645] netlink: 8 bytes leftover after parsing attributes in process `syz.4.682'. [ 465.490748][ T8665] loop0: detected capacity change from 0 to 32768 [ 465.585627][ T8665] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 465.852261][ T8665] XFS (loop0): Ending clean mount [ 465.944946][ T8665] XFS (loop0): Quotacheck needed: Please wait. [ 466.090478][ T8665] XFS (loop0): Quotacheck: Done. [ 466.649904][ T8665] XFS (loop0): User initiated shutdown received. [ 466.668532][ T8665] XFS (loop0): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0x105/0x150 (fs/xfs/xfs_fsops.c:491). Shutting down filesystem. [ 466.699971][ T8665] XFS (loop0): Please unmount the filesystem and rectify the problem(s) [ 466.710129][ T8722] fuse: Bad value for 'fd' [ 466.847034][ T8695] loop2: detected capacity change from 0 to 32768 [ 466.942613][ T5791] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 466.986136][ T8695] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 467.091643][ T8722] loop4: detected capacity change from 0 to 40427 [ 467.101274][ T8722] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 467.109270][ T8722] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 467.133454][ T8695] XFS (loop2): Ending clean mount [ 467.142293][ T8722] F2FS-fs (loop4): invalid crc value [ 467.176050][ T8722] F2FS-fs (loop4): Found nat_bits in checkpoint [ 467.270662][ T8722] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 467.277786][ T8722] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 468.490551][ T27] audit: type=1800 audit(1760761477.409:31): pid=8745 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.695" name="file1" dev="loop4" ino=10 res=0 errno=0 [ 468.944368][ T8749] loop3: detected capacity change from 0 to 4096 [ 468.990363][ T8749] NILFS (loop3): invalid segment: Checksum error in segment payload [ 469.012840][ T8749] NILFS (loop3): trying rollback from an earlier position [ 469.036100][ T5790] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 469.075073][ T11] kworker/u4:0: attempt to access beyond end of device [ 469.075073][ T11] loop4: rw=1, sector=77824, nr_sectors = 2072 limit=40427 [ 469.080732][ T8749] NILFS (loop3): recovery complete [ 469.116636][ T8755] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 469.197367][ T11] kworker/u4:0: attempt to access beyond end of device [ 469.197367][ T11] loop4: rw=1, sector=79896, nr_sectors = 2024 limit=40427 [ 469.322857][ T11] kworker/u4:0: attempt to access beyond end of device [ 469.322857][ T11] loop4: rw=1, sector=49152, nr_sectors = 2048 limit=40427 [ 469.410376][ T11] kworker/u4:0: attempt to access beyond end of device [ 469.410376][ T11] loop4: rw=1, sector=51200, nr_sectors = 1424 limit=40427 [ 469.855172][ T8763] loop2: detected capacity change from 0 to 4096 [ 469.968551][ T8771] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 472.615839][ T8796] comedi comedi3: Buffer allocation failed [ 473.925521][ T8815] fuse: Bad value for 'fd' [ 474.227034][ T8815] loop4: detected capacity change from 0 to 40427 [ 474.264817][ T8815] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 474.272722][ T8815] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 474.321390][ T8815] F2FS-fs (loop4): invalid crc value [ 474.370248][ T8819] loop3: detected capacity change from 0 to 4096 [ 474.376720][ T8815] F2FS-fs (loop4): Found nat_bits in checkpoint [ 474.449552][ T8815] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 474.456724][ T8815] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 474.627020][ T27] audit: type=1800 audit(1760761484.379:32): pid=8815 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.708" name="file1" dev="loop4" ino=10 res=0 errno=0 [ 474.925078][ T8827] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 475.169712][ T1107] kworker/u4:8: attempt to access beyond end of device [ 475.169712][ T1107] loop4: rw=1, sector=77824, nr_sectors = 2064 limit=40427 [ 475.247877][ T1107] kworker/u4:8: attempt to access beyond end of device [ 475.247877][ T1107] loop4: rw=1, sector=79888, nr_sectors = 2032 limit=40427 [ 475.426676][ T1107] kworker/u4:8: attempt to access beyond end of device [ 475.426676][ T1107] loop4: rw=1, sector=49152, nr_sectors = 1560 limit=40427 [ 477.224468][ T8856] loop2: detected capacity change from 0 to 64 [ 477.429586][ T9] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 477.880337][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 477.937434][ T9] usb 4-1: New USB device found, idVendor=13ec, idProduct=0006, bcdDevice= 0.00 [ 478.132650][ T8868] fuse: Bad value for 'fd' [ 478.188224][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 478.200582][ T9] usb 4-1: config 0 descriptor?? [ 478.523742][ T8868] loop2: detected capacity change from 0 to 40427 [ 478.532145][ T8868] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 478.540041][ T8868] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 478.552146][ T8868] F2FS-fs (loop2): invalid crc value [ 478.591111][ T8868] F2FS-fs (loop2): Found nat_bits in checkpoint [ 478.650646][ T8868] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 478.657766][ T8868] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 478.690083][ T9] zydacron 0003:13EC:0006.0002: report_id 0 is invalid [ 478.735768][ T9] zydacron 0003:13EC:0006.0002: item 0 0 1 8 parsing failed [ 478.777093][ T9] zydacron 0003:13EC:0006.0002: parse failed [ 478.824635][ T9] zydacron: probe of 0003:13EC:0006.0002 failed with error -22 [ 478.903573][ T27] audit: type=1800 audit(1760761488.659:33): pid=8868 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.721" name="file1" dev="loop2" ino=10 res=0 errno=0 [ 478.948442][ T9] usb 4-1: USB disconnect, device number 6 [ 479.556860][ T1072] kworker/u4:6: attempt to access beyond end of device [ 479.556860][ T1072] loop2: rw=1, sector=77824, nr_sectors = 2064 limit=40427 [ 479.594992][ T1072] kworker/u4:6: attempt to access beyond end of device [ 479.594992][ T1072] loop2: rw=1, sector=79888, nr_sectors = 2032 limit=40427 [ 479.627634][ T8888] loop0: detected capacity change from 0 to 4096 [ 479.633847][ T1072] kworker/u4:6: attempt to access beyond end of device [ 479.633847][ T1072] loop2: rw=1, sector=49152, nr_sectors = 424 limit=40427 [ 479.743151][ T5810] I/O error, dev loop0, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 482.348313][ T9] usb 5-1: new low-speed USB device number 2 using dummy_hcd [ 482.411682][ T8933] fuse: Bad value for 'fd' [ 482.790420][ T8933] loop2: detected capacity change from 0 to 40427 [ 482.799490][ T8933] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 482.807380][ T8933] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 482.833973][ T8933] F2FS-fs (loop2): invalid crc value [ 482.888194][ T8933] F2FS-fs (loop2): Found nat_bits in checkpoint [ 482.926159][ T9] usb 5-1: Invalid ep0 maxpacket: 16 [ 482.973894][ T8933] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 482.981162][ T8933] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 483.223164][ T27] audit: type=1800 audit(1760761492.979:34): pid=8933 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.732" name="file1" dev="loop2" ino=10 res=0 errno=0 [ 483.406406][ T9] usb 5-1: new low-speed USB device number 3 using dummy_hcd [ 483.453138][ T8947] block nbd0: Cannot use ioctl interface on a netlink controlled device. [ 483.508014][ T8952] block nbd0: Cannot use ioctl interface on a netlink controlled device. [ 483.562119][ T8947] block nbd0: shutting down sockets [ 483.589810][ T9] usb 5-1: Invalid ep0 maxpacket: 16 [ 483.611796][ T9] usb usb5-port1: attempt power cycle [ 483.801006][ T1072] kworker/u4:6: attempt to access beyond end of device [ 483.801006][ T1072] loop2: rw=1, sector=77824, nr_sectors = 2072 limit=40427 [ 483.861782][ T1072] kworker/u4:6: attempt to access beyond end of device [ 483.861782][ T1072] loop2: rw=1, sector=79896, nr_sectors = 2024 limit=40427 [ 483.903391][ T1072] kworker/u4:6: attempt to access beyond end of device [ 483.903391][ T1072] loop2: rw=1, sector=49152, nr_sectors = 472 limit=40427 [ 484.038278][ T9] usb 5-1: new low-speed USB device number 4 using dummy_hcd [ 484.089224][ T9] usb 5-1: Invalid ep0 maxpacket: 16 [ 484.238405][ T9] usb 5-1: new low-speed USB device number 5 using dummy_hcd [ 484.289680][ T9] usb 5-1: Invalid ep0 maxpacket: 16 [ 484.295268][ T9] usb usb5-port1: unable to enumerate USB device [ 484.358513][ T5905] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 484.570443][ T5905] usb 1-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65 [ 484.593176][ T5905] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 484.628368][ T5905] usb 1-1: Product: syz [ 484.642888][ T5905] usb 1-1: Manufacturer: syz [ 484.649190][ T5905] usb 1-1: SerialNumber: syz [ 484.679901][ T5905] usb 1-1: config 0 descriptor?? [ 484.904767][ T5905] cx82310_eth: probe of 1-1:0.0 failed with error -22 [ 485.312125][ T5905] cxacru 1-1:0.0: usbatm_usb_probe: bind failed: -19! [ 485.377270][ T5905] usb 1-1: USB disconnect, device number 5 [ 487.775772][ T9019] loop4: detected capacity change from 0 to 512 [ 487.845641][ T9019] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 487.959803][ T9019] EXT4-fs (loop4): 1 truncate cleaned up [ 488.052146][ T9019] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 488.922344][ T9030] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm syz.4.746: bg 0: block 275: padding at end of block bitmap is not set [ 489.311688][ T8168] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 489.356881][ T9037] fuse: Bad value for 'fd' [ 489.730349][ T9037] loop3: detected capacity change from 0 to 40427 [ 489.840139][ T9037] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 489.847959][ T9037] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 489.910729][ T9037] F2FS-fs (loop3): invalid crc value [ 489.924147][ T9037] F2FS-fs (loop3): Found nat_bits in checkpoint [ 490.016235][ T9037] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 490.023440][ T9037] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 490.645943][ T27] audit: type=1800 audit(1760761500.049:35): pid=9050 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.748" name="file1" dev="loop3" ino=10 res=0 errno=0 [ 491.434776][ T7365] kworker/u4:11: attempt to access beyond end of device [ 491.434776][ T7365] loop3: rw=1, sector=77824, nr_sectors = 2056 limit=40427 [ 491.502673][ T7365] kworker/u4:11: attempt to access beyond end of device [ 491.502673][ T7365] loop3: rw=1, sector=79880, nr_sectors = 2040 limit=40427 [ 491.583971][ T7365] kworker/u4:11: attempt to access beyond end of device [ 491.583971][ T7365] loop3: rw=1, sector=49152, nr_sectors = 2064 limit=40427 [ 491.685948][ T7365] kworker/u4:11: attempt to access beyond end of device [ 491.685948][ T7365] loop3: rw=1, sector=51216, nr_sectors = 2032 limit=40427 [ 492.237967][ T7365] kworker/u4:11: attempt to access beyond end of device [ 492.237967][ T7365] loop3: rw=1, sector=57344, nr_sectors = 4104 limit=40427 [ 492.263707][ T7365] kworker/u4:11: attempt to access beyond end of device [ 492.263707][ T7365] loop3: rw=1, sector=61448, nr_sectors = 744 limit=40427 [ 493.104558][ T9075] loop2: detected capacity change from 0 to 4096 [ 493.226447][ T9081] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 493.350677][ T9085] loop0: detected capacity change from 0 to 512 [ 493.389430][ T9085] loop0: Can't mount, blockdev is frozen [ 493.707195][ T5810] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 494.542691][ T9093] loop0: detected capacity change from 0 to 2048 [ 495.034052][ T9101] fuse: Bad value for 'fd' [ 495.286387][ T9101] loop4: detected capacity change from 0 to 40427 [ 495.335353][ T9101] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 495.343272][ T9101] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 495.355203][ T9101] F2FS-fs (loop4): invalid crc value [ 495.396180][ T9101] F2FS-fs (loop4): Found nat_bits in checkpoint [ 495.468761][ T9101] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 495.475889][ T9101] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 496.188408][ T27] audit: type=1800 audit(1760761505.599:36): pid=9110 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.760" name="file1" dev="loop4" ino=10 res=0 errno=0 [ 496.711498][ T11] kworker/u4:0: attempt to access beyond end of device [ 496.711498][ T11] loop4: rw=1, sector=77824, nr_sectors = 2048 limit=40427 [ 496.764758][ T11] kworker/u4:0: attempt to access beyond end of device [ 496.764758][ T11] loop4: rw=1, sector=79872, nr_sectors = 2048 limit=40427 [ 496.824428][ T11] kworker/u4:0: attempt to access beyond end of device [ 496.824428][ T11] loop4: rw=1, sector=49152, nr_sectors = 2048 limit=40427 [ 496.969579][ T11] kworker/u4:0: attempt to access beyond end of device [ 496.969579][ T11] loop4: rw=1, sector=51200, nr_sectors = 2048 limit=40427 [ 497.047669][ T11] kworker/u4:0: attempt to access beyond end of device [ 497.047669][ T11] loop4: rw=1, sector=57344, nr_sectors = 2456 limit=40427 [ 497.117068][ T11] kworker/u4:0: attempt to access beyond end of device [ 497.117068][ T11] loop4: rw=1, sector=59800, nr_sectors = 2448 limit=40427 [ 499.076420][ T9134] loop2: detected capacity change from 0 to 512 [ 499.322857][ T9134] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 499.653352][ T9134] EXT4-fs (loop2): 1 truncate cleaned up [ 499.689753][ T9134] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 500.323623][ T9145] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.767: bg 0: block 275: padding at end of block bitmap is not set [ 501.492320][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 502.150241][ T1281] ieee802154 phy0 wpan0: encryption failed: -22 [ 502.156624][ T1281] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.301958][ T9161] fuse: Bad value for 'fd' [ 502.687486][ T9161] loop2: detected capacity change from 0 to 40427 [ 502.716107][ T9161] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 502.724351][ T9161] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 502.758833][ T9161] F2FS-fs (loop2): invalid crc value [ 502.806213][ T9161] F2FS-fs (loop2): Found nat_bits in checkpoint [ 502.834662][ T9170] loop4: detected capacity change from 0 to 4096 [ 502.870697][ T9161] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 502.877835][ T9161] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 502.963227][ T9172] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 503.600225][ T27] audit: type=1800 audit(1760761513.039:37): pid=9174 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.771" name="file1" dev="loop2" ino=10 res=0 errno=0 [ 504.295815][ T1107] kworker/u4:8: attempt to access beyond end of device [ 504.295815][ T1107] loop2: rw=1, sector=77824, nr_sectors = 2056 limit=40427 [ 504.366162][ T1107] kworker/u4:8: attempt to access beyond end of device [ 504.366162][ T1107] loop2: rw=1, sector=79880, nr_sectors = 2040 limit=40427 [ 504.432048][ T1107] kworker/u4:8: attempt to access beyond end of device [ 504.432048][ T1107] loop2: rw=1, sector=49152, nr_sectors = 2048 limit=40427 [ 504.507650][ T1107] kworker/u4:8: attempt to access beyond end of device [ 504.507650][ T1107] loop2: rw=1, sector=51200, nr_sectors = 2048 limit=40427 [ 504.571867][ T1107] kworker/u4:8: attempt to access beyond end of device [ 504.571867][ T1107] loop2: rw=1, sector=57344, nr_sectors = 3528 limit=40427 [ 504.656113][ T1107] kworker/u4:8: attempt to access beyond end of device [ 504.656113][ T1107] loop2: rw=1, sector=60872, nr_sectors = 1944 limit=40427 [ 505.806807][ T9189] loop3: detected capacity change from 0 to 512 [ 506.628848][ T9189] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 506.673377][ T9189] EXT4-fs (loop3): 1 truncate cleaned up [ 506.692777][ T9189] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 507.747501][ T9206] comedi comedi3: Buffer allocation failed [ 508.680423][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 509.146354][ T9221] fuse: Bad value for 'fd' [ 509.446884][ T9221] loop3: detected capacity change from 0 to 40427 [ 509.470841][ T9221] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 509.478779][ T9221] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 509.539996][ T9221] F2FS-fs (loop3): invalid crc value [ 509.611550][ T9221] F2FS-fs (loop3): Found nat_bits in checkpoint [ 509.698786][ T9221] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 509.705901][ T9221] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 510.088214][ T27] audit: type=1800 audit(1760761519.749:38): pid=9228 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.786" name="file1" dev="loop3" ino=10 res=0 errno=0 [ 510.713912][ T126] kworker/u4:5: attempt to access beyond end of device [ 510.713912][ T126] loop3: rw=1, sector=77824, nr_sectors = 2048 limit=40427 [ 510.781200][ T126] kworker/u4:5: attempt to access beyond end of device [ 510.781200][ T126] loop3: rw=1, sector=79872, nr_sectors = 2048 limit=40427 [ 510.843395][ T126] kworker/u4:5: attempt to access beyond end of device [ 510.843395][ T126] loop3: rw=1, sector=49152, nr_sectors = 1176 limit=40427 [ 512.846539][ T9254] loop4: detected capacity change from 0 to 512 [ 512.870590][ T9250] loop3: detected capacity change from 0 to 4096 [ 512.886098][ T9254] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 512.957999][ T9254] EXT4-fs (loop4): 1 truncate cleaned up [ 512.993598][ T9254] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 513.068401][ T9257] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 513.598687][ T9261] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm syz.4.794: bg 0: block 275: padding at end of block bitmap is not set [ 515.103861][ T8168] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 515.305517][ T9266] fuse: Bad value for 'fd' [ 515.550025][ T9266] loop4: detected capacity change from 0 to 40427 [ 515.564718][ T9266] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 515.572925][ T9266] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 515.610223][ T9266] F2FS-fs (loop4): invalid crc value [ 515.641802][ T9266] F2FS-fs (loop4): Found nat_bits in checkpoint [ 515.714864][ T9266] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 515.722076][ T9266] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 516.018521][ T27] audit: type=1800 audit(1760761525.769:39): pid=9274 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.796" name="file1" dev="loop4" ino=10 res=0 errno=0 [ 516.583081][ T58] kworker/u4:4: attempt to access beyond end of device [ 516.583081][ T58] loop4: rw=1, sector=77824, nr_sectors = 2048 limit=40427 [ 516.644149][ T58] kworker/u4:4: attempt to access beyond end of device [ 516.644149][ T58] loop4: rw=1, sector=79872, nr_sectors = 2048 limit=40427 [ 516.699665][ T58] kworker/u4:4: attempt to access beyond end of device [ 516.699665][ T58] loop4: rw=1, sector=49152, nr_sectors = 224 limit=40427 [ 518.520364][ T9293] loop2: detected capacity change from 0 to 512 [ 518.542284][ T9293] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 518.595179][ T9293] EXT4-fs (loop2): 1 truncate cleaned up [ 518.615020][ T9293] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 519.171898][ T9304] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.804: bg 0: block 275: padding at end of block bitmap is not set [ 519.722987][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 520.203144][ T9313] fuse: Bad value for 'fd' [ 520.463640][ T9313] loop0: detected capacity change from 0 to 40427 [ 520.525359][ T5810] I/O error, dev loop0, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 522.227543][ T9325] loop3: detected capacity change from 0 to 4096 [ 522.408379][ T9328] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 523.606122][ T9337] loop4: detected capacity change from 0 to 512 [ 523.642640][ T9337] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 523.760629][ T9337] EXT4-fs (loop4): 1 truncate cleaned up [ 523.799855][ T9337] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 524.109027][ T9344] fuse: Bad value for 'fd' [ 524.486606][ T9344] loop0: detected capacity change from 0 to 40427 [ 524.558652][ T9347] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm syz.4.815: bg 0: block 275: padding at end of block bitmap is not set [ 525.113919][ T8168] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 528.934611][ T9381] loop3: detected capacity change from 0 to 512 [ 528.979107][ T9381] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 529.031710][ T9381] EXT4-fs (loop3): 1 truncate cleaned up [ 529.061908][ T9381] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 529.427980][ T9386] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.826: bg 0: block 275: padding at end of block bitmap is not set [ 530.157685][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 530.365487][ T9391] fuse: Bad value for 'fd' [ 530.745896][ T9391] loop3: detected capacity change from 0 to 40427 [ 530.765867][ T9391] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 530.773779][ T9391] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 530.809851][ T9391] F2FS-fs (loop3): invalid crc value [ 530.841006][ T9391] F2FS-fs (loop3): Found nat_bits in checkpoint [ 530.900817][ T9391] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 530.907930][ T9391] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 531.281919][ T27] audit: type=1800 audit(1760761540.959:40): pid=9398 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.828" name="file1" dev="loop3" ino=10 res=0 errno=0 [ 531.785637][ T126] kworker/u4:5: attempt to access beyond end of device [ 531.785637][ T126] loop3: rw=1, sector=77824, nr_sectors = 2048 limit=40427 [ 531.877602][ T126] kworker/u4:5: attempt to access beyond end of device [ 531.877602][ T126] loop3: rw=1, sector=79872, nr_sectors = 2048 limit=40427 [ 531.946643][ T126] kworker/u4:5: attempt to access beyond end of device [ 531.946643][ T126] loop3: rw=1, sector=49152, nr_sectors = 488 limit=40427 [ 533.995944][ T9417] loop2: detected capacity change from 0 to 4096 [ 534.062517][ T9419] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 535.226578][ T9428] loop4: detected capacity change from 0 to 512 [ 535.242878][ T9428] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 535.266692][ T9428] EXT4-fs (loop4): 1 truncate cleaned up [ 535.279758][ T9428] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 535.889795][ T9434] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm syz.4.836: bg 0: block 275: padding at end of block bitmap is not set [ 536.438432][ T9436] fuse: Bad value for 'fd' [ 536.587708][ T8168] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 536.821143][ T9436] loop2: detected capacity change from 0 to 40427 [ 536.831969][ T9436] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 536.839825][ T9436] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 536.872746][ T9436] F2FS-fs (loop2): invalid crc value [ 536.913154][ T9436] F2FS-fs (loop2): Found nat_bits in checkpoint [ 536.975278][ T9436] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 536.983253][ T9436] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 537.242313][ T27] audit: type=1800 audit(1760761546.999:41): pid=9445 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.838" name="file1" dev="loop2" ino=10 res=0 errno=0 [ 539.569927][ T11] kworker/u4:0: attempt to access beyond end of device [ 539.569927][ T11] loop2: rw=1, sector=77824, nr_sectors = 2288 limit=40427 [ 539.595142][ T11] kworker/u4:0: attempt to access beyond end of device [ 539.595142][ T11] loop2: rw=1, sector=80112, nr_sectors = 1808 limit=40427 [ 539.674773][ T11] kworker/u4:0: attempt to access beyond end of device [ 539.674773][ T11] loop2: rw=1, sector=49152, nr_sectors = 1608 limit=40427 [ 541.189933][ T9471] loop0: detected capacity change from 0 to 4096 [ 542.296381][ T9480] loop4: detected capacity change from 0 to 512 [ 542.308582][ T9480] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 542.452452][ T9480] EXT4-fs (loop4): 1 truncate cleaned up [ 542.461149][ T9480] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 543.461347][ T8168] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 543.491028][ T9491] fuse: Bad value for 'fd' [ 543.871372][ T9491] loop3: detected capacity change from 0 to 40427 [ 543.887759][ T9491] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 543.895644][ T9491] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 543.911928][ T9491] F2FS-fs (loop3): invalid crc value [ 543.961979][ T9491] F2FS-fs (loop3): Found nat_bits in checkpoint [ 544.018521][ T9491] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 544.025642][ T9491] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 545.158437][ T50] Bluetooth: hci4: command 0x0406 tx timeout [ 548.944369][ T9532] loop4: detected capacity change from 0 to 512 [ 548.964642][ T9532] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 548.997207][ T9532] EXT4-fs (loop4): 1 truncate cleaned up [ 549.026287][ T9532] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 550.093920][ T8168] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 550.200213][ T9538] loop0: detected capacity change from 0 to 4096 [ 550.278356][ T5808] I/O error, dev loop0, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 551.446947][ T9545] fuse: Bad value for 'fd' [ 551.827548][ T9545] loop3: detected capacity change from 0 to 40427 [ 551.846934][ T9545] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 551.854858][ T9545] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 551.865453][ T9545] F2FS-fs (loop3): invalid crc value [ 551.912615][ T9545] F2FS-fs (loop3): Found nat_bits in checkpoint [ 552.071458][ T9545] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 552.079111][ T9545] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 555.377084][ T9569] loop0: detected capacity change from 0 to 512 [ 555.409518][ T9569] loop0: Can't mount, blockdev is frozen [ 555.506658][ T5810] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 556.618250][ T9574] loop0: detected capacity change from 0 to 2048 [ 558.145387][ T9591] fuse: Bad value for 'fd' [ 558.534464][ T9591] loop0: detected capacity change from 0 to 40427 [ 558.691256][ T5810] I/O error, dev loop0, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 563.065925][ T9617] loop4: detected capacity change from 0 to 512 [ 563.077004][ T9617] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 563.135129][ T9617] EXT4-fs (loop4): 1 truncate cleaned up [ 563.149632][ T9617] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 563.284708][ T1281] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.300355][ T1281] ieee802154 phy1 wpan1: encryption failed: -22 [ 564.253821][ T8168] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 564.397936][ T9626] loop2: detected capacity change from 0 to 4096 [ 564.410549][ T9629] fuse: Bad value for 'fd' [ 564.793350][ T9629] loop3: detected capacity change from 0 to 40427 [ 564.816565][ T9629] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 564.824436][ T9629] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 564.883041][ T9629] F2FS-fs (loop3): invalid crc value [ 564.896711][ T9636] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 564.970231][ T9629] F2FS-fs (loop3): Found nat_bits in checkpoint [ 565.031896][ T9629] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 565.040002][ T9629] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 565.598014][ T27] audit: type=1800 audit(1760761575.149:42): pid=9641 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.884" name="file1" dev="loop3" ino=10 res=0 errno=0 [ 570.414784][ T9672] loop4: detected capacity change from 0 to 512 [ 570.462731][ T9672] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 570.615134][ T9672] EXT4-fs (loop4): 1 truncate cleaned up [ 570.630327][ T9672] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 570.690614][ T9680] fuse: Bad value for 'fd' [ 571.075886][ T9680] loop0: detected capacity change from 0 to 40427 [ 571.778241][ T9678] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 275: padding at end of block bitmap is not set [ 572.130598][ T8168] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 573.976557][ T9698] loop0: detected capacity change from 0 to 4096 [ 577.242670][ T9721] loop4: detected capacity change from 0 to 512 [ 577.268603][ T9721] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 577.521061][ T9721] EXT4-fs (loop4): 1 truncate cleaned up [ 577.544024][ T9721] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 578.125946][ T9728] fuse: Bad value for 'fd' [ 578.509218][ T9728] loop3: detected capacity change from 0 to 40427 [ 578.557000][ T9724] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 275: padding at end of block bitmap is not set [ 578.575433][ T9728] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 578.583362][ T9728] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 578.600662][ T9728] F2FS-fs (loop3): invalid crc value [ 578.630516][ T9728] F2FS-fs (loop3): Found nat_bits in checkpoint [ 578.944130][ T9728] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 578.951504][ T9728] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 579.348418][ T27] audit: type=1800 audit(1760761589.079:43): pid=9738 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.904" name="file1" dev="loop3" ino=10 res=0 errno=0 [ 579.531403][ T8168] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 585.732425][ T9773] loop0: detected capacity change from 0 to 2048 [ 586.300151][ T9776] fuse: Bad value for 'fd' [ 586.667196][ T9776] loop4: detected capacity change from 0 to 40427 [ 586.727961][ T9776] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 586.736046][ T9776] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 586.752420][ T9776] F2FS-fs (loop4): invalid crc value [ 586.771569][ T9776] F2FS-fs (loop4): Found nat_bits in checkpoint [ 586.832978][ T9776] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 586.840137][ T9776] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 589.571192][ T27] audit: type=1800 audit(1760761596.869:44): pid=9786 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.915" name="file1" dev="loop4" ino=10 res=0 errno=0 [ 589.782538][ T8168] syz-executor: attempt to access beyond end of device [ 589.782538][ T8168] loop4: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 589.850374][ T8168] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 592.155104][ T9797] loop0: detected capacity change from 0 to 4096 [ 594.998162][ T9818] loop3: detected capacity change from 0 to 2048 [ 595.164920][ T9818] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 596.535187][ T9831] fuse: Bad value for 'fd' [ 596.808174][ T9831] loop4: detected capacity change from 0 to 40427 [ 596.823701][ T9831] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 596.832247][ T9831] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 597.040944][ T9831] F2FS-fs (loop4): invalid crc value [ 597.111659][ T9831] F2FS-fs (loop4): Found nat_bits in checkpoint [ 597.513220][ T9831] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 597.520708][ T9831] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 599.122752][ T27] audit: type=1800 audit(1760761608.449:45): pid=9846 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.927" name="file1" dev="loop4" ino=10 res=0 errno=0 [ 600.404345][ T1072] kworker/u4:6: attempt to access beyond end of device [ 600.404345][ T1072] loop4: rw=1, sector=77824, nr_sectors = 2616 limit=40427 [ 600.661341][ T1072] kworker/u4:6: attempt to access beyond end of device [ 600.661341][ T1072] loop4: rw=1, sector=80440, nr_sectors = 1480 limit=40427 [ 600.833956][ T1072] kworker/u4:6: attempt to access beyond end of device [ 600.833956][ T1072] loop4: rw=1, sector=49152, nr_sectors = 3384 limit=40427 [ 601.564033][ T9861] loop2: detected capacity change from 0 to 2048 [ 601.834743][ T9861] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 605.005897][ T9891] fuse: Bad value for 'fd' [ 605.304613][ T9891] loop3: detected capacity change from 0 to 40427 [ 605.322880][ T9891] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 605.330714][ T9891] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 605.498420][ T9891] F2FS-fs (loop3): invalid crc value [ 605.525023][ T9891] F2FS-fs (loop3): Found nat_bits in checkpoint [ 606.346250][ T9891] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 606.353586][ T9891] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 607.560445][ T27] audit: type=1800 audit(1760761616.469:46): pid=9902 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.941" name="file1" dev="loop3" ino=10 res=0 errno=0 [ 609.756665][ T1124] kworker/u4:10: attempt to access beyond end of device [ 609.756665][ T1124] loop3: rw=1, sector=77824, nr_sectors = 2952 limit=40427 [ 609.812881][ T1124] kworker/u4:10: attempt to access beyond end of device [ 609.812881][ T1124] loop3: rw=1, sector=80776, nr_sectors = 1144 limit=40427 [ 609.828841][ T9915] loop0: detected capacity change from 0 to 4096 [ 609.909393][ T1124] kworker/u4:10: attempt to access beyond end of device [ 609.909393][ T1124] loop3: rw=1, sector=49152, nr_sectors = 2048 limit=40427 [ 610.053318][ T1124] kworker/u4:10: attempt to access beyond end of device [ 610.053318][ T1124] loop3: rw=1, sector=51200, nr_sectors = 2048 limit=40427 [ 610.409330][ T1124] kworker/u4:10: attempt to access beyond end of device [ 610.409330][ T1124] loop3: rw=1, sector=57344, nr_sectors = 3848 limit=40427 [ 610.604906][ T1124] kworker/u4:10: attempt to access beyond end of device [ 610.604906][ T1124] loop3: rw=1, sector=61192, nr_sectors = 352 limit=40427 [ 613.002635][ T9939] loop3: detected capacity change from 0 to 512 [ 613.023424][ T9939] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 613.053182][ T9939] EXT4-fs (loop3): 1 truncate cleaned up [ 613.070247][ T9939] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 613.442931][ T9944] fuse: Bad value for 'fd' [ 613.822662][ T9944] loop2: detected capacity change from 0 to 40427 [ 613.898605][ T9944] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 613.907028][ T9944] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 613.918977][ T9944] F2FS-fs (loop2): invalid crc value [ 613.937290][ T9944] F2FS-fs (loop2): Found nat_bits in checkpoint [ 614.086283][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 614.118002][ T9944] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 614.127004][ T9944] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 615.323336][ T27] audit: type=1800 audit(1760761624.239:47): pid=9950 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.953" name="file1" dev="loop2" ino=10 res=0 errno=0 [ 616.965624][ T41] kworker/u4:2: attempt to access beyond end of device [ 616.965624][ T41] loop2: rw=1, sector=77824, nr_sectors = 2048 limit=40427 [ 617.281779][ T41] kworker/u4:2: attempt to access beyond end of device [ 617.281779][ T41] loop2: rw=1, sector=79872, nr_sectors = 2048 limit=40427 [ 617.525000][ T41] kworker/u4:2: attempt to access beyond end of device [ 617.525000][ T41] loop2: rw=1, sector=49152, nr_sectors = 3152 limit=40427 [ 617.543627][ T41] kworker/u4:2: attempt to access beyond end of device [ 617.543627][ T41] loop2: rw=1, sector=52304, nr_sectors = 448 limit=40427 [ 619.857788][ T9981] loop4: detected capacity change from 0 to 512 [ 619.918501][ T9981] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 619.974207][ T9981] EXT4-fs (loop4): 1 truncate cleaned up [ 619.981667][ T9981] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 620.983337][ T8168] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 621.925141][ T9999] fuse: Bad value for 'fd' [ 622.305242][ T9999] loop4: detected capacity change from 0 to 40427 [ 622.538371][ T9999] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 622.546226][ T9999] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 623.044728][ T9999] F2FS-fs (loop4): invalid crc value [ 623.071055][ T9999] F2FS-fs (loop4): Found nat_bits in checkpoint [ 623.142473][ T9999] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 623.149766][ T9999] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 625.845825][ T27] audit: type=1800 audit(1760761633.309:48): pid=10019 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.964" name="file1" dev="loop4" ino=10 res=0 errno=0 [ 626.179660][ T1281] ieee802154 phy0 wpan0: encryption failed: -22 [ 626.198162][ T1281] ieee802154 phy1 wpan1: encryption failed: -22 [ 626.315945][ T8168] syz-executor: attempt to access beyond end of device [ 626.315945][ T8168] loop4: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 626.344474][T10018] loop2: detected capacity change from 0 to 4096 [ 626.359451][ T8168] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 626.448789][T10020] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 626.948824][T10025] loop2: detected capacity change from 0 to 512 [ 626.979495][T10025] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 627.040598][T10025] EXT4-fs (loop2): 1 truncate cleaned up [ 627.071991][T10025] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 628.609721][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 633.479587][ T50] Bluetooth: hci4: hcon ffff88802143a000 sent 1 < count 65528 [ 633.719725][T10083] loop4: detected capacity change from 0 to 512 [ 633.739701][T10083] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 633.810696][T10083] EXT4-fs (loop4): 1 truncate cleaned up [ 633.847762][T10083] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 634.884736][ T8168] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 637.507163][T10114] program syz.0.993 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 638.256339][T10126] loop0: detected capacity change from 0 to 512 [ 638.288192][T10126] loop0: Can't mount, blockdev is frozen [ 638.876874][T10131] loop0: detected capacity change from 0 to 2048 [ 643.170723][T10164] lo speed is unknown, defaulting to 1000 [ 643.445591][T10172] loop3: detected capacity change from 0 to 512 [ 643.453966][T10172] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 643.501699][T10172] EXT4-fs (loop3): 1 truncate cleaned up [ 643.525864][T10172] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 644.751221][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 645.856893][T10188] loop3: detected capacity change from 0 to 4096 [ 645.930613][T10191] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 645.965886][T10190] input: syz1 as /devices/virtual/input/input7 [ 647.284891][T10203] loop3: detected capacity change from 0 to 128 [ 647.291287][T10205] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1016'. [ 647.345473][T10203] hpfs: bad mount options. [ 647.573432][ T5810] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 648.831640][T10211] geneve2: entered allmulticast mode [ 650.492564][T10215] loop2: detected capacity change from 0 to 512 [ 650.539850][T10215] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 650.679675][T10215] EXT4-fs (loop2): 1 truncate cleaned up [ 650.709598][T10215] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 651.165176][T10219] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.1018: bg 0: block 275: padding at end of block bitmap is not set [ 651.937326][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 652.782650][T10227] loop3: detected capacity change from 0 to 4096 [ 652.853592][T10230] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1021'. [ 652.948468][T10233] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 654.466790][T10253] loop3: detected capacity change from 0 to 512 [ 654.497184][T10253] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 654.529239][T10253] EXT4-fs (loop3): 1 truncate cleaned up [ 654.539633][T10253] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 654.923155][T10258] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.1029: bg 0: block 275: padding at end of block bitmap is not set [ 655.548725][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 655.828818][T10263] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1031'. [ 656.278554][T10268] loop4: detected capacity change from 0 to 4096 [ 656.449509][T10268] NILFS (loop4): invalid segment: Checksum error in segment payload [ 656.622402][T10268] NILFS (loop4): trying rollback from an earlier position [ 656.906762][T10268] NILFS (loop4): recovery complete [ 656.950220][T10272] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 658.755138][T10286] loop2: detected capacity change from 0 to 4096 [ 658.845788][T10288] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 663.689787][T10322] loop4: detected capacity change from 0 to 4096 [ 663.895906][T10326] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 664.132846][ T5806] Bluetooth: hci4: command 0x0406 tx timeout [ 665.321448][T10333] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1049'. [ 665.570276][T10338] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1051'. [ 666.034857][T10340] geneve2: entered allmulticast mode [ 669.019611][T10354] lo speed is unknown, defaulting to 1000 [ 669.988716][T10363] loop3: detected capacity change from 0 to 4096 [ 670.043166][T10364] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 670.299404][T10344] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 671.254453][T10370] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1059'. [ 671.325294][T10344] usb 5-1: Using ep0 maxpacket: 32 [ 671.334485][T10344] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 671.345981][T10344] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 671.355913][T10344] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 671.365271][T10344] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 671.376258][T10344] usb 5-1: config 0 descriptor?? [ 671.995186][T10344] usbhid 5-1:0.0: can't add hid device: -71 [ 672.004874][T10344] usbhid: probe of 5-1:0.0 failed with error -71 [ 672.018330][T10344] usb 5-1: USB disconnect, device number 6 [ 672.474941][T10381] loop0: detected capacity change from 0 to 512 [ 672.519406][T10381] loop0: Can't mount, blockdev is frozen [ 673.016335][T10384] loop0: detected capacity change from 0 to 2048 [ 676.573166][T10410] 8021q: adding VLAN 0 to HW filter on device bond0 [ 676.593846][T10410] bond0: (slave rose0): Enslaving as an active interface with an up link [ 677.219617][T10422] loop3: detected capacity change from 0 to 4096 [ 677.325293][T10424] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 678.498645][T10440] loop3: detected capacity change from 0 to 512 [ 678.530711][T10440] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 678.660654][T10440] EXT4-fs (loop3): 1 truncate cleaned up [ 678.674322][T10440] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 679.139523][T10446] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.1071: bg 0: block 275: padding at end of block bitmap is not set [ 679.692734][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 682.809591][T10479] kvm: user requested TSC rate below hardware speed [ 682.957378][T10484] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 683.762226][T10487] block device autoloading is deprecated and will be removed. [ 685.269545][T10506] loop3: detected capacity change from 0 to 512 [ 685.302765][T10506] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 685.345905][T10507] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 685.358084][T10506] EXT4-fs (loop3): 1 truncate cleaned up [ 685.365994][T10506] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 685.728097][T10511] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.1080: bg 0: block 275: padding at end of block bitmap is not set [ 686.018979][T10509] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 275: padding at end of block bitmap is not set [ 686.167298][ T1281] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.167395][ T1281] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.380398][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 687.689534][T10527] mmap: syz.4.1085 (10527) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 689.101674][T10540] loop3: detected capacity change from 0 to 512 [ 689.633359][T10540] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 689.920400][T10540] EXT4-fs (loop3): 1 truncate cleaned up [ 689.927474][T10540] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 690.421862][T10551] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.1089: bg 0: block 275: padding at end of block bitmap is not set [ 691.029652][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 691.251941][T10559] 9pnet_virtio: no channels available for device syz [ 694.056707][T10570] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1095'. [ 695.380258][T10588] loop2: detected capacity change from 0 to 512 [ 695.420701][T10588] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 695.741306][T10588] EXT4-fs (loop2): 1 truncate cleaned up [ 695.749699][T10588] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 696.137319][T10597] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.1101: bg 0: block 275: padding at end of block bitmap is not set [ 696.741127][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 701.292689][T10640] loop2: detected capacity change from 0 to 4096 [ 701.363874][T10643] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 702.207770][T10652] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1112'. [ 702.355015][T10651] overlayfs: workdir and upperdir must be separate subtrees [ 703.389364][T10662] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 703.396553][T10662] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 703.470510][T10662] vhci_hcd vhci_hcd.0: Device attached [ 703.491535][T10664] vhci_hcd: connection closed [ 703.518286][ T1124] vhci_hcd: stop threads [ 703.554029][ T1124] vhci_hcd: release socket [ 703.648608][T10344] vhci_hcd: vhci_device speed not set [ 703.687052][ T1124] vhci_hcd: disconnect device [ 704.754430][T10678] loop4: detected capacity change from 0 to 4096 [ 704.959054][T10681] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 707.958175][ T787] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 708.196910][ T787] usb 3-1: New USB device found, idVendor=0fe9, idProduct=db55, bcdDevice=69.fb [ 708.226690][ T787] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=201 [ 708.245462][ T787] usb 3-1: Product: syz [ 708.255879][ T787] usb 3-1: Manufacturer: syz [ 708.268216][ T787] usb 3-1: SerialNumber: syz [ 708.298534][ T787] usb 3-1: config 0 descriptor?? [ 708.310506][ T787] dvb-usb: found a 'DigitalNow DVB-T Dual USB' in warm state. [ 708.340673][ T787] dvb-usb: bulk message failed: -22 (2/0) [ 708.384515][ T787] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 708.431693][ T787] dvbdev: DVB: registering new adapter (DigitalNow DVB-T Dual USB) [ 708.448288][ T787] usb 3-1: media controller created [ 708.499347][ T787] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 708.544657][T10697] cxusb: i2c wr: len=80 is too big! [ 708.544657][T10697] [ 708.677034][ T787] cxusb: set interface failed [ 708.689493][ T787] dvb-usb: bulk message failed: -22 (1/0) [ 709.508321][ T787] DVB: Unable to find symbol mt352_attach() [ 709.548460][ T787] dvb-usb: bulk message failed: -22 (5/0) [ 709.554928][ T787] zl10353_read_register: readreg error (reg=127, ret==-121) [ 709.607468][ T787] dvb-usb: no frontend was attached by 'DigitalNow DVB-T Dual USB' [ 709.857929][T10712] loop3: detected capacity change from 0 to 4096 [ 710.018859][T10717] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 710.678164][ T787] rc_core: IR keymap rc-dvico-mce not found [ 710.714805][ T787] Registered IR keymap rc-empty [ 710.769393][ T787] rc rc0: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.2/usb3/3-1/rc/rc0 [ 710.882256][ T787] input: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.2/usb3/3-1/rc/rc0/input8 [ 710.961477][ T787] dvb-usb: schedule remote query interval to 100 msecs. [ 711.011238][ T787] dvb-usb: DigitalNow DVB-T Dual USB successfully initialized and connected. [ 711.047173][ T787] usb 3-1: USB disconnect, device number 6 [ 711.224852][T10730] loop0: detected capacity change from 0 to 512 [ 711.249581][T10730] loop0: Can't mount, blockdev is frozen [ 711.330687][ T787] dvb-usb: DigitalNow DVB-T Dual USB successfully deinitialized and disconnected. [ 711.402567][ T5811] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 711.417582][T10732] syz.4.1138 uses obsolete (PF_INET,SOCK_PACKET) [ 711.902689][T10735] loop0: detected capacity change from 0 to 2048 [ 713.837875][T10754] loop4: detected capacity change from 0 to 4096 [ 713.920916][T10755] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 714.606961][T10767] loop0: detected capacity change from 0 to 512 [ 714.639560][T10767] loop0: Can't mount, blockdev is frozen [ 715.204306][T10772] loop0: detected capacity change from 0 to 2048 [ 716.129199][ T787] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 716.318104][ T787] usb 1-1: Using ep0 maxpacket: 8 [ 716.325579][ T787] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 716.334498][ T787] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 716.344879][ T787] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 716.356180][ T787] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 716.366575][ T787] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 716.381577][ T787] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 716.392236][ T787] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 716.691888][ T787] usb 1-1: GET_CAPABILITIES returned 0 [ 716.699955][ T787] usbtmc 1-1:16.0: can't read capabilities [ 716.986595][ T9] usb 1-1: USB disconnect, device number 6 [ 717.758191][ T50] Bluetooth: hci4: command 0x0406 tx timeout [ 718.564056][T10802] loop4: detected capacity change from 0 to 4096 [ 718.655804][T10805] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 720.848122][ T5984] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 721.218211][ T5984] usb 1-1: Using ep0 maxpacket: 8 [ 721.236259][ T5984] usb 1-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 721.252925][ T5984] usb 1-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 721.263376][ T5984] usb 1-1: config 0 interface 0 has no altsetting 0 [ 721.278471][ T5984] usb 1-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 721.293744][ T5984] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 721.308474][ T5984] usb 1-1: config 0 descriptor?? [ 721.732932][ T5984] mcp2221 0003:04D8:00DD.0003: unknown main item tag 0x0 [ 721.751084][ T5984] mcp2221 0003:04D8:00DD.0003: unknown main item tag 0x0 [ 721.759127][ T5984] mcp2221 0003:04D8:00DD.0003: unknown main item tag 0x0 [ 721.766352][ T5984] mcp2221 0003:04D8:00DD.0003: unknown main item tag 0x0 [ 721.774711][ T5984] mcp2221 0003:04D8:00DD.0003: unknown main item tag 0x0 [ 721.788966][ T5984] mcp2221 0003:04D8:00DD.0003: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0 [ 721.954217][ T5984] usb 1-1: USB disconnect, device number 7 [ 723.873728][T10836] lo speed is unknown, defaulting to 1000 [ 725.580198][T10846] loop3: detected capacity change from 0 to 4096 [ 725.700396][T10849] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 729.965655][ T27] audit: type=1326 audit(1760761739.719:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10871 comm="syz.3.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c4838eec9 code=0x7ffc0000 [ 730.057013][ T27] audit: type=1326 audit(1760761739.749:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10871 comm="syz.3.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f5c4838eec9 code=0x7ffc0000 [ 730.127642][ T27] audit: type=1326 audit(1760761739.749:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10871 comm="syz.3.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c4838eec9 code=0x7ffc0000 [ 730.179579][ T27] audit: type=1326 audit(1760761739.749:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10871 comm="syz.3.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c4838eec9 code=0x7ffc0000 [ 730.231318][ T27] audit: type=1326 audit(1760761739.749:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10871 comm="syz.3.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f5c4838eec9 code=0x7ffc0000 [ 730.291024][ T27] audit: type=1326 audit(1760761739.749:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10871 comm="syz.3.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c4838eec9 code=0x7ffc0000 [ 730.361183][ T27] audit: type=1326 audit(1760761739.749:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10871 comm="syz.3.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c4838eec9 code=0x7ffc0000 [ 732.396685][T10898] loop0: detected capacity change from 0 to 4096 [ 737.057886][T10933] comedi comedi3: Buffer allocation failed [ 737.231825][T10934] loop2: detected capacity change from 0 to 4096 [ 737.345454][T10942] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 741.288132][ T787] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 741.482277][ T787] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 741.498054][ T787] usb 4-1: config 0 interface 0 has no altsetting 0 [ 742.001174][ T787] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 742.018085][ T787] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 742.064676][ T787] usb 4-1: Product: syz [ 742.108106][ T787] usb 4-1: Manufacturer: syz [ 742.119501][ T787] usb 4-1: SerialNumber: syz [ 742.148342][ T787] usb 4-1: config 0 descriptor?? [ 742.189430][ T787] usb 4-1: selecting invalid altsetting 0 [ 743.248719][ T787] usb 4-1: USB disconnect, device number 7 [ 743.312703][T10990] loop4: detected capacity change from 0 to 4096 [ 743.418627][T10993] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 744.597629][T11010] IPv6: addrconf: prefix option has invalid lifetime [ 746.207810][T11023] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1216'. [ 746.400503][T11026] netlink: 'syz.3.1216': attribute type 6 has an invalid length. [ 747.452726][T11036] loop3: detected capacity change from 0 to 4096 [ 747.554552][T11039] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 747.604709][ T1281] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.612520][ T1281] ieee802154 phy1 wpan1: encryption failed: -22 [ 752.268315][ T5905] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 753.416997][ T5905] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 753.438140][ T5905] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 753.469578][ T5905] usb 4-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 753.506643][ T5905] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 753.530785][ T5905] usb 4-1: config 0 descriptor?? [ 754.603603][T11101] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 754.668500][T11101] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 754.745783][ T5905] usbhid 4-1:0.0: can't add hid device: -71 [ 754.762114][ T5905] usbhid: probe of 4-1:0.0 failed with error -71 [ 754.862086][ T5905] usb 4-1: USB disconnect, device number 8 [ 756.873870][T11144] loop2: detected capacity change from 0 to 4096 [ 757.260757][T11150] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 764.559837][T11195] comedi comedi3: Buffer allocation failed [ 767.201711][ T27] audit: type=1326 audit(1760762005.923:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11217 comm="syz.4.1262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f59ac78eec9 code=0x7ffc0000 [ 767.355031][ T27] audit: type=1326 audit(1760762005.923:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11217 comm="syz.4.1262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f59ac78eec9 code=0x7ffc0000 [ 767.418088][ T27] audit: type=1326 audit(1760762005.943:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11217 comm="syz.4.1262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f59ac78eec9 code=0x7ffc0000 [ 767.506719][ T27] audit: type=1326 audit(1760762006.073:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11217 comm="syz.4.1262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f59ac78eec9 code=0x7ffc0000 [ 767.572926][ T27] audit: type=1326 audit(1760762006.073:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11217 comm="syz.4.1262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f59ac78eec9 code=0x7ffc0000 [ 768.028207][ T27] audit: type=1326 audit(1760762006.083:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11217 comm="syz.4.1262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f59ac78eec9 code=0x7ffc0000 [ 768.140542][ T27] audit: type=1326 audit(1760762006.083:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11217 comm="syz.4.1262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f59ac78eec9 code=0x7ffc0000 [ 768.209987][ T27] audit: type=1326 audit(1760762006.083:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11217 comm="syz.4.1262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f59ac78eec9 code=0x7ffc0000 [ 768.301294][ T27] audit: type=1326 audit(1760762006.083:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11217 comm="syz.4.1262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f59ac78eec9 code=0x7ffc0000 [ 768.324641][ T27] audit: type=1326 audit(1760762006.083:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11217 comm="syz.4.1262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f59ac78eec9 code=0x7ffc0000 [ 770.450439][T11245] input: syz1 as /devices/virtual/input/input9 [ 770.500838][T11245] input: failed to attach handler leds to device input9, error: -6 [ 771.965575][T11258] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1272'. [ 776.930646][T11284] netlink: 'syz.0.1279': attribute type 3 has an invalid length. [ 776.959484][T11284] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1279'. [ 778.043819][T11296] syzkaller0: entered promiscuous mode [ 778.073173][T11296] syzkaller0: entered allmulticast mode [ 778.896765][ T5806] Bluetooth: hci4: command 0x0406 tx timeout [ 782.921294][T11336] lo speed is unknown, defaulting to 1000 [ 785.218466][ T787] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 786.208164][ T787] usb 4-1: Using ep0 maxpacket: 32 [ 786.215529][ T787] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 786.226403][ T787] usb 4-1: config 0 has no interface number 0 [ 786.241424][ T787] usb 4-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 786.252039][ T787] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 786.261598][ T787] usb 4-1: Product: syz [ 786.265973][ T787] usb 4-1: Manufacturer: syz [ 786.272108][ T787] usb 4-1: SerialNumber: syz [ 786.281077][ T787] usb 4-1: config 0 descriptor?? [ 786.291201][ T787] usb 4-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 786.308120][ T787] usb 4-1: selecting invalid altsetting 1 [ 786.313918][ T787] usb 4-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 786.328112][ T9] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 786.350856][ T787] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 786.368487][ T787] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 786.376913][ T787] usb 4-1: media controller created [ 786.460959][ T787] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 786.518070][ T9] usb 3-1: Using ep0 maxpacket: 8 [ 786.538312][ T9] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 786.569487][ T9] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 786.582219][ T9] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 786.593018][ T9] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 786.603991][ T9] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 786.633153][ T9] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 786.651496][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 786.901683][T11371] netlink: 'syz.2.1303': attribute type 3 has an invalid length. [ 786.935950][T11371] netlink: 'syz.2.1303': attribute type 3 has an invalid length. [ 787.036590][ T9] usb 3-1: usb_control_msg returned -32 [ 787.087303][ T9] usbtmc 3-1:16.0: can't read capabilities [ 787.512879][T11381] x_tables: ip_tables: HMARK.0 target: invalid size 64 (kernel) != (user) 72 [ 787.603899][T11360] usb 4-1: dvb_usb_ce6230: usb_control_msg() failed=-110 [ 787.653911][ T787] usb 4-1: dvb_usb_ce6230: usb_control_msg() failed=-71 [ 787.829906][ T787] zl10353_read_register: readreg error (reg=127, ret==-71) [ 787.844548][ T787] usb 4-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 788.204563][ T787] usb 4-1: USB disconnect, device number 9 [ 789.338399][ T5904] usb 3-1: USB disconnect, device number 7 [ 800.145094][T11495] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1337'. [ 800.727006][T11502] tipc: Started in network mode [ 800.751680][T11502] tipc: Node identity fe800000000000000000000000000016, cluster identity 4711 [ 800.831641][T11502] tipc: Enabled bearer , priority 10 [ 801.823155][ T5904] tipc: Node number set to 4269801494 [ 804.010699][T11531] netlink: 'syz.2.1346': attribute type 4 has an invalid length. [ 804.118274][ T787] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 804.144208][T11532] netlink: 'syz.2.1346': attribute type 4 has an invalid length. [ 804.334759][ T787] usb 5-1: config index 0 descriptor too short (expected 39, got 27) [ 804.362851][ T787] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 804.412661][ T787] usb 5-1: config 0 interface 0 has no altsetting 0 [ 804.445268][ T787] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 804.481901][ T787] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 804.519907][ T787] usb 5-1: Product: syz [ 804.524153][ T787] usb 5-1: Manufacturer: syz [ 804.534940][ T787] usb 5-1: SerialNumber: syz [ 804.561642][ T787] usb 5-1: config 0 descriptor?? [ 804.602485][ T787] hub 5-1:0.0: bad descriptor, ignoring hub [ 804.705014][ T787] hub: probe of 5-1:0.0 failed with error -5 [ 804.734284][ T787] usb 5-1: selecting invalid altsetting 0 [ 805.761506][T11548] IPVS: sync thread started: state = MASTER, mcast_ifn = bridge_slave_0, syncid = 1, id = 0 [ 807.458516][ T23] usb 5-1: USB disconnect, device number 7 [ 809.064206][ T1281] ieee802154 phy0 wpan0: encryption failed: -22 [ 809.072305][ T1281] ieee802154 phy1 wpan1: encryption failed: -22 [ 812.782594][T11598] batman_adv: batadv0: Adding interface: macvlan2 [ 812.834830][T11598] batman_adv: batadv0: The MTU of interface macvlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 812.903662][T11598] batman_adv: batadv0: Interface activated: macvlan2 [ 921.688075][ C1] ------------[ cut here ]------------ [ 921.695021][ C1] WARNING: CPU: 1 PID: 11606 at kernel/rcu/tree_stall.h:1001 rcu_check_gp_start_stall+0x2dc/0x460 [ 921.705651][ C1] Modules linked in: [ 921.709560][ C1] CPU: 1 PID: 11606 Comm: syz.2.1366 Not tainted syzkaller #0 [ 921.717022][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 921.727183][ C1] RIP: 0010:rcu_check_gp_start_stall+0x2dc/0x460 [ 921.733533][ C1] Code: ff ff ff 48 c7 c7 a0 04 ef 96 be 04 00 00 00 e8 4a b9 6c 00 48 89 df b8 01 00 00 00 87 05 7c d9 7e 15 85 c0 0f 85 19 ff ff ff <0f> 0b 48 81 ff 80 51 d3 8c 74 47 48 c7 c0 1c b8 4a 8e 48 c1 e8 03 [ 921.753165][ C1] RSP: 0018:ffffc900001f0bb8 EFLAGS: 00010046 [ 921.759244][ C1] RAX: 0000000000000000 RBX: ffffffff8cd35180 RCX: ffffffff81702b16 [ 921.767224][ C1] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffffff8cd35180 [ 921.775225][ C1] RBP: ffffc900001f0e30 R08: 0000000000000003 R09: 0000000000000004 [ 921.783229][ C1] R10: dffffc0000000000 R11: fffffbfff2dde094 R12: 0000000000002904 [ 921.791218][ C1] R13: 1ffff110171e7a22 R14: 0000000000000a02 R15: dffffc0000000000 [ 921.799201][ C1] FS: 00007f43a11cb6c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 921.808158][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 921.814747][ C1] CR2: 000020000000cffc CR3: 000000005faee000 CR4: 00000000003506e0 [ 921.822748][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 921.830727][ C1] DR3: 000000000000000e DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 921.838705][ C1] Call Trace: [ 921.841988][ C1] [ 921.844853][ C1] rcu_core+0x612/0x1720 [ 921.849110][ C1] ? lock_chain_count+0x20/0x20 [ 921.853972][ C1] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 921.859355][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 921.864570][ C1] ? lockdep_hardirqs_on+0x98/0x150 [ 921.869782][ C1] ? rcu_cpu_kthread_park+0x90/0x90 [ 921.874983][ C1] ? __run_timers+0x781/0x7d0 [ 921.879758][ C1] ? __run_timers+0x74e/0x7d0 [ 921.884448][ C1] ? detach_timer+0x2b0/0x2b0 [ 921.889129][ C1] ? detach_timer+0x2b0/0x2b0 [ 921.893817][ C1] ? lock_chain_count+0x20/0x20 [ 921.898701][ C1] handle_softirqs+0x280/0x820 [ 921.903480][ C1] ? __irq_exit_rcu+0xc7/0x190 [ 921.908257][ C1] ? do_softirq+0x180/0x180 [ 921.912767][ C1] ? irqtime_account_irq+0xb6/0x1c0 [ 921.917984][ C1] __irq_exit_rcu+0xc7/0x190 [ 921.922582][ C1] ? irq_exit_rcu+0x20/0x20 [ 921.927096][ C1] irq_exit_rcu+0x9/0x20 [ 921.931349][ C1] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 921.937030][ C1] [ 921.939994][ C1] [ 921.942931][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 921.948930][ C1] RIP: 0010:_raw_spin_unlock_irq+0x29/0x50 [ 921.954759][ C1] Code: 00 f3 0f 1e fa 53 48 89 fb 48 83 c7 18 48 8b 74 24 08 e8 2a 73 ef f6 48 89 df e8 42 45 f0 f6 e8 8d eb 13 f7 fb bf 01 00 00 00 52 6a e3 f6 65 8b 05 33 b5 8b 75 85 c0 74 02 5b c3 e8 50 99 88 [ 921.974377][ C1] RSP: 0018:ffffc90004a1fc98 EFLAGS: 00000282 [ 921.980545][ C1] RAX: 89ae0c64cd806200 RBX: ffff88802f50ae40 RCX: 89ae0c64cd806200 [ 921.988525][ C1] RDX: dffffc0000000000 RSI: ffffffff8aaabce0 RDI: 0000000000000001 [ 921.996505][ C1] RBP: ffff88802f50b0d8 R08: ffffffff8e4a836f R09: 1ffffffff1c9506d [ 922.004583][ C1] R10: dffffc0000000000 R11: fffffbfff1c9506e R12: 1ffff11005ea161b [ 922.012592][ C1] R13: 0000000000000011 R14: dffffc0000000000 R15: 0000000000000000 [ 922.020607][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 922.025813][ C1] get_signal+0x11f5/0x1400 [ 922.030370][ C1] arch_do_signal_or_restart+0x96/0x780 [ 922.035932][ C1] ? get_sigframe_size+0x20/0x20 [ 922.040902][ C1] ? exit_to_user_mode_loop+0x3b/0x110 [ 922.046381][ C1] exit_to_user_mode_loop+0x70/0x110 [ 922.051693][ C1] exit_to_user_mode_prepare+0xf6/0x180 [ 922.057252][ C1] syscall_exit_to_user_mode+0x1a/0x50 [ 922.062726][ C1] do_syscall_64+0x61/0xb0 [ 922.067151][ C1] ? clear_bhb_loop+0x40/0x90 [ 922.071881][ C1] ? clear_bhb_loop+0x40/0x90 [ 922.078072][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 922.083974][ C1] RIP: 0033:0x7f43a038eec7 [ 922.088423][ C1] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 [ 922.108041][ C1] RSP: 002b:00007f43a11cb038 EFLAGS: 00000246 [ 922.114137][ C1] RAX: 00000000000000ca RBX: 00007f43a05e5fa0 RCX: 00007f43a038eec9 [ 922.122114][ C1] RDX: 0000000000000000 RSI: 000000000000000d RDI: 000020000000cffc [ 922.130097][ C1] RBP: 00007f43a0411f91 R08: 0000000000000000 R09: 0000000000000001 [ 922.138073][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 922.146053][ C1] R13: 00007f43a05e6038 R14: 00007f43a05e5fa0 R15: 00007ffff6503008 [ 922.154049][ C1] [ 922.157096][ C1] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 922.164375][ C1] CPU: 1 PID: 11606 Comm: syz.2.1366 Not tainted syzkaller #0 [ 922.171837][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 922.181914][ C1] Call Trace: [ 922.185197][ C1] [ 922.188046][ C1] dump_stack_lvl+0x16c/0x230 [ 922.192741][ C1] ? show_regs_print_info+0x20/0x20 [ 922.197958][ C1] ? load_image+0x3b0/0x3b0 [ 922.202518][ C1] panic+0x2c0/0x710 [ 922.206467][ C1] ? bpf_jit_dump+0xd0/0xd0 [ 922.210993][ C1] __warn+0x2e0/0x470 [ 922.215010][ C1] ? rcu_check_gp_start_stall+0x2dc/0x460 [ 922.220763][ C1] ? rcu_check_gp_start_stall+0x2dc/0x460 [ 922.226524][ C1] report_bug+0x2be/0x4f0 [ 922.230877][ C1] ? rcu_check_gp_start_stall+0x2dc/0x460 [ 922.236621][ C1] ? rcu_check_gp_start_stall+0x2dc/0x460 [ 922.242360][ C1] ? rcu_check_gp_start_stall+0x2de/0x460 [ 922.248209][ C1] handle_bug+0xcf/0x120 [ 922.252459][ C1] exc_invalid_op+0x1a/0x50 [ 922.256982][ C1] asm_exc_invalid_op+0x1a/0x20 [ 922.261834][ C1] RIP: 0010:rcu_check_gp_start_stall+0x2dc/0x460 [ 922.268186][ C1] Code: ff ff ff 48 c7 c7 a0 04 ef 96 be 04 00 00 00 e8 4a b9 6c 00 48 89 df b8 01 00 00 00 87 05 7c d9 7e 15 85 c0 0f 85 19 ff ff ff <0f> 0b 48 81 ff 80 51 d3 8c 74 47 48 c7 c0 1c b8 4a 8e 48 c1 e8 03 [ 922.287801][ C1] RSP: 0018:ffffc900001f0bb8 EFLAGS: 00010046 [ 922.293921][ C1] RAX: 0000000000000000 RBX: ffffffff8cd35180 RCX: ffffffff81702b16 [ 922.301914][ C1] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffffff8cd35180 [ 922.309901][ C1] RBP: ffffc900001f0e30 R08: 0000000000000003 R09: 0000000000000004 [ 922.317894][ C1] R10: dffffc0000000000 R11: fffffbfff2dde094 R12: 0000000000002904 [ 922.325921][ C1] R13: 1ffff110171e7a22 R14: 0000000000000a02 R15: dffffc0000000000 [ 922.333921][ C1] ? rcu_check_gp_start_stall+0x2c6/0x460 [ 922.339686][ C1] ? rcu_check_gp_start_stall+0x2c6/0x460 [ 922.345504][ C1] rcu_core+0x612/0x1720 [ 922.349791][ C1] ? lock_chain_count+0x20/0x20 [ 922.354671][ C1] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 922.360069][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 922.365287][ C1] ? lockdep_hardirqs_on+0x98/0x150 [ 922.370552][ C1] ? rcu_cpu_kthread_park+0x90/0x90 [ 922.375898][ C1] ? __run_timers+0x781/0x7d0 [ 922.380585][ C1] ? __run_timers+0x74e/0x7d0 [ 922.385276][ C1] ? detach_timer+0x2b0/0x2b0 [ 922.389960][ C1] ? detach_timer+0x2b0/0x2b0 [ 922.394642][ C1] ? lock_chain_count+0x20/0x20 [ 922.399514][ C1] handle_softirqs+0x280/0x820 [ 922.409076][ C1] ? __irq_exit_rcu+0xc7/0x190 [ 922.413855][ C1] ? do_softirq+0x180/0x180 [ 922.418367][ C1] ? irqtime_account_irq+0xb6/0x1c0 [ 922.423579][ C1] __irq_exit_rcu+0xc7/0x190 [ 922.428173][ C1] ? irq_exit_rcu+0x20/0x20 [ 922.432684][ C1] irq_exit_rcu+0x9/0x20 [ 922.436942][ C1] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 922.442590][ C1] [ 922.445522][ C1] [ 922.448457][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 922.454440][ C1] RIP: 0010:_raw_spin_unlock_irq+0x29/0x50 [ 922.460251][ C1] Code: 00 f3 0f 1e fa 53 48 89 fb 48 83 c7 18 48 8b 74 24 08 e8 2a 73 ef f6 48 89 df e8 42 45 f0 f6 e8 8d eb 13 f7 fb bf 01 00 00 00 52 6a e3 f6 65 8b 05 33 b5 8b 75 85 c0 74 02 5b c3 e8 50 99 88 [ 922.479872][ C1] RSP: 0018:ffffc90004a1fc98 EFLAGS: 00000282 [ 922.485954][ C1] RAX: 89ae0c64cd806200 RBX: ffff88802f50ae40 RCX: 89ae0c64cd806200 [ 922.493944][ C1] RDX: dffffc0000000000 RSI: ffffffff8aaabce0 RDI: 0000000000000001 [ 922.501929][ C1] RBP: ffff88802f50b0d8 R08: ffffffff8e4a836f R09: 1ffffffff1c9506d [ 922.509912][ C1] R10: dffffc0000000000 R11: fffffbfff1c9506e R12: 1ffff11005ea161b [ 922.517897][ C1] R13: 0000000000000011 R14: dffffc0000000000 R15: 0000000000000000 [ 922.525942][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 922.531155][ C1] get_signal+0x11f5/0x1400 [ 922.535693][ C1] arch_do_signal_or_restart+0x96/0x780 [ 922.541258][ C1] ? get_sigframe_size+0x20/0x20 [ 922.546220][ C1] ? exit_to_user_mode_loop+0x3b/0x110 [ 922.551692][ C1] exit_to_user_mode_loop+0x70/0x110 [ 922.557002][ C1] exit_to_user_mode_prepare+0xf6/0x180 [ 922.562559][ C1] syscall_exit_to_user_mode+0x1a/0x50 [ 922.568036][ C1] do_syscall_64+0x61/0xb0 [ 922.572461][ C1] ? clear_bhb_loop+0x40/0x90 [ 922.577144][ C1] ? clear_bhb_loop+0x40/0x90 [ 922.581827][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 922.587723][ C1] RIP: 0033:0x7f43a038eec7 [ 922.592160][ C1] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 [ 922.611789][ C1] RSP: 002b:00007f43a11cb038 EFLAGS: 00000246 [ 922.617864][ C1] RAX: 00000000000000ca RBX: 00007f43a05e5fa0 RCX: 00007f43a038eec9 [ 922.625860][ C1] RDX: 0000000000000000 RSI: 000000000000000d RDI: 000020000000cffc [ 922.633842][ C1] RBP: 00007f43a0411f91 R08: 0000000000000000 R09: 0000000000000001 [ 922.641833][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 922.649815][ C1] R13: 00007f43a05e6038 R14: 00007f43a05e5fa0 R15: 00007ffff6503008 [ 922.657815][ C1] [ 922.661131][ C1] Kernel Offset: disabled [ 922.666147][ C1] Rebooting in 86400 seconds..