last executing test programs: 11.172905881s ago: executing program 4 (id=1621): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000000480)=""/74, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000400)) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000001500)=""/173, 0x0, 0x26000}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000200)={0x28, 0x0, 0xffffffff, @my=0x1}, 0x10) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)=""/4092}) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000500)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a, 0x0, 0x6}, 0x28) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) 11.036987396s ago: executing program 4 (id=1625): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0xb, 0x0, 0x0) ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000005700)=@vmx={0x0, 0x0, 0x2080, {0x9000}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10.574888272s ago: executing program 4 (id=1628): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) socket$nl_generic(0x10, 0x3, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) r4 = add_key$user(&(0x7f0000000280), &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="ff", 0x1, r3) r5 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) keyctl$KEYCTL_MOVE(0x1e, r4, 0xffffffffffffffff, r5, 0x0) 9.576817107s ago: executing program 4 (id=1638): syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000500)='./bus\x00', 0x18418, &(0x7f0000000200)=ANY=[], 0xfe, 0x4b1, &(0x7f0000001d00)="$eJzs201sVNUbx/HfM3c6TIf+/5YXCxgCTTSxgkBfsEBqYnix0YQXLVQj8SWVTrHSdkinKCUgLNWdC5Yu3bpwZdwaEpfGhcEYFibIxs2sxB3m3LlvM5TOjG1nKP1+CJx7zzx3OOc8c+ecM5kRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQjrx6uLfPWt0KAADQTCdPj/QOMP8DALCmnGH/DwAAsJaYPP0u054LJTvhn5dlj0/OXLo8emx44cvaTaaUPD/e/c329Q/sf2nwwMGwXPz65bZNp06fOdx9tDB9cTZfLObHu0dnJs8VxvN1P8NSr6+2yx+A7ukLl8YnJord/XsHKh6+3Hlv3fquzqHB945mwtjRY8PDpxMx6bb//L8/5FEr/Iw8vSDTx99/ayclpbT0sajx2llp7X4ndvmdGD027HdkanJsZs49aKkgKlU5JplwjJqQiyVJSa5dllmePVubPP0g05F9JTslyQvHYbf/wXBd7WmFtNu6SurRKsjZY2ydPH0g0619nXojGFc//xnpaqsbhxWXDu7/gpXsTf/9wN1P7m3z+Fvdr89MFBKxlgruqNU+PzTTY/7elJWnU/4dX7IR7Wx1c9Bk7fI0LVPmq0/8dYX8delTQwd27DyUXGFsqfE8LnZvcHPVMye3BUsHS7k/y98v1Cdrnv6U6f5vWf+8J5wDpBsPFrvwj6Y0DyvNPE3J9M+1klnVvtRL7O8jq33uX9n2t2ePFi7Oz06e/2huwcdz2cMfFudmx84t/HB57+ola2rtY6ulGtuS5ay84/v801J0XbAH+F/5LG7NN1fj10JPVRlKvn7qOa57F9vAOsq1yczTXZkm3t9anmeUa3hs1gKX/2GZiqWfLcx0kP90+SyR/5fj8ctaZRnxc/v/8uda4Vpi29nNj6pfify7Nrn8vyPTkb+3Bp9plPPvVcW6uC6Z3r25PYhLZVxcOuxO+RknJqfyvS72gUwbfwpj5cfmgthNcWyfiy3K9MWtytj1QezmOLbfxd6W6c6vC8c+HccOuNh5l6873WFszsXuCGK74ti95wpT47WG1eW/X6a3r79mYZ8fmf/E/X+jqow8lPPFj5cr/52JuhtBXs8G+U/XyP+XMs3/tT3stz/24ctqg/9vnH+3Vv7uZmVsuKHcGMf21dutVnP53yDTvVduR30O+hacxhlK5v+ZdGUZjWuL8r8hUdcZtCvT4FisRcX5KxfGpqbysxxwwAEH0UGr35nQDG7+H3Gz+qBn4TommP87ymfxiun+Z/H8P1RVRlo0/29M1A0Fq5a2tJSdm77YtkXKFuev7JmcHjufP5+fGdg/2Nt/aH/vwMG2TLi4i4/qHrsngcv/bpmu/fhLtI+pXP8tvP7PVZWRFuV/U7JPFeuauodiTXL575Bp8O7taL+52Po/3P/3PFtZRvdfi/K/OVHXGbSro8GxAAAAAAAAAAAAAAAAAIDVJGeenpPp8siLFv6GqJ7v/41XlZHl//5X+YfJNb7/1ZWoG2/S7xoaGmgAAAAAAAAAAIAmScnT1zI9r5JddxUd0olkiSfavwEAAP//G6xIAA==") setrlimit(0x1, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r0 = syz_clone(0x0, 0x0, 0x21, 0x0, 0x0, 0x0) r1 = syz_open_procfs(r0, &(0x7f0000000000)='io\x00') pread64(r1, &(0x7f0000000500)=""/31, 0x1f, 0x40000000007) ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f00000000c0)=@usbdevfs_connect={0x10001}) socket$inet(0xa, 0x1, 0x0) sync() r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x400}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_TTL={0x5}, @IFLA_IPTUN_TOS={0x5, 0x5, 0x1}]}}}]}, 0x40}, 0x1, 0xffffffea, 0x0, 0x4000}, 0x48044) truncate(&(0x7f0000000340)='./file1\x00', 0x20fffbfffc) 7.398797583s ago: executing program 4 (id=1645): r0 = syz_usb_connect$uac3(0x0, 0x80, &(0x7f0000000100)=ANY=[@ANYBLOB="1201010200000040b421810040000102030109026e0003017f0006080b0002012230230904000000010130000a2401100a00090000000904014cbcda4430000904010101010230000905010960"], &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) syz_usb_control_io$uac3(r0, 0x0, &(0x7f00000002c0)={0x44, &(0x7f0000000600)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x8, 0x5ac, 0x236, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x7d, 0xa0, 0x8, "", [{{0x9, 0x4, 0x0, 0x79, 0x1, 0x3, 0x1, 0x1, 0x44, {0x9, 0x21, 0x8, 0x77, 0x1, {0x22, 0xfae}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x3, 0x8, 0x8}}}}}]}}]}}, 0x0) syz_usb_control_io(r1, 0x0, 0x0) syz_usb_control_io$uac3(r0, 0x0, &(0x7f00000007c0)={0x44, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 5.256964747s ago: executing program 4 (id=1661): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSIGACCEPT(r0, 0x5607, 0x1) 4.59265984s ago: executing program 32 (id=1661): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSIGACCEPT(r0, 0x5607, 0x1) 3.219297518s ago: executing program 1 (id=1670): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000b00), 0x1, 0x4d6, &(0x7f0000000b40)="$eJzs3c9vVFsdAPDv3P6kFFqUxB9RQQTREGbaARrCwuBGYwiJkbhyAbUdmqYznaYzRVpZlP/BRBJX+ie4MHFhwsq9O90ZE1yYoBINfclbzMuduYVSZub18coM6Xw+yc3cc8/c+z2Hcs+5fIfOCWBgnY2I7YgYjYh7ETGVHc9lW9xsben7Xr54tLDz4tFCLkbjzn9yzfr0WOw5J3U8u+Z4RPzkhxE/z70dt7a5tTJfLpfWs3KhXlkr1Da3/rFcmV8qLZVWi8W52bmZ61euFQ+tr2cqv3/+g+VbP/3TH7/+7C/b3/1l2qzJrG5vP/aaPtilhzpVtLo+8ipOajgibn2Whn/AhrL+jPa7IbyTJCK+EBHn0vu/0e/WAAC90GhMRWNqbxkAOOqSZg4sl+SzXMBkJEk+38rhnY6JpFyt1S/dr26sLrZyZdMxktxfLpdmslzhdIzk0vJslivbLRf3la9ExKmI+NXYsWY5v1AtL/bzwQcABtjxffP//8da8z8AcMSN97sBAEDPmf8BYPCY/wFg8Jj/AWDwmP8BYPCY/wFg8Jj/AWCg/Pj27XRr7GTff734YHNjpfrg8mKptpKvbCzkF6rra/mlanWp+Z09lU+7XrlaXZu9GhsPC/VSrV6obW7drVQ3Vut3m9/rfbc00pNeAQDdnDrz9G+5iNi+cay5xZ61HMzVcLQl/W4A0DcdF64CjrzhfjcA6Bv/xgfaLNH7yki3/yL0pOtpwAfs4lfk/2FQyf/D4JL/h8El/w+Dq9HIWfMfAAaMHD/Q7fP/eLfP/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODIm2xuuSSfrQU+GUmSz0eciIjpGMndXy6XZiLiZET8dWxkLC3PpieO9rvlAMC7S/6Vy9b/ujh1fnJ/7Wjuo7HIpvtf/ObOrx/O1+vrs+nx/44dy95Tf5IdL3YNZKlBAOiT3Xl6dx7f9fLFo4XdrZftef791uKiadydbGvVDMdw83W8+eAw8b9cVm5Jn1eGDiH+9uOI+HK7/ueauZHpbOXT/fHT2Cd6Gj95I37SrGu9pn8WXzyEtsCgeZqOPzfb3X9JnG2+tr//x5sj1Oe3O/7tvDX+Ja/Gv6EO49/Zg8a4+ucfdax7HPHV4Xbxc9nwOn7hex3inz9g/L9/7Rvn3jzztcZvIy5G2/hvnFGoV9YKtc2ty8uV+aXSUmm1WJybnZu5fuVasdDMURd2M9Vv+/eNSye79X+iQ/zWT368Gb9d/y8csP+/+/jez77ZJf53vtX+53+6S/x0Tvz2AePPT/yh4/LdafzF9v3Pzunc/0sHjP/sn1uLB3wrANADtc2tlflyubRup2c76bPbB9AMO33bSf8GHMZ1vvQem9rvkQl4317f9P1uCQAAAAAAAAAAAAAA0EkvfuGp330EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6PokAAD//zpy1fY=") unlink(&(0x7f0000000080)='./file1\x00') 3.008963155s ago: executing program 3 (id=1672): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x8, &(0x7f0000000000)={[{@lazytime}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x9}}]}, 0x2, 0x53a, &(0x7f0000000c80)="$eJzs3c9vI1cdAPDvOPHmR7NNCj0AArqUwoJW6yTeNqp6YXsBoaoSouLEYRsSN4pir6PYK5qwh+yReyVW4gT8B9w4IPXEgRs3kDj0Ug5IC6xADRIHoxlPEjexE7dJ7ST+fKTJzHszO9/34n3veV5kvwBG1o2I2I2IaxHxdkTM5vlJvsXd9pZe99HThyt7Tx+uJNFqvfXPJDuf5kXHv0k9k99zMiJ++L2InyTH4za2dzaWq9XKVp6eb9Y25xvbO7fXC3lOeWlxaeHVO6+Uz62uL9R+++S762/86Pe/+8qHf9r99s/SYs38/Hp2rrMeh4pnjpnk95npyBuPiDfOfOeLYzz//8Plk7a2z0XEi1n7n42x7NUEAK6yVms2WrOdaQDgqkuf/2ciKZTyuYCZKBRKpfYc3vMxXajWG81bs/UH91cjm8Oai2LhnfVqZSGfK5yLYpKmF7Pjw3T5Y+n3Knci4rmIeG9iKjtfWqlXV4f5xgcARtgzR8b//0y0x/9OZ/8rGABw4UwOuwAAwMB1jP9zwywHADA4nv8BYPR8gvHfpwMB4Irw/A8Ao8f4DwCj59Tx/9FgygEADMQP3nwz3Vp77e+/3v+m7turlcZGqfZgpbRS39osrdXra9VKaaXVOu1+1Xp9c/Hlg2Rje+derf7gfvPeem15rXKv4rsEAGD4nnvh/b+kg/7ua1PZFh1rORir4WorDLsAwNCMDbsAwND4PA+Mrj6e8U0DwBXXZYnetnyCIOl1wWOLv8JldfOL5v9hVJ1l/t/cAVxun27+/zvnXg5g8IzhMLparcSa/wAwYszxAz3//p/r+RUhj/u4+d1PXh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4DGayLSmUsrXAd9OfhVIp4npEzEUxeWe9WlmIiGcj4s8TxYk0vTjsQgMAZ1T4e5Kv/3Vz9qWZo2evJf+dyPYR8dNfvvWLd5ebza3FNP9fB/nNx2n+VHOrfG0YFQAAOu2vu/nBYVY2fpfzfceD/EdPH67sb4Ms4pPXI2JyKou/l2/tM+Mxnu0noxgR0/9O8nRb+n5l7Bzi7z6KiC/s138y3u2IMJPNgbRXPj0aP419/dzjd/7+j8YvfKy+hexcui9mv4vPx5HCAad6//V2P5m3vbSJ5+2vEDeyfff2P5n1UGeX9n9pc9071v8VDvq/sWPxk6zN3zhIn1ySJy//4fvHMluz7XOPIr403i1+chA/6d7/Fl/qs44ffPmrL/Y61/pVxM2u9d9fkbqWdbPzzdrmfGN75/Z6bXmtsla5Xy4vLS4tvHrnlfJ8Nkfd/vnHbjH+8dqtZ3vFT+s/3SP+5Mn1j2/0Wf9f/+/tH3/thPjf+nr31//5E+KnY+I3+4y/PH235/LdafzVHvU/5fWPW33G//BvO6t9XgoADEBje2djuVqtbJ1ykL7XPO0aB/0fpM/2F6AY2UHsRpzXDbNJiYjoek36jvpiVPmzOkiGFv03533DYfdMwGftsNH3vuavgywQAAAAAAAAAAAAAABwTGN7Z2Oi+6e1zu1g2HUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6vp/AAAA//9W1cZQ") setxattr$incfs_metadata(&(0x7f0000000f80)='./file0\x00', &(0x7f0000000fc0), 0x0, 0x0, 0x0) listxattr(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)=""/246, 0xf6) 3.008820235s ago: executing program 0 (id=1673): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0) mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x2) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x110}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f00000001c0)={&(0x7f0000a67000/0x1000)=nil, &(0x7f0000ffb000/0x2000)=nil, 0x1000}) 2.903579039s ago: executing program 0 (id=1674): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) shutdown(r0, 0x0) recvmmsg(r0, &(0x7f00000004c0), 0xf02, 0xf0, 0x0) ppoll(&(0x7f0000000640)=[{r0, 0x4490}], 0x1, 0x0, 0x0, 0x0) 2.552701191s ago: executing program 3 (id=1675): syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000200)={[{@quota}, {@debug}]}, 0x1, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M") r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000040)={0x19, 0x5, 0xb, 0x6, 0xfffffff0, 0x8001}) 2.380386647s ago: executing program 2 (id=1676): syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f00000002c0)={[{@shortname_lower}, {@fat=@check_strict}, {@fat=@dmask={'dmask', 0x3d, 0x40}}, {@rodir}, {@utf8}, {@iocharset={'iocharset', 0x3d, 'macgreek'}}, {@utf8}, {@uni_xlate}, {@fat=@nfs}, {@utf8no}, {@shortname_mixed}, {@fat=@codepage={'codepage', 0x3d, '866'}}, {@utf8no}, {@utf8no}, {@utf8no}, {@shortname_mixed}]}, 0x1, 0x38c, &(0x7f00000015c0)="$eJzs3U+IW8UfAPBv+pLdTeHX3cMPioISvQm69A8eFA9byhaKuaiEVg9isFuUzVrYYHB7aLpexKPgUUHwIh704KFnERTx5sGrVbQqHrS3gsWRJC/Ja5PdrtRtXfx8DuWb78y8mXmdTd6+R2ZfuJ5Wz1Ti7NWrV2JurhTlpeNLca0UC5HF0MWYNDMlBwDsDddSit/TwCiZTYnGSndoaADALul9/qduMfP659vVTz79AWDPy3//r25XZ24y9eMTvX/P7d64AIDdM3H//8Fx2f2Dx/yFR/3lqQ8EAIC95Zlnn3vyWD3i6WptLmLtjU6j04jHx+XHzsbL0YqVOBTzcT1icKGQUjr9ff/FiZP15UO1Wq0bPy1EIyLe6zQi1rqdxuBK4VjWbz8bh2M+FvL2+dVGSik78Ul9+XCtLyIudvv9x1qp06jE/rz/b/fHShyJWvx/on3EyfrykVp+gMbasH03YnN836I3/sWYj69fjHPRijPVU5HS8LKmvnzhcK12PNVvaN9pzMaZ0VmYcgcEAAAAAAAAAAAAAAAAAAAAAABuw2JtZGG0/00a79+zuDilvL8/zqB9vj/Q5mB/oDSbIqXfXnuk8WY22KtnuD/QzfvzdBrl2Hd3pw4AAAAAAAAAAAAAAAAAAAD/Gu2NmWi2Wivr7Y3zq8Wgu97e2BcRvcwrX370WTUm69wiKOd9FIpqeer8ajNlw8opu6FOHmS9zoeZDy+NRlysMzuaxdRh9IrbM1vU+d8DP7wzztyXDY/857hOFtMnmN00jGFQiYi1AxFRjRgVVcZT3vKMHc2DI7c4q5dTSlsd58Lzk62iFFH++/9x2wepF3xx5aV7jrYPPtrPfJoGHnp4/tTlt9//ZbXZ6vXc0/pgZr19Pa0289fTF9tKqbxFp1lh/ZTyc1gqroTydkPdvDHTzL759fS9b321s5mmYubVKXWywXQ+Xm9vlPKflH7RzCDo5W5qVW2dzCLOL0XxOJUpi//2gqmL7eC7S81LF777eafHKbxJjDfqqP7T7z8AAAAAAAAAAAAAAAAAAMBY4bviufzLvpXtWj32VB7M7e7oAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODOGP/9/0KwOZHZSfBHNyaLZlfW2xEH7vY0AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4j/srAAD//x9pY8c=") open(&(0x7f0000000040)='.\x00', 0x20000, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x54, 0x0, 0x1, 0x505, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x30, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x14, 0x4, @mcast2}}}]}, @CTA_HELP={0x10, 0x5, 0x0, 0x1, {0xa, 0x1, 'Q.931\x00'}}]}, 0x54}}, 0x0) r4 = epoll_create1(0x0) epoll_wait(r4, &(0x7f0000000000)=[{}], 0x1, 0x3) syz_emit_ethernet(0x36, &(0x7f00000002c0)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x10}}}}}}, 0x0) openat(0xffffffffffffff9c, 0x0, 0x129942, 0x18) 2.380171547s ago: executing program 1 (id=1677): r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x0, &(0x7f0000000000), 0x0, 0x248, &(0x7f0000000940)="$eJzs3T9oFFkcB/DfzO5eLsly5O6ag4O7g+M47gIh1x3YxEYhICGICCpERGyURIgJdomVjYXWKqlsgtgZrdMEG0Ww8k+K2AgaLAwWWqzsTiLRbDBxN7uS+Xxg2JnZee/3hp3v221mNoDc6omIgYgoRERvRJQiIll/wB/Z0rO6OdO5MBJRqRx8ndSOy7Yza+26I2I6Iv6PiPk0idPFiMm5o0tvH+//+9JE6a8bc0c6W3qSq5aXFg+sXB+6eHvwv8kHj14OJTEQ5U/Oq/mSOvuKScRPO1HsG5EU2z0CtmL4/K0n1dz/HBF/1vJfijSyD+/y+Hfzpfj32mZtr7x6+Gsrxwo0X6VSqn4HTleA3EkjohxJ2hcR2Xqa9vVlv+GfFrrSM2Pj53pPjU2Mnmz3TAU0Szlicd/djjvdn+X/RSHLP7B7VfN/aHj2WXV9pdDu0QCtVM1/7/Gpf0L+IXfkH/JL/iG/5B/yS/4hv+Qf8kv+Ydf4frsN5B/yS/4hv+Qf8mt9/gGAfKl0tPsOZKBd2j3/AAAAAAAAAAAAAAAAAAAAG810LoysLa2qee9qxPLeiCjWq1+o/R/x2qNNu94k1cM+SrJmDTn2e4MdNOjmDt59vZVHuv3wfOfqb8X935rZW3nbLaZGI6YvRER/sbjx+ktWr7+v9+MX3i+daLBAg/Ycbm/997Otq1Wqs2+wkmQr/fXmnzR+qb3Wn3/Km/S5HWffNdgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALfMhAAD//+M2bGo=") ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000480)={@id={0x2, 0x0, @a}, 0x40, 0x0, '\x00', @a}) mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='mnt/encrypted_dir\x00', 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x800, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f00000006c0)=@v2={0x2, @adiantum, 0x3, '\x00', @a}) chdir(&(0x7f0000000700)='mnt/encrypted_dir\x00') openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0) 1.340949093s ago: executing program 0 (id=1678): r0 = socket$inet_icmp(0x2, 0x2, 0x1) bind$inet(r0, &(0x7f0000005380)={0x2, 0x4e20, @multicast1}, 0x10) 1.216379718s ago: executing program 2 (id=1679): openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x98000, 0x1a7) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1}) ioctl$TUNSETCARRIER(r0, 0x400454e2, &(0x7f0000000100)) ioctl$TUNSETCARRIER(r0, 0x400454e2, &(0x7f0000000300)=0x1) r1 = open(0x0, 0x222400, 0x120) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) readahead(r1, 0x2, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r2, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0xa01, 0x0, 0x101, 0x100}}) syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x2a0471a, &(0x7f0000000140)={[{@errors_remount}]}, 0x82, 0x4b1, &(0x7f00000007c0)="$eJzs3EtoHVUfAPD/TF5f3/m0aluLRosYfCRNWrULN4qCi4qKLqquYpKW0rSRJoIppY0idSNIQdfqUnDpyp0bUVeC4Er3UinaTau4uDJzZ9qbm9zmdXNv2vx+MMk5c2buOWfOPM6ck5sANqy+7EcSsTUifo2IHdXo3A36qr+uXTk7+veVs6NJVCqv/hkRsxFXr5wdLTct99tSRPrTiPSDpMhkrqmZMydGJibGTxfxwemTbw9OzZx5/PjJkWPjx8ZPDR86dPDA0FNPDj/RlHpm9bq659zk3t0vvH7xxdEjF9/64ausvFuL9Np6rEj3/FV9WcX/quTq0x6KTavKbr3ZVhNOOttYEJalIyKy5urKrv9KpXK+Jm1HPP/+IrtvWePiAWsoezb1LLC+eC7OVhpKbpoK3AqSaHcJgPYon/fZ+2+5tLD70XaXn6m+AGX1vlYs1ZTOSIttuureb5upLyKOzP7zWbZEM8YhAAAW8dHop4fjsbL/t6mm/5HG3dXAH9mP7cUcSm9E/D8i7oiIOyNiZ0TcFZFve0/E17uWkmnNBEH91ND8/k96qW6Tps4uZP2/p/PaVl2rqX+ht6OIbcvr35UcPT4xvr84Jv3R1ZPFh26Sx7fP/fxxo7Ta/l+2ZPmXfcGiHJc66wboxkamR/JOaRNcfi9iT2f8W6lU6vq/yfUDnUTE7ojYs7yP3l4Gjj/y5d5GGy1e/3kfd0MTzoTKFxEPV9t9NurqX0rmz092b7sxPzn4v5gY3z9YnhXz/fjThZcb5b/0+q+NrP03F+d9sRQpn88Ugd43a+drp6LBzOXWhnlc+O3Dhu80Kz3/u5PX8vtROe367sj09OmhiO7kcB6fs374xr5lvNw+q3//vojI8sjrX+6Z5ve4KNr/3ojYW8yX3RcR9xdlfyAiHoyIfQ1rH/H9s43T1kP7j9W0fxL15/+uc9XfZfvPLDvQceK7bxrlv7T2P5iH+os1+f1vEUst4MqPHAAAANw60nzkJkkHrofTdGCg+oe9O2NzOjE5Nf3o0cl3To1VR3h6oystR7p21IyHDiWzxSdW48PFWHGZfqAYN/6kI/L4wOjkxFib6w4b3ZYG13/m9452lw5YcwvNow0v8IU24PZTf/2nc6PnX2plYYCW8n1t2LgWuf7TVpUDaD3Pf9i4Frr+z9fFzQXA7cnzHzauJV//ydqWA2g9z3/YuOqu/474pV0lAVpoBV/nF1g3gVcGlrNXTzQz90jXyUGoD5T/nqQmaen/D+KmgZ7Vl/CNVRYjjVYdzDbfmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJrkvwAAAP//6vXgVA==") rt_sigprocmask(0x2, 0x0, 0x0, 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r3, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6) bind$bt_hci(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0xffffffffffffffff}, 0x67) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000040)={0x36, &(0x7f00000000c0)=[{0x7}, {0x3, 0x5, 0x2c, 0x4}, {0xfac3, 0x2, 0x4, 0x2}, {0x77cf, 0x7f, 0x1, 0x80000001}, {0x7, 0x11, 0xcf, 0x7}]}) bind$bt_hci(r4, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) write$bt_hci(r4, &(0x7f0000000040)=ANY=[], 0x6) 1.15731093s ago: executing program 0 (id=1680): setregid(0xee00, 0x0) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, 0x0, 0x0) r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000005c0)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000e00)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000140)={0x4c, 0x0, &(0x7f0000000540)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x48, 0x18, &(0x7f00000004c0)={@flat=@weak_binder={0x77622a85, 0x100}, @fd={0x66642a85, 0x0, r2}, @flat=@weak_binder={0x77622a85, 0xb, 0x80000000003}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0}) prlimit64(0x0, 0x7, &(0x7f0000000ec0), 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000680)={0x8, 0x0, &(0x7f00000001c0)=[@decrefs={0x40046307, 0x2}], 0x1, 0x1000000000000, &(0x7f0000000340)="cb"}) 1.002012895s ago: executing program 2 (id=1681): r0 = creat(&(0x7f0000000000)='./file0\x00', 0x18) r1 = fanotify_init(0x40, 0x80000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x1, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 983.867526ms ago: executing program 1 (id=1682): syz_mount_image$erofs(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x20404a, &(0x7f00000003c0)=ANY=[], 0xfd, 0x1e1, &(0x7f0000000140)="$eJzslr+v0lAUx7/3tilgNCaOLg6SqIOlLWpcTGRxcjDxB3EwkWglCEoCDEJikPgHuJs4OLj7D5jo6h9h0MkFN5c3vL7cH6X3EQo8+oDhnU/C4dtyenruOTfnAoIgTix/fv8fR8hLfRpF5PT9v1biww3/X/l/b3/cvVP98OTLz9zYLcyLGUWrv98G8L1ioTd99vDTRf39AHyqH4LjitZVMLhaPwXHI61DMDzW+qWh28LfdV80WqH7rO1ACE8YX5hAmPJsfpMRw3MjP2b83u0PmrVWK+xsUCyr36TCccvIz+yXC5WtZ9TPB4evdRkM97W+iVxcG1USY/3n7SS+tXD9DjKt9v1yH5HKESKfO5PaKgfAeqkCbBrwEzI1GO/0lt3kHkoRFqSIO3pMka0trUJs9CU+sLdeVZatmOv04ttt9Ux8Jxqqa+lzNiVgNFzxFQ7WqUYyn6LPDJeM+aRGyUd51IgWlrr9wdXGq1o9rIevg6B8w7vmedeDkhxEyi6YfwU5n04l8eeeSQKHOXhT6/U6vrT74qiRKlB23sTlAJ+MOC5fVNeiuc5M3Lyhmf7YsMHU7G1+Tc2eIAhid1wA24s0diz0aQLjv+69HeZIEARBEARBEARBEEQ2DgIAAP//h/pGVw==") syz_mount_image$exfat(&(0x7f00000005c0), &(0x7f0000000240)='./bus\x00', 0x3010050, &(0x7f0000000600)=ANY=[], 0x41, 0x14fe, &(0x7f0000000700)="$eJzs3Au0ztXWMPA511p/NklPkvuaa/55kssiSXJJSCRJkiS5JSRJkoTEJrckJCH3JPeQ3GIn9/st9yQ5kiQJCUnWN3Q6n/e8nfftnO+c7/V9Z8/fGGvsNff/mfNZa889nv9ljL2/7Ti4av1qlesyM/xT8M9fUgEgBQD6AcA1ABABQKlspbIBDoNMGlP/uTcR/1oPTbvSKxBXkvQ/fZP+p2/S//RN+p++Sf/TN+l/+ib9T9+k/0KkZ1un575WRvod/3PP/0Ge//8/R87//0YOFxvz5fpi13f6B1Kk/+mb9D99k/6nb9L/9E36n75J///NRQCV/pvD0v/0TfovRHp2pZ8/y7iy40r//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESB/OhcsMAPxlfqXXJYQQQgghhBBCiH+dkPFKr0AIIYQQQgghhBD/9yEo0GAgggyQEVIgE2SGqyALXA1Z4RpIwLWQDa6D7HA95ICckAtyQx7IC/nAAoEDhhjyQwFIwg1QEG6EQlAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6AiVILKcCdUgbugKlSDu6E63AM14F6oCfdBLbgfasMDUAcehLrwENSDh6E+PAIN4FFoCI2gMTSBpv9H+S9CV3gJukF3SIUe0BNehl7QG/pAX+gHr0B/eBUGwGswEAbBYHgdhsAbMBTehGEwHEbAWzASRsFoGANjYRyMh7dhArwDE+FdmASTYQpMhWkwHWbAezATZsFseB/mwAcwF+bBfFgAC+FDWASLIQ0+giXwMSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVPYBtshx2wE3bBbtgDn8Je+Az2weewH774B/PP/qf8TggIqFChQYMZMAOmYApmxsyYBbNgVsyKCUxgNsyG2TE75sAcmAtzYR7Mg/kwHxISMjLmx/yYxCQWxIJYCAthESyCHj0Wx+JYAm/GklgSS2EpLI2lsQyWxbJYHstjBayAFbEiVsbKWAWrYFWsinfj3XgP1sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYEBtiY2yMTbEpNsNm2BybY0tsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yInbAzdsYX8UV8CV/C7lhF9cCe2BN7YS/sg32xL76C/fFVfBVfw4E4CAfj6/g6voFD8QwOw+E4AkdgBTUKR+MYZDUOx+N4nIATcCJOxEk4GSfjVJyG03EGzsCZOAtn4fs4Bz/AD3AezsMFuBAX4iJcjGmYhkvwLC7FZbgcV+BKXIUrcQ2uxTW4HjfgetyEm3ALbsFP8BPcjttxJ+7E3bgbP8VP8TP8DAfiftyPB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAGfz/N1vd2F1w0EdYlRRmVQGVSKSlGZVWaVRWVRWVVWlVAJlU1lU9lVdpVD5VC5VC6VR+VR+VQ+RYoUq1jlV/lVUiVVQVVQFVKFVBFVRHnlVXFVXJVQJVRJVVKVUreq0uo2VUaVVS18eVVeVVAtfUVVSVVWlVUVdZeqqqqpaqq6qq5qqBqqpqqpaqlaqrZ6QNVRPbAPPqQudaa+GoQN1GBsqBqpxqqJegMfU83UUGyuWqiW6gk1HIdha9XMt1FPq7ZqNLZTz6ox+JzqoMZhR/WC6qQ6qy7qRdVVNffdMvz2EaimYi/VW/VRfdVMvEtd6lhV9ZoaqAapwep1tQDfUEPVm2qYGq5GqLfUSDVKjVZj1Fg1To1Xb6sJ6h01Ub2rJqnJaoqaqqap6WqGek/NVLPUbPW+mqM+UHPVPDVfLVAL1YdqkVqs0tRHaon6WC1Vy9RytUKtVKvUarVGrVXr1Hq1QW1Um9RmtUVtVZ+obWq72qF2ql1qt9qjPlV71Wdqn/pc7VdfqAPqT+qg+lIdUl+pw+prdUR9o46qb9Ux9Z06rr5XJ9RJdUr9oE6rH9UZdVadUz+p8+pndUH9oi6qoECjVlproyOdQWfUKTqTzqyv0ln01TqrvkYn9LU6m75OZ9fX6xw6p86lc+s8Oq/Op60m7TTrWOfXBXRS36AL6ht1IV1YF9FFtdfFdHF9ky6hb9Yl9S26lL5Vl9a36TK6rC6ny+vbdQV9h66oK+nK+k5dRd+lq+pq+m5dXd+ja+h7dU19n66l79e19QO6jn5Q19UP6Xr6YV1fP6Ib6Ed1Q91IN9ZNdFP9mG6mH9fNdQvdUj+hW+kndWv9lG6jn9Zt9TO6nX5Wt9fP6Q76ed1Rv6A76c66i/5FX9RBd9PddaruoXvql3Uv3Vv30X11P/2K7q9f1QP0a3qgHqQH69f1EP2GHqrf1MP0cD1Cv6VH6lF6tB6jx+pxerx+W0/Q7+iJ+l09SU/WU/RUPU1P131+qzT778h/52/kD/j13bforfoTvU1v1zv0Tr1L79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9En9k/5Bn9Y/6jP6rD6rf9Ln9Xl94befARg0ymhjTGQymIwmxWQymc1VJou52mQ115iEudZkM9eZ7OZ6k8PkNLlMbpPH5DX5jDVknGETm/ymgEmaG0xBc6MpZAqbIqao8aaYKW5u+qfz/2h9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL132RSpSkYlMlCHKEKVEKVHmKHOUJcoSZY2yRokoEWWLskXZo+ujHFHOKFeUO8oT5Y1SwUYUuYijOMofFYiS0Q1RwejGqFBUOCoSFY18VCwqHt0UlYhujkpGt0Sloluj0tFtUZmobFQuKh/dHlWI7ogqRpWiytGdUZXorqhqVC26O6oe3RPViO6Nakb3RbWi+6Pa0QNRnejBqG70UFQvejiqHz0SNYgejRpGjaLGUZOo6b+0fghncj7uu9nuNtX2sD3ty7aX7W372L62n33F9rev2gH2NTvQDrKD7et2iH3DDrVv2mF2uB1h37Ij7Sg72o6xY+04O96+bSfYd+xE+66dZCfbKXaqnWan2xn2PTvTzrKz7ft2jv3AzrXz7Hy7wC60H9pFdrFNsx/ZJfZju9Qus8vtCrvSrrKr7Rq71q6z6+0Gu9FuspvtFrvVfmK32e12h91pd9nddo/91O61n9l99nO7335hD9g/2YP2S3vIfmUP26/tEfuNPWq/tcfsd/a4/d6esCftKfuDPW1/tGfsWXvO/mTP25/tBfuLvWjDpYv7S6d3MmQoA2WgFEqhzJSZslAWykpZKUEJykbZKDtlpxyUg3JRLspDeSgf5aNLmJjyU35KUpIKUkEqRIWoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qBKVInupDvpLrqLqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVCKU5DZXeWyuKtdVneNS3GZ3KU4AoBLcS6X2+VxeV0+Z10Ol/OvYnLOFXKFXRFX1HlXzBV3N/0uLuPKunKuvLvdVXB3uIq/i6u7e1wNd6+r6e5z1dzdfxXXcve72u4RV8c96uq6Rq6ea+Lqu0dcA/eoa+gaucauiWvlnnSt3VOujXvatXXP/C5e5Ba7tW6dW+82uL3uM3fO/eSOum/defez6+a6u37uFdffveoGuNfcQDfod/EI95Yb6Ua50W6MG+vG/S6e4qa6aW66m+HeczPdrN/FC92Hbo5Lc3PdPDffLfg1vrSmNPeRW+I+dkvdMrfcrXAr3Sq32q3532td4Ta5zW6L2+M+ddvcdrfD7XS73O5f40v72Oc+d/vdF+6I+8YddF+6Q+6YO+y+/jW+tL9j7jt33H3vTriT7pT7wZ12P7oz7uyv+7+09x/cL+6iCw4YWbFmwxFn4Iycwpk4M1/FWfhqzsrXcIKv5Wx8HWfn6zkH5+RcnJvzcF7Ox5aJHTPHnJ8LcJJv4IJ8IxfiwlyEi7LnYlycb+ISfDOX5Fu4FN/Kpfk2LsNluRyX59u5At/BFbkSV+Y7uUoIXJWr8d1cne/hGnwv1+T7uBbfz7X5Aa7DD3Jdfojr8cNcnx/hBvwoN+RG3JibcFN+jJvx49ycW3BLfoJb8ZPcmp/iNvw0t+VnuB0/y+35Oe7Az3NHfoE7cWfuwi9yV36Ju3F3TuUe3JNf5l7cm/twX+7Hr3B/fpUH8Gs8kAfxYH6dh/AbPJTf5GE8nEfwWzySR/FoHsNjeRyP57d5Ar/DE/ldnsSTeQpP5Wk8nWfwezyTZ/Fsfp/n8Ac8l+fxfF7AC/lDXsSLOY0/4iX8MS/lZbycV/BKXsWreQ2v5XW8njfwRt7Em3kLb+VPeBtv5x28k3fxbt7Dn/Je/oz38ee8n7/gA/wnPshf8iH+ig/z13yEv+Gj/C0f4+/4OH/PJ/gkn+If+DT/yGf4LJ/jn/g8/8wX+Be+yIEhxljFOjZxFGeIM8YpcaY4c3xVnCW+Os4aXxMn4mvjbPF1cfb4+jhHnDPOFeeO88R543yxjSl2McdxnD8uECfjG+KC8Y1xobhwXCQuGvu4WFw8vikuEd8cl4xviUvFt8al49viMnHZ+JH7yse3xxXiO+KKcaW4cnxnXCW+K64aV4vvjqvH98Q14nvjmvF9ccn4/rh2/EBcJ34wrhs/FNeLH47rx4/EDeJH44Zxo7hx3CRuGj8WN4sfj5vHLeKW8RNxq/jJuHX8VNwmfjpuGz/zh8dT4x5xz/jl+OU4hHv1/OSC5MLkh8lFycXJtORHySXJj5NLk8uSy5MrkiuTq5Krk2uSa5PrkuuTG5Ibk5uSm5NbkiFUywgevfLaGx/5DD6jT/GZfGZ/lc/ir/ZZ/TU+4a/12fx1Pru/3ufwOX0un9vn8Xl9Pm89eefZxz6/L+CT/gZf0N/oC/nCvogv6r0v5ov7Jr6pb+qb+cd9c9/Ct/RP+Cf8k/5J/5R/yj/t2/pnfDv/rG/vn/Md/PP+ef+C7+Q7+y7+Rd/Vv+S7+e4+1af6nr6n7+V7+T6+j+/n+/n+vr8f4Af4gX6gH+wH+yF+iB/qh/phfpgf4Uf4kX6kH+1H+7F+rB/vx/sJfoKf6Cf6SX6Sn+Kn+Gl+mp/hZ/iZfqaf7Wf7OYXm+Ll+rp/v5/uFfqFf5Bf5NJ/ml/glfqlf6pf75X6lX+lX+9V+rV/r1/v1fqPf6Df7zX6r3+q3+W1+h9/hd/ldfo/f4/f6vX6f3+f3+/3+gD/gD/qD/pD/yh/2X/sj/ht/1H/rj/nv/HH/vT/hT/pT/gd/2v/oz/iz/pz/yZ/3P/sL/hd/0Qc/PvF2YkLincTExLuJSYnJiSmJqYlpiemJGYn3EjMTsxKzE+8n5iQ+SMxNzEvMTyxILEx8mFiUWJxIS3yUWJL4OLE0sSyxPLEisTKxKhFC3m1xyB8KhGS4IRQMN4ZCoXAoEooGH4qF4uGmUCLcHEqGW0KpcGsoHW4LZULZUC48GhqGRqFxaBKahsdCs/B4aB5ahJbhidAqPBlah6dCm/B0aBueCe3Cs6F9eC50CM+HjuGF0Cl0Dl3Ci6FreCl0C91DaugReoaXQ6/QO/QJfUO/8EroH14NA8JrYWAYFAaH18OQ8EYYGt4Mw8LwMCK8FUaGUWF0GBPGhnFhfHg7TAjvhInh3TApTA5TwtQwLUwPM8J7YWaYFWaH98Oc8EGYG+aF+WFBWBg+DIvC4pAWPgpLwsdhaVgWlocVYWVYFVaHNWFtWBfWhw1hY9gUNoctYWv4JGwL28OOsDPsCrvDnvBp2Bs+C/vC52F/+CIcCH8KB8OX4VD4KhwOX4cj4ZtwNHwbjoXvwvHwfTgRToZT4YdwOvwYzoSz4Vz4KZwPP4cL4ZdwUf5mTQghhBDi76L/4HiPv/G9DACgfpv3BICrt+c+/J9rbszx53lvladVAgCe7t7xob+MKlVSU1N/e+1SDVGBeQCQ+Ov6f4mXQUt4EtpACyjxN9fXW3U+z39QP3krQOb/kJMCl+PL9W/+L+o/9sSIRaXjc9n+m/rzAAoVuJyTCS7Hl+uX/C/q52z2B+vP9OV4gOb/IScLXI4v1y8Oj8Mz0OavXimEEEIIIYQQQvxZb1Wu/R/dP1+6P89jLudkhMvxH92fCyGEEEIIIYQQ4sp7rnOXpx5r06ZF+79vgr89F/jHsmQiE5n8fza50p9MQgghhBBCiH+1yxf9V3olQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE+vU/8e/ErvQehRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiCvtfwUAAP//luw5aQ==") chdir(&(0x7f0000004340)='./file0\x00') r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0) lseek(r0, 0xfffffffffffffffc, 0x2) getdents(r0, 0x0, 0x54) 888.796139ms ago: executing program 0 (id=1683): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x800714, &(0x7f00000000c0)={[{@test_dummy_encryption}]}, 0x1, 0x4c0, &(0x7f00000006c0)="$eJzs3M1rXFUfAODfnXz0K23y9u3b923fVqNVLH4kTfphFy5UFAQVBF3UZUzSWjttpInQlqBRpK4L7sWl4NKVOzeiLsQ/QMGlFIoGoakgRO5XOklm0nx22szzwGTOuffce86595zJmXvm3gBaVm/6J4noioifI6I7j85P0Ju/zUxPDt+anhxOYnb29d+TLN3N6cnhMmm53Y4icrgSUfk4iWeTxfmOX75ybqhaHb1YxPsnzr/bP375ylNnzw+dGT0zemHw5MljRweePjF4fN52dXa1yLY6y9J63dz//tiBfS+9ee3V4VPX3vr+y3Rfew/m62vrcUe3FpXi5XrJetOj9sdsZuG6R5ed2f1hZ004aW9iQViRtohIT1dH1v+7oy1un7zuePGjphYO2FDp/6YtjVdPzQKbWBLNLgHQHOU/+vT7b/mKv+/S4OMecOO5iM4iPDM9OTwzdx2gPSrF8o4NzL83Ik5N/fVZ+oqVXocAAFiFbGzz5ILxX6YSe7P3fK5jVzGH0hMR/4qI3RHx74jYExH/icjS/jci/pdvPNu9zPx7F8QXj38q1+uWeZ2k479nasZ+MzX1L9562orYzqz+Hcnps9XRI8UxORwdW9L4wBJ5fPNCZ8N1teO/9JXmX44FiwJcb88v0M3tZGRoYmi9DsKNDyP2t9erfzI3E5C2gH0RsX9lu95VBs4+/sWBRonuXP8lrMM80+znEY/l538qFtS/lDSYn0zb+InB4/1bozp6pL9sFYv98NPV1xrlv6b6r4P0/G+f3/4XpOj+M8nnazuiWh29OL7yPK7+8knD7zQraP9z0vbfmbyRzVn/+Ha+7NLQxMTFgYjO5JUsXnSWrZEuH7y97aUiXqZP63/4UP3+v7vYJq3//yMibcQHI3Y9EBEPFmV/KCIejohDS9T/u+cfeWeJ+ieRRFPP/0jdz7+59t+T1M7XryLQdu7brxvN2y/v/B+LqeyzNpd9/t3Bcgu4xsMHAAAA94VKRHRFUunLw71dUan09eW/4d8T2yvVsfGJJ06PvXdhJL9HoCc6KuWVru6a66EDyVSxxzw+WFwrLtcfLa4bf9q2LYv3DY9VR5pcd2h1O+b3/yj7f+q3tmaXDthwjefRlrg1ANgUFvb/SpPKAdx9y/kdje8CsDnV6f/1nqEBbEKe1wKtq17//2BBfNH43wgBNoXF/f/XOo+sAzYj439oXfo/tC79H1rSWu7rX32gvFlgycRlEeum2brsO/xbJVA+HmYj89oWt5dEJQt0xT1Q99UEupeTOCK+WnNebetQ5rTH3N3jU/PAIQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgPvYPwEAAP//O47fqw==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) listxattr(0x0, 0x0, 0x0) write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) unlink(0x0) read$FUSE(r0, &(0x7f0000001000)={0x2020}, 0x2020) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000003040), &(0x7f0000003080)=0xc) socket$nl_generic(0x10, 0x3, 0x10) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) ftruncate(r0, 0x5) 796.960572ms ago: executing program 3 (id=1684): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, &(0x7f00000000c0)='wg0\x00', 0x4) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000080)={'wg2\x00', 0x0}) setsockopt$inet_mreqn(r0, 0x0, 0x20, &(0x7f0000000040)={@empty, @remote, r1}, 0xc) 546.425971ms ago: executing program 3 (id=1685): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newlink={0x30, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x11e7d, 0x51a23}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8}, {0x4}}}]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x20040040) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x4) r1 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000040)={{{@in=@rand_addr=0x64010100, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x4e23, 0x0, 0xffff, 0x8000, 0x2}, {0x0, 0x1, 0x0, 0x1000080000000, 0x95, 0xfffffffffffffffa}, {0x40, 0x0, 0x0, 0x2}, 0x8, 0x0, 0x1, 0x0, 0x3}, {{@in=@empty, 0x0, 0x33}, 0xa, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x3507, 0x4, 0x0, 0x0, 0x0, 0x7c, 0xfffffffe}}, 0xe8) connect$inet6(r1, &(0x7f0000000300)={0xa, 0x4e23, 0xaf, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x1a}}, 0x80}, 0x1c) 509.515643ms ago: executing program 1 (id=1686): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000010401080000000000000000170000050500010003"], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x40800) 333.896048ms ago: executing program 2 (id=1687): bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@perf_event={0xf346}}, 0x18) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0xfffffff9) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000080)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/231, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]}) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000001c0)={0x1, 0x0, [{0x7, 0x1, 0x2, 0x0, 0xfffffffe}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0xfffffffe) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400005}, 0x94) 333.749918ms ago: executing program 1 (id=1688): mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) r0 = openat$dir(0xffffffffffffff9c, 0x0, 0x101000, 0x108) getdents64(r0, 0x0, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, 0x0, 0x0) connect$inet(r1, 0x0, 0x0) sendmmsg(r1, 0x0, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x80) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000000c0)={r2, r4, 0x16, 0x0, @void}, 0x10) setsockopt$inet_int(r1, 0x0, 0x8, &(0x7f0000000180)=0x8, 0x4) 333.371538ms ago: executing program 3 (id=1689): unshare(0x22020600) r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], &(0x7f00000003c0)=""/237, 0x37, 0xed, 0x1}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f000000d000)={0xa, 0x3, &(0x7f0000008000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000014ff5)='GPL\x00', 0x2, 0x1000, &(0x7f0000014000)=""/4096, 0x0, 0x0, '\x00', 0x0, @fallback, r0, 0x14, &(0x7f0000000000), 0x1, 0x10, &(0x7f0000000000)={0x0, 0x3}, 0xffffffffffffff1c}, 0x70) 230.336912ms ago: executing program 2 (id=1690): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x8081, &(0x7f0000000840)={[{@noblock_validity}, {@resuid={'resuid', 0x3d, 0xee00}}]}, 0x0, 0x49b, &(0x7f0000001800)="$eJzs3MtrXFUcAODf3GTSpM/4qNqHGl9YUJsmfdiFG0XRhYKgi9qFENO01Ka2NBFsKaaK1KUU3ItLwb/AlW5EXQludS+FItk0PsAr9869Jk0ymZl0konO98G059x7Zs7rnjvnnnsnAXStoeyfSsTWiPg5Cyd59F9pkShLNzd7efz32cvjlUjT136r5Ptuzl4eL9OW79taRPYlEclHldizTL5TFy+dGZucnLhQxIenz54fnrp46anTZ8dOTZyaeGf06NFDB0eePjJ6uGEdKk3Uc1tW1t3vn9u766U3rr0yfuzaW99/2VuWdVE92mUohuqW7bF2Z9Zh2xaEK70dLAgt6YmIrLuq+fjfET0x33k74oUPO1o4YE2laZpur7/7Sgr8j1Wi0yUAOqP8or85OxD9a3QdvJHdeLZ2AZTVe6541fb0RlKkqS66vm2n/mL94tiVPz6LvP03dVX7AwDr7+ts/vNkbf5Tvmp7BuOeBem25+vB2daIOyLizoi4KyLujoidEXnaeyPivhbzH1oUXzr/TK6vqmJNyuZ/z0TEXG9E3DL/K2Z/f6eDPUVsWwzEYFQrJ09PThwo2mRfVDedrE5OjKyQxzfP//RJvX1DxdyvfGX5l3PBohzXezfd+p4TY9Njt1freTc+yNcAZ+aWzH/n71xloV0RsbvlTz/+4unz2f9f7K2XonH9V9CG+0zp5xGP1+5tXokV6r/4/uRAse/I6OHh/picODBcHhVL/fDj1Vfr5X9b9W+DrP83F/d26/T/YGXh/dqp1vO4+svHda9pWjj+j5dbsuO/r/J6Hu4rtr03Nj19YSSir/Ly0u2j859Wxsv0N7bujHhkufon+TkuO8ay+u+JiOwgvj8iHoiIB4uyPxQRD0f+EcuZmYuI75579O3V1D9p1LBtkPX/iVv6Pxr0f+uBnjPffrWa+tdk/X8oD+0rtix//usvA/lZodkCtqMNAQAAYKNL8mfgK8n+IjwQSbJ/f8SWfG13czJ5bmr6iZPn3v3zRO1Z+cGoJuVKV209uLYeOlKsDZfx0UXxg8W68ac9A3l888IrdqAjtiwc//mCY238Z37tWf49zfzeBviP8Hst6F7GP3Qv4x+6V3Pjv3gKcWZtywKsr2a//9M1Lgew/pYb/3W/5t9cj8eSgfXi+h+6l/EP3cv4h+5l/ENXup3f9Qs0CMy03Lz9sVKavvYXNU1X+/ZI8kA608F2/qv4MyzNJV678pTPxDdOXC3G3UY5ROsHOndOAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaKd/AgAA//9XstwK") r0 = syz_open_procfs(0x0, &(0x7f00000042c0)='mounts\x00') pread64(r0, &(0x7f0000002240)=""/236, 0xec, 0x4ed) 230.145602ms ago: executing program 0 (id=1691): syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) unshare(0x40200) semop(0x0, &(0x7f00000021c0)=[{0x0, 0x2, 0x1000}], 0x1) unshare(0x40400) 136.964585ms ago: executing program 1 (id=1692): r0 = syz_usb_connect(0x5, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="1201000092ecc620ac0500773aeb010203010902240001000020000904c40102fffd0180090502021002020000090582020002"], 0x0) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0) syz_usb_control_io$uac1(r0, &(0x7f0000000000)={0x14, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0003060000000603"]}, 0x0) syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000500)={0x44, &(0x7f0000000040)=ANY=[@ANYBLOB="2014f806000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x5f0, &(0x7f0000000e00)=ANY=[]) sendmsg$key(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x864) 133.058325ms ago: executing program 3 (id=1693): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = signalfd(0xffffffffffffffff, &(0x7f0000000080)={[0x6]}, 0x8) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f00000000c0)={@map, r0, 0x2a, 0x0, 0x0, @void, @value=r1}, 0x20) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFBR(r2, 0x8940, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r4 = syz_open_dev$MSR(0x0, 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) r5 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x40e02, 0x0) write$rfkill(r5, &(0x7f0000000300)={0x0, 0x2, 0x3, 0x1, 0x1}, 0x8) 0s ago: executing program 2 (id=1694): unshare(0x60600) r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r1 = socket$unix(0x1, 0x2, 0x0) connect$unix(r1, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) unshare(0x22020400) close(r0) kernel console output (not intermixed with test programs): block 1 (length 1) [ 279.452550][ T4417] Quota error (device loop3): remove_tree: Can't read quota data block 1 [ 279.489160][ T4417] EXT4-fs error (device loop3): ext4_release_dquot:6272: comm kworker/u4:11: Failed to release dquot type 0 [ 279.609463][ T7] usb 1-1: no configurations [ 279.614145][ T7] usb 1-1: can't read configurations, error -22 [ 279.655599][ T6982] FAULT_INJECTION: forcing a failure. [ 279.655599][ T6982] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 279.676237][ T4188] EXT4-fs error (device loop3): __ext4_get_inode_loc:4334: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 279.725370][ T4188] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5873: Corrupt filesystem [ 279.727207][ T6982] CPU: 0 PID: 6982 Comm: syz.1.755 Not tainted syzkaller #0 [ 279.742109][ T6982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 279.746600][ T4188] EXT4-fs error (device loop3): ext4_quota_off:6542: inode #3: comm syz-executor: mark_inode_dirty error [ 279.752198][ T6982] Call Trace: [ 279.752208][ T6982] [ 279.752217][ T6982] dump_stack_lvl+0x188/0x250 [ 279.752246][ T6982] ? show_regs_print_info+0x20/0x20 [ 279.779559][ T6982] ? load_image+0x400/0x400 [ 279.784111][ T6982] ? __lock_acquire+0x7d10/0x7d10 [ 279.789186][ T6982] should_fail+0x38c/0x4c0 [ 279.793657][ T6982] _copy_from_user+0x2e/0x170 [ 279.798420][ T6982] __copy_msghdr_from_user+0xc9/0x630 [ 279.803846][ T6982] ? verify_lock_unused+0x140/0x140 [ 279.809088][ T6982] ? __ia32_sys_shutdown+0x1d0/0x1d0 [ 279.814438][ T6982] ___sys_sendmsg+0x19a/0x2e0 [ 279.819165][ T6982] ? __sys_sendmsg+0x2a0/0x2a0 [ 279.823975][ T6982] ? vfs_write+0x8b2/0xd60 [ 279.828450][ T6982] __se_sys_sendmsg+0x1af/0x290 [ 279.833334][ T6982] ? __x64_sys_sendmsg+0x80/0x80 [ 279.838307][ T6982] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 279.844383][ T6982] ? lockdep_hardirqs_on+0x94/0x140 [ 279.849616][ T6982] do_syscall_64+0x4c/0xa0 [ 279.854055][ T6982] ? clear_bhb_loop+0x30/0x80 [ 279.858749][ T6982] ? clear_bhb_loop+0x30/0x80 [ 279.863456][ T6982] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 279.869367][ T6982] RIP: 0033:0x7ffac1872e59 [ 279.873811][ T6982] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 279.893443][ T6982] RSP: 002b:00007ffabfacc028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 279.901893][ T6982] RAX: ffffffffffffffda RBX: 00007ffac1aebfa0 RCX: 00007ffac1872e59 [ 279.909887][ T6982] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003 [ 279.917873][ T6982] RBP: 00007ffabfacc090 R08: 0000000000000000 R09: 0000000000000000 [ 279.925865][ T6982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 279.933854][ T6982] R13: 00007ffac1aec038 R14: 00007ffac1aebfa0 R15: 00007ffec2bdd248 [ 279.941857][ T6982] [ 279.944975][ C0] vkms_vblank_simulate: vblank timer overrun [ 280.029169][ T7] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 280.469421][ T7] usb 1-1: no configurations [ 280.474124][ T7] usb 1-1: can't read configurations, error -22 [ 281.249150][ T7] usb usb1-port1: attempt power cycle [ 281.374121][ T6987] loop1: detected capacity change from 0 to 32768 [ 281.430849][ T6987] jfs: Unrecognized mount option "iochccenteuro" or missing value [ 281.457406][ T7001] device syzkaller0 entered promiscuous mode [ 281.752053][ T7011] loop4: detected capacity change from 0 to 256 [ 281.809873][ T7011] exfat: Deprecated parameter 'utf8' [ 281.818674][ T7011] exfat: Deprecated parameter 'namecase' [ 281.831626][ T7011] exfat: Deprecated parameter 'utf8' [ 281.843955][ T7011] exfat: Bad value for 'gid' [ 282.178669][ T7026] loop4: detected capacity change from 0 to 4096 [ 282.325574][ T7026] ntfs: volume version 3.1. [ 283.628994][ T7043] netlink: 'syz.2.777': attribute type 4 has an invalid length. [ 284.195296][ T7058] loop1: detected capacity change from 0 to 1024 [ 284.239168][ T7] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 284.272566][ T7058] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 284.479211][ T7] usb 5-1: Using ep0 maxpacket: 8 [ 284.603850][ T7] usb 5-1: config 127 has an invalid interface number: 171 but max is 1 [ 284.622634][ T7] usb 5-1: config 127 has an invalid descriptor of length 0, skipping remainder of the config [ 284.647972][ T7] usb 5-1: config 127 has 1 interface, different from the descriptor's value: 2 [ 284.677579][ T7] usb 5-1: config 127 has no interface number 0 [ 284.696455][ T7] usb 5-1: config 127 interface 171 has no altsetting 0 [ 284.869355][ T7] usb 5-1: New USB device found, idVendor=04e2, idProduct=1414, bcdDevice=c5.b9 [ 284.888700][ T7] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 284.908969][ T7] usb 5-1: Product: syz [ 284.944884][ T7] usb 5-1: Manufacturer: syz [ 284.959306][ T7] usb 5-1: SerialNumber: syz [ 284.986048][ T7060] loop0: detected capacity change from 0 to 32768 [ 285.036477][ T7060] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.784 (7060) [ 285.092533][ T7060] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 285.119163][ T7060] BTRFS info (device loop0): setting nodatasum [ 285.134132][ T7060] BTRFS info (device loop0): force zlib compression, level 3 [ 285.198655][ T7060] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_LZO (0x8) [ 285.205083][ T7063] loop3: detected capacity change from 0 to 32768 [ 285.245218][ T7060] BTRFS info (device loop0): use lzo compression, level 0 [ 285.253675][ T7060] BTRFS info (device loop0): turning on flush-on-commit [ 285.289201][ T7060] BTRFS info (device loop0): enabling auto defrag [ 285.295878][ T7060] BTRFS info (device loop0): max_inline at 0 [ 285.314962][ T7060] BTRFS info (device loop0): using free space tree [ 285.339342][ T7060] BTRFS info (device loop0): has skinny extents [ 285.365075][ T7065] loop1: detected capacity change from 0 to 4096 [ 285.473125][ T7] usb 5-1: USB disconnect, device number 12 [ 286.165123][ T4532] BTRFS warning (device loop0): checksum verify failed on 5332992 wanted 0x0a5e5d25 found 0x75e14365 level 0 [ 286.228852][ T7065] ntfs: volume version 3.1. [ 286.271234][ T7060] BTRFS warning (device loop0): couldn't read tree root [ 286.345356][ T7060] BTRFS error (device loop0): open_ctree failed: -22 [ 286.867917][ T7100] Invalid ELF header magic: != ELF [ 287.092707][ T7114] loop3: detected capacity change from 0 to 256 [ 287.150525][ T7114] exfat: Deprecated parameter 'utf8' [ 287.166454][ T7114] exfat: Deprecated parameter 'namecase' [ 287.196817][ T7114] exfat: Deprecated parameter 'utf8' [ 287.223292][ T7060] loop0: detected capacity change from 0 to 136 [ 287.278896][ T7114] exfat: Bad value for 'gid' [ 287.821522][ T7126] block nbd3: NBD_DISCONNECT [ 288.061851][ T7135] deleting an unspecified loop device is not supported. [ 288.134409][ T26] audit: type=1326 audit(288.083:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7132 comm="syz.4.801" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5063285e59 code=0x0 [ 288.157330][ C0] vkms_vblank_simulate: vblank timer overrun [ 288.248966][ T26] audit: type=1326 audit(288.083:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7132 comm="syz.4.801" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5063285e59 code=0x0 [ 289.155676][ T7152] loop0: detected capacity change from 0 to 256 [ 289.206898][ T7152] exfat: Deprecated parameter 'utf8' [ 289.218905][ T7152] exfat: Deprecated parameter 'namecase' [ 289.224740][ T7152] exfat: Deprecated parameter 'utf8' [ 289.230299][ T7152] exfat: Bad value for 'gid' [ 289.314128][ T7156] x_tables: duplicate underflow at hook 1 [ 290.621928][ T7172] loop1: detected capacity change from 0 to 1024 [ 290.683499][ T7172] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 291.085839][ T7162] loop0: detected capacity change from 0 to 32768 [ 291.835073][ T7208] netlink: 196 bytes leftover after parsing attributes in process `syz.3.823'. [ 293.254933][ T7238] loop1: detected capacity change from 0 to 1024 [ 293.325416][ T7238] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 296.041902][ T7271] syz.4.844 uses obsolete (PF_INET,SOCK_PACKET) [ 296.088958][ T7271] netlink: 'syz.4.844': attribute type 1 has an invalid length. [ 296.193613][ T7271] device bond1 entered promiscuous mode [ 296.205839][ T7271] 8021q: adding VLAN 0 to HW filter on device bond1 [ 296.254200][ T7278] netlink: 'syz.1.845': attribute type 11 has an invalid length. [ 296.402645][ T7276] 8021q: adding VLAN 0 to HW filter on device bond1 [ 296.427522][ T7276] bond1: (slave wireguard0): The slave device specified does not support setting the MAC address [ 296.495513][ T7276] bond1: (slave wireguard0): Setting fail_over_mac to active for active-backup mode [ 296.579189][ T7276] bond1: (slave wireguard0): making interface the new active one [ 296.627247][ T7276] device wireguard0 entered promiscuous mode [ 296.678736][ T7276] bond1: (slave wireguard0): Enslaving as an active interface with an up link [ 296.727798][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready [ 296.798180][ T7282] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 296.809497][ T7282] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 296.850555][ T7282] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 296.986821][ T7295] loop4: detected capacity change from 0 to 736 [ 298.132159][ T7315] fuse: Bad value for 'fd' [ 298.309378][ T7103] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 298.599156][ T7103] usb 4-1: Using ep0 maxpacket: 8 [ 298.739541][ T7103] usb 4-1: config 127 has an invalid interface number: 171 but max is 1 [ 298.779800][ T7103] usb 4-1: config 127 has an invalid descriptor of length 0, skipping remainder of the config [ 298.912941][ T7103] usb 4-1: config 127 has 1 interface, different from the descriptor's value: 2 [ 299.062999][ T7103] usb 4-1: config 127 has no interface number 0 [ 299.069717][ T7103] usb 4-1: config 127 interface 171 has no altsetting 0 [ 299.936964][ T7103] usb 4-1: New USB device found, idVendor=04e2, idProduct=1414, bcdDevice=c5.b9 [ 300.142836][ T7103] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 300.151383][ T7103] usb 4-1: Product: syz [ 300.155590][ T7103] usb 4-1: Manufacturer: syz [ 300.160498][ T7103] usb 4-1: SerialNumber: syz [ 300.323145][ T7342] netlink: 256 bytes leftover after parsing attributes in process `syz.1.865'. [ 300.334655][ T7342] netlink: 80 bytes leftover after parsing attributes in process `syz.1.865'. [ 300.520185][ T7103] usb 4-1: USB disconnect, device number 16 [ 300.599288][ T5626] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 300.842264][ T7340] loop0: detected capacity change from 0 to 32768 [ 300.855213][ T5626] usb 2-1: Using ep0 maxpacket: 16 [ 300.962839][ T7340] (syz.0.864,7340,1):ocfs2_parse_options:1459 ERROR: Invalid heartbeat mount options [ 301.006894][ T7340] (syz.0.864,7340,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 302.039384][ T5626] usb 2-1: New USB device found, idVendor=0763, idProduct=0150, bcdDevice= 0.40 [ 302.058748][ T5626] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 302.073233][ T5626] usb 2-1: Product: syz [ 302.077475][ T5626] usb 2-1: Manufacturer: syz [ 302.082943][ T5626] usb 2-1: SerialNumber: syz [ 302.216820][ T7369] loop4: detected capacity change from 0 to 1024 [ 302.348349][ T7369] hfsplus: failed to load catalog file [ 302.375303][ T7374] x_tables: duplicate underflow at hook 1 [ 303.207045][ T26] audit: type=1326 audit(303.153:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7378 comm="syz.3.877" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f69e06cbe59 code=0x0 [ 303.242410][ T7377] loop0: detected capacity change from 0 to 1024 [ 303.276912][ T5626] usb 2-1: USB disconnect, device number 15 [ 303.740774][ T4339] udevd[4339]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 304.984857][ T7385] loop4: detected capacity change from 0 to 32768 [ 306.026299][ T7422] x_tables: duplicate underflow at hook 1 [ 306.507387][ T7429] loop1: detected capacity change from 0 to 1024 [ 307.766121][ T7463] x_tables: duplicate underflow at hook 1 [ 308.564005][ T7467] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 308.635854][ T7467] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 308.655504][ T7467] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 308.681111][ T7467] device bridge_slave_0 left promiscuous mode [ 308.723193][ T7467] bridge0: port 1(bridge_slave_0) entered disabled state [ 308.788993][ T7467] device bridge_slave_1 left promiscuous mode [ 308.824685][ T7467] bridge0: port 2(bridge_slave_1) entered disabled state [ 308.865396][ T7467] bond0: (slave bond_slave_0): Releasing backup interface [ 308.913499][ T7467] bond0: (slave bond_slave_1): Releasing backup interface [ 308.925024][ T7479] loop4: detected capacity change from 0 to 4096 [ 308.950359][ T7483] loop0: detected capacity change from 0 to 1024 [ 309.047573][ T7467] team0: Port device team_slave_0 removed [ 309.087703][ T7479] ntfs: volume version 3.1. [ 309.136669][ T7479] FAULT_INJECTION: forcing a failure. [ 309.136669][ T7479] name failslab, interval 1, probability 0, space 0, times 0 [ 309.143934][ T7467] team0: Port device team_slave_1 removed [ 309.178170][ T7479] CPU: 1 PID: 7479 Comm: syz.4.906 Not tainted syzkaller #0 [ 309.185531][ T7479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 309.195649][ T7479] Call Trace: [ 309.198969][ T7479] [ 309.201936][ T7479] dump_stack_lvl+0x188/0x250 [ 309.206657][ T7479] ? show_regs_print_info+0x20/0x20 [ 309.207344][ T7467] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 309.212440][ T7479] ? load_image+0x400/0x400 [ 309.212507][ T7479] ? __might_sleep+0xf0/0xf0 [ 309.212529][ T7479] ? __lock_acquire+0x7d10/0x7d10 [ 309.212560][ T7479] should_fail+0x38c/0x4c0 [ 309.212589][ T7479] should_failslab+0x5/0x20 [ 309.212610][ T7479] slab_pre_alloc_hook+0x51/0xc0 [ 309.248074][ T7479] ? ntfs_map_runlist_nolock+0x48d/0x1760 [ 309.254015][ T7479] kmem_cache_alloc+0x3d/0x290 [ 309.258831][ T7479] ntfs_map_runlist_nolock+0x48d/0x1760 [ 309.263383][ T7467] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 309.264442][ T7479] ? rwsem_write_trylock+0x135/0x1c0 [ 309.264477][ T7479] ? clear_nonspinnable+0x60/0x60 [ 309.281936][ T7479] ? up_read+0x20/0x20 [ 309.286065][ T7479] ntfs_map_runlist+0x7e/0xa0 [ 309.290792][ T7479] ntfs_readpage+0x155c/0x2260 [ 309.295669][ T7479] ? ntfs_writepage+0x1360/0x1360 [ 309.300755][ T7479] ? add_to_page_cache_lru+0x2a8/0x4a0 [ 309.306262][ T7479] ? ntfs_writepage+0x1360/0x1360 [ 309.311356][ T7479] do_read_cache_page+0x8a1/0x1030 [ 309.316527][ T7479] ntfs_statfs+0x24c/0xd40 [ 309.321010][ T7479] vfs_get_fsid+0x1bb/0x2e0 [ 309.325832][ T7479] ? current_umask+0x70/0x70 [ 309.330548][ T7479] fanotify_test_fsid+0x7f/0x2b0 [ 309.335546][ T7479] ? fanotify_events_supported+0x300/0x300 [ 309.341404][ T7479] ? bpf_lsm_path_notify+0x5/0x10 [ 309.346468][ T7479] ? security_path_notify+0x7c/0xa0 [ 309.351714][ T7479] ? fanotify_find_path+0x295/0x2e0 [ 309.356958][ T7479] ? fanotify_events_supported+0x27a/0x300 [ 309.362818][ T7479] do_fanotify_mark+0x7e2/0xda0 [ 309.367727][ T7479] ? copy_fid_info_to_user+0x670/0x670 [ 309.373233][ T7479] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 309.379276][ T7479] ? lock_chain_count+0x20/0x20 [ 309.384186][ T7479] ? vtime_user_exit+0x2c8/0x3e0 [ 309.389177][ T7479] __x64_sys_fanotify_mark+0xb1/0xc0 [ 309.394519][ T7479] do_syscall_64+0x4c/0xa0 [ 309.398978][ T7479] ? clear_bhb_loop+0x30/0x80 [ 309.403713][ T7479] ? clear_bhb_loop+0x30/0x80 [ 309.408445][ T7479] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 309.414514][ T7479] RIP: 0033:0x7f5063285e59 [ 309.418982][ T7479] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 309.438627][ T7479] RSP: 002b:00007f50614df028 EFLAGS: 00000246 ORIG_RAX: 000000000000012d [ 309.447200][ T7479] RAX: ffffffffffffffda RBX: 00007f50634fefa0 RCX: 00007f5063285e59 [ 309.455209][ T7479] RDX: 000000004800003e RSI: 0000000000000001 RDI: 0000000000000005 [ 309.463222][ T7479] RBP: 00007f50614df090 R08: 0000000000000000 R09: 0000000000000000 [ 309.471255][ T7479] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001 [ 309.479261][ T7479] R13: 00007f50634ff038 R14: 00007f50634fefa0 R15: 00007ffc9afbe7a8 [ 309.487297][ T7479] [ 309.497360][ T7467] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 309.511919][ T7467] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 309.522865][ T7479] ntfs: (device loop4): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -12). [ 309.566945][ T7471] netlink: 'syz.3.902': attribute type 10 has an invalid length. [ 309.569995][ T7470] loop1: detected capacity change from 0 to 32768 [ 309.622901][ T7471] 8021q: adding VLAN 0 to HW filter on device bond0 [ 309.643312][ T7471] team0: Port device bond0 added [ 310.827651][ T7509] x_tables: duplicate underflow at hook 1 [ 312.889363][ T7528] loop3: detected capacity change from 0 to 1024 [ 313.683488][ T7552] x_tables: duplicate underflow at hook 1 [ 314.657728][ T7557] loop1: detected capacity change from 0 to 4096 [ 314.672508][ T7547] loop3: detected capacity change from 0 to 32768 [ 314.725474][ T7557] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 315.864750][ T7572] loop4: detected capacity change from 0 to 1024 [ 316.232897][ T7593] FAULT_INJECTION: forcing a failure. [ 316.232897][ T7593] name failslab, interval 1, probability 0, space 0, times 0 [ 316.245652][ T7593] CPU: 1 PID: 7593 Comm: syz.0.939 Not tainted syzkaller #0 [ 316.252979][ T7593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 316.263061][ T7593] Call Trace: [ 316.266382][ T7593] [ 316.269329][ T7593] dump_stack_lvl+0x188/0x250 [ 316.274033][ T7593] ? show_regs_print_info+0x20/0x20 [ 316.279267][ T7593] ? load_image+0x400/0x400 [ 316.284312][ T7593] ? __might_sleep+0xf0/0xf0 [ 316.288934][ T7593] ? __lock_acquire+0x7d10/0x7d10 [ 316.294002][ T7593] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 316.300024][ T7593] should_fail+0x38c/0x4c0 [ 316.304479][ T7593] should_failslab+0x5/0x20 [ 316.308998][ T7593] slab_pre_alloc_hook+0x51/0xc0 [ 316.313962][ T7593] kmem_cache_alloc_node+0x47/0x2d0 [ 316.319174][ T7593] ? __alloc_skb+0xf4/0x750 [ 316.323706][ T7593] __alloc_skb+0xf4/0x750 [ 316.328069][ T7593] ? apparmor_socket_getpeersec_dgram+0x5/0x10 [ 316.334251][ T7593] netlink_sendmsg+0x654/0xbe0 [ 316.339044][ T7593] ? netlink_getsockopt+0x570/0x570 [ 316.344267][ T7593] ? aa_sock_msg_perm+0x94/0x150 [ 316.349228][ T7593] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 316.354535][ T7593] ? security_socket_sendmsg+0x7c/0xa0 [ 316.360013][ T7593] ? netlink_getsockopt+0x570/0x570 [ 316.365228][ T7593] ____sys_sendmsg+0x5b7/0x8f0 [ 316.370017][ T7593] ? __sys_sendmsg_sock+0x30/0x30 [ 316.375069][ T7593] ? import_iovec+0x6f/0xa0 [ 316.379602][ T7593] ___sys_sendmsg+0x236/0x2e0 [ 316.384305][ T7593] ? __sys_sendmsg+0x2a0/0x2a0 [ 316.389111][ T7593] __se_sys_sendmsg+0x1af/0x290 [ 316.393987][ T7593] ? __x64_sys_sendmsg+0x80/0x80 [ 316.398948][ T7593] ? syscall_enter_from_user_mode+0x2a/0x70 [ 316.404868][ T7593] do_syscall_64+0x4c/0xa0 [ 316.409307][ T7593] ? clear_bhb_loop+0x30/0x80 [ 316.414001][ T7593] ? clear_bhb_loop+0x30/0x80 [ 316.418703][ T7593] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 316.424622][ T7593] RIP: 0033:0x7f07931ffe59 [ 316.429057][ T7593] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 316.448693][ T7593] RSP: 002b:00007f0791417028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 316.457132][ T7593] RAX: ffffffffffffffda RBX: 00007f0793479180 RCX: 00007f07931ffe59 [ 316.465127][ T7593] RDX: 0000000004000054 RSI: 0000200000000480 RDI: 0000000000000008 [ 316.473123][ T7593] RBP: 00007f0791417090 R08: 0000000000000000 R09: 0000000000000000 [ 316.481109][ T7593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 316.489105][ T7593] R13: 00007f0793479218 R14: 00007f0793479180 R15: 00007ffd5050c9d8 [ 316.497114][ T7593] [ 317.182560][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.189105][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.588971][ T7633] netlink: 268 bytes leftover after parsing attributes in process `syz.2.954'. [ 318.599936][ T7633] unsupported nla_type 65024 [ 318.620088][ T7633] fuse: Bad value for 'fd' [ 319.163739][ T7637] loop0: detected capacity change from 0 to 4096 [ 319.178063][ T7639] netlink: 12 bytes leftover after parsing attributes in process `syz.2.956'. [ 319.412573][ T7637] ntfs: volume version 3.1. [ 319.512100][ T7643] netlink: 'syz.2.959': attribute type 17 has an invalid length. [ 319.528054][ T7625] loop1: detected capacity change from 0 to 32768 [ 319.544667][ T7643] netlink: 148 bytes leftover after parsing attributes in process `syz.2.959'. [ 319.796548][ T7657] loop3: detected capacity change from 0 to 256 [ 319.946490][ T7657] exfat: Unknown parameter 'time_Rffset' [ 320.599664][ T7656] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 320.655640][ T7656] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 320.878188][ T26] audit: type=1326 audit(320.803:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7661 comm="syz.3.962" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69e06cbe59 code=0x7ffc0000 [ 320.962379][ T26] audit: type=1326 audit(320.803:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7661 comm="syz.3.962" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69e06cbe59 code=0x7ffc0000 [ 321.021378][ T26] audit: type=1326 audit(320.973:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7661 comm="syz.3.962" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f69e06cbe59 code=0x7ffc0000 [ 321.088435][ T7667] loop4: detected capacity change from 0 to 1024 [ 321.327881][ T26] audit: type=1326 audit(320.973:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7661 comm="syz.3.962" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69e06cbe59 code=0x7ffc0000 [ 321.455156][ T26] audit: type=1326 audit(320.973:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7661 comm="syz.3.962" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f69e06cbe59 code=0x7ffc0000 [ 321.523966][ T26] audit: type=1326 audit(321.473:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7661 comm="syz.3.962" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69e06cbe59 code=0x7ffc0000 [ 321.636630][ T7678] loop4: detected capacity change from 0 to 256 [ 321.675442][ T7678] exfat: Deprecated parameter 'utf8' [ 321.687396][ T26] audit: type=1326 audit(321.473:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7661 comm="syz.3.962" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69e06cbe59 code=0x7ffc0000 [ 321.719592][ T7678] exfat: Deprecated parameter 'namecase' [ 321.725531][ T7678] exfat: Deprecated parameter 'utf8' [ 321.774898][ T7678] exfat: Bad value for 'gid' [ 321.910706][ T7678] netlink: 12 bytes leftover after parsing attributes in process `syz.4.967'. [ 323.556293][ T7694] loop4: detected capacity change from 0 to 32768 [ 323.647900][ T7694] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.973 (7694) [ 323.771422][ T7694] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 323.814974][ T7694] BTRFS info (device loop4): setting nodatasum [ 323.838606][ T7694] BTRFS info (device loop4): force zlib compression, level 3 [ 323.863062][ T7694] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_LZO (0x8) [ 323.927308][ T7694] BTRFS info (device loop4): use lzo compression, level 0 [ 323.966668][ T7694] BTRFS info (device loop4): turning on flush-on-commit [ 323.997989][ T7694] BTRFS info (device loop4): enabling auto defrag [ 324.018451][ T7694] BTRFS info (device loop4): max_inline at 0 [ 324.056741][ T7694] BTRFS info (device loop4): using free space tree [ 324.079134][ T7694] BTRFS info (device loop4): has skinny extents [ 324.172930][ T7707] loop3: detected capacity change from 0 to 32768 [ 324.254672][ T7707] BTRFS warning: duplicate device /dev/loop3 devid 1 generation 8 scanned by syz.3.977 (7707) [ 324.372737][ T4303] BTRFS warning (device loop4): checksum verify failed on 5332992 wanted 0x0a5e5d25 found 0x75e14365 level 0 [ 324.402481][ T7694] BTRFS warning (device loop4): couldn't read tree root [ 324.436683][ T4182] BTRFS warning: duplicate device /dev/loop3 devid 1 generation 8 scanned by udevd (4182) [ 324.849438][ T7694] BTRFS error (device loop4): open_ctree failed: -22 [ 324.893528][ T7742] netlink: 12 bytes leftover after parsing attributes in process `syz.2.983'. [ 325.087536][ T7747] FAULT_INJECTION: forcing a failure. [ 325.087536][ T7747] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 325.116431][ T7747] CPU: 1 PID: 7747 Comm: syz.3.985 Not tainted syzkaller #0 [ 325.123791][ T7747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 325.133906][ T7747] Call Trace: [ 325.137222][ T7747] [ 325.140189][ T7747] dump_stack_lvl+0x188/0x250 [ 325.144909][ T7747] ? show_regs_print_info+0x20/0x20 [ 325.150162][ T7747] ? load_image+0x400/0x400 [ 325.154809][ T7747] ? __lock_acquire+0x7d10/0x7d10 [ 325.159895][ T7747] should_fail+0x38c/0x4c0 [ 325.164366][ T7747] _copy_to_user+0x2e/0x130 [ 325.168915][ T7747] simple_read_from_buffer+0xe3/0x150 [ 325.174329][ T7747] proc_fail_nth_read+0x1a6/0x220 [ 325.179515][ T7747] ? proc_fault_inject_write+0x310/0x310 [ 325.185218][ T7747] ? fsnotify_perm+0x254/0x560 [ 325.190006][ T7747] ? proc_fault_inject_write+0x310/0x310 [ 325.195698][ T7747] vfs_read+0x301/0xd60 [ 325.199889][ T7747] ? kernel_read+0x1e0/0x1e0 [ 325.204520][ T7747] ? __fget_files+0x40f/0x480 [ 325.209228][ T7747] ? mutex_lock_nested+0x17/0x20 [ 325.214231][ T7747] ? __fdget_pos+0x2bf/0x370 [ 325.218870][ T7747] ? ksys_read+0x71/0x260 [ 325.223245][ T7747] ksys_read+0x152/0x260 [ 325.227540][ T7747] ? vfs_write+0xd60/0xd60 [ 325.232037][ T7747] ? lockdep_hardirqs_on+0x94/0x140 [ 325.237258][ T7747] do_syscall_64+0x4c/0xa0 [ 325.241805][ T7747] ? clear_bhb_loop+0x30/0x80 [ 325.246524][ T7747] ? clear_bhb_loop+0x30/0x80 [ 325.251533][ T7747] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 325.257485][ T7747] RIP: 0033:0x7f69e068c68e [ 325.261943][ T7747] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 325.281591][ T7747] RSP: 002b:00007f69de924fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 325.290056][ T7747] RAX: ffffffffffffffda RBX: 00007f69de9256c0 RCX: 00007f69e068c68e [ 325.298059][ T7747] RDX: 000000000000000f RSI: 00007f69de9250a0 RDI: 0000000000000005 [ 325.306071][ T7747] RBP: 00007f69de925090 R08: 0000000000000000 R09: 0000000000000000 [ 325.314072][ T7747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 325.322078][ T7747] R13: 00007f69e0945038 R14: 00007f69e0944fa0 R15: 00007ffdd02f2f28 [ 325.330078][ T7747] [ 325.760995][ T7758] loop4: detected capacity change from 0 to 4096 [ 325.958474][ T7758] ntfs: volume version 3.1. [ 326.099949][ T7758] device syzkaller0 entered promiscuous mode [ 327.063594][ T7772] loop4: detected capacity change from 0 to 256 [ 327.103865][ T7772] exfat: Deprecated parameter 'utf8' [ 327.134355][ T7772] exfat: Deprecated parameter 'namecase' [ 327.152502][ T7772] exfat: Deprecated parameter 'utf8' [ 327.173951][ T7772] exfat: Bad value for 'gid' [ 327.185769][ T7761] loop3: detected capacity change from 0 to 32768 [ 327.214392][ T7761] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.990 (7761) [ 327.254157][ T7770] loop0: detected capacity change from 0 to 4096 [ 327.372907][ T26] audit: type=1326 audit(327.323:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7780 comm="syz.2.998" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4055b78e59 code=0x7ffc0000 [ 327.633822][ T7761] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 327.659581][ T7770] ntfs: volume version 3.1. [ 327.672138][ T7761] BTRFS info (device loop3): setting nodatasum [ 327.732038][ T26] audit: type=1326 audit(327.353:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7780 comm="syz.2.998" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4055b78e59 code=0x7ffc0000 [ 327.739601][ T7761] BTRFS info (device loop3): force zlib compression, level 3 [ 327.768146][ T7761] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_LZO (0x8) [ 327.777845][ T7761] BTRFS info (device loop3): use lzo compression, level 0 [ 327.792236][ T7761] BTRFS info (device loop3): turning on flush-on-commit [ 327.802011][ T7761] BTRFS info (device loop3): enabling auto defrag [ 327.808682][ T7761] BTRFS info (device loop3): max_inline at 0 [ 327.829533][ T7761] BTRFS info (device loop3): using free space tree [ 327.857638][ T7761] BTRFS info (device loop3): has skinny extents [ 327.903038][ T7770] device syzkaller0 entered promiscuous mode [ 327.913875][ T26] audit: type=1326 audit(327.353:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7780 comm="syz.2.998" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4055b78e59 code=0x7ffc0000 [ 327.937260][ C0] vkms_vblank_simulate: vblank timer overrun [ 328.073686][ T26] audit: type=1326 audit(327.353:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7780 comm="syz.2.998" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f4055b78e59 code=0x7ffc0000 [ 328.236839][ T7103] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 328.248333][ T26] audit: type=1326 audit(327.353:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7780 comm="syz.2.998" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4055b78e59 code=0x7ffc0000 [ 328.329140][ T26] audit: type=1326 audit(327.373:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7780 comm="syz.2.998" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f4055b78e59 code=0x7ffc0000 [ 328.369621][ T26] audit: type=1326 audit(327.373:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7780 comm="syz.2.998" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4055b78e59 code=0x7ffc0000 [ 328.417860][ T4303] BTRFS warning (device loop3): checksum verify failed on 5332992 wanted 0x0a5e5d25 found 0x75e14365 level 0 [ 328.428029][ T26] audit: type=1326 audit(327.373:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7780 comm="syz.2.998" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f4055b78e59 code=0x7ffc0000 [ 328.453890][ C0] vkms_vblank_simulate: vblank timer overrun [ 328.466543][ T26] audit: type=1326 audit(327.373:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7780 comm="syz.2.998" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4055b78e59 code=0x7ffc0000 [ 328.489874][ C0] vkms_vblank_simulate: vblank timer overrun [ 328.559368][ T7103] usb 2-1: Using ep0 maxpacket: 8 [ 328.596037][ T7761] BTRFS warning (device loop3): couldn't read tree root [ 328.668389][ T26] audit: type=1326 audit(327.373:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7780 comm="syz.2.998" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4055b78e59 code=0x7ffc0000 [ 328.732438][ T7103] usb 2-1: config 127 has an invalid interface number: 171 but max is 1 [ 328.763070][ T7103] usb 2-1: config 127 has an invalid descriptor of length 0, skipping remainder of the config [ 328.774043][ T7103] usb 2-1: config 127 has 1 interface, different from the descriptor's value: 2 [ 328.783541][ T7103] usb 2-1: config 127 has no interface number 0 [ 328.788734][ C0] vkms_vblank_simulate: vblank timer overrun [ 328.791399][ T7103] usb 2-1: config 127 interface 171 has no altsetting 0 [ 329.030370][ T7103] usb 2-1: New USB device found, idVendor=04e2, idProduct=1414, bcdDevice=c5.b9 [ 329.091226][ T7103] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 329.315895][ T7103] usb 2-1: Product: syz [ 329.330263][ T7103] usb 2-1: Manufacturer: syz [ 329.346223][ T7103] usb 2-1: SerialNumber: syz [ 329.569383][ T7761] BTRFS error (device loop3): open_ctree failed: -22 [ 329.726098][ T7103] usb 2-1: USB disconnect, device number 16 [ 331.399125][ T4256] usb 1-1: new full-speed USB device number 13 using dummy_hcd [ 332.040549][ T4256] usb 1-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43 [ 332.108457][ T4256] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 332.400955][ T4256] usb 1-1: config 0 descriptor?? [ 332.465721][ T4256] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 332.695567][ T7854] loop1: detected capacity change from 0 to 4096 [ 332.889444][ T4256] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 333.088421][ T4256] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 333.366515][ T7858] loop3: detected capacity change from 0 to 32768 [ 333.422692][ T7858] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.1016 (7858) [ 333.480310][ T7858] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 333.499357][ T1107] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 333.549213][ T7858] BTRFS info (device loop3): setting nodatasum [ 333.569172][ T7858] BTRFS info (device loop3): force zlib compression, level 3 [ 333.589540][ T7858] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_LZO (0x8) [ 333.640057][ T7094] usb 1-1: USB disconnect, device number 13 [ 333.679218][ T7858] BTRFS info (device loop3): use lzo compression, level 0 [ 333.699238][ T7858] BTRFS info (device loop3): turning on flush-on-commit [ 333.731447][ T7858] BTRFS info (device loop3): enabling auto defrag [ 333.789139][ T7858] BTRFS info (device loop3): max_inline at 0 [ 333.903954][ T7858] BTRFS info (device loop3): using free space tree [ 333.917344][ T7858] BTRFS info (device loop3): has skinny extents [ 333.974895][ T1107] usb 2-1: no configurations [ 333.979741][ T1107] usb 2-1: can't read configurations, error -22 [ 334.129184][ T1107] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 335.445549][ T3067] BTRFS warning (device loop3): checksum verify failed on 5332992 wanted 0x0a5e5d25 found 0x75e14365 level 0 [ 335.544853][ T7858] BTRFS warning (device loop3): couldn't read tree root [ 335.917032][ T1107] usb 2-1: device descriptor read/all, error -71 [ 335.969418][ T1107] usb usb2-port1: attempt power cycle [ 336.210775][ T7858] BTRFS error (device loop3): open_ctree failed: -22 [ 338.847427][ T7948] loop1: detected capacity change from 0 to 1024 [ 338.894459][ T7948] EXT4-fs (loop1): inline encryption not supported [ 338.916482][ T7948] EXT4-fs (loop1): inline encryption not supported [ 338.978644][ T7948] EXT4-fs (loop1): orphan cleanup on readonly fs [ 338.996744][ T7948] EXT4-fs (loop1): 1 truncate cleaned up [ 339.049413][ T7948] EXT4-fs (loop1): mounted filesystem without journal. Opts: inlinecrypt,inode_readahead_blks=0x0000000000000010,inlinecrypt,,errors=continue. Quota mode: writeback. [ 339.129185][ T7103] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 339.393431][ T7103] usb 4-1: Using ep0 maxpacket: 16 [ 339.589163][ T4389] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 339.702772][ T7103] usb 4-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15 [ 339.719303][ T7103] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 339.737827][ T7103] usb 4-1: Product: syz [ 339.742574][ T7103] usb 4-1: Manufacturer: syz [ 339.748036][ T7103] usb 4-1: SerialNumber: syz [ 339.781829][ T7103] usb 4-1: config 0 descriptor?? [ 339.841376][ T7103] ssu100 4-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected [ 339.889852][ T4389] usb 2-1: no configurations [ 339.899798][ T4389] usb 2-1: can't read configurations, error -22 [ 340.069105][ T4389] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 340.349359][ T4389] usb 2-1: no configurations [ 340.354147][ T4389] usb 2-1: can't read configurations, error -22 [ 340.369344][ T4389] usb usb2-port1: attempt power cycle [ 341.167464][ T7103] usb 4-1: Quatech SSU-100 USB to Serial Driver converter now attached to ttyUSB0 [ 341.524439][ T7103] usb 4-1: USB disconnect, device number 17 [ 341.558096][ T7103] ssu100 ttyUSB0: Quatech SSU-100 USB to Serial Driver converter now disconnected from ttyUSB0 [ 342.040859][ T7103] ssu100 4-1:0.0: device disconnected [ 342.167929][ T7984] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1052'. [ 343.512114][ T8007] loop0: detected capacity change from 0 to 1024 [ 343.571223][ T8007] EXT4-fs (loop0): inline encryption not supported [ 343.577895][ T8007] EXT4-fs (loop0): inline encryption not supported [ 343.683467][ T8007] EXT4-fs (loop0): orphan cleanup on readonly fs [ 343.700395][ T8012] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 343.715857][ T8007] EXT4-fs (loop0): 1 truncate cleaned up [ 343.912162][ T8007] EXT4-fs (loop0): mounted filesystem without journal. Opts: inlinecrypt,inode_readahead_blks=0x0000000000000010,inlinecrypt,,errors=continue. Quota mode: writeback. [ 346.007249][ T8035] loop4: detected capacity change from 0 to 1024 [ 346.279390][ T4378] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 346.289694][ T8042] netlink: 'syz.1.1073': attribute type 5 has an invalid length. [ 346.320201][ T8042] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 346.329124][ T8042] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 346.337927][ T8042] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 346.347140][ T8042] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 346.371671][ T8042] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 346.381030][ T8042] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 346.389995][ T8042] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 346.398908][ T8042] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 346.659348][ T4378] usb 1-1: device descriptor read/all, error -71 [ 346.803722][ T8051] loop1: detected capacity change from 0 to 4096 [ 346.985294][ T8051] ntfs: volume version 3.1. [ 348.655656][ T8065] loop3: detected capacity change from 0 to 40427 [ 348.679615][ T8065] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 348.696154][ T8065] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 348.784442][ T8065] F2FS-fs (loop3): invalid crc value [ 348.799376][ T8077] loop4: detected capacity change from 0 to 1024 [ 348.826811][ T8065] F2FS-fs (loop3): Found nat_bits in checkpoint [ 348.967480][ T8065] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 349.007233][ T8065] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 349.059085][ T8065] FAULT_INJECTION: forcing a failure. [ 349.059085][ T8065] name failslab, interval 1, probability 0, space 0, times 0 [ 349.130757][ T8065] CPU: 1 PID: 8065 Comm: syz.3.1078 Not tainted syzkaller #0 [ 349.138395][ T8065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 349.148659][ T8065] Call Trace: [ 349.151975][ T8065] [ 349.154938][ T8065] dump_stack_lvl+0x188/0x250 [ 349.159654][ T8065] ? show_regs_print_info+0x20/0x20 [ 349.164891][ T8065] ? load_image+0x400/0x400 [ 349.169430][ T8065] ? __might_sleep+0xf0/0xf0 [ 349.174062][ T8065] ? __lock_acquire+0x7d10/0x7d10 [ 349.179139][ T8065] should_fail+0x38c/0x4c0 [ 349.183623][ T8065] should_failslab+0x5/0x20 [ 349.188173][ T8065] slab_pre_alloc_hook+0x51/0xc0 [ 349.193158][ T8065] ? getname_flags+0xb5/0x500 [ 349.197880][ T8065] kmem_cache_alloc+0x3d/0x290 [ 349.202695][ T8065] getname_flags+0xb5/0x500 [ 349.207246][ T8065] do_sys_openat2+0xdd/0x4b0 [ 349.211883][ T8065] ? __lock_acquire+0x7d10/0x7d10 [ 349.216949][ T8065] ? do_sys_open+0xe0/0xe0 [ 349.221404][ T8065] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 349.227431][ T8065] ? lock_chain_count+0x20/0x20 [ 349.232337][ T8065] ? vtime_user_exit+0x2c8/0x3e0 [ 349.237325][ T8065] __x64_sys_openat+0x135/0x160 [ 349.242221][ T8065] do_syscall_64+0x4c/0xa0 [ 349.246673][ T8065] ? clear_bhb_loop+0x30/0x80 [ 349.251386][ T8065] ? clear_bhb_loop+0x30/0x80 [ 349.256107][ T8065] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 349.262039][ T8065] RIP: 0033:0x7f69e06cbe59 [ 349.266512][ T8065] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 349.286158][ T8065] RSP: 002b:00007f69de925028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 349.294619][ T8065] RAX: ffffffffffffffda RBX: 00007f69e0944fa0 RCX: 00007f69e06cbe59 [ 349.302640][ T8065] RDX: 0000000000101042 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 349.310652][ T8065] RBP: 00007f69de925090 R08: 0000000000000000 R09: 0000000000000000 [ 349.318712][ T8065] R10: 0000000000000015 R11: 0000000000000246 R12: 0000000000000001 [ 349.326731][ T8065] R13: 00007f69e0945038 R14: 00007f69e0944fa0 R15: 00007ffdd02f2f28 [ 349.334775][ T8065] [ 349.401998][ T8088] loop1: detected capacity change from 0 to 4096 [ 350.704591][ T8088] ntfs: volume version 3.1. [ 352.421727][ T8131] loop3: detected capacity change from 0 to 1024 [ 352.741002][ T8124] loop4: detected capacity change from 0 to 32768 [ 352.762597][ T8144] loop3: detected capacity change from 0 to 128 [ 352.809690][ T8124] [ 352.809690][ T8124] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 352.809690][ T8124] [ 352.833836][ T8144] FAT-fs (loop3): bogus number of FAT structure [ 352.929295][ T8144] FAT-fs (loop3): Can't find a valid FAT filesystem [ 353.759194][ T4199] [ 353.759194][ T4199] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 353.759194][ T4199] [ 353.789755][ T4199] [ 353.789755][ T4199] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 353.789755][ T4199] [ 353.811020][ T8151] loop0: detected capacity change from 0 to 1024 [ 353.855669][ T8151] EXT4-fs (loop0): inline encryption not supported [ 353.938508][ T8151] EXT4-fs (loop0): inline encryption not supported [ 353.977978][ T8151] EXT4-fs (loop0): orphan cleanup on readonly fs [ 354.000535][ T8151] EXT4-fs (loop0): 1 truncate cleaned up [ 354.006785][ T8151] EXT4-fs (loop0): mounted filesystem without journal. Opts: inlinecrypt,inode_readahead_blks=0x0000000000000010,inlinecrypt,,errors=continue. Quota mode: writeback. [ 354.619575][ T4385] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 354.909540][ T4385] usb 1-1: no configurations [ 354.914360][ T4385] usb 1-1: can't read configurations, error -22 [ 355.081982][ T4385] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 355.502206][ T4385] usb 1-1: no configurations [ 355.530801][ T4385] usb 1-1: can't read configurations, error -22 [ 355.651514][ T4385] usb usb1-port1: attempt power cycle [ 356.290753][ T4385] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 356.603518][ T4385] usb 1-1: no configurations [ 356.609368][ T4385] usb 1-1: can't read configurations, error -22 [ 360.045599][ T8203] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1115'. [ 360.059379][ T8203] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1115'. [ 360.068453][ T8203] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1115'. [ 360.108404][ T8205] loop1: detected capacity change from 0 to 128 [ 360.221879][ T8205] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0002] [ 360.249543][ T8205] System zones: 1-3, 19-19, 35-36 [ 360.255842][ T8205] EXT4-fs (loop1): mounted filesystem without journal. Opts: debug,,errors=continue. Quota mode: none. [ 360.537140][ T8219] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1123'. [ 361.185614][ T8215] loop1: detected capacity change from 0 to 32768 [ 361.229665][ T8228] loop4: detected capacity change from 0 to 1024 [ 361.363372][ T8228] EXT4-fs (loop4): inline encryption not supported [ 361.392897][ T8228] EXT4-fs (loop4): inline encryption not supported [ 361.483260][ T8228] EXT4-fs (loop4): orphan cleanup on readonly fs [ 361.567372][ T8228] EXT4-fs (loop4): 1 truncate cleaned up [ 361.637905][ T8228] EXT4-fs (loop4): mounted filesystem without journal. Opts: inlinecrypt,inode_readahead_blks=0x0000000000000010,inlinecrypt,,errors=continue. Quota mode: writeback. [ 361.986524][ T8232] loop0: detected capacity change from 0 to 32768 [ 362.053264][ T8232] BTRFS: device fsid db05bf05-c4f4-4d41-ba1f-eb57295b561b devid 1 transid 8 /dev/loop0 scanned by syz.0.1128 (8232) [ 362.070510][ T8242] overlayfs: failed to clone upperpath [ 362.082104][ T8232] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm [ 362.101619][ T8232] BTRFS error (device loop0): superblock checksum mismatch [ 362.126783][ T8232] BTRFS error (device loop0): open_ctree failed: -22 [ 362.159103][ T23] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 362.195665][ T8244] x_tables: duplicate underflow at hook 1 [ 362.230662][ T5833] udevd[5833]: incorrect btrfs checksum on /dev/loop0 [ 362.439360][ T23] usb 5-1: no configurations [ 362.444044][ T23] usb 5-1: can't read configurations, error -22 [ 362.609134][ T23] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 362.617346][ T8248] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1134'. [ 362.889523][ T23] usb 5-1: no configurations [ 362.895784][ T23] usb 5-1: can't read configurations, error -22 [ 362.916183][ T23] usb usb5-port1: attempt power cycle [ 363.339139][ T23] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 363.969466][ T23] usb 5-1: no configurations [ 363.974126][ T23] usb 5-1: can't read configurations, error -22 [ 364.049099][ T1107] usb 2-1: new high-speed USB device number 23 using dummy_hcd [ 364.118161][ T26] kauditd_printk_skb: 36 callbacks suppressed [ 364.118177][ T26] audit: type=1326 audit(364.060:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8275 comm="syz.2.1142" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4055b78e59 code=0x7ffc0000 [ 364.148565][ T23] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 364.288493][ T26] audit: type=1326 audit(364.060:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8275 comm="syz.2.1142" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4055b78e59 code=0x7ffc0000 [ 364.329200][ T23] usb 5-1: device descriptor read/8, error -71 [ 364.347268][ T26] audit: type=1326 audit(364.080:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8275 comm="syz.2.1142" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4055b78e59 code=0x7ffc0000 [ 364.370726][ C0] vkms_vblank_simulate: vblank timer overrun [ 364.389133][ T1107] usb 2-1: Using ep0 maxpacket: 16 [ 364.402693][ T26] audit: type=1326 audit(364.080:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8275 comm="syz.2.1142" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f4055b78e59 code=0x7ffc0000 [ 364.426048][ C0] vkms_vblank_simulate: vblank timer overrun [ 364.494405][ T23] usb usb5-port1: unable to enumerate USB device [ 364.641834][ T26] audit: type=1326 audit(364.080:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8275 comm="syz.2.1142" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4055b78e59 code=0x7ffc0000 [ 364.671727][ T1107] usb 2-1: unable to get BOS descriptor or descriptor too short [ 364.793477][ T26] audit: type=1326 audit(364.080:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8275 comm="syz.2.1142" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f4055b78e59 code=0x7ffc0000 [ 364.964492][ T1107] usb 2-1: New USB device found, idVendor=1430, idProduct=474b, bcdDevice= 0.40 [ 364.974029][ T26] audit: type=1326 audit(364.080:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8275 comm="syz.2.1142" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4055b78e59 code=0x7ffc0000 [ 365.032379][ T1107] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 365.079229][ T1107] usb 2-1: Product: syz [ 365.083943][ T1107] usb 2-1: Manufacturer: syz [ 365.106311][ T8291] loop4: detected capacity change from 0 to 256 [ 365.119318][ T1107] usb 2-1: SerialNumber: syz [ 365.127400][ T26] audit: type=1326 audit(364.080:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8275 comm="syz.2.1142" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f4055b78e59 code=0x7ffc0000 [ 365.164372][ T26] audit: type=1326 audit(364.080:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8275 comm="syz.2.1142" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4055b78e59 code=0x7ffc0000 [ 365.196866][ T26] audit: type=1326 audit(364.080:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8275 comm="syz.2.1142" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4055b78e59 code=0x7ffc0000 [ 365.228863][ T8291] exfat: Deprecated parameter 'utf8' [ 365.258431][ T8291] exfat: Deprecated parameter 'namecase' [ 365.309100][ T8291] exfat: Deprecated parameter 'utf8' [ 365.314675][ T8291] exfat: Bad value for 'gid' [ 365.342942][ T8291] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1145'. [ 365.930204][ T1107] usb 2-1: USB disconnect, device number 23 [ 366.821098][ T4181] udevd[4181]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 366.847262][ T8295] loop0: detected capacity change from 0 to 32768 [ 367.635221][ T8325] loop4: detected capacity change from 0 to 1024 [ 367.777056][ T8325] EXT4-fs error (device loop4): ext4_map_blocks:631: inode #3: block 2: comm syz.4.1156: lblock 2 mapped to illegal pblock 2 (length 1) [ 367.870541][ T8325] EXT4-fs error (device loop4): ext4_map_blocks:631: inode #3: block 48: comm syz.4.1156: lblock 0 mapped to illegal pblock 48 (length 1) [ 367.934919][ T8325] EXT4-fs error (device loop4): ext4_acquire_dquot:6236: comm syz.4.1156: Failed to acquire dquot type 0 [ 368.019683][ T8325] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5873: Corrupt filesystem [ 368.039874][ T8325] EXT4-fs error (device loop4): ext4_evict_inode:284: inode #11: comm syz.4.1156: mark_inode_dirty error [ 368.057822][ T8325] EXT4-fs warning (device loop4): ext4_evict_inode:287: couldn't mark inode dirty (err -117) [ 368.070577][ T8325] EXT4-fs (loop4): 1 orphan inode deleted [ 368.076359][ T8325] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodioread_nolock,noblock_validity,data_err=ignore,max_batch_time=0x00000000000008c9,nodiscard,stripe=0x0000000000000004,nombcache,,errors=continue. Quota mode: none. [ 368.102061][ T5116] EXT4-fs error (device loop4): ext4_map_blocks:631: inode #3: block 1: comm kworker/u4:14: lblock 1 mapped to illegal pblock 1 (length 1) [ 368.215786][ T5116] EXT4-fs error (device loop4): ext4_release_dquot:6272: comm kworker/u4:14: Failed to release dquot type 0 [ 368.319555][ T8325] EXT4-fs (loop4): Ignoring removed bh option [ 368.457399][ T8325] EXT4-fs error (device loop4): ext4_map_blocks:631: inode #3: block 48: comm syz.4.1156: lblock 0 mapped to illegal pblock 48 (length 1) [ 370.532423][ T8355] loop0: detected capacity change from 0 to 256 [ 370.580241][ T8355] exfat: Deprecated parameter 'utf8' [ 370.611129][ T8355] exfat: Deprecated parameter 'namecase' [ 370.627220][ T8355] exfat: Deprecated parameter 'utf8' [ 370.667908][ T8355] exfat: Bad value for 'gid' [ 371.124820][ T8355] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1161'. [ 371.608295][ T26] kauditd_printk_skb: 40 callbacks suppressed [ 371.608312][ T26] audit: type=1326 audit(371.550:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8370 comm="syz.2.1170" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4055b78e59 code=0x7ffc0000 [ 371.638091][ C0] vkms_vblank_simulate: vblank timer overrun [ 371.814069][ T26] audit: type=1326 audit(371.570:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8370 comm="syz.2.1170" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4055b78e59 code=0x7ffc0000 [ 371.838729][ T26] audit: type=1326 audit(371.570:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8370 comm="syz.2.1170" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4055b78e59 code=0x7ffc0000 [ 371.869280][ T26] audit: type=1326 audit(371.570:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8370 comm="syz.2.1170" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f4055b78e59 code=0x7ffc0000 [ 372.195735][ T26] audit: type=1326 audit(371.570:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8370 comm="syz.2.1170" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4055b78e59 code=0x7ffc0000 [ 372.219639][ C0] vkms_vblank_simulate: vblank timer overrun [ 372.317034][ T8376] loop0: detected capacity change from 0 to 4096 [ 372.436817][ T26] audit: type=1326 audit(371.570:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8370 comm="syz.2.1170" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f4055b78e59 code=0x7ffc0000 [ 372.460621][ T26] audit: type=1326 audit(371.570:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8370 comm="syz.2.1170" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4055b78e59 code=0x7ffc0000 [ 372.485155][ T26] audit: type=1326 audit(371.570:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8370 comm="syz.2.1170" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f4055b78e59 code=0x7ffc0000 [ 372.508756][ T26] audit: type=1326 audit(371.580:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8370 comm="syz.2.1170" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4055b78e59 code=0x7ffc0000 [ 372.536585][ T26] audit: type=1326 audit(371.580:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8370 comm="syz.2.1170" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4055b78e59 code=0x7ffc0000 [ 372.636196][ T8376] ntfs: volume version 3.1. [ 373.964311][ T8399] x_tables: duplicate underflow at hook 1 [ 374.950159][ T8409] x_tables: duplicate underflow at hook 1 [ 375.069064][ T8411] loop0: detected capacity change from 0 to 256 [ 375.110128][ T8411] exfat: Deprecated parameter 'utf8' [ 375.115525][ T8411] exfat: Deprecated parameter 'namecase' [ 375.139123][ T8411] exfat: Deprecated parameter 'utf8' [ 375.149214][ T8411] exfat: Bad value for 'gid' [ 375.162202][ T8411] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1179'. [ 377.797184][ T1107] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 377.950396][ T8451] x_tables: duplicate underflow at hook 1 [ 378.571797][ T8460] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1193'. [ 378.622782][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.629332][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.669098][ T1107] usb 4-1: Using ep0 maxpacket: 8 [ 378.789297][ T1107] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 378.809475][ T1107] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 378.830021][ T1107] usb 4-1: New USB device found, idVendor=060b, idProduct=0001, bcdDevice= 0.00 [ 378.839307][ T1107] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 378.856755][ T1107] usb 4-1: config 0 descriptor?? [ 379.035195][ T4389] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 379.328485][ T26] kauditd_printk_skb: 36 callbacks suppressed [ 379.328501][ T26] audit: type=1326 audit(379.279:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8469 comm="syz.0.1197" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07931ffe59 code=0x7ffc0000 [ 379.438757][ T1107] macally 0003:060B:0001.0002: unknown main item tag 0x0 [ 379.456401][ T1107] macally 0003:060B:0001.0002: unknown main item tag 0x0 [ 379.464541][ T26] audit: type=1326 audit(379.279:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8469 comm="syz.0.1197" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f07931ffe59 code=0x7ffc0000 [ 379.515519][ T1107] macally 0003:060B:0001.0002: unknown main item tag 0x0 [ 379.545395][ T1107] macally 0003:060B:0001.0002: unknown main item tag 0x0 [ 379.570906][ T26] audit: type=1326 audit(379.279:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8469 comm="syz.0.1197" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07931ffe59 code=0x7ffc0000 [ 379.595811][ T26] audit: type=1326 audit(379.279:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8469 comm="syz.0.1197" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f07931ffe59 code=0x7ffc0000 [ 379.602136][ T1107] macally 0003:060B:0001.0002: unknown main item tag 0x0 [ 379.619565][ C0] vkms_vblank_simulate: vblank timer overrun [ 379.632857][ T26] audit: type=1326 audit(379.279:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8469 comm="syz.0.1197" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07931ffe59 code=0x7ffc0000 [ 379.632914][ T26] audit: type=1326 audit(379.279:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8469 comm="syz.0.1197" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f07931ffe59 code=0x7ffc0000 [ 379.632953][ T26] audit: type=1326 audit(379.289:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8469 comm="syz.0.1197" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07931ffe59 code=0x7ffc0000 [ 379.632991][ T26] audit: type=1326 audit(379.289:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8469 comm="syz.0.1197" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f07931ffe59 code=0x7ffc0000 [ 379.633029][ T26] audit: type=1326 audit(379.289:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8469 comm="syz.0.1197" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07931ffe59 code=0x7ffc0000 [ 379.633068][ T26] audit: type=1326 audit(379.289:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8469 comm="syz.0.1197" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07931ffe59 code=0x7ffc0000 [ 379.780704][ T1107] macally 0003:060B:0001.0002: unknown main item tag 0x0 [ 379.787970][ T1107] macally 0003:060B:0001.0002: unknown main item tag 0x0 [ 379.798407][ T1107] macally 0003:060B:0001.0002: item fetching failed at offset 42/43 [ 379.811055][ T1107] macally: probe of 0003:060B:0001.0002 failed with error -22 [ 379.934013][ T1107] usb 4-1: USB disconnect, device number 18 [ 380.356608][ T4389] usb 5-1: unable to get BOS descriptor or descriptor too short [ 380.439431][ T4389] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0xC has an invalid bInterval 127, changing to 10 [ 380.459529][ T4389] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 512, setting to 64 [ 380.669354][ T4389] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice= 0.40 [ 380.678460][ T4389] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 380.709144][ T4389] usb 5-1: Product: syz [ 380.719351][ T4389] usb 5-1: Manufacturer: syz [ 380.724018][ T4389] usb 5-1: SerialNumber: syz [ 381.158046][ T8482] loop1: detected capacity change from 0 to 32768 [ 381.159721][ T8464] loop4: detected capacity change from 0 to 4096 [ 381.186553][ T8495] x_tables: duplicate underflow at hook 1 [ 381.216756][ T8482] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.1200 (8482) [ 381.246720][ T8464] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [ 381.315844][ T8482] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 381.375999][ T8482] BTRFS info (device loop1): setting nodatasum [ 381.410189][ T8482] BTRFS info (device loop1): force zlib compression, level 3 [ 381.417645][ T8482] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_LZO (0x8) [ 381.472571][ T4389] usb 5-1: 0:0 : invalid sync pipe. bmAttributes 04, bLength 9, bSynchAddress 06 [ 381.487167][ T8482] BTRFS info (device loop1): use lzo compression, level 0 [ 381.511235][ T8482] BTRFS info (device loop1): turning on flush-on-commit [ 381.518253][ T8482] BTRFS info (device loop1): enabling auto defrag [ 381.581692][ T8482] BTRFS info (device loop1): max_inline at 0 [ 381.633093][ T8482] BTRFS info (device loop1): using free space tree [ 381.657751][ T4389] usb 5-1: USB disconnect, device number 17 [ 381.681553][ T8482] BTRFS info (device loop1): has skinny extents [ 381.908266][ T8499] loop3: detected capacity change from 0 to 4096 [ 382.114284][ T455] BTRFS warning (device loop1): checksum verify failed on 5332992 wanted 0x0a5e5d25 found 0x75e14365 level 0 [ 382.155122][ T8499] ntfs: volume version 3.1. [ 382.223832][ T8482] BTRFS warning (device loop1): couldn't read tree root [ 382.319736][ T8482] BTRFS error (device loop1): open_ctree failed: -22 [ 382.378261][ T8499] device syzkaller0 entered promiscuous mode [ 383.246022][ T8528] xt_connbytes: Forcing CT accounting to be enabled [ 384.071495][ T8558] netlink: 'syz.2.1223': attribute type 29 has an invalid length. [ 384.099415][ T8558] netlink: 'syz.2.1223': attribute type 29 has an invalid length. [ 384.118950][ T8558] netlink: 'syz.2.1223': attribute type 29 has an invalid length. [ 384.140304][ T8558] netlink: 'syz.2.1223': attribute type 29 has an invalid length. [ 384.516955][ T8583] netlink: 'syz.4.1236': attribute type 29 has an invalid length. [ 384.549880][ T8583] netlink: 'syz.4.1236': attribute type 29 has an invalid length. [ 384.590600][ T8588] netlink: 'syz.4.1236': attribute type 29 has an invalid length. [ 384.611033][ T8583] netlink: 'syz.4.1236': attribute type 29 has an invalid length. [ 384.636060][ T8591] rdma_rxe: rxe_register_device failed with error -23 [ 384.685549][ T8591] rdma_rxe: failed to add wlan0 [ 384.948868][ T8608] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1247'. [ 384.981239][ T8608] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1247'. [ 385.020482][ T8612] netlink: 'syz.2.1249': attribute type 29 has an invalid length. [ 385.028697][ T8612] netlink: 'syz.2.1249': attribute type 29 has an invalid length. [ 385.074322][ T8614] team0: Device vxcan0 is of different type [ 385.636403][ T8647] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.1266'. [ 385.813892][ T8659] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1272'. [ 386.758383][ T8719] netlink: 65015 bytes leftover after parsing attributes in process `syz.1.1302'. [ 386.827464][ T8726] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1306'. [ 387.259401][ T8757] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1321'. [ 387.637452][ T8774] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1329'. [ 387.918071][ T8795] loop1: detected capacity change from 0 to 128 [ 388.069970][ T8795] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 388.176071][ T8807] loop0: detected capacity change from 0 to 128 [ 388.264250][ T8807] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 388.324099][ T8807] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 388.469172][ T4385] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 388.606807][ T8827] loop3: detected capacity change from 0 to 128 [ 388.669158][ T21] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 388.674862][ T8827] EXT4-fs (loop3): Test dummy encryption mode enabled [ 388.705885][ T8827] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption=v1,max_dir_size_kb=0x0000000000000002,,errors=continue. Quota mode: none. [ 388.769186][ T4385] usb 5-1: Using ep0 maxpacket: 32 [ 388.912650][ T23] usb 1-1: new full-speed USB device number 20 using dummy_hcd [ 388.929330][ T21] usb 2-1: Using ep0 maxpacket: 32 [ 388.929351][ T4385] usb 5-1: config 0 has an invalid interface number: 67 but max is 0 [ 388.929378][ T4385] usb 5-1: config 0 has no interface number 0 [ 388.995699][ T8827] fscrypt: AES-256-XTS using implementation "xts-aes-aesni" [ 389.016420][ T26] kauditd_printk_skb: 13 callbacks suppressed [ 389.016436][ T26] audit: type=1800 audit(388.969:207): pid=8827 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1350" name="file1" dev="loop3" ino=12 res=0 errno=0 [ 389.089314][ T21] usb 2-1: config index 0 descriptor too short (expected 539, got 27) [ 389.103993][ T21] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 182, changing to 7 [ 389.115986][ T21] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 17443, setting to 1024 [ 389.120378][ T4385] usb 5-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 389.148439][ T4385] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 389.177406][ T4385] usb 5-1: Product: syz [ 389.181868][ T4385] usb 5-1: Manufacturer: syz [ 389.201451][ T4385] usb 5-1: SerialNumber: syz [ 389.218069][ T4385] usb 5-1: config 0 descriptor?? [ 389.253869][ T8847] af_packet: tpacket_rcv: packet too big, clamped from 21 to 4294967286. macoff=82 [ 389.266227][ T4385] smsc95xx v2.0.0 [ 389.284110][ T23] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 389.302817][ T21] usb 2-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 389.314885][ T23] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 389.331260][ T21] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 389.354974][ T21] usb 2-1: Product: syz [ 389.371549][ T21] usb 2-1: Manufacturer: syz [ 389.377073][ T21] usb 2-1: SerialNumber: syz [ 389.407727][ T21] usb 2-1: config 0 descriptor?? [ 389.450214][ T21] hub 2-1:0.0: bad descriptor, ignoring hub [ 389.465147][ T21] hub: probe of 2-1:0.0 failed with error -5 [ 389.475146][ T21] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input6 [ 389.509418][ T23] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 389.529844][ T21] usbtouchscreen 2-1:0.0: usbtouch_probe - usb_submit_urb failed with result: -22 [ 389.539468][ T23] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 389.547584][ T23] usb 1-1: Product: syz [ 389.557759][ T23] usb 1-1: Manufacturer: syz [ 389.566213][ T23] usb 1-1: SerialNumber: syz [ 389.606163][ T21] usbtouchscreen: probe of 2-1:0.0 failed with error -22 [ 389.670034][ T21] usb 2-1: USB disconnect, device number 24 [ 389.723419][ T4385] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 389.743814][ T4389] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 389.753146][ T4385] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 390.069356][ T23] usb 1-1: cannot find UAC_HEADER [ 390.106555][ T23] snd-usb-audio: probe of 1-1:1.0 failed with error -22 [ 390.134472][ T4182] udevd[4182]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 390.199497][ T4389] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 390.221864][ T4389] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 390.250770][ T4389] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 390.280274][ T4389] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 390.294180][ T4389] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 390.318802][ T4378] usb 1-1: USB disconnect, device number 20 [ 390.334888][ T4389] usb 4-1: config 0 descriptor?? [ 390.504445][ T8861] loop1: detected capacity change from 0 to 2048 [ 390.566953][ T8861] loop1: p1 < > p4 [ 390.566953][ T8861] p4: [ 390.585778][ T8861] loop1: p4 size 722688 extends beyond EOD, truncated [ 390.608892][ T8861] loop1: p6 start 262464109 is beyond EOD, truncated [ 390.621827][ T8861] loop1: p7 size 2304 extends beyond EOD, truncated [ 390.657309][ T3560] loop1: p1 < > p4 [ 390.657309][ T3560] p4: [ 390.668377][ T3560] loop1: p4 size 722688 extends beyond EOD, truncated [ 390.677818][ T3560] loop1: p6 start 262464109 is beyond EOD, truncated [ 390.685108][ T3560] loop1: p7 size 2304 extends beyond EOD, truncated [ 390.831583][ T4389] plantronics 0003:047F:FFFF.0003: unbalanced delimiter at end of report description [ 390.869579][ T4389] plantronics 0003:047F:FFFF.0003: parse failed [ 390.896626][ T4389] plantronics: probe of 0003:047F:FFFF.0003 failed with error -22 [ 390.928448][ T8874] loop0: detected capacity change from 0 to 1024 [ 390.999269][ T4378] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 391.033398][ T4389] usb 4-1: USB disconnect, device number 19 [ 391.119459][ T4385] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 391.179069][ T4385] smsc95xx: probe of 5-1:0.67 failed with error -71 [ 391.212717][ T4385] usb 5-1: USB disconnect, device number 18 [ 391.232037][ T5833] udevd[5833]: setting owner of /dev/bus/usb/005/018 to uid=0, gid=0 failed: No such file or directory [ 391.449277][ T4378] usb 2-1: unable to get BOS descriptor or descriptor too short [ 391.512991][ T4378] usb 2-1: unable to read config index 0 descriptor/start: -71 [ 391.527007][ T4378] usb 2-1: can't read configurations, error -71 [ 391.763410][ T8893] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1372'. [ 391.776402][ T8892] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1373'. [ 391.954796][ T8903] loop4: detected capacity change from 0 to 512 [ 392.067999][ T8903] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,usrquota,minixdf,nombcache,. Quota mode: writeback. [ 392.282683][ T8915] fuse: Bad value for 'fd' [ 392.403526][ T8919] loop1: detected capacity change from 0 to 1024 [ 392.433925][ T8923] loop4: detected capacity change from 0 to 256 [ 392.478011][ T8919] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (40992!=35945) [ 392.588246][ T8923] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 392.640387][ T8919] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 392.661137][ T8919] EXT4-fs (loop1): orphan cleanup on readonly fs [ 392.676398][ T8927] loop3: detected capacity change from 0 to 256 [ 392.917439][ T8919] Quota error (device loop1): v2_read_file_info: Number of blocks too big for quota file size (134223872 > 6144). [ 393.008447][ T8919] EXT4-fs warning (device loop1): ext4_enable_quotas:6488: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 393.027221][ T8927] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x1d73664b, utbl_chksum : 0xe619d30d) [ 393.065905][ T8919] EXT4-fs (loop1): Cannot turn on quotas: error -117 [ 393.109388][ T8919] EXT4-fs error (device loop1): ext4_free_blocks:6231: comm syz.1.1382: Freeing blocks not in datazone - block = 0, count = 4096 [ 393.138477][ T8927] exFAT-fs (loop3): error, broken FAT chain. [ 393.187279][ T8927] exFAT-fs (loop3): Filesystem has been set read-only [ 393.214956][ T8927] exFAT-fs (loop3): error, failed to bmap (inode : ffff88805facbbe0 iblock : 0, err : -5) [ 393.247678][ T8935] loop4: detected capacity change from 0 to 512 [ 393.279896][ T8919] EXT4-fs (loop1): 1 truncate cleaned up [ 393.285616][ T8919] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 393.349445][ T8927] exFAT-fs (loop3): error, broken FAT chain. [ 393.424997][ T8927] exFAT-fs (loop3): error, failed to bmap (inode : ffff88805facbbe0 iblock : 0, err : -5) [ 393.455487][ T8927] exFAT-fs (loop3): error, broken FAT chain. [ 393.531453][ T8935] EXT4-fs (loop4): mounted filesystem without journal. Opts: resgid=0x0000000000000000,errors=remount-ro,usrjquota=,sysvgroups,usrquota,. Quota mode: writeback. [ 393.543011][ T8927] exFAT-fs (loop3): error, failed to bmap (inode : ffff88805facbbe0 iblock : 1, err : -5) [ 393.600803][ T8927] exFAT-fs (loop3): error, broken FAT chain. [ 393.606870][ T8927] exFAT-fs (loop3): error, failed to bmap (inode : ffff88805facbbe0 iblock : 2, err : -5) [ 393.618103][ T8927] exFAT-fs (loop3): error, broken FAT chain. [ 393.624943][ T8927] exFAT-fs (loop3): error, failed to bmap (inode : ffff88805facbbe0 iblock : 3, err : -5) [ 393.635953][ T8927] exFAT-fs (loop3): error, broken FAT chain. [ 393.649209][ T8927] exFAT-fs (loop3): error, failed to bmap (inode : ffff88805facbbe0 iblock : 4, err : -5) [ 393.694983][ T8949] loop1: detected capacity change from 0 to 512 [ 393.701970][ T8927] exFAT-fs (loop3): error, broken FAT chain. [ 393.708309][ T8927] exFAT-fs (loop3): error, failed to bmap (inode : ffff88805facbbe0 iblock : 5, err : -5) [ 393.719089][ T8951] EXT4-fs error (device loop4): ext4_lookup:1858: inode #12: comm syz.4.1388: iget: bad i_size value: 2533274857506816 [ 393.734145][ T8927] exFAT-fs (loop3): error, broken FAT chain. [ 393.740511][ T8927] exFAT-fs (loop3): error, failed to bmap (inode : ffff88805facbbe0 iblock : 6, err : -5) [ 393.750947][ T8927] exFAT-fs (loop3): error, broken FAT chain. [ 393.760175][ T8927] exFAT-fs (loop3): error, failed to bmap (inode : ffff88805facbbe0 iblock : 7, err : -5) [ 393.775263][ T8935] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.1388: bg 0: block 217: padding at end of block bitmap is not set [ 393.792148][ T8927] exFAT-fs (loop3): error, broken FAT chain. [ 393.798538][ T8927] exFAT-fs (loop3): error, failed to bmap (inode : ffff88805facbbe0 iblock : 0, err : -5) [ 393.813410][ T8927] exFAT-fs (loop3): error, broken FAT chain. [ 393.820518][ T8951] EXT4-fs (loop4): Remounting filesystem read-only [ 393.845502][ T8927] exFAT-fs (loop3): error, broken FAT chain. [ 393.852650][ T8935] EXT4-fs (loop4): Remounting filesystem read-only [ 393.870102][ T8935] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6191: Corrupt filesystem [ 393.907340][ T8927] exFAT-fs (loop3): error, broken FAT chain. [ 393.926137][ T8935] EXT4-fs (loop4): Remounting filesystem read-only [ 393.933555][ T8927] exFAT-fs (loop3): error, broken FAT chain. [ 393.960503][ T8927] exFAT-fs (loop3): error, broken FAT chain. [ 393.972108][ T8949] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 393.983166][ T8927] exFAT-fs (loop3): error, broken FAT chain. [ 393.983196][ T8927] exFAT-fs (loop3): error, broken FAT chain. [ 393.983495][ T26] audit: type=1800 audit(393.939:208): pid=8927 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1385" name="file0" dev="loop3" ino=1048606 res=0 errno=0 [ 394.209134][ T26] audit: type=1800 audit(394.039:209): pid=8949 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1393" name="bus" dev="loop1" ino=18 res=0 errno=0 [ 394.699536][ T21] usb 4-1: new full-speed USB device number 20 using dummy_hcd [ 394.798595][ T8980] loop4: detected capacity change from 0 to 2048 [ 394.844361][ T8980] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found! [ 394.878421][ T8980] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 395.144164][ T8989] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 395.289536][ T21] usb 4-1: too many endpoints for config 0 interface 0 altsetting 254: 223, using maximum allowed: 30 [ 395.423406][ T21] usb 4-1: config 0 interface 0 altsetting 254 has 1 endpoint descriptor, different from the interface descriptor's value: 223 [ 395.779070][ T21] usb 4-1: config 0 interface 0 has no altsetting 0 [ 395.819186][ T21] usb 4-1: New USB device found, idVendor=047d, idProduct=2041, bcdDevice= 0.00 [ 395.847130][ T8990] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1407'. [ 395.866794][ T21] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 395.928080][ T21] usb 4-1: config 0 descriptor?? [ 396.108262][ T8992] loop4: detected capacity change from 0 to 512 [ 396.138190][ T8996] validate_nla: 12 callbacks suppressed [ 396.138209][ T8996] netlink: 'syz.0.1410': attribute type 3 has an invalid length. [ 396.238231][ T8992] EXT4-fs (loop4): Ignoring removed oldalloc option [ 396.269795][ T9000] loop0: detected capacity change from 0 to 256 [ 396.273214][ T8992] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 396.415895][ T8992] EXT4-fs (loop4): 1 truncate cleaned up [ 396.427943][ T21] kensington 0003:047D:2041.0004: unknown main item tag 0x1 [ 396.435778][ T21] kensington 0003:047D:2041.0004: ignoring exceeding usage max [ 396.454841][ T21] kensington 0003:047D:2041.0004: hidraw0: USB HID v0.81 Device [HID 047d:2041] on usb-dummy_hcd.3-1/input0 [ 396.466916][ T8992] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsv1,auto_da_alloc=0x0000000000000eb0,debug_want_extra_isize=0x0000000000000068,lazytime,data=journal,noload,oldalloc,,errors=continue. Quota mode: none. [ 396.703564][ T4256] usb 4-1: USB disconnect, device number 20 [ 396.758749][ T9008] fido_id[9008]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 397.354081][ T9036] loop4: detected capacity change from 0 to 512 [ 397.364831][ T21] usb 1-1: new full-speed USB device number 21 using dummy_hcd [ 397.529247][ T23] usb 2-1: new high-speed USB device number 27 using dummy_hcd [ 397.695393][ T9036] EXT4-fs (loop4): orphan cleanup on readonly fs [ 397.713636][ T9036] Quota error (device loop4): find_block_dqentry: Quota for id 0 referenced but not present [ 397.724811][ T9036] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 397.734380][ T9036] EXT4-fs error (device loop4): ext4_acquire_dquot:6236: comm syz.4.1421: Failed to acquire dquot type 1 [ 397.780677][ T9036] EXT4-fs (loop4): 1 truncate cleaned up [ 397.790631][ T9036] EXT4-fs (loop4): mounted filesystem without journal. Opts: barrier,,errors=continue. Quota mode: writeback. [ 398.489175][ T23] usb 2-1: Using ep0 maxpacket: 32 [ 398.579227][ T21] usb 1-1: unable to get BOS descriptor or descriptor too short [ 398.629534][ T21] usb 1-1: not running at top speed; connect to a high speed hub [ 398.649502][ T23] usb 2-1: unable to get BOS descriptor or descriptor too short [ 398.719654][ T21] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 194, changing to 4 [ 398.739678][ T23] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 168, changing to 7 [ 398.758826][ T23] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 64, changing to 7 [ 398.777929][ T23] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid maxpacket 1584, setting to 1024 [ 398.889540][ T21] usb 1-1: New USB device found, idVendor=0582, idProduct=0010, bcdDevice= 0.40 [ 398.911890][ T21] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 398.949430][ T23] usb 2-1: New USB device found, idVendor=0582, idProduct=0582, bcdDevice= 0.40 [ 398.970899][ T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 398.981750][ T21] usb 1-1: Product: syz [ 399.006670][ T21] usb 1-1: Manufacturer: syz [ 399.019333][ T23] usb 2-1: Product: syz [ 399.041676][ T21] usb 1-1: SerialNumber: syz [ 399.055237][ T9045] input: syz1 as /devices/virtual/input/input7 [ 399.065162][ T23] usb 2-1: Manufacturer: syz [ 399.091737][ T23] usb 2-1: SerialNumber: syz [ 399.610496][ T23] usb 2-1: Audio class v2/v3 interfaces need an interface association [ 399.612219][ T9050] loop3: detected capacity change from 0 to 512 [ 399.653957][ T21] usb 1-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 399.664881][ T23] snd-usb-audio: probe of 2-1:1.0 failed with error -22 [ 399.686887][ T9050] EXT4-fs (loop3): Mount option "journal_async_commit" incompatible with ext3 [ 399.709603][ T21] usb 1-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 399.803704][ T21] usb 1-1: USB disconnect, device number 21 [ 399.820581][ T5833] udevd[5833]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 399.887736][ T9055] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability [ 399.943920][ T7094] usb 2-1: USB disconnect, device number 27 [ 400.176761][ T4182] udevd[4182]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 400.393899][ T9067] loop0: detected capacity change from 0 to 2048 [ 400.705344][ T9067] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 400.748155][ T9081] loop3: detected capacity change from 0 to 256 [ 402.175749][ T9086] loop1: detected capacity change from 0 to 512 [ 402.312050][ T9081] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 403.000889][ T9086] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 403.118391][ T26] audit: type=1804 audit(403.069:210): pid=9081 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1439" name="/newroot/265/file0/file1" dev="loop3" ino=1048608 res=1 errno=0 [ 403.361675][ T9095] loop4: detected capacity change from 0 to 128 [ 403.468709][ T9095] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 403.489696][ T5626] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 403.551663][ T9101] loop1: detected capacity change from 0 to 128 [ 403.562859][ T9103] syz.4.1447 (pid 9103) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 403.836508][ T9112] loop3: detected capacity change from 0 to 1024 [ 403.993426][ T5626] usb 1-1: descriptor type invalid, skip [ 404.090232][ T5626] usb 1-1: config index 0 descriptor too short (expected 246, got 36) [ 404.099277][ T5626] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 404.342858][ T9112] attempt to access beyond end of device [ 404.342858][ T9112] loop3: rw=2057, want=65536, limit=1024 [ 404.356564][ T5626] usb 1-1: config 0 has no interfaces? [ 404.760079][ T9112] attempt to access beyond end of device [ 404.760079][ T9112] loop3: rw=1, want=2310, limit=1024 [ 404.876143][ T9112] attempt to access beyond end of device [ 404.876143][ T9112] loop3: rw=1, want=4358, limit=1024 [ 404.909515][ T5626] usb 1-1: New USB device found, idVendor=0525, idProduct=0001, bcdDevice= 0.00 [ 404.945922][ T5626] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 404.975058][ T5626] usb 1-1: Product: syz [ 405.005088][ T5626] usb 1-1: Manufacturer: syz [ 405.015298][ T5626] usb 1-1: SerialNumber: syz [ 405.035780][ T9112] attempt to access beyond end of device [ 405.035780][ T9112] loop3: rw=1, want=6406, limit=1024 [ 405.088531][ T5626] usb 1-1: config 0 descriptor?? [ 405.146015][ T9112] attempt to access beyond end of device [ 405.146015][ T9112] loop3: rw=1, want=8454, limit=1024 [ 405.237357][ T9112] attempt to access beyond end of device [ 405.237357][ T9112] loop3: rw=1, want=10502, limit=1024 [ 405.258933][ T9112] attempt to access beyond end of device [ 405.258933][ T9112] loop3: rw=1, want=12550, limit=1024 [ 405.309560][ T9112] attempt to access beyond end of device [ 405.309560][ T9112] loop3: rw=1, want=14598, limit=1024 [ 405.382432][ T9112] attempt to access beyond end of device [ 405.382432][ T9112] loop3: rw=1, want=16646, limit=1024 [ 405.428062][ T9121] loop4: detected capacity change from 0 to 1024 [ 405.430389][ T5626] usb 1-1: USB disconnect, device number 22 [ 405.495666][ T9112] attempt to access beyond end of device [ 405.495666][ T9112] loop3: rw=1, want=18694, limit=1024 [ 405.646118][ T9128] loop1: detected capacity change from 0 to 1024 [ 405.686941][ T5116] hfsplus: b-tree write err: -5, ino 25 [ 405.711866][ T5116] hfsplus: b-tree write err: -5, ino 4 [ 405.763792][ T5116] hfsplus: b-tree write err: -5, ino 2 [ 405.795398][ T9128] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,nodioread_nolock,dax=inode,barrier,auto_da_alloc,nodioread_nolock,errors=remount-ro,. Quota mode: none. [ 406.135950][ T9133] bridge0: port 1(veth0_to_bond) entered blocking state [ 406.144097][ T9133] bridge0: port 1(veth0_to_bond) entered disabled state [ 406.162267][ T9133] device veth0_to_bond entered promiscuous mode [ 407.221154][ T9159] loop4: detected capacity change from 0 to 256 [ 407.247892][ T9158] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 407.454780][ T4389] usb 2-1: new high-speed USB device number 28 using dummy_hcd [ 407.669634][ T9164] FAT-fs (loop4): error, fat_free_clusters: deleting FAT entry beyond EOF [ 407.969472][ T4389] usb 2-1: config 248 has an invalid interface number: 44 but max is 0 [ 407.988142][ T4389] usb 2-1: config 248 has no interface number 0 [ 408.010932][ T4389] usb 2-1: config 248 interface 44 has no altsetting 0 [ 408.220747][ T4389] usb 2-1: New USB device found, idVendor=1b3d, idProduct=019b, bcdDevice= e.58 [ 408.247537][ T4389] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 408.276447][ T4389] usb 2-1: Product: syz [ 408.289079][ T4389] usb 2-1: Manufacturer: syz [ 408.293765][ T4389] usb 2-1: SerialNumber: syz [ 408.313656][ T9166] loop0: detected capacity change from 0 to 2048 [ 408.357202][ T9168] loop4: detected capacity change from 0 to 2048 [ 408.435546][ T9168] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found! [ 408.497459][ T9166] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 408.521447][ T9168] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 408.660466][ T4389] ftdi_sio 2-1:248.44: FTDI USB Serial Device converter detected [ 408.678758][ T4389] usb 2-1: Detected FT232H [ 408.709262][ T4389] ftdi_sio ttyUSB0: Unable to read latency timer: -71 [ 408.749170][ T4389] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 408.780430][ T4389] ftdi_sio 2-1:248.44: GPIO initialisation failed: -71 [ 408.800136][ T4389] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 408.834596][ T4389] usb 2-1: USB disconnect, device number 28 [ 408.900661][ T4389] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 408.931127][ T4389] ftdi_sio 2-1:248.44: device disconnected [ 408.941507][ T9178] loop3: detected capacity change from 0 to 512 [ 408.959125][ T9182] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1472'. [ 408.998660][ T9182] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1472'. [ 409.190071][ T9178] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 409.625289][ T9178] EXT4-fs (loop3): 1 truncate cleaned up [ 409.673557][ T9186] loop4: detected capacity change from 0 to 8192 [ 409.720903][ T9178] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,. Quota mode: none. [ 409.749702][ T9186] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 409.757172][ T9186] UDF-fs: Scanning with blocksize 512 failed [ 409.764677][ T9186] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 409.772350][ T9186] UDF-fs: Scanning with blocksize 1024 failed [ 409.779421][ T9186] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 409.786841][ T9186] UDF-fs: Scanning with blocksize 2048 failed [ 409.800128][ T9186] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 410.163964][ T9198] binder: 9195:9198 ioctl c0306201 0 returned -14 [ 410.174625][ T9198] binder: 9195:9198 ioctl c0306201 0 returned -14 [ 410.194305][ T9198] binder: 9195:9198 ioctl c038586b 2000000002c0 returned -22 [ 411.150989][ T9201] loop0: detected capacity change from 0 to 8 [ 412.217628][ T9202] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 413.240077][ T9233] loop0: detected capacity change from 0 to 1024 [ 413.298926][ T9235] loop3: detected capacity change from 0 to 512 [ 413.404217][ T9235] EXT4-fs (loop3): Test dummy encryption mode enabled [ 413.435266][ T9235] EXT4-fs error (device loop3): ext4_orphan_get:1406: inode #15: comm syz.3.1487: inode has both inline data and extents flags [ 413.617182][ T9235] EXT4-fs error (device loop3): ext4_orphan_get:1411: comm syz.3.1487: couldn't read orphan inode 15 (err -117) [ 413.647292][ T9233] hfsplus: xattr searching failed [ 413.663882][ T9235] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,,errors=continue. Quota mode: writeback. [ 413.667741][ T9244] binder: 9238:9244 ioctl 4018620d 0 returned -22 [ 414.964380][ T9250] loop0: detected capacity change from 0 to 512 [ 415.205476][ T9250] EXT4-fs (loop0): mounted filesystem without journal. Opts: bsddf,max_dir_size_kb=0x0000000000000a30,grpquota,,errors=continue. Quota mode: writeback. [ 415.261773][ T9271] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1502'. [ 415.306543][ T9252] EXT4-fs error (device loop0): ext4_lookup:1858: inode #12: comm syz.0.1493: iget: bad i_size value: 2533274857506816 [ 415.414111][ T9277] loop4: detected capacity change from 0 to 256 [ 415.539479][ T9281] loop1: detected capacity change from 0 to 164 [ 415.647964][ T26] audit: type=1800 audit(415.599:211): pid=9252 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1493" name="/" dev="fuse" ino=4 res=0 errno=0 [ 416.013832][ T9292] loop1: detected capacity change from 0 to 1024 [ 416.072561][ T9292] EXT4-fs (loop1): Quota format mount options ignored when QUOTA feature is enabled [ 416.110412][ T9298] loop0: detected capacity change from 0 to 8 [ 416.133168][ T9292] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsv1,,errors=continue. Quota mode: writeback. [ 416.759179][ T4378] usb 2-1: new high-speed USB device number 29 using dummy_hcd [ 417.389221][ T4378] usb 2-1: Using ep0 maxpacket: 16 [ 417.573779][ T4378] usb 2-1: unable to get BOS descriptor or descriptor too short [ 417.622822][ T4232] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 417.679452][ T4378] usb 2-1: config 6 has an invalid interface number: 215 but max is 0 [ 417.698276][ T4378] usb 2-1: config 6 has no interface number 0 [ 417.704976][ T4378] usb 2-1: config 6 interface 215 altsetting 5 endpoint 0x5 has invalid maxpacket 1024, setting to 64 [ 417.716421][ T4378] usb 2-1: config 6 interface 215 altsetting 5 endpoint 0x1 has invalid maxpacket 1023, setting to 64 [ 417.729012][ T4378] usb 2-1: config 6 interface 215 altsetting 5 endpoint 0x4 has invalid maxpacket 1024, setting to 64 [ 417.750276][ T4378] usb 2-1: config 6 interface 215 altsetting 5 has a duplicate endpoint with address 0x1, skipping [ 417.765360][ T5626] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 417.775560][ T4378] usb 2-1: config 6 interface 215 altsetting 5 has an invalid endpoint with address 0x80, skipping [ 417.794471][ T4378] usb 2-1: config 6 interface 215 has no altsetting 0 [ 417.879357][ T4232] usb 1-1: Using ep0 maxpacket: 16 [ 417.999280][ T4378] usb 2-1: New USB device found, idVendor=2304, idProduct=0245, bcdDevice=d6.fc [ 418.005513][ T4232] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 418.019303][ T4378] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 418.019382][ T4378] usb 2-1: Product: syz [ 418.019398][ T4378] usb 2-1: Manufacturer: syz [ 418.019414][ T4378] usb 2-1: SerialNumber: syz [ 418.071402][ T4232] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 418.088018][ T4232] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 418.107204][ T4232] usb 1-1: New USB device found, idVendor=045e, idProduct=0009, bcdDevice= 0.00 [ 418.126876][ T4232] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 418.158195][ T4232] usb 1-1: config 0 descriptor?? [ 418.169504][ T5626] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 418.194537][ T5626] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 418.289163][ T4234] usb 5-1: new full-speed USB device number 19 using dummy_hcd [ 418.350421][ T4378] dvb-usb: found a 'Pinnacle PCTV 73e SE' in cold state, will try to load a firmware [ 418.409345][ T5626] usb 4-1: New USB device found, idVendor=200c, idProduct=1018, bcdDevice= 0.40 [ 418.421249][ T4378] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw' [ 418.438936][ T5626] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 418.448251][ T5626] usb 4-1: Product: syz [ 418.452969][ T4378] dib0700: firmware download failed at 7 with -8 [ 418.473137][ T5626] usb 4-1: Manufacturer: syz [ 418.494442][ T5626] usb 4-1: SerialNumber: syz [ 418.499417][ T4378] usb 2-1: USB disconnect, device number 29 [ 418.642426][ T4232] hid-multitouch 0003:045E:0009.0005: unknown main item tag 0x0 [ 418.669460][ T4234] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 418.689149][ T4232] hid-multitouch 0003:045E:0009.0005: unknown main item tag 0x0 [ 418.707286][ T4234] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 418.727736][ T4232] hid-multitouch 0003:045E:0009.0005: unknown main item tag 0x0 [ 418.739330][ T4234] usb 5-1: config 1 has no interface number 0 [ 418.745498][ T4234] usb 5-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 418.769462][ T4232] hid-multitouch 0003:045E:0009.0005: unknown main item tag 0x0 [ 418.777201][ T4232] hid-multitouch 0003:045E:0009.0005: unknown main item tag 0x0 [ 418.795087][ T4232] hid-multitouch 0003:045E:0009.0005: unknown main item tag 0x0 [ 418.803153][ T4232] hid-multitouch 0003:045E:0009.0005: unknown main item tag 0x0 [ 418.820086][ T4232] hid-multitouch 0003:045E:0009.0005: unknown main item tag 0x0 [ 418.827820][ T4232] hid-multitouch 0003:045E:0009.0005: unknown main item tag 0x0 [ 418.835715][ T4232] hid-multitouch 0003:045E:0009.0005: unknown main item tag 0x0 [ 418.862034][ T4232] hid-multitouch 0003:045E:0009.0005: unknown main item tag 0x0 [ 418.870859][ T4232] hid-multitouch 0003:045E:0009.0005: unknown main item tag 0x0 [ 418.881400][ T4232] hid-multitouch 0003:045E:0009.0005: unknown main item tag 0x0 [ 418.889341][ T4232] hid-multitouch 0003:045E:0009.0005: unknown main item tag 0x0 [ 418.897206][ T4232] hid-multitouch 0003:045E:0009.0005: unknown main item tag 0x0 [ 418.933859][ T4232] hid-multitouch 0003:045E:0009.0005: hidraw0: USB HID v0.00 Device [HID 045e:0009] on usb-dummy_hcd.0-1/input0 [ 418.959942][ T4234] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 418.979177][ T4234] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 419.002494][ T4234] usb 5-1: Product: syz [ 419.006742][ T4234] usb 5-1: Manufacturer: syz [ 419.029246][ T4232] usb 1-1: USB disconnect, device number 23 [ 419.039534][ T5626] usb 4-1: unit 5 not found! [ 419.048678][ T4234] usb 5-1: SerialNumber: syz [ 419.130419][ T4234] usb 5-1: selecting invalid altsetting 1 [ 419.169275][ T5626] usb 4-1: USB disconnect, device number 21 [ 419.229170][ T4378] usb 2-1: new full-speed USB device number 30 using dummy_hcd [ 419.260393][ T9335] fido_id[9335]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 419.529815][ T9337] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1528'. [ 419.587158][ T4234] cdc_ncm 5-1:1.1: failed GET_NTB_PARAMETERS [ 419.599997][ T4234] cdc_ncm 5-1:1.1: bind() failure [ 419.699501][ T4378] usb 2-1: unable to get BOS descriptor or descriptor too short [ 419.701438][ T4234] usb 5-1: USB disconnect, device number 19 [ 419.764307][ T4378] usb 2-1: not running at top speed; connect to a high speed hub [ 419.913938][ T9344] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1531'. [ 420.079190][ T4378] usb 2-1: New USB device found, idVendor=0763, idProduct=2003, bcdDevice= 0.40 [ 420.109022][ T4378] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 420.117547][ T4378] usb 2-1: Product: syz [ 420.134336][ T4378] usb 2-1: Manufacturer: syz [ 420.139141][ T4378] usb 2-1: SerialNumber: syz [ 420.348403][ T9353] loop0: detected capacity change from 0 to 1024 [ 420.480106][ T9353] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 420.516041][ T26] audit: type=1804 audit(420.469:212): pid=9353 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.1535" name="/newroot/277/file1/bus" dev="loop0" ino=18 res=1 errno=0 [ 420.549687][ T4378] usb 2-1: 1:1 : unsupported sample bitwidth 3 in 230 bytes [ 420.557121][ T4378] usb 2-1: parse_audio_format_rates_v2v3(): unable to find clock source (clock -22) [ 420.659429][ T4378] usb 2-1: unit 36 not found! [ 420.664410][ T4378] usb 2-1: unit 0 not found! [ 420.816779][ T4378] usb 2-1: USB disconnect, device number 30 [ 420.841236][ T9369] loop3: detected capacity change from 0 to 512 [ 420.969390][ T4232] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 420.981853][ T9369] EXT4-fs error (device loop3): ext4_orphan_get:1432: comm syz.3.1540: bad orphan inode 11862016 [ 421.015997][ T9369] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 421.230011][ T4232] usb 5-1: Using ep0 maxpacket: 32 [ 421.351882][ T4232] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 64, changing to 7 [ 421.365263][ T4232] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 250, changing to 7 [ 421.464492][ T9382] pit: kvm: requested 129066 ns i8254 timer period limited to 200000 ns [ 421.508806][ T9382] pit: kvm: requested 25980 ns i8254 timer period limited to 200000 ns [ 421.531026][ T9382] pit: kvm: requested 137447 ns i8254 timer period limited to 200000 ns [ 421.540466][ T4232] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0103, bcdDevice= 0.40 [ 421.550720][ T9382] pit: kvm: requested 34361 ns i8254 timer period limited to 200000 ns [ 421.559254][ T4232] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 421.569134][ T4232] usb 5-1: Product: syz [ 421.578174][ T4232] usb 5-1: Manufacturer: syz [ 421.584740][ T4232] usb 5-1: SerialNumber: syz [ 421.619423][ T5626] usb 2-1: new full-speed USB device number 31 using dummy_hcd [ 422.855344][ T9397] loop0: detected capacity change from 0 to 1024 [ 422.893143][ T9401] loop3: detected capacity change from 0 to 2048 [ 422.900774][ T5626] usb 2-1: config 0 has an invalid descriptor of length 78, skipping remainder of the config [ 422.935469][ T9401] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 422.982963][ T9401] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 423.024848][ T5626] usb 2-1: config 0 has an invalid descriptor of length 78, skipping remainder of the config [ 423.149147][ T5626] usb 2-1: config 0 has an invalid descriptor of length 78, skipping remainder of the config [ 423.175486][ T5626] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 423.200313][ T5626] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 423.222110][ T5626] usb 2-1: config 0 descriptor?? [ 424.221020][ T5626] usb 2-1: string descriptor 0 read error: -71 [ 424.309210][ T5626] hub 2-1:0.0: Invalid hub with more than one config or interface [ 424.329344][ T5626] hub: probe of 2-1:0.0 failed with error -22 [ 424.363590][ T4232] usb 5-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 424.421501][ T5626] usb 2-1: USB disconnect, device number 31 [ 424.439888][ T4232] usb 5-1: unit 4 not found! [ 424.560916][ T9431] loop4: detected capacity change from 0 to 256 [ 424.888836][ T9432] loop1: detected capacity change from 0 to 2048 [ 424.905109][ T4232] usb 5-1: USB disconnect, device number 20 [ 425.026048][ T9432] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 425.170035][ T26] audit: type=1804 audit(425.109:213): pid=9431 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.1565" name="/newroot/294/bus/bus" dev="loop4" ino=1048620 res=1 errno=0 [ 425.216045][ T9444] loop3: detected capacity change from 0 to 512 [ 425.229402][ T9431] exFAT-fs (loop4): error, invalid dentry access beyond EOF (clu : 5, eidx : 132) [ 425.239679][ T9431] exFAT-fs (loop4): Filesystem has been set read-only [ 425.246509][ T9431] exFAT-fs (loop4): error, failed to bmap (inode : ffff88805facc8e0 iblock : 8, err : -5) [ 425.257465][ T9431] exFAT-fs (loop4): error, invalid dentry access beyond EOF (clu : 5, eidx : 132) [ 425.289881][ T9437] loop0: detected capacity change from 0 to 2048 [ 426.155226][ T9437] EXT4-fs (loop0): mounted filesystem without journal. Opts: auto_da_alloc,data_err=abort,,errors=continue. Quota mode: writeback. [ 426.171164][ T9444] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 426.221487][ T9444] EXT4-fs error (device loop3): ext4_iget_extra_inode:4573: inode #15: comm syz.3.1569: corrupted in-inode xattr [ 426.270534][ T9444] EXT4-fs error (device loop3): ext4_orphan_get:1411: comm syz.3.1569: couldn't read orphan inode 15 (err -117) [ 426.283808][ T9444] EXT4-fs (loop3): mounted filesystem without journal. Opts: min_batch_time=0x0000000000000009,jqfmt=vfsv0,min_batch_time=0x00000000000003ff,noload,grpjquota=.,noblock_validity,resgid=0x0000000000000000,nobarrier,errors=continue,,errors=continue. Quota mode: writeback. [ 426.310382][ T4193] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1176: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 426.343774][ T9444] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1569'. [ 426.382063][ T9444] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1569'. [ 426.624530][ T9459] xt_CT: You must specify a L4 protocol and not use inversions on it [ 426.918017][ T4180] udevd[4180]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 427.757557][ T9470] loop4: detected capacity change from 0 to 512 [ 428.886916][ T9470] EXT4-fs (loop4): Test dummy encryption mode enabled [ 428.971528][ T9470] EXT4-fs error (device loop4): ext4_orphan_get:1406: inode #15: comm syz.4.1576: inode has both inline data and extents flags [ 429.090362][ T9470] EXT4-fs error (device loop4): ext4_orphan_get:1411: comm syz.4.1576: couldn't read orphan inode 15 (err -117) [ 429.139470][ T9470] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption,,errors=continue. Quota mode: writeback. [ 429.214301][ T9494] loop3: detected capacity change from 0 to 512 [ 429.270580][ T26] audit: type=1326 audit(429.219:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9496 comm="syz.1.1585" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac1872e59 code=0x50000 [ 429.297827][ T9497] 9pnet: Insufficient options for proto=fd [ 429.339500][ T9494] FAT-fs (loop3): bogus sectors per cluster 69 [ 429.345731][ T9494] FAT-fs (loop3): Can't find a valid FAT filesystem [ 429.377245][ T26] audit: type=1326 audit(429.229:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9496 comm="syz.1.1585" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac1872e59 code=0x50000 [ 429.469501][ T26] audit: type=1326 audit(429.229:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9496 comm="syz.1.1585" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac1872e59 code=0x50000 [ 429.552764][ T26] audit: type=1326 audit(429.229:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9496 comm="syz.1.1585" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac1872e59 code=0x50000 [ 429.574542][ T9504] loop3: detected capacity change from 0 to 8 [ 429.627665][ T26] audit: type=1326 audit(429.229:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9496 comm="syz.1.1585" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac1872e59 code=0x50000 [ 429.661167][ T26] audit: type=1326 audit(429.229:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9496 comm="syz.1.1585" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac1872e59 code=0x50000 [ 429.705854][ T9504] SQUASHFS error: lzo decompression failed, data probably corrupt [ 429.749533][ T9504] SQUASHFS error: Failed to read block 0x91: -5 [ 429.766273][ T26] audit: type=1326 audit(429.229:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9496 comm="syz.1.1585" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac1872e59 code=0x50000 [ 429.794938][ T9504] SQUASHFS error: Unable to read metadata cache entry [8f] [ 429.843125][ T9504] SQUASHFS error: Unable to read inode 0x11f [ 429.858304][ T26] audit: type=1326 audit(429.229:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9496 comm="syz.1.1585" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac1872e59 code=0x50000 [ 429.955768][ T26] audit: type=1326 audit(429.229:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9496 comm="syz.1.1585" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac1872e59 code=0x50000 [ 430.041198][ T9508] loop3: detected capacity change from 0 to 128 [ 430.115430][ T9508] EXT4-fs (loop3): Test dummy encryption mode enabled [ 430.173768][ T9508] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption=v1,max_dir_size_kb=0x0000000000000002,,errors=continue. Quota mode: none. [ 430.223500][ T26] kauditd_printk_skb: 99 callbacks suppressed [ 430.223516][ T26] audit: type=1326 audit(430.119:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9496 comm="syz.1.1585" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac1872e59 code=0x50000 [ 430.254182][ T26] audit: type=1326 audit(430.179:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9496 comm="syz.1.1585" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac1872e59 code=0x50000 [ 430.277619][ T26] audit: type=1326 audit(430.179:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9496 comm="syz.1.1585" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac1872e59 code=0x50000 [ 430.329375][ T26] audit: type=1326 audit(430.179:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9496 comm="syz.1.1585" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac1872e59 code=0x50000 [ 430.359052][ T26] audit: type=1326 audit(430.179:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9496 comm="syz.1.1585" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac1872e59 code=0x50000 [ 430.442517][ T9508] EXT4-fs error (device loop3): ext4_validate_block_bitmap:429: comm syz.3.1589: bg 0: block 19: invalid block bitmap [ 430.467335][ T26] audit: type=1326 audit(430.179:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9496 comm="syz.1.1585" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac1872e59 code=0x50000 [ 430.565222][ T26] audit: type=1326 audit(430.179:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9496 comm="syz.1.1585" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac1872e59 code=0x50000 [ 430.664870][ T26] audit: type=1326 audit(430.179:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9496 comm="syz.1.1585" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac1872e59 code=0x50000 [ 430.819579][ T26] audit: type=1326 audit(430.179:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9496 comm="syz.1.1585" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac1872e59 code=0x50000 [ 430.923608][ T26] audit: type=1326 audit(430.179:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9496 comm="syz.1.1585" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffac1872e59 code=0x50000 [ 431.221458][ T9531] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 431.260371][ T9532] loop4: detected capacity change from 0 to 512 [ 431.306559][ T9532] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 431.388204][ T9532] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002] [ 431.401120][ T9532] System zones: 1-12 [ 431.410307][ T9532] EXT4-fs (loop4): orphan cleanup on readonly fs [ 431.424361][ T9532] EXT4-fs error (device loop4): ext4_clear_blocks:883: inode #11: comm syz.4.1599: attempt to clear invalid blocks 1024 len 1 [ 431.450310][ T9532] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.1599: bg 0: block 361: padding at end of block bitmap is not set [ 431.506522][ T9532] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6191: Corrupt filesystem [ 431.525904][ T9532] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.1599: invalid indirect mapped block 1811939328 (level 0) [ 431.549095][ T9532] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.1599: invalid indirect mapped block 2 (level 2) [ 431.569938][ T9532] EXT4-fs (loop4): 1 truncate cleaned up [ 431.576229][ T9532] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,,errors=continue. Quota mode: none. [ 431.606517][ T9540] futex_wake_op: syz.0.1601 tries to shift op by 32; fix this program [ 431.968382][ T9553] loop3: detected capacity change from 0 to 1024 [ 432.018909][ T9556] loop0: detected capacity change from 0 to 512 [ 432.123165][ T9553] hfsplus: xattr searching failed [ 432.131384][ T9556] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 432.192522][ T9565] hfsplus: xattr searching failed [ 432.337959][ T9565] hfsplus: xattr searching failed [ 432.372094][ T9553] hfsplus: xattr searching failed [ 432.567895][ T9572] ALSA: seq fatal error: cannot create timer (-16) [ 433.488830][ T9579] loop1: detected capacity change from 0 to 512 [ 433.499954][ T4318] hfsplus: b-tree write err: -5, ino 3 [ 433.544617][ T9580] loop4: detected capacity change from 0 to 2048 [ 433.635923][ T9579] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,nogrpid,quota,,errors=continue. Quota mode: writeback. [ 433.702222][ T9580] EXT4-fs (loop4): mounted filesystem without journal. Opts: auto_da_alloc,data_err=abort,,errors=continue. Quota mode: writeback. [ 433.840715][ T9595] loop3: detected capacity change from 0 to 256 [ 433.910874][ T9591] loop0: detected capacity change from 0 to 512 [ 434.067170][ T9591] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 434.212682][ T9591] EXT4-fs (loop0): SIPHASH is not a valid default hash value [ 434.445543][ T9611] loop1: detected capacity change from 0 to 764 [ 434.533681][ T9611] rock: directory entry would overflow storage [ 434.546080][ T9611] rock: sig=0x4654, size=5, remaining=4 [ 434.764277][ T9621] loop3: detected capacity change from 0 to 128 [ 434.847788][ T9621] FAT-fs (loop3): Directory bread(block 32) failed [ 434.857319][ T9621] FAT-fs (loop3): Directory bread(block 33) failed [ 434.865817][ T9621] FAT-fs (loop3): Directory bread(block 34) failed [ 434.885860][ T9621] FAT-fs (loop3): Directory bread(block 35) failed [ 434.905979][ T9621] FAT-fs (loop3): Directory bread(block 36) failed [ 434.924504][ T9621] FAT-fs (loop3): Directory bread(block 37) failed [ 434.950161][ T9621] FAT-fs (loop3): Directory bread(block 38) failed [ 434.973609][ T9621] FAT-fs (loop3): Directory bread(block 39) failed [ 434.991745][ T9621] FAT-fs (loop3): Directory bread(block 40) failed [ 435.009826][ T9621] FAT-fs (loop3): Directory bread(block 41) failed [ 435.218602][ T9621] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 435.244421][ T9621] FAT-fs (loop3): Filesystem has been set read-only [ 435.465744][ T9640] loop4: detected capacity change from 0 to 128 [ 435.681182][ T9640] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 437.372851][ T9655] loop0: detected capacity change from 0 to 1024 [ 437.654940][ T9655] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 437.715505][ T9632] bridge0: port 2(bridge_slave_1) entered disabled state [ 437.723013][ T9632] bridge0: port 1(bridge_slave_0) entered disabled state [ 437.828858][ T4199] UDF-fs: error (device loop4): udf_read_inode: (ino 114) failed !bh [ 437.864655][ T4199] UDF-fs: error (device loop4): udf_read_inode: (ino 114) failed !bh [ 438.602315][ T9676] loop3: detected capacity change from 0 to 256 [ 438.677646][ T9676] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x39601bbf, utbl_chksum : 0xe619d30d) [ 438.682943][ T4385] usb 1-1: new high-speed USB device number 24 using dummy_hcd [ 438.785306][ T9632] rdma_rxe: ignoring netdev event = 10 for team_slave_0 [ 438.812276][ T9632] rdma_rxe: ignoring netdev event = 27 for team_slave_0 [ 438.831034][ T9632] infiniband syz2: set down [ 438.858235][ T9632] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 438.872973][ T9632] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 438.996539][ T9681] loop3: detected capacity change from 0 to 128 [ 439.049818][ T9632] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 439.059434][ T4385] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 439.074728][ T9632] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 439.084623][ T4385] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 439.095573][ T9632] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 439.105156][ T4385] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 439.127747][ T9632] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 439.139528][ T4385] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 439.151017][ T4385] usb 1-1: config 0 descriptor?? [ 439.640953][ T4385] keytouch 0003:0926:3333.0006: fixing up Keytouch IEC report descriptor [ 439.677870][ T4385] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0006/input/input8 [ 439.882080][ T4385] keytouch 0003:0926:3333.0006: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0 [ 439.899438][ T9704] loop1: detected capacity change from 0 to 512 [ 439.908475][ T4385] usb 1-1: USB disconnect, device number 24 [ 439.945070][ T9704] EXT4-fs (loop1): Ignoring removed bh option [ 439.981431][ T9701] loop3: detected capacity change from 0 to 1024 [ 439.993484][ T9704] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 440.048312][ T9704] EXT4-fs (loop1): 1 truncate cleaned up [ 440.054735][ T9701] UDF-fs: bad mount option "0xffffffffffffffff00000000000000000850RR" or missing value [ 440.067169][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.073619][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.095953][ T9704] EXT4-fs (loop1): mounted filesystem without journal. Opts: noload,max_dir_size_kb=0x0000000000000001,bh,abort,data_err=ignore,usrjquota=,,errors=continue. Quota mode: none. [ 440.502527][ T9709] fido_id[9709]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 440.778468][ T9714] loop0: detected capacity change from 0 to 4096 [ 441.016637][ T9714] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 441.875240][ T9732] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1669'. [ 441.931971][ T9717] chnl_net:caif_netlink_parms(): no params data found [ 441.986681][ T9734] loop1: detected capacity change from 0 to 512 [ 442.073950][ T9738] loop3: detected capacity change from 0 to 512 [ 442.188178][ T9717] bridge0: port 1(bridge_slave_0) entered blocking state [ 442.218137][ T9734] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 442.225612][ T9717] bridge0: port 1(bridge_slave_0) entered disabled state [ 442.247565][ T9738] EXT4-fs (loop3): mounted filesystem without journal. Opts: lazytime,auto_da_alloc=0x0000000000000009,,errors=continue. Quota mode: writeback. [ 442.251795][ T9717] device bridge_slave_0 entered promiscuous mode [ 442.311915][ T9734] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1176: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 442.296276][ T9717] bridge0: port 2(bridge_slave_1) entered blocking state [ 442.395841][ T9717] bridge0: port 2(bridge_slave_1) entered disabled state [ 442.432112][ T9734] EXT4-fs error (device loop1): ext4_xattr_inode_iget:401: comm syz.1.1670: inode #9: comm syz.1.1670: iget: illegal inode # [ 442.469917][ T9717] device bridge_slave_1 entered promiscuous mode [ 442.477314][ T9734] EXT4-fs error (device loop1): ext4_xattr_inode_iget:406: comm syz.1.1670: error while reading EA inode 9 err=-117 [ 442.497235][ T9734] EXT4-fs error (device loop1): ext4_xattr_inode_iget:401: comm syz.1.1670: inode #9: comm syz.1.1670: iget: illegal inode # [ 442.551267][ T9734] EXT4-fs error (device loop1): ext4_xattr_inode_iget:406: comm syz.1.1670: error while reading EA inode 9 err=-117 [ 442.587741][ T9717] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 442.637439][ T9753] loop3: detected capacity change from 0 to 128 [ 442.647150][ T9717] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 442.693165][ T9717] team0: Port device team_slave_0 added [ 442.762950][ T9717] team0: Port device team_slave_1 added [ 442.831528][ T9753] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a80ec018, mo2=0002] [ 442.879763][ T9753] System zones: 1-3, 19-19, 35-36 [ 442.902115][ T9717] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 442.927379][ T9758] loop1: detected capacity change from 0 to 128 [ 442.946412][ T9717] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 442.973430][ C0] vkms_vblank_simulate: vblank timer overrun [ 442.981967][ T9753] EXT4-fs (loop3): mounted filesystem without journal. Opts: quota,debug,,errors=continue. Quota mode: writeback. [ 443.245800][ T9758] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 443.269521][ T4235] Bluetooth: hci4: command 0x0409 tx timeout [ 443.668106][ T9717] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 443.775220][ T9717] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 443.815075][ T9717] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 443.841646][ C0] vkms_vblank_simulate: vblank timer overrun [ 443.865451][ T9717] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 443.917848][ T9758] fscrypt (loop1, inode 12): Missing crypto API support for Adiantum (API name: "adiantum(xchacha12,aes)") [ 443.940885][ T9717] device hsr_slave_0 entered promiscuous mode [ 443.953259][ T9758] fscrypt (loop1, inode 12): Missing crypto API support for Adiantum (API name: "adiantum(xchacha12,aes)") [ 444.007142][ T9717] device hsr_slave_1 entered promiscuous mode [ 444.072331][ T9778] binder: transaction release 13 bad handle 2, ret = -22 [ 444.099259][ T9717] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 444.127644][ T9717] Cannot create hsr debugfs directory [ 444.247138][ T9783] loop1: detected capacity change from 0 to 16 [ 444.257964][ T9784] loop0: detected capacity change from 0 to 512 [ 444.334613][ T9783] erofs: (device loop1): mounted with root inode @ nid 36. [ 444.349531][ T9784] EXT4-fs (loop0): Test dummy encryption mode enabled [ 444.400670][ T9783] erofs: (device loop1): erofs_readdir: invalid de[0].nameoff 0 @ nid 46 [ 444.413556][ T9784] EXT4-fs error (device loop0): ext4_orphan_get:1406: inode #15: comm syz.0.1683: inode has both inline data and extents flags [ 444.488033][ T9717] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 444.528888][ T9784] EXT4-fs error (device loop0): ext4_orphan_get:1411: comm syz.0.1683: couldn't read orphan inode 15 (err -117) [ 444.550641][ T9717] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 444.558561][ T9784] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption,,errors=continue. Quota mode: writeback. [ 444.592970][ T9717] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 444.622831][ T9717] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 444.846134][ T9717] 8021q: adding VLAN 0 to HW filter on device bond0 [ 444.896978][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 444.918262][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 444.977328][ T9717] 8021q: adding VLAN 0 to HW filter on device team0 [ 445.005793][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 445.022507][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 445.041775][ T154] bridge0: port 1(bridge_slave_0) entered blocking state [ 445.049025][ T154] bridge0: port 1(bridge_slave_0) entered forwarding state [ 445.096240][ T9808] [ 445.098639][ T9808] ====================================================== [ 445.105689][ T9808] WARNING: possible circular locking dependency detected [ 445.112754][ T9808] syzkaller #0 Not tainted [ 445.117341][ T9808] ------------------------------------------------------ [ 445.124386][ T9808] syz.3.1693/9808 is trying to acquire lock: [ 445.130392][ T9808] ffff888063821028 ((work_completion)(&hdev->bg_scan_update)){+.+.}-{0:0}, at: __flush_work+0xfa/0x210 [ 445.141528][ T9808] [ 445.141528][ T9808] but task is already holding lock: [ 445.148923][ T9808] ffffffff8d6c73e8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0x18b/0x560 [ 445.158629][ T9808] [ 445.158629][ T9808] which lock already depends on the new lock. [ 445.158629][ T9808] [ 445.169060][ T9808] [ 445.169060][ T9808] the existing dependency chain (in reverse order) is: [ 445.178644][ T9808] [ 445.178644][ T9808] -> #4 (rfkill_global_mutex){+.+.}-{3:3}: [ 445.186729][ T9808] __mutex_lock_common+0x1e3/0x2400 [ 445.192523][ T9808] mutex_lock_nested+0x17/0x20 [ 445.197937][ T9808] rfkill_register+0x33/0x980 [ 445.203180][ T9808] hci_register_dev+0x452/0x970 [ 445.208600][ T9808] vhci_create_device+0x32c/0x5c0 [ 445.214194][ T9808] vhci_write+0x391/0x450 [ 445.219089][ T9808] vfs_write+0x745/0xd60 [ 445.223908][ T9808] ksys_write+0x152/0x260 [ 445.228820][ T9808] do_syscall_64+0x4c/0xa0 [ 445.233805][ T9808] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 445.240285][ T9808] [ 445.240285][ T9808] -> #3 (&data->open_mutex){+.+.}-{3:3}: [ 445.248157][ T9808] __mutex_lock_common+0x1e3/0x2400 [ 445.253931][ T9808] mutex_lock_nested+0x17/0x20 [ 445.259407][ T9808] vhci_send_frame+0x88/0x100 [ 445.264671][ T9808] hci_send_frame+0x1a9/0x2e0 [ 445.269928][ T9808] hci_tx_work+0x9f9/0x1710 [ 445.274998][ T9808] process_one_work+0x85f/0x1010 [ 445.280505][ T9808] worker_thread+0xaa6/0x1290 [ 445.285755][ T9808] kthread+0x436/0x520 [ 445.290387][ T9808] ret_from_fork+0x1f/0x30 [ 445.295383][ T9808] [ 445.295383][ T9808] -> #2 ((work_completion)(&hdev->tx_work)){+.+.}-{0:0}: [ 445.304648][ T9808] __flush_work+0x116/0x210 [ 445.309720][ T9808] hci_dev_do_close+0x1e7/0x1030 [ 445.315221][ T9808] hci_unregister_dev+0x2eb/0x590 [ 445.320811][ T9808] vhci_release+0x73/0xc0 [ 445.325833][ T9808] __fput+0x234/0x930 [ 445.330413][ T9808] task_work_run+0x125/0x1a0 [ 445.335572][ T9808] do_exit+0x626/0x20c0 [ 445.340281][ T9808] do_group_exit+0x12e/0x300 [ 445.345430][ T9808] get_signal+0x6d6/0x12d0 [ 445.350402][ T9808] arch_do_signal_or_restart+0xe7/0x12c0 [ 445.355939][ T4389] Bluetooth: hci4: command 0x041b tx timeout [ 445.356599][ T9808] exit_to_user_mode_loop+0x9e/0x130 [ 445.368413][ T9808] exit_to_user_mode_prepare+0xee/0x180 [ 445.374560][ T9808] irqentry_exit_to_user_mode+0x5/0x30 [ 445.380586][ T9808] exc_page_fault+0x88/0x100 [ 445.385742][ T9808] asm_exc_page_fault+0x22/0x30 [ 445.391162][ T9808] [ 445.391162][ T9808] -> #1 (&hdev->req_lock){+.+.}-{3:3}: [ 445.398990][ T9808] __mutex_lock_common+0x1e3/0x2400 [ 445.404763][ T9808] mutex_lock_nested+0x17/0x20 [ 445.410091][ T9808] bg_scan_update+0x44/0x3b0 [ 445.415417][ T9808] process_one_work+0x85f/0x1010 [ 445.420952][ T9808] worker_thread+0xaa6/0x1290 [ 445.426276][ T9808] kthread+0x436/0x520 [ 445.430929][ T9808] ret_from_fork+0x1f/0x30 [ 445.435940][ T9808] [ 445.435940][ T9808] -> #0 ((work_completion)(&hdev->bg_scan_update)){+.+.}-{0:0}: [ 445.445901][ T9808] __lock_acquire+0x2c42/0x7d10 [ 445.451336][ T9808] lock_acquire+0x19e/0x400 [ 445.456411][ T9808] __flush_work+0x116/0x210 [ 445.461491][ T9808] __cancel_work_timer+0x3f4/0x560 [ 445.467282][ T9808] hci_request_cancel_all+0xcc/0x300 [ 445.473241][ T9808] hci_dev_do_close+0x4e/0x1030 [ 445.478656][ T9808] hci_rfkill_set_block+0x10a/0x190 [ 445.484467][ T9808] rfkill_set_block+0x1c9/0x3d0 [ 445.489886][ T9808] rfkill_fop_write+0x452/0x560 [ 445.495299][ T9808] vfs_write+0x30b/0xd60 [ 445.500108][ T9808] ksys_write+0x152/0x260 [ 445.504990][ T9808] do_syscall_64+0x4c/0xa0 [ 445.509960][ T9808] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 445.516418][ T9808] [ 445.516418][ T9808] other info that might help us debug this: [ 445.516418][ T9808] [ 445.526676][ T9808] Chain exists of: [ 445.526676][ T9808] (work_completion)(&hdev->bg_scan_update) --> &data->open_mutex --> rfkill_global_mutex [ 445.526676][ T9808] [ 445.542452][ T9808] Possible unsafe locking scenario: [ 445.542452][ T9808] [ 445.549934][ T9808] CPU0 CPU1 [ 445.555326][ T9808] ---- ---- [ 445.560723][ T9808] lock(rfkill_global_mutex); [ 445.565522][ T9808] lock(&data->open_mutex); [ 445.572667][ T9808] lock(rfkill_global_mutex); [ 445.580075][ T9808] lock((work_completion)(&hdev->bg_scan_update)); [ 445.586879][ T9808] [ 445.586879][ T9808] *** DEADLOCK *** [ 445.586879][ T9808] [ 445.595061][ T9808] 1 lock held by syz.3.1693/9808: [ 445.600119][ T9808] #0: ffffffff8d6c73e8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0x18b/0x560 [ 445.610274][ T9808] [ 445.610274][ T9808] stack backtrace: [ 445.616199][ T9808] CPU: 1 PID: 9808 Comm: syz.3.1693 Not tainted syzkaller #0 [ 445.623604][ T9808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 445.633699][ T9808] Call Trace: [ 445.637014][ T9808] [ 445.639994][ T9808] dump_stack_lvl+0x188/0x250 [ 445.644714][ T9808] ? load_image+0x400/0x400 [ 445.649693][ T9808] ? show_regs_print_info+0x20/0x20 [ 445.654935][ T9808] ? print_circular_bug+0x12b/0x1a0 [ 445.659402][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 445.660348][ T9808] check_noncircular+0x296/0x330 [ 445.660376][ T9808] ? look_up_lock_class+0x71/0x110 [ 445.677841][ T9808] ? add_chain_block+0x940/0x940 [ 445.682832][ T9808] ? lockdep_lock+0xf1/0x1f0 [ 445.687470][ T9808] ? __lock_acquire+0x12e8/0x7d10 [ 445.689755][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 445.692539][ T9808] ? mark_lock+0x94/0x320 [ 445.692564][ T9808] ? _find_first_zero_bit+0xce/0xf0 [ 445.710207][ T9808] __lock_acquire+0x2c42/0x7d10 [ 445.715119][ T9808] ? verify_lock_unused+0x140/0x140 [ 445.720371][ T9808] ? mark_lock+0x94/0x320 [ 445.724746][ T9808] ? verify_lock_unused+0x140/0x140 [ 445.728406][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 445.729996][ T9808] lock_acquire+0x19e/0x400 [ 445.730027][ T9808] ? __flush_work+0xfa/0x210 [ 445.747143][ T9808] ? __lock_acquire+0x7d10/0x7d10 [ 445.752275][ T9808] ? read_lock_is_recursive+0x10/0x10 [ 445.757701][ T9808] ? start_flush_work+0x776/0x820 [ 445.762772][ T9808] __flush_work+0x116/0x210 [ 445.763939][ T154] bridge0: port 2(bridge_slave_1) entered blocking state [ 445.767317][ T9808] ? __flush_work+0xfa/0x210 [ 445.767346][ T9808] ? flush_work+0x20/0x20 [ 445.774584][ T154] bridge0: port 2(bridge_slave_1) entered forwarding state [ 445.778979][ T9808] ? try_to_grab_pending+0xfa/0x7f0 [ 445.779007][ T9808] ? mark_lock+0x94/0x320 [ 445.800075][ T9808] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 445.806103][ T9808] ? lock_chain_count+0x20/0x20 [ 445.810994][ T9808] ? mark_lock+0x94/0x320 [ 445.815371][ T9808] ? __cancel_work_timer+0x36a/0x560 [ 445.820707][ T9808] __cancel_work_timer+0x3f4/0x560 [ 445.823395][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 445.825859][ T9808] ? cancel_work_sync+0x20/0x20 [ 445.838656][ T9808] ? __cancel_work+0x1f9/0x2e0 [ 445.843459][ T9808] ? lockdep_hardirqs_on+0x94/0x140 [ 445.848699][ T9808] ? __cancel_work+0x27b/0x2e0 [ 445.853604][ T9808] ? cancel_work+0x20/0x20 [ 445.858098][ T9808] ? lock_chain_count+0x20/0x20 [ 445.862997][ T9808] hci_request_cancel_all+0xcc/0x300 [ 445.868331][ T9808] hci_dev_do_close+0x4e/0x1030 [ 445.873219][ T9808] ? _raw_spin_unlock_irqrestore+0xc1/0x120 [ 445.874522][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 445.879144][ T9808] ? _raw_spin_unlock+0x40/0x40 [ 445.879171][ T9808] hci_rfkill_set_block+0x10a/0x190 [ 445.879197][ T9808] ? rcu_lock_release+0x20/0x20 [ 445.902135][ T9808] rfkill_set_block+0x1c9/0x3d0 [ 445.907038][ T9808] rfkill_fop_write+0x452/0x560 [ 445.911933][ T9808] ? rfkill_fop_read+0x520/0x520 [ 445.916938][ T9808] ? common_file_perm+0xb0/0x1c0 [ 445.922005][ T9808] ? fsnotify_perm+0x5d/0x560 [ 445.926766][ T9808] ? security_file_permission+0x75/0xa0 [ 445.932372][ T9808] ? rfkill_fop_read+0x520/0x520 [ 445.937528][ T9808] vfs_write+0x30b/0xd60 [ 445.941813][ T9808] ? file_end_write+0x250/0x250 [ 445.945798][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 445.946707][ T9808] ? __context_tracking_exit+0x4c/0x80 [ 445.960082][ T9808] ? __lock_acquire+0x7d10/0x7d10 [ 445.965152][ T9808] ? __fdget_pos+0x1e2/0x370 [ 445.969777][ T9808] ksys_write+0x152/0x260 [ 445.974145][ T9808] ? __ia32_sys_read+0x80/0x80 [ 445.978873][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 445.978940][ T9808] ? lockdep_hardirqs_on+0x94/0x140 [ 445.992556][ T9808] do_syscall_64+0x4c/0xa0 [ 445.997048][ T9808] ? clear_bhb_loop+0x30/0x80 [ 446.001791][ T9808] ? clear_bhb_loop+0x30/0x80 [ 446.006519][ T9808] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 446.012454][ T9808] RIP: 0033:0x7f69e06cbe59 [ 446.016917][ T9808] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 446.030139][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 446.036662][ T9808] RSP: 002b:00007f69de925028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 446.036691][ T9808] RAX: ffffffffffffffda RBX: 00007f69e0944fa0 RCX: 00007f69e06cbe59 [ 446.036709][ T9808] RDX: 0000000000000008 RSI: 0000200000000300 RDI: 0000000000000005 [ 446.068387][ T9808] RBP: 00007f69e0761d6f R08: 0000000000000000 R09: 0000000000000000 [ 446.075055][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 446.076395][ T9808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 446.076413][ T9808] R13: 00007f69e0945038 R14: 00007f69e0944fa0 R15: 00007ffdd02f2f28 [ 446.100293][ T9808] [ 446.111392][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 446.185637][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 446.206198][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 446.232533][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 446.241552][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 446.254514][ T9717] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 446.259643][ T4177] usb 2-1: new high-speed USB device number 32 using dummy_hcd [ 446.350549][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 446.358082][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 446.371668][ T9717] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 446.509048][ T4177] usb 2-1: Using ep0 maxpacket: 32 [ 446.514716][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 446.527845][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 446.552575][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 446.564364][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 446.575749][ T9717] device veth0_vlan entered promiscuous mode [ 446.585947][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 446.595794][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 446.612538][ T9717] device veth1_vlan entered promiscuous mode [ 446.629184][ T4177] usb 2-1: config 0 has an invalid interface number: 196 but max is 0 [ 446.640843][ T4177] usb 2-1: config 0 has no interface number 0 [ 446.651410][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 446.653880][ T4177] usb 2-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 528 [ 446.669852][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 446.678111][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 446.687756][ T4177] usb 2-1: config 0 interface 196 has no altsetting 0 [ 446.694969][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 446.710259][ T9717] device veth0_macvtap entered promiscuous mode [ 446.720974][ T9717] device veth1_macvtap entered promiscuous mode [ 446.738402][ T9717] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 446.749836][ T9717] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 446.759941][ T9717] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 446.770701][ T9717] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 446.780973][ T9717] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 446.792144][ T9717] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 446.803630][ T9717] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 446.815458][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 446.824787][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 446.835490][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 446.845695][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 446.858559][ T9717] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 446.869511][ T4177] usb 2-1: New USB device found, idVendor=05ac, idProduct=7700, bcdDevice=eb.3a [ 446.878690][ T4177] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 446.886961][ T9717] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 446.897001][ T4177] usb 2-1: Product: syz [ 446.901443][ T4177] usb 2-1: Manufacturer: syz [ 446.906272][ T9717] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 446.917581][ T4177] usb 2-1: SerialNumber: syz [ 446.926334][ T4177] usb 2-1: config 0 descriptor?? [ 446.931612][ T9717] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 446.942413][ T9717] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 446.953223][ T9717] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 446.964158][ T9803] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 446.972783][ T9717] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 446.981829][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 446.992251][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 447.005026][ T9717] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 447.014608][ T9717] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 447.023562][ T9717] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 447.035201][ T9717] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 447.074184][ T9717] ieee80211 phy14: Selected rate control algorithm 'minstrel_ht' [ 447.106491][ T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 447.117112][ T9717] ieee80211 phy15: Selected rate control algorithm 'minstrel_ht' [ 447.131395][ T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 447.145955][ T4532] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 447.168434][ T4532] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 447.177236][ T4532] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 447.196883][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 447.442396][ T4177] ipheth 2-1:0.196: Apple iPhone USB Ethernet device attached [ 447.669041][ C0] ipheth 2-1:0.196: ipheth_rcvbulk_callback: urb status: -75 [ 447.879090][ T4177] usb 2-1: USB disconnect, device number 32 [ 447.950400][ T4177] ipheth 2-1:0.196: Apple iPhone USB Ethernet now disconnected