last executing test programs: 10.587038765s ago: executing program 2 (id=1502): ioperm(0x10, 0x7, 0xfffffffffffffffe) r0 = fsopen(&(0x7f0000000080)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x8) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000280)={@fallback=r1, 0x0, 0x0, 0xce2c, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0}, 0x40) 10.320031526s ago: executing program 2 (id=1504): pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={0xffffffffffffffff, 0xffffffffffffffff}) writev(r1, &(0x7f0000000c00)=[{0x0}, {0x0}, {&(0x7f0000000b00)="accc73fc9105c3100ba1a2c8ecbbfcc6a574800f7f87fc85806d242f6fe1d6d830ed84a0774bf773631cb132739940df52f83a93a3ba7228606fe01b90bb34a96294924c55903a7c77564412d9f81cca1e586bef012f1d698c664ba8", 0x5c}], 0x3) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r3, 0x0, r4, 0x0, 0xf3a, 0x0) splice(r0, 0x0, r4, 0x0, 0x80, 0x6) write$bt_hci(r4, &(0x7f0000000800)=ANY=[], 0x7) write(r2, 0x0, 0x0) 9.819973779s ago: executing program 2 (id=1510): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r3, 0x800448f0, 0x0) 6.257867701s ago: executing program 3 (id=1511): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c000000680001ed020000000000008000000000000000000c000200010000000600000008"], 0x2c}}, 0x4000) write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0) 5.81188861s ago: executing program 4 (id=1518): setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendmmsg$inet(r0, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000300)="3e514fba9cf79aac6130799f2f83cd90009c4007079d5eb06e9b71f31006cb469656568cbe43", 0x26}, {&(0x7f0000000ac0)="867db3159d285a714c52459ef18666b9ae1f44040a98ad29895abe8ca2db7c7008968a51ff51e76257e0ed45996531fc4efe9ed71237923f9d582ef22ef2d6c2669b39b6763a2f912d12399b8d22acbfa4c908047d3ce06ba160067d6b44920e3e4eb271069dc6db73f02c6072804f231ac985f630e238a5bebec6b34374a4074f47e7121d582c508ab3b197340a0296aa2a57bf929506b3f8fb8eadd880f3", 0x9f}], 0x2}}, {{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000800)="cc5a4dbac0affd0a979c63ea8352d608a51fc8625318716ddf62b7752be4540c4ac7d344c53a3ad28313abc2437b60b03c0e587cafcf9a435bf90c618351f70a828238fdf90bc5d36c7d614b82552649954e0185662defd28f78449f073bad544f586136c5076a6f0f1b6fc9adf80557eb44db1b41824e9ef104c95e999766bbf27d74ad5d8fa63210cde65d384dd3e87c1fedaec3144d1ee66a0eb0750363e346cb930dae6109df6b9955bf8af119b5c9a86622af4ff8b5949fb90f8edbde416d046d61512fe4c453bb601a780e1bbc00dbedc5e50d3cd9bc920810eaefd5f9a171e9d32ab46b42e3e78c60087318bab42e94653cbdd600fba37c5a31d095500e91d02256f101e82447e34733220cdaaabc947f5b815080b5214c94a06fe96450ea42f48006c032b24d9e8d722841b7c7244b1d2cc012fcda1f7472fdbabb673ef862e32b359fad715b3f5cef6ef951abab80a4a0f5f8574395c5820fa25d07a119e23b39a87cb3b763fbfb0493121eec3e05eacbe7835e79e74881d1179013622a2a6421d51c974e6abd48a9882c8fcadbcee369346a9ad948fd5dd8f87496a30a9d888cdbcee8f3592dd69165358c4cd474639fc13300317b7fed115fb9818b20d177a39157101dbd8e23bc9ed32efed96c410a103d35336fb4ee4000bfb3d32b0181ff3d726a7dc6432a336a42b50b2c6877cb63b410d746b35fc721e5992ba47c3a2bc2d3679abe0794d226b7b0c333c3000fee7adaafb6efd57382eb2a86d71acaae52a154477a5b66757a886f4ad5446607520c17fb81ede0473cd897a34c7c9f41b653d568e4e1c457b0fc90554ed6798d3b8f3fb82578a424f385b1058dc11bab8989f000dd3e144a37015ffdf45d90393b12279455e6028dcb308b6bbcff", 0x283}], 0x1}}], 0x2, 0x2090) exit(0xfffffffffffffff7) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4) sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0) 5.098489521s ago: executing program 2 (id=1520): unshare(0x40600) socket$netlink(0x10, 0x3, 0x8000000004) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x0, 0x2, 0x6, 0xfffa}, 0x3a, [0x0, 0xc95a, 0xf, 0x4, 0x80, 0x2, 0x3, 0x8001, 0x20000006, 0x4d, 0x9, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x8, 0x0, 0x5, 0x27, 0x1, 0x7, 0x5, 0x1, 0x34, 0x6, 0x1, 0x5, 0x9b400000, 0xe661, 0x4, 0x7, 0x5, 0x8, 0x4c74, 0x80000000, 0x40000, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x7, 0x7fffffff, 0x407, 0x2323, 0xfffffff7, 0x8, 0x4006, 0x6, 0x7, 0x0, 0x4, 0x8, 0x1400, 0x100080, 0x0, 0x5, 0x6, 0x5, 0xfff, 0xfffffffe, 0x40], [0x10000007, 0xf0000000, 0x8000012b, 0x8007, 0x5, 0x6, 0x129432e2, 0x1, 0xf9, 0xe, 0x5, 0x6c7, 0x9, 0xfffffffc, 0x80000003, 0x200203, 0x200, 0x3, 0x2f, 0xe, 0x312, 0xd, 0x22, 0xa1, 0x4, 0x7, 0x7fff, 0x5a7c, 0x7ff, 0x401, 0x800, 0x0, 0xff, 0x1, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x4, 0xb, 0x401, 0x101, 0x8, 0x9, 0xc, 0x47, 0x8000, 0x1, 0xfdffffff, 0xffff, 0xfffffffe, 0x7, 0x9, 0x5, 0x3, 0xb, 0x250, 0x0, 0x6c0, 0xbc45, 0x48c93690, 0x6, 0x3], [0x7, 0x404, 0x0, 0x5, 0x4dfb, 0x100, 0x6, 0x9, 0x0, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0xaab1, 0x8, 0x0, 0x2, 0xc, 0x9, 0x401, 0x3, 0x5, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20080008, 0x9, 0x6d01, 0x0, 0x1, 0x800003, 0x200, 0x80, 0x3, 0x1, 0x2950bfaf, 0xdfe, 0xa2, 0x7, 0xa9, 0x5, 0x9, 0xac8, 0x80bf, 0x2, 0x8, 0x7ff, 0x12b, 0xb8a, 0x803c, 0x4, 0x7ff, 0x5, 0x1c, 0x120000, 0x1, 0x2006, 0x80a2ed, 0x0, 0x26], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0xa, 0x6, 0x0, 0xb5, 0xce7, 0x43, 0x1fcf8d94, 0x57, 0x5, 0xffffff28, 0x101, 0x10010000, 0x4, 0x7fff, 0x10ffff, 0x2000a620, 0x2, 0x200, 0x1, 0x2, 0x7, 0xe7, 0x6, 0x16, 0xfffffff9, 0x80000004, 0x85, 0xfffffff9, 0xc9, 0x9, 0x6, 0x7, 0x3, 0x7e, 0x100, 0x9602, 0xfffffffb, 0xaf, 0xfffffff6, 0x6, 0x226, 0xb, 0x7, 0xb, 0x30b1d693, 0xaed, 0x1000f40, 0x5, 0x2, 0x6c1b, 0x0, 0x4, 0xffef, 0xb1e, 0xd7, 0x6, 0xffff3441, 0x40fff]}, 0x45c) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) 4.960069227s ago: executing program 0 (id=1521): syz_emit_ethernet(0x3e, &(0x7f0000000040)={@local, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "6410a6", 0x8, 0x0, 0xff, @private2, @mcast2, {[@routing={0x88, 0x0, 0x1, 0x4}]}}}}}, 0x0) 4.959831637s ago: executing program 1 (id=1522): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='sched_switch\x00', r4}, 0x18) r5 = socket$inet_tcp(0x2, 0x1, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) close_range(r5, 0xffffffffffffffff, 0x0) 4.861269341s ago: executing program 2 (id=1523): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001380)={&(0x7f0000001200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@ptr, @struct={0x0, 0x1, 0x0, 0x4, 0x0, 0x2000, [{0x0, 0x1}]}]}}, &(0x7f0000000100)=""/226, 0x3e, 0xe2, 0x1}, 0x20) 3.531007988s ago: executing program 1 (id=1524): syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)={0x50, 0x0, 0x3, {0x7, 0x28, 0x0, 0x40002, 0x7fff, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000180)={0x217, @time={0x65757100, 0x8}, 0x0, {}, 0x67, 0x2}) 3.530901978s ago: executing program 3 (id=1525): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) preadv2(r1, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/26, 0x1a}], 0x1, 0x7be, 0x8000, 0x2) 3.522760809s ago: executing program 0 (id=1534): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x10012, r0, 0x0) ppoll(0x0, 0x0, &(0x7f00000001c0), 0x0, 0x0) 3.352029846s ago: executing program 4 (id=1526): socket$nl_audit(0x10, 0x3, 0x9) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x2adc0, 0x1c1}, 0x18) r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000180), 0x1, 0x0) write$binfmt_register(r0, &(0x7f0000000080)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x2, 0x3a, 'M', 0x3a, '\xcb\x94-\xa8|55a', 0x3a, './file0', 0x3a, [0x46, 0x46, 0x43]}, 0x33) 3.193658723s ago: executing program 3 (id=1527): syz_mount_image$udf(&(0x7f0000000f00), &(0x7f00000000c0)='./file1\x00', 0x800, &(0x7f0000000300)=ANY=[@ANYBLOB='uid=', @ANYRESDEC=0x0, @ANYBLOB="2c756e64656c6574652c6e6f7672732c6164696e6963622c766f6c756d653d30303030303030303030303030303030303030322c7569643d666f726765742c6769643d666f726765742c6e6f7374726963742c6e6f7672732c0085f95733019d784ca386da1fd41ffabd4b47acca2b8d488be702157dd8711c31732d", @ANYRES32], 0xfd, 0xc2d, &(0x7f0000001100)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir") syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000180)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x800053, 0x0, 0xfc, 0x0, &(0x7f00000000c0)) rename(&(0x7f00000006c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f00000000c0)='./file0\x00') 3.191064743s ago: executing program 0 (id=1538): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x0, 0x8008000000010, &(0x7f00000000c0)="17000000010001000003be8c5ee17688a2003308030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba000840024f0298e9e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0x11a) 2.995923811s ago: executing program 4 (id=1528): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f0000000240)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40}}, {@stripe={'stripe', 0x3d, 0x4000}}, {@nombcache}, {@minixdf}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x8042, 0x0) pwrite64(r0, &(0x7f0000000000)="c0e0", 0x2, 0x8080c61) fallocate(r0, 0x3, 0x80008, 0x8000c60) 2.898790756s ago: executing program 0 (id=1529): bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0600000004000000080000000c00000000000000", @ANYRES32, @ANYBLOB='\x00'/17, @ANYRES32], 0x48) 2.837619108s ago: executing program 1 (id=1530): r0 = getpgrp(0x0) r1 = syz_pidfd_open(r0, 0x0) pidfd_send_signal(r1, 0x40015, &(0x7f0000001fc0)={0x8, 0x546d0580, 0xb}, 0x0) 2.656015926s ago: executing program 4 (id=1531): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@newlink={0x4c, 0x10, 0xffffff1f, 0x0, 0x0, {0x0, 0x6, 0x0, 0x0, 0xffffff81}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}, @IFLA_GSO_MAX_SIZE={0x8, 0x29, 0x1ff6c}, @IFLA_BROADCAST={0xa, 0x2, @multicast}]}, 0x4c}}, 0x0) 2.605966558s ago: executing program 3 (id=1532): r0 = syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2000001, 0x13, r0, 0x1e67b000) mount$fuseblk(0x0, &(0x7f0000000100)='./cgroup\x00', 0x0, 0x3818000, 0x0) 2.576592749s ago: executing program 0 (id=1533): r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00'}) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000001c0)=@RTM_NEWMDB={0x18, 0x54, 0x1e5, 0x40000000, 0xfffffffd}, 0x18}, 0x1, 0x0, 0x0, 0x4}, 0x0) 2.483956993s ago: executing program 1 (id=1535): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x8, 0x3, 0x210, 0x320, 0xa, 0x148, 0x368, 0x60, 0x400, 0x2a8, 0x2a8, 0x400, 0x2a8, 0x7fffffe, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'bridge0\x00', 'rose0\x00'}, 0x0, 0x70, 0xe0, 0x0, {0x200003ae, 0x7f00}}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f2f7b9f28413d9d8ad470ad2b60c45cb4ea6e7bf902bdc2ff8a9304d9f655c746adc0bdc773506378bc2d27efd6abb05175089830cc46186074d7de46d5af300"}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@MARK={0x28}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x270) 2.284916962s ago: executing program 4 (id=1536): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='sched_switch\x00', r4}, 0x18) r5 = socket$inet_tcp(0x2, 0x1, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) close_range(r5, 0xffffffffffffffff, 0x0) 2.268118623s ago: executing program 3 (id=1537): r0 = epoll_create1(0x0) capset(&(0x7f0000000380)={0x20080522}, &(0x7f0000000040)={0x200000, 0x40200003, 0x0, 0x6, 0x7}) r1 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$sock_linger(r1, 0x1, 0x3c, &(0x7f0000000600)={0x200000000000001, 0x3}, 0x8) sendto$inet6(r1, 0x0, 0x0, 0xc880, &(0x7f0000000540)={0xa, 0x4e1c, 0x6, @empty, 0x8}, 0x1c) sendmmsg$inet6(r1, &(0x7f00000008c0)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)='Z', 0x1}], 0x1}}], 0x1, 0x404c484) r2 = creat(0x0, 0x0) close(r2) close_range(r0, 0xffffffffffffffff, 0x0) 2.199996135s ago: executing program 0 (id=1539): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) syz_emit_vhci(&(0x7f00000002c0)=@HCI_EVENT_PKT={0x4, @HCI_EV_VENDOR}, 0x3) unshare(0x4020400) socket$nl_netfilter(0x10, 0x3, 0xc) fanotify_init(0xf00, 0x0) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x87) connect$inet6(r3, &(0x7f0000000500)={0xa, 0xfffd, 0x0, @loopback, 0x5}, 0x1c) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='freezer.parent_freezing\x00', 0x275a, 0x0) write$binfmt_script(r4, &(0x7f0000000440), 0x1000a) sendfile(r3, r4, &(0x7f0000000000)=0x5, 0x20001) 2.180613846s ago: executing program 1 (id=1540): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x23, &(0x7f00000000c0)=0x20002, 0x4) getsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, 0x0, &(0x7f0000000080)) 1.87101544s ago: executing program 2 (id=1541): mmap(&(0x7f0000ff4000/0xc000)=nil, 0xc000, 0x1000007, 0x20031, 0xffffffffffffffff, 0xffffe000) mremap(&(0x7f0000ff8000/0x3000)=nil, 0x3000, 0x2000, 0x0, &(0x7f0000ffa000/0x2000)=nil) remap_file_pages(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x7, 0x80000) 246.791369ms ago: executing program 4 (id=1542): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0) mmap(&(0x7f0000ff6000/0xa000)=nil, 0xa000, 0x0, 0x11, r1, 0x63660000) ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, &(0x7f0000000300)={0x17c04, 0xffffffffffffffff, 0xd3f, 0x6780, 0x1000000, 0x4}) 124.39µs ago: executing program 3 (id=1543): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=@newlink={0x40, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_IFNAME={0x14, 0x3, 'veth1_virt_wifi\x00'}, @IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FLAGS={0x8, 0x3, 0xa}]}]}, 0x40}}, 0x0) 0s ago: executing program 1 (id=1544): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_l2cap_L2CAP_LM(r1, 0x6, 0x3, &(0x7f0000000080)=0x21, 0x4) connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) kernel console output (not intermixed with test programs): batadv_slave_0 [ 77.773254][ T4268] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.788158][ T4268] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 77.798728][ T4279] device veth0_vlan entered promiscuous mode [ 77.807107][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 77.815260][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 77.823684][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 77.832066][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 77.841944][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 77.851010][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 77.865315][ T4268] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.884651][ T4268] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.895197][ T4268] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.906144][ T4268] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.918235][ T4268] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.934716][ T4279] device veth1_vlan entered promiscuous mode [ 77.949359][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 77.960612][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 77.973764][ T4268] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.994017][ T4268] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.003659][ T4268] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.012551][ T4268] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.064508][ T4266] device veth0_macvtap entered promiscuous mode [ 78.093325][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 78.105077][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 78.114014][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 78.160805][ T4266] device veth1_macvtap entered promiscuous mode [ 78.202521][ T4279] device veth0_macvtap entered promiscuous mode [ 78.213464][ T4279] device veth1_macvtap entered promiscuous mode [ 78.238073][ T4279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 78.261365][ T4279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.273039][ T4279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 78.288715][ T4279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.302607][ T4279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 78.318665][ T4279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.331523][ T4279] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 78.374329][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 78.391471][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 78.402823][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 78.411937][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 78.421197][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 78.434830][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 78.514043][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 78.750169][ T4279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 78.981239][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.348558][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.361341][ T4279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 79.383636][ T4279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 79.407069][ T4279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 79.417044][ T4279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 79.428293][ T4279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 79.440002][ T4269] Bluetooth: hci2: command 0x0419 tx timeout [ 79.446180][ T4269] Bluetooth: hci0: command 0x0419 tx timeout [ 79.452215][ T4269] Bluetooth: hci1: command 0x0419 tx timeout [ 79.458403][ T4285] Bluetooth: hci4: command 0x0419 tx timeout [ 79.458423][ T4286] Bluetooth: hci3: command 0x0419 tx timeout [ 79.466728][ T4279] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 79.501407][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 79.520097][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 79.529485][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 79.541270][ T4279] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.550960][ T4279] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.559900][ T4279] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.568708][ T4279] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.542128][ T4266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 80.558873][ T4266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.577208][ T4266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 80.587770][ T4266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.597683][ T4266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 80.608388][ T4266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.618516][ T4266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 80.632777][ T4266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.644391][ T4266] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 80.656611][ T41] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.664665][ T41] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.603717][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 81.614870][ T126] cfg80211: failed to load regulatory.db [ 81.639735][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 81.655144][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 81.677774][ T4266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 81.688811][ T4266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.699259][ T4266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 81.709976][ T4266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.720605][ T4266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 81.731314][ T4266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.741273][ T4266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 81.751854][ T4266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.764464][ T4266] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 81.786631][ T4389] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.800432][ T4389] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.816829][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 81.826712][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 81.836730][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 81.847609][ T4266] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.859246][ T4266] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.868549][ T4266] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.877535][ T4266] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.006045][ T4389] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.014080][ T4389] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.045800][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 82.341326][ T4404] loop2: detected capacity change from 0 to 40427 [ 82.379814][ T4404] F2FS-fs (loop2): invalid crc value [ 82.418993][ T4404] F2FS-fs (loop2): Found nat_bits in checkpoint [ 82.469968][ T4404] F2FS-fs (loop2): Start checkpoint disabled! [ 82.490769][ T4389] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.491783][ T4404] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6 [ 82.510743][ T4389] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.521140][ T4389] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 82.559954][ T4389] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.569340][ T4389] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.663624][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 83.207570][ T4389] kworker/u4:7: attempt to access beyond end of device [ 83.207570][ T4389] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 83.219899][ T56] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.225227][ T4389] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.449955][ T56] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.524039][ T4389] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.657589][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 84.144839][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 87.465817][ T4439] loop3: detected capacity change from 0 to 40427 [ 87.522335][ T4439] F2FS-fs (loop3): invalid crc value [ 87.542688][ T4439] F2FS-fs (loop3): Found nat_bits in checkpoint [ 87.588746][ T4439] F2FS-fs (loop3): Start checkpoint disabled! [ 87.602442][ T4439] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 87.997651][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 88.023560][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 88.032358][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 88.046296][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 88.054722][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 88.063127][ T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!! [ 88.071519][ T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!! [ 88.079858][ T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!! [ 88.088238][ T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!! [ 88.096573][ T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!! [ 92.773120][ T4459] loop0: detected capacity change from 0 to 40427 [ 92.848360][ T4459] F2FS-fs (loop0): invalid crc value [ 92.867118][ T4459] F2FS-fs (loop0): Found nat_bits in checkpoint [ 92.910566][ T4459] F2FS-fs (loop0): Start checkpoint disabled! [ 92.940422][ T4459] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 93.996574][ T56] kworker/u4:4: attempt to access beyond end of device [ 93.996574][ T56] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 95.886897][ T4400] kworker/u4:10: attempt to access beyond end of device [ 95.886897][ T4400] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 96.327612][ T4481] tipc: Started in network mode [ 96.332798][ T4481] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 96.342445][ T4481] tipc: New replicast peer: fc00:0000:0000:0000:0000:0000:0000:0000 [ 96.350762][ T4481] tipc: Enabled bearer , priority 10 [ 97.318108][ T4470] loop4: detected capacity change from 0 to 32768 [ 97.590434][ T4485] loop3: detected capacity change from 0 to 40427 [ 97.600882][ T4313] tipc: Node number set to 1 [ 97.608800][ T4485] F2FS-fs (loop3): invalid crc value [ 97.778071][ T4485] F2FS-fs (loop3): Found nat_bits in checkpoint [ 97.843537][ T4485] F2FS-fs (loop3): Start checkpoint disabled! [ 98.633310][ T4485] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 98.713786][ T4500] binder: 4499:4500 ioctl c0306201 200000000680 returned -14 [ 101.806559][ T4519] binder: BINDER_SET_CONTEXT_MGR already set [ 101.812859][ T4519] binder: 4517:4519 ioctl 4018620d 2000000002c0 returned -16 [ 101.872677][ T4447] kworker/u4:13: attempt to access beyond end of device [ 101.872677][ T4447] loop3: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 102.239709][ T4522] loop4: detected capacity change from 0 to 8192 [ 102.378579][ T4522] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 102.391923][ T4522] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 102.401821][ T4522] REISERFS (device loop4): using ordered data mode [ 102.408514][ T4522] reiserfs: using flush barriers [ 102.421148][ T4522] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 102.439730][ T4522] REISERFS (device loop4): checking transaction log (loop4) [ 102.830539][ T4522] REISERFS (device loop4): Using tea hash to sort names [ 102.842165][ T4522] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 107.356839][ T4541] loop1: detected capacity change from 0 to 8192 [ 107.858042][ T4554] tipc: Enabling of bearer rejected, already enabled [ 108.160053][ T4541] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 110.127076][ T4555] sched: RT throttling activated [ 110.130733][ T4541] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 110.315558][ T4541] REISERFS (device loop1): using ordered data mode [ 110.322162][ T4541] reiserfs: using flush barriers [ 110.331937][ T4541] REISERFS warning (device loop1): journal-1256 journal_init: unable to get memory for journal structure [ 110.344350][ T4541] REISERFS warning (device loop1): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 110.421577][ T4562] binder: 4561:4562 ioctl c0306201 200000000680 returned -14 [ 113.023263][ T4583] loop0: detected capacity change from 0 to 8192 [ 113.559107][ T4583] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 113.572533][ T4583] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 114.366888][ T4583] REISERFS (device loop0): using ordered data mode [ 114.373688][ T4583] reiserfs: using flush barriers [ 114.386358][ T4583] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 114.405625][ T4583] REISERFS (device loop0): checking transaction log (loop0) [ 114.831017][ T4583] REISERFS (device loop0): Using tea hash to sort names [ 114.841493][ T4583] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 117.034988][ T4600] loop3: detected capacity change from 0 to 8192 [ 117.246648][ T4600] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 117.259979][ T4600] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 117.269547][ T4600] REISERFS (device loop3): using ordered data mode [ 117.276559][ T4600] reiserfs: using flush barriers [ 117.292868][ T4600] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 117.312088][ T4600] REISERFS (device loop3): checking transaction log (loop3) [ 117.668827][ T4600] REISERFS (device loop3): Using tea hash to sort names [ 117.678028][ T4600] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 120.268008][ T4626] loop0: detected capacity change from 0 to 8192 [ 120.687685][ T4626] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 120.701751][ T4626] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 120.711502][ T4626] REISERFS (device loop0): using ordered data mode [ 120.718592][ T4626] reiserfs: using flush barriers [ 120.730056][ T4626] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 120.749805][ T4626] REISERFS (device loop0): checking transaction log (loop0) [ 121.986610][ T4629] loop2: detected capacity change from 0 to 8192 [ 123.350424][ T4629] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 123.364252][ T4629] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 123.374288][ T4629] REISERFS (device loop2): using ordered data mode [ 123.381163][ T4629] reiserfs: using flush barriers [ 123.403469][ T4629] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 123.421928][ T4629] REISERFS (device loop2): checking transaction log (loop2) [ 124.015738][ T4629] REISERFS (device loop2): Using tea hash to sort names [ 124.024995][ T4629] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 124.047179][ T4626] REISERFS (device loop0): Using tea hash to sort names [ 124.054455][ T4626] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 124.689583][ T4632] loop3: detected capacity change from 0 to 8192 [ 124.750100][ T4632] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 124.763491][ T4632] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 124.773060][ T4632] REISERFS (device loop3): using ordered data mode [ 124.779777][ T4632] reiserfs: using flush barriers [ 124.790664][ T4632] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 124.808522][ T4632] REISERFS (device loop3): checking transaction log (loop3) [ 125.222562][ T4632] REISERFS (device loop3): Using tea hash to sort names [ 125.246989][ T4632] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 125.941948][ T4648] loop4: detected capacity change from 0 to 8 [ 126.231510][ T4652] loop1: detected capacity change from 0 to 8 [ 126.316145][ T4654] netlink: 'syz.0.69': attribute type 10 has an invalid length. [ 126.573006][ T4654] device hsr_slave_0 left promiscuous mode [ 126.897490][ T4658] netlink: 'syz.2.71': attribute type 6 has an invalid length. [ 126.965134][ T4658] netlink: 8 bytes leftover after parsing attributes in process `syz.2.71'. [ 127.046233][ T4660] netlink: 40 bytes leftover after parsing attributes in process `syz.0.72'. [ 127.062213][ T4660] netlink: 40 bytes leftover after parsing attributes in process `syz.0.72'. [ 127.103374][ T4661] netlink: 40 bytes leftover after parsing attributes in process `syz.0.72'. [ 128.818470][ T4665] netlink: 28 bytes leftover after parsing attributes in process `syz.0.74'. [ 129.094480][ T4668] netlink: 28 bytes leftover after parsing attributes in process `syz.2.75'. [ 130.158816][ T4671] netlink: 28 bytes leftover after parsing attributes in process `syz.0.87'. [ 131.308157][ T4692] netlink: 'syz.0.83': attribute type 1 has an invalid length. [ 131.325722][ T4692] netlink: 'syz.0.83': attribute type 4 has an invalid length. [ 131.333588][ T4692] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.83'. [ 131.364066][ T4692] netlink: 'syz.0.83': attribute type 1 has an invalid length. [ 131.389257][ T4692] netlink: 'syz.0.83': attribute type 4 has an invalid length. [ 131.410167][ T4692] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.83'. [ 131.717525][ T4699] netlink: 60 bytes leftover after parsing attributes in process `syz.4.84'. [ 131.971233][ T4697] __nla_validate_parse: 1 callbacks suppressed [ 131.971438][ T4697] netlink: 60 bytes leftover after parsing attributes in process `syz.4.84'. [ 132.261925][ T4700] netlink: 60 bytes leftover after parsing attributes in process `syz.4.84'. [ 132.798739][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.805111][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.906409][ T4715] loop4: detected capacity change from 0 to 8 [ 136.662570][ T4721] netlink: 28 bytes leftover after parsing attributes in process `syz.1.91'. [ 138.354963][ T4737] loop1: detected capacity change from 0 to 512 [ 138.367918][ T4737] EXT4-fs: Ignoring removed nobh option [ 138.391344][ T4733] syz.4.93 (4733): drop_caches: 2 [ 138.815418][ T4737] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.95: iget: bad i_size value: 38620345925642 [ 139.115902][ T4737] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.95: couldn't read orphan inode 15 (err -117) [ 139.175396][ T4737] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 139.272247][ T4742] netlink: 28 bytes leftover after parsing attributes in process `syz.3.94'. [ 139.344790][ T4737] EXT4-fs error (device loop1): ext4_validate_block_bitmap:429: comm syz.1.95: bg 0: block 5: invalid block bitmap [ 139.429127][ T4737] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 16 with error 28 [ 139.591887][ T4737] EXT4-fs (loop1): This should not happen!! Data will be lost [ 139.591887][ T4737] [ 139.613847][ T4737] EXT4-fs (loop1): Total free blocks count 0 [ 139.655505][ T4737] EXT4-fs (loop1): Free/Dirty block details [ 139.663241][ T4737] EXT4-fs (loop1): free_blocks=0 [ 139.758877][ T4737] EXT4-fs (loop1): dirty_blocks=112 [ 139.802218][ T4737] EXT4-fs (loop1): Block reservation details [ 139.883405][ T4737] EXT4-fs (loop1): i_reserved_data_blocks=112 [ 140.017062][ T9] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 16 with max blocks 96 with error 28 [ 141.219348][ T4768] loop0: detected capacity change from 0 to 1024 [ 141.326368][ T4768] ======================================================= [ 141.326368][ T4768] WARNING: The mand mount option has been deprecated and [ 141.326368][ T4768] and is ignored by this kernel. Remove the mand [ 141.326368][ T4768] option from the mount to silence this warning. [ 141.326368][ T4768] ======================================================= [ 141.495619][ T4768] EXT4-fs: inline encryption not supported [ 141.501543][ T4768] EXT4-fs: Ignoring removed oldalloc option [ 141.682716][ T4768] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 142.375831][ T4768] EXT4-fs (loop0): can't mount with data_err=abort, fs mounted w/o journal [ 142.611890][ T4780] loop1: detected capacity change from 0 to 512 [ 142.689457][ T4780] EXT4-fs: Ignoring removed nobh option [ 142.774158][ T4780] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.108: iget: bad i_size value: 38620345925642 [ 142.799034][ T4780] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.108: couldn't read orphan inode 15 (err -117) [ 142.865809][ T4780] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 143.042888][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 143.049021][ T4787] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 143.055847][ T4787] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 143.101956][ T4787] vhci_hcd vhci_hcd.0: Device attached [ 143.365597][ T27] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 144.685599][ T4337] usb 38-1: SetAddress Request (2) to port 0 [ 144.692200][ T4337] usb 38-1: new SuperSpeed USB device number 2 using vhci_hcd [ 145.994293][ T27] usb 1-1: Using ep0 maxpacket: 8 [ 146.175872][ T27] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 146.212190][ T27] usb 1-1: config 179 has no interface number 0 [ 146.259759][ T27] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 146.396645][ T4804] fuse: Bad value for 'fd' [ 146.542902][ T27] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 146.556970][ T27] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 146.574834][ T27] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 146.586626][ T27] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 146.600433][ T27] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 146.635390][ T27] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 146.678423][ T27] usb 1-1: can't set config #179, error -71 [ 146.902136][ T27] usb 1-1: USB disconnect, device number 2 [ 147.060657][ T4813] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 147.068508][ T4813] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 147.096717][ T4813] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 149.125570][ T4286] Bluetooth: hci4: link tx timeout [ 149.125810][ T4286] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 149.239371][ T4821] loop4: detected capacity change from 0 to 512 [ 149.452758][ T4823] loop0: detected capacity change from 0 to 32768 [ 149.463051][ T4823] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.118 (4823) [ 149.528053][ T4790] syz.2.109 (4790): drop_caches: 2 [ 149.529698][ T4821] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 149.550630][ T4823] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 149.561203][ T4823] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 149.573324][ T4823] BTRFS info (device loop0): force clearing of disk cache [ 149.580530][ T4823] BTRFS info (device loop0): enabling auto defrag [ 149.586995][ T4823] BTRFS info (device loop0): max_inline at 0 [ 149.592975][ T4823] BTRFS info (device loop0): enabling disk space caching [ 149.600016][ T4823] BTRFS info (device loop0): disk space caching is enabled [ 149.616075][ T4821] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 149.651491][ T4821] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2196: inode #15: comm syz.4.117: corrupted in-inode xattr [ 149.674497][ T4821] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2819: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 149.715497][ T4788] vhci_hcd: connection reset by peer [ 149.723105][ T4586] vhci_hcd: stop threads [ 149.728082][ T4586] vhci_hcd: release socket [ 149.732275][ T4821] EXT4-fs (loop4): 1 orphan inode deleted [ 149.767494][ T4821] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 150.860497][ T4337] usb 38-1: device descriptor read/8, error -110 [ 150.959365][ T4586] vhci_hcd: disconnect device [ 151.187423][ T4268] EXT4-fs (loop4): unmounting filesystem. [ 151.203019][ T4286] Bluetooth: hci4: command 0x0406 tx timeout [ 151.518104][ T4823] BTRFS info (device loop0): enabling ssd optimizations [ 151.530171][ T4823] BTRFS info (device loop0): rebuilding free space tree [ 151.531044][ T4861] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 151.560887][ T4337] usb usb38-port1: attempt power cycle [ 151.562380][ T4863] loop1: detected capacity change from 0 to 1024 [ 151.622794][ T4823] BTRFS info (device loop0): disabling free space tree [ 151.630404][ T4823] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 151.641109][ T4823] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 151.976637][ T4389] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared) [ 152.684527][ T4266] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 152.813806][ T4879] loop4: detected capacity change from 0 to 512 [ 152.856307][ T4879] EXT4-fs: Ignoring removed nobh option [ 152.947351][ T4337] usb usb38-port1: unable to enumerate USB device [ 153.077946][ T4885] loop2: detected capacity change from 0 to 8 [ 153.159755][ T4885] unable to read fragment index table [ 153.341187][ T4879] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.135: iget: bad i_size value: 38620345925642 [ 153.657302][ T4879] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.135: couldn't read orphan inode 15 (err -117) [ 153.729703][ T4879] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 153.746064][ T4886] loop1: detected capacity change from 0 to 512 [ 153.753840][ T4886] EXT4-fs: Ignoring removed nobh option [ 153.996773][ T4886] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.136: iget: bad i_size value: 38620345925642 [ 154.015147][ T4886] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.136: couldn't read orphan inode 15 (err -117) [ 154.031273][ T4894] loop0: detected capacity change from 0 to 512 [ 154.056570][ T4891] loop2: detected capacity change from 0 to 512 [ 154.072314][ T4886] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 154.082480][ T4891] EXT4-fs: Ignoring removed nobh option [ 154.143091][ T4268] EXT4-fs (loop4): unmounting filesystem. [ 154.225538][ T4891] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.137: iget: bad i_size value: 38620345925642 [ 154.246364][ T4894] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 154.295780][ T4891] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.137: couldn't read orphan inode 15 (err -117) [ 154.323840][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 154.350997][ T4891] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 154.369896][ T4894] EXT4-fs (loop0): 1 truncate cleaned up [ 154.405646][ T4894] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 154.646048][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 154.725242][ T4903] loop1: detected capacity change from 0 to 512 [ 154.733608][ T4903] EXT4-fs: Ignoring removed nobh option [ 155.300827][ T4903] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.139: iget: bad i_size value: 38620345925642 [ 155.441835][ T4903] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.139: couldn't read orphan inode 15 (err -117) [ 155.522006][ T4903] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 155.595044][ T4266] EXT4-fs (loop0): unmounting filesystem. [ 155.665684][ T4908] loop2: detected capacity change from 0 to 512 [ 155.717918][ T4908] EXT4-fs: Ignoring removed nobh option [ 155.839072][ T4908] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.140: iget: bad i_size value: 38620345925642 [ 155.857921][ T4915] loop0: detected capacity change from 0 to 256 [ 155.871785][ T4915] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 155.961699][ T4908] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.140: couldn't read orphan inode 15 (err -117) [ 156.056400][ T4908] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 156.825926][ T4921] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm syz.2.140: bg 0: block 5: invalid block bitmap [ 156.985934][ T4921] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 16 with error 28 [ 157.000337][ T2940] EXT4-fs error (device loop1): ext4_validate_block_bitmap:429: comm kworker/u4:5: bg 0: block 5: invalid block bitmap [ 157.075783][ T2940] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1484 with error 28 [ 157.098624][ T4921] EXT4-fs (loop2): This should not happen!! Data will be lost [ 157.098624][ T4921] [ 157.128971][ T4921] EXT4-fs (loop2): Total free blocks count 0 [ 157.135031][ T4921] EXT4-fs (loop2): Free/Dirty block details [ 157.141101][ T2940] EXT4-fs (loop1): This should not happen!! Data will be lost [ 157.141101][ T2940] [ 157.169951][ T4921] EXT4-fs (loop2): free_blocks=0 [ 157.171375][ T2940] EXT4-fs (loop1): Total free blocks count 0 [ 157.174951][ T4921] EXT4-fs (loop2): dirty_blocks=32 [ 157.174982][ T4921] EXT4-fs (loop2): Block reservation details [ 157.191483][ T2940] EXT4-fs (loop1): Free/Dirty block details [ 157.214198][ T2940] EXT4-fs (loop1): free_blocks=0 [ 157.215552][ T4923] loop0: detected capacity change from 0 to 512 [ 157.234430][ T2940] EXT4-fs (loop1): dirty_blocks=1484 [ 157.236223][ T4923] EXT4-fs: Ignoring removed nobh option [ 157.249293][ T4921] EXT4-fs (loop2): i_reserved_data_blocks=32 [ 157.258123][ T2940] EXT4-fs (loop1): Block reservation details [ 157.265137][ T2940] EXT4-fs (loop1): i_reserved_data_blocks=1484 [ 157.297828][ T4923] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.143: iget: bad i_size value: 38620345925642 [ 157.342991][ T4923] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.143: couldn't read orphan inode 15 (err -117) [ 157.368562][ T4399] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 16 with max blocks 16 with error 28 [ 157.455462][ T4923] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 157.487015][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 157.639579][ T4926] EXT4-fs error (device loop0): ext4_validate_block_bitmap:429: comm syz.0.143: bg 0: block 5: invalid block bitmap [ 157.712957][ T4926] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 16 with error 28 [ 157.785681][ T4926] EXT4-fs (loop0): This should not happen!! Data will be lost [ 157.785681][ T4926] [ 157.905440][ T4926] EXT4-fs (loop0): Total free blocks count 0 [ 157.911755][ T4926] EXT4-fs (loop0): Free/Dirty block details [ 157.925382][ T4926] EXT4-fs (loop0): free_blocks=0 [ 157.930397][ T4926] EXT4-fs (loop0): dirty_blocks=635 [ 157.937339][ T4926] EXT4-fs (loop0): Block reservation details [ 157.943640][ T4926] EXT4-fs (loop0): i_reserved_data_blocks=635 [ 157.954234][ T4353] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 16 with max blocks 616 with error 28 [ 157.976723][ T4916] loop4: detected capacity change from 0 to 8 [ 158.998355][ T4916] SQUASHFS error: Failed to initialise xz decompressor [ 159.031179][ T4916] squashfs image failed sanity check [ 159.372465][ T4943] fuse: Bad value for 'fd' [ 159.430835][ T4941] loop3: detected capacity change from 0 to 4096 [ 159.516525][ T4941] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [ 159.879751][ T4939] Zero length message leads to an empty skb [ 160.976021][ T4947] loop0: detected capacity change from 0 to 32768 [ 161.151991][ T4947] XFS (loop0): Mounting V5 Filesystem [ 161.296990][ T4947] XFS (loop0): Ending clean mount [ 161.469120][ T4961] loop3: detected capacity change from 0 to 1024 [ 161.514352][ T4961] EXT4-fs: inline encryption not supported [ 161.550954][ T4961] EXT4-fs: Ignoring removed oldalloc option [ 161.636133][ T4961] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 161.902261][ T4947] syz.0.149 (4947) used greatest stack depth: 20352 bytes left [ 161.930728][ T4961] EXT4-fs (loop3): can't mount with data_err=abort, fs mounted w/o journal [ 162.321801][ T4266] XFS (loop0): Unmounting Filesystem [ 162.612446][ T4973] loop1: detected capacity change from 0 to 1024 [ 162.875564][ T4631] usb 3-1: new full-speed USB device number 2 using dummy_hcd [ 163.077497][ T4631] usb 3-1: config 1 has an invalid interface number: 236 but max is 1 [ 163.093935][ T4631] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 163.108786][ T4631] usb 3-1: config 1 has 3 interfaces, different from the descriptor's value: 2 [ 163.302367][ T4631] usb 3-1: config 1 has no interface number 2 [ 163.309170][ T4631] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64 [ 163.320902][ T4631] usb 3-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 163.334149][ T4631] usb 3-1: config 1 interface 1 has no altsetting 0 [ 163.357749][ T4631] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 163.375381][ T4631] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 163.395819][ T4631] usb 3-1: Product: syz [ 163.400158][ T4631] usb 3-1: Manufacturer: syz [ 163.436144][ T4631] usb 3-1: SerialNumber: syz [ 163.449071][ T4970] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 163.466050][ T4631] cdc_ncm 3-1:1.0: skipping garbage [ 163.486594][ T4631] cdc_ncm 3-1:1.0: NCM or ECM functional descriptors missing [ 163.494545][ T4631] cdc_ncm 3-1:1.0: bind() failure [ 163.606245][ T4631] cdc_ncm 3-1:1.236: CDC Union missing and no IAD found [ 163.613437][ T4631] cdc_ncm 3-1:1.236: bind() failure [ 163.687247][ T4631] cdc_mbim: probe of 3-1:1.1 failed with error -71 [ 163.712357][ T4631] usb 3-1: USB disconnect, device number 2 [ 163.842219][ T4993] loop1: detected capacity change from 0 to 8 [ 164.736103][ T5000] loop3: detected capacity change from 0 to 32768 [ 164.773125][ T5000] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 165.337824][ T4279] ocfs2: Unmounting device (7,3) on (node local) [ 165.381134][ T5007] loop4: detected capacity change from 0 to 256 [ 165.410153][ T5007] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 167.545675][ T5019] loop3: detected capacity change from 0 to 512 [ 167.564657][ T5019] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 167.580894][ T5019] EXT4-fs (loop3): 1 truncate cleaned up [ 167.592843][ T5019] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 167.724755][ T26] audit: type=1326 audit(1763977127.747:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5022 comm="syz.4.172" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f448878f749 code=0x0 [ 167.746262][ C1] vkms_vblank_simulate: vblank timer overrun [ 168.579298][ T5034] loop2: detected capacity change from 0 to 1024 [ 168.635207][ T5034] EXT4-fs: inline encryption not supported [ 168.701705][ T5034] EXT4-fs: Ignoring removed oldalloc option [ 168.708784][ T5034] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 168.734975][ T4279] EXT4-fs (loop3): unmounting filesystem. [ 168.744561][ T5034] EXT4-fs (loop2): can't mount with data_err=abort, fs mounted w/o journal [ 168.900614][ T5040] loop4: detected capacity change from 0 to 1024 [ 169.062047][ T5040] hfsplus: unable to find HFS+ superblock [ 169.475976][ T5047] loop1: detected capacity change from 0 to 32768 [ 169.526174][ T4277] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 169.576995][ T5047] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.181 (5047) [ 170.150049][ T5047] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 170.160338][ T5047] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 170.169085][ T5047] BTRFS info (device loop1): force clearing of disk cache [ 170.176276][ T5047] BTRFS info (device loop1): enabling auto defrag [ 170.182764][ T5047] BTRFS info (device loop1): max_inline at 0 [ 170.188852][ T5047] BTRFS info (device loop1): enabling disk space caching [ 170.195941][ T5047] BTRFS info (device loop1): disk space caching is enabled [ 170.433803][ T5058] loop2: detected capacity change from 0 to 4096 [ 171.421895][ T5062] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 171.967043][ T5058] syz.2.182 (5058) used greatest stack depth: 19272 bytes left [ 172.819934][ T5089] loop4: detected capacity change from 0 to 32768 [ 173.210742][ T5047] BTRFS error (device loop1): open_ctree failed: -12 [ 173.217699][ T5089] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.185 (5089) [ 173.294758][ T5089] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 173.305161][ T5089] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 173.313934][ T5089] BTRFS info (device loop4): force clearing of disk cache [ 173.321210][ T5089] BTRFS info (device loop4): enabling auto defrag [ 173.328583][ T5089] BTRFS info (device loop4): max_inline at 0 [ 173.335636][ T5089] BTRFS info (device loop4): enabling disk space caching [ 173.342721][ T5089] BTRFS info (device loop4): disk space caching is enabled [ 173.356899][ T4267] BTRFS warning: duplicate device /dev/loop1 devid 1 generation 8 scanned by udevd (4267) [ 173.575949][ T5089] BTRFS info (device loop4): enabling ssd optimizations [ 173.585030][ T5089] BTRFS info (device loop4): rebuilding free space tree [ 173.599861][ T5089] BTRFS info (device loop4): disabling free space tree [ 173.607053][ T5089] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 173.616995][ T5089] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 173.970344][ T4416] BTRFS info (device loop4): qgroup scan completed (inconsistency flag cleared) [ 175.047683][ T4268] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 177.815080][ T5150] loop3: detected capacity change from 0 to 512 [ 177.843575][ T5150] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 177.866747][ T5147] loop1: detected capacity change from 0 to 512 [ 177.902997][ T5147] EXT4-fs: Ignoring removed nobh option [ 177.949444][ T5150] EXT4-fs (loop3): 1 truncate cleaned up [ 177.967184][ T5150] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 177.979862][ T5147] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.203: iget: bad i_size value: 38620345925642 [ 178.160280][ T5147] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.203: couldn't read orphan inode 15 (err -117) [ 178.324032][ T5147] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 179.964973][ T5166] loop4: detected capacity change from 0 to 32768 [ 180.078864][ T5166] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 180.923166][ T5170] loop2: detected capacity change from 0 to 32768 [ 180.950284][ T5170] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.196 (5170) [ 181.127637][ T5170] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 181.138422][ T5170] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 181.147247][ T5170] BTRFS info (device loop2): force clearing of disk cache [ 181.154438][ T5170] BTRFS info (device loop2): enabling auto defrag [ 181.161127][ T5170] BTRFS info (device loop2): max_inline at 0 [ 181.167249][ T5170] BTRFS info (device loop2): enabling disk space caching [ 181.174352][ T5170] BTRFS info (device loop2): disk space caching is enabled [ 181.186859][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 181.195062][ T4279] EXT4-fs (loop3): unmounting filesystem. [ 181.547857][ T5170] BTRFS info (device loop2): enabling ssd optimizations [ 181.579344][ T5170] BTRFS info (device loop2): rebuilding free space tree [ 181.598407][ T5170] BTRFS info (device loop2): disabling free space tree [ 181.605445][ T5170] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 181.615205][ T5170] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 181.650687][ T4268] ocfs2: Unmounting device (7,4) on (node local) [ 182.541769][ T4399] BTRFS info (device loop2): qgroup scan completed (inconsistency flag cleared) [ 182.952351][ T4280] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 184.251563][ T4277] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 14 /dev/loop2 scanned by udevd (4277) [ 185.351102][ T5215] loop1: detected capacity change from 0 to 32768 [ 185.359819][ T5215] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 14 [ 185.485582][ T4267] I/O error, dev loop1, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 189.035687][ T5229] loop2: detected capacity change from 0 to 32768 [ 190.328271][ T5229] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 192.350435][ T5242] binder: 5241:5242 ioctl c0306201 200000000680 returned -14 [ 192.807953][ T4280] ocfs2: Unmounting device (7,2) on (node local) [ 194.174049][ T5261] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 194.180642][ T5261] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 194.307938][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.378981][ T5271] loop1: detected capacity change from 0 to 8 [ 194.395576][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.478101][ T5261] vhci_hcd vhci_hcd.0: Device attached [ 194.795806][ T4383] usb 34-1: SetAddress Request (2) to port 0 [ 194.801923][ T4383] usb 34-1: new SuperSpeed USB device number 2 using vhci_hcd [ 195.716084][ T5272] syz.0.217 (5272): drop_caches: 2 [ 195.722943][ T5272] syz.0.217 (5272): drop_caches: 2 [ 195.871687][ T5262] vhci_hcd: connection reset by peer [ 195.918245][ T4586] vhci_hcd: stop threads [ 195.943056][ T4586] vhci_hcd: release socket [ 195.994203][ T4586] vhci_hcd: disconnect device [ 196.018331][ T5286] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 196.315504][ T4286] Bluetooth: hci3: command 0x0406 tx timeout [ 196.322602][ T4283] Bluetooth: hci2: command 0x0406 tx timeout [ 196.322671][ T4269] Bluetooth: hci0: command 0x0406 tx timeout [ 196.329386][ T4269] Bluetooth: hci1: command 0x0406 tx timeout [ 197.098691][ T5296] loop2: detected capacity change from 0 to 512 [ 197.227065][ T5296] EXT4-fs error (device loop2): __ext4_fill_super:5397: inode #2: comm syz.2.226: inode has both inline data and extents flags [ 197.252255][ T5296] EXT4-fs (loop2): get root inode failed [ 197.258267][ T5296] EXT4-fs (loop2): mount failed [ 199.996480][ T4383] usb 34-1: device descriptor read/8, error -110 [ 200.606366][ T5347] loop4: detected capacity change from 0 to 16 [ 200.656238][ T5347] erofs: (device loop4): mounted with root inode @ nid 36. [ 200.755637][ T5322] loop3: detected capacity change from 0 to 32768 [ 200.923985][ T4383] usb usb34-port1: attempt power cycle [ 201.031353][ T5357] loop2: detected capacity change from 0 to 16 [ 201.061062][ T5357] erofs: (device loop2): mounted with root inode @ nid 36. [ 201.289230][ T5322] XFS (loop3): Mounting V5 Filesystem [ 202.078769][ T5322] XFS (loop3): log mount failed [ 204.345849][ T4383] usb usb34-port1: unable to enumerate USB device [ 204.453419][ T5379] loop0: detected capacity change from 0 to 512 [ 204.615022][ T5379] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities [ 210.557272][ T5437] loop4: detected capacity change from 0 to 8 [ 211.396398][ T5444] loop1: detected capacity change from 0 to 1024 [ 211.497118][ T5448] hfsplus: can't free extent [ 211.715707][ T4628] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 212.407232][ T5462] loop0: detected capacity change from 0 to 16 [ 212.648096][ T5462] erofs: (device loop0): mounted with root inode @ nid 36. [ 212.695538][ T4628] usb 5-1: Using ep0 maxpacket: 16 [ 212.708649][ T4628] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 112, changing to 10 [ 213.291266][ T4628] usb 5-1: New USB device found, idVendor=05ac, idProduct=0224, bcdDevice= 0.00 [ 213.361641][ T4628] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 213.421369][ T4628] usb 5-1: config 0 descriptor?? [ 215.163105][ T4628] usb 5-1: string descriptor 0 read error: -71 [ 215.404697][ T4628] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input5 [ 215.496376][ T5474] netlink: 28 bytes leftover after parsing attributes in process `syz.3.281'. [ 215.702907][ T3623] bcm5974 5-1:0.0: could not read from device [ 216.639791][ T3623] bcm5974 5-1:0.0: could not read from device [ 216.646524][ T4628] usb 5-1: USB disconnect, device number 2 [ 217.426977][ T5485] netlink: 8 bytes leftover after parsing attributes in process `syz.3.286'. [ 217.813365][ T5485] syz.3.286 (5485) used greatest stack depth: 17408 bytes left [ 220.211213][ T5498] loop3: detected capacity change from 0 to 32768 [ 221.089789][ T5502] netlink: 8 bytes leftover after parsing attributes in process `syz.1.301'. [ 221.126907][ T5498] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 221.185098][ T5506] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 221.886265][ T4279] ocfs2: Unmounting device (7,3) on (node local) [ 221.900198][ T5505] netlink: 28 bytes leftover after parsing attributes in process `syz.4.290'. [ 223.432423][ T5526] loop3: detected capacity change from 0 to 16 [ 223.658725][ T5526] erofs: (device loop3): mounted with root inode @ nid 36. [ 225.115558][ T4269] Bluetooth: hci4: command 0x0405 tx timeout [ 229.455578][ T5564] x_tables: ip_tables: osf match: only valid for protocol 6 [ 230.494766][ T5571] netlink: 8 bytes leftover after parsing attributes in process `syz.1.312'. [ 230.944009][ T5586] loop2: detected capacity change from 0 to 1024 [ 231.143888][ T2940] hfsplus: b-tree write err: -5, ino 4 [ 232.803345][ T5584] loop1: detected capacity change from 0 to 32768 [ 233.048528][ T5584] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 233.253090][ T4265] ocfs2: Unmounting device (7,1) on (node local) [ 233.472971][ T5097] hid-generic 0005:0002:5508.0001: hidraw0: BLUETOOTH HID vc3.38 Device [syz0] on aa:aa:aa:aa:aa:aa [ 233.790558][ T26] audit: type=1326 audit(1763977193.817:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5620 comm="syz.4.331" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f448878f749 code=0x0 [ 233.808605][ T5613] fido_id[5613]: Failed to open report descriptor at '/sys/devices/virtual/bluetooth/hci4/hci4:200/report_descriptor': No such file or directory [ 233.821333][ T5619] loop1: detected capacity change from 0 to 1024 [ 233.876253][ T5619] EXT4-fs: Ignoring removed orlov option [ 234.314873][ T5619] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 235.012466][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 235.362148][ T5652] tc_dump_action: action bad kind [ 235.769985][ T5666] netlink: 28 bytes leftover after parsing attributes in process `syz.1.348'. [ 236.067742][ T5676] loop0: detected capacity change from 0 to 16 [ 236.092170][ T5676] erofs: (device loop0): mounted with root inode @ nid 36. [ 236.120828][ T4269] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000] [ 236.138759][ T5676] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192] [ 236.154716][ T5676] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192] [ 236.166659][ T5676] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192] [ 236.177690][ T26] audit: type=1800 audit(1763977196.177:4): pid=5676 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.353" name="file2" dev="loop0" ino=89 res=0 errno=0 [ 237.695668][ T5704] process 'syz.2.365' launched './file0' with NULL argv: empty string added [ 239.913086][ T5721] xt_CT: No such helper "pptp" [ 242.591718][ T5746] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 242.631163][ T26] audit: type=1326 audit(1763977202.657:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5751 comm="syz.1.383" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5527f8f749 code=0x0 [ 244.120247][ T5782] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 244.472585][ T5796] loop1: detected capacity change from 0 to 2048 [ 244.504615][ T5798] capability: warning: `syz.3.403' uses deprecated v2 capabilities in a way that may be insecure [ 244.578272][ T5451] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 244.964021][ T5809] loop0: detected capacity change from 0 to 512 [ 245.009684][ T5809] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a806e01c, mo2=0002] [ 245.064847][ T5809] System zones: 1-12 [ 245.167071][ T5809] EXT4-fs error (device loop0): dx_probe:823: inode #2: comm syz.0.406: Directory hole found for htree index block 0 [ 245.242694][ T5809] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -117 [ 245.327380][ T5809] EXT4-fs error (device loop0): dx_probe:823: inode #2: comm syz.0.406: Directory hole found for htree index block 0 [ 245.384256][ T5809] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117 [ 245.392907][ T5809] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 245.458550][ T5823] loop2: detected capacity change from 0 to 512 [ 245.545591][ T5823] EXT4-fs (loop2): can't mount with commit=1023, fs mounted w/o journal [ 245.556051][ T4266] EXT4-fs (loop0): unmounting filesystem. [ 245.688250][ T4269] Bluetooth: hci3: unknown advertising packet type: 0x17 [ 245.688319][ T4269] Bluetooth: hci3: Malformed LE Event: 0x02 [ 245.922234][ T5838] loop1: detected capacity change from 0 to 512 [ 246.335517][ T5849] loop0: detected capacity change from 0 to 2048 [ 246.709548][ T5866] loop1: detected capacity change from 0 to 16 [ 246.748455][ T5866] erofs: (device loop1): mounted with root inode @ nid 36. [ 246.965660][ T26] audit: type=1326 audit(1763977206.997:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5869 comm="syz.3.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9638f749 code=0x7ffc0000 [ 247.756067][ T26] audit: type=1326 audit(1763977206.997:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5869 comm="syz.3.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9638f749 code=0x7ffc0000 [ 247.912585][ T26] audit: type=1326 audit(1763977207.437:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5869 comm="syz.3.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=154 compat=0 ip=0x7f1c9638f749 code=0x7ffc0000 [ 247.940932][ T5880] loop1: detected capacity change from 0 to 128 [ 247.996717][ T26] audit: type=1326 audit(1763977207.437:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5869 comm="syz.3.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9638f749 code=0x7ffc0000 [ 248.064236][ T5880] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 248.095980][ T26] audit: type=1326 audit(1763977207.837:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5875 comm="syz.0.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 248.123961][ T26] audit: type=1326 audit(1763977207.837:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5875 comm="syz.0.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 248.137621][ T5880] ext4 filesystem being mounted at /92/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 248.147706][ T26] audit: type=1326 audit(1763977207.847:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5875 comm="syz.0.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 248.685603][ T4631] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 248.901742][ T4631] usb 3-1: Using ep0 maxpacket: 8 [ 249.045350][ T26] audit: type=1326 audit(1763977207.847:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5875 comm="syz.0.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 249.087609][ T4631] usb 3-1: unable to get BOS descriptor or descriptor too short [ 249.129671][ T4631] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 249.243869][ T26] audit: type=1326 audit(1763977207.847:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5875 comm="syz.0.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 249.779090][ T4631] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 249.789682][ T4631] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 249.800109][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 249.825075][ T4631] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 249.844622][ T4631] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 249.853968][ T26] audit: type=1326 audit(1763977207.847:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5875 comm="syz.0.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=288 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 249.889057][ T4631] usb 3-1: Product: syz [ 249.895602][ T4631] usb 3-1: Manufacturer: syz [ 249.911442][ T4631] usb 3-1: SerialNumber: syz [ 249.933381][ T26] audit: type=1326 audit(1763977207.847:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5875 comm="syz.0.435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 250.138524][ T4631] cdc_ncm 3-1:1.0: CDC Union missing and no IAD found [ 250.172256][ T4631] cdc_ncm 3-1:1.0: bind() failure [ 250.210978][ T4631] usb 3-1: USB disconnect, device number 3 [ 251.629693][ T5957] loop0: detected capacity change from 0 to 1024 [ 251.887952][ T2940] hfsplus: b-tree write err: -5, ino 4 [ 253.223577][ T5991] ptrace attach of "./syz-executor exec"[4268] was attempted by ""[5991] [ 254.124852][ T6002] netlink: 48 bytes leftover after parsing attributes in process `syz.4.488'. [ 254.211406][ T6002] tc_dump_action: action bad kind [ 254.431878][ T6011] netlink: 16 bytes leftover after parsing attributes in process `syz.3.494'. [ 254.551697][ T6017] tc_dump_action: action bad kind [ 254.565609][ T5099] usb 1-1: new low-speed USB device number 3 using dummy_hcd [ 254.590764][ T6020] netlink: 104 bytes leftover after parsing attributes in process `syz.3.498'. [ 254.768522][ T5099] usb 1-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 254.787553][ T5099] usb 1-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 254.821312][ T5099] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 254.853530][ T5099] usb 1-1: string descriptor 0 read error: -22 [ 254.861663][ T5099] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 254.889469][ T5099] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 254.939157][ T5099] usb 1-1: 0:2 : does not exist [ 255.152315][ T5099] usb 1-1: USB disconnect, device number 3 [ 255.528524][ T6052] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 255.536627][ T6052] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 255.548543][ T6052] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 255.559941][ T6052] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 256.289879][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.296291][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.323793][ T6052] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 256.880138][ T6059] loop2: detected capacity change from 0 to 8 [ 257.039039][ T6062] netlink: 'syz.3.513': attribute type 14 has an invalid length. [ 257.316810][ T6066] loop0: detected capacity change from 0 to 1024 [ 257.382469][ T6069] loop1: detected capacity change from 0 to 1024 [ 257.407401][ T6069] EXT4-fs: Ignoring removed nomblk_io_submit option [ 257.473247][ T6066] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 257.483865][ T6069] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 257.504446][ T6066] ext4 filesystem being mounted at /106/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 257.527202][ T6066] EXT4-fs error (device loop0): ext4_lookup:1858: inode #15: comm syz.0.515: inode has both inline data and extents flags [ 257.583036][ T4266] EXT4-fs (loop0): unmounting filesystem. [ 257.592095][ T6069] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 257.657548][ T26] kauditd_printk_skb: 23 callbacks suppressed [ 257.657564][ T26] audit: type=1326 audit(1763977217.687:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6080 comm="syz.3.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9638f749 code=0x7ffc0000 [ 257.794010][ T26] audit: type=1326 audit(1763977217.687:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6080 comm="syz.3.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9638f749 code=0x7ffc0000 [ 257.887616][ T4277] udevd[4277]: incorrect jbd checksum on /dev/loop1 [ 257.912878][ T26] audit: type=1326 audit(1763977217.687:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6080 comm="syz.3.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7f1c9638f749 code=0x7ffc0000 [ 257.978031][ T26] audit: type=1326 audit(1763977217.687:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6080 comm="syz.3.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9638f749 code=0x7ffc0000 [ 258.001918][ T4353] EXT4-fs error (device loop1): __ext4_get_inode_loc:4513: comm kworker/u4:6: Invalid inode table block 0 in block_group 0 [ 258.042846][ T5451] udevd[5451]: incorrect jbd checksum on /dev/loop1 [ 258.065127][ T26] audit: type=1326 audit(1763977217.807:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6080 comm="syz.3.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9638f749 code=0x7ffc0000 [ 258.067832][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 259.533755][ T6123] loop1: detected capacity change from 0 to 8 [ 259.610636][ T6123] squashfs image failed sanity check [ 259.898404][ T6136] loop2: detected capacity change from 0 to 16 [ 259.955879][ T6136] erofs: (device loop2): mounted with root inode @ nid 36. [ 260.050850][ T6136] erofs: (device loop2): z_erofs_readahead: readahead error at page 2 @ nid 89 [ 260.079891][ T6142] netlink: 8 bytes leftover after parsing attributes in process `syz.0.548'. [ 260.134378][ T6136] syz.2.547: attempt to access beyond end of device [ 260.134378][ T6136] loop2: rw=524288, sector=524296, nr_sectors = 8 limit=16 [ 260.787201][ T6136] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096] [ 260.937613][ T26] audit: type=1800 audit(1763977220.867:45): pid=6136 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.547" name="file2" dev="loop2" ino=89 res=0 errno=0 [ 261.027462][ T26] audit: type=1326 audit(1763977221.017:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6151 comm="syz.0.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 261.127370][ T26] audit: type=1326 audit(1763977221.027:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6151 comm="syz.0.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 261.211082][ T26] audit: type=1326 audit(1763977221.027:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6151 comm="syz.0.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 261.247384][ T5099] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 261.278012][ T26] audit: type=1326 audit(1763977221.027:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6151 comm="syz.0.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 261.405427][ T5099] usb 3-1: device descriptor read/64, error -71 [ 261.521396][ T4401] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 261.675523][ T5099] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 261.741512][ T4401] usb 1-1: Using ep0 maxpacket: 8 [ 261.749222][ T4401] usb 1-1: config 0 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 262.600319][ T4401] usb 1-1: config 0 interface 0 has no altsetting 0 [ 262.607101][ T4401] usb 1-1: New USB device found, idVendor=0b05, idProduct=1866, bcdDevice= 0.00 [ 262.616643][ T4401] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 262.634062][ T4401] usb 1-1: config 0 descriptor?? [ 262.675512][ T5099] usb 3-1: device descriptor read/64, error -71 [ 262.813147][ T5099] usb usb3-port1: attempt power cycle [ 263.055955][ T4401] asus 0003:0B05:1866.0002: unbalanced collection at end of report description [ 263.109924][ T4401] asus 0003:0B05:1866.0002: Asus hid parse failed: -22 [ 263.136538][ T4401] asus: probe of 0003:0B05:1866.0002 failed with error -22 [ 263.254543][ T4383] usb 1-1: USB disconnect, device number 4 [ 265.716865][ T6232] loop1: detected capacity change from 0 to 512 [ 266.049812][ T6244] loop0: detected capacity change from 0 to 1024 [ 266.106975][ T6244] hfsplus: unable to find HFS+ superblock [ 266.386896][ T6232] EXT4-fs (loop1): Test dummy encryption mode enabled [ 266.400506][ T6232] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 269.274176][ T6232] EXT4-fs: error -4 creating inode table initialization thread [ 269.301891][ T6232] EXT4-fs (loop1): mount failed [ 270.223751][ T26] kauditd_printk_skb: 4 callbacks suppressed [ 270.223767][ T26] audit: type=1326 audit(1763977486.255:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6295 comm="syz.4.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448878f749 code=0x7ffc0000 [ 270.308196][ T26] audit: type=1326 audit(1763977486.295:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6295 comm="syz.4.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448878f749 code=0x7ffc0000 [ 270.391618][ T26] audit: type=1326 audit(1763977486.335:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6295 comm="syz.4.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f448878f749 code=0x7ffc0000 [ 270.481232][ T26] audit: type=1326 audit(1763977486.335:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6295 comm="syz.4.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448878f749 code=0x7ffc0000 [ 270.554711][ T26] audit: type=1326 audit(1763977486.335:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6295 comm="syz.4.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448878f749 code=0x7ffc0000 [ 270.686316][ T6302] loop2: detected capacity change from 0 to 512 [ 271.024109][ T6302] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 271.033568][ T6302] ext4 filesystem being mounted at /119/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 271.222176][ T26] audit: type=1326 audit(1763977486.365:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6295 comm="syz.4.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=439 compat=0 ip=0x7f448878f749 code=0x7ffc0000 [ 271.475468][ T26] audit: type=1326 audit(1763977486.365:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6295 comm="syz.4.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448878f749 code=0x7ffc0000 [ 271.689859][ T26] audit: type=1326 audit(1763977486.365:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6295 comm="syz.4.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448878f749 code=0x7ffc0000 [ 271.845497][ T26] audit: type=1326 audit(1763977486.835:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6283 comm="syz.0.602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x7fc00000 [ 272.279934][ T26] audit: type=1326 audit(1763977486.835:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6283 comm="syz.0.602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd3db98f749 code=0x7fc00000 [ 273.229206][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 275.161516][ T6349] loop1: detected capacity change from 0 to 1024 [ 275.446120][ T6349] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 275.884844][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 276.205631][ T5099] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 276.326667][ T6366] netlink: 8 bytes leftover after parsing attributes in process `syz.2.630'. [ 276.357145][ T6366] netlink: 8 bytes leftover after parsing attributes in process `syz.2.630'. [ 276.376896][ T6366] netlink: 8 bytes leftover after parsing attributes in process `syz.2.630'. [ 276.490281][ T5099] usb 1-1: Using ep0 maxpacket: 8 [ 277.798878][ T5099] usb 1-1: config 0 has an invalid interface number: 31 but max is 0 [ 277.948450][ T5099] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 278.009040][ T5099] usb 1-1: config 0 has no interface number 0 [ 278.045209][ T5099] usb 1-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16 [ 278.111550][ T5099] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 278.145435][ T5099] usb 1-1: Product: syz [ 278.155663][ T5099] usb 1-1: Manufacturer: syz [ 278.173952][ T5099] usb 1-1: SerialNumber: syz [ 278.218606][ T5099] usb 1-1: config 0 descriptor?? [ 278.242783][ T5099] usb 1-1: Found UVC 0.04 device syz (046d:08c3) [ 278.259699][ T5099] usb 1-1: No valid video chain found. [ 278.312253][ T6387] netlink: 'syz.3.639': attribute type 1 has an invalid length. [ 278.355606][ T6387] netlink: 'syz.3.639': attribute type 2 has an invalid length. [ 278.445701][ T5099] usb 1-1: USB disconnect, device number 5 [ 279.055374][ T4631] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 279.124315][ T6416] netlink: 64 bytes leftover after parsing attributes in process `syz.4.652'. [ 279.255389][ T4631] usb 3-1: Using ep0 maxpacket: 8 [ 279.262587][ T4631] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 279.293273][ T4631] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 279.314800][ T4631] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 279.378409][ T4631] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40 [ 279.394680][ T4631] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 279.404435][ T4631] usb 3-1: SerialNumber: syz [ 279.719896][ T4631] cdc_ether: probe of 3-1:1.0 failed with error -22 [ 279.893198][ T4631] usb-storage 3-1:1.0: USB Mass Storage device detected [ 280.050191][ T4631] usb-storage 3-1:1.0: Quirks match for vid 0525 pid a4a5: 10000 [ 280.156420][ T26] kauditd_printk_skb: 37 callbacks suppressed [ 280.156436][ T26] audit: type=1326 audit(1763977496.195:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6427 comm="syz.1.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5527f8f749 code=0x7ffc0000 [ 280.213975][ T4631] usb 3-1: USB disconnect, device number 7 [ 280.230396][ T26] audit: type=1326 audit(1763977496.235:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6427 comm="syz.1.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7f5527f8f749 code=0x7ffc0000 [ 280.271513][ T26] audit: type=1326 audit(1763977496.235:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6427 comm="syz.1.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5527f8f749 code=0x7ffc0000 [ 280.581864][ T6444] netlink: 8 bytes leftover after parsing attributes in process `syz.1.662'. [ 280.616967][ T6444] netlink: 8 bytes leftover after parsing attributes in process `syz.1.662'. [ 280.639674][ T6444] netlink: 8 bytes leftover after parsing attributes in process `syz.1.662'. [ 280.663328][ T6444] netlink: 8 bytes leftover after parsing attributes in process `syz.1.662'. [ 280.702951][ T6444] netlink: 8 bytes leftover after parsing attributes in process `syz.1.662'. [ 281.122580][ T26] audit: type=1326 audit(1763977497.155:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6430 comm="syz.3.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9638f749 code=0x7fc00000 [ 281.190373][ T6450] input: syz0 as /devices/virtual/input/input6 [ 281.394443][ T6456] netlink: 16 bytes leftover after parsing attributes in process `syz.4.669'. [ 281.681783][ T6464] loop1: detected capacity change from 0 to 1024 [ 281.785378][ T6464] Quota error (device loop1): do_check_range: Getting block 64 out of range 1-5 [ 281.805877][ T6464] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 281.863698][ T6475] loop2: detected capacity change from 0 to 1024 [ 281.871852][ T6464] EXT4-fs error (device loop1): ext4_acquire_dquot:6809: comm syz.1.671: Failed to acquire dquot type 0 [ 281.905670][ T6464] EXT4-fs error (device loop1): mb_free_blocks:1810: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 281.926122][ T6464] EXT4-fs error (device loop1): ext4_do_update_inode:5268: inode #13: comm syz.1.671: corrupted inode contents [ 282.005364][ T6464] EXT4-fs error (device loop1): ext4_dirty_inode:6133: inode #13: comm syz.1.671: mark_inode_dirty error [ 282.062507][ T6464] EXT4-fs error (device loop1): ext4_do_update_inode:5268: inode #13: comm syz.1.671: corrupted inode contents [ 282.154530][ T26] audit: type=1326 audit(1763977498.185:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.0.680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 282.245407][ T6464] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #13: comm syz.1.671: mark_inode_dirty error [ 282.270197][ T6464] EXT4-fs error (device loop1): ext4_do_update_inode:5268: inode #13: comm syz.1.671: corrupted inode contents [ 282.606782][ T6464] EXT4-fs error (device loop1) in ext4_orphan_del:301: Corrupt filesystem [ 282.637225][ T26] audit: type=1326 audit(1763977498.295:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.0.680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=23 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 282.925889][ T6464] EXT4-fs error (device loop1): ext4_do_update_inode:5268: inode #13: comm syz.1.671: corrupted inode contents [ 283.010302][ T26] audit: type=1326 audit(1763977498.295:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.0.680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 283.032893][ T26] audit: type=1326 audit(1763977498.295:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.0.680" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 283.061132][ T6464] EXT4-fs error (device loop1): ext4_truncate:4318: inode #13: comm syz.1.671: mark_inode_dirty error [ 283.101908][ T6464] EXT4-fs error (device loop1) in ext4_process_orphan:343: Corrupt filesystem [ 283.157184][ T6464] EXT4-fs (loop1): 1 truncate cleaned up [ 283.163128][ T6464] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 283.244510][ T6464] EXT4-fs error (device loop1): ext4_acquire_dquot:6809: comm syz.1.671: Failed to acquire dquot type 0 [ 283.435563][ T6502] netlink: 8 bytes leftover after parsing attributes in process `syz.2.688'. [ 283.464836][ T6502] netlink: 12 bytes leftover after parsing attributes in process `syz.2.688'. [ 283.489700][ T4265] EXT4-fs (loop1): unmounting filesystem. [ 284.761800][ T6525] loop0: detected capacity change from 0 to 512 [ 284.842868][ T6525] ext3: Unknown parameter 'seclabel' [ 285.238864][ T6543] netlink: 12 bytes leftover after parsing attributes in process `syz.1.701'. [ 291.153564][ T6656] loop2: detected capacity change from 0 to 8 [ 291.453993][ T6656] unable to read fragment index table [ 292.337987][ T6691] fuse: Bad value for 'fd' [ 292.579725][ T6693] loop2: detected capacity change from 0 to 8 [ 292.861237][ T6693] unable to read fragment index table [ 293.435870][ T6703] netlink: 168 bytes leftover after parsing attributes in process `syz.0.775'. [ 293.515525][ T4631] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 293.775581][ T4631] usb 2-1: Using ep0 maxpacket: 32 [ 293.789876][ T4631] usb 2-1: unable to get BOS descriptor or descriptor too short [ 293.920972][ T4631] usb 2-1: config index 0 descriptor too short (expected 53, got 34) [ 294.054900][ T4631] usb 2-1: config 2 has an invalid interface number: 221 but max is 0 [ 294.245295][ T4631] usb 2-1: config 2 has no interface number 0 [ 294.275447][ T4631] usb 2-1: config 2 interface 221 has no altsetting 0 [ 294.357410][ T4631] usb 2-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=85.42 [ 294.377982][ T26] kauditd_printk_skb: 2 callbacks suppressed [ 294.377997][ T26] audit: type=1326 audit(1763977510.413:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6710 comm="syz.0.781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 294.423531][ T4631] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 294.448727][ T4631] usb 2-1: Product: syz [ 294.458238][ T4631] usb 2-1: Manufacturer: syz [ 294.463278][ T4631] usb 2-1: SerialNumber: syz [ 294.486479][ T26] audit: type=1326 audit(1763977510.413:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6710 comm="syz.0.781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 294.550278][ T26] audit: type=1326 audit(1763977510.413:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6710 comm="syz.0.781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 294.594672][ T26] audit: type=1326 audit(1763977510.413:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6710 comm="syz.0.781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 294.626746][ T26] audit: type=1326 audit(1763977510.413:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6710 comm="syz.0.781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 294.668911][ T26] audit: type=1326 audit(1763977510.413:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6710 comm="syz.0.781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 295.249817][ T26] audit: type=1326 audit(1763977510.413:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6710 comm="syz.0.781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 295.288491][ T4631] usb 2-1: Found UVC 0.00 device syz (05ac:8501) [ 295.304140][ T26] audit: type=1326 audit(1763977510.413:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6710 comm="syz.0.781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 295.320451][ T4631] usb 2-1: No valid video chain found. [ 295.363772][ T4631] usb 2-1: USB disconnect, device number 2 [ 295.395669][ T26] audit: type=1326 audit(1763977510.413:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6710 comm="syz.0.781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 295.533981][ T26] audit: type=1326 audit(1763977510.413:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6710 comm="syz.0.781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 295.901149][ T6751] netlink: 277 bytes leftover after parsing attributes in process `syz.3.798'. [ 296.445377][ T5099] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 296.588344][ T4631] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 296.759480][ T5099] usb 2-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00 [ 296.770009][ T5099] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 296.778115][ T5099] usb 2-1: Product: syz [ 296.782309][ T5099] usb 2-1: Manufacturer: syz [ 296.787209][ T5099] usb 2-1: SerialNumber: syz [ 296.805523][ T4631] usb 1-1: Using ep0 maxpacket: 16 [ 296.900305][ T4631] usb 1-1: config 1 has an invalid descriptor of length 112, skipping remainder of the config [ 297.114953][ T4631] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 297.348855][ T4631] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 297.448648][ T4631] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 297.486121][ T4631] usb 1-1: Product: syz [ 297.505478][ T4631] usb 1-1: Manufacturer: syz [ 297.536978][ T4631] usb 1-1: SerialNumber: syz [ 298.006607][ T4631] usb 1-1: unknown interface protocol 0x40, assuming v1 [ 298.027267][ T4631] usb 1-1: 0:2 : does not exist [ 299.114156][ T5099] rtl8150 2-1:1.0: couldn't reset the device [ 299.151511][ T4631] usb 1-1: unit 9 not found! [ 299.171083][ T4631] usb 1-1: 4:0: cannot get min/max values for control 1 (id 4) [ 299.195481][ T5099] rtl8150: probe of 2-1:1.0 failed with error -5 [ 299.303410][ T4631] usb 1-1: USB disconnect, device number 6 [ 299.604666][ T4631] usb 2-1: USB disconnect, device number 3 [ 300.589563][ T6839] loop2: detected capacity change from 0 to 1024 [ 300.597112][ T6839] hfsplus: part requires an argument [ 300.612430][ T6839] hfsplus: unable to parse mount options [ 301.274294][ T6844] xt_hashlimit: overflow, rate too high: 0 [ 301.492543][ T6850] loop2: detected capacity change from 0 to 1024 [ 301.541223][ T6850] EXT4-fs: Ignoring removed nobh option [ 301.563998][ T6850] EXT4-fs: inline encryption not supported [ 301.591943][ T6850] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 301.732470][ T6850] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 301.851897][ T6850] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.838: bg 0: block 312: padding at end of block bitmap is not set [ 301.893381][ T26] kauditd_printk_skb: 5 callbacks suppressed [ 301.893397][ T26] audit: type=1326 audit(1763977517.923:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6865 comm="syz.0.844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 302.029141][ T26] audit: type=1326 audit(1763977517.973:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6865 comm="syz.0.844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 302.103687][ T26] audit: type=1326 audit(1763977517.973:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6865 comm="syz.0.844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 302.149761][ T26] audit: type=1326 audit(1763977517.973:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6865 comm="syz.0.844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 304.758920][ T26] audit: type=1326 audit(1763977517.973:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6865 comm="syz.0.844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 304.791673][ T6879] netlink: 'syz.0.849': attribute type 3 has an invalid length. [ 304.803714][ T26] audit: type=1326 audit(1763977517.973:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6865 comm="syz.0.844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 304.833452][ T26] audit: type=1326 audit(1763977517.973:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6865 comm="syz.0.844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 304.833967][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 304.879317][ T6879] netlink: 'syz.0.849': attribute type 3 has an invalid length. [ 304.887841][ T26] audit: type=1326 audit(1763977517.973:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6865 comm="syz.0.844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 304.910733][ T6879] netlink: 'syz.0.849': attribute type 3 has an invalid length. [ 304.923436][ T6879] netlink: 'syz.0.849': attribute type 3 has an invalid length. [ 304.936725][ T6879] netlink: 'syz.0.849': attribute type 3 has an invalid length. [ 304.956541][ T26] audit: type=1326 audit(1763977517.973:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6865 comm="syz.0.844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 304.984247][ T6879] netlink: 'syz.0.849': attribute type 3 has an invalid length. [ 304.992141][ T26] audit: type=1326 audit(1763977517.973:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6865 comm="syz.0.844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 305.029685][ T6879] netlink: 'syz.0.849': attribute type 3 has an invalid length. [ 305.044427][ T6879] netlink: 'syz.0.849': attribute type 3 has an invalid length. [ 305.053339][ T6879] netlink: 'syz.0.849': attribute type 3 has an invalid length. [ 305.062390][ T6879] netlink: 'syz.0.849': attribute type 3 has an invalid length. [ 305.370632][ T6902] input input7: cannot allocate more than FF_MAX_EFFECTS effects [ 306.325212][ T6915] loop0: detected capacity change from 0 to 512 [ 306.404164][ T6915] EXT4-fs: Ignoring removed nobh option [ 306.445721][ T6915] EXT4-fs error (device loop0): ext4_get_journal_inode:5730: comm syz.0.867: inode #196608: comm syz.0.867: iget: illegal inode # [ 306.544048][ T6915] EXT4-fs (loop0): Remounting filesystem read-only [ 306.555977][ T6915] EXT4-fs (loop0): no journal found [ 306.563574][ T6915] EXT4-fs (loop0): can't get journal size [ 306.619842][ T6915] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended [ 306.653138][ T6915] EXT4-fs (loop0): failed to initialize system zone (-22) [ 306.661408][ T6915] EXT4-fs (loop0): mount failed [ 308.075432][ T4887] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 308.605505][ T6962] loop2: detected capacity change from 0 to 8 [ 308.625605][ T6962] unable to read fragment index table [ 308.725778][ T4887] usb 1-1: config 1 interface 0 altsetting 52 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 308.766310][ T4887] usb 1-1: config 1 interface 0 has no altsetting 0 [ 309.002822][ T4887] usb 1-1: New USB device found, idVendor=0c70, idProduct=f00e, bcdDevice= 0.40 [ 309.020602][ T4887] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 309.036209][ T4887] usb 1-1: Product: syz [ 309.045594][ T4887] usb 1-1: Manufacturer: syz [ 309.945386][ T4887] usb 1-1: SerialNumber: syz [ 309.993174][ T6973] loop1: detected capacity change from 0 to 2048 [ 310.204811][ T4887] usbhid 1-1:1.0: can't add hid device: -71 [ 310.225555][ T4887] usbhid: probe of 1-1:1.0 failed with error -71 [ 310.289589][ T4887] usb 1-1: USB disconnect, device number 7 [ 310.372325][ T6989] loop2: detected capacity change from 0 to 512 [ 310.442821][ T6989] EXT4-fs error (device loop2): __ext4_fill_super:5397: inode #2: comm syz.2.896: inode has both inline data and extents flags [ 310.481963][ T6989] EXT4-fs (loop2): Remounting filesystem read-only [ 310.539153][ T6989] EXT4-fs (loop2): get root inode failed [ 310.571056][ T6989] EXT4-fs (loop2): mount failed [ 312.956925][ T7026] loop0: detected capacity change from 0 to 2048 [ 313.024140][ T7026] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 313.033943][ T7031] syz.4.912 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 313.054921][ T7026] UDF-fs: Scanning with blocksize 512 failed [ 313.136073][ T7026] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 313.249780][ T26] kauditd_printk_skb: 3 callbacks suppressed [ 313.249797][ T26] audit: type=1800 audit(1763977529.283:137): pid=7026 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.909" name="file1" dev="loop0" ino=838 res=0 errno=0 [ 313.369543][ T26] audit: type=1800 audit(1763977529.403:138): pid=7026 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.909" name="file1" dev="loop0" ino=838 res=0 errno=0 [ 313.709975][ T4383] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 313.905473][ T4383] usb 3-1: Using ep0 maxpacket: 16 [ 313.912786][ T4383] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 313.951640][ T4383] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 313.980055][ T4383] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 314.010752][ T4383] usb 3-1: SerialNumber: syz [ 314.033584][ T4383] cdc_acm 3-1:1.0: Control and data interfaces are not separated! [ 314.064362][ T4383] cdc_acm 3-1:1.0: This needs exactly 3 endpoints [ 314.084570][ T4383] cdc_acm: probe of 3-1:1.0 failed with error -22 [ 314.203832][ T7074] IPv6: NLM_F_REPLACE set, but no existing node found! [ 314.252368][ T4383] usb 3-1: USB disconnect, device number 8 [ 315.246186][ T7089] 9pnet_fd: Insufficient options for proto=fd [ 315.364497][ T7091] validate_nla: 44 callbacks suppressed [ 315.364516][ T7091] netlink: 'syz.1.935': attribute type 32 has an invalid length. [ 315.855542][ T4887] usb 3-1: new full-speed USB device number 9 using dummy_hcd [ 316.111178][ T4887] usb 3-1: config 8 has an invalid interface number: 102 but max is 0 [ 316.164651][ T4887] usb 3-1: config 8 has no interface number 0 [ 316.277419][ T4887] usb 3-1: config 8 interface 102 has no altsetting 0 [ 316.347909][ T4887] usb 3-1: New USB device found, idVendor=0b95, idProduct=2790, bcdDevice=e5.4e [ 316.411392][ T4887] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 316.448879][ T4887] usb 3-1: Product: syz [ 316.490422][ T4887] usb 3-1: Manufacturer: syz [ 316.517284][ T4887] usb 3-1: SerialNumber: syz [ 316.768571][ T4887] usb 3-1: USB disconnect, device number 9 [ 317.097356][ T7131] loop1: detected capacity change from 0 to 8 [ 317.120619][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.154021][ T7131] unable to read fragment index table [ 317.190475][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.905494][ T5451] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 318.211298][ T7143] netlink: 20 bytes leftover after parsing attributes in process `syz.1.956'. [ 318.235424][ T7143] netlink: 20 bytes leftover after parsing attributes in process `syz.1.956'. [ 318.477188][ T26] audit: type=1326 audit(1763977534.513:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7155 comm="syz.1.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5527f8f749 code=0x7ff00000 [ 318.547087][ T26] audit: type=1326 audit(1763977534.513:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7155 comm="syz.1.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5527f8f749 code=0x7ff00000 [ 318.594867][ T7160] netlink: 12 bytes leftover after parsing attributes in process `syz.3.963'. [ 318.613767][ T26] audit: type=1326 audit(1763977534.513:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7155 comm="syz.1.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5527f8f749 code=0x7ff00000 [ 318.673182][ T26] audit: type=1326 audit(1763977534.513:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7155 comm="syz.1.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5527f8f749 code=0x7ff00000 [ 318.726881][ T26] audit: type=1326 audit(1763977534.513:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7155 comm="syz.1.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5527f8f749 code=0x7ff00000 [ 318.785568][ T26] audit: type=1326 audit(1763977534.513:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7155 comm="syz.1.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5527f8f749 code=0x7ff00000 [ 318.814053][ T26] audit: type=1326 audit(1763977534.513:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7155 comm="syz.1.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5527f8f749 code=0x7ff00000 [ 318.843875][ T26] audit: type=1326 audit(1763977534.513:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7155 comm="syz.1.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5527f8f749 code=0x7ff00000 [ 318.892325][ T26] audit: type=1326 audit(1763977534.513:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7155 comm="syz.1.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5527f8f749 code=0x7ff00000 [ 318.921560][ T26] audit: type=1326 audit(1763977534.513:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7155 comm="syz.1.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5527f8f749 code=0x7ff00000 [ 319.018086][ T7173] loop2: detected capacity change from 0 to 128 [ 319.772336][ T7173] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 319.807134][ T7173] FAT-fs (loop2): Filesystem has been set read-only [ 320.284281][ T7189] loop0: detected capacity change from 0 to 512 [ 321.260526][ T4475] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 321.318456][ T7189] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 321.608528][ T4475] usb 3-1: config 0 has an invalid interface number: 4 but max is 0 [ 321.617029][ T4475] usb 3-1: config 0 has no interface number 0 [ 321.623321][ T4475] usb 3-1: config 0 interface 4 has no altsetting 0 [ 321.639438][ T4475] usb 3-1: New USB device found, idVendor=7392, idProduct=a611, bcdDevice=15.55 [ 321.649857][ T4475] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 321.705124][ T4475] usb 3-1: Product: syz [ 321.709568][ T4475] usb 3-1: Manufacturer: syz [ 321.714918][ T4475] usb 3-1: SerialNumber: syz [ 321.738569][ T4475] usb 3-1: config 0 descriptor?? [ 321.789358][ T7189] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 18 vs 41 free clusters [ 321.828392][ T7189] EXT4-fs error (device loop0): ext4_acquire_dquot:6809: comm syz.0.976: Failed to acquire dquot type 0 [ 321.893118][ T7189] EXT4-fs (loop0): 1 truncate cleaned up [ 321.932384][ T7189] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 321.959459][ T4475] usb 3-1: USB disconnect, device number 10 [ 322.031663][ T4266] EXT4-fs (loop0): unmounting filesystem. [ 322.483245][ T7216] loop1: detected capacity change from 0 to 8 [ 322.560406][ T7216] unable to read fragment index table [ 323.257188][ T5451] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 324.494400][ T26] kauditd_printk_skb: 85 callbacks suppressed [ 324.494416][ T26] audit: type=1326 audit(1763977540.523:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7221 comm="syz.3.987" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1c9638f749 code=0x0 [ 324.693172][ T7238] netlink: 9 bytes leftover after parsing attributes in process `syz.0.993'. [ 325.214619][ T26] audit: type=1326 audit(1763977541.243:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7256 comm="syz.0.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 325.293006][ T26] audit: type=1326 audit(1763977541.273:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7256 comm="syz.0.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 325.397130][ T26] audit: type=1326 audit(1763977541.303:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7256 comm="syz.0.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 325.483558][ T26] audit: type=1326 audit(1763977541.303:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7256 comm="syz.0.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 325.608829][ T26] audit: type=1326 audit(1763977541.303:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7256 comm="syz.0.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 325.695017][ T26] audit: type=1326 audit(1763977541.303:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7256 comm="syz.0.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 325.718105][ T26] audit: type=1326 audit(1763977541.353:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7256 comm="syz.0.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 325.741321][ T26] audit: type=1326 audit(1763977541.353:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7256 comm="syz.0.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x7ffc0000 [ 326.481968][ T5097] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 326.665554][ T5097] usb 2-1: Using ep0 maxpacket: 16 [ 326.675908][ T5097] usb 2-1: unable to get BOS descriptor or descriptor too short [ 326.705066][ T5097] usb 2-1: config 255 has an invalid interface number: 182 but max is 0 [ 326.727627][ T7287] loop2: detected capacity change from 0 to 128 [ 326.728808][ T5097] usb 2-1: config 255 has no interface number 0 [ 326.776670][ T5097] usb 2-1: config 255 interface 182 has no altsetting 0 [ 326.837629][ T5097] usb 2-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice=2e.66 [ 326.871307][ T5097] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 326.892453][ T5097] usb 2-1: Product: syz [ 326.948688][ T7294] capability: warning: `syz.0.1017' uses 32-bit capabilities (legacy support in use) [ 326.955816][ T5097] usb 2-1: Manufacturer: syz [ 326.964519][ T5097] usb 2-1: SerialNumber: syz [ 327.876274][ T5097] ftdi_sio 2-1:255.182: FTDI USB Serial Device converter detected [ 327.888828][ T5097] ftdi_sio ttyUSB0: unknown device type: 0x2e66 [ 327.897785][ T5097] usb 2-1: USB disconnect, device number 4 [ 327.937362][ T5097] ftdi_sio 2-1:255.182: device disconnected [ 329.395375][ T7] usb 3-1: new full-speed USB device number 11 using dummy_hcd [ 329.795787][ T7] usb 3-1: unable to get BOS descriptor or descriptor too short [ 329.844110][ T7] usb 3-1: not running at top speed; connect to a high speed hub [ 330.055871][ T7] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 330.072632][ T7] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 330.128580][ T7] usb 3-1: string descriptor 0 read error: -22 [ 330.139922][ T7] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 330.464009][ T7] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 330.481079][ T7] usb 3-1: 0:2 : does not exist [ 330.759216][ T7353] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1043'. [ 330.768961][ T7352] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1042'. [ 331.261857][ T7367] loop0: detected capacity change from 0 to 8 [ 331.306317][ T7367] unable to read fragment index table [ 331.968355][ T26] audit: type=1326 audit(1763977548.003:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7368 comm="syz.4.1050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448878f749 code=0x7ffc0000 [ 331.997044][ T4277] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 332.050881][ T26] audit: type=1326 audit(1763977548.053:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7368 comm="syz.4.1050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448878f749 code=0x7ffc0000 [ 332.243626][ T26] audit: type=1326 audit(1763977548.053:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7368 comm="syz.4.1050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f448878f749 code=0x7ffc0000 [ 332.722808][ T7] usb 3-1: 5:0: failed to get current value for ch 0 (-22) [ 332.915989][ T26] audit: type=1326 audit(1763977548.053:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7368 comm="syz.4.1050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448878f749 code=0x7ffc0000 [ 332.977586][ T7] usb 3-1: 5:0: failed to get current value for ch 1 (-22) [ 333.036625][ T26] audit: type=1326 audit(1763977548.053:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7368 comm="syz.4.1050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448878f749 code=0x7ffc0000 [ 333.059698][ T26] audit: type=1326 audit(1763977548.053:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7368 comm="syz.4.1050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=123 compat=0 ip=0x7f448878f749 code=0x7ffc0000 [ 333.095320][ T26] audit: type=1326 audit(1763977548.053:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7368 comm="syz.4.1050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448878f749 code=0x7ffc0000 [ 333.143434][ T7] usb 3-1: USB disconnect, device number 11 [ 333.175386][ T26] audit: type=1326 audit(1763977548.053:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7368 comm="syz.4.1050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448878f749 code=0x7ffc0000 [ 333.182876][ T7382] mmap: syz.3.1055 (7382): VmData 37470208 exceed data ulimit 6. Update limits or use boot option ignore_rlimit_data. [ 334.737530][ T7409] loop2: detected capacity change from 0 to 8 [ 334.799286][ T7409] unable to read fragment index table [ 335.648834][ T5451] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 336.709909][ T7423] Bluetooth: MGMT ver 1.22 [ 336.859036][ T7429] loop2: detected capacity change from 0 to 1024 [ 336.897901][ T7429] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 337.116308][ T7429] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 337.139536][ T7429] ext4 filesystem being mounted at /202/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 337.399053][ T7429] EXT4-fs error (device loop2): ext4_lookup:1858: inode #15: comm syz.2.1073: inode has both inline data and extents flags [ 337.812114][ T7429] EXT4-fs (loop2): Remounting filesystem read-only [ 338.079719][ T4280] EXT4-fs (loop2): unmounting filesystem. [ 339.154286][ T7456] loop0: detected capacity change from 0 to 512 [ 339.495369][ T4887] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 339.815307][ T4887] usb 2-1: Using ep0 maxpacket: 16 [ 339.822421][ T4887] usb 2-1: config 0 has an invalid interface number: 29 but max is 0 [ 339.858856][ T4887] usb 2-1: config 0 has no interface number 0 [ 339.865510][ T4887] usb 2-1: config 0 interface 29 altsetting 0 endpoint 0x82 has invalid maxpacket 1104, setting to 1024 [ 340.178388][ T4887] usb 2-1: config 0 interface 29 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024 [ 340.310704][ T4887] usb 2-1: New USB device found, idVendor=050d, idProduct=2102, bcdDevice=70.d0 [ 340.680196][ T4887] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 340.688634][ T4887] usb 2-1: Product: syz [ 340.692825][ T4887] usb 2-1: Manufacturer: syz [ 340.697714][ T4887] usb 2-1: SerialNumber: syz [ 340.704314][ T4887] usb 2-1: config 0 descriptor?? [ 340.713911][ T7465] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 340.942794][ T7] usb 2-1: USB disconnect, device number 5 [ 341.435715][ T7494] loop2: detected capacity change from 0 to 8 [ 342.416680][ T7494] unable to read fragment index table [ 343.073854][ T7483] kthread_run failed with err -4 [ 345.435722][ T7539] loop2: detected capacity change from 0 to 8192 [ 348.821039][ T7613] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1147'. [ 351.665511][ T7650] loop2: detected capacity change from 0 to 1764 [ 351.857067][ T7656] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 353.214388][ T7677] loop0: detected capacity change from 0 to 512 [ 353.285185][ T7677] EXT4-fs error (device loop0): __ext4_fill_super:5397: inode #2: comm syz.0.1176: inode has both inline data and extents flags [ 353.385680][ T7677] EXT4-fs (loop0): get root inode failed [ 353.418725][ T7677] EXT4-fs (loop0): mount failed [ 353.839238][ T26] audit: type=1326 audit(1763977576.886:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7695 comm="syz.0.1185" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x0 [ 354.346174][ T7708] loop1: detected capacity change from 0 to 16 [ 354.412871][ T7708] erofs: (device loop1): erofs_init_device: empty device tag @ pos 0 [ 354.681325][ T7718] loop0: detected capacity change from 0 to 8 [ 355.611560][ T7718] unable to read fragment index table [ 355.862567][ T7724] loop2: detected capacity change from 0 to 256 [ 355.927348][ T7724] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 355.980274][ T7728] loop0: detected capacity change from 0 to 16 [ 355.996469][ T7724] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 356.036201][ T7728] erofs: (device loop0): mounted with root inode @ nid 36. [ 356.087006][ T7724] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 356.220707][ T7732] netlink: 'syz.1.1199': attribute type 29 has an invalid length. [ 356.319894][ T7732] netlink: 'syz.1.1199': attribute type 29 has an invalid length. [ 356.576622][ T7742] ICMPv6: NA: bb:bb:bb:bb:bb:bb advertised our address fe80::aa on syz_tun! [ 357.036095][ T7751] loop0: detected capacity change from 0 to 2048 [ 357.800645][ T7751] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 357.886624][ T7751] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 357.946065][ T7751] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 357.971445][ T7751] UDF-fs: Scanning with blocksize 512 failed [ 358.014169][ T7751] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 358.219839][ T7766] loop2: detected capacity change from 0 to 1024 [ 358.300036][ T7766] hfsplus: invalid uid specified [ 358.334602][ T7766] hfsplus: unable to parse mount options [ 358.988419][ T7785] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 359.091265][ T7785] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 359.601607][ T7803] loop0: detected capacity change from 0 to 128 [ 360.145242][ T4269] Bluetooth: hci4: command 0x0406 tx timeout [ 361.785617][ T7813] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1236'. [ 361.841871][ T7813] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1236'. [ 362.129817][ T7818] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 362.992052][ T7825] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1238'. [ 363.015509][ T7829] cgroup: Unknown subsys name '¬§@﬽æì¦4*oäÂÒ£hÓîºoþüíUÜ' [ 363.154580][ T4628] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 363.373672][ T4628] usb 2-1: Using ep0 maxpacket: 8 [ 363.380518][ T4628] usb 2-1: config 0 has an invalid interface number: 235 but max is 0 [ 363.410751][ T4628] usb 2-1: config 0 has no interface number 0 [ 363.436425][ T4628] usb 2-1: config 0 interface 235 altsetting 3 endpoint 0x88 has an invalid bInterval 254, changing to 11 [ 363.497801][ T4628] usb 2-1: config 0 interface 235 has no altsetting 0 [ 363.528639][ T4628] usb 2-1: New USB device found, idVendor=0499, idProduct=1026, bcdDevice=44.cd [ 363.573787][ T4628] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 363.597830][ T4628] usb 2-1: Product: syz [ 363.602162][ T4628] usb 2-1: Manufacturer: syz [ 363.629898][ T4628] usb 2-1: SerialNumber: syz [ 363.663722][ T4628] usb 2-1: config 0 descriptor?? [ 363.902880][ T4628] usb 2-1: USB disconnect, device number 6 [ 364.024676][ T7854] netlink: 'syz.4.1254': attribute type 9 has an invalid length. [ 364.036801][ T26] audit: type=1326 audit(1763977587.081:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7856 comm="syz.0.1256" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd3db98f749 code=0x0 [ 364.054412][ T7854] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1254'. [ 364.812384][ T7874] 9pnet_fd: Insufficient options for proto=fd [ 365.543448][ T7884] Bluetooth: hci0: service_discovery: too big uuid_count value 51713 [ 366.012612][ T7907] loop2: detected capacity change from 0 to 8 [ 366.044697][ T7907] SQUASHFS error: lzo decompression failed, data probably corrupt [ 366.051031][ T26] audit: type=1326 audit(1763977589.092:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7908 comm="syz.4.1279" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f448878f749 code=0x0 [ 366.066035][ T7907] SQUASHFS error: Failed to read block 0x91: -5 [ 366.093582][ T7907] SQUASHFS error: Unable to read metadata cache entry [8f] [ 366.117123][ T7907] SQUASHFS error: Unable to read inode 0x11f [ 366.645365][ T7931] syz.3.1290 uses obsolete (PF_INET,SOCK_PACKET) [ 366.652231][ T7932] x_tables: duplicate underflow at hook 1 [ 369.064801][ T7969] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1307'. [ 370.102242][ T7980] loop1: detected capacity change from 0 to 8 [ 370.121347][ T7980] unable to read fragment index table [ 371.243561][ T26] audit: type=1326 audit(1763977594.295:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8000 comm="syz.3.1318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9638f749 code=0x7ffc0000 [ 371.317222][ T26] audit: type=1326 audit(1763977594.295:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8000 comm="syz.3.1318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7f1c9638f749 code=0x7ffc0000 [ 371.419684][ T26] audit: type=1326 audit(1763977594.295:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8000 comm="syz.3.1318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9638f749 code=0x7ffc0000 [ 371.539748][ T26] audit: type=1326 audit(1763977594.295:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8000 comm="syz.3.1318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9638f749 code=0x7ffc0000 [ 372.040663][ T8013] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1310'. [ 372.049708][ T8013] device bridge_slave_1 left promiscuous mode [ 372.057090][ T8013] bridge0: port 2(bridge_slave_1) entered disabled state [ 372.577960][ T8013] device bridge_slave_0 left promiscuous mode [ 372.584393][ T8013] bridge0: port 1(bridge_slave_0) entered disabled state [ 372.704212][ T8014] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12 [ 372.713766][ T8014] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12 [ 372.723625][ T8014] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 373.367968][ T8055] netlink: 'syz.0.1338': attribute type 2 has an invalid length. [ 373.414207][ T8055] netlink: 'syz.0.1338': attribute type 1 has an invalid length. [ 376.041088][ T8084] loop1: detected capacity change from 0 to 164 [ 376.966770][ T8093] Illegal XDP return value 4291543040 on prog (id 165) dev N/A, expect packet loss! [ 378.082824][ T8084] netlink: 27 bytes leftover after parsing attributes in process `syz.1.1351'. [ 378.327089][ T8138] netlink: 140 bytes leftover after parsing attributes in process `syz.2.1374'. [ 378.540530][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.546994][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.084148][ T8160] loop0: detected capacity change from 0 to 8 [ 379.147578][ T8165] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1380'. [ 379.158393][ T8165] device bridge_slave_1 left promiscuous mode [ 379.165871][ T8165] bridge0: port 2(bridge_slave_1) entered disabled state [ 379.216808][ T8160] unable to read fragment index table [ 379.909371][ T8165] device bridge_slave_0 left promiscuous mode [ 379.915754][ T8165] bridge0: port 1(bridge_slave_0) entered disabled state [ 380.130326][ T26] audit: type=1326 audit(1763977603.195:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8176 comm="syz.4.1386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448878f749 code=0x7ffc0000 [ 380.261655][ T26] audit: type=1326 audit(1763977603.326:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8176 comm="syz.4.1386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448878f749 code=0x7ffc0000 [ 381.094727][ T26] audit: type=1326 audit(1763977603.367:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8176 comm="syz.4.1386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f448878f749 code=0x7ffc0000 [ 381.154910][ T26] audit: type=1326 audit(1763977603.367:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8176 comm="syz.4.1386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448878f749 code=0x7ffc0000 [ 381.251461][ T26] audit: type=1326 audit(1763977603.367:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8176 comm="syz.4.1386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448878f749 code=0x7ffc0000 [ 381.864422][ T8214] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1401'. [ 381.898014][ T8214] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1401'. [ 381.908057][ T8214] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1401'. [ 384.238196][ T26] audit: type=1326 audit(1763977607.336:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8289 comm="syz.1.1415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5527f8f749 code=0x7ffc0000 [ 384.325001][ T8290] loop1: detected capacity change from 0 to 128 [ 384.341621][ T26] audit: type=1326 audit(1763977607.336:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8289 comm="syz.1.1415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5527f8f749 code=0x7ffc0000 [ 384.386206][ T26] audit: type=1326 audit(1763977607.366:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8289 comm="syz.1.1415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7f5527f8f749 code=0x7ffc0000 [ 384.409081][ T26] audit: type=1326 audit(1763977607.366:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8289 comm="syz.1.1415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5527f8f749 code=0x7ffc0000 [ 384.503877][ T26] audit: type=1326 audit(1763977607.366:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8289 comm="syz.1.1415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5527f8f749 code=0x7ffc0000 [ 386.447823][ T26] audit: type=1326 audit(1763977607.366:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8289 comm="syz.1.1415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=43 compat=0 ip=0x7f5527f8f749 code=0x7ffc0000 [ 386.891103][ T8341] loop1: detected capacity change from 0 to 164 [ 386.917201][ T26] audit: type=1326 audit(1763977607.366:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8289 comm="syz.1.1415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5527f8f749 code=0x7ffc0000 [ 387.095467][ T8341] Unable to read rock-ridge attributes [ 387.372446][ T26] audit: type=1326 audit(1763977607.366:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8289 comm="syz.1.1415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5527f8f749 code=0x7ffc0000 [ 387.508030][ T26] audit: type=1326 audit(1763977607.366:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8289 comm="syz.1.1415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5527f8f749 code=0x7ffc0000 [ 387.608984][ T26] audit: type=1326 audit(1763977607.366:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8289 comm="syz.1.1415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5527f8f749 code=0x7ffc0000 [ 387.661552][ T26] audit: type=1326 audit(1763977607.366:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8289 comm="syz.1.1415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5527f8f749 code=0x7ffc0000 [ 387.821117][ T8358] netlink: 'syz.4.1424': attribute type 4 has an invalid length. [ 387.829098][ T8358] netlink: 17 bytes leftover after parsing attributes in process `syz.4.1424'. [ 388.048328][ T26] audit: type=1326 audit(1763977607.366:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8289 comm="syz.1.1415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f5527f8f749 code=0x7ffc0000 [ 388.073929][ T26] audit: type=1326 audit(1763977607.366:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8289 comm="syz.1.1415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5527f8f749 code=0x7ffc0000 [ 388.104694][ T26] audit: type=1326 audit(1763977607.366:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8289 comm="syz.1.1415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5527f8f749 code=0x7ffc0000 [ 388.161103][ T26] audit: type=1326 audit(1763977607.366:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8289 comm="syz.1.1415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f5527f8f749 code=0x7ffc0000 [ 388.655361][ T7] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 388.882718][ T7] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 388.996053][ T7] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 389.559938][ T7] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 389.578180][ T7] usb 2-1: config 0 descriptor?? [ 389.832267][ T7] usb 2-1: USB disconnect, device number 7 [ 391.101562][ T8470] loop1: detected capacity change from 0 to 8 [ 391.228725][ T8470] unable to read fragment index table [ 391.950323][ T8493] loop1: detected capacity change from 0 to 8 [ 391.999372][ T8493] SQUASHFS error: lzo decompression failed, data probably corrupt [ 392.009849][ T8493] SQUASHFS error: Failed to read block 0x91: -5 [ 392.016626][ T8493] SQUASHFS error: Unable to read metadata cache entry [8f] [ 392.024919][ T8493] SQUASHFS error: Unable to read inode 0x11f [ 392.752747][ T8506] loop1: detected capacity change from 0 to 256 [ 392.874861][ T8506] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010895, chksum : 0x816c887a, utbl_chksum : 0xe619d30d) [ 395.367667][ T8527] netlink: 'syz.1.1460': attribute type 4 has an invalid length. [ 395.375562][ T8527] netlink: 17 bytes leftover after parsing attributes in process `syz.1.1460'. [ 395.620487][ T26] kauditd_printk_skb: 31 callbacks suppressed [ 395.620504][ T26] audit: type=1326 audit(1763977618.781:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8533 comm="syz.4.1462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448878f749 code=0x7ffc0000 [ 395.697778][ T26] audit: type=1326 audit(1763977618.812:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8533 comm="syz.4.1462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448878f749 code=0x7ffc0000 [ 395.745164][ T8535] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 395.763350][ T26] audit: type=1326 audit(1763977618.822:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8533 comm="syz.4.1462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=141 compat=0 ip=0x7f448878f749 code=0x7ffc0000 [ 395.816451][ T8535] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 395.837208][ T26] audit: type=1326 audit(1763977618.832:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8533 comm="syz.4.1462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448878f749 code=0x7ffc0000 [ 395.879991][ T8535] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 395.917415][ T8535] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 395.941168][ T26] audit: type=1326 audit(1763977618.832:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8533 comm="syz.4.1462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448878f749 code=0x7ffc0000 [ 396.011120][ T8535] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 397.930706][ T8574] netlink: 'syz.2.1473': attribute type 4 has an invalid length. [ 397.938678][ T8574] netlink: 17 bytes leftover after parsing attributes in process `syz.2.1473'. [ 401.953681][ T8621] loop0: detected capacity change from 0 to 2048 [ 402.057627][ T8621] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 404.349764][ T8667] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 404.372313][ T8667] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 404.389485][ T8670] loop0: detected capacity change from 0 to 512 [ 404.419191][ T8670] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.1500: inode has both inline data and extents flags [ 404.434081][ T8670] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.1500: couldn't read orphan inode 15 (err -117) [ 404.446663][ T8670] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 404.463101][ T8667] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 404.487888][ T8667] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 404.583670][ T8667] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 404.615282][ T4266] EXT4-fs (loop0): unmounting filesystem. [ 404.971600][ T8697] netlink: 'syz.3.1506': attribute type 3 has an invalid length. [ 405.108637][ T8698] loop1: detected capacity change from 0 to 2048 [ 405.287658][ T8698] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 412.538558][ T8789] device wireguard0 entered promiscuous mode [ 414.919772][ T8815] mmap: syz.2.1541 (8815) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 414.998922][ T8815] [ 415.001316][ T8815] ====================================================== [ 415.008354][ T8815] WARNING: possible circular locking dependency detected [ 415.015404][ T8815] syzkaller #0 Not tainted [ 415.019836][ T8815] ------------------------------------------------------ [ 415.026871][ T8815] syz.2.1541/8815 is trying to acquire lock: [ 415.032864][ T8815] ffff888074991580 (&sb->s_type->i_mutex_key#12){+.+.}-{3:3}, at: process_measurement+0x33c/0x1a10 [ 415.043621][ T8815] [ 415.043621][ T8815] but task is already holding lock: [ 415.051005][ T8815] ffff88805643ea58 (&mm->mmap_lock){++++}-{3:3}, at: __se_sys_remap_file_pages+0x17d/0x770 [ 415.061060][ T8815] [ 415.061060][ T8815] which lock already depends on the new lock. [ 415.061060][ T8815] [ 415.071488][ T8815] [ 415.071488][ T8815] the existing dependency chain (in reverse order) is: [ 415.080525][ T8815] [ 415.080525][ T8815] -> #1 (&mm->mmap_lock){++++}-{3:3}: [ 415.088126][ T8815] down_read_killable+0x4c/0x340 [ 415.093630][ T8815] mmap_read_lock_killable+0x1d/0x60 [ 415.099471][ T8815] lock_mm_and_find_vma+0x2b1/0x2f0 [ 415.105234][ T8815] do_user_addr_fault+0x2db/0xb10 [ 415.110812][ T8815] exc_page_fault+0x60/0x100 [ 415.115958][ T8815] asm_exc_page_fault+0x22/0x30 [ 415.121370][ T8815] fault_in_readable+0x13e/0x1f0 [ 415.126864][ T8815] fault_in_iov_iter_readable+0xbb/0x2e0 [ 415.133055][ T8815] generic_perform_write+0x1d2/0x560 [ 415.138868][ T8826] loop0: detected capacity change from 0 to 512 [ 415.145139][ T8815] __generic_file_write_iter+0x172/0x430 [ 415.151324][ T8815] generic_file_write_iter+0xab/0x2e0 [ 415.157236][ T8815] vfs_write+0x44c/0x960 [ 415.162015][ T8815] ksys_write+0x143/0x240 [ 415.166888][ T8815] do_syscall_64+0x4c/0xa0 [ 415.171836][ T8815] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 415.178253][ T8815] [ 415.178253][ T8815] -> #0 (&sb->s_type->i_mutex_key#12){+.+.}-{3:3}: [ 415.186952][ T8815] __lock_acquire+0x2cf8/0x7c50 [ 415.192332][ T8815] lock_acquire+0x1b4/0x490 [ 415.197358][ T8815] down_write+0x36/0x60 [ 415.202046][ T8815] process_measurement+0x33c/0x1a10 [ 415.207775][ T8815] ima_file_mmap+0x104/0x150 [ 415.212894][ T8815] __se_sys_remap_file_pages+0x53e/0x770 [ 415.219055][ T8815] do_syscall_64+0x4c/0xa0 [ 415.223999][ T8815] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 415.230416][ T8815] [ 415.230416][ T8815] other info that might help us debug this: [ 415.230416][ T8815] [ 415.240645][ T8815] Possible unsafe locking scenario: [ 415.240645][ T8815] [ 415.248093][ T8815] CPU0 CPU1 [ 415.253455][ T8815] ---- ---- [ 415.258831][ T8815] lock(&mm->mmap_lock); [ 415.263173][ T8815] lock(&sb->s_type->i_mutex_key#12); [ 415.271156][ T8815] lock(&mm->mmap_lock); [ 415.278092][ T8815] lock(&sb->s_type->i_mutex_key#12); [ 415.283594][ T8815] [ 415.283594][ T8815] *** DEADLOCK *** [ 415.283594][ T8815] [ 415.291736][ T8815] 1 lock held by syz.2.1541/8815: [ 415.296755][ T8815] #0: ffff88805643ea58 (&mm->mmap_lock){++++}-{3:3}, at: __se_sys_remap_file_pages+0x17d/0x770 [ 415.307202][ T8815] [ 415.307202][ T8815] stack backtrace: [ 415.313091][ T8815] CPU: 1 PID: 8815 Comm: syz.2.1541 Not tainted syzkaller #0 [ 415.320465][ T8815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 415.330522][ T8815] Call Trace: [ 415.333806][ T8815] [ 415.336743][ T8815] dump_stack_lvl+0x168/0x22e [ 415.341425][ T8815] ? load_image+0x3b0/0x3b0 [ 415.345940][ T8815] ? show_regs_print_info+0x12/0x12 [ 415.351146][ T8815] ? print_circular_bug+0x12b/0x1a0 [ 415.356357][ T8815] check_noncircular+0x274/0x310 [ 415.361302][ T8815] ? add_chain_block+0x940/0x940 [ 415.366247][ T8815] ? lockdep_lock+0xdc/0x1e0 [ 415.370844][ T8815] ? _find_first_zero_bit+0xcf/0x100 [ 415.376152][ T8815] __lock_acquire+0x2cf8/0x7c50 [ 415.381018][ T8815] ? ima_match_policy+0x104/0x2100 [ 415.386137][ T8815] ? verify_lock_unused+0x140/0x140 [ 415.391348][ T8815] ? ima_match_policy+0x207a/0x2100 [ 415.396553][ T8815] lock_acquire+0x1b4/0x490 [ 415.401064][ T8815] ? process_measurement+0x33c/0x1a10 [ 415.406533][ T8815] ? __might_sleep+0xd0/0xd0 [ 415.411129][ T8815] ? read_lock_is_recursive+0x10/0x10 [ 415.416540][ T8815] ? ima_get_action+0x71/0xa0 [ 415.421227][ T8815] down_write+0x36/0x60 [ 415.425393][ T8815] ? process_measurement+0x33c/0x1a10 [ 415.430863][ T8815] process_measurement+0x33c/0x1a10 [ 415.436080][ T8815] ? ima_file_mmap+0x150/0x150 [ 415.440855][ T8815] ? aa_file_perm+0x117/0xec0 [ 415.445548][ T8815] ? mtree_load+0xeb/0xa40 [ 415.449975][ T8815] ? mtree_load+0x90a/0xa40 [ 415.454483][ T8815] ? aa_get_current_label+0x110/0x1d0 [ 415.459869][ T8815] ? apparmor_current_getsecid_subj+0xb1/0x110 [ 415.466036][ T8815] ima_file_mmap+0x104/0x150 [ 415.470637][ T8815] ? ima_file_free+0x3e0/0x3e0 [ 415.475415][ T8815] ? common_file_perm+0x171/0x1c0 [ 415.480469][ T8815] ? bpf_lsm_mmap_file+0x5/0x10 [ 415.485349][ T8815] ? security_mmap_file+0x11b/0x180 [ 415.490576][ T8815] __se_sys_remap_file_pages+0x53e/0x770 [ 415.496312][ T8815] ? __se_sys_futex+0x14a/0x440 [ 415.501205][ T8815] ? __x64_sys_remap_file_pages+0xc0/0xc0 [ 415.506929][ T8815] ? lock_chain_count+0x20/0x20 [ 415.511787][ T8815] ? lockdep_hardirqs_on+0x94/0x140 [ 415.516994][ T8815] ? __x64_sys_remap_file_pages+0x1c/0xc0 [ 415.522725][ T8815] do_syscall_64+0x4c/0xa0 [ 415.527146][ T8815] ? clear_bhb_loop+0x60/0xb0 [ 415.531826][ T8815] ? clear_bhb_loop+0x60/0xb0 [ 415.536507][ T8815] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 415.542409][ T8815] RIP: 0033:0x7fe982f8f749 [ 415.546831][ T8815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 415.566454][ T8815] RSP: 002b:00007fe983ebc038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d8 [ 415.574980][ T8815] RAX: ffffffffffffffda RBX: 00007fe9831e5fa0 RCX: 00007fe982f8f749 [ 415.582965][ T8815] RDX: 0000000000000000 RSI: 0000000000004000 RDI: 0000200000ffb000 [ 415.590936][ T8815] RBP: 00007fe983013f91 R08: 0000000000080000 R09: 0000000000000000 [ 415.598905][ T8815] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 415.606879][ T8815] R13: 00007fe9831e6038 R14: 00007fe9831e5fa0 R15: 00007ffc01cf1b88 [ 415.614865][ T8815] [ 415.658395][ T8826] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 415.672606][ T8826] EXT4-fs (loop0): 1 truncate cleaned up [ 415.681361][ T8826] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 415.713246][ T4266] EXT4-fs (loop0): unmounting filesystem.