last executing test programs: 2m26.293214344s ago: executing program 3 (id=7517): r0 = socket$kcm(0x15, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000080)=@in6={0xa, 0x4e26, 0x1, @mcast2, 0x7}, 0x80, 0x0}, 0x0) 2m26.005849752s ago: executing program 3 (id=7520): r0 = syz_open_dev$video4linux(&(0x7f0000000740), 0x5, 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(r0, 0xc040563e, &(0x7f0000000000)={0x1, 0x0, 0x101, 0x0, {0x6efb, 0x8}}) 2m25.825838036s ago: executing program 3 (id=7524): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r0, 0x0, 0x14, 0x0, &(0x7f0000000380)="f6f4e9a1d78ad62ceef1884386dd78bb3fb7dbfc", 0x0, 0xa1b, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 2m25.633042022s ago: executing program 3 (id=7527): r0 = syz_mount_image$nilfs2(&(0x7f00000008c0), &(0x7f0000000e00)='./file0\x00', 0x10000, &(0x7f0000000940)=ANY=[], 0x0, 0xdab, &(0x7f0000000e80)="$eJzs3ctvXNX9APBzx544L36x8wuNm6ZJSkigj9iQumklNkaii1KE1CVLmgaa1gmP0AUoi5RFV0i1hPgDipDIpuqi6oJNFbGiG1Sp+wqx6iaVkLJAUcCV7XPG429mdGcc2+PxfD7SnTP3fs+955x53LlzXycBI6ux8jg3N12l9N5H7z7zr7O/+NvylJOtHKdWHsfz2HxKqdmaL6XJsLz5idX0qy+uX2xPv85plc6nKlWt6en52615D6SUbqRT6VaaTE+9cOfeh4vPPrc4debm0Xc+vbs1rV9TbXUBAACwA3z58w9e+8djP70+dfcvJ+bTRGt62T6fz+MH83b/fN5QLtvL5X9A1ZZWHban94R843lohHxjHfK1l9MM+ca7lL8nLLfZJd9ETfljbdM6tRuG2dr/+Koxs2680ZiZWf1PvuyzsT3VzNXLCy9dG1BFgU1352TexWcwGEZuWDo06DUQwKp43PA+Nzb3SF1raeO9lX/76Ubn+WETbPfnX/nDVf4Hv7fGYfPs1k9TaVf5Hh3M4/E4wniYr9/vf1lePB7R7LGe3Y4jDMvxhW71HNvmemxUt/rHz8Vu9e2cltfhRIi3f3/iezos7zHQ2Zf2/xsMIzssDXoFBOxY8by5pazE43l9MT5RE99bE99XE99fEz9QE4dR9tc3/pgWq7X/+fE/fb/7w8p+tody+n991ifuj+y3/Hjeb78etPx4PjHsZL8898mf7/zu1j/j+f9fh/P/T+ff0sm8gij7C+N+9da5/+HC4EaXfIdDfR7qkH/l+ZH1+aoja8tJbeuZ++oxvX6+Q93yHV+fbzLk25+3RfaG+sbtk/1hvrL9Udar5fUaD+1thnbsCfUo78xUTveG9kx1a1fYkb0n5Gvm4f9Du46Edj0c5vtGaFc1vb5dcf95qc/RMD0eJyn5wtt23+9SfC/idRmP5PTtnL6f049z+nmHckdR+Tx2O/+/fD6nU7N66fLCpSfyePmcfjLWnFie/uQ21xt4cL1e/zOd1l//c7A1vdloXy8cWpteta8XJsP0812m/zCPl9+zX4/tW5k+c/GVhV9tduNhxF17863fvriwcOl1TzzxxJPWk0GvmYCtNvvGlVdnr7351rnLV158+dLLl65e+MmPzj8x9+MLF2ZXNutn2zfugV1l7Ud/0DUBAAAAAAAAAAAAelbt6zw5p3X3ty3Xk5fr0+P18QyH8r6VT0O5j0G5/rPbfV3K9ZtT21BHNt92XE406DYCnf3X/X8NhpEdlpbcxR/YGQbd/1+572FJr/79Z3uXh5Lt9tPr15fx/oXwIHZ6/3PK3139/7X6v+p5/Rd6zJrcWLlX7j16s63YdKzX8mP7y31gj/RX/tVcfmnN2dRb+Ut/CuXHG5X26JVQ/v4ey7+v/cc3Vv6rufzysj1+utfyV2tcNdbXI+43LvcBjPuNi9dC+8u9/fpu/wY7ans9lw+jbFj6mezXsPT/2U1ZblkP5tVz6zhduf927O+g3/qX+36X34GHw/Krmt83/X8Ot7r+P8vnb1b/n7DrfOb4n8EwssPS0tJAuz4Z1X5XdopBv/6D3oYcdPmDfv3rxP4/4/+l2P9njMf+P2M89v8Z47F/rRiP/X/G1zP2/xnjR8NyY/+g0zXxb9bEj9XEv1UTP14Tj//fYvxUTfxETfxkTfxwTfyRmvjpmvijNfEzNfHHauKP18R3u+/kdFTbD6Ms9hvp+w+joxz/6fb9P1ITB4ZX7Nc5fr/P1sSB4VXO8/D9hhFUdb5jR9zfXvbjvp3T93P6cU4/37IKsh2+m9Pv5fT7Of1BTs/ldCansznVNeRw+8N/jp1YrNbO8zsU4r2eTxqvB4j3iXmyx/rE43P9ns96tMdytqr8DV4OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA0GiuPc3PTVUrvffTuM/8+95vDy1NOtnKcWnkcz2PzKaVmSqnK4+NheTcmVtOvvrh+sVNapfMrj2U8PX+7Ne+B5fnTqXQrTaanXrhz78PFZ59bnDpz8+g7n97dmtavqba6AAAAABig/wUAAP//vrPsgA==") ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0186e86, 0x0) 2m25.221128753s ago: executing program 3 (id=7530): syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000001180)=ANY=[], 0x1, 0x17c, &(0x7f0000000380)="$eJzskr9OAkEQxr+9O/5oFDWxooGC+KdQjkONnZbY29lI4ETiocKRKITijDEUFsbSJ+A1THwBLYwPQE1BrM2ZvZ3bLL6C+yvu2/l2ZnZ2c+d+208B+JkOajhEhIkMPhiDBSDHhDcxhD6TfpI+CcE75R2Rf0+a9Xv9JAC+nceKMC6qnud28gC+I09a/sGdgUnU6ms6qPHFKYAwDEPu1QGejgUlxwTQVnKyFrAaXSKUORYNsA6g2G1dF/1ef6vZqjbchnvpmOU9e8e2d53iWdNzbfFlyhF0FXDdBJBKQ8L3EwAeKJ7HLEwZjfbZHE5kbTJ+www9IExZayi1sTK8yrlSSsUx1sDHugmWFLcQdbEQXakCBpOCkqXMJ85KRxvbtSuvPgQDi8tGsGSP0hgJGThqUN4PsChaDallgbRCOiIdk+b+/DJWwL+PFG0EQBK31W63U+KPJFYsXjnSc5YD9cH4qS/G7OXeDGg0Go1Go9FoNBrNf+c3AAD//8PfdhM=") execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0) 2m24.050531915s ago: executing program 3 (id=7540): r0 = syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0) ioctl$FIONREAD(r0, 0x541b, 0x0) 2m9.718597802s ago: executing program 32 (id=7540): r0 = syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0) ioctl$FIONREAD(r0, 0x541b, 0x0) 1m54.656230321s ago: executing program 5 (id=7978): r0 = socket(0x2b, 0x80801, 0x1) setsockopt$inet6_tcp_int(r0, 0x6, 0x9, &(0x7f0000000080), 0x4) 1m54.380605005s ago: executing program 5 (id=7984): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, 0x0, 0x20088) 1m54.089296005s ago: executing program 5 (id=7991): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x20, 0x1, 0x8, 0x3, 0x0, 0x0, {0xa, 0x0, 0x2}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x8008}, 0x20040080) 1m53.857606894s ago: executing program 5 (id=7994): syz_mount_image$exfat(&(0x7f00000009c0), &(0x7f0000000000)='./file1\x00', 0x8, &(0x7f0000000340)={[{@utf8}, {@umask={'umask', 0x3d, 0x8000}}, {@uid={'uid', 0x3d, 0xee01}}, {@iocharset={'iocharset', 0x3d, 'euc-jp'}}, {@errors_remount}, {@namecase}, {@fmask={'fmask', 0x3d, 0x5}}, {@dmask={'dmask', 0x3d, 0x1}}, {@time_offset={'time_offset', 0x3d, 0x6}}, {@errors_remount}]}, 0x1, 0x152b, &(0x7f0000002f80)="$eJzs3AmYjtXbAPD7Puc8Y0zS2yTLcM65H95kOSZJsiTJkiRJkmRLSJrkLwmJIVvSkIRkGZJlCMkyMWns+74kJEmTJCHZkvNdir/66r8vvuub+3ddzzXnfs9zn+c87/0+8yyzfNN5SI1GNas2ICL4l+AvX5IBIBYABgDANQAQAEDZ+LLxF/pzSkz+1zbC/r0eSrvSM2BXEtc/e+P6Z29c/+yN65+9cf2zN65/9sb1z964/oxlZ5umFbiWl+y78PP/7IzP//+PZJUa88WaUtd3AYj5e1O4/tkb1///reDvWYnrn71x/bOr2Cs9AfZ/AB//2UGOv9jD9c/euP6MZWdX+vnzf36Rf7UfItnhPfgr+88YY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjP0XnPaXKQC41L7S82KMMcYYY4wxxti/j89xpWfAGGOMMcYYY4yx/zwEARIUBBADOSAWckIcCAC4GnLDNRCBayEeroM8cD3khXyQHwpAAhSEQqDBgAWCEApDEYjCDVAUboRiUBxKQElwUAoS4SYoDTdDGbgFysKtUA5ug/JQASpCJbgdKsMdUAXuhKpwF1SD6lADasLdUAvugdpwL9SB+6Au3A/14AGoDw9CA3gIGsLD0AgegcbwKDSBptAMmkOLfyr/BegOL0IP6AnJ0At6w0vQB/pCP+gPA+BlGAivwCB4FVJgMAyB12AovA7D4A0YDiNgJLwJo+AtGA1jYCyMg1QYDxPgbZgI78AkmAxTYCqkwTSYDu/CDJgJs+A9mA3vwxyYC/NgPqTDB7AAFkIGfAiL4CPIhMWwBJbCMlgOK2AlrILVsAbWwjpYDxtgI2yCzbAFtsI22A474GPYCZ/ALtgNe/5cv38k/9Sv8j+FvdAFAQEFClSoMAZjMBZjMQ7jMBfmwtyYGyMYwXiMxzyYB/NiXsyP+TEBE7AQFkKDBgkJC2NhjGIUi2JRLIbFsASWQIcOEzERS+PNWAbLYFksi+WwHJbHClgBK2ElrIyVsQpWwapYFathNayBNfBuvBt7YW2sjXWwDtbFupceT2EDbIANsSE2wkbYGBtjE2yCzbAZtsAW2BJbYitshW2wDbbFttgO22ESJmF7bI8dsAN2xI7YCTthZ+yMXbArds16IQfgi/gi9sRqohf2xt7YB1Ny9MP+2B9fxoH4Cr6Cr2IKDsYh+Bq+hq/jMDyJw3EEjsSRWFm8haNxDJIYh6mYihNwAk7EiTgJJ+NknIppOA2n43ScgTNxJr6Hs/F9fB/n4lycj+mYjgtwIWZgBi7CU5iJi3EJLsVluByX4UpchStxDa7FNbge1+NG3IibcTNuxa24Hbfjx6gA8BPcjbsxBffiXtyH+3A/7scDeACzMAsP4kE8hIfwMB7GI3gEj+IxPI7H8ASewJN4Ck/jaTyLZ/EcPpfwVcOPi69OAXGBEkrEiBgRK2JFnIgTuUQukVvkFhEREfEiXuQReURekVfkF/lFgkgQhUQhYYQRJMIYABBRERVFRVFRTBQTJUQJ4YQTiSJRlBalRRlRRpQVt4py4jZRXlQQrV0lUUlUFm1cFXGnqCqqimqiuqghaoqaopaoJWqL2qKOqCPqirqinnhA1Be9sB8+JC5UppEYjI3FEGwimgp58QhoKYZhK9FatBFPiBE4HNuJli5JPC3ai9HYQfxJjMFnRScxDjuL50UX0VV0Ey+I7qKV6yF6iknYS/QWU7GP6Cv6if5iBlYX7+HsnDXEqyJFDBZDxGtiPr4uhok3xHAxQowUb4pR4i0xWowRY8U4kSrGiwnibTFRvCMmicliipgq0sQ0MV28K2aImWKWeE/MFu+LOWKumCfmi3TxgVggFooM8aFYJD4SmWKxWCKWimViuVghVopVYrVYI9aKdWK92CA2ik1is9gitoptYrvYIT4WO8UnYpfYLfaIT8Ve8ZnYJz4X+8UX4oD4UmSJr8RB8bU4JL4Rh8W34oj4ThwVx8Rx8b04IX4QJ8UpcVqcEWfFj+Kc+EmcF16ARCmklEoGMkbmkLEyp4yTV8lcMrj47l4r4+V1Mo+8XuaV+WR+WUAmyIKykNTSSCtJhrKwLCKj8gZZVN4oi8nisoQsKZ0sJRPlTbK0vFmWkbfIsvJWWU7eJsvLCrKirCRvl5XlHRIiv2yjmqwua8ia8m6ZDPfI2vJeWUfeJ+vK+2U9+YCsLx+UDeRDsqF8WDaSj8jG8lHZRDaVzWRz2UI+JlvKx2Ur2Vq2kU/ItvJJ2U4+JZPk07K99Bc/Is/KTvI52Vk+L7vIrrKb/Emel172kD0l9ALZW74k+8i+sp/sLwfIl+VA+YocJF+VKXKwHCJfk0Pl63KYfEMOlyPkSPmmHCXfkqPlGDlWjpOpcrycIN+WE+U7cpKcLKfIqTJNTpP9Lo40S8q/mf/2r/MvnHrlNDno561vlJvkZrlFbpXb5Ha5Q34sd8qdcpfcJffIPXKv3Cv3yX1yv9wvD8gDMktmyYPyoDwkD8nD8rA8Io/Io/KYPCO/lyfkD/KkPCVPyTPyrDwrz118D0ChEkoqpQIVo3KoWJVTxamrVC51tcqtrlERda2KV9epPOp6lVflU/lVAZWgCqpCSiujrCIVqsKqiIqqG/DiB0aVUCWVU6VUorrpH8lXRdWNqpgq/pv8S/NL/gvza6FaqJaqpWqlWqk2qo1qq9qqdqqdSlJJqr1qrzqoDqqj6qg6qU6qs+qsuqguqpvqprqr7qqH6qGSVbLqrV5SfVRf1U/1VwPUy2qgGqgGqUEqRaWoIWqIGqqGqmFqmBquhquRaqQapUap0Wq0GqvGqlSVqiaoCWqimqgmqUlqipqi0lSamq6mqxlqhpqlZqnZaraao+aoeWqeSlfpaoFaoDJUhlqkFqlMtVgtVkvVUrVcLVcr1Uq1Wq1Wa9VatV6tV5lqk9qktqgtapvapnaoHWqn2ql2qV1qj9qj9qq9ap/ap/ar/eqAOqCyVJY6qA6qQ+qQOqwOqyPqiDqqjqrj6rg6oU6ok+qkOq1Oq7PqrDqnzqnz6ryCQIAIRKACFcQEMUFsEBvEBXFBriBXkDvIHUSCSBAfxAd5guuDvEG+IH9QIEgICgaFAh2YwAbiYtGjwQ1B0eDGoFhQPCgRlAxcUCpIDG4KSgc3B2WCW4Kywa1BueC2oHxQIagYVApuDyoHdwRVgjuDqsFdQbWgelAjqBncHdQK7glqB/cGdYL7grrB/UG94IGgfvBg0CB4KGgYPBw0Ch4JGgePBk2CpkGzoHnQ4t86vvcn8z3ueuieOln30r31S7qP7qv76f56gH5ZD9Sv6EH6VZ2iB+sh+jU9VL+uh+k39HA9Qo/Ub+pR+i09Wo/RY/U4narH6wn6bT1Rv6Mn6cl6ip6q0/Q0PV2/q2fomXqWfk/P1u/rOXqunqfn63T9gV6gF+oM/aFepD/SmXqxXqKX6mV6uV6hV+pVerVeo9fqdXq93qA36k16s96it+pterveoT/WO/UnepferffoT/Ve/Znepz/X+/UX+oD+Umfpr/RB/bU+pL/Rh/W3+oj+Th/Vx/Rx/b0+oX/QJ/UpfVqf0Wf1j/qc/kmf1/7Cxf2F07tRRpkYE2NiTayJM3Eml8llcpvcJmIiJt7Emzwmj8lr8pr8Jr9JMAmmkClkLiBDprApbKImaoqaoqaYKWZKmBLGGWcSTaIpbUqbMqaMKWvKmnKmnClvypuKpqK53dxu7jB3mDvNneYuc5epbqqbmqamqWVqmdqmtqlj6pi6pq6pZ+qZ+qa+aWAamIamoWlkGpnGprFpYpqYZqaZaWFamJampWllWpk2po1pa9qadqadSTJJpr1pbzqYDqaj6Wg6mU6ms+lsupguppvpZrqb7qaH6WGSTbLpbXqbPqaP6Wf6mQFmgBloBppBZpBJMSlmiBlihpqhZpgZZoabEWbkhQtV85YZbcaYsWacSTWpZoKZYCaaiWaSmWSmmCkmzaSZ6Wa6mWFmmFlmlpltZps5Zo6ZZ+aZdJNuFpgFJsNkmEVmkck0mWaJWWKWmWVmhVlhVplVZo1ZY9bBOrPBbDCbzCazxWwx28w2s8PsMDvNTrPL7DJ7zB6z1+w1+8w+s9/sNwfMAZNlssxBc9AcMofMYXPYHDFHzFFz1Bw3x80Jc8KcNCfNaXPanDX5Lp4vvYm1OW2cvcrmslfb3PYa+7/j/LaATbAFbSGrbV6b7zexsdYWs8VtCVvSOlvKJtqbfheXtxVsRVvJ3m4r2ztsld/Ftew9tra919ax99ma9u7fxHXt/baefcTWRwSwTW1D29w2so/YxvZR28Q2tc1sc9vWPmnb2adskn3atrfP/C5eYBfaVXa1XWPX2l12tz1tz9hD9ht71v5oe9iedoB92Q60r9hB9lWbYgf/Lh5p37Sj7Ft2tB1jx9pxv4un2Kk2zU6z0+27doad+bs43X5gZ9sMO8fOtfPs/J/jC3PKsB/aRfYjm2kDWGKX2mV2uV1hV/55rkvtervBbrQ77Sd2i91qt9ntdselC2G72+6xn9q99jN70H5t99sv7AF72GbZr36OL+zfYfutPWK/s0ftMXvcfm9P2B/UpewL+/69/cmet94CIQFJUhRQDOWgWMpJcXQV5aKrKTddQxG6luLpOspD11Neykf5qQAlUEEqRJoMWSIKqTAVoSjdQJemV4JKkqNSlEg3UWm6mcrQLVSWbqVydBuVpwpUkSrR7VSZ7qAqdCdVpbuoGlWnGlST7qZadA/VpnupDt1Hdel+qkcPUH16kBrQQ9SQHqZG9Ag1pkepCTWlZtScWtBj1JIep1bUmtrQE9SWnqR29BQl0dPUnp6hDvQn6kjPUid6jjrT89SFulI3eoG604vUg3pSMvWi3vQS9aG+1I/60wB6mQbSKzSIXqUUGkxD6DUaSq/TMHqDhtMIGklv0ih6i0bTGBpL4yiVxtMEepsm0js0iSbTFJpKaTSNptO7NINm0ix6j2bT+zSH5tI8mk/p9AEtoIWUQR/SIvqIMmkxLaGltIyW0wpaSatoNa2htbSO1tMG2kibaDNtoa20jbbTDvqYdtIntIt20x76lPbSZ7SPPqf99AUdoC8pi76ig/Q1HaJv6DB963vSd3SUjtFx+p5O0A90kk7RaTpDZ+lHOkc/0XnyBCGGIpShCoMwJswRxoY5w7jwqjBXeHWYO7wmjITXhvHhdWGe8Powb5gvzB8WCBPCgmGhUIcmtCGFYVg4LBJGwxvCouGNYbGweFgiLBm6sFSYGN4Ulg5vDsuEt4Rlw1vDcuFtYfmwQvjIfZXC28PK4R1hlfDOsGp4V1gtrB7WCGuGd4e1wnvC2uG9YZ3wvrBMeH9YL3wgrB8+GDYIHwobhg+HjcJHwsbho2GTsGnYLGwetggfC1uGj4etwtZhm/CJsG34ZNgufCpMCp8O24fP/Nx//8K/3J8c9gp7hy+FL4Xe3yvnRedH06MfRBdEF0Yzoh9GF0U/imZGF0eXRJdGl0WXR1dEV0ZXRVdH10TXRtdF10c3RDdGva+ZAxw64aRTLnAxLoeLdTldnLvK5XJXu9zuGhdx17p4d53L4653eV0+l98VcAmuoCvktDPOOnKhK+yKuKi7wRV1N7pirrgr4Uo650q5RNfctXAtXEv3uGvlWrs27gn3hHvSPemeck+5p11794zr4P7kOrpnXSf3nHvOPe+6uK6um3vBdXfjc/9yTCa73q636+P6uH6unxvgBriBbqAb5Aa5FJfihrghbqgb6oa5YW64G+5GupFulBvlRrvRbqwb61JdqpvgJriJbqKb5Ca5KW6KS3Npbrqb7ma4Ga7yzF+2MsfNcfPcPJfu0t0Cd+GaMcMtcotcpst0S9wSt8wtcyvcCrfKrXJr3Bq3zq1zG9wGt8ltclvcFrfNbXM73A630+10u/w1vwzq9rp9bp/b7/a7A+5Ll+W+cgfd1+6Q+8Yddt+6I+47d9Qdc8fd9+6E+8GddKfcaXfGnXU/unPuJ3feeZcaGR+ZEHk7MjHyTmRSZHJkSmRqJC0yLTI98m5kRmRmZFbkvcjsyPuROZG5kXmR+ZH0yAeRBZGFkYzIh5FFkY8imZHFkSWRpZFlkeUR7wtuCX1hX8RH/Q2+qL/RF/PFfQlf0jtfyif6m3xpf7Mv42/xZf2tvpy/zZf3FXxF/6hv4pv6Zr65b+Ef8y39476Vb+3b+Cd8W/+kb+ef8kn+ad/eP+M7+D/5jv5Z38k/5zv7530X39V38y/47v5F38P39Mm+l+/tX/J9fF/fz/f3A/zLfqB/xQ/yr/oUP9gP8a/5of51P8y/4Yf7EX5kzJt+1KVbZBjnU/14P8G/7Sf6d/wkP9lP8VN9mp/mp/t3/Qw/08/y7/nZ/n0/x8/18/x8n+4/8Av8Qp/hP/SL/Ec+0y++9FDSr/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3e/wH/ud/hO/y+/2e/ynfq//zO/zn/v9/gt/wH/ps/xX/qD/2h/y3/jD/lt/xH/nj/pj/rj/3p/wP/iT/pQ/7c/4s/5Hf87/5M/z36wxxhhjjP1dxl9uit/2/PI4v9cf5IhfrdwbAK7eWiDr1/0XrijX5f2l3VcktI0AwNM9Oz90aalWLTk5+eK6mRKCInMBLv0k6IIYuBwvhjbwJCRBayj9h/PvK7qepb8xfvRWgLhf5cTC5fjy+J8DYPIfjP/YEyMXlAtPx/+V8ecCFCtyOScnXI4XQ5ufn6+0hjJ/Yf75Wv6N+ef8IhWg1a9ycsHl+PL8E+FxeAaSfrMmY4wxxhhjjDH2i76iYsdL95+XfuPzj+7PE9TlnBxwOf5b9+eMMcYYY4wxxhi78p7t2u2px5KSWnf8xxtV/qmsv7vRGP5TI3PjDxveA1x6RQHAvzggwIWG/G/uxeb/yrZSLh46/7tr2RkfwP+NUv7zjbF/fuUKf2NijDHGGGOM/dtdvvr/7evqSk2IMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLhv4b/1fsSu8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdqX9TwAAAP//HmP+kg==") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) 1m53.471864127s ago: executing program 5 (id=8002): r0 = socket$rds(0x15, 0x5, 0x0) ioctl$sock_proto_private(r0, 0x89e1, &(0x7f0000001080)) 1m52.731370394s ago: executing program 5 (id=8008): r0 = socket(0x23, 0x2, 0x0) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000005240)={&(0x7f0000004f80)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000005200)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x4000) 1m52.235713404s ago: executing program 33 (id=8008): r0 = socket(0x23, 0x2, 0x0) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000005240)={&(0x7f0000004f80)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000005200)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x4000) 21.446250889s ago: executing program 6 (id=9256): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000007c0)={0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'dummy0\x00', &(0x7f0000000000)=@ethtool_perm_addr={0x4b, 0x7, "4375bc03878249"}}) 21.168534414s ago: executing program 6 (id=9260): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_rx_ring(r0, 0x107, 0x18, &(0x7f0000000040)=@req3, 0x1c) 20.84740828s ago: executing program 6 (id=9265): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='projid_map\x00') read$FUSE(r0, &(0x7f0000001640)={0x2020}, 0x2020) 20.466292313s ago: executing program 6 (id=9270): syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f00000001c0)='./file0\x00', 0x204818, &(0x7f0000000380)={[{@sbsector={'sbsector', 0x3d, 0xae}}, {@utf8}, {@cruft}, {@session={'session', 0x3d, 0x62}}, {@sbsector}, {@gid}, {@session={'session', 0x3d, 0x54}}, {}]}, 0x1, 0x54e, &(0x7f00000008c0)="$eJzs3V1v01gawPHHfYEoK1WrZYVQVeBQdqUileAkEBSxN17nJD2Q2JHtoPYKVTRFFSmsKCtte8Nyw8xIMx+CuZwPMd8IzUeYke2kLzSJgb5O9f9FcE7sY5/npJYfuY2PBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAiOXWbLtoSdN4nWU1mlsL/Nbe2/7WhxbInQPFmH5FrPif5HJyLV107e97q6/G/83LXPpuTnJxkZOdv1z966MrUxOD7ccE/FV+/sY9bW3vvFzt9bpvjiuQc+j65dHrGtozoW9aTkMrE/qqWqnY95bqoaqbpg5Xwki3lBtoJ/IDteDeUcVqtax0YcXveI2a09SDhQ/vlmy7oh4X2toJQt+797gQukum2TReI2kTr47bPIwPxCcmUpF2Wkqtb/S65awBxI2KX9KolNWoZJdKxWKpVKw8qD54aNtThxbYn5FDLY7voMWf0zGevYGjmejnf2mKEU86sixq6MuVmgTiS2vE+r5B/v/nPT223/35f5Dlr+2tnpUk/99I390Ylf9HxHJ6ry3Zlh15KavSk5505c0J9jVz5qM9/GqIFk+MhOKLkZY4yRLVX6KkKhWpiC3PZEnqEoqSuhhpipZQViSUSHRyRLkSiBZHIvElECUL4sodUVKUqlSlLEq0FGRFfOmIJw2piZPsZV02ks+9LMoaFeNuo+LIYeQHx11XSmNGS/7H0R3r+Rs4it8H+R8AAAAAAFxYVvLb9/j6f1quJ7W6aWr7rMMCAAAAAADHKPnL/1xcTMe162Jx/Q8AAAAAwEVjJffYWSKSl5tpbV2s5HYpfgkAAAAAAMAFkfz9/0ZcJHOg3BRrd7oUrv8BAAAAALggvs+cYz9sX7Z+/U2CYNp6317+h7WZzM3rbE6m201+vseoPmvN9HeSFJW0mJpy9ZyVSxvtToL5qV+sZ8Vh7QXg7Abw/68J4MqU/Ci30ja31tJybbAm7SVfN01dcP3mo6I4zsxEpJej/77a+J8kw//Ba81YOdnodQvPX/fWkljex3t5v9mfQPHQPIpjYnmbzLeQ3HMxdMTTyY0Y/X7zlqxv9Lr2/vFPpJtPHOzx3cyYPj/IfNpqvj/jbf7g+HNxn8XCqNH3oygeceQf5Hba5vbC7bQYEkUpK4rS/iiGfxZHj6KcFUX5iFEAwFlZz8hClhzKu99wlvu27C5fmd0/yELaZmE2ObFOzQ45o9tZZ3R7fHabzIril0PPQBqVY+N+f/osq36MN/g4MquGzZIVf4STbzf/I1e3tnfubmyuvui+6L4qlcoV+75tPyjJdDKMfkHuAQAMsf8ZO9bQ/J/5FB7rfsZV9d92v1JQkOfyWnqyJovJ3QbJNw6G7jW/72sIixlXrfkkTaZPeFkcc1V3KbnLYbDf0ti2B2Mon8JPAgCA0zOfkYe/JP8vZlx3H8zl46+O8/ue1gYAAE6GDj5Z+eg7KwhM+1mxWi060ZJWge8+UYGpNbQyXqQDd8nxGlq1Az/yXb8ZV56amg5V2Gm3/SBSdT9QbT80y8n0gar/6PdQtxwvMm7Ybmon1Mr1vchxI1UzofuvduffTRMu6SDZOGxr19SN60TG91TodwJXF5QKtVZ7DU1Ne5Gpm7jqqXZgWk6QU0/9ZqelVU2HbmDakZ/ucNCX8ep+0Ep2e+msP2wAAM6Jre2dl6u9XvfNCVaGdpw79aECAIC+jCwNAAAAAAAAAAAAAAAAAAAAAADOgdO4/4/KBa8MpoI+L/FQOYZK5qnj3YmfnACcqD8CAAD//x6LT3Q=") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0) 20.075441532s ago: executing program 6 (id=9277): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000480)={'ip6_vti0\x00', 0x0}) 19.378171154s ago: executing program 6 (id=9287): r0 = socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$netlink(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f00000002c0)=ANY=[@ANYBLOB="e00000001000090500c63703b60000000000d0000000000000f5ffffa80000002b0e13eaa55522fcbd9fe735a3184f123d6da2f1acfac0ee2dd2b184b27d0800000400bf852c8986626691b01b5f44e4ce28715f28281812639845462928"], 0xe0}], 0x1, 0x0, 0x0, 0x4040}, 0x0) 18.839728979s ago: executing program 34 (id=9287): r0 = socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$netlink(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f00000002c0)=ANY=[@ANYBLOB="e00000001000090500c63703b60000000000d0000000000000f5ffffa80000002b0e13eaa55522fcbd9fe735a3184f123d6da2f1acfac0ee2dd2b184b27d0800000400bf852c8986626691b01b5f44e4ce28715f28281812639845462928"], 0xe0}], 0x1, 0x0, 0x0, 0x4040}, 0x0) 3.609037086s ago: executing program 7 (id=9465): r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0xa, &(0x7f0000000040)=0x1, 0x4) 3.282007456s ago: executing program 7 (id=9470): r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f00000005c0)={0x53, 0xfffffffffffffffc, 0xfd, 0x1, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000880)="5ca86304000000f0099af29e96c8d42bf351039697e1d4c1d8edc7399bed9c4584dd57963ddceee7af02f304286e50ffc3e59e635cf000000081f8ac2e86da524ae2ad5deb90ac06b044097359492e6fa240fc9d250c5ff8d080e2659439694cd1ecc032b04249a12c0d69e173f387a090b59226e9804aa251ed0c76014cf17b90f39e40a0389b9fc3644415bb6861be988e7af22fb4d27f3eb4a7c82698fd23a2015f954fb3e9c2b4629ec47b845de19989a6b38b0b6e26c74a680d6f04222f7fd8b490d59e132d5a52c398ff819b237f4a684bd42527f0694996bc7112497cdc9f33fdf2130a7d31f2da822d3ca832ba3100"/253, 0x0, 0xfffffff9, 0x0, 0x3, 0x0}) 3.056045503s ago: executing program 1 (id=9473): r0 = socket$inet_sctp(0x2, 0x5, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0xce2c, @remote}, 0xb) 2.958494443s ago: executing program 7 (id=9474): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="240000006800010002000000fcffff7f00000000000000000c00028001"], 0x24}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000) 2.725820324s ago: executing program 4 (id=9477): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) acct(0x0) 2.671993155s ago: executing program 1 (id=9478): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000f40)=ANY=[@ANYBLOB="60000000030801010000000000000000030000000600024088e700003c00048008000a400000000908000a40000000010800034000000008080008400000000008000140000000070c000b4000007fff08000240000000000500030006"], 0x60}}, 0x0) 2.635873022s ago: executing program 7 (id=9479): r0 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00') writev(r0, &(0x7f0000000400)=[{&(0x7f0000000280)='3', 0x1}, {&(0x7f0000000340)="2009f5", 0x3}], 0x2) 2.424687574s ago: executing program 4 (id=9483): r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.net/devices.allow\x00', 0x2, 0x48) write$cgroup_devices(r0, 0x0, 0xb) 2.362279977s ago: executing program 1 (id=9484): ioctl$FS_IOC_SETFSLABEL(0xffffffffffffffff, 0x890c, &(0x7f0000000000)="37c4a5e33a6081f2a3fcc30a2ea92ef80f6427c344d1178a1c43ca4f0000ec67b9f27cd83b08959c0e471c4ae78b9cc4c7603c7a040782f3c379a03019e3bfd92533743c915077dd984784f531853d184c539dcac54ff2e955ba3fd1c00b016be57263b9695d15c56bbfcc195f2becfab2fc273ea8aee645f9062c6ac6c6c02f59935620d42a59a7e285c4e602b45acbf3e1bfd871e98e4f37b281b5e13b55a48e24a9981b78fe161a9de127f5b2c8ae0a12cbc189b6a1f44e298ff0acca36aac1967ea538fb4d8ca3ddf9884b543d868eac5217ad9b6e5c0f7bba6311f4b36020ec81e814f17062e2d5766abba3d757582a9b922b726173db7a852dc7983fdc") syz_usb_connect(0x5, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000087f2bb4024042c017e22010203010902240001020000000904ae0002c39c2a0009059e02ff03000000090582"], 0x0) 2.305101506s ago: executing program 7 (id=9486): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x9, 0x0, &(0x7f0000000300)=0x9b) 2.161819312s ago: executing program 4 (id=9488): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x1, &(0x7f0000000480)=[&(0x7f0000ffc000/0x3000)=nil], 0x0, &(0x7f0000000000), 0x0) 2.076750261s ago: executing program 7 (id=9491): r0 = syz_usb_connect(0x5, 0x36, &(0x7f0000000a40)=ANY=[@ANYBLOB="12014101afb4f2102505a0a4f12b01fb03010902240001fe00c0000904eb02027f9c1f000905060220000200020905822b"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) 1.892166348s ago: executing program 4 (id=9494): syz_mount_image$udf(&(0x7f0000000100), &(0x7f0000000000)='./file0\x00', 0x2000003, &(0x7f0000000040)={[{@adinicb}, {@unhide}, {@anchor={'anchor', 0x3d, 0xec1}}, {@lastblock={'lastblock', 0x3d, 0x2}}, {@gid_ignore}, {@undelete}, {@volume={'volume', 0x3d, 0x7}}, {@gid_forget}, {@lastblock={'lastblock', 0x3d, 0x2}}]}, 0xde, 0xc2e, &(0x7f0000000f40)="$eJzs3U9sHNd9B/DfGy7FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIRRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cvHU6fSwWwEAPEiXR7966oz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7yWxqv3HfVL7f5bt8eGR7avdjhVNfuq8uVP/fSZs+e+9MLQ+W5eas98QP377bPx2ujVi42XZ2/OzU8tLExNNsZm2hOzk1O73sNe6291ojoBjZuv35q8fn2hceb5s5s+vj34/sATxwYvDD178plu2bHhkZHRjSL13vK1e25Ix04zPA5FEScjxXPf+2lqRUQRez8X9Qc79lsdrjpxourE2PBI1ZHpdmtmsfzwSvdEFBGNnkrN7jnafiyi1v9A+7CzZsRS2fyywSfK7o3OteZb16anGlda84vtxfbszJXUaW3Zn0YUcT5FLEfE6sDdu+uPImqR4jtH19K1iOjrnocvVhODd25HsY993IWynY3+iOXiERizA2wging1UvzsneMxka8z1bXmCxGvlvmDiLfKfCkilV+McxHvbfM94tFUiyL+shz/C2tpsroedK8rl77W+MrM9dmest3ryke8P9x1pXhI94fDW/LBOODXpnoU0aqu+Gvp3n+zAwAAAAAAAAAAAAAAAMD9djiK+EykeOU//qSaVxzVvPSjF4b+cPBX+3rKPf0h+0kR8XxELBW7m5N7KE8MvJKupPSQ5xI/zupRxJ/m+X/fetiNAQAAAAAAAAAAAAAAAAAAeKwV8ZNI8eK7x9Ny9K4p3p650bjaujbdWRW2u/Zvd8309fX19UbqZDPneM6lnMs5V3Ku5owi18/ZzDmecynncs6VnKs5oy/Xz9nMOZ5zKedyzpWcqzmjluvnbOYcz7mUcznnSs7VnHFA1u4FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPg4KaKIX0SKb39jLUWKiGbEeHRyZeBhtw4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA2kIr4fKRp/1LyzrRYRqfq343j5y7loHirzk9EcKvOlaF7M2aqy1vzWQ2g/e9OfivhxpBiov31nwPP493fe3fkaxFvf3Hj32Von+7ofDr4/8MSxoxeGRn7j6Z1ep+0acOJSe+bW7cbY8MjIaM/mWj76J3u2DebjFven60TEwhtvvt6anp6av/cX5VdgD9UfoRep9rj01IvqRdQORDMeTt95DJT3//cixe+++5/dG37n/l+PX+m8u3OHj5//2cb9/8WtO9rl/b+2tV6+/5f39O3u/0/2bHsx/26kvxZRX7w5138sor7wxpsn2zdbN6ZuTM2cO3Xqy0NDXz57qv9QRP16e3qq59V9OV0AAAAAAAAAAAAAAAAAD04q4vcjRevHa6kREber+VqDF4aePflMX/RV8602zdt+bfTqxcbLszfn5qcWFqYmG2Mz7YnZyandHq5eTfcaGx7Zl858qMP73P7D9Zdn596Yb9/448VtPz9Sv3htYXG+NbH9x3E4iohm75YTVYPHhkeqRk+3WzNV1SvbTqb/6PpTEf8VKSbONdLn87Y8/3/rDP9N8/+Xtu5on+b/f6JnW3nMlIr4eaT4nb96Oj5ftfNI3HXOcrm/ixQnzn8ul4tDZbluGzrPFejMDCzL/l+k+KdfbC7bnQ/55EbZ07s+sY+IcvyPRorv/8V34zfzts3Pf9h+/I9s3dE+jf9TPduObHpewZ67Th7/k5HipSffjt/K2z7o+R/dZ28cz4XvPJ9jn8b/Uz3bBvNxf/v+dB0AAAAAAAAAAOCR1p+K+PtI8cORWnohb9vN3/+b3Lqjffr7X5/u2TZ5f9Yr+tAXez6pAAAAAHBA9KcifhIpbiy+fWcO9eb53z3zP39vY/7ncNryafXnfL9WPTfgfv75X6/BfNzxvXcbAAAAAAAAAAAAAAAAAAAADpSUinghr6c+Xs3nn9xxPfWVSPHK/zyXy6VjZbnuOvCD1a/1y7MzJy9OT89OtBZb16anGqNzrYmpsu5TkWLtbz+X6xbV+urd9eY7a7xvrMU+HylG/qFbtrMWe3dt8qc2yp4uy34iUvz3P24u213H+lMbZc+UZf8mUnz9X7Yve2yj7Nmy7HcjxY++3uiWPVKW7T4f9dMbZZ+fmC32YVQAAAAAAAAAAAAAAAAAAAB43PSnIv48UvzvzeU7c/nz+v/9PW8rb32zZ73/LW5X6/wPVuv/7/T6Xtb/r54rsLTTUQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4OMpRRFvRoq5y2tpZaB831G/1J65dXtseGT7aodTVbOvKl/+1E+fOXvuSy8Mne/mB9e/3z4Tr41evdh4efbm3PzUwsLUZGNspj0xOzm16z3stf5WJ6oT0Lj5+q3J69cXGmeeP7vp49uD7w88cWzwwtCzJ5/plh0bHhkZ7SlT67/no98l7bD9UBTx15Hiue/9NP1wIKKIvZ+LD/nu7LfDVSdOVJ0YGx6pOjLdbs0slh9e6Z6IIqLRU6nZPUcPYCz2pBmxVDa/bPCJsnujc6351rXpqcaV1vxie7E9O3MldVpb9qcRRZxPEcsRsTpw9+76o4jXI8V3jq6lfx2I6Ouehy9eHv3qqTM7t6PYxz7uQtnORn/EcvEIjNkBNhBF/HOk+Nk7x+PfBiJq0fmJL0S8WuYPIt6Kznin8otxLuK9bb5HPJpqUcT/l+N/YS29M1BeD7rXlUtfa3xl5vpsT9nudeWRvz88SAf82lSPIn5UXfHX0r/77xoAAAAAAAAAAAAAAADgACni1yPFi+8eT9X84DtzitszNxpXW9emO9P6unP/unOm19fX1xupk82c4zmXci7nXMm5mjOKXD9ns8z6+vp4fr+UcznnSs7VnNGX6+ds5hzPuZRzOedKztWcUcv1czZzjudcyrmccyXnas44IHP3AAAAAAAAAAAAAAAAAACAj5ei+ifFt7+xltYHOutLj0cnV6wH+rH3ywAAAP//Iun4rQ==") mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) 1.598576716s ago: executing program 2 (id=9498): r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000000)="1c0000001a005f0214f9f407000904001f000000fe000000000a0000", 0x1c) 1.485078176s ago: executing program 4 (id=9499): r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2) ioctl$VIDIOC_S_PARM(r0, 0xc0cc5616, &(0x7f0000000080)={0x3, @raw_data="8cf9f02a621928a69a1bc57e688d8f2402d5403159684eab54d5b63530b9cbdd587d2f1a95c8e875abf03b764af033a9a1f43ea750fce860068eb3c8dc8b763fd891656a71b21bf63c67e50f4c81f7472ef086b1a4af4b886d961b6fc22fa5d54e544bd667a20e76f28ab7a5d92634ec34eaf59df3af177cb06180b8de7ab4592c60685e184152a180ead7e1959c187653b875de42c6b8ef7449428b2166c06f716650ee2cc740bc1424b0ba642c096facd6a876b748ea7424aeb3aa1398554a5ad7441d4324f938"}) 1.389824094s ago: executing program 8 (id=9500): r0 = socket(0x40000000015, 0x5, 0x0) setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x3f, &(0x7f0000000680)=0x1, 0x4) 1.226378051s ago: executing program 2 (id=9501): r0 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000140), 0x840, 0x0) ioctl$DRM_IOCTL_VERSION(r0, 0xc0406400, &(0x7f0000002200)={0xdf, 0x4, 0xffff6cc0, 0x0, 0x0, 0x0, 0x0, 0x1000, &(0x7f0000001200)=""/4096}) 1.218716961s ago: executing program 0 (id=9502): r0 = socket$xdp(0x2c, 0x3, 0x0) getsockopt$XDP_STATISTICS(r0, 0x11b, 0x7, 0x0, &(0x7f0000000380)) 1.151432304s ago: executing program 8 (id=9503): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000640)={r0, 0xe0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf1, 0x8, 0x0, 0x0}}, 0x10) 1.081521377s ago: executing program 0 (id=9504): r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$RDS_RECVERR(r0, 0x114, 0x1d, &(0x7f0000000480)=0x1, 0x4) 1.032342011s ago: executing program 4 (id=9505): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000180)=ANY=[@ANYBLOB="380000004900010029bd7000ffdbdf250a008000", @ANYRES32, @ANYBLOB="f9ffffff1400010000000000000000000000000000000001080002"], 0x38}, 0x1, 0x0, 0x0, 0x4008840}, 0x4008084) 695.554273ms ago: executing program 35 (id=9505): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000180)=ANY=[@ANYBLOB="380000004900010029bd7000ffdbdf250a008000", @ANYRES32, @ANYBLOB="f9ffffff1400010000000000000000000000000000000001080002"], 0x38}, 0x1, 0x0, 0x0, 0x4008840}, 0x4008084) 688.779831ms ago: executing program 0 (id=9507): r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) fcntl$dupfd(r0, 0x406, r0) 682.77428ms ago: executing program 2 (id=9508): r0 = syz_open_dev$swradio(&(0x7f00000012c0), 0x1, 0x2) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000080)={0xb, @raw_data="4355303869080408cd249ec7efb301198680b5be6e23aeee037757247f8e7cf0314d80d8580d64e14364154a0a387d927cd57e123ba1efbe01652a5f640684fa5e893e897ccc3074465e163176e53cd24bf2af34498cc63505008850dd4c66c27b1a79895f7fd2f1e0808bce73abcfc38c2403597d41733d28f53f05bb06b0d4f2abb107a766aeb4184284d3088a97541741bb90239de08950c97b7a438137b639689d695fd868a1a509524b4a3a3d3e5afbd859c1ec4e282a50c8b1a2d85bdb653a9ce0918200"}) 682.40942ms ago: executing program 8 (id=9509): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x40d, 0x30bd2c, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8209}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x5}, @IFLA_BOND_MIIMON={0x8}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x400c}, 0x0) 599.693216ms ago: executing program 1 (id=9510): r0 = socket$inet(0x2, 0x3, 0x7f) setsockopt$inet_int(r0, 0x0, 0x16, 0x0, 0x0) 544.609519ms ago: executing program 0 (id=9511): r0 = socket$xdp(0x2c, 0x3, 0x0) accept$nfc_llcp(r0, 0x0, 0x0) 528.602553ms ago: executing program 2 (id=9512): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x202) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r0, 0xc0bc5351, &(0x7f0000000040)={0xf, 0x2, 'client1\x00', 0x4, "70067ad327c699d3", "78a45e16571ec69bc5afc81e679e50b0d40d6a65820e48ce9b168132d17e5813", 0xffffff2a, 0x7fff}) 377.046758ms ago: executing program 2 (id=9513): r0 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2) ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205649, &(0x7f0000000080)={0x0, 0x1, 0x6, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x98f90a, 0x78, '\x00', @string=&(0x7f0000000040)=0x4}}) 345.512855ms ago: executing program 1 (id=9514): r0 = io_uring_setup(0x17, &(0x7f0000000680)={0x0, 0x5b23, 0x0, 0x1, 0x351}) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x19, &(0x7f0000000300), 0x0) 292.228134ms ago: executing program 0 (id=9515): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_GETKMSGREDIRECT(r0, 0x4b4b, 0x0) 277.651455ms ago: executing program 8 (id=9516): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_STAT_GET(r0, &(0x7f0000001680)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000240)={0x18, 0x1411, 0x1, 0x70bd29, 0x25dfdbfa, "", [@RDMA_NLDEV_ATTR_STAT_RES={0x8, 0x4b, 0x28}]}, 0x18}, 0x1, 0x0, 0x0, 0x80c4}, 0x20000040) 144.827347ms ago: executing program 8 (id=9517): r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341) ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200)=@usbdevfs_driver={0x1, 0x587fa938, 0x0}) 59.6914ms ago: executing program 2 (id=9518): syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f00000001c0)='./file1\x00', 0x0, &(0x7f0000000040)=ANY=[], 0x1, 0x6c1, &(0x7f00000003c0)="$eJzs3U9sHFcdB/DvbJx1NqDEbdM0IKRajVRBIxI7q5IgITUghHKIUFQuvVqJ01hx0spxkVshsgEKEidOqAcORcgcekIIIZUTopyRkLhw8j0SNw45AItmdna9tjeO3cRZt/18pPF7s2/ee7/5Zf7srh1NgM+si6/lYCdFLp66tFKur622F9dW2zf79SSTSRrJRK9I0UqKj5IL6S35QvliPVzxoHlevvdhMfHeB+3e2kS9VNs3tuu3xcgtO8mhwcqBJNO96n92POyW8aqlGufK+ng7MDnitWIQd5mwk/3Ewbh1t+isNzYe2n3n5y2wb93p3Te3mEoOp3d3re5s9dXh4VeG8Tg6VN/22tTZ+1gAAABgr438LD/s6P3cz0qOPJlwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4NOh6D0zsFU/N7/RK1/NdIr+8/+bQ8/Ub4453Ef07rWqePXouAMBAAAAAAAAgEfy/P3cz0qO9Ne7RfU7/xeqlWPVz8/lrdzOfJZyOiuZy3KWs5TZJFNDAzVX5paXl2a39vxlyp7dbvdO3fPsoGf/rwfKnmc3xtXZHOiovzTYshEAAAAAAAAAfGb9KBfXf/8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7QZEc6BXVcqxfn0pjIsmhJM1ierB5c6zBPgZ/HncAAAAAsPdadXmk+F+v0i2qz/zHq8/9h/JWbmU5C1nOYuZztfouoPepv/H3TntxbbV9s1y2DvzNf+0qjmrE9L57GD3zTLXFs4MeF/OdfC+nMp3LWcpCvp+5LGc+0/l2VZtLkan624uptdVW+rFujffChrXLm2N7fqhexneiiqSVa1moYjudK81+6I16uxNDs/2xmWya8W6ZneKV2g5zdLUuyz36RV3uD1PVnh8cZGSmzn2ZjaeG874197s8TjbPNJvG4DuoY2ur7SLp1KubZ/pYOT9cl2Wuf7q3Od/lV2kbM9H5ebnWP/qOb5/z5Cv/+Mvl641bN65fu31q/xxGH9PmY6I9lInndpSJxTITnUfIxKFHif/xadbZ6F1Fd3e1fKHqeyQL+W7eyNXM51xmMpvzmcnXczbtnB3K67Pb57U61xq7O9dOfrmulPeknw3dm56YyQc1lHl9aiivw1e6qapt+JX1LD29gywVzYzO0j9HhjLxxbpSzvHjoTvO+G3IxGSqa3M/ume2z8Sv/9tNcnvx1o2l63Nv7nC+F+uyPG3f3Xht/s1j2aHdq3e3PF6eLv+x0rttDB8dZdsz/bYNR85s1XZs0LbxPtdspjqfe20PO1PLkY7fHTVSr+25kbO0q7YTQ20b3uXkjSwO3oUAsI8dfulws3Wv9bfW+62ftK63Lh361uT5yS81c/CvE3868LvGbxvfKF7K+/lhjow7UgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+DS4/fY7N+YWF+eX9mEljcc84N2RTf1U9F5p7o99/6RWJrc7on6fZJvuzXHE3EqyL1KXiScw12RGNF0avNJKGoN4ktzYJw+4A/bCmeWbb565/fY7X124Off6/Ovzt86eP/fKufbXZu+cubawOD/T+znuKIG9sP42YNyRAAAAAAAAAAAAADv1JP57w4hpi84Y9hUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4ZLr4Wg52UmR25vRMub622l4sl359fcuJJI0kxQ+S4qPkQnpLpoaGK4bHLrrr9ZfvffirF9/7oL0+1kR/+8amfn/4d7e7y73o1Eumkxyoy6RZN7ce0G1yR+NdKcvPrzfsXjHYwzJhJ/uJg3H7fwAAAP//VngE7g==") removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='user.incfs.metadata\x00') 44.652725ms ago: executing program 1 (id=9519): r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3) setsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, &(0x7f00000000c0)={0x9, 0xd}, 0x2) 22.615607ms ago: executing program 0 (id=9520): r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000140)) 0s ago: executing program 8 (id=9521): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000d00)=ANY=[@ANYBLOB="18020000000000000000000000008000850000006100000085000000d000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r0, 0x0, 0x22, 0x0, &(0x7f00000004c0)="243c42e8680d85ffff03762f080071127b58425eb52211fd029ba6ceb3bf7561c701", 0x0, 0x2200, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) kernel console output (not intermixed with test programs): t: type=1800 audit(2000000351.945:125): pid=24338 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.8013" name="file2" dev="loop6" ino=89 res=0 errno=0 [ 799.632774][ T3547] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 799.872393][ T3547] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 799.894089][ T5852] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 799.897163][ T5852] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 799.897893][ T5852] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 799.909988][ T5852] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 799.911262][ T5852] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 800.019753][T24350] wlan0 speed is unknown, defaulting to 1000 [ 800.032427][T24350] vxcan1 speed is unknown, defaulting to 1000 [ 800.114663][ T5969] usb 2-1: new high-speed USB device number 116 using dummy_hcd [ 800.305071][ T5969] usb 2-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 800.381534][ T5969] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 800.409184][ T5969] usb 2-1: Product: syz [ 800.426072][ T5969] usb 2-1: Manufacturer: syz [ 800.438905][ T5969] usb 2-1: SerialNumber: syz [ 800.455798][T24367] loop2: detected capacity change from 0 to 256 [ 800.465408][ T5969] r8152-cfgselector 2-1: Unknown version 0x0000 [ 800.493072][ T5969] r8152-cfgselector 2-1: config 0 descriptor?? [ 800.495741][T24370] xt_NFQUEUE: number of queues (65535) out of range (got 65541) [ 800.633959][T24367] FAT-fs (loop2): Directory bread(block 64) failed [ 800.672689][T24367] FAT-fs (loop2): Directory bread(block 65) failed [ 800.733815][T24367] FAT-fs (loop2): Directory bread(block 66) failed [ 800.740383][T24367] FAT-fs (loop2): Directory bread(block 67) failed [ 800.773906][T24367] FAT-fs (loop2): Directory bread(block 68) failed [ 800.843905][T24367] FAT-fs (loop2): Directory bread(block 69) failed [ 800.861009][T24367] FAT-fs (loop2): Directory bread(block 70) failed [ 800.894846][T24367] FAT-fs (loop2): Directory bread(block 71) failed [ 800.925025][T24367] FAT-fs (loop2): Directory bread(block 72) failed [ 800.952126][ T5969] r8152-cfgselector 2-1: USB disconnect, device number 116 [ 800.973130][T24367] FAT-fs (loop2): Directory bread(block 73) failed [ 801.933717][ T52] Bluetooth: hci3: command tx timeout [ 801.980137][ T3547] team0: Port device geneve0 removed [ 802.277264][T24419] loop2: detected capacity change from 0 to 1024 [ 802.302914][T24419] EXT4-fs: Ignoring removed oldalloc option [ 802.331254][T24419] EXT4-fs: Ignoring removed bh option [ 802.352009][T24395] loop4: detected capacity change from 0 to 32768 [ 802.418172][T24395] read_mapping_page failed! [ 802.430823][T24395] ERROR: (device loop4): txCommit: [ 802.430823][T24395] [ 802.449864][T24419] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 802.504872][T24419] cgroup: release_agent respecified [ 802.584180][ T5842] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 802.610151][ T3547] bond0 (unregistering): (slave wlan1): Releasing backup interface [ 802.754962][ T3547] bond0 (unregistering): Released all slaves [ 802.797155][ T3547] bond1 (unregistering): Released all slaves [ 802.834278][ T3547] bond2 (unregistering): Released all slaves [ 802.867807][T24402] : renamed from veth0_to_bond (while UP) [ 802.874735][T24350] wg0 speed is unknown, defaulting to 1000 [ 802.899764][T24429] netlink: 16 bytes leftover after parsing attributes in process `syz.6.8048'. [ 803.123914][T24438] loop0: detected capacity change from 0 to 256 [ 803.184816][T24438] FAT-fs (loop0): Directory bread(block 64) failed [ 803.192241][T24438] FAT-fs (loop0): Directory bread(block 65) failed [ 803.201544][T24440] RDS: rds_bind could not find a transport for fc02::, load rds_tcp or rds_rdma? [ 803.239210][T24438] FAT-fs (loop0): Directory bread(block 66) failed [ 803.245748][T24438] FAT-fs (loop0): Directory bread(block 67) failed [ 803.248505][T24444] ieee802154 phy0 wpan0: encryption failed: -90 [ 803.315176][T24438] FAT-fs (loop0): Directory bread(block 68) failed [ 803.328563][T24438] FAT-fs (loop0): Directory bread(block 69) failed [ 803.335320][T24438] FAT-fs (loop0): Directory bread(block 70) failed [ 803.342093][T24438] FAT-fs (loop0): Directory bread(block 71) failed [ 803.349918][T24438] FAT-fs (loop0): Directory bread(block 72) failed [ 803.357556][T24438] FAT-fs (loop0): Directory bread(block 73) failed [ 803.480733][ T6021] usb 5-1: new high-speed USB device number 118 using dummy_hcd [ 803.669707][ T6021] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 803.696138][ T6021] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 803.722040][ T6021] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 803.741745][ T6021] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0 [ 803.772856][ T6021] usb 5-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 803.801642][ T6021] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 803.849997][ T6021] usb 5-1: config 0 descriptor?? [ 803.894658][T24464] loop1: detected capacity change from 0 to 512 [ 803.913691][T24464] EXT4-fs: Ignoring removed bh option [ 803.925628][ T52] Bluetooth: hci3: command tx timeout [ 803.954606][T24464] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 804.004086][T24464] EXT4-fs (loop1): 1 truncate cleaned up [ 804.024061][T24464] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 804.075666][T24350] chnl_net:caif_netlink_parms(): no params data found [ 804.088224][ T6021] hdpvr 5-1:0.0: firmware version 0x15 dated &S3;x&X^ wΖ g/ n# [ 804.292630][ T6021] hdpvr 5-1:0.0: device init failed [ 804.313472][ T6021] hdpvr 5-1:0.0: probe with driver hdpvr failed with error -12 [ 804.373280][ T5847] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 804.392936][ T6021] usb 5-1: USB disconnect, device number 118 [ 804.400511][T24483] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8065'. [ 805.025634][T24503] geneve2: entered promiscuous mode [ 805.198443][T24514] loop0: detected capacity change from 0 to 512 [ 805.229446][T24350] bridge0: port 1(bridge_slave_0) entered blocking state [ 805.242216][T24514] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 805.258568][T24350] bridge0: port 1(bridge_slave_0) entered disabled state [ 805.286687][T24350] bridge_slave_0: entered allmulticast mode [ 805.322780][T24350] bridge_slave_0: entered promiscuous mode [ 805.330332][T24514] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e02c, mo2=0002] [ 805.363483][T24514] EXT4-fs (loop0): orphan cleanup on readonly fs [ 805.370301][ T3420] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 805.379528][T24514] EXT4-fs error (device loop0): ext4_orphan_get:1417: comm syz.0.8078: bad orphan inode 267 [ 805.407821][T24514] EXT4-fs (loop0): Remounting filesystem read-only [ 805.454906][T24514] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 805.502656][T24350] bridge0: port 2(bridge_slave_1) entered blocking state [ 805.502791][T24350] bridge0: port 2(bridge_slave_1) entered disabled state [ 805.503006][T24350] bridge_slave_1: entered allmulticast mode [ 805.513415][T24350] bridge_slave_1: entered promiscuous mode [ 805.515029][ T3420] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 805.582790][T24514] EXT4-fs warning (device loop0): dx_probe:861: inode #2: comm syz.0.8078: dx entry: limit 0 != root limit 125 [ 805.582873][T24514] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.8078: Corrupt directory, running e2fsck is recommended [ 805.731067][ T5854] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 805.750885][ T3420] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 805.750952][ T3420] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 805.808339][T24350] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 805.845463][T24536] loop1: detected capacity change from 0 to 256 [ 805.862048][T24350] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 805.888862][ T52] Bluetooth: hci3: command tx timeout [ 805.929252][T24536] FAT-fs (loop1): Directory bread(block 64) failed [ 805.929290][T24536] FAT-fs (loop1): Directory bread(block 65) failed [ 805.929382][T24536] FAT-fs (loop1): Directory bread(block 66) failed [ 805.929417][T24536] FAT-fs (loop1): Directory bread(block 67) failed [ 805.929502][T24536] FAT-fs (loop1): Directory bread(block 68) failed [ 805.929533][T24536] FAT-fs (loop1): Directory bread(block 69) failed [ 805.929626][T24536] FAT-fs (loop1): Directory bread(block 70) failed [ 805.929656][T24536] FAT-fs (loop1): Directory bread(block 71) failed [ 805.929741][T24536] FAT-fs (loop1): Directory bread(block 72) failed [ 805.929772][T24536] FAT-fs (loop1): Directory bread(block 73) failed [ 806.203312][T24350] team0: Port device team_slave_0 added [ 806.207337][T24350] team0: Port device team_slave_1 added [ 806.261884][T24548] loop6: detected capacity change from 0 to 256 [ 806.697403][T24559] loop0: detected capacity change from 0 to 8 [ 806.766789][T24350] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 806.795942][T24559] SQUASHFS error: Unable to read directory block [629:0] [ 806.829441][T24350] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 806.957702][T24350] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 807.105395][T24564] loop1: detected capacity change from 0 to 4096 [ 807.318454][T24564] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 807.353206][T24350] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 807.384843][T24350] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 807.394756][T24564] ntfs3(loop1): ino=5, "/" indx_read [ 807.512879][T24350] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 807.737750][ T5847] ntfs3(loop1): ino=9, ntfs_sync_fs failed, -22. [ 807.877834][ T52] Bluetooth: hci3: command tx timeout [ 808.127429][T24350] hsr_slave_0: entered promiscuous mode [ 808.155214][T24350] hsr_slave_1: entered promiscuous mode [ 808.205579][T24350] debugfs: 'hsr0' already exists in 'hsr' [ 808.242426][T24350] Cannot create hsr debugfs directory [ 808.342390][T24572] loop2: detected capacity change from 0 to 32768 [ 808.384171][T24572] btrfs: Deprecated parameter 'usebackuproot' [ 808.390654][T24572] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 808.458774][T24572] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.8103 (24572) [ 808.465041][T24602] loop6: detected capacity change from 0 to 4096 [ 808.516088][T24602] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512). [ 808.572258][ T3547] hsr_slave_0: left promiscuous mode [ 808.580231][T24609] loop4: detected capacity change from 0 to 2048 [ 808.603545][T24572] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 808.619283][T24602] ntfs3(loop6): ino=19, mi_enum_attr [ 808.634699][T24609] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 808.646811][T24602] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 808.665341][ T3547] hsr_slave_1: left promiscuous mode [ 808.665379][T24572] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm [ 808.789352][ T3547] veth1_macvtap: left promiscuous mode [ 808.816264][ T3547] veth0_macvtap: left promiscuous mode [ 808.828822][ T3547] veth1_vlan: left promiscuous mode [ 808.846104][ T3547] veth0_vlan: left promiscuous mode [ 809.044599][T24572] BTRFS info (device loop2): rebuilding free space tree [ 809.124774][T24572] BTRFS info (device loop2): allowing degraded mounts [ 809.167101][T24572] BTRFS info (device loop2): enabling ssd optimizations [ 809.202025][T24572] BTRFS info (device loop2): turning on flush-on-commit [ 809.239168][T24572] BTRFS info (device loop2): enabling free space tree [ 809.246448][ T6109] usb 2-1: new high-speed USB device number 117 using dummy_hcd [ 809.275439][T24572] BTRFS info (device loop2): force clearing of disk cache [ 809.305246][T24572] BTRFS info (device loop2): trying to use backup root at mount time [ 809.324343][T24572] BTRFS info (device loop2): use zstd compression, level 3 [ 809.336972][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 809.346402][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 809.433947][ T6109] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023 [ 809.478276][ T6109] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A [ 809.525960][ T6109] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121 [ 809.568041][ T6109] usb 2-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10 [ 809.612711][ T6109] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 809.650926][ T6109] usb 2-1: Product: syz [ 809.655315][ T6109] usb 2-1: Manufacturer: syz [ 809.673224][ T5842] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 809.687752][ T6109] usb 2-1: SerialNumber: syz [ 809.717110][ T6109] usb 2-1: config 0 descriptor?? [ 809.722930][T24628] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 809.754374][T24628] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 809.796227][ T6109] usb 2-1: ucan: probing device on interface #0 [ 810.116976][ T6010] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 810.184470][ T6109] usb 2-1: ucan: failed to retrieve device info [ 810.190745][ T6109] usb 2-1: ucan: probe failed; try to update the device firmware [ 810.225551][T24653] SET target dimension over the limit! [ 810.263677][ T6109] usb 2-1: USB disconnect, device number 117 [ 810.293905][ T6010] usb 7-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 810.329799][ T6010] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 810.333121][T24655] loop4: detected capacity change from 0 to 128 [ 810.370171][ T6010] usb 7-1: config 0 descriptor?? [ 810.434912][T24655] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 810.482383][T24655] ext4 filesystem being mounted at /1417/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 810.572076][ T5840] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 810.624518][ T6010] udl 7-1:0.0: [drm] Unrecognized vendor firmware descriptor [ 810.823034][ T6010] [drm:udl_init] *ERROR* Selecting channel failed [ 810.872444][ T6010] [drm] Initialized udl 0.0.1 for 7-1:0.0 on minor 2 [ 810.923080][ T6010] [drm] Initialized udl on minor 2 [ 810.961082][ T6010] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 810.986020][T24670] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8138'. [ 810.997702][ T6010] udl 7-1:0.0: [drm] Cannot find any crtc or sizes [ 811.008635][ T6292] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 811.032030][ T6010] usb 7-1: USB disconnect, device number 2 [ 811.041042][ T6292] udl 7-1:0.0: [drm] Cannot find any crtc or sizes [ 811.692598][T24693] netlink: 'syz.6.8148': attribute type 2 has an invalid length. [ 812.201569][T24714] netlink: 64 bytes leftover after parsing attributes in process `syz.6.8158'. [ 812.202683][T24713] netlink: 'syz.4.8157': attribute type 9 has an invalid length. [ 812.383623][T13119] usb 1-1: new high-speed USB device number 113 using dummy_hcd [ 812.565643][T13119] usb 1-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7 [ 812.602278][T13119] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 812.622233][T13119] usb 1-1: Product: syz [ 812.626402][T13119] usb 1-1: Manufacturer: syz [ 812.630990][T13119] usb 1-1: SerialNumber: syz [ 812.687189][T13119] usb 1-1: config 0 descriptor?? [ 812.928865][T24737] netlink: 'syz.2.8170': attribute type 10 has an invalid length. [ 812.946443][T24737] netlink: 40 bytes leftover after parsing attributes in process `syz.2.8170'. [ 812.981750][T24740] loop1: detected capacity change from 0 to 512 [ 813.075232][T24740] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 813.107235][T13119] usb 1-1: f81604_write: reg: 105 data: 99 failed: -EPROTO [ 813.127556][T13119] f81604 1-1:0.0: Setting termination of CH#0 failed: -EPROTO [ 813.130332][T24740] ext4 filesystem being mounted at /1399/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 813.137967][T13119] f81604 1-1:0.0: probe with driver f81604 failed with error -71 [ 813.168189][T13119] usb 1-1: USB disconnect, device number 113 [ 813.272181][T24740] Quota error (device loop1): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8 [ 813.290523][T24740] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 813.331550][T24740] EXT4-fs error (device loop1): ext4_acquire_dquot:6986: comm syz.1.8171: Failed to acquire dquot type 0 [ 813.444650][ T5847] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 813.909738][T24737] net veth1_virt_wifi virt_wifi0: entered promiscuous mode [ 813.947665][T24737] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 813.988792][T24737] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check. [ 814.003479][T24764] xt_NFQUEUE: number of total queues is 0 [ 814.445564][ T6010] usb 3-1: new high-speed USB device number 119 using dummy_hcd [ 814.624088][ T6010] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 814.661373][ T6010] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 814.692064][ T6010] usb 3-1: config 0 descriptor?? [ 814.921810][T24760] loop1: detected capacity change from 0 to 32768 [ 814.998944][T24760] OCFS2: ERROR (device loop1): int ocfs2_validate_inode_block(struct super_block *, struct buffer_head *): Invalid dinode #4104: signature = INODE [ 815.074704][T24760] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 815.123647][ T6010] ath6kl: Failed to submit usb control message: -71 [ 815.131705][T24760] OCFS2: File system is now read-only. [ 815.146556][ T6010] ath6kl: unable to send the bmi data to the device: -71 [ 815.170252][T24760] (syz.1.8180,24760,1):ocfs2_read_locked_inode:599 ERROR: status = -30 [ 815.176948][ T6010] ath6kl: Unable to send get target info: -71 [ 815.181443][T24350] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 815.208709][ T6010] ath6kl: Failed to init ath6kl core: -71 [ 815.241621][T24760] (syz.1.8180,24760,1):_ocfs2_get_system_file_inode:144 ERROR: status = -30 [ 815.263820][T24350] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 815.268855][ T6010] ath6kl_usb 3-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 815.279926][T24760] (syz.1.8180,24760,1):ocfs2_init_local_system_inodes:496 ERROR: status=-30, sysfile=7, slot=0 [ 815.342179][T24350] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 815.354346][ T6010] usb 3-1: USB disconnect, device number 119 [ 815.358927][T24760] (syz.1.8180,24760,1):ocfs2_init_local_system_inodes:505 ERROR: status = -30 [ 815.405753][T24803] netlink: 'syz.6.8196': attribute type 1 has an invalid length. [ 815.406509][T24760] (syz.1.8180,24760,1):ocfs2_mount_volume:1758 ERROR: status = -30 [ 815.445842][T24803] netlink: 'syz.6.8196': attribute type 1 has an invalid length. [ 815.454507][T24350] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 815.474255][T24760] (syz.1.8180,24760,0):ocfs2_fill_super:1177 ERROR: status = -30 [ 815.565218][ T6292] usb 1-1: new high-speed USB device number 114 using dummy_hcd [ 815.729145][ T6292] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 815.782379][ T6292] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 815.822494][ T31] audit: type=1326 audit(2000000368.952:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24817 comm="syz.6.8198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17b0f8f749 code=0x7ffc0000 [ 815.858198][ T6292] usb 1-1: config 0 descriptor?? [ 815.891298][T24350] 8021q: adding VLAN 0 to HW filter on device bond0 [ 815.916218][ T31] audit: type=1326 audit(2000000368.962:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24817 comm="syz.6.8198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f17b0f8f749 code=0x7ffc0000 [ 816.025149][T24350] 8021q: adding VLAN 0 to HW filter on device team0 [ 816.077538][ T31] audit: type=1326 audit(2000000369.057:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24822 comm="syz.6.8198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f17b0fc2005 code=0x7ffc0000 [ 816.142109][ T6292] udl 1-1:0.0: [drm] Unrecognized vendor firmware descriptor [ 816.148647][ T31] audit: type=1326 audit(2000000369.067:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24817 comm="syz.6.8198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17b0f8f749 code=0x7ffc0000 [ 816.241402][ T31] audit: type=1326 audit(2000000369.067:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24817 comm="syz.6.8198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17b0f8f749 code=0x7ffc0000 [ 816.326684][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 816.331092][ T6292] [drm:udl_init] *ERROR* Selecting channel failed [ 816.333916][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 816.354967][ T31] audit: type=1326 audit(2000000369.214:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24822 comm="syz.6.8198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f17b0f8f749 code=0x7ffc0000 [ 816.428714][ T6292] [drm] Initialized udl 0.0.1 for 1-1:0.0 on minor 2 [ 816.507534][ T6292] [drm] Initialized udl on minor 2 [ 816.519979][ T6292] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 816.557977][ T6292] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 816.594778][ T5811] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 816.602792][ T5811] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 816.623948][ T6292] usb 1-1: USB disconnect, device number 114 [ 816.686035][ T6022] bridge0: port 2(bridge_slave_1) entered blocking state [ 816.693220][ T6022] bridge0: port 2(bridge_slave_1) entered forwarding state [ 817.029411][T24850] ubi31: attaching mtd0 [ 817.053402][ T6292] wlan0 speed is unknown, defaulting to 1000 [ 817.065435][T24850] ubi31: scanning is finished [ 817.080972][ T6292] syz1: Port: 1 Link DOWN [ 817.096028][T24850] ubi31: empty MTD device detected [ 817.302758][T24825] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 817.304050][T24850] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 817.321487][T24850] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 817.348912][T24825] Bluetooth: hci6: Error when powering off device on rfkill (-4) [ 817.349388][T24850] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 817.398810][T24862] openvswitch: netlink: Tunnel attr 140 out of range max 16 [ 817.418587][T24850] ubi31: VID header offset: 64 (aligned 64), data offset: 128 [ 817.449766][T24850] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 817.497258][T24850] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 817.508231][ T5811] usb 1-1: new high-speed USB device number 115 using dummy_hcd [ 817.534241][T24850] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 748801805 [ 817.595464][T24850] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 817.666399][T24859] ubi31: background thread "ubi_bgt31d" started, PID 24859 [ 817.712690][ T5811] usb 1-1: config 0 has an invalid interface number: 69 but max is 0 [ 817.738559][ T5811] usb 1-1: config 0 has no interface number 0 [ 817.756275][ T5811] usb 1-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023 [ 817.813936][ T5811] usb 1-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 817.825291][T24825] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 817.831191][T24825] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 817.874631][ T5811] usb 1-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca [ 817.899087][ T5811] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 817.953340][ T5811] usb 1-1: Product: syz [ 817.998864][ T5811] usb 1-1: Manufacturer: syz [ 818.003481][ T5811] usb 1-1: SerialNumber: syz [ 818.043138][ T5811] usb 1-1: config 0 descriptor?? [ 818.061911][T24858] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 818.092224][ T5811] cyberjack 1-1:0.69: Reiner SCT Cyberjack USB card reader converter detected [ 818.165914][ T5811] usb 1-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0 [ 818.311276][T24350] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 818.377144][ C0] cyberjack ttyUSB0: cyberjack_read_int_callback - failed resubmitting read urb, error -22 [ 818.378426][ T31] audit: type=1326 audit(2000000371.629:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24888 comm="syz.6.8226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17b0f8f749 code=0x7ffc0000 [ 818.570182][ T5969] usb 1-1: USB disconnect, device number 115 [ 818.584687][ T31] audit: type=1326 audit(2000000371.629:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24888 comm="syz.6.8226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17b0f8f749 code=0x7ffc0000 [ 818.671043][ T5969] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0 [ 818.718380][ T31] audit: type=1326 audit(2000000371.639:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24888 comm="syz.6.8226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17b0f8f749 code=0x7ffc0000 [ 818.756832][ T5969] cyberjack 1-1:0.69: device disconnected [ 818.826118][ T31] audit: type=1326 audit(2000000371.639:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24888 comm="syz.6.8226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7f17b0f8f749 code=0x7ffc0000 [ 818.930433][ T31] audit: type=1326 audit(2000000371.639:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24888 comm="syz.6.8226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17b0f8f749 code=0x7ffc0000 [ 819.117682][ T31] audit: type=1326 audit(2000000371.639:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24888 comm="syz.6.8226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17b0f8f749 code=0x7ffc0000 [ 819.261261][ T31] audit: type=1326 audit(2000000371.639:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24888 comm="syz.6.8226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17b0f8f749 code=0x7ffc0000 [ 819.404170][ T31] audit: type=1326 audit(2000000371.639:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24888 comm="syz.6.8226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f17b0f8f749 code=0x7ffc0000 [ 819.566305][ T31] audit: type=1326 audit(2000000371.639:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24888 comm="syz.6.8226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f17b0f8f749 code=0x7ffc0000 [ 819.670405][T24927] loop0: detected capacity change from 0 to 4096 [ 819.710472][T24927] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512). [ 819.742838][T24935] loop6: detected capacity change from 0 to 1024 [ 819.857372][T24935] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 819.888152][T24350] veth0_vlan: entered promiscuous mode [ 819.999802][T24935] EXT4-fs error (device loop6): ext4_empty_dir:3075: inode #11: comm syz.6.8242: invalid size [ 820.036394][T24350] veth1_vlan: entered promiscuous mode [ 820.095625][T24947] netdevsim netdevsim4: Direct firmware load for .. failed with error -2 [ 820.131081][ T31] audit: type=1400 audit(2000000373.477:141): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=24946 comm="syz.1.8246" [ 820.143017][T23799] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 820.179272][T24947] netdevsim netdevsim4: Falling back to sysfs fallback for: .. [ 820.205204][T24350] veth0_macvtap: entered promiscuous mode [ 820.264640][T24350] veth1_macvtap: entered promiscuous mode [ 820.312640][T24350] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 820.376372][T24350] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 820.454613][ T3490] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 820.490842][ T3490] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 820.562913][ T3490] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 820.579269][T24958] loop6: detected capacity change from 0 to 64 [ 820.616759][ T3490] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 821.059708][ T1076] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 821.109409][ T1076] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 821.322775][ T1076] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 821.362756][ T1076] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 821.809725][T24955] loop1: detected capacity change from 0 to 32768 [ 821.871074][T24955] (syz.1.8250,24955,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 821.945394][T24992] loop0: detected capacity change from 0 to 512 [ 821.951425][T24955] (syz.1.8250,24955,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 822.061240][T24992] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -13 [ 822.078579][T24992] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #13: comm syz.0.8261: iget: bad i_size value: 12154757448730 [ 822.093435][T24962] loop2: detected capacity change from 0 to 32768 [ 822.142655][T24955] JBD2: Ignoring recovery information on journal [ 822.156097][T24962] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.8251 (24962) [ 822.169984][T24992] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.8261: couldn't read orphan inode 13 (err -117) [ 822.243840][T24962] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 822.295539][T24992] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 822.328247][T24962] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm [ 822.374883][T24955] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 822.536026][T25012] openvswitch: netlink: Multiple metadata blocks provided [ 822.603621][ T5854] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 822.635138][T24962] BTRFS info (device loop2): enabling ssd optimizations [ 822.643366][T24962] BTRFS info (device loop2): turning on async discard [ 822.650137][T24962] BTRFS info (device loop2): enabling free space tree [ 822.665131][ T5847] ocfs2: Unmounting device (7,1) on (node local) [ 822.733134][T24962] BTRFS warning (device loop2): can't clear the compat:1 feature bit while mounted [ 822.957891][ T5842] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 823.736831][T25054] loop2: detected capacity change from 0 to 256 [ 823.962654][T25001] loop7: detected capacity change from 0 to 32768 [ 824.119622][T25001] XFS (loop7): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 824.124767][T25075] netlink: 'syz.6.8286': attribute type 3 has an invalid length. [ 824.286779][T25001] XFS (loop7): Ending clean mount [ 824.355490][T25001] XFS (loop7): Quotacheck needed: Please wait. [ 824.530944][T25089] netlink: 'syz.6.8290': attribute type 2 has an invalid length. [ 824.583693][T25001] XFS (loop7): Quotacheck: Done. [ 824.683739][T25089] : entered promiscuous mode [ 824.971461][T24350] XFS (loop7): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 825.274215][T25120] IPv6: Can't replace route, no match found [ 825.547138][T25128] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 825.586764][T25128] netdevsim netdevsim1 netdevsim0: entered allmulticast mode [ 825.669055][T25128] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 825.841238][T25141] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 826.528595][T25172] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8321'. [ 826.591564][T25172] netlink: 64 bytes leftover after parsing attributes in process `syz.4.8321'. [ 826.694719][T25172] netlink: 'syz.4.8321': attribute type 1 has an invalid length. [ 826.739054][T25172] netlink: 'syz.4.8321': attribute type 1 has an invalid length. [ 826.779460][T25172] netlink: 'syz.4.8321': attribute type 1 has an invalid length. [ 826.801615][T25181] netlink: 20 bytes leftover after parsing attributes in process `syz.6.8325'. [ 826.960297][ T6109] usb 1-1: new high-speed USB device number 116 using dummy_hcd [ 827.168026][ T6109] usb 1-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 827.198772][ T6109] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 827.224438][ T6109] usb 1-1: Product: syz [ 827.238614][ T6109] usb 1-1: Manufacturer: syz [ 827.243214][ T6109] usb 1-1: SerialNumber: syz [ 827.295181][ T6109] r8152-cfgselector 1-1: Unknown version 0x0000 [ 827.339006][ T6109] r8152-cfgselector 1-1: config 0 descriptor?? [ 827.448151][T25201] loop6: detected capacity change from 0 to 512 [ 827.487725][T25149] loop1: detected capacity change from 0 to 40427 [ 827.524489][T25201] EXT4-fs error (device loop6): ext4_iget_extra_inode:5073: inode #15: comm syz.6.8332: corrupted in-inode xattr: bad e_name length [ 827.535617][T25149] F2FS-fs (loop1): Fix alignment : internally, start(4096) end(16896) block(12288) [ 827.559345][ T6001] usb 5-1: new high-speed USB device number 119 using dummy_hcd [ 827.580428][T25149] F2FS-fs (loop1): invalid crc value [ 827.583619][T25201] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.8332: couldn't read orphan inode 15 (err -117) [ 827.646621][T25201] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 827.662781][T25168] loop7: detected capacity change from 0 to 32768 [ 827.689470][T25201] EXT4-fs warning (device loop6): dx_probe:861: inode #2: comm syz.6.8332: dx entry: limit 0 != root limit 125 [ 827.713088][T25201] EXT4-fs warning (device loop6): dx_probe:934: inode #2: comm syz.6.8332: Corrupt directory, running e2fsck is recommended [ 827.759350][ T6001] usb 5-1: Using ep0 maxpacket: 8 [ 827.764812][ T6109] r8152-cfgselector 1-1: USB disconnect, device number 116 [ 827.776994][T25168] XFS (loop7): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 827.810908][ T6001] usb 5-1: New USB device found, idVendor=0763, idProduct=2081, bcdDevice=d0.ab [ 827.892664][ T6001] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 827.934072][T23799] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 827.960764][ T6001] usb 5-1: Product: syz [ 827.965359][T25168] XFS (loop7): Ending clean mount [ 827.973196][ T6001] usb 5-1: Manufacturer: syz [ 827.986894][T25168] XFS (loop7): Quotacheck needed: Please wait. [ 827.998233][ T6001] usb 5-1: SerialNumber: syz [ 828.057028][ T6001] usb 5-1: config 0 descriptor?? [ 828.057430][T25149] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 1 [ 828.156553][T25168] XFS (loop7): Quotacheck: Done. [ 828.166179][T25149] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 828.489594][T24350] XFS (loop7): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 828.559854][T25233] netlink: 20 bytes leftover after parsing attributes in process `syz.2.8342'. [ 828.608359][ T6001] usb 5-1: USB disconnect, device number 119 [ 828.913888][T25241] batadv_slave_0: left promiscuous mode [ 828.961619][T25241] batadv_slave_0: left allmulticast mode [ 829.183533][ T6069] udevd[6069]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 829.561514][T25258] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8350'. [ 829.953034][T25283] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8359'. [ 830.224343][T25295] loop4: detected capacity change from 0 to 8 [ 830.244839][T25295] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 830.329436][ T6069] udevd[6069]: incorrect cramfs checksum on /dev/loop4 [ 830.429826][T25302] loop7: detected capacity change from 0 to 1024 [ 830.470140][T25302] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 830.524496][T25302] EXT4-fs (loop7): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 830.537099][ T5969] usb 2-1: new high-speed USB device number 118 using dummy_hcd [ 830.589629][T25302] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869) [ 830.628430][T25302] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 830.675135][T25302] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 830.730654][ T5969] usb 2-1: Using ep0 maxpacket: 32 [ 830.740038][ T5969] usb 2-1: config 4 has an invalid interface number: 128 but max is 0 [ 830.768237][ T5969] usb 2-1: config 4 has no interface number 0 [ 830.774511][ T5969] usb 2-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 830.795635][ T5969] usb 2-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 830.833584][ T5969] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 830.862841][ T5969] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 830.898718][ T5969] hub 2-1:4.128: USB hub found [ 830.963735][T24350] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 830.979722][T25319] loop6: detected capacity change from 0 to 256 [ 831.054254][T25319] exFAT-fs (loop6): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d) [ 831.078974][T25325] Cannot find map_set index 135 as target [ 831.098345][ T5969] hub 2-1:4.128: config failed, hub has too many ports! (err -19) [ 831.143958][T25319] exFAT-fs (loop6): failed to test first cluster bit of root dir(5) [ 831.278915][T25319] exFAT-fs (loop6): start_clu is invalid cluster(0x400) [ 831.491211][ T5969] usb 2-1: USB disconnect, device number 118 [ 831.634634][T25345] kAFS: unable to lookup cell '/' [ 831.916377][T25359] loop2: detected capacity change from 0 to 64 [ 832.028378][T25359] Trying to free block not in datazone [ 832.109509][T25364] loop1: detected capacity change from 0 to 8 [ 832.142959][T25364] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 832.172671][ T6069] udevd[6069]: incorrect cramfs checksum on /dev/loop1 [ 832.192522][T25364] cramfs: Error -3 while decompressing! [ 832.206532][ T31] audit: type=1326 audit(2000000386.137:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25368 comm="syz.4.8392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fed18f749 code=0x7ffc0000 [ 832.235093][T25364] cramfs: ffffffff999d22e8(1306)->ffff88804dfd9000(4096) [ 832.270951][T25364] cramfs: bad data blocksize 3221485966 [ 832.323146][ T5864] udevd[5864]: incorrect cramfs checksum on /dev/loop1 [ 832.329910][T25364] cramfs: Error -3 while decompressing! [ 832.355944][ T31] audit: type=1326 audit(2000000386.148:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25368 comm="syz.4.8392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=198 compat=0 ip=0x7f1fed18f749 code=0x7ffc0000 [ 832.391813][T25364] cramfs: ffffffff999d22e8(1306)->ffff88804dfd9000(4096) [ 832.452168][ T31] audit: type=1326 audit(2000000386.148:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25368 comm="syz.4.8392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fed18f749 code=0x7ffc0000 [ 832.494750][T25380] autofs: Unknown parameter 'no9 PG!8E ' [ 832.589712][ T31] audit: type=1326 audit(2000000386.148:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25368 comm="syz.4.8392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fed18f749 code=0x7ffc0000 [ 832.720874][ T31] audit: type=1800 audit(2000000386.400:146): pid=25364 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.8391" name="file2" dev="loop1" ino=348 res=0 errno=0 [ 833.808438][T25446] loop7: detected capacity change from 0 to 16 [ 833.873062][T25446] erofs (device loop7): mounted with root inode @ nid 36. [ 834.266741][T25464] loop1: detected capacity change from 0 to 16 [ 834.268611][T25464] erofs (device loop1): mounted with root inode @ nid 36. [ 834.541705][T25473] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8437'. [ 835.416539][ T5969] usb 5-1: new high-speed USB device number 120 using dummy_hcd [ 835.493471][T25512] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 835.570356][ T5811] usb 3-1: new high-speed USB device number 120 using dummy_hcd [ 835.628809][ T5969] usb 5-1: config 0 has too many interfaces: 202, using maximum allowed: 32 [ 835.686061][ T5969] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 835.714522][ T5969] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 202 [ 835.741003][ T5811] usb 3-1: Using ep0 maxpacket: 32 [ 835.756693][ T5811] usb 3-1: config 6 has an invalid interface number: 76 but max is 0 [ 835.759700][ T5969] usb 5-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 835.790465][ T5811] usb 3-1: config 6 has no interface number 0 [ 835.811906][ T5811] usb 3-1: config 6 interface 76 has no altsetting 0 [ 835.816935][ T5969] usb 5-1: New USB device strings: Mfr=33, Product=2, SerialNumber=3 [ 835.866728][ T5969] usb 5-1: Product: syz [ 835.867390][ T5811] usb 3-1: New USB device found, idVendor=04dd, idProduct=8004, bcdDevice=37.80 [ 835.870891][ T5969] usb 5-1: Manufacturer: syz [ 835.909208][T25530] netlink: 108 bytes leftover after parsing attributes in process `syz.7.8458'. [ 835.931054][ T5811] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 835.945212][ T5969] usb 5-1: SerialNumber: syz [ 835.969609][ T5811] usb 3-1: Product: syz [ 835.977496][ T5811] usb 3-1: Manufacturer: syz [ 835.985921][ T5969] usb 5-1: config 0 descriptor?? [ 835.992917][ T5811] usb 3-1: SerialNumber: syz [ 836.031789][ T5969] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 836.161652][T25540] netlink: 48 bytes leftover after parsing attributes in process `syz.0.8462'. [ 836.245924][ T5811] usb 3-1: bad CDC descriptors [ 836.285218][ T5969] snd-usb-audio 5-1:0.0: probe with driver snd-usb-audio failed with error -2 [ 836.289732][ T5811] usb 3-1: USB disconnect, device number 120 [ 836.448000][ T5969] usb 5-1: USB disconnect, device number 120 [ 836.534107][ T6069] udevd[6069]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 836.965588][T25567] loop1: detected capacity change from 0 to 64 [ 837.324874][T25583] netlink: 24 bytes leftover after parsing attributes in process `syz.1.8479'. [ 837.435028][T25588] loop2: detected capacity change from 0 to 2048 [ 837.552854][T25588] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 837.729956][T25608] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 837.853230][ T5842] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 838.648862][T25642] comedi comedi0: Minor 47 could not be opened [ 838.718283][T25648] openvswitch: netlink: IP tunnel TTL not specified. [ 839.426352][T25617] loop6: detected capacity change from 0 to 32768 [ 839.445689][ T5811] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 839.476428][T25677] loop0: detected capacity change from 0 to 256 [ 839.560523][T25677] FAT-fs (loop0): Directory bread(block 64) failed [ 839.599313][T25677] FAT-fs (loop0): Directory bread(block 65) failed [ 839.651748][T25677] FAT-fs (loop0): Directory bread(block 66) failed [ 839.678616][ T5811] usb 8-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 839.697632][T25677] FAT-fs (loop0): Directory bread(block 67) failed [ 839.725811][ T5811] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 839.736366][T25677] FAT-fs (loop0): Directory bread(block 68) failed [ 839.763114][T25681] netlink: 'syz.2.8519': attribute type 1 has an invalid length. [ 839.764819][ T5811] usb 8-1: Product: syz [ 839.781737][T25677] FAT-fs (loop0): Directory bread(block 69) failed [ 839.810387][ T5811] usb 8-1: Manufacturer: syz [ 839.814984][ T5811] usb 8-1: SerialNumber: syz [ 839.819158][T25681] netlink: 224 bytes leftover after parsing attributes in process `syz.2.8519'. [ 839.829183][T25677] FAT-fs (loop0): Directory bread(block 70) failed [ 839.879014][ T5811] usb 8-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 839.889391][T25677] FAT-fs (loop0): Directory bread(block 71) failed [ 839.896966][T25687] netlink: 16 bytes leftover after parsing attributes in process `syz.6.8521'. [ 839.937802][T25677] FAT-fs (loop0): Directory bread(block 72) failed [ 839.949037][T25687] netlink: 40 bytes leftover after parsing attributes in process `syz.6.8521'. [ 839.969717][T25677] FAT-fs (loop0): Directory bread(block 73) failed [ 839.987551][ T6001] usb 8-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 840.686878][T25661] loop1: detected capacity change from 0 to 32768 [ 840.914045][T25661] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 841.241654][T25661] XFS (loop1): Ending clean mount [ 841.655795][ T6021] usb 5-1: new high-speed USB device number 121 using dummy_hcd [ 841.792834][ T5847] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 841.850679][ T5811] usb 8-1: USB disconnect, device number 2 [ 841.863508][ T6001] ath9k_htc 8-1:1.0: ath9k_htc: Target is unresponsive [ 841.874973][ T6001] ath9k_htc: Failed to initialize the device [ 841.887623][ T5811] usb 8-1: ath9k_htc: USB layer deinitialized [ 841.924742][ T6021] usb 5-1: Using ep0 maxpacket: 32 [ 841.955127][ T6021] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 842.033742][ T6021] usb 5-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 842.097970][ T6021] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 842.137110][ T6021] usb 5-1: Product: syz [ 842.165280][ T6021] usb 5-1: Manufacturer: syz [ 842.194863][ T6021] usb 5-1: SerialNumber: syz [ 842.216188][ T6021] usb 5-1: config 0 descriptor?? [ 842.267947][ T6021] usb 5-1: bad CDC descriptors [ 842.296555][ T6021] usb 5-1: unsupported MDLM descriptors [ 842.464632][ T6021] usb 5-1: USB disconnect, device number 121 [ 842.581159][T25746] loop6: detected capacity change from 0 to 1024 [ 842.647281][T25746] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 843.052754][T25702] loop0: detected capacity change from 0 to 40427 [ 843.118497][T25702] F2FS-fs (loop0): Invalid log blocks per segment (4278190089) [ 843.164007][T25702] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 843.203048][T25702] F2FS-fs (loop0): invalid crc value [ 843.598082][T25782] No such timeout policy "syz1" [ 843.655461][T25702] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 843.753198][T25702] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 843.765448][T25702] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 843.965557][T25794] loop2: detected capacity change from 0 to 256 [ 844.434461][T25757] loop7: detected capacity change from 0 to 32768 [ 844.575328][T25757] XFS (loop7): DAX unsupported by block device. Turning off DAX. [ 844.597970][T25757] XFS (loop7): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 844.627100][ T31] audit: type=1326 audit(2000000399.197:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25816 comm="syz.4.8568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fed18f749 code=0x7ffc0000 [ 844.654992][T25821] netlink: 'syz.1.8569': attribute type 39 has an invalid length. [ 844.677535][ T31] audit: type=1326 audit(2000000399.228:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25816 comm="syz.4.8568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fed18f749 code=0x7ffc0000 [ 844.706409][ T31] audit: type=1326 audit(2000000399.270:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25816 comm="syz.4.8568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7f1fed18f749 code=0x7ffc0000 [ 844.728982][ T31] audit: type=1326 audit(2000000399.270:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25816 comm="syz.4.8568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fed18f749 code=0x7ffc0000 [ 844.781586][T25757] XFS (loop7): Ending clean mount [ 844.813531][T25757] XFS (loop7): Quotacheck needed: Please wait. [ 844.955650][T25757] XFS (loop7): Quotacheck: Done. [ 845.017131][T25833] loop4: detected capacity change from 0 to 8 [ 845.062110][T25833] SQUASHFS error: Failed to read block 0x26067d: -5 [ 845.069713][T25833] SQUASHFS error: Unable to read metadata cache entry [26067d] [ 845.077406][T25833] SQUASHFS error: Unable to read directory block [26067d:ffff] [ 845.098089][T25830] bond2 (unregistering): Released all slaves [ 845.157716][T24350] XFS (loop7): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 845.642088][T25847] loop6: detected capacity change from 0 to 4096 [ 845.706863][T25847] ntfs3(loop6): Different NTFS sector size (1024) and media sector size (512). [ 845.745182][T25851] loop0: detected capacity change from 0 to 512 [ 845.783460][T25851] EXT4-fs: Ignoring removed orlov option [ 845.816998][T25847] ntfs3(loop6): ino=18, mi_enum_attr [ 845.830770][T25851] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 845.856667][T25847] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 845.909252][T25851] EXT4-fs (loop0): orphan cleanup on readonly fs [ 845.938975][T25847] ntfs3(loop6): ino=0, attr_set_size [ 845.992546][T25851] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.8583: bg 0: block 248: padding at end of block bitmap is not set [ 846.085940][T25851] Quota error (device loop0): write_blk: dquota write failed [ 846.123568][T25851] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 846.181756][T25851] EXT4-fs error (device loop0): ext4_acquire_dquot:6986: comm syz.0.8583: Failed to acquire dquot type 1 [ 846.270087][T25851] EXT4-fs (loop0): 1 truncate cleaned up [ 846.310611][T25851] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 846.419367][T25851] EXT4-fs: Ignoring removed orlov option [ 846.454006][T25851] EXT4-fs: can't change dax mount option while remounting [ 846.746410][ T5854] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 847.939868][T25937] netlink: 40 bytes leftover after parsing attributes in process `syz.1.8616'. [ 848.117559][T25944] xt_CT: You must specify a L4 protocol and not use inversions on it [ 848.136781][T25939] loop0: detected capacity change from 0 to 2048 [ 848.228629][T25949] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 848.776349][T25904] loop6: detected capacity change from 0 to 32768 [ 848.848845][T25904] xfs: Deprecated parameter 'noattr2' [ 848.877068][T25904] XFS: noattr2 mount option is deprecated. [ 848.964388][T25904] XFS (loop6): DAX unsupported by block device. Turning off DAX. [ 848.982225][T25977] Unknown options in mask b7f2 [ 849.031200][T25904] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 849.187818][T25904] XFS (loop6): Ending clean mount [ 849.253107][T25904] XFS (loop6): Quotacheck needed: Please wait. [ 849.374271][T25904] XFS (loop6): Quotacheck: Done. [ 849.603665][T23799] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 850.485430][T26039] ieee802154 phy1 wpan1: encryption failed: -22 [ 850.749525][T26053] loop4: detected capacity change from 0 to 128 [ 850.855748][T26053] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 850.892254][T26053] FAT-fs (loop4): Filesystem has been set read-only [ 851.197736][T26072] loop6: detected capacity change from 0 to 512 [ 851.307834][T26076] loop4: detected capacity change from 0 to 1024 [ 851.340512][T26072] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.8668: bg 0: block 248: padding at end of block bitmap is not set [ 851.391649][T26076] hfsplus: request for non-existent node 127 in B*Tree [ 851.414081][T26072] Quota error (device loop6): write_blk: dquota write failed [ 851.420301][T25728] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 851.432383][T26076] hfsplus: request for non-existent node 127 in B*Tree [ 851.467677][T26072] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 851.524624][T26072] EXT4-fs error (device loop6): ext4_acquire_dquot:6986: comm syz.6.8668: Failed to acquire dquot type 1 [ 851.555610][T26072] EXT4-fs (loop6): 1 truncate cleaned up [ 851.583323][T26072] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 851.603513][T25728] usb 8-1: config 0 has an invalid interface number: 238 but max is 0 [ 851.641685][T26072] ext4 filesystem being mounted at /162/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 851.662137][T25728] usb 8-1: config 0 has no interface number 0 [ 851.696119][T25728] usb 8-1: config 0 interface 238 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0 [ 851.724313][T25728] usb 8-1: config 0 interface 238 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0 [ 851.752729][T26072] Quota error (device loop6): find_tree_dqentry: Cycle in quota tree detected: block 2 index 2 [ 851.790264][T25728] usb 8-1: config 0 interface 238 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 851.812980][T26072] Quota error (device loop6): qtree_read_dquot: Can't read quota structure for id 131074 [ 851.823640][T25728] usb 8-1: config 0 interface 238 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0 [ 851.838490][T26072] EXT4-fs error (device loop6): ext4_acquire_dquot:6986: comm syz.6.8668: Failed to acquire dquot type 1 [ 851.863755][T25728] usb 8-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=76.6a [ 851.876613][T25728] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 851.884712][T25728] usb 8-1: Product: syz [ 851.889470][T25728] usb 8-1: Manufacturer: syz [ 851.894061][T25728] usb 8-1: SerialNumber: syz [ 851.929598][T25728] usb 8-1: config 0 descriptor?? [ 851.954349][T25728] ni6501 8-1:0.238: driver 'ni6501' failed to auto-configure device. [ 852.004203][T23799] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 852.020551][T26050] loop0: detected capacity change from 0 to 32768 [ 852.098561][T26050] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 852.171060][T13119] usb 8-1: USB disconnect, device number 3 [ 852.342115][T26050] XFS (loop0): Ending clean mount [ 852.354997][T26107] delete_channel: no stack [ 852.523100][T26113] loop4: detected capacity change from 0 to 1024 [ 852.550450][ T5854] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 852.782109][ T4579] hfsplus: b-tree write err: -5, ino 4 [ 852.849629][T26118] loop2: detected capacity change from 0 to 4096 [ 852.868182][T26122] netlink: 44 bytes leftover after parsing attributes in process `syz.0.8683'. [ 852.969450][T26118] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 853.327922][T26144] tmpfs: Bad value for 'mpol' [ 853.517083][ T5842] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 853.613890][T26146] bond2: option primary: mode dependency failed, not supported in mode 802.3ad(4) [ 853.639120][T26146] bond2 (unregistering): Released all slaves [ 853.649226][T26152] Cannot find del_set index 4 as target [ 854.319060][T26180] loop0: detected capacity change from 0 to 128 [ 854.392451][T26180] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 854.411196][T26180] ext4 filesystem being mounted at /1437/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 854.706780][ T5854] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 855.181314][T26221] loop6: detected capacity change from 0 to 256 [ 855.292431][T26221] FAT-fs (loop6): Directory bread(block 64) failed [ 855.308489][T26225] loop7: detected capacity change from 0 to 64 [ 855.358311][T26221] FAT-fs (loop6): Directory bread(block 65) failed [ 855.404260][T26225] syz.7.8729: attempt to access beyond end of device [ 855.404260][T26225] loop7: rw=8388608, sector=268435468, nr_sectors = 2 limit=64 [ 855.410829][T26221] FAT-fs (loop6): Directory bread(block 66) failed [ 855.486816][T26221] FAT-fs (loop6): Directory bread(block 67) failed [ 855.497525][T26225] Buffer I/O error on dev loop7, logical block 134217734, async page read [ 855.516023][T26221] FAT-fs (loop6): Directory bread(block 68) failed [ 855.551672][T26221] FAT-fs (loop6): Directory bread(block 69) failed [ 855.592684][T26221] FAT-fs (loop6): Directory bread(block 70) failed [ 855.623253][T26221] FAT-fs (loop6): Directory bread(block 71) failed [ 855.662011][T26221] FAT-fs (loop6): Directory bread(block 72) failed [ 855.712575][T26221] FAT-fs (loop6): Directory bread(block 73) failed [ 855.840672][T26225] Trying to free block not in datazone [ 856.731610][T26278] loop2: detected capacity change from 0 to 512 [ 856.765265][T26278] EXT4-fs: Ignoring removed orlov option [ 856.770918][T26278] EXT4-fs: Ignoring removed nobh option [ 856.813762][T26278] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 856.932229][T26278] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.8753: bg 0: block 248: padding at end of block bitmap is not set [ 856.992429][T26278] Quota error (device loop2): write_blk: dquota write failed [ 857.030416][T26278] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 857.066302][T26278] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.8753: Failed to acquire dquot type 1 [ 857.110996][T26298] netlink: 'syz.1.8762': attribute type 5 has an invalid length. [ 857.145938][T26278] EXT4-fs (loop2): 1 truncate cleaned up [ 857.155792][T26278] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 857.278622][T26278] ext4 filesystem being mounted at /1488/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 857.371387][T26278] EXT4-fs: Ignoring removed orlov option [ 857.383338][T26278] EXT4-fs: Ignoring removed nobh option [ 857.388998][T26278] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 857.397791][T26304] loop1: detected capacity change from 0 to 128 [ 857.434190][T26278] EXT4-fs error (device loop2): __ext4_remount:6789: comm syz.2.8753: Abort forced by user [ 857.482025][T26278] EXT4-fs (loop2): Remounting filesystem read-only [ 857.496097][T26278] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000. [ 857.694351][ T5842] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 857.936695][T26321] AppArmor: change_hat: Invalid input '' [ 858.208102][T26294] loop0: detected capacity change from 0 to 32768 [ 858.274216][T26294] (syz.0.8760,26294,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 858.335486][T26294] (syz.0.8760,26294,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 858.434211][T26342] openvswitch: netlink: VXLAN extension message has 1 unknown bytes. [ 858.455830][T26294] JBD2: Ignoring recovery information on journal [ 858.655724][T26294] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 859.090490][ T5854] ocfs2: Unmounting device (7,0) on (node local) [ 859.199445][T26368] bond1: entered allmulticast mode [ 859.213158][T26370] netlink: 196 bytes leftover after parsing attributes in process `syz.4.8797'. [ 859.251340][T26370] netlink: 196 bytes leftover after parsing attributes in process `syz.4.8797'. [ 859.270507][T26370] netlink: 19 bytes leftover after parsing attributes in process `syz.4.8797'. [ 859.326746][T26377] netlink: 20 bytes leftover after parsing attributes in process `syz.1.8801'. [ 859.754788][T26394] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 859.762042][T26394] IPv6: NLM_F_CREATE should be set when creating new route [ 859.769312][T26394] IPv6: NLM_F_CREATE should be set when creating new route [ 860.636440][T26431] xt_bpf: check failed: parse error [ 860.918304][T26441] netlink: 32 bytes leftover after parsing attributes in process `syz.4.8832'. [ 860.963457][T26441] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 861.263648][T26412] loop2: detected capacity change from 0 to 32768 [ 861.343838][T26457] loop0: detected capacity change from 0 to 256 [ 861.382115][T26457] exfat: Deprecated parameter 'namecase' [ 861.443253][T26457] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1cbb3694, utbl_chksum : 0xe619d30d) [ 861.536132][T26457] exFAT-fs (loop0): error, in sector 160, dentry 5 should be unused, but 0xc1 [ 862.105004][T26445] loop1: detected capacity change from 0 to 32768 [ 862.131991][T26447] loop6: detected capacity change from 0 to 32768 [ 862.153576][T26445] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.8834 (26445) [ 862.204820][T26447] BTRFS info: device /dev/loop6 (7:6) using temp-fsid 53fd1b5f-89b0-4fb2-9a2a-71117d3c51a0 [ 862.220333][T26447] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.8835 (26447) [ 862.298834][T26445] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 862.310940][T26447] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 862.359807][T26447] BTRFS info (device loop6): using sha256 (sha256-lib) checksum algorithm [ 862.360025][T26445] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm [ 862.478952][T26479] netlink: 28 bytes leftover after parsing attributes in process `syz.7.8851'. [ 862.509383][T26479] netlink: 28 bytes leftover after parsing attributes in process `syz.7.8851'. [ 862.626649][T26488] loop4: detected capacity change from 0 to 512 [ 862.675914][T26488] EXT4-fs: Ignoring removed nobh option [ 862.756615][T26488] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 862.796688][T26488] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.8853: invalid indirect mapped block 256 (level 1) [ 862.886391][T26488] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.8853: invalid indirect mapped block 2683928664 (level 1) [ 862.897597][T26447] BTRFS info (device loop6): enabling ssd optimizations [ 862.932131][T26445] BTRFS info (device loop1): enabling ssd optimizations [ 862.955440][T26447] BTRFS info (device loop6): turning on async discard [ 862.962213][T26447] BTRFS info (device loop6): enabling free space tree [ 862.975059][T26445] BTRFS info (device loop1): turning on async discard [ 862.981827][T26445] BTRFS info (device loop1): enabling free space tree [ 862.995669][T26488] EXT4-fs (loop4): 1 truncate cleaned up [ 863.029780][T26488] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 863.086220][T26488] EXT4-fs error (device loop4): ext4_find_dest_de:2050: inode #2: block 13: comm syz.4.8853: bad entry in directory: directory entry overrun - offset=108, inode=4294901777, rec_len=1024, size=1024 fake=0 [ 863.233472][ T5847] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 863.279642][T26511] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm ext4lazyinit: Invalid block bitmap block 3 in block_group 0 [ 863.309129][T23799] BTRFS info (device loop6): last unmount of filesystem 53fd1b5f-89b0-4fb2-9a2a-71117d3c51a0 [ 863.362341][T26511] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm ext4lazyinit: Invalid block bitmap block 3 in block_group 0 [ 863.389830][ T5840] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 863.696064][T26475] loop0: detected capacity change from 0 to 32768 [ 863.885169][T26475] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 864.008691][T26475] XFS (loop0): Ending clean mount [ 864.041821][ T3420] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 864.232937][ T5854] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 864.479516][T26521] loop2: detected capacity change from 0 to 32768 [ 864.527793][T26521] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.8856 (26521) [ 864.633365][T26521] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 864.702697][T26521] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm [ 864.773912][T26559] loop6: detected capacity change from 0 to 4096 [ 864.861848][T26559] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512). [ 864.896264][T26571] loop4: detected capacity change from 0 to 1024 [ 865.074685][T26521] BTRFS info (device loop2): enabling ssd optimizations [ 865.128940][T26559] ntfs3(loop6): ino=19, mi_enum_attr [ 865.136681][T26521] BTRFS info (device loop2): turning on async discard [ 865.143452][T26521] BTRFS info (device loop2): enabling free space tree [ 865.184021][T26559] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 865.273954][ T3565] hfsplus: b-tree write err: -5, ino 4 [ 865.469027][T26590] netlink: 'syz.4.8878': attribute type 29 has an invalid length. [ 865.476959][T26590] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8878'. [ 865.486737][T26549] loop1: detected capacity change from 0 to 32768 [ 865.498510][T26549] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.8866 (26549) [ 865.537215][ T5842] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 865.598844][T26549] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 865.676988][T26549] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 865.747927][T26549] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 865.899031][T26605] netlink: 'syz.6.8883': attribute type 10 has an invalid length. [ 866.076535][T26549] BTRFS info (device loop1): rebuilding free space tree [ 866.247593][T26549] BTRFS info (device loop1): disabling free space tree [ 866.282976][T26549] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 866.354343][T26549] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 866.408992][T26549] BTRFS info (device loop1): setting nodatasum [ 866.438358][T26549] BTRFS info (device loop1): allowing degraded mounts [ 866.471370][T26549] BTRFS info (device loop1): turning on async discard [ 866.494471][T26549] BTRFS info (device loop1): enabling disk space caching [ 866.523834][T26549] BTRFS info (device loop1): force clearing of disk cache [ 866.562533][T26549] BTRFS info (device loop1): force zlib compression, level 3 [ 866.806397][T26634] SET target dimension over the limit! [ 866.862430][T26637] loop2: detected capacity change from 0 to 22 [ 866.884879][ T5847] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 866.887245][T26637] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 866.937101][T26637] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 867.111363][T26639] loop4: detected capacity change from 0 to 8 [ 867.147574][T26641] netlink: 8 bytes leftover after parsing attributes in process `syz.7.8896'. [ 867.173359][ T7125] udevd[7125]: incorrect cramfs checksum on /dev/loop4 [ 867.178418][T26639] cramfs: Error -3 while decompressing! [ 867.233726][T26639] cramfs: ffffffff999d22e8(26)->ffff888088d88000(4096) [ 867.280113][T26639] cramfs: Error -3 while decompressing! [ 867.306618][ T5864] udevd[5864]: incorrect cramfs checksum on /dev/loop4 [ 867.332822][T26639] cramfs: ffffffff999d2302(26)->ffff888088d87000(4096) [ 867.347523][T26639] cramfs: Error -3 while decompressing! [ 867.383384][T26639] cramfs: ffffffff999d231c(16)->ffff888088d86000(4096) [ 867.427701][T26639] cramfs: Error -3 while decompressing! [ 867.480985][T26639] cramfs: ffffffff999d22e8(26)->ffff888088d88000(4096) [ 867.514856][ T31] audit: type=1800 audit(2000000423.227:151): pid=26639 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.8895" name="file2" dev="loop4" ino=348 res=0 errno=0 [ 867.757295][T26655] netlink: 'syz.1.8901': attribute type 21 has an invalid length. [ 867.857024][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 867.907277][T26630] loop0: detected capacity change from 0 to 32768 [ 867.917298][T26630] (syz.0.8889,26630,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 867.947351][T26630] (syz.0.8889,26630,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 867.994116][ T6010] usb 3-1: new high-speed USB device number 121 using dummy_hcd [ 868.004088][T18669] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 868.042132][T26665] /dev/nullb0: Can't open blockdev [ 868.050442][T26630] JBD2: Ignoring recovery information on journal [ 868.087543][T26663] loop7: detected capacity change from 0 to 4096 [ 868.166475][ T6010] usb 3-1: Using ep0 maxpacket: 8 [ 868.173498][ T6010] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 868.184875][T18669] usb 7-1: Using ep0 maxpacket: 8 [ 868.202312][T26630] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 868.211196][ T6010] usb 3-1: config 0 has no interface number 0 [ 868.221965][T18669] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 868.232222][ T6010] usb 3-1: config 0 interface 1 has no altsetting 0 [ 868.246443][T26670] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 868.268404][T18669] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 868.288855][ T6010] usb 3-1: New USB device found, idVendor=10c4, idProduct=eac1, bcdDevice=70.2f [ 868.315652][ T6010] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 868.347132][T18669] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 868.364538][ T6010] usb 3-1: Product: syz [ 868.367939][T26673] xt_CT: You must specify a L4 protocol and not use inversions on it [ 868.396454][T18669] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 49 [ 868.406379][ T6010] usb 3-1: Manufacturer: syz [ 868.406404][ T6010] usb 3-1: SerialNumber: syz [ 868.457821][T18669] usb 7-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 868.457898][ T6010] usb 3-1: config 0 descriptor?? [ 868.506955][T18669] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 868.543000][T18669] usb 7-1: config 0 descriptor?? [ 868.556396][T26676] ksmbd: Daemon and kernel module version mismatch. ksmbd: 124, kernel module: 1. User-space ksmbd should terminate. [ 868.581975][T26659] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22 [ 868.747116][ T6010] i2c-cp2615 3-1:0.1: probe with driver i2c-cp2615 failed with error -22 [ 868.767800][T26681] loop1: detected capacity change from 0 to 1024 [ 868.770937][ T5854] ocfs2: Unmounting device (7,0) on (node local) [ 868.968465][ T6667] hfsplus: b-tree write err: -5, ino 4 [ 869.038092][T18669] usb 3-1: USB disconnect, device number 121 [ 869.049004][ T6010] usb 7-1: USB disconnect, device number 3 [ 869.057398][ T52] Bluetooth: hci7: Opcode 0x0c03 failed: -19 [ 869.356915][T26695] kAFS: Can only specify source 'none' with -o dyn [ 869.515653][T26698] loop7: detected capacity change from 0 to 4096 [ 869.575656][T26698] ntfs3(loop7): Different NTFS sector size (4096) and media sector size (512). [ 869.678519][T26698] ntfs3(loop7): ino=19, mi_enum_attr [ 869.713941][T26698] ntfs3(loop7): Mark volume as dirty due to NTFS errors [ 869.786861][T26698] ntfs3(loop7): failed to convert "c46c" to macgreek [ 869.824382][T26698] ntfs3(loop7): ino=20, mi_enum_attr [ 870.414813][T26738] netlink: 28 bytes leftover after parsing attributes in process `syz.0.8940'. [ 871.252549][ T9] usb 2-1: new high-speed USB device number 119 using dummy_hcd [ 871.423954][ T9] usb 2-1: Using ep0 maxpacket: 8 [ 871.434868][T26736] loop6: detected capacity change from 0 to 32768 [ 871.447741][ T9] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 871.483453][T26736] (syz.6.8939,26736,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 871.497529][ T9] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1c1e, bcdDevice= 0.00 [ 871.535836][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 871.547963][T26736] (syz.6.8939,26736,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 871.567981][ T9] usb 2-1: config 0 descriptor?? [ 871.649533][T26736] JBD2: Ignoring recovery information on journal [ 871.770297][ T9] usbhid 2-1:0.0: can't add hid device: -71 [ 871.785167][ T9] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 871.802888][ T9] usb 2-1: USB disconnect, device number 119 [ 871.811867][T26736] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode. [ 871.850119][T26792] loop7: detected capacity change from 0 to 2048 [ 871.914031][T26792] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 871.923539][T26796] ubi: mtd0 is already attached to ubi31 [ 872.221686][T23799] ocfs2: Unmounting device (7,6) on (node local) [ 872.413176][T26811] netlink: 'syz.7.8974': attribute type 3 has an invalid length. [ 872.433874][T26811] netlink: 'syz.7.8974': attribute type 1 has an invalid length. [ 872.710324][T26820] netlink: 7 bytes leftover after parsing attributes in process `syz.2.8979'. [ 873.283766][T26845] netlink: 'syz.7.8992': attribute type 3 has an invalid length. [ 873.404483][T26853] loop6: detected capacity change from 0 to 64 [ 873.409432][T26852] loop4: detected capacity change from 0 to 1024 [ 873.491379][T26853] Trying to free block not in datazone [ 873.496861][T26853] Trying to free block not in datazone [ 873.533206][T26853] Trying to free block not in datazone [ 874.663340][T26904] netlink: 'syz.2.9021': attribute type 1 has an invalid length. [ 874.724344][T26904] netlink: 3 bytes leftover after parsing attributes in process `syz.2.9021'. [ 874.757793][T26896] loop4: detected capacity change from 0 to 8192 [ 874.865447][T26896] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 2068) [ 874.913764][T26896] FAT-fs (loop4): Filesystem has been set read-only [ 874.952589][T26896] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 2068) [ 875.012005][T26896] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 2068) [ 875.040900][T26915] x_tables: duplicate underflow at hook 4 [ 875.118782][T26917] loop7: detected capacity change from 0 to 256 [ 875.257009][T26917] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d) [ 876.136402][T26955] netlink: 172 bytes leftover after parsing attributes in process `syz.2.9044'. [ 876.169191][T26957] xt_TCPMSS: Only works on TCP SYN packets [ 876.383597][T26963] loop7: detected capacity change from 0 to 256 [ 876.440794][T26963] FAT-fs (loop7): Directory bread(block 64) failed [ 876.465490][T26969] loop2: detected capacity change from 0 to 1024 [ 876.480257][T26963] FAT-fs (loop7): Directory bread(block 65) failed [ 876.511643][T26963] FAT-fs (loop7): Directory bread(block 66) failed [ 876.539032][T26963] FAT-fs (loop7): Directory bread(block 67) failed [ 876.545644][T26963] FAT-fs (loop7): Directory bread(block 68) failed [ 876.589638][T26963] FAT-fs (loop7): Directory bread(block 69) failed [ 876.600605][T26963] FAT-fs (loop7): Directory bread(block 70) failed [ 876.608116][T26963] FAT-fs (loop7): Directory bread(block 71) failed [ 876.617782][T26974] netlink: 20 bytes leftover after parsing attributes in process `syz.4.9054'. [ 876.640069][T26963] FAT-fs (loop7): Directory bread(block 72) failed [ 876.659518][T26975] netlink: 'syz.6.9055': attribute type 9 has an invalid length. [ 876.697633][T26963] FAT-fs (loop7): Directory bread(block 73) failed [ 876.861536][T26979] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9057'. [ 876.908236][T26979] netlink: 'syz.0.9057': attribute type 5 has an invalid length. [ 876.980957][T26979] netlink: 20 bytes leftover after parsing attributes in process `syz.0.9057'. [ 876.999780][T26929] loop1: detected capacity change from 0 to 32768 [ 877.036677][T26979] geneve3: entered promiscuous mode [ 877.069842][T26979] geneve3: entered allmulticast mode [ 877.080969][T26929] read_mapping_page failed! [ 877.096085][ T3565] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0 [ 877.106172][T26929] jfs_create: dtInsert returned -EIO [ 877.136395][ T3565] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0 [ 877.146303][T26929] ERROR: (device loop1): jfs_create: [ 877.146303][T26929] [ 877.181447][ T3565] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0 [ 877.220416][ T3565] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0 [ 877.223445][T26929] ERROR: (device loop1): remounting filesystem as read-only [ 877.389189][T26997] loop4: detected capacity change from 0 to 8 [ 877.409226][T26998] loop7: detected capacity change from 0 to 256 [ 877.434369][T26997] SQUASHFS error: Unable to read directory block [631:26] [ 877.556402][T27000] netlink: 16 bytes leftover after parsing attributes in process `syz.6.9067'. [ 877.615323][T27000] netlink: 16 bytes leftover after parsing attributes in process `syz.6.9067'. [ 877.649630][T27002] loop0: detected capacity change from 0 to 256 [ 877.752726][T27002] FAT-fs (loop0): Directory bread(block 64) failed [ 877.795612][T27002] FAT-fs (loop0): Directory bread(block 65) failed [ 877.853525][T27002] FAT-fs (loop0): Directory bread(block 66) failed [ 877.860076][T27002] FAT-fs (loop0): Directory bread(block 67) failed [ 877.907933][T27002] FAT-fs (loop0): Directory bread(block 68) failed [ 877.946090][T27002] FAT-fs (loop0): Directory bread(block 69) failed [ 877.974183][T27002] FAT-fs (loop0): Directory bread(block 70) failed [ 878.021773][T27002] FAT-fs (loop0): Directory bread(block 71) failed [ 878.045846][T27002] FAT-fs (loop0): Directory bread(block 72) failed [ 878.052382][T27002] FAT-fs (loop0): Directory bread(block 73) failed [ 878.118137][T27012] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 878.188844][T27015] set_capacity_and_notify: 1 callbacks suppressed [ 878.188865][T27015] loop7: detected capacity change from 0 to 512 [ 878.299335][T27015] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 878.303568][T27020] netlink: 16 bytes leftover after parsing attributes in process `syz.6.9077'. [ 878.444118][T27015] ext4 filesystem being mounted at /135/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 878.595552][T27029] loop1: detected capacity change from 0 to 256 [ 878.680304][T27032] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9082'. [ 878.705502][T27029] FAT-fs (loop1): Directory bread(block 64) failed [ 878.719314][T24350] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 878.720388][T27032] openvswitch: netlink: Port 262144 exceeds max allowable 65535 [ 878.735446][T27029] FAT-fs (loop1): Directory bread(block 65) failed [ 878.767573][T27029] FAT-fs (loop1): Directory bread(block 66) failed [ 878.825444][T27029] FAT-fs (loop1): Directory bread(block 67) failed [ 878.835169][T27029] FAT-fs (loop1): Directory bread(block 68) failed [ 878.841688][T27029] FAT-fs (loop1): Directory bread(block 69) failed [ 878.897384][T27029] FAT-fs (loop1): Directory bread(block 70) failed [ 878.943362][T27029] FAT-fs (loop1): Directory bread(block 71) failed [ 878.993180][T27029] FAT-fs (loop1): Directory bread(block 72) failed [ 879.031810][T27029] FAT-fs (loop1): Directory bread(block 73) failed [ 879.149865][ T9] usb 3-1: new high-speed USB device number 122 using dummy_hcd [ 879.324169][ T9] usb 3-1: Using ep0 maxpacket: 32 [ 879.343299][ T9] usb 3-1: config index 0 descriptor too short (expected 35577, got 27) [ 879.377596][ T9] usb 3-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 879.415728][ T9] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 879.424683][ T9] usb 3-1: config 1 has no interface number 0 [ 879.468004][ T9] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 879.477840][ T9] usb 3-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 879.490790][ T9] usb 3-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 879.504567][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 879.523662][ T9] snd_usb_pod 3-1:1.1: Line 6 Pocket POD found [ 879.673984][T27027] loop4: detected capacity change from 0 to 32768 [ 879.725677][ T9] snd_usb_pod 3-1:1.1: invalid control EP [ 879.739371][ T9] snd_usb_pod 3-1:1.1: cannot start listening: -22 [ 879.747948][T27027] XFS (loop4): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 879.765077][ T9] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now disconnected [ 879.773151][ T9] snd_usb_pod 3-1:1.1: probe with driver snd_usb_pod failed with error -22 [ 879.876351][T27066] loop1: detected capacity change from 0 to 512 [ 879.892850][T27027] XFS (loop4): Ending clean mount [ 879.905856][T27039] loop7: detected capacity change from 0 to 32768 [ 879.936311][ T9] usb 3-1: USB disconnect, device number 122 [ 880.054975][T27066] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #16: comm syz.1.9093: corrupted inode contents [ 880.127741][T27066] EXT4-fs (loop1): Remounting filesystem read-only [ 880.178186][ T5840] XFS (loop4): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 880.191443][T27066] EXT4-fs (loop1): 1 truncate cleaned up [ 880.206318][T25703] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 880.229094][T27066] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 880.256340][T25703] Quota error (device loop1): write_blk: dquota write failed [ 880.263836][T27066] ext4 filesystem being mounted at /1546/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 880.278973][T25703] Quota error (device loop1): remove_free_dqentry: Can't write block (5) with free entries [ 880.290308][T25703] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 880.309097][T25703] Quota error (device loop1): write_blk: dquota write failed [ 880.340510][T25703] Quota error (device loop1): free_dqentry: Can't move quota data block (5) to free list [ 880.369148][T25703] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started [ 880.396543][T25703] Quota error (device loop1): v2_write_file_info: Can't write info structure [ 880.453798][T25703] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 880.589750][T27082] netlink: 56 bytes leftover after parsing attributes in process `syz.6.9101'. [ 880.685207][T27085] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9103'. [ 880.836528][ T5847] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 881.099562][T27091] loop1: detected capacity change from 0 to 1024 [ 881.111831][T27091] EXT4-fs: Ignoring removed nomblk_io_submit option [ 881.187415][T27091] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 881.257172][T27091] System zones: 0-1, 3-36 [ 881.360742][T27091] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 881.552754][ T5847] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 881.682422][ T5811] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 881.835410][ T5811] usb 7-1: Using ep0 maxpacket: 8 [ 881.862383][T27081] loop7: detected capacity change from 0 to 32768 [ 881.873669][ T5811] usb 7-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00 [ 881.911260][ T5811] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 881.952991][T27081] ocfs2: Slot 0 on device (7,7) was already allocated to this node! [ 881.958872][ T5811] usb 7-1: Product: syz [ 881.969405][ T5811] usb 7-1: Manufacturer: syz [ 881.973998][ T5811] usb 7-1: SerialNumber: syz [ 881.992258][T27081] JBD2: Ignoring recovery information on journal [ 882.062012][ T5811] usb 7-1: config 0 descriptor?? [ 882.107042][ T5811] radio-usb-si4713 7-1:0.0: Si4713 development board discovered: (10C4:8244) [ 882.181453][T27081] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode. [ 882.499021][ T5811] radio-usb-si4713 7-1:0.0: probe with driver radio-usb-si4713 failed with error -71 [ 882.540614][ T5811] usbhid 7-1:0.0: couldn't find an input interrupt endpoint [ 882.549590][ T9] usb 2-1: new high-speed USB device number 120 using dummy_hcd [ 882.579755][ T5811] usb 7-1: USB disconnect, device number 4 [ 882.641172][T27139] netlink: 1 bytes leftover after parsing attributes in process `syz.0.9127'. [ 882.652031][T24350] ocfs2: Unmounting device (7,7) on (node local) [ 882.736920][T27140] loop2: detected capacity change from 0 to 4096 [ 882.743440][ T9] usb 2-1: Using ep0 maxpacket: 8 [ 882.769986][ T9] usb 2-1: config 179 has an invalid interface number: 65 but max is 0 [ 882.795202][T27140] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 882.807342][ T9] usb 2-1: config 179 has no interface number 0 [ 882.813620][ T9] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 882.831645][ T9] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 882.872921][T27140] ntfs3(loop2): ino=19, mi_enum_attr [ 882.878899][T27140] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 882.888616][ T9] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 882.956349][ T9] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 882.995530][ T9] usb 2-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 883.068798][ T9] usb 2-1: config 179 interface 65 has no altsetting 0 [ 883.095881][ T9] usb 2-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 883.105131][T27148] netlink: 'syz.0.9133': attribute type 1 has an invalid length. [ 883.131055][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 883.217191][ T9] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:179.65/input/input72 [ 883.468139][ T9] usb 2-1: USB disconnect, device number 120 [ 883.474252][ C0] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 883.574148][T27164] loop6: detected capacity change from 0 to 8 [ 883.686137][T27170] loop0: detected capacity change from 0 to 256 [ 883.698092][T27171] loop7: detected capacity change from 0 to 256 [ 883.715050][T27164] SQUASHFS error: lzo decompression failed, data probably corrupt [ 883.785685][T27170] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d) [ 883.788537][T27164] SQUASHFS error: Failed to read block 0x0: -5 [ 883.806537][T27171] exFAT-fs (loop7): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 883.835877][T27164] SQUASHFS error: lzo decompression failed, data probably corrupt [ 883.893486][T27171] exFAT-fs (loop7): start_clu is invalid cluster(0xffffffff) [ 883.902601][T27164] SQUASHFS error: Failed to read block 0x0: -5 [ 883.911286][ T31] audit: type=1800 audit(2000000440.433:152): pid=27164 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.9139" name="file2" dev="loop6" ino=3 res=0 errno=0 [ 884.390921][T27179] bond0: option packets_per_slave: invalid value (18446744073709551615) [ 884.422532][T27179] bond0: option packets_per_slave: allowed values 0 - 65535 [ 884.462091][T27192] loop1: detected capacity change from 0 to 256 [ 884.472319][T27179] bond0 (unregistering): Released all slaves [ 884.939474][T27203] vti0: entered promiscuous mode [ 885.121539][T27211] siw: device registration error -23 [ 885.284083][T27186] loop2: detected capacity change from 0 to 32768 [ 885.354271][T27186] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 885.464131][T25728] usb 5-1: new high-speed USB device number 122 using dummy_hcd [ 885.562335][T27186] XFS (loop2): Ending clean mount [ 885.616817][T25728] usb 5-1: Using ep0 maxpacket: 8 [ 885.665920][T25728] usb 5-1: New USB device found, idVendor=093b, idProduct=a104, bcdDevice= 0.01 [ 885.702552][T25728] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 885.710553][T25728] usb 5-1: Product: syz [ 885.752375][T25728] usb 5-1: Manufacturer: syz [ 885.756986][T25728] usb 5-1: SerialNumber: syz [ 885.812176][T25728] usb 5-1: config 0 descriptor?? [ 885.827806][ T5842] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 885.830833][T25728] go7007 5-1:0.0: probe with driver go7007 failed with error -12 [ 886.045624][T27253] x_tables: duplicate underflow at hook 2 [ 886.109511][ T5969] usb 5-1: USB disconnect, device number 122 [ 886.494721][T27273] netlink: 'syz.0.9187': attribute type 49 has an invalid length. [ 886.680565][T27271] loop1: detected capacity change from 0 to 4096 [ 886.723443][T27271] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512). [ 886.858413][T27286] loop7: detected capacity change from 0 to 512 [ 886.874128][T25728] usb 3-1: new high-speed USB device number 123 using dummy_hcd [ 886.932552][T27286] EXT4-fs (loop7): revision level too high, forcing read-only mode [ 887.016279][T27286] EXT4-fs (loop7): orphan cleanup on readonly fs [ 887.029297][T27286] Quota error (device loop7): v2_read_file_info: Free block number 1 out of range (1, 6). [ 887.051448][T27286] EXT4-fs warning (device loop7): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 887.068073][T27286] EXT4-fs (loop7): Cannot turn on quotas: error -117 [ 887.075832][T25728] usb 3-1: config 220 has an invalid interface number: 76 but max is 2 [ 887.092951][T25728] usb 3-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 887.108014][T25728] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 887.119825][T27286] EXT4-fs (loop7): 1 truncate cleaned up [ 887.147719][T27286] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 887.182114][T25728] usb 3-1: config 220 has no interface number 2 [ 887.200443][T25728] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 887.257289][T25728] usb 3-1: config 220 interface 0 has no altsetting 0 [ 887.264082][T25728] usb 3-1: config 220 interface 76 has no altsetting 0 [ 887.287536][T27299] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9199'. [ 887.308184][T27286] EXT4-fs error (device loop7): ext4_lookup:1789: inode #2: comm syz.7.9193: deleted inode referenced: 12 [ 887.359269][T25728] usb 3-1: config 220 interface 1 has no altsetting 0 [ 887.380255][T25728] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 887.404895][T25728] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 887.444399][T25728] usb 3-1: Product: syz [ 887.458704][T25728] usb 3-1: Manufacturer: syz [ 887.463297][T25728] usb 3-1: SerialNumber: syz [ 887.514954][T24350] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 887.738401][T25728] usb 3-1: selecting invalid altsetting 0 [ 887.758755][T25728] uvcvideo 3-1:220.0: Found UVC 7.01 device syz (8086:0b07) [ 887.767469][T25728] uvcvideo 3-1:220.0: No valid video chain found. [ 887.858603][T25728] usb 3-1: selecting invalid altsetting 0 [ 887.864374][T25728] usbtest 3-1:220.1: probe with driver usbtest failed with error -22 [ 887.929169][T25728] usb 3-1: USB disconnect, device number 123 [ 887.994266][T27322] loop7: detected capacity change from 0 to 512 [ 888.037300][T27322] EXT4-fs: Ignoring removed mblk_io_submit option [ 888.094697][T27322] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 888.151282][T27322] EXT4-fs (loop7): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 888.192850][T27322] EXT4-fs (loop7): revision level too high, forcing read-only mode [ 888.207175][T27322] EXT4-fs (loop7): orphan cleanup on readonly fs [ 888.215152][T27322] EXT4-fs error (device loop7): ext4_read_block_bitmap_nowait:483: comm syz.7.9211: Invalid block bitmap block 0 in block_group 0 [ 888.231390][T27322] EXT4-fs (loop7): Remounting filesystem read-only [ 888.238555][T27322] Quota error (device loop7): write_blk: dquota write failed [ 888.246293][T27322] Quota error (device loop7): write_blk: dquota write failed [ 888.253726][T27322] Quota error (device loop7): qtree_write_dquot: Error -28 occurred while creating quota [ 888.266660][T27322] EXT4-fs (loop7): 1 orphan inode deleted [ 888.321623][T27322] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 888.548304][T27342] netlink: 260 bytes leftover after parsing attributes in process `syz.2.9219'. [ 888.580879][T24350] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 888.615244][T27346] workqueue: name exceeds WQ_NAME_LEN. Truncating to: 1^!l1*$pOcɔr$G [ 888.837033][T27353] netlink: 8 bytes leftover after parsing attributes in process `syz.7.9223'. [ 889.185803][T27369] loop0: detected capacity change from 0 to 1764 [ 889.248106][T27369] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 889.758723][T27388] loop0: detected capacity change from 0 to 4096 [ 889.846216][T27388] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512). [ 889.944760][T27388] ntfs3(loop0): ino=1e, "file1" ntfs_sync_inode failed, -22. [ 890.007853][T27388] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 890.028444][T27403] netlink: 64 bytes leftover after parsing attributes in process `syz.4.9250'. [ 890.198559][ T6667] ntfs3(loop0): ino=1e, ntfs3_write_inode failed, -22. [ 890.476174][T27419] loop4: detected capacity change from 0 to 256 [ 890.552746][T27419] FAT-fs (loop4): Directory bread(block 64) failed [ 890.559319][T27419] FAT-fs (loop4): Directory bread(block 65) failed [ 890.610776][T27419] FAT-fs (loop4): Directory bread(block 66) failed [ 890.617308][T27419] FAT-fs (loop4): Directory bread(block 67) failed [ 890.664054][T27419] FAT-fs (loop4): Directory bread(block 68) failed [ 890.681239][T27419] FAT-fs (loop4): Directory bread(block 69) failed [ 890.712463][T27419] FAT-fs (loop4): Directory bread(block 70) failed [ 890.743117][T27419] FAT-fs (loop4): Directory bread(block 71) failed [ 890.780054][T27419] FAT-fs (loop4): Directory bread(block 72) failed [ 890.786607][T27419] FAT-fs (loop4): Directory bread(block 73) failed [ 891.069586][T27396] loop7: detected capacity change from 0 to 32768 [ 891.103153][T27396] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.9247 (27396) [ 891.175282][T27396] BTRFS info (device loop7): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 891.242983][T27396] BTRFS info (device loop7): using sha256 (sha256-lib) checksum algorithm [ 891.457983][T27459] loop6: detected capacity change from 0 to 164 [ 891.527100][T27396] BTRFS info (device loop7): enabling ssd optimizations [ 891.570272][T27396] BTRFS info (device loop7): turning on async discard [ 891.577060][T27396] BTRFS info (device loop7): enabling free space tree [ 891.656973][T23799] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 891.718694][T23799] ISOFS: unable to read i-node block [ 891.744382][T23799] ISOFS: unable to read i-node block [ 891.856464][T24350] BTRFS info (device loop7): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 892.717373][ T78] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 892.850359][ T78] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 892.952810][T27508] loop2: detected capacity change from 0 to 8 [ 893.019035][ T78] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 893.026437][T27508] SQUASHFS error: Failed to read block 0x34e: -5 [ 893.056024][T27508] SQUASHFS error: Unable to read metadata cache entry [34c] [ 893.173858][ T31] audit: type=1800 audit(2000000450.164:153): pid=27508 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.9294" name="file1" dev="loop2" ino=5 res=0 errno=0 [ 893.227676][ T6021] usb 5-1: new high-speed USB device number 123 using dummy_hcd [ 893.259656][ T78] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 893.320776][T26679] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 893.332965][T26679] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 893.340758][T26679] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 893.351023][T26679] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 893.358803][T26679] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 893.428359][ T6021] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 893.494321][T27517] wlan0 speed is unknown, defaulting to 1000 [ 893.500518][ T6021] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 3 [ 893.515574][ T6021] usb 5-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00 [ 893.518747][T27525] overlayfs: failed to resolve './file0': -2 [ 893.536678][T27517] vxcan1 speed is unknown, defaulting to 1000 [ 893.568558][ T6021] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 893.620493][ T6021] usb 5-1: config 0 descriptor?? [ 893.706464][T27531] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 893.874688][T27533] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 894.023065][ T6021] Bluetooth: Can't get state to change to load configuration err [ 894.039527][ T78] bridge_slave_1: left allmulticast mode [ 894.045170][ T78] bridge_slave_1: left promiscuous mode [ 894.065787][ T6021] Bluetooth: Loading sysconfig file failed [ 894.084225][ T6021] ath3k 5-1:0.0: probe with driver ath3k failed with error -16 [ 894.094898][ T78] bridge0: port 2(bridge_slave_1) entered disabled state [ 894.131733][ T6021] usb 5-1: USB disconnect, device number 123 [ 894.163301][ T78] bridge_slave_0: left allmulticast mode [ 894.208992][ T78] bridge_slave_0: left promiscuous mode [ 894.214783][ T78] bridge0: port 1(bridge_slave_0) entered disabled state [ 894.784049][T27557] loop1: detected capacity change from 0 to 512 [ 894.849731][T27557] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 894.896725][T27561] netlink: 40 bytes leftover after parsing attributes in process `syz.4.9315'. [ 894.931261][T27557] EXT4-fs (loop1): 1 truncate cleaned up [ 894.960751][T27557] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 894.974786][T27528] loop2: detected capacity change from 0 to 32768 [ 895.053182][T27557] cifs: Unknown parameter 'quota' [ 895.059857][T27557] CIFS mount error: No usable UNC path provided in device string! [ 895.059857][T27557] [ 895.071287][T27557] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 895.113250][T27528] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 895.231340][T27528] XFS (loop2): Ending clean mount [ 895.286835][ T5847] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 895.353097][T26679] Bluetooth: hci6: command tx timeout [ 895.514869][ T5842] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 895.567119][T27590] loop0: detected capacity change from 0 to 512 [ 895.665737][T27590] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 895.772367][T27590] ext4 filesystem being mounted at /1541/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 895.894694][T27598] netlink: 'syz.2.9325': attribute type 21 has an invalid length. [ 895.911007][T27590] EXT4-fs error (device loop0): ext4_xattr_block_find:1878: inode #15: comm syz.0.9322: corrupted xattr block 33: invalid ea_ino [ 895.977276][T27590] EXT4-fs (loop0): Remounting filesystem read-only [ 896.072516][ T1076] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 896.090066][ T1076] Quota error (device loop0): write_blk: dquota write failed [ 896.100482][ T5854] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 896.111188][ T1076] Quota error (device loop0): remove_free_dqentry: Can't write block (5) with free entries [ 896.122238][ T1076] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 896.133183][ T1076] Quota error (device loop0): write_blk: dquota write failed [ 896.140948][ T1076] Quota error (device loop0): free_dqentry: Can't move quota data block (5) to free list [ 896.152362][ T1076] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started [ 896.164299][ T1076] Quota error (device loop0): v2_write_file_info: Can't write info structure [ 896.284326][T27605] loop1: detected capacity change from 0 to 512 [ 896.318615][T27605] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 896.336553][ T78] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 896.354921][T27605] EXT4-fs (loop1): 1 truncate cleaned up [ 896.367797][T27605] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 896.388969][ T78] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 896.407218][ T78] bond0 (unregistering): Released all slaves [ 896.432204][T27598] netlink: 132 bytes leftover after parsing attributes in process `syz.2.9325'. [ 896.442529][T27598] netlink: 'syz.2.9325': attribute type 1 has an invalid length. [ 896.443786][T27517] wg0 speed is unknown, defaulting to 1000 [ 896.484347][ T5847] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 896.537099][ T78] : left promiscuous mode [ 897.087526][T27634] overlayfs: unescaped trailing colons in lowerdir mount option. [ 897.240238][T27640] loop7: detected capacity change from 0 to 64 [ 897.296780][T27640] syz.7.9343: attempt to access beyond end of device [ 897.296780][T27640] loop7: rw=8388608, sector=1024, nr_sectors = 2 limit=64 [ 897.317431][T18669] usb 3-1: new high-speed USB device number 124 using dummy_hcd [ 897.325414][T27642] netlink: 20 bytes leftover after parsing attributes in process `syz.1.9342'. [ 897.335564][T26679] Bluetooth: hci6: command tx timeout [ 897.423770][T27640] Buffer I/O error on dev loop7, logical block 512, async page read [ 897.445861][T27640] syz.7.9343: attempt to access beyond end of device [ 897.445861][T27640] loop7: rw=8388608, sector=113152, nr_sectors = 2 limit=64 [ 897.471896][T27646] loop0: detected capacity change from 0 to 1024 [ 897.542865][T18669] usb 3-1: Using ep0 maxpacket: 32 [ 897.551219][T27646] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869) [ 897.565303][T27640] Buffer I/O error on dev loop7, logical block 56576, async page read [ 897.586484][T18669] usb 3-1: New USB device found, idVendor=05ac, idProduct=023f, bcdDevice=e0.d8 [ 897.611755][T27646] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 897.621952][T18669] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 897.679676][T27646] EXT4-fs (loop0): invalid journal inode [ 897.702407][T18669] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:16.0/input/input73 [ 897.708228][T27646] EXT4-fs (loop0): can't get journal size [ 897.782025][T27646] EXT4-fs error (device loop0): ext4_map_blocks:783: inode #3: block 17104912: comm syz.0.9345: lblock 2 mapped to illegal pblock 17104912 (length 1) [ 897.819974][T27646] EXT4-fs (loop0): Remounting filesystem read-only [ 897.865648][ T5180] bcm5974 3-1:16.0: could not read from device [ 897.866015][ T6010] usb 3-1: USB disconnect, device number 124 [ 897.879062][T27646] EXT4-fs (loop0): failed to initialize system zone (-117) [ 897.953082][T27646] EXT4-fs (loop0): mount failed [ 898.105581][T27664] /dev/nullb0: Can't open blockdev [ 898.159774][T27665] loop1: detected capacity change from 0 to 256 [ 898.169859][T27646] loop0: detected capacity change from 0 to 512 [ 898.194027][T27517] chnl_net:caif_netlink_parms(): no params data found [ 898.217282][T27646] EXT4-fs: Ignoring removed nobh option [ 898.254096][T27646] EXT4-fs (loop0): Test dummy encryption mode enabled [ 898.316236][T27646] EXT4-fs error (device loop0): __ext4_iget:5426: inode #11: block 1: comm syz.0.9345: invalid block [ 898.345204][T27646] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.9345: couldn't read orphan inode 11 (err -117) [ 898.507217][T27646] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 898.683208][ T5854] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 898.923143][T27517] bridge0: port 1(bridge_slave_0) entered blocking state [ 898.932755][T27692] openvswitch: netlink: IP tunnel dst address not specified [ 898.978559][T27517] bridge0: port 1(bridge_slave_0) entered disabled state [ 898.997461][T27517] bridge_slave_0: entered allmulticast mode [ 899.018060][T27517] bridge_slave_0: entered promiscuous mode [ 899.051724][T27517] bridge0: port 2(bridge_slave_1) entered blocking state [ 899.078629][T27517] bridge0: port 2(bridge_slave_1) entered disabled state [ 899.120024][T27517] bridge_slave_1: entered allmulticast mode [ 899.122960][T27698] loop1: detected capacity change from 0 to 256 [ 899.146062][T27517] bridge_slave_1: entered promiscuous mode [ 899.195759][T27698] exfat: Deprecated parameter 'namecase' [ 899.232115][T27698] exfat: Deprecated parameter 'utf8' [ 899.283505][T27698] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 899.321721][ T78] hsr_slave_0: left promiscuous mode [ 899.327776][T26679] Bluetooth: hci6: command tx timeout [ 899.357052][ T78] hsr_slave_1: left promiscuous mode [ 899.369471][ T78] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 899.378358][ T78] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 899.423332][ T78] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 899.459720][ T78] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 899.569190][ T78] veth1_vlan: left promiscuous mode [ 899.580213][ T78] veth0_vlan: left promiscuous mode [ 899.830864][T27714] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9371'. [ 899.842615][T27714] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9371'. [ 900.271215][ T78] team0 (unregistering): Port device team_slave_1 removed [ 900.317184][ T78] team0 (unregistering): Port device team_slave_0 removed [ 900.388360][T27718] loop0: detected capacity change from 0 to 32768 [ 900.928337][T27517] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 900.972237][T27720] netlink: 'syz.0.9374': attribute type 21 has an invalid length. [ 900.980950][T27517] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 901.118036][T27720] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9374'. [ 901.302703][T26679] Bluetooth: hci6: command tx timeout [ 901.345632][T27517] team0: Port device team_slave_0 added [ 901.393568][T27517] team0: Port device team_slave_1 added [ 901.613302][T27517] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 901.652705][T27517] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 901.762679][T27517] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 901.820396][T27517] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 901.846772][T27517] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 901.876612][ T6010] usb 3-1: new low-speed USB device number 125 using dummy_hcd [ 901.891956][T27517] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 902.032137][ T6010] usb 3-1: config index 0 descriptor too short (expected 1307, got 27) [ 902.058500][ T6010] usb 3-1: config 0 has an invalid interface number: 0 but max is -1 [ 902.085489][ T6010] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 902.128533][ T6010] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30 [ 902.171733][ T6010] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 902.192812][ T6010] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 902.205645][ T6010] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246 [ 902.270364][T27517] hsr_slave_0: entered promiscuous mode [ 902.279144][ T6010] usb 3-1: string descriptor 0 read error: -22 [ 902.304898][T27517] hsr_slave_1: entered promiscuous mode [ 902.322966][ T6010] usb 3-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 902.368122][ T6010] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 902.407872][ T6010] usb 3-1: config 0 descriptor?? [ 902.428556][ T6010] hub 3-1:0.0: bad descriptor, ignoring hub [ 902.458953][ T6010] hub 3-1:0.0: probe with driver hub failed with error -5 [ 902.477357][T27743] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 902.487003][ T6010] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input74 [ 902.494950][T27743] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 902.636906][T27743] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 902.711271][ T6010] usb 3-1: USB disconnect, device number 125 [ 902.752145][T27776] loop0: detected capacity change from 0 to 16 [ 902.849097][T27776] erofs (device loop0): mounted with root inode @ nid 36. [ 902.934395][T25728] usb 2-1: new high-speed USB device number 121 using dummy_hcd [ 903.090744][T25728] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 903.134492][T25728] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 903.161032][T25728] usb 2-1: Product: syz [ 903.172317][T25728] usb 2-1: Manufacturer: syz [ 903.191024][T25728] usb 2-1: SerialNumber: syz [ 903.269063][T25728] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 903.335896][ T6010] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 903.384753][T27517] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 903.465168][T27517] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 903.541512][T27517] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 903.602915][T27517] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 903.810998][T26679] Bluetooth: hci6: command 0x0c1a tx timeout [ 903.909405][T25728] usb 2-1: USB disconnect, device number 121 [ 903.985547][T27814] loop4: detected capacity change from 0 to 2048 [ 904.014004][T27814] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 904.051653][T27810] loop0: detected capacity change from 0 to 1764 [ 904.077918][T27817] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 904.089291][T27814] syz.4.9410: attempt to access beyond end of device [ 904.089291][T27814] loop4: rw=8912896, sector=33554430, nr_sectors = 2 limit=2048 [ 904.145997][T27820] netlink: 'syz.2.9411': attribute type 10 has an invalid length. [ 904.175121][T27517] 8021q: adding VLAN 0 to HW filter on device bond0 [ 904.186775][T27814] syz.4.9410: attempt to access beyond end of device [ 904.186775][T27814] loop4: rw=8388608, sector=9437254, nr_sectors = 2 limit=2048 [ 904.232396][T27820] netlink: 156 bytes leftover after parsing attributes in process `syz.2.9411'. [ 904.258283][T27814] NILFS (loop4): I/O error reading meta-data file (ino=6, block-offset=0) [ 904.281804][T27517] 8021q: adding VLAN 0 to HW filter on device team0 [ 904.356378][ T6010] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 904.391509][ T6010] ath9k_htc: Failed to initialize the device [ 904.428386][T25728] usb 2-1: ath9k_htc: USB layer deinitialized [ 904.445740][ T3547] bridge0: port 1(bridge_slave_0) entered blocking state [ 904.452892][ T3547] bridge0: port 1(bridge_slave_0) entered forwarding state [ 904.509683][T27823] netlink: 24 bytes leftover after parsing attributes in process `syz.7.9413'. [ 904.550374][ T3547] bridge0: port 2(bridge_slave_1) entered blocking state [ 904.557555][ T3547] bridge0: port 2(bridge_slave_1) entered forwarding state [ 904.621464][T27827] netlink: 48 bytes leftover after parsing attributes in process `syz.0.9414'. [ 904.741700][T27823] bond2: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 904.799383][T27823] bond2 (unregistering): Released all slaves [ 905.325893][T27857] loop0: detected capacity change from 0 to 512 [ 905.382777][T27857] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 905.459170][T27857] EXT4-fs (loop0): 1 truncate cleaned up [ 905.498061][T27857] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 905.662497][T27868] loop4: detected capacity change from 0 to 2048 [ 905.671963][T27857] EXT4-fs error (device loop0): ext4_generic_delete_entry:2666: inode #2: block 13: comm syz.0.9424: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 905.713064][T27868] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 905.784667][T27857] EXT4-fs error (device loop0) in ext4_delete_entry:2737: Corrupt filesystem [ 905.801917][T26679] Bluetooth: hci6: command 0x0c1a tx timeout [ 905.831501][T27876] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 905.831784][T27868] syz.4.9428: attempt to access beyond end of device [ 905.831784][T27868] loop4: rw=8912896, sector=33554430, nr_sectors = 2 limit=2048 [ 905.869698][T27857] EXT4-fs warning (device loop0): ext4_rename_delete:3729: inode #2: comm syz.0.9424: Deleting old file: nlink 4, error=-117 [ 905.891685][T27517] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 906.025127][T27868] syz.4.9428: attempt to access beyond end of device [ 906.025127][T27868] loop4: rw=8388608, sector=33554430, nr_sectors = 2 limit=2048 [ 906.058893][T27868] NILFS (loop4): I/O error reading meta-data file (ino=6, block-offset=3) [ 906.059179][T27882] No control pipe specified [ 906.076240][ T5854] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 906.679683][T27906] loop2: detected capacity change from 0 to 512 [ 906.754564][T27906] EXT4-fs (loop2): 1 truncate cleaned up [ 906.791704][T27906] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 907.045255][T27920] loop7: detected capacity change from 0 to 64 [ 907.091163][ T5842] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 907.126255][T27920] syz.7.9447: attempt to access beyond end of device [ 907.126255][T27920] loop7: rw=8388608, sector=65534, nr_sectors = 2 limit=64 [ 907.213444][T27517] veth0_vlan: entered promiscuous mode [ 907.230388][T27920] Buffer I/O error on dev loop7, logical block 32767, async page read [ 907.282386][T27517] veth1_vlan: entered promiscuous mode [ 907.408532][T27929] loop2: detected capacity change from 0 to 1024 [ 907.464901][T27517] veth0_macvtap: entered promiscuous mode [ 907.479193][T27932] netlink: 'syz.4.9452': attribute type 10 has an invalid length. [ 907.527173][T27517] veth1_macvtap: entered promiscuous mode [ 907.624211][T27517] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 907.759202][T27517] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 907.783340][T26679] Bluetooth: hci6: command 0x0c1a tx timeout [ 907.863578][T25703] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 907.875821][ T31] audit: type=1107 audit(2000000465.596:154): pid=27940 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 907.912120][T25703] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 907.966544][T25703] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 908.068611][T25703] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 908.286938][T27962] loop4: detected capacity change from 0 to 256 [ 908.337666][ T3565] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 908.354262][T27962] exfat: Deprecated parameter 'utf8' [ 908.360143][ T3565] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 908.391533][T27962] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 908.520656][ T78] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 908.558034][ T78] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 908.795367][T27975] loop4: detected capacity change from 0 to 256 [ 909.143403][T27990] netlink: 'syz.1.9478': attribute type 11 has an invalid length. [ 909.196819][T27990] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9478'. [ 909.523666][T28007] loop0: detected capacity change from 0 to 512 [ 909.619407][T28007] FAT-fs (loop0): error, corrupted file size (i_pos 51, 9216) [ 909.716853][ T773] usb 2-1: new high-speed USB device number 122 using dummy_hcd [ 909.883154][ T773] usb 2-1: config 2 has an invalid interface number: 174 but max is 0 [ 909.911218][ T773] usb 2-1: config 2 has no interface number 0 [ 909.936070][ T773] usb 2-1: config 2 interface 174 altsetting 0 has an endpoint descriptor with address 0x9E, changing to 0x8E [ 909.970746][ T773] usb 2-1: config 2 interface 174 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 1023 [ 909.994456][T28022] loop4: detected capacity change from 0 to 2048 [ 910.005176][ T773] usb 2-1: config 2 interface 174 altsetting 0 endpoint 0x82 has invalid maxpacket 51986, setting to 1024 [ 910.046964][T28022] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 910.066393][ T773] usb 2-1: config 2 interface 174 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024 [ 910.112757][T28027] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9496'. [ 910.137749][ T773] usb 2-1: New USB device found, idVendor=0424, idProduct=012c, bcdDevice=22.7e [ 910.166132][ T773] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 910.169570][T28027] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9496'. [ 910.185881][T28029] Cannot find del_set index 2 as target [ 910.194266][ T773] usb 2-1: Product: syz [ 910.205050][ T773] usb 2-1: Manufacturer: syz [ 910.217406][ T5840] UDF-fs: error (device loop4): udf_read_inode: (ino 1440) failed !bh [ 910.220213][ T773] usb 2-1: SerialNumber: syz [ 910.239169][T28027] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9496'. [ 910.248880][T28002] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 910.255607][ T5840] UDF-fs: error (device loop4): udf_read_inode: (ino 1440) failed !bh [ 910.267259][T28002] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 910.290916][T28027] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9496'. [ 910.304899][T28027] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9496'. [ 910.314732][T28027] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9496'. [ 910.326920][T28027] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9496'. [ 910.345112][T28027] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9496'. [ 910.357633][T28027] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9496'. [ 910.378252][T28027] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9496'. [ 910.480141][ T773] usb 2-1: probing VID:PID(0424:012C) [ 910.526221][ T773] usb 2-1: vub300 testing BULK IN EndPoint(0) 8E [ 910.532572][ T773] usb 2-1: vub300 testing BULK IN EndPoint(1) 82 [ 910.543878][ T773] usb 2-1: Could not find two sets of bulk-in/out endpoint pairs [ 910.552436][ T773] vub300 2-1:2.174: probe with driver vub300 failed with error -22 [ 910.565692][ T773] usb 2-1: USB disconnect, device number 122 [ 910.869928][ T6022] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 910.948832][ T6022] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 911.091495][ T6022] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 911.256101][T28048] bond1: entered allmulticast mode [ 911.261794][T28048] 8021q: adding VLAN 0 to HW filter on device bond1 [ 911.347900][ T6022] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 911.416621][ T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 911.429646][ T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 911.439223][ T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 911.455291][ T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 911.464084][ T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 911.676448][T28056] wlan0 speed is unknown, defaulting to 1000 [ 911.709857][T28056] vxcan1 speed is unknown, defaulting to 1000 [ 911.736986][ T32] INFO: task syz-executor:5841 blocked for more than 143 seconds. [ 911.749036][ T32] Not tainted syzkaller #0 [ 911.753971][ T32] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 911.793472][ T32] task:syz-executor state:D stack:21560 pid:5841 tgid:5841 ppid:1 task_flags:0x400140 flags:0x00080002 [ 911.814916][ T32] Call Trace: [ 911.818230][ T32] [ 911.823593][ T32] __schedule+0x14bc/0x5000 [ 911.831343][ T32] ? __pfx___schedule+0x10/0x10 [ 911.858221][ T32] ? schedule+0x91/0x360 [ 911.878834][ T32] schedule+0x165/0x360 [ 911.904283][ T32] io_schedule+0x80/0xd0 [ 911.926682][ T32] folio_wait_bit_common+0x6b0/0xb80 [ 911.938615][T28075] loop2: detected capacity change from 0 to 1024 [ 911.963419][ T32] ? __pfx_folio_wait_bit_common+0x10/0x10 [ 912.012120][ T32] ? __pfx_wake_page_function+0x10/0x10 [ 912.017708][ T32] ? folios_put_refs+0x584/0x670 [ 912.107107][ T32] ? __pfx_find_lock_entries+0x10/0x10 [ 912.154899][ T32] ? __filemap_get_folio_mpol+0x81/0xb00 [ 912.160556][ T32] __filemap_get_folio_mpol+0x13e/0xb00 [ 912.207928][T28075] hfsplus: inconsistency in B*Tree (9,1,255,1,0) [ 912.211091][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 912.281796][ T32] truncate_inode_pages_range+0x3f0/0xd90 [ 912.307412][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 912.313585][ T32] ? kasan_save_stack+0x4d/0x60 [ 912.326798][ T32] ? kasan_save_stack+0x3e/0x60 [ 912.331688][ T32] ? kasan_record_aux_stack+0xbd/0xd0 [ 912.353640][ T32] ? deactivate_locked_super+0xbc/0x130 [ 912.366184][ T32] ? task_work_run+0x1d4/0x260 [ 912.372202][ T32] ? exit_to_user_mode_loop+0xff/0x4f0 [ 912.378208][ T32] ? do_syscall_64+0x2e3/0xf80 [ 912.383012][ T32] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 912.401545][ T32] ? __pfx_truncate_inode_pages_range+0x10/0x10 [ 912.407942][ T32] ? __lock_acquire+0x6b6/0x2cf0 [ 912.424889][ T32] ? _raw_spin_unlock_irq+0x23/0x50 [ 912.430117][ T32] ? lockdep_hardirqs_on+0x98/0x140 [ 912.442854][ T32] evict+0x607/0xae0 [ 912.446773][ T32] ? __pfx_evict+0x10/0x10 [ 912.451738][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 912.457417][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 912.463545][ T32] ? do_raw_spin_unlock+0x122/0x240 [ 912.470050][ T32] evict_inodes+0x753/0x7e0 [ 912.474606][ T32] ? __pfx_evict_inodes+0x10/0x10 [ 912.480011][ T32] generic_shutdown_super+0x9a/0x2c0 [ 912.485323][ T32] kill_block_super+0x44/0x90 [ 912.490557][ T32] deactivate_locked_super+0xbc/0x130 [ 912.495956][ T32] cleanup_mnt+0x425/0x4c0 [ 912.507070][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 912.513043][ T32] ? lockdep_hardirqs_on+0x98/0x140 [ 912.518536][ T32] task_work_run+0x1d4/0x260 [ 912.523178][ T32] ? __pfx_task_work_run+0x10/0x10 [ 912.530737][ T32] ? exit_to_user_mode_loop+0x55/0x4f0 [ 912.539075][ T32] exit_to_user_mode_loop+0xff/0x4f0 [ 912.544370][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 912.550512][ T32] ? rcu_is_watching+0x15/0xb0 [ 912.556495][ T32] do_syscall_64+0x2e3/0xf80 [ 912.561110][ T32] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 912.574623][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 912.580275][ T32] ? exc_page_fault+0xab/0x100 [ 912.581413][T28056] wg0 speed is unknown, defaulting to 1000 [ 912.586060][ T32] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 912.597078][ T32] RIP: 0033:0x7f2368190a77 [ 912.601522][ T32] RSP: 002b:00007fff7da580c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 912.610443][ T32] RAX: 0000000000000000 RBX: 00007f2368213d7d RCX: 00007f2368190a77 [ 912.619086][ T32] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff7da58180 [ 912.627302][ T32] RBP: 00007fff7da58180 R08: 0000000000000000 R09: 0000000000000000 [ 912.635784][ T32] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff7da59210 [ 912.646846][ T32] R13: 00007f2368213d7d R14: 00000000000bbc5c R15: 00007fff7da59250 [ 912.655623][ T32] [ 912.658922][ T32] [ 912.658922][ T32] Showing all locks held in the system: [ 912.672363][ T6022] bridge_slave_1: left allmulticast mode [ 912.678011][ T6022] bridge_slave_1: left promiscuous mode [ 912.741646][ T6022] bridge0: port 2(bridge_slave_1) entered disabled state [ 912.755823][ T32] 1 lock held by khungtaskd/32: [ 912.761047][ T32] #0: ffffffff8df419e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 912.799536][ T3518] hfsplus: b-tree write err: -5, ino 4 [ 912.859640][ T32] 3 locks held by kworker/u8:11/3518: [ 912.865031][ T32] #0: ffff8880b873a918 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 912.916701][ T32] #1: ffff8880b8724588 (psi_seq){-.-.}-{0:0}, at: psi_task_switch+0x53/0x880 [ 912.925647][ T32] #2: ffff8880b87260d8 (&base->lock){-.-.}-{2:2}, at: __mod_timer+0x8ee/0xf30 [ 912.983619][ T32] 2 locks held by getty/5588: [ 912.989260][ T32] #0: ffff88814d26f0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 913.053808][ T32] #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x449/0x1460 [ 913.117259][ T32] 1 lock held by syz-executor/5841: [ 913.122480][ T32] #0: ffff88808be2a0e0 (&type->s_umount_key#107){+.+.}-{4:4}, at: deactivate_super+0xa9/0xe0 [ 913.202478][ T32] 1 lock held by syz-executor/5854: [ 913.207711][ T32] 4 locks held by kworker/0:8/6010: [ 913.240956][ T32] 5 locks held by kworker/u8:16/6022: [ 913.246335][ T32] #0: ffff88801aa9f148 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770 [ 913.310758][ T32] #1: ffffc900045bfb80 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770 [ 913.357688][ T32] #2: ffffffff8f302bb0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x7a0 [ 913.403076][ T32] #3: ffffffff8f30fc48 (rtnl_mutex){+.+.}-{4:4}, at: ops_undo_list+0x2a4/0x990 [ 913.412360][T26679] Bluetooth: hci0: command tx timeout [ 913.441067][ T32] #4: ffffffff8df47538 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x2f6/0x730 [ 913.514149][ T32] 3 locks held by kworker/u8:17/6056: [ 913.537237][ T32] #0: ffff88813ff29948 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770 [ 913.575624][ T32] #1: ffffc900046afb80 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770 [ 913.604864][ T32] #2: ffffffff8f30fc48 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60 [ 913.623487][ T32] 3 locks held by kworker/1:11/13119: [ 913.628967][ T32] #0: ffff88813ff11948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770 [ 913.640416][ T32] #1: ffffc90003defb80 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770 [ 913.651493][ T32] #2: ffffffff8f30fc48 (rtnl_mutex){+.+.}-{4:4}, at: switchdev_deferred_process_work+0xe/0x20 [ 913.661936][ T32] 1 lock held by syz-executor/27517: [ 913.667230][ T32] #0: ffffffff8f30fc48 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3e/0x1c0 [ 913.676352][ T32] 1 lock held by syz.7.9491/28017: [ 913.681513][ T32] #0: ffffffff8f30fc48 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3e/0x1c0 [ 913.690534][ T32] 2 locks held by syz-executor/28056: [ 913.695915][ T32] #0: ffffffff8f302bb0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x3cc/0x570 [ 913.705369][ T32] #1: ffffffff8f30fc48 (rtnl_mutex){+.+.}-{4:4}, at: ip_tunnel_init_net+0x2ab/0x800 [ 913.715051][ T32] [ 913.736559][ T32] ============================================= [ 913.736559][ T32] [ 913.744999][ T32] NMI backtrace for cpu 0 [ 913.745017][ T32] CPU: 0 UID: 0 PID: 32 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) [ 913.745045][ T32] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 913.745061][ T32] Call Trace: [ 913.745071][ T32] [ 913.745082][ T32] dump_stack_lvl+0x189/0x250 [ 913.745122][ T32] ? __pfx_dump_stack_lvl+0x10/0x10 [ 913.745153][ T32] ? __pfx__printk+0x10/0x10 [ 913.745206][ T32] nmi_cpu_backtrace+0x39e/0x3d0 [ 913.745241][ T32] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 913.745274][ T32] ? __pfx__printk+0x10/0x10 [ 913.745312][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 913.745346][ T32] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 913.745396][ T32] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 913.745431][ T32] sys_info+0x135/0x170 [ 913.745455][ T32] watchdog+0xf95/0xfe0 [ 913.745498][ T32] ? watchdog+0x20a/0xfe0 [ 913.745542][ T32] kthread+0x711/0x8a0 [ 913.745581][ T32] ? __pfx_watchdog+0x10/0x10 [ 913.745616][ T32] ? __pfx_kthread+0x10/0x10 [ 913.745647][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 913.745680][ T32] ? _raw_spin_unlock_irq+0x23/0x50 [ 913.745713][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 913.745743][ T32] ? lockdep_hardirqs_on+0x98/0x140 [ 913.745778][ T32] ? __pfx_kthread+0x10/0x10 [ 913.745813][ T32] ret_from_fork+0x599/0xb30 [ 913.745842][ T32] ? __pfx_ret_from_fork+0x10/0x10 [ 913.745880][ T32] ? __switch_to_asm+0x39/0x70 [ 913.745913][ T32] ? __switch_to_asm+0x33/0x70 [ 913.745946][ T32] ? __pfx_kthread+0x10/0x10 [ 913.745981][ T32] ret_from_fork_asm+0x1a/0x30 [ 913.746036][ T32] [ 913.906620][ T32] Sending NMI from CPU 0 to CPUs 1: [ 913.912554][ C1] NMI backtrace for cpu 1 [ 913.912571][ C1] CPU: 1 UID: 0 PID: 37 Comm: kworker/u8:2 Not tainted syzkaller #0 PREEMPT(full) [ 913.912597][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 913.912613][ C1] Workqueue: events_unbound nsim_dev_trap_report_work [ 913.912649][ C1] RIP: 0010:unwind_next_frame+0x130e/0x2390 [ 913.912680][ C1] Code: c1 e8 3f 48 01 c8 48 83 e0 fe 4c 8d 3c 45 00 00 00 00 49 01 ef 4c 89 f8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 0f b6 04 08 <84> c0 75 27 49 63 07 4c 01 f8 49 8d 4f 04 4c 39 e0 48 0f 46 e9 49 [ 913.912699][ C1] RSP: 0018:ffffc90000ad7398 EFLAGS: 00000216 [ 913.912718][ C1] RAX: 0000000000000000 RBX: ffffffff8fa2be44 RCX: dffffc0000000000 [ 913.912735][ C1] RDX: ffffffff8fa2be20 RSI: ffffffff90229732 RDI: ffffffff8bc07b80 [ 913.912753][ C1] RBP: ffffffff8fa2be20 R08: 000000000000000a R09: ffffffff8df419e0 [ 913.912769][ C1] R10: dffffc0000000000 R11: ffffffff81ad9fb0 R12: ffffffff8227d13d [ 913.912787][ C1] R13: ffffffff8fa2be20 R14: ffffc90000ad7468 R15: ffffffff8fa2be30 [ 913.912807][ C1] FS: 0000000000000000(0000) GS:ffff888125f3a000(0000) knlGS:0000000000000000 [ 913.912825][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 913.912842][ C1] CR2: 0000558f0ce82950 CR3: 000000000dd3a000 CR4: 0000000000350ef0 [ 913.912860][ C1] Call Trace: [ 913.912869][ C1] [ 913.912883][ C1] ? unwind_next_frame+0xa5/0x2390 [ 913.912912][ C1] ? kasan_save_track+0x3e/0x80 [ 913.912939][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 913.912976][ C1] arch_stack_walk+0x11c/0x150 [ 913.913007][ C1] ? kasan_save_track+0x3e/0x80 [ 913.913033][ C1] stack_trace_save+0x9c/0xe0 [ 913.913067][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 913.913103][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 913.913130][ C1] ? arch_stack_walk+0x11c/0x150 [ 913.913162][ C1] kasan_save_track+0x3e/0x80 [ 913.913183][ C1] ? kasan_save_track+0x3e/0x80 [ 913.913240][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 913.913268][ C1] __kasan_slab_alloc+0x6c/0x80 [ 913.913295][ C1] kmem_cache_alloc_node_noprof+0x43c/0x720 [ 913.913332][ C1] ? __alloc_skb+0x255/0x430 [ 913.913366][ C1] ? napi_skb_cache_get+0x4a5/0x780 [ 913.913404][ C1] __alloc_skb+0x255/0x430 [ 913.913440][ C1] ? __pfx___alloc_skb+0x10/0x10 [ 913.913473][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 913.913508][ C1] nsim_dev_trap_report_work+0x29a/0xb80 [ 913.913545][ C1] ? process_scheduled_works+0x9ef/0x1770 [ 913.913571][ C1] process_scheduled_works+0xad1/0x1770 [ 913.913615][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 913.913650][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 913.913682][ C1] worker_thread+0x8a0/0xda0 [ 913.913725][ C1] kthread+0x711/0x8a0 [ 913.913757][ C1] ? __pfx_worker_thread+0x10/0x10 [ 913.913781][ C1] ? __pfx_kthread+0x10/0x10 [ 913.913809][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 913.913837][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 913.913868][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 913.913894][ C1] ? lockdep_hardirqs_on+0x98/0x140 [ 913.913926][ C1] ? __pfx_kthread+0x10/0x10 [ 913.913956][ C1] ret_from_fork+0x599/0xb30 [ 913.913980][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 913.914010][ C1] ? __switch_to_asm+0x39/0x70 [ 913.914040][ C1] ? __switch_to_asm+0x33/0x70 [ 913.914069][ C1] ? __pfx_kthread+0x10/0x10 [ 913.914099][ C1] ret_from_fork_asm+0x1a/0x30 [ 913.914143][ C1] [ 914.262800][ T6022] bridge_slave_0: left allmulticast mode [ 914.268454][ T6022] bridge_slave_0: left promiscuous mode [ 914.275850][ T6022] bridge0: port 1(bridge_slave_0) entered disabled state [ 914.295420][ T32] Kernel panic - not syncing: hung_task: blocked tasks [ 914.302274][ T32] CPU: 1 UID: 0 PID: 32 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) [ 914.311370][ T32] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 914.321422][ T32] Call Trace: [ 914.324692][ T32] [ 914.327612][ T32] dump_stack_lvl+0x99/0x250 [ 914.332216][ T32] ? __asan_memcpy+0x40/0x70 [ 914.336792][ T32] ? __pfx_dump_stack_lvl+0x10/0x10 [ 914.341976][ T32] ? __pfx__printk+0x10/0x10 [ 914.346565][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 914.352188][ T32] vpanic+0x237/0x6d0 [ 914.356157][ T32] ? __pfx_vpanic+0x10/0x10 [ 914.360647][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 914.366264][ T32] ? preempt_schedule_common+0x83/0xd0 [ 914.371721][ T32] panic+0xb9/0xc0 [ 914.375430][ T32] ? __pfx_panic+0x10/0x10 [ 914.379835][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 914.385453][ T32] ? preempt_schedule_thunk+0x16/0x30 [ 914.390812][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 914.396428][ T32] ? nmi_trigger_cpumask_backtrace+0x2bb/0x300 [ 914.402572][ T32] watchdog+0xfdf/0xfe0 [ 914.406723][ T32] ? watchdog+0x20a/0xfe0 [ 914.411052][ T32] kthread+0x711/0x8a0 [ 914.415113][ T32] ? __pfx_watchdog+0x10/0x10 [ 914.419782][ T32] ? __pfx_kthread+0x10/0x10 [ 914.424361][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 914.429982][ T32] ? _raw_spin_unlock_irq+0x23/0x50 [ 914.435169][ T32] ? srso_alias_return_thunk+0x5/0xfbef5 [ 914.440791][ T32] ? lockdep_hardirqs_on+0x98/0x140 [ 914.445999][ T32] ? __pfx_kthread+0x10/0x10 [ 914.450578][ T32] ret_from_fork+0x599/0xb30 [ 914.455153][ T32] ? __pfx_ret_from_fork+0x10/0x10 [ 914.460278][ T32] ? __switch_to_asm+0x39/0x70 [ 914.465031][ T32] ? __switch_to_asm+0x33/0x70 [ 914.469783][ T32] ? __pfx_kthread+0x10/0x10 [ 914.474393][ T32] ret_from_fork_asm+0x1a/0x30 [ 914.479161][ T32] [ 914.482428][ T32] Kernel Offset: disabled [ 914.486740][ T32] Rebooting in 86400 seconds..