last executing test programs: 29.744242963s ago: executing program 3 (id=12895): r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000003c0)=@filter={'filter\x00', 0x42, 0x4, 0x360, 0xffffffff, 0x0, 0x1d8, 0x1d8, 0xffffffff, 0xffffffff, 0x2c8, 0x2c8, 0x2c8, 0xffffffff, 0x4, 0x0, {[{{@ip={@local, @remote, 0x0, 0x0, 'ip6gre0\x00', 'veth1_to_team\x00'}, 0x0, 0x70, 0xa8, 0x0, {0x88000000}}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0xffffffffffffffff}, {0xffffffffffffffff}, {0xffffffffffffffff}}}}, {{@ip={@private, @rand_addr=0x64010102, 0x0, 0x0, 'bridge_slave_0\x00'}, 0x0, 0xd0, 0x130, 0x0, {0x122}, [@common=@inet=@dscp={{0x28}}, @common=@unspec=@connbytes={{0x38}, {[{0x7fffffff}, {0x8}], 0x571dc3c1a8f3e291, 0x1}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @broadcast, 0x81, 0xe, [0x19, 0x2a, 0x28, 0x10, 0x32, 0xd, 0x17, 0xf, 0x25, 0x2c, 0x9, 0x37, 0x32, 0x36, 0x22, 0x4], 0x0, 0xa, 0x6}}}, {{@uncond, 0x0, 0x90, 0xf0, 0x0, {}, [@common=@socket0={{0x20}}]}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3c0) 29.443108524s ago: executing program 3 (id=12897): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x14, 0x36, 0x1, 0x0, 0x25dfdbff, "", [@nested={0x4}]}, 0x14}], 0x1}, 0x0) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="58000000020605000000000000000000000000030c000300686173683a6970000900020073797a320000000005000400000000000500050002000000050001000600000014000780080006400000000208000c"], 0x58}}, 0x20000000) 29.030109637s ago: executing program 3 (id=12900): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2000000036000701fcffffff00008100017c00000c0001"], 0x20}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000) 28.792489013s ago: executing program 3 (id=12905): syz_mount_image$nilfs2(&(0x7f0000000180), &(0x7f0000000100)='./file0\x00', 0x3214212, &(0x7f00000000c0)=ANY=[], 0x7, 0xf08, &(0x7f0000001e40)="$eJzs3U1sHNUdAPA368/EJl7zaaCEFFoRKNghidT0FgTqEXHpHRQSGmEoauiBiI/QA6ISokiIU8WBigulUorUSqBKFeqp7alVbz2hXqhUpVKiXhopcRXnPXv3xZPdnaxnvbu/n/T32zdvdv7/8UbOzOzs2wCMrcb6z8OHl4oQPvji/Sdee7b43ZVl926ssW/9ZxF7zRDCVEu/yLb3VVxw6fyrx7Zqi3Bw/WfqhyfPbTx3LoRwJuwLX4Zm+HRl9cInHz6+/7O3Zm9/9/Tzr2/T7m/I9wMAAEbR2b+s/uPBf/354cWLZ/ceDTMby9PxeTP25+Jx/4F4oJyOlxuhvV+0RKvpbL2JGI1svYlsvcksz2RJvqlsO1Ml6013yDfRsmyr/QQAAIBhlM5rm6FoLLf1G43l5avn/Vd8tTBdLL94cvXEqQEVCgAAAFT23zfWb7oVQgghhBBCCCHECMfawqCvQAAAAADjJp8v7Bpn+jtT18bWmt3lP/dYY+vnQx/U/e9f/uHK//Gb/uIAAFDdqB5Npv1Kx9FpHoN8HsGJ7Hm9Hv83su1M9lhn2byCwzLfYFmd+e91pyqrv9fXcVDK6s/nw9ypyurP5+ncqcrqn6m5jqrK6p+tuY6qyurfVXMdVZXVv7vmOqoqq3+u5jqqKqt/vuY6qiqr/6aa66iqrP49NddRVVn9w3JbbVn9zZrrqKqs/sWa66iqrP6ba66jqrL6b6m5jqrK6r+15joG5Z7Ypt/D3my89fw5P6cblnM8AAAAGHf/M/+fEEIIIcQIxG07oAYhhBA7Od4Y9AUIAAAAYODS5wLSp97XojQ+0WF8ssP4VIfx6Q7jMx3GAQAAgBB+//aJO98rNj/nf6Pz4aV5o9L8S73OY5TPR9hr/hud96x9axd6zj8s85YBAAAwXorvf3n5oSc+ennx4tm9R1vOfi/H8900D+hkvDbweeyn+wLms36RzqGPtudplKyXXx+4qWx7T93gjgIAAMAYS+fvzVCsn3I3NvqNxvLy5vn4UpgqTpxcPX4g9tP3s/xpYWrmyvJH6y0bAAAA6MHm+X7RWN7i/D99j+9SmC6WXzy5euLU1f78xvKpRut1gYXN5UXrdYFmtvxgyfJDsZ++v/OHC7vWly8f+9Hqs/3eeQAAABgTp145/fwzq6vHf7zlg/Rp9uut08uD9PmCXp4VQhH6k90DDzzo9sEA/ygBAADb4uuv35/6yaH5P1z9/P/m/Hfp8//7Yr8Z5/b7a1wh3SeQPgdwzef1n27Ps1C23kvt6zWz9SZizGR1z7ZsJ7TMN5iet1iWr9m+nemSfHNZvvksXz5PwWS2fsq3J1uez0+Y1lvIlufzME5mOYos/30BAAAAyq28/MJLK6deOf3IyReeee74c8dfPHTwyPeOHDnw6HcfXVm/r3+l9e5+AAAAYBht3vQ76EoAAAAAAAAAAAAAAAAAAABgfNXxdWKD3kcAAAAYd/95I4RwRghREle/ArP/2938JsrB76MY3di1A2oQQgjR77h4nbGJHVCfEGLHxtpa/k3zAAAAANvr0vlXj7W21zhT9DXfxtbiu7GXY97Uzj/y98UrkVY791j79ZLdfa2GcVf3v3/5hyv/x2/2N/9setD1379G+waOVsv7wMqvllrz3zXZZf58/5+qln9/lv+B0F3+tY+y/E9Xy/9gln93l/mv2f+XquV/KOZfiv3993ebv/31n4lt2o9dXeb/Trb/z4Zu82f73+wyYebhmB8AxlFj0AVsk3SUkI6j52I/7W883Az53Q+9Hv83su1M3nDl7dtNx0F3xH46XprP8ia91j+Xbe+minXmhuWukrL6+/U6brey+qdqrqOqsvqna66jqrL6Z2quo6qy+mdrrqOqsvq7PQ8dtLL6h+W6cln9czXXUVVZ/fM111FVWf29/j8+KGX176m5jqrK6l+ouY6qyuqveFmtdmX1L9ZcR1Vl9d9ccx1VldV/S811VFVW/6011zEod8e27Hw4nX8uxLHUb2b9mS1+l6N6bQEAAACGzb/N/yeGJQ7PD74GIYToW+zaATWI8Y747s/A6xBiNGJt7fLaFYOuQ4jrxdraoK9AMEjb+2lmAHYqf//Hm9d/vHn9x5vXn+tJ9/AXWT+Z6DA+2WF8qsP4dDae/3ud6TB+S7bdtSiN39ph/LYO43s6jN/RYXypw/idHcbv6jB+d4dxAAAAxsPtsXV+CAAAAKPrtV9//s5vH3j6/OLFs3uPhulr5p0/EPsz8b31t2M/n/c+mYrv+f809n8Z2z/G9p/Z+u4/AQAAgO2XvifG+/8AAAAwutL3lDr/BwAAgNG1GFvn/wAAADC6bo6t838AAAAYYcXs1otjm64L3Bfbbuf1AwB2vm/E9p7Y7o3tvbH9ZmzTccD9sf1WTfUBAP3zix/87Mh7xeZ8/4ey8UtxeWqvcebqlYKi0T6T/67Y7o7tt7usJ/8+gG7zJ3u6zLNd+RduMD8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDoa6z8PH14qQvjgi/ef+Pn0O3+7suzejTX2rf8sYq8ZQpjaeF4a3ez/Jq546fyrx1rby7EtwsFQhGJjeXjy3EamuRDCmbAvfBma4dOV1QuffPj4/s/emr393dPPv76Nv4K2/QMAAIBR9P8AAAD//6d9HGQ=") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) llistxattr(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) 28.418143424s ago: executing program 3 (id=12909): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x1) ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000001c0)=0x9) 26.438081099s ago: executing program 3 (id=12931): syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x4040, &(0x7f0000000a80)=ANY=[@ANYBLOB='force,decompose,nls=cp857,uid=', @ANYRESHEX=0xee01, @ANYBLOB="2c6e6f626172726965722c706172743d3078303030303030303030303030303030342c0029da224046557ecb65ded5c50ad3a6a30bc9ff1a3ebc851290177bba8d57fc514869fde9ff0cd99031aef2250bd32f6fe7dffcc4d843c5398f85b2162d81bd51c7ad5d6c6ec22b4391379123720a07da3c987a8779b03b21db3c6542040ee5b3167521a1f384b80673a5e56ff56bf5523200000000079a42c04c9e8f94e57cdc0e3adfa978c6d4d7f05fa88ead40f3ec2bf6239d4c40d4496fb2ded06d4900"/206], 0x20, 0x6fe, &(0x7f0000002100)="$eJzs3U9sG1kZAPBvJrYTd6Wsd9nuFoTUaCsq2EKbxCwtEhIFIZTDCipx2Wto021UJ1slWZRWiHqBBW5wQj3sYREKhz0hDkiLOCCWGxISEvfeK3HgVnHAaMYzie0kTtzGTSm/nzSeN57355vPb8b2pJUD+L+18GZU25HEwrk3NrPt+1vN1v2t5kpZjojJiEgjKt1VJKsRyccRl6O7xCezJ4vukv3Gef3BR++fvfdhs7tVKZa8fjqs3Y7OkBHaxRIzETFRrEdU2a+/q3v0d3ekrpPtuLOEnSkTB8ets0t7lOaHOG+Bp93diInqHs83Ik5ExFTxOSCKq0P6hMM7ciNd5QAAAODY7fWtPb8HPtTzD+NhbMb0WEICAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAZ1TS/c3ApFjSsjwTSfH7/98uquVqteMN9wCfP2D/e9efUCAAAAAAAAAAcPSqO8XTD+NhbMZ0ud1J8r/5v5pvvJQ/PhfvxHosxVqcj81YjI3YiLWYi6hO9/RZ21zc2Fib293yl5G17HQ6d4uW8xHR2NVyfszHDAAAAAAAAADPth/GQkwfdxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAriZjorvLlpbLciLQSEVMRUcvqtSP+WJafBo1HbPenI44DAAAAnkL1Yj2d/Kdb6CT5d/6X8+/9U/FOrMZGLMdGtGIpruX3Arrf+tO/t5ut+1vNlWzZ3fHX/jlSHHmPETER7+4z8mxe4+R2i4X4ZnwnzsVMXIm1WI7vxWJsxFLMRD07iFiMJBr17t2LRhlnf7wTRVeX+0K5Mhjb6YHtU3kk9bgey3ls5+NqrewtzWskcapntN/XIgYy9G6WneSrhUPm6FrP6/WL4r5MofP8IfsYj0Z+5NXtjMxmuS+y8cLeuS+NOE8GR5qLdPse1Es7o2SbgyOVOf/uKDk/UayzXP+kP+dHbcRbaYOZmI+0mH0RL/fn/NZn7r3Y3/hz//jzlRvp6s0b19fPjfGQxqpaFgYz0ezJxCvDZ1+RiVaWifZgJqoHD12aesxjOSK1IhvdC9vhrpbfyEuL8WrPFHw7rsVSXIzZmItLMRtfjvlo9s2wk315rTRX+nOSn2vp7utbfUjwZz7bU+mnB1Qeh/3Hy/LyQk9ee690jXxf8czln8dsT5ZeHD77HuVdoPKpopCN8aPtd5ynQV8mimtzGV35BrVPJn7VyR7XW6s3124s3jrkeGeLdXbavtd/bf71Yx/MY8nmS3bFreRbeU7q5XzJ9n1iO9r+fNWKv7h026W79p3c3teI6ViOb+17ptaKz3C7e+rue2XPfc1836mefX2fcuLtaOWfQgbMPJmsAnBoJ147Uas/qP+t/kH9x/Ub9Temvj55afLTtaj+pfKHid+mv0m/krwWH8QPYvq4IwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgGfB+u07NxdbraW1MRZqjzhWpAfW2XrucB1GI2L4WElRqI07G7fvZPkYodXPit8rPLow/jU1NBv1GNOx/274UdQee4hk/PM5eyWOpMPyh9PyZzoTB7b664WI7jOV4fOnEutT1X3yPLnzukfj5mLr352+OvXoOWWAZ9yFjZVbF9Zv3/nC8sriW0tvLa3OX7p46WLzS3NfvHB9ubU023087iiBcVi/fWfiuGMAAAAAAAAAAAAARlP86/+NtTQrJKP/L53KAXVqa+t7j3z6SR8qAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8D9q4c2otiOJudnzs9n2/a1mK1vK8k7NSkSkEZF8PyL5OOJydJdo9HSX7DfO6w8+ev/svQ+bO31VyvrpsHaH0y6WmImIiWJ9sMk9utnd39We/tqPFF6yfYRZws6UiYPj9t8AAAD//ycX7eY=") syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x800053, 0x0, 0xfc, 0x0, &(0x7f00000000c0)) openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, 0x82) 25.912782733s ago: executing program 32 (id=12931): syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x4040, &(0x7f0000000a80)=ANY=[@ANYBLOB='force,decompose,nls=cp857,uid=', @ANYRESHEX=0xee01, @ANYBLOB="2c6e6f626172726965722c706172743d3078303030303030303030303030303030342c0029da224046557ecb65ded5c50ad3a6a30bc9ff1a3ebc851290177bba8d57fc514869fde9ff0cd99031aef2250bd32f6fe7dffcc4d843c5398f85b2162d81bd51c7ad5d6c6ec22b4391379123720a07da3c987a8779b03b21db3c6542040ee5b3167521a1f384b80673a5e56ff56bf5523200000000079a42c04c9e8f94e57cdc0e3adfa978c6d4d7f05fa88ead40f3ec2bf6239d4c40d4496fb2ded06d4900"/206], 0x20, 0x6fe, &(0x7f0000002100)="$eJzs3U9sG1kZAPBvJrYTd6Wsd9nuFoTUaCsq2EKbxCwtEhIFIZTDCipx2Wto021UJ1slWZRWiHqBBW5wQj3sYREKhz0hDkiLOCCWGxISEvfeK3HgVnHAaMYzie0kTtzGTSm/nzSeN57355vPb8b2pJUD+L+18GZU25HEwrk3NrPt+1vN1v2t5kpZjojJiEgjKt1VJKsRyccRl6O7xCezJ4vukv3Gef3BR++fvfdhs7tVKZa8fjqs3Y7OkBHaxRIzETFRrEdU2a+/q3v0d3ekrpPtuLOEnSkTB8ets0t7lOaHOG+Bp93diInqHs83Ik5ExFTxOSCKq0P6hMM7ciNd5QAAAODY7fWtPb8HPtTzD+NhbMb0WEICAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAZ1TS/c3ApFjSsjwTSfH7/98uquVqteMN9wCfP2D/e9efUCAAAAAAAAAAcPSqO8XTD+NhbMZ0ud1J8r/5v5pvvJQ/PhfvxHosxVqcj81YjI3YiLWYi6hO9/RZ21zc2Fib293yl5G17HQ6d4uW8xHR2NVyfszHDAAAAAAAAADPth/GQkwfdxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAriZjorvLlpbLciLQSEVMRUcvqtSP+WJafBo1HbPenI44DAAAAnkL1Yj2d/Kdb6CT5d/6X8+/9U/FOrMZGLMdGtGIpruX3Arrf+tO/t5ut+1vNlWzZ3fHX/jlSHHmPETER7+4z8mxe4+R2i4X4ZnwnzsVMXIm1WI7vxWJsxFLMRD07iFiMJBr17t2LRhlnf7wTRVeX+0K5Mhjb6YHtU3kk9bgey3ls5+NqrewtzWskcapntN/XIgYy9G6WneSrhUPm6FrP6/WL4r5MofP8IfsYj0Z+5NXtjMxmuS+y8cLeuS+NOE8GR5qLdPse1Es7o2SbgyOVOf/uKDk/UayzXP+kP+dHbcRbaYOZmI+0mH0RL/fn/NZn7r3Y3/hz//jzlRvp6s0b19fPjfGQxqpaFgYz0ezJxCvDZ1+RiVaWifZgJqoHD12aesxjOSK1IhvdC9vhrpbfyEuL8WrPFHw7rsVSXIzZmItLMRtfjvlo9s2wk315rTRX+nOSn2vp7utbfUjwZz7bU+mnB1Qeh/3Hy/LyQk9ee690jXxf8czln8dsT5ZeHD77HuVdoPKpopCN8aPtd5ynQV8mimtzGV35BrVPJn7VyR7XW6s3124s3jrkeGeLdXbavtd/bf71Yx/MY8nmS3bFreRbeU7q5XzJ9n1iO9r+fNWKv7h026W79p3c3teI6ViOb+17ptaKz3C7e+rue2XPfc1836mefX2fcuLtaOWfQgbMPJmsAnBoJ147Uas/qP+t/kH9x/Ub9Temvj55afLTtaj+pfKHid+mv0m/krwWH8QPYvq4IwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgGfB+u07NxdbraW1MRZqjzhWpAfW2XrucB1GI2L4WElRqI07G7fvZPkYodXPit8rPLow/jU1NBv1GNOx/274UdQee4hk/PM5eyWOpMPyh9PyZzoTB7b664WI7jOV4fOnEutT1X3yPLnzukfj5mLr352+OvXoOWWAZ9yFjZVbF9Zv3/nC8sriW0tvLa3OX7p46WLzS3NfvHB9ubU023087iiBcVi/fWfiuGMAAAAAAAAAAAAARlP86/+NtTQrJKP/L53KAXVqa+t7j3z6SR8qAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8D9q4c2otiOJudnzs9n2/a1mK1vK8k7NSkSkEZF8PyL5OOJydJdo9HSX7DfO6w8+ev/svQ+bO31VyvrpsHaH0y6WmImIiWJ9sMk9utnd39We/tqPFF6yfYRZws6UiYPj9t8AAAD//ycX7eY=") syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x800053, 0x0, 0xfc, 0x0, &(0x7f00000000c0)) openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, 0x82) 3.078487366s ago: executing program 4 (id=13197): capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)={0x6, 0x6, 0x3, 0x3, 0xffffffff, 0x40}) r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000100), 0x100, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, 0x0) 2.725446219s ago: executing program 4 (id=13201): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 2.321231417s ago: executing program 6 (id=13209): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001214010028bd7000fcdbdf250800", @ANYRES16=r0], 0x30}, 0x1, 0x0, 0x0, 0x4000014}, 0x4000054) 2.175622647s ago: executing program 2 (id=13211): munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) r0 = socket$inet_udplite(0x2, 0x2, 0x88) sendmmsg$inet(r0, &(0x7f0000000900)=[{{&(0x7f0000000080)={0x2, 0x4e23, @loopback}, 0x10, 0x0}, 0x20000000}, {{&(0x7f0000000000)={0x2, 0x4e23, @loopback}, 0x10, &(0x7f00000002c0)=[{&(0x7f0000000ac0)="6cb76def2c36dab0f366cf47ad785ed2fb5e1fa5fb56d566acdc377060c4ba50a58104620df72c3004bfbc77173110e163f7d8ad60c34cdb064852353438fea809e390e392afbf35311690cd8286a6c49668aee29b7537078dba77963d15c085d7343c1012135d361ac15c082b7ac8db87cc10fe3ffc374c8be18fc53437100a11dddb9981072ec036d513870a5bbf62ce9e39f790f61ef997af390b9f5fc8a699e001c59077c459eb40ee80a3ffeb35737da668ef974592faf129325cd9ad0dc5663950a329804c9f5d261f71165b05dac212cc2afc40f980ddef8773f1045e75de4ec606aef87052e9ac784bb0f5a43f9cac5e44ae1a6dd575ce17a4749dc7cd4d7f76a40676e792e5b31a25703b1f35b48a89ed84582ef8f4ac046695f402c25da1fa6bc732a7016edf093b4c31193130b3bc143702e2b1d23743ca797b24495dc4979b81413701c0597dcd5e3bcc9c2050c18cfe03814d358e0f795e990dc44d2c1b9890514bd5ea94a3f3a1e25a8cdc67133e9176d76dc54c31274cff0101d8a42c103bad1b8b57362446f2c2ed8a69daf3d7306ef3fa2015e4ee1ef3392120b82671d73b07f3082ea69ffa0ebc7b53c78862a3e1ece518c1f0abbe4053b4dfafe815c1fe4b0d079446e80d13af972e00644a0188605d7309812e24cd1158677f94a16a5eb0c5d48b60329fc522026efa596ac913540f2a9b0345f279329bfba29a7dfc8894e6a08eeee3dd974c3de9e0602cfd1e3e584b10dd26cd13f7fb432e72ea85fd1d3a872061bc967d7a67a3a7f09f34cc825db5d9ef3ce0ff9873f8eff342eb30fa970007e2f591f07dc9bc5141a9679a2f7c69aa50894353a7830a0f7cf766aff6e81d7c3b88d730946ce3f327716ef6fd270d5bf467aef288db903f740b6ac27b962a3c6462372e63f8da8505f05d17b364dd8c6b5d449accd01b4c6da297669f098bee986b95e389a2d003539ca9dec8c26b9f6bbb5f7fe6f0b764d99bc0dafcad4121ed6a749ac71fc5deeee54d0e8a2d9dccc87df818258d73c8816b78c1be3670fb14dded879caf925e0f8abf63f55ffee02bbffb465f0303338bd12e22fe94fdaa3f033127ecaf41649232c38e83850fd3ebc890ea5db2763a8389ac49bd9b7f6b81f381d3eeb90d0f596e2b7f7dfa2a0e9453c1f5f359b56aae9e97a51f6c092d25a031843e351f5733a25c5905706618ab569359bdca4932f6471f4f2d152f84cfc0c563885b0d93fd015095a8eb9422e3d17ddaf3f20dde5eeea415f76c0617964198c824b98f4d53ab0d4d734dcd6d07dddd5b77c1bd71208632941973bd5b5aca981137ec21dcd86ba518b3d4979b68f704a2a7d7cfeb9be3edf4b4b3560e930d9dba0bc358cba36a129748c1fa73483a69759ba0c4f2ee2a936899e163c213bb3fe5a28e68669fb2da6bbcdf4c55e933d127a8bc68b8d0e6c6c757fe8ea47f26ceb7c1b3ca8b962eb31a081756ed56fe4385dccc5e2a7a53300e9c8a1a55bcf8db3f828cb3db8485110da631a50199a5c1932b5538a2b1c3cddb4451868a413418e3f761530fd477b2ebb449070c73171964203ad7bad4302af13fa6fe55fb88ede096a7aba95ef3665da778250daa9dd4bd5ecb8a807d83fe6dcf2f0cf5de7a4ef742979afd7d93bb2672ad45f6537640313b1ca8838f3fdc08e57455af6398ce5b253312fe1a88206210831e0de59d1e3f9442fb9dd43f1b9c00d151d3234028990f8bcaf65c0ad9ea1bc20e4b7641ff26969b02ccd60d2d8d2d72fe5fd58068cd6d7525c9e24c4246cd776ecf1f57550bb6bddad5093618797547cde5c07e165bc979bfbb5479c58e89c29efa5fdfa5b4a87917a4275609afc849384458ca980ba5a2aa4d10c761bb3b3a57e3d3b41001cdf6", 0x541}], 0x1}}], 0x2, 0x4080) 2.024526566s ago: executing program 1 (id=13212): r0 = socket$kcm(0x11, 0x2, 0x0) setsockopt$sock_attach_bpf(r0, 0x107, 0x14, &(0x7f0000000000), 0x4) sendmsg$kcm(r0, &(0x7f0000001780)={&(0x7f0000000180)=@tipc=@nameseq={0x1e, 0x1, 0x3, {0x40, 0x3}}, 0x80, 0x0}, 0x0) 2.023644088s ago: executing program 0 (id=13213): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=@newqdisc={0x48, 0x24, 0xf0b, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, {0x0, 0xc}, {0xffff, 0xffff}, {0xd, 0x2}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4}}, @qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_ECN={0x8}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x44004}, 0x0) 1.946004179s ago: executing program 6 (id=13214): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) ioctl$FS_IOC_GETFSLABEL(r0, 0x5411, &(0x7f0000000100)) 1.858889893s ago: executing program 2 (id=13216): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_IOVA_RANGES(r0, 0x3b84, &(0x7f00000001c0)={0x20, r1, 0xffffffffffffffa4, 0x0, 0x0}) 1.691813951s ago: executing program 1 (id=13217): sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c000000020681010000000000000000000000000500050002000000050001"], 0x4c}, 0x1, 0x0, 0x0, 0x4040000}, 0x800) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="24000000190001002cbd700000c8c3532d"], 0x24}}, 0x0) 1.69044848s ago: executing program 4 (id=13218): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x8002}, 0x50) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xd, &(0x7f0000000200)=@framed={{0x18, 0x2, 0x0, 0x0, 0x3}, [@call={0x85, 0x0, 0x0, 0x87}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3800000}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x5c93067603d2de2a, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200000d4}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000100)="6a69c274386d178550cb864bd572", 0x0, 0xffff6340, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.616249165s ago: executing program 6 (id=13219): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000080)={0x18, 0x3, 0x10000, 0x7b, 0x7f, "fff903087200", 0x2208, 0x6}) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0xff) 1.598866264s ago: executing program 0 (id=13221): r0 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0) syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0) ioctl$MON_IOCH_MFLUSH(r0, 0x9208, 0x1000) 1.524160313s ago: executing program 2 (id=13222): r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) connect$rose(r0, &(0x7f0000000040)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x1, @null}, 0x1c) connect$rose(r0, &(0x7f0000000000)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @null, 0x1, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}}, 0x1c) 1.464801182s ago: executing program 1 (id=13223): syz_mount_image$romfs(&(0x7f0000000140), &(0x7f0000000280)='./file0\x00', 0x208008, &(0x7f0000000000)=ANY=[], 0x80, 0x162, &(0x7f00000005c0)="$eJzs2rFKw0AYB/BPGi3UzdGpUKkONkkTrbNjcXNzLG2uDV5sSQRpX0CcBIVz8CUEn8BHyOimi4MvEUlzhCQWzSDkhP9vyR++NPlyV77pOv7U67KgQ7Q/uzv92PKnXrNnHw1Zlw0o0SeiZhzCKHrQ6Zu3tB5GpK+4oVo7n8m1tTcWJzfM5Y5VdUsAAAAAAAAAAAAAAAAAAAAAAFBSuyFDYyK8a+Zyp5upBi3tfMC54wcVtVe5dlOe4SIm+GO8Pnb+hrNNGVxx7Md1M//7exl2J4K/F9fXuPRmRjBfdFxvMHbGzoVl2T3zwDQPLWP5LKP4xPaT7InC6NnUKZLSeua82WuZ82Zy/7VtV9xeFd8WzBdy/xUIa2q0UTLUiEiBNlQKfU2xf9S/CTVSoo1MSEfExsqpov06d1TRWE+uo7rdeonnnz6c8pEsLr+1Tn+0ZvJNlC9V9eEA8LOvAAAA//8Jlzfq") r0 = open(&(0x7f0000000140)='.\x00', 0x80000, 0xba) getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8) 1.397003409s ago: executing program 6 (id=13224): syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000980)='./bus\x00', 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="666f7263652c6e6f626172726965722c63726561746f723dbd3c66f52c6e6c733d6d6163696e7569742c666f7263652c666f7263652c00e4fc379f5d3b737931087563d08075a28550d98b7ceb93413b717546de81c69d046a7c7de8b7877acbd69ee6be03a2ee9a6f18a95984da551773b44694170cc523576b447ba266b98f316ea57b543f70ba341c31a3ebdda905e7fe6b43c2a3df705330ee5e204149ac4976e64dd1fadd4aa5366c443b6b98d34c"], 0x3, 0x6af, &(0x7f0000002200)="$eJzs3U1sHGf9B/DvbJx1Nn8pdds0zR8h1WqkChqR2FmVBAmpASGUQ4QiuPRqJU5jZZNWjovSCpENUJA4cUI9cChC4dATQgipnBDljITEhVPukbhxyAFYNLOz67W9cey8eJf285HG8zz7zPM8v/l5XnbHiTbAZ9a5N7K/myLnjp+/Wdbv3ml37t5pXxuUk8wmaSQz/VWKVlJ8kpxNf8n/ly/WwxUPmue1ex8XMx981O7XZuql2r6xXb8txm7ZTQ4MK/uSzPeL/9rxsFvGq5ZqnIvr4z2iYhh3mbBjg8TBpPW26K43Nh7afefnLTC1bvXvm1vMJQfTv7uW7wNSXx0efmWYvG2vTd29iwMAAACelrGf5Uc9cz/3czOH9iYcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HQo+t8ZWNRLY1CeTzH4/v/myHfqNycc7mN6/3K1+vYzkw4EAAAAAAAAAB7LS/dzPzdzaFDvFdXf/F+uKoern/+Xd3Ijy1nNidzMUtayltUsJpkbGah5c2ltbXVxa8+fp+zZ6/Vu1T1Pje15amNc3c2BjvuXBls2AgAAAAAAAIDPrB/k3Prf/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYBoUyb7+qloOD8pzacwkOZCkWcwPN29ONNgn4I+TDgAAAACevla9PlT8p1/oFdVn/iPV5/4DeSfXs5aVrKWT5VyqngX0P/U3/tptd+7eaV8rl60Df+0fu4qjGjH9Zw/jZ16otnhh2ONcvpnv5HjmcyGrWcl3s5S1LGc+36hKSykyVz+9mLt7p5VBrFvjPbuhdmFzbC+NlMv4jlaRtHI5K1VsJ3KxOQi9UW93dGS23zeTTTPeLrNTvF7bYY4u1etyj35Wr6fDXLXn+4cZWahzX2bj2dG8b839Lo+TzTMtpjF8BnV4fZayunmmR8r5wXpd5vrHTzfnu3yUtjET3Z+WtcHRd2T7nCdf/NufLlxpXL965fKN49NzGD2izcdEeyQTL+4oE50yE93HyMSBx4n/yWnW2ehfRXd3tXy56nsoK/lW3sqlLOd0FrKYM1nIV3Iq7ZwayesL2+e1OtcauzvXjn2hLpT3pJ+M3Jv2zOyDGsq8PjuS19Er3VzVNvrKepae20GWimbGZ+nvY0OZ+VxdKOf44cgdZ/I2Z2JxJBPPb5+JX/67l+RG5/rV1StLb+9wvlfqdXnavr/x2vyrJ7JDu1fvbnm8PFf+stK/bYweHWXb84O2Tflq1n9xmakH29DWTHU+99sedqaWIx25PW6kftuLY2dpV21HR9o2vMvJW+kM34UAMMUOvnqw2brX+kvrw9aPWlda5w98ffbM7Oeb2f/nmT/s+03j142vFq/mw3w/hyYdKQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfBrcePe9q0udzvLqFBbSeMID3h7bNEhF/5XmdOz7sNDIVISx08LsdkfUb5OMbeoVo7+CPY25lWQqUpeZPZhrNmOazg9faSWNYTxJrk7JF9wBT8PJtWtvn7zx7ntfWrm29Obym8vXT505/frp9pcXb528vNJZXuj/nHSUwNOw/jZg0pEAAAAAAAAAAAAAO7UX/71hzLRFdwL7CgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPxvOvdG9ndTZHHhxEJZv3un3SmXQXl9y5kkjSTF95Lik+Rs+kvmRoYrHjTPa/c+/sUrH3zUXh9rZrB9Y1O/3/2z19vlXnTrJfNJ9tXrh5vd0XgXR8br7jKwvmK4h2XCjg0SB5P23wAAAP//bVsE6g==") r0 = syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00') preadv(r0, &(0x7f00000001c0)=[{&(0x7f00000039c0)=""/4088, 0xff8}], 0x1, 0x15f, 0x0) 1.355986751s ago: executing program 5 (id=13225): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000000), r0) sendmsg$DEVLINK_CMD_RATE_SET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x34, r1, 0x6ff, 0x0, 0x25dfdbfc, {0x52}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x48004}, 0x0) 1.201959127s ago: executing program 2 (id=13226): r0 = socket$alg(0x26, 0x5, 0x0) r1 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0x20002010}) 1.201657725s ago: executing program 0 (id=13227): bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94) r0 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x9840) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffffffffffb, 0x6, 0x1, @buffer={0x300, 0x56, &(0x7f0000000440)=""/86}, &(0x7f0000000380)="259374c94982", 0x0, 0x0, 0x1c, 0x0, 0x0}) 1.101121282s ago: executing program 1 (id=13228): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000880)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@func_proto={0x0, 0x0, 0x0, 0x2, 0x3}, @const={0x0, 0x0, 0x0, 0xb}, @volatile={0x0, 0x0, 0x0, 0x9, 0x2}]}}, 0x0, 0x3e}, 0x20) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000010c0)={r0, 0x20, &(0x7f0000001080)={0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000100)=r1, 0x4) 1.088772112s ago: executing program 5 (id=13229): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) shutdown(r0, 0x0) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) 932.873846ms ago: executing program 0 (id=13230): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff) sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0106000000000000000009000000240004801300010062726f616463612ff3c5ae64fa0a93"], 0x38}}, 0x40040) 931.315126ms ago: executing program 6 (id=13231): syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3f7, &(0x7f00000004c0)="$eJzs281rXFUbAPDn3nyUt2nfxFq/2qrTBjGgJk2iQsBNRUVBcKE7FxKaaSlOmtKM2BYXKoKr4saVrlzpH+DGhSDuXQmudC+FIMW1jNyZe5txMhMzyYyjvb8fTHLO3DOc88yZZ+bcc2cCKK1K9ieJOBIRP0fEdKv61waV1r/fb793Prsl0Wi8/lvSbJfVi6bF46byylwakX6UxMku/W5ev/H2aq1WvZrXF+rrVxY2r9946tL66sXqxerl5ZVnzi4trzy7sjywWG/ePvXTxuev/fHJmV+mnr/51gvZeI/kx9rjGJRKVKKR6zz22KA7G7GjbeVkfIQDoS9jEZFN10Qz/6djLLYnbzpe/HCkgwOGKvtsOtT78PsN4C6WxKhHAIxG8UFfnNsP4zz432zrXOsEaGf845HmbSY6zm8HKTvbuvbmx99mtxjSPgQAQLvvsvXPk93WP2nc39bu//m1oZmIuCcijkXEvRFxPCLui2i2fSAiHuyz/0pHfef6J721r8D2KFv/Pdd1/Vus/mJmLK8dbcY/kVy4VKuezZ+TuZg4lNUXd+njx1e++rLXsUrb+i+7Zf0Xa8F8HLfGOzbo1lbrqweJud3WBxEnuq5/kztXApKIeCgiTuyzj2/ONT7rdezv4x+uxhcRj3ed/+2roMnu1ycXmq+HheJVsdOpd6+s9ep/1PFn83949/hnkvbrtZv99/H1zOmtXsf2+/qfTN5olifz+66t1utXFyMmk1d33r+0/diiXrTP4p+b7Z7/x2L7mTiZzWNEPBwRj0TEo/nYT0fEmYiY3SX+l2Zfru4//uHK4l/ra/77L6wvff9Dr/73Nv9PN0tz+T17ef/b6wAP8twBAADAf0Xa/A58ks7fKafp/HzrO/zH43Ba29isP3Fh453La63vys/ERFrsdE237Ycu5nvDRX2po76c7xt/Ova/Zn3+/Eat56YY8I+Y6pH/mV/HRj06YOj8XgvKS/5Decl/KC/5D+Ul/6G85D+Ul/yH8pL/UF7yH8pL/kMpHeR3/QoKCndrYdTvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIPxZwAAAP//jYTnFQ==") syz_mount_image$fuse(0x0, &(0x7f0000000000)='./bus\x00', 0x300f401, 0x0, 0x2, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) 825.723231ms ago: executing program 2 (id=13232): capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff, 0x800}) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f00000000c0)={0xd, 0x30, 0x2, 0x1d, 0x3, 0x8, 0x1, 0x14c, 0x1}) open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x113602) 762.42838ms ago: executing program 5 (id=13233): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0) ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40345410, &(0x7f00000004c0)={{0x3}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x80605414, 0xffffffffffffffff) 565.711294ms ago: executing program 4 (id=13234): socket$nl_xfrm(0x10, 0x3, 0x6) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@migrate={0x23c, 0x21, 0x1, 0x0, 0x0, {{@in6=@remote, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x0, 0x4, 0x4e20, 0xfffe, 0xa, 0x0, 0x0, 0x32}}, [@migrate={0x50, 0x11, [{@in6=@dev={0xfe, 0x80, '\x00', 0x33}, @in=@multicast2, @in=@private=0xa010100, @in6=@local, 0x3c, 0x0, 0x0, 0x0, 0xa, 0xa}]}, @user_kmaddress={0x2c, 0x13, {@in=@dev={0xac, 0x14, 0x14, 0x19}, @in6=@local}}, @algo_auth={0x13b, 0x1, {{'sha256-mb\x00'}, 0x798, "22523a387224ed1613275d1b234fc89374a31f2d940f0494160ce9621f6d6022251d88b962eb786a897fd2ed857a1f6fe639e569ff5d88f179ceba36b6d298d8221c70e2de99e9472924db48d4ac8e746ef264002fc249ca482549928e66402411ae1212b10ee3ea85e57ffece44448c6e017fe1547f501c8f971e1d92b57ba1139ab660a1978f3c4049bb321742bda87a0f663ae158157285470e964df9ef8857f393fa0dbc2021c6b93b61c43a7b069aade20af10ad7a03c8a0abc7e06af2e677566f997b423773f239e085377a28d0e13069332b8116f3baf19fed87a34945f0db35b1eae0ac411ef57e3c3bf0af24a1c7a"}}, @mark={0xc, 0x15, {0x35075a, 0xb696}}, @encap={0x1c, 0x4, {0x3, 0x4e20, 0x4e22, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}, @offload={0xc}]}, 0x23c}, 0x1, 0x0, 0x0, 0x10}, 0x0) 497.29649ms ago: executing program 2 (id=13235): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sndpcmp(&(0x7f0000000b00), 0x0, 0x14b000) close(r0) 496.683323ms ago: executing program 5 (id=13236): r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=ANY=[@ANYBLOB="0a00000016000000b30000007f"], 0x48) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r0}, @generic={0x66}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa}, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222}, 0x78) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000300)={r1, 0x58, &(0x7f0000000500)}, 0x10) 487.971118ms ago: executing program 0 (id=13237): syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000080)='./file1\x00', 0x84, &(0x7f0000000000)=ANY=[], 0x8b, 0x2d5, &(0x7f0000025dc0)="$eJzs3c9OE10Yx/HfmSlteeHFUTAmxoVBia4M4Ma4aWKI1+BGI9KaEBqIiImysXFtvAD3bLwAL8KVMXGNK1deALsxZ3pKz7QzbYHQAfl+ktrO9Px5zsy0c56RZgTgwnq0sr93/7d9GClUKOmhFNi3bqok6aquVd9s7qzvNBv1QQ2FUlXJw0hJTdNXZm2zkVXV1ktqOJFdKmnaX4fTEcdx/KvoIFCkqnsOs94MpIr7dIZ+4bOs0rM80bPcCqXWGOM5i8yBDvRWM0XHAQAolmmf3wN3np928/cgkBbcad8////8v+B4T+aODooOoWDe+T/JsmJj9++l5K1uvmc06cp3ssSj9mPnYmW1j6zUBNOks8r+ZDGJJZh8ud5s3FvbatYDfVAtYfy8cE5STXWXs2ZF29/0fMa6tLK/sD+sdK6pZAwTdgzL3fhrNa/IbFanx93aozDfzHfzzET6rPrh/K8UG3/Mbk89nujGv5jX3Narp/Y5apfKGeVluxtK19MbduAow7yMRG5LxaHSFwiidJzlzFpl9dRqj24pryfXzmxmreUhteZsrS9ere7RnF/ztJlP5omZ1x991Yo3/w/s1l5Q/yczu5GkpDsyBo6nlJSM/FWtG5klg6OPBUfU3cYf9UIPNPP63e7GarPZ2B73CxvD2Du9mC8i9a7pHARnJcLjvbDfsf4aRY3t0nh6L59401XdTrGTmf4yld2N1YpfuD3Szgmxt8HOx3qE3jsX8IZGOMZvJRSmu9Pzy7wX/xPzD7NfHqad/3n5ymKS9Nh/ogHz9HjYtM1rcSkjN+heqv/Pa8m46/P5GdBUZgbX0mg5V1L31l3ptrdyf68yKOeKdEWH2fD5Z1b0Q8+5/g8AAAAAAAAAAAAAAAAAAHDejOPXGl53/B05AAAAAAAAAAAAAAAAAAAAAADHkH//36pO8f6/qd8BjHz/394bewI4kb8BAAD//+jIZ98=") syz_mount_image$fuse(0x0, &(0x7f0000000140)='./file0\x00', 0x2a0000a, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 447.165451ms ago: executing program 1 (id=13238): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f0000000000)=0x7, 0x4) getsockopt$inet6_buf(r0, 0x29, 0x6, &(0x7f0000001500)=""/17, &(0x7f0000000080)=0x24) 291.470602ms ago: executing program 4 (id=13239): r0 = socket$kcm(0x11, 0x3, 0x0) setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4) sendmsg$kcm(r0, &(0x7f0000000040)={&(0x7f0000001340)=@ieee802154={0x24, @long={0x3, 0xffff, {0xaaaaaaaaaaaa0302}}}, 0x80, &(0x7f0000000140)=[{&(0x7f00000006c0)="62053c005902002f1eafbcf706e12b30087f5c112d26116642c47a5f8786ee601e65ab3c06d4b8bf4a81cb3e247345af215542f41ddf82f618438a34f90186cee8441e2305e4", 0x46}], 0x1}, 0x4040) 253.596889ms ago: executing program 5 (id=13240): ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000006c0)={0x0, 0x7fff, 0x0, {0x0, 0x1}, {0x4a, 0x2}, @period={0x5d, 0xa370, 0x0, 0x7f, 0x2, {0x1, 0x3, 0x4, 0x2}, 0x0, 0x0}}) r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x822b01) write$char_usb(r0, &(0x7f0000000040)="e2", 0x12d8) 192.026247ms ago: executing program 1 (id=13241): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a78000000060a0b160000000000000000020000084c00048018000180080001006f7366000c000280080001400000000430000180080001006e6174002400028008000140004000000800054001000017e9fff83f0000000908000240000000020900010073797a30000000000900020073797a32"], 0xa0}, 0x1, 0x0, 0x0, 0x850}, 0x4040080) 105.206579ms ago: executing program 5 (id=13242): r0 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x170, 0xffffffff, 0xffffffff, 0x170, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0x0, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x528) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @random="39d5faac721b", @void, {@ipv6={0x86dd, @generic={0x6, 0x6, "540500", 0x8, 0x2c, 0x0, @local, @local, {[@routing={0x3b, 0x0, 0x0, 0x7}]}}}}}, 0x0) 97.232764ms ago: executing program 6 (id=13243): syz_mount_image$hfsplus(&(0x7f00000001c0), &(0x7f0000000240)='./file0\x00', 0x4000, &(0x7f0000000280)={[{@uid}, {@nls={'nls', 0x3d, 'maccenteuro'}}, {@barrier}, {@umask={'umask', 0x3d, 0x2}}, {}, {@part={'part', 0x3d, 0x80000000}}]}, 0x20, 0x70c, &(0x7f0000003800)="$eJzs3U+IHGndB/Bv9fR0prMwb+++m90oQoYNBt1oMsmwGEEwikgOiwa87HVMJpshk0mYmZUkiJl1XfWmJ4mwhxWJhz2JB2HFg7jeBEHwnnvAg7fFgy1VXT3TPf8nmclk4+cD1fVU1VPP83t+Xf10d01CB/ifdeGNjC6nyIWTr98qtx/cn5p7cH/qer+c5FCSRtLsrVLMJ8VHyfn0lnyq3Fk3V2zWz2sPP3zvxL0PpnpbzXqp6je2Om9Vd4seluslE0lG6vUuNTdr79IG7d3dVdPFStxlwo73EwcHrbvO8m5O38HrFnja3U1GRjfY30kOJxmrPweknh0aTzi8PberWQ4AAACeTiPbVai+wN/K+BOJBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4RRe83A4t6afTLEynq3///dl2t0modbLjb+MI2x9+98oQCAQAAAAAAAIC9N7paPPZxPs6tjPe3u0X1N/9Xqo0Xq8fn8lYWM5OFnMqtTGcpS1nImWR0fKDN1q3ppaWFM+vP/EXKM7vd7t36zLNJOuvOPLvPYwYAAAAAAACAT7q7Wx79YS5k/InFAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO1AkI71VtbzYL3fSaCYZS9Iq6y0nf+yXnwadRzzvT3scBwAAADyF2vV6vPhPr9Atqu/8L1Xf+8fyVuazlNksZS4zuVzdC+h962/8fXlq7sH9qevlsr7hr/2zaq27wziqFpOM5O1Nep6sahyp70EkF/LNfCcnM5GLWchsvpfpLGUmE2mXg8h0inTavbsXnX6cw/GO1J2fHwrl4trYjq3ZPlpF0s6VzFaxncqlVr+1RlWjyNGB3n7fStZk6O0yO8VXazvM0eWB5+vn9X2ZWvf/dtjG/uhUIx9dychkmfs6G89vnPu+3nXyyD2dSWPlHtSLq72Um2t76uf8u7vJ+eF6Xeb6x8M532u7vJW2NhNn06ivvuSl4Zzf/Oy9F4ZP/vw//nzxamP+2tUriyf3cUh7pLnh3tF+YW0mpgYy8fLWV1+dibkyE8s7z8To2h1jOx7LvmrV2ehNbL3Zsmfz2fIbVWk6rwxcgjfmy8cvZTJnci6T+XLOZmroCjsylNfm1PXhnFSvtcb6+a29RfDHPzdQ6SfbVN4Pm/dX5uX5gbwOznSd6li95/zPMjmQpRe2vvoe5V2g+em6UPbxzso7ztNgKBP13NyPrv8GtUkmflV9Tlicm7+2cHX65g77O1Gvy5ftu8Nz868fezCPpZW8M76yVeWk3b9eymvp/1eiHc5Xq/6LS2/Ca6w7dmTlWCfjmc23ciOXM7PBK7VVf4Zb31Lv2MsbHpuqjh0dODb0KSc3Mld9ClljYv8zCsCuHH71cKv9sP239vvtH7Wvtl8f+/qhc4c+08roX5p/GPlt4zeNrxSv5v38IOMHHSkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwLFm/fuTY9NzezsI+F1iP2lca2de4/t7MG00m27quoC639zsauCz+tf69w71r+19im2fjl4aSdfRrO77YeReuxuyhSLO/zk1I+E3vSYP+H06o93ZFtz/rr6aS3p5lut3t35dDap7KZxbHNnsFDq5XTuTY99+/uUJ12Bl4ywDPu9NL1m6cXb9/54uz16Tdn3pyZP3uu//O4V2bnZiZPV48HHCSwLxZv3xk56BgAAAAAAAAAAACA3an/9f/SQqMsFLv/XzrNbeq0FhY37vnYkx4qAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Al14Y2MLqfImclTk+X2g/tTc+XSL6/WbCZpJCm+nxQfJefTW9IZaK7YrJ/XHn743ol7H0ytttXs129sdd7OLNdLJpKM1OvtHdqgmfXtXRpob/mRwitWRlgm7Hg/cXDQ/hsAAP//g+DvoA==") r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x50009404, &(0x7f00000004c0)={0x0, 0x0, 0x3a}) 46.81831ms ago: executing program 0 (id=13244): r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2) ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f0000000100)=0x3) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000007c0)={0x0, @bt={0xa8c, 0x870, 0x1, 0x2, 0xd59f82, 0x19f5, 0xacc, 0xb, 0x0, 0x8, 0x27fd, 0x2800, 0x440, 0x3, 0xd, 0x22, {0x45, 0x80}, 0xcd, 0x3}}) 0s ago: executing program 4 (id=13245): unshare(0x8040600) r0 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r0, 0x0, 0x0) kernel console output (not intermixed with test programs): pacity change from 0 to 8 [ 1055.527173][T11287] SQUASHFS error: Unable to read directory block [629:26] [ 1055.547537][T11294] netlink: 156 bytes leftover after parsing attributes in process `syz.0.11755'. [ 1055.588093][T11294] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 1055.857438][T11313] netlink: 120 bytes leftover after parsing attributes in process `syz.0.11761'. [ 1055.898965][T11313] netlink: 120 bytes leftover after parsing attributes in process `syz.0.11761'. [ 1055.979905][T11324] openvswitch: netlink: IP tunnel dst address not specified [ 1057.082631][T11331] loop2: detected capacity change from 0 to 32768 [ 1057.153141][T11331] ocfs2: Slot 0 on device (7,2) was already allocated to this node! [ 1057.178695][T11333] loop0: detected capacity change from 0 to 32768 [ 1057.192411][T11331] JBD2: Ignoring recovery information on journal [ 1057.258697][T11333] (syz.0.11768,11333,1):ocfs2_verify_volume:2308 ERROR: bad block number on superblock: found 0, should be 2 [ 1057.333210][T11386] netlink: 8 bytes leftover after parsing attributes in process `syz.4.11784'. [ 1057.342473][T11333] (syz.0.11768,11333,1):ocfs2_verify_volume:2331 ERROR: status = -22 [ 1057.378090][T11331] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 1057.407106][T11333] (syz.0.11768,11333,1):ocfs2_fill_super:989 ERROR: superblock probe failed! [ 1057.489407][T11333] (syz.0.11768,11333,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 1057.559434][T11392] bond4: entered promiscuous mode [ 1057.601302][T11392] 8021q: adding VLAN 0 to HW filter on device bond4 [ 1057.635488][T11333] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 1057.777831][ T5873] ocfs2: Unmounting device (7,2) on (node local) [ 1058.189742][T11461] loop5: detected capacity change from 0 to 512 [ 1058.304979][T11461] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a857e02c, mo2=0102] [ 1058.402037][T11461] System zones: 1-12 [ 1058.452488][T11461] EXT4-fs error (device loop5): ext4_get_branch:178: inode #11: block 33261: comm syz.5.11796: invalid block [ 1058.508405][T11469] loop4: detected capacity change from 0 to 4096 [ 1058.517036][T11461] loop5: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 1058.517577][T11461] EXT4-fs (loop5): Remounting filesystem read-only [ 1058.526830][ C0] EXT4-fs (loop5): error count since last fsck: 1 [ 1058.526862][ C0] EXT4-fs (loop5): initial error at time 1774365592: ext4_get_branch:178: inode 11: block 33261 [ 1058.526914][ C0] EXT4-fs (loop5): last error at time 1774365592: ext4_get_branch:178: inode 11: block 33261 [ 1058.569822][T11469] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 1058.605903][T11461] EXT4-fs (loop5): 1 truncate cleaned up [ 1058.663429][T11469] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 1058.688283][T11461] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1058.725406][T11469] ntfs3(loop4): ino=19, mi_enum_attr [ 1058.916984][ T9] usb 4-1: new high-speed USB device number 86 using dummy_hcd [ 1058.971181][ T5887] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1059.089400][ T9] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE8, changing to 0x88 [ 1059.119717][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7 [ 1059.171103][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xA has an invalid bInterval 0, changing to 7 [ 1059.196368][ T9] usb 4-1: New USB device found, idVendor=1781, idProduct=0938, bcdDevice=9b.49 [ 1059.206245][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1059.214637][ T5952] usb 3-1: new full-speed USB device number 110 using dummy_hcd [ 1059.223960][ T9] usb 4-1: Product: syz [ 1059.244883][ T9] usb 4-1: Manufacturer: syz [ 1059.249529][ T9] usb 4-1: SerialNumber: syz [ 1059.283439][ T9] usb 4-1: config 0 descriptor?? [ 1059.336721][T11527] loop0: detected capacity change from 0 to 1024 [ 1059.377910][ T5952] usb 3-1: unable to get BOS descriptor or descriptor too short [ 1059.404791][ T5952] usb 3-1: not running at top speed; connect to a high speed hub [ 1059.428338][ T5952] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10 [ 1059.455951][T11527] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1059.511900][ T5952] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1059.588420][ T5952] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xC has invalid maxpacket 65535, setting to 64 [ 1059.651336][ T5952] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 1059.707232][ T5952] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x6E, changing to 0xE [ 1059.738318][ T5868] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1059.752108][ T5952] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xE has an invalid bInterval 105, changing to 4 [ 1059.816084][ T5952] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xE has invalid maxpacket 12148, setting to 1023 [ 1059.853463][ T5952] usb 3-1: New USB device found, idVendor=0763, idProduct=1002, bcdDevice=5f.84 [ 1059.892639][ T5952] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1059.945292][ T5952] usb 3-1: Product: syz [ 1059.949680][ T5952] usb 3-1: Manufacturer: syz [ 1059.973046][ T5952] usb 3-1: SerialNumber: syz [ 1059.988153][T11559] openvswitch: netlink: Unexpected mask (mask=40040, allowed=10048) [ 1059.998342][ T5952] usb 3-1: config 0 descriptor?? [ 1060.032415][T11500] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 1060.071517][ T5952] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 1060.288675][T11582] xt_ecn: cannot match TCP bits for non-tcp packets [ 1060.494308][T11596] SET target dimension over the limit! [ 1060.496299][ T5952] usb 3-1: USB disconnect, device number 110 [ 1060.748415][ T6094] udevd[6094]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1060.871843][T11528] loop4: detected capacity change from 0 to 32768 [ 1060.979249][T11528] JBD2: Ignoring recovery information on journal [ 1061.237347][T11627] loop5: detected capacity change from 0 to 4096 [ 1061.259916][T11528] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 1061.310623][T11627] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 1061.345212][T11640] netlink: 36 bytes leftover after parsing attributes in process `syz.3.11836'. [ 1061.390513][T11640] netlink: 32 bytes leftover after parsing attributes in process `syz.3.11836'. [ 1061.398965][T11528] (syz.4.11811,11528,0):ocfs2_find_entry:1104 ERROR: status = -117 [ 1061.422563][T11528] (syz.4.11811,11528,1):ocfs2_find_entry:1104 ERROR: status = -117 [ 1061.445316][T11643] netlink: 16 bytes leftover after parsing attributes in process `syz.2.11838'. [ 1061.472103][T11528] (syz.4.11811,11528,1):ocfs2_mknod:506 ERROR: status = -117 [ 1061.527425][T11528] (syz.4.11811,11528,1):ocfs2_create:679 ERROR: status = -117 [ 1061.556242][T11627] ntfs3(loop5): Failed to initialize $Extend/$Reparse. [ 1061.945848][ T5878] ocfs2: Unmounting device (7,4) on (node local) [ 1062.136044][T11654] loop3: detected capacity change from 0 to 4096 [ 1062.175836][T11654] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512). [ 1062.866613][T11639] loop0: detected capacity change from 0 to 32768 [ 1062.917903][T11639] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.11835 (11639) [ 1062.976986][T11695] cgroup: No subsys list or none specified [ 1063.017797][T11639] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1063.092494][T11639] BTRFS info (device loop0): using sha256 checksum algorithm [ 1063.438329][T11639] BTRFS info (device loop0): enabling ssd optimizations [ 1063.511917][T11639] BTRFS info (device loop0): turning on async discard [ 1063.593674][T11639] BTRFS info (device loop0): enabling free space tree [ 1063.793391][T11747] sg_write: data in/out 294879/136 bytes for SCSI command 0x2-- guessing data in; [ 1063.793391][T11747] program syz.4.11865 not setting count and/or reply_len properly [ 1063.836507][ T5868] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1064.002846][ T5974] usb 3-1: new high-speed USB device number 111 using dummy_hcd [ 1064.222936][ T5974] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1064.262965][ T5974] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1064.315053][ T5974] usb 3-1: config 0 descriptor?? [ 1064.315053][T11772] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1064.377875][ T5974] cp210x 3-1:0.0: cp210x converter detected [ 1064.723348][T11790] loop1: detected capacity change from 0 to 1024 [ 1064.787514][ T5974] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -71 [ 1064.861386][ T5974] cp210x 3-1:0.0: failed to get vendor val 0x3711 size 2: -71 [ 1064.890414][ T5974] cp210x 3-1:0.0: GPIO initialisation failed: -71 [ 1064.943201][T11790] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1065.017344][ T5974] usb 3-1: cp210x converter now attached to ttyUSB0 [ 1065.034772][ T5974] usb 3-1: USB disconnect, device number 111 [ 1065.074424][ T5974] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1065.090282][ T5974] cp210x 3-1:0.0: device disconnected [ 1065.215511][ T5874] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1065.278732][T11820] loop0: detected capacity change from 0 to 2048 [ 1065.365733][T11820] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1065.574339][T11827] 8021q: adding VLAN 0 to HW filter on device bond2 [ 1066.388582][T11912] libceph: resolve '0' (ret=-3): failed [ 1066.391760][T11914] netlink: 'syz.4.11899': attribute type 1 has an invalid length. [ 1066.762445][T11935] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 1066.818257][T11935] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 1066.898852][T11935] overlayfs: missing 'lowerdir' [ 1067.411016][T11965] loop5: detected capacity change from 0 to 2048 [ 1067.552000][T11977] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1067.621117][T11979] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11922'. [ 1067.634359][T11965] NILFS (loop5): bad btree node (ino=16, blocknr=12): level = 0, flags = 0x0, nchildren = 0 [ 1067.681320][T11965] NILFS error (device loop5): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 1067.699394][T11979] bridge0: port 3(team0) entered disabled state [ 1067.768833][T11965] Remounting filesystem read-only [ 1067.800700][T11965] NILFS (loop5): bad btree node (ino=16, blocknr=12): level = 0, flags = 0x0, nchildren = 0 [ 1067.822625][T11979] bridge_slave_1: left allmulticast mode [ 1067.829684][T11979] bridge_slave_1: left promiscuous mode [ 1067.854886][T11965] NILFS error (device loop5): nilfs_bmap_last_key: broken bmap (inode number=16) [ 1067.907890][T11979] bridge0: port 2(bridge_slave_1) entered disabled state [ 1067.924003][T11965] NILFS (loop5): error -5 truncating bmap (ino=16) [ 1067.990767][T11979] bridge_slave_0: left allmulticast mode [ 1068.044012][T11979] bridge_slave_0: left promiscuous mode [ 1068.049966][T11979] bridge0: port 1(bridge_slave_0) entered disabled state [ 1068.129102][ T5887] NILFS (loop5): disposed unprocessed dirty file(s) when detaching log writer [ 1068.277220][T11979] bond0: (slave bridge0): Releasing backup interface [ 1068.311134][T11979] bridge0 (unregistering): left allmulticast mode [ 1068.432816][T12016] netlink: 12 bytes leftover after parsing attributes in process `syz.5.11931'. [ 1068.623125][T12032] netlink: 'syz.2.11937': attribute type 4 has an invalid length. [ 1068.888470][T12040] loop4: detected capacity change from 0 to 512 [ 1068.909645][T12040] EXT4-fs: Ignoring removed bh option [ 1068.953246][T12040] EXT4-fs: Ignoring removed mblk_io_submit option [ 1069.017582][T12040] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 1069.093605][T12040] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 1069.140527][T12040] EXT4-fs (loop4): orphan cleanup on readonly fs [ 1069.271762][T12040] Quota error (device loop4): do_insert_tree: Free block already used in tree: block 4 [ 1069.298862][T12040] Quota error (device loop4): qtree_write_dquot: Error -5 occurred while creating quota [ 1069.333599][T12067] netlink: 'syz.1.11949': attribute type 1 has an invalid length. [ 1069.367310][T12040] EXT4-fs error (device loop4): ext4_acquire_dquot:7001: comm syz.4.11940: Failed to acquire dquot type 1 [ 1069.379615][ T9] iguanair 4-1:0.0: failed to get version [ 1069.433234][ T9] iguanair 4-1:0.0: probe with driver iguanair failed with error -110 [ 1069.435910][T12070] dummy0 speed is unknown, defaulting to 1000 [ 1069.450952][T12070] lo speed is unknown, defaulting to 1000 [ 1069.457103][T12040] loop4: lost filesystem error report for type 5 error -5 [ 1069.467477][T12040] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.11940: Invalid block bitmap block 0 in block_group 0 [ 1069.474745][ C1] EXT4-fs (loop4): error count since last fsck: 1 [ 1069.474773][ C1] EXT4-fs (loop4): last error at time 1774365604: ext4_acquire_dquot:7001 [ 1069.491195][ T9] usb 4-1: USB disconnect, device number 86 [ 1069.527812][T12079] netlink: 'syz.0.11951': attribute type 12 has an invalid length. [ 1069.535797][T12079] netlink: 17 bytes leftover after parsing attributes in process `syz.0.11951'. [ 1069.549168][T12040] loop4: lost filesystem error report for type 5 error -117 [ 1069.556210][T12040] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.11940: Invalid block bitmap block 0 in block_group 0 [ 1069.584928][T12040] loop4: lost filesystem error report for type 5 error -117 [ 1069.589340][T12040] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.11940: Invalid block bitmap block 0 in block_group 0 [ 1069.661576][T12040] loop4: lost filesystem error report for type 5 error -117 [ 1069.663963][T12040] Quota error (device loop4): write_blk: dquota write failed [ 1069.728952][T12040] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota [ 1069.822652][T12040] EXT4-fs error (device loop4): ext4_acquire_dquot:7001: comm syz.4.11940: Failed to acquire dquot type 1 [ 1069.903685][T12040] loop4: lost filesystem error report for type 5 error -28 [ 1069.910135][T12040] Quota error (device loop4): write_blk: dquota write failed [ 1069.936300][T12040] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota [ 1069.956321][T12040] EXT4-fs error (device loop4): ext4_acquire_dquot:7001: comm syz.4.11940: Failed to acquire dquot type 1 [ 1069.980757][T12040] loop4: lost filesystem error report for type 5 error -28 [ 1069.981346][T12040] EXT4-fs (loop4): 1 orphan inode deleted [ 1070.025453][T12040] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1070.071419][T12126] loop2: detected capacity change from 0 to 64 [ 1070.093392][T12127] openvswitch: netlink: nsh attribute has 1 unknown bytes. [ 1070.105363][T12126] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 1070.152927][T12040] EXT4-fs error (device loop4): ext4_lookup:1789: inode #2: comm syz.4.11940: deleted inode referenced: 12 [ 1070.179639][T12126] MINIX-fs warning: remounting unchecked fs, running fsck is recommended [ 1070.434752][ T5878] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1070.715223][T12163] loop2: detected capacity change from 0 to 16 [ 1070.804624][T12163] erofs (device loop2): mounted with root inode @ nid 36. [ 1072.112752][ T24] usb 1-1: new high-speed USB device number 120 using dummy_hcd [ 1072.281427][ T24] usb 1-1: Using ep0 maxpacket: 8 [ 1072.292285][ T24] usb 1-1: config index 0 descriptor too short (expected 6427, got 27) [ 1072.325484][ T24] usb 1-1: config 0 has an invalid interface number: 21 but max is 0 [ 1072.345155][T12260] loop2: detected capacity change from 0 to 256 [ 1072.374095][ T24] usb 1-1: config 0 has no interface number 0 [ 1072.401240][ T24] usb 1-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1072.463267][T12260] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x52c1951d, utbl_chksum : 0xe619d30d) [ 1072.464754][ T24] usb 1-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 1072.538028][ T24] usb 1-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 1072.623681][ T24] usb 1-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 1072.671260][ T24] usb 1-1: New USB device strings: Mfr=31, Product=1, SerialNumber=0 [ 1072.711533][ T24] usb 1-1: Product: syz [ 1072.721323][ T24] usb 1-1: Manufacturer: syz [ 1072.762184][ T24] usb 1-1: config 0 descriptor?? [ 1072.886417][T12297] netlink: 4096 bytes leftover after parsing attributes in process `syz.5.11997'. [ 1072.916516][T12299] ipt_ECN: cannot use operation on non-tcp rule [ 1073.015204][ T24] usb 1-1: USB disconnect, device number 120 [ 1073.170217][T12233] loop1: detected capacity change from 0 to 32768 [ 1073.204005][T12233] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.11989 (12233) [ 1073.285942][T12233] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1073.303963][T12177] loop3: detected capacity change from 0 to 32768 [ 1073.321734][T12319] loop4: detected capacity change from 0 to 2048 [ 1073.338313][T12233] BTRFS info (device loop1): using sha256 checksum algorithm [ 1073.433539][T12319] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 1073.536923][T12177] JBD2: Ignoring recovery information on journal [ 1073.551442][T12319] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1073.648001][T12233] BTRFS info (device loop1): enabling ssd optimizations [ 1073.717840][T12353] loop0: detected capacity change from 0 to 256 [ 1073.730631][T12233] BTRFS info (device loop1): turning on async discard [ 1073.763633][T12353] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 1073.766896][T12233] BTRFS info (device loop1): enabling free space tree [ 1073.962210][T12177] JBD2: journal reset failed [ 1074.019924][T12177] (syz.3.11972,12177,1):ocfs2_journal_load:1157 ERROR: Failed to load journal! [ 1074.138052][T12177] (syz.3.11972,12177,1):ocfs2_check_volume:2376 ERROR: ocfs2 journal load failed! -4 [ 1074.350383][ T5874] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1075.162995][T12416] loop5: detected capacity change from 0 to 2048 [ 1075.198311][T12423] netlink: 'syz.2.12022': attribute type 21 has an invalid length. [ 1075.282395][T12416] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1075.424576][T12416] syz.5.12020: attempt to access beyond end of device [ 1075.424576][T12416] loop5: rw=8912896, sector=33554430, nr_sectors = 2 limit=2048 [ 1075.443245][T12432] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1075.526910][T12416] syz.5.12020: attempt to access beyond end of device [ 1075.526910][T12416] loop5: rw=8388608, sector=9437254, nr_sectors = 2 limit=2048 [ 1075.579676][T12416] NILFS (loop5): I/O error reading meta-data file (ino=6, block-offset=0) [ 1075.946250][T12453] loop0: detected capacity change from 0 to 736 [ 1076.095727][T12453] rock: directory entry would overflow storage [ 1076.108242][T12464] sctp: [Deprecated]: syz.3.12018 (pid 12464) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1076.108242][T12464] Use struct sctp_sack_info instead [ 1076.147184][T12453] rock: sig=0x3b10, size=4, remaining=3 [ 1076.333958][T12479] loop2: detected capacity change from 0 to 64 [ 1076.470739][T12486] netlink: 'syz.4.12038': attribute type 1 has an invalid length. [ 1076.945185][T12518] loop1: detected capacity change from 0 to 256 [ 1076.997110][T12518] exfat: Deprecated parameter 'utf8' [ 1077.119671][T12518] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 1077.177466][T18302] usb 1-1: new high-speed USB device number 121 using dummy_hcd [ 1077.254710][ T30] audit: type=1326 audit(1774365612.608:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12536 comm="syz.4.12051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb50c79c799 code=0x7ffc0000 [ 1077.341237][ T30] audit: type=1326 audit(1774365612.608:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12536 comm="syz.4.12051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb50c79c799 code=0x7ffc0000 [ 1077.385413][T18302] usb 1-1: too many configurations: 125, using maximum allowed: 8 [ 1077.424846][ T30] audit: type=1326 audit(1774365612.608:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12536 comm="syz.4.12051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb50c79c799 code=0x7ffc0000 [ 1077.484304][T18302] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1077.498703][T18302] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1077.548658][T18302] usb 1-1: Product: syz [ 1077.552956][ T30] audit: type=1326 audit(1774365612.608:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12536 comm="syz.4.12051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7fb50c79c799 code=0x7ffc0000 [ 1077.598707][T18302] usb 1-1: Manufacturer: syz [ 1077.606160][T18302] usb 1-1: SerialNumber: syz [ 1077.640116][T18302] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1077.667168][ T30] audit: type=1326 audit(1774365612.682:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12536 comm="syz.4.12051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb50c75cfce code=0x7ffc0000 [ 1077.723003][ T9] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1077.792645][ T30] audit: type=1326 audit(1774365612.692:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12536 comm="syz.4.12051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb50c75cfce code=0x7ffc0000 [ 1077.948367][ T30] audit: type=1326 audit(1774365612.692:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12536 comm="syz.4.12051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb50c75cfce code=0x7ffc0000 [ 1078.000358][ C0] usb 1-1: ath: unknown panic pattern! [ 1078.063452][ T30] audit: type=1326 audit(1774365612.692:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12536 comm="syz.4.12051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb50c75cfce code=0x7ffc0000 [ 1078.165765][ T30] audit: type=1326 audit(1774365612.703:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12536 comm="syz.4.12051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb50c75cfce code=0x7ffc0000 [ 1078.220926][T30460] usb 1-1: USB disconnect, device number 121 [ 1078.272397][ T30] audit: type=1326 audit(1774365612.703:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12536 comm="syz.4.12051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb50c75cfce code=0x7ffc0000 [ 1078.321177][T12577] loop3: detected capacity change from 0 to 1024 [ 1078.352423][T12577] EXT4-fs: inline encryption not supported [ 1078.467731][T12594] loop2: detected capacity change from 0 to 128 [ 1078.533289][T12594] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1078.580324][T12577] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1078.615714][T12594] ext4 filesystem being mounted at /2055/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1078.743332][ T9] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive [ 1078.810760][ T9] ath9k_htc: Failed to initialize the device [ 1078.863492][T30460] usb 1-1: ath9k_htc: USB layer deinitialized [ 1078.941629][ T5873] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1079.213349][T12639] netlink: 'syz.0.12073': attribute type 1 has an invalid length. [ 1079.232653][T12635] loop1: detected capacity change from 0 to 2048 [ 1079.257801][T12639] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12073'. [ 1079.303739][T12639] bridge0: port 1(bridge_slave_0) entered blocking state [ 1079.311033][T12639] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1079.331627][ T5872] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1079.356088][T12646] netlink: 16 bytes leftover after parsing attributes in process `syz.4.12074'. [ 1079.391060][T12647] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1079.392682][T12646] netlink: 40 bytes leftover after parsing attributes in process `syz.4.12074'. [ 1079.496974][T12635] NILFS error (device loop1): nilfs_check_folio: bad entry in directory #12: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, name_len=0 [ 1079.635090][T12635] Remounting filesystem read-only [ 1081.076969][T12748] sctp: [Deprecated]: syz.1.12096 (pid 12748) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1081.076969][T12748] Use struct sctp_sack_info instead [ 1081.292314][T12764] x_tables: duplicate underflow at hook 2 [ 1081.320255][T12765] loop0: detected capacity change from 0 to 1024 [ 1081.605193][T12780] loop5: detected capacity change from 0 to 256 [ 1081.661519][ T689] hfsplus: b-tree write err: -5, ino 25 [ 1081.690291][ T689] hfsplus: b-tree write err: -5, ino 4 [ 1081.711564][ T689] hfsplus: b-tree write err: -5, ino 2 [ 1081.714254][T12780] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x9059ffb0, utbl_chksum : 0xe619d30d) [ 1081.717158][ T689] hfsplus: b-tree write err: -5, ino 20 [ 1081.914968][T12798] loop4: detected capacity change from 0 to 164 [ 1082.075142][T12805] loop1: detected capacity change from 0 to 2048 [ 1082.133075][T12805] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 1082.179257][T12805] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1082.188890][T12817] netlink: 20 bytes leftover after parsing attributes in process `syz.5.12114'. [ 1082.614314][T12841] loop5: detected capacity change from 0 to 736 [ 1082.670560][T12829] loop2: detected capacity change from 0 to 8192 [ 1082.787625][T12829] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 1082.817553][T12829] FAT-fs (loop2): Filesystem has been set read-only [ 1083.014132][T12873] loop5: detected capacity change from 0 to 128 [ 1083.027324][T12871] bridge0: port 1(hsr0) entered blocking state [ 1083.053619][T12873] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 1083.102296][T12871] bridge0: port 1(hsr0) entered disabled state [ 1083.108725][T12871] hsr0: entered allmulticast mode [ 1083.128234][T12873] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 1083.170813][T12871] hsr_slave_0: entered allmulticast mode [ 1083.219417][T12871] hsr_slave_1: entered allmulticast mode [ 1083.280082][T12871] hsr0: entered promiscuous mode [ 1083.326892][T12871] bridge0: port 1(hsr0) entered blocking state [ 1083.333272][T12871] bridge0: port 1(hsr0) entered forwarding state [ 1084.232892][T12925] netlink: 148 bytes leftover after parsing attributes in process `syz.2.12141'. [ 1084.505642][T12925] netlink: 148 bytes leftover after parsing attributes in process `syz.2.12141'. [ 1084.864369][T12955] netlink: 8 bytes leftover after parsing attributes in process `syz.2.12149'. [ 1084.867379][T12882] loop1: detected capacity change from 0 to 32768 [ 1084.979173][T12882] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1085.038107][T12974] loop4: detected capacity change from 0 to 64 [ 1085.050691][T12974] BFS-fs: bfs_fill_super(): loop4 is unclean, continuing [ 1085.076325][T12882] XFS (loop1): Ending clean mount [ 1085.098351][T12882] XFS (loop1): Quotacheck needed: Please wait. [ 1085.339655][T12882] XFS (loop1): Quotacheck: Done. [ 1085.662726][ T5874] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1086.328745][T12949] loop3: detected capacity change from 0 to 32768 [ 1086.400931][T12949] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.12148 (12949) [ 1086.515598][T12949] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1086.598080][T12949] BTRFS info (device loop3): using sha256 checksum algorithm [ 1086.634245][T13047] xt_TPROXY: Can be used only with -p tcp or -p udp [ 1086.847080][T12949] BTRFS info (device loop3): enabling ssd optimizations [ 1086.897127][T12949] BTRFS info (device loop3): turning on async discard [ 1086.950536][T12949] BTRFS info (device loop3): enabling free space tree [ 1087.033301][T13089] netlink: 60 bytes leftover after parsing attributes in process `syz.4.12178'. [ 1087.142791][ T5872] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1088.070962][T13142] loop4: detected capacity change from 0 to 512 [ 1088.228507][T13142] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1088.275724][T13142] ext4 filesystem being mounted at /1954/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 1088.451108][T13142] EXT4-fs error (device loop4): ext4_xattr_block_list:766: inode #15: comm syz.4.12194: corrupted xattr block 33: invalid ea_ino [ 1088.543108][T13142] EXT4-fs (loop4): Remounting filesystem read-only [ 1088.598417][ T30] kauditd_printk_skb: 21 callbacks suppressed [ 1088.598442][ T30] audit: type=1107 audit(1774365624.502:604): pid=13168 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 1088.689346][ T5878] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1088.702909][T13178] netlink: 88 bytes leftover after parsing attributes in process `syz.3.12202'. [ 1089.597483][T13231] netlink: 'syz.0.12218': attribute type 3 has an invalid length. [ 1089.605968][T13227] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 1089.638163][T13231] netlink: 666 bytes leftover after parsing attributes in process `syz.0.12218'. [ 1089.923075][T13229] bond5: entered allmulticast mode [ 1089.957328][T13229] 8021q: adding VLAN 0 to HW filter on device bond5 [ 1090.042724][T13285] xfrm0: entered promiscuous mode [ 1090.102180][T13285] xfrm0: entered allmulticast mode [ 1090.340636][T13301] netlink: 12 bytes leftover after parsing attributes in process `syz.1.12228'. [ 1090.414179][T13311] loop2: detected capacity change from 0 to 512 [ 1090.637400][T13351] netdevsim netdevsim5 netdevsim0: entered allmulticast mode [ 1090.645116][T13351] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 1090.689919][T13311] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003) [ 1090.771301][T13311] FAT-fs (loop2): Filesystem has been set read-only [ 1091.237182][T13389] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1091.817989][T13427] netlink: 'syz.0.12257': attribute type 1 has an invalid length. [ 1091.826733][T13427] netlink: 244 bytes leftover after parsing attributes in process `syz.0.12257'. [ 1091.906715][T13427] NCSI netlink: No device for ifindex 0 [ 1092.115885][T13446] kAFS: unable to lookup cell '/' [ 1092.288306][T13457] netlink: 260 bytes leftover after parsing attributes in process `syz.1.12266'. [ 1092.335432][T13463] loop4: detected capacity change from 0 to 128 [ 1093.025278][T13500] netlink: 'syz.1.12280': attribute type 27 has an invalid length. [ 1093.054216][T13500] netlink: 'syz.1.12280': attribute type 3 has an invalid length. [ 1093.075401][T13500] netlink: 132 bytes leftover after parsing attributes in process `syz.1.12280'. [ 1093.103706][T18302] usb 5-1: new high-speed USB device number 121 using dummy_hcd [ 1093.278435][T18302] usb 5-1: config 0 has an invalid interface number: 13 but max is 0 [ 1093.305399][T18302] usb 5-1: config 0 has no interface number 0 [ 1093.312736][T18302] usb 5-1: config 0 interface 13 has no altsetting 0 [ 1093.353496][T18302] usb 5-1: Dual-Role OTG device on HNP port [ 1093.386611][T13456] loop5: detected capacity change from 0 to 32768 [ 1093.390034][T18302] usb 5-1: New USB device found, idVendor=17cc, idProduct=1940, bcdDevice=1e.7a [ 1093.413711][T13456] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.12267 (13456) [ 1093.421437][T18302] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1093.470923][T18302] usb 5-1: Product: syz [ 1093.494444][T18302] usb 5-1: Manufacturer: syz [ 1093.507201][T18302] usb 5-1: SerialNumber: syz [ 1093.535166][T13456] BTRFS info (device loop5): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 1093.540758][T18302] usb 5-1: config 0 descriptor?? [ 1093.590666][T13456] BTRFS info (device loop5): using crc32c checksum algorithm [ 1093.614885][T13461] loop0: detected capacity change from 0 to 40427 [ 1093.627686][T13456] BTRFS warning (device loop5): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 1093.654851][T13461] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 1093.667899][T13461] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 1093.687787][T13461] F2FS-fs (loop0): invalid crc value [ 1093.784914][T18302] snd-usb-caiaq 5-1:0.13: can't set alt interface. [ 1093.833205][T18302] usb 5-1: unable to init card! (ret=-5) [ 1093.864992][T18302] snd-usb-caiaq 5-1:0.13: probe with driver snd-usb-caiaq failed with error -5 [ 1093.923585][T18302] usb 5-1: USB disconnect, device number 121 [ 1093.937107][T13554] netlink: 'syz.3.12290': attribute type 1 has an invalid length. [ 1093.946408][T13456] BTRFS info (device loop5): rebuilding free space tree [ 1093.981921][T13461] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1093.989854][T13554] netlink: 244 bytes leftover after parsing attributes in process `syz.3.12290'. [ 1094.037665][T13456] BTRFS info (device loop5): disabling free space tree [ 1094.044617][T13456] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 1094.076473][T13461] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 1094.089686][T13461] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 1094.123595][T13456] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 1094.179042][T13456] BTRFS info (device loop5): enabling ssd optimizations [ 1094.210741][T13456] BTRFS info (device loop5): turning on async discard [ 1094.247764][T13456] BTRFS info (device loop5): enabling disk space caching [ 1094.254861][T13456] BTRFS info (device loop5): force clearing of disk cache [ 1094.302380][T13456] BTRFS info (device loop5): use zstd compression, level 3 [ 1094.673965][ T5887] BTRFS info (device loop5): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 1094.803578][T13599] netlink: 4 bytes leftover after parsing attributes in process `syz.2.12303'. [ 1094.850672][T13599] netlink: 10 bytes leftover after parsing attributes in process `syz.2.12303'. [ 1095.450269][ T30] audit: type=1326 audit(1774365631.683:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13630 comm="syz.2.12314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f645899c799 code=0x7ffc0000 [ 1095.542688][ T30] audit: type=1326 audit(1774365631.746:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13630 comm="syz.2.12314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f645899c799 code=0x7ffc0000 [ 1095.643619][T13641] comedi comedi4: bad chanlist[0]=0x00000c7e chan=3198 range length=2 [ 1095.679546][ T30] audit: type=1326 audit(1774365631.746:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13630 comm="syz.2.12314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f645899c799 code=0x7ffc0000 [ 1095.782707][ T30] audit: type=1326 audit(1774365631.746:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13630 comm="syz.2.12314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f645899c799 code=0x7ffc0000 [ 1095.858048][ T30] audit: type=1326 audit(1774365631.746:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13630 comm="syz.2.12314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f645899c799 code=0x7ffc0000 [ 1095.971149][ T30] audit: type=1326 audit(1774365631.956:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13639 comm="syz.5.12316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe13019c799 code=0x7ffc0000 [ 1096.049682][T13661] program syz.2.12323 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1096.066285][ T30] audit: type=1326 audit(1774365631.956:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13639 comm="syz.5.12316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7fe13019c799 code=0x7ffc0000 [ 1096.171107][ T30] audit: type=1326 audit(1774365631.956:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13639 comm="syz.5.12316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe13019c799 code=0x7ffc0000 [ 1096.281751][ T30] audit: type=1326 audit(1774365631.956:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13639 comm="syz.5.12316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe13019c799 code=0x7ffc0000 [ 1096.343767][T13678] loop5: detected capacity change from 0 to 24 [ 1096.458225][T13678] romfs: read error for inode 0x8000 [ 1096.689951][ T30] audit: type=1326 audit(1774365633.006:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13697 comm="syz.3.12336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0dce99c799 code=0x7ffc0000 [ 1096.892628][T13711] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 1097.212632][T13732] !: renamed from dummy0 (while UP) [ 1097.215997][T13733] loop4: detected capacity change from 0 to 256 [ 1097.250159][T13733] exfat: Deprecated parameter 'utf8' [ 1097.344859][T13733] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe3908169, utbl_chksum : 0xe619d30d) [ 1097.467520][T13743] netdevsim netdevsim5: Direct firmware load for ./file0 failed with error -2 [ 1097.494326][T13746] netlink: 24 bytes leftover after parsing attributes in process `syz.2.12350'. [ 1097.545962][T13743] netdevsim netdevsim5: Falling back to sysfs fallback for: ./file0 [ 1097.591259][T13751] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 1097.601004][T13752] macsec0: entered promiscuous mode [ 1097.606499][T13752] macsec0: entered allmulticast mode [ 1097.628012][T13751] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1097.637200][T13752] veth1_macvtap: entered allmulticast mode [ 1098.110472][T13720] loop3: detected capacity change from 0 to 32768 [ 1098.147243][T13720] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.12341 (13720) [ 1098.235391][T13720] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1098.273675][T13720] BTRFS info (device loop3): using xxhash64 checksum algorithm [ 1098.394694][T13810] netlink: 8 bytes leftover after parsing attributes in process `syz.5.12366'. [ 1098.404076][T13810] netlink: 12 bytes leftover after parsing attributes in process `syz.5.12366'. [ 1098.460207][T13720] BTRFS info (device loop3): enabling ssd optimizations [ 1098.508145][T13819] x_tables: ip_tables: DNAT target: used from hooks POSTROUTING, but only usable from PREROUTING/OUTPUT [ 1098.516338][T13720] BTRFS info (device loop3): turning on flush-on-commit [ 1098.533706][T13720] BTRFS info (device loop3): turning on async discard [ 1098.557530][T13820] loop2: detected capacity change from 0 to 512 [ 1098.566789][T13720] BTRFS info (device loop3): enabling free space tree [ 1098.589099][T13820] EXT4-fs (loop2): Test dummy encryption mode enabled [ 1098.618980][T13720] BTRFS info (device loop3): force zlib compression, level 3 [ 1098.661788][T13820] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1098.666955][T13720] BTRFS info (device loop3): max_inline set to 4096 [ 1098.876570][T13820] EXT4-fs (loop2): Couldn't remount RDWR because of unprocessed orphan inode list. Please umount/remount instead [ 1099.019781][ T5872] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1099.074464][T13845] libceph: resolve '96' (ret=-3): failed [ 1099.085425][ T5873] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1099.108671][T13846] loop4: detected capacity change from 0 to 64 [ 1099.781236][T13883] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12386'. [ 1099.810154][T13883] netlink: 348 bytes leftover after parsing attributes in process `syz.1.12386'. [ 1099.838218][T13883] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12386'. [ 1099.859515][T13891] loop5: detected capacity change from 0 to 16 [ 1099.895890][T13883] netlink: 348 bytes leftover after parsing attributes in process `syz.1.12386'. [ 1099.941810][T13891] erofs (device loop5): mounted with root inode @ nid 36. [ 1099.991111][T13883] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12386'. [ 1100.364266][T13914] bond1: option packets_per_slave: mode dependency failed, not supported in mode balance-tlb(5) [ 1100.453876][T13957] xt_bpf: check failed: parse error [ 1100.461737][T13914] bond1 (unregistering): Released all slaves [ 1100.688802][T14002] netlink: 'syz.2.12402': attribute type 1 has an invalid length. [ 1100.716707][T14004] loop3: detected capacity change from 0 to 16 [ 1100.765947][T14004] erofs (device loop3): mounted with root inode @ nid 36. [ 1101.098397][T14031] loop1: detected capacity change from 0 to 64 [ 1101.273755][T14038] loop0: detected capacity change from 0 to 2048 [ 1101.278810][T14041] netlink: 12 bytes leftover after parsing attributes in process `syz.5.12414'. [ 1101.290721][T14042] loop4: detected capacity change from 0 to 1024 [ 1101.317702][T14038] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1101.360636][T14048] netlink: 28 bytes leftover after parsing attributes in process `syz.3.12415'. [ 1101.382494][T14042] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1101.414893][T14055] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1101.528908][T14042] EXT4-fs error (device loop4): ext4_xattr_inode_iget:441: inode #11: comm syz.4.12413: missing EA_INODE flag [ 1101.594080][T14042] EXT4-fs (loop4): Remounting filesystem read-only [ 1101.859290][ T5878] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1101.932939][T14082] loop0: detected capacity change from 0 to 64 [ 1102.006488][T14082] syz.0.12422: attempt to access beyond end of device [ 1102.006488][T14082] loop0: rw=8388608, sector=1024, nr_sectors = 2 limit=64 [ 1102.032331][T14085] loop5: detected capacity change from 0 to 512 [ 1102.086103][T14082] Buffer I/O error on dev loop0, logical block 512, async page read [ 1102.115376][T14082] syz.0.12422: attempt to access beyond end of device [ 1102.115376][T14082] loop0: rw=8388608, sector=113152, nr_sectors = 2 limit=64 [ 1102.143397][T14082] Buffer I/O error on dev loop0, logical block 56576, async page read [ 1102.199506][T14085] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1102.287464][T14102] loop2: detected capacity change from 0 to 1024 [ 1102.315480][T14085] ext4 filesystem being mounted at /2107/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1102.381417][T14085] EXT4-fs error (device loop5): ext4_xattr_block_get:597: inode #15: comm syz.5.12423: corrupted xattr block 33: invalid ea_ino [ 1102.428008][T14102] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1102.655617][ T5887] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1102.701329][ T5873] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1102.836481][T14129] xt_recent: Unsupported userspace flags (000000de) [ 1102.934970][ T5938] usb 1-1: new high-speed USB device number 122 using dummy_hcd [ 1102.997237][T14137] netlink: 8 bytes leftover after parsing attributes in process `syz.5.12431'. [ 1103.118463][ T5938] usb 1-1: Using ep0 maxpacket: 8 [ 1103.153952][ T5938] usb 1-1: config 6 has an invalid interface number: 84 but max is 0 [ 1103.162077][ T5938] usb 1-1: config 6 has no interface number 0 [ 1103.220661][ T5938] usb 1-1: config 6 interface 84 has no altsetting 0 [ 1103.262257][ T5938] usb 1-1: New USB device found, idVendor=1776, idProduct=501c, bcdDevice=27.70 [ 1103.277708][ T5938] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1103.285828][ T5938] usb 1-1: Product: syz [ 1103.338137][ T5938] usb 1-1: Manufacturer: syz [ 1103.342871][ T5938] usb 1-1: SerialNumber: syz [ 1103.574460][ T5938] gspca_main: spca501-2.14.0 probing 1776:501c [ 1103.626383][ T5938] gspca_spca501: reg write: error -71 [ 1103.646885][ T5938] spca501 1-1:6.84: Reg write failed for 0x02,0x07,0x05 [ 1103.668786][ T5938] spca501 1-1:6.84: probe with driver spca501 failed with error -22 [ 1103.711604][ T5938] usb 1-1: USB disconnect, device number 122 [ 1103.992121][T14200] loop2: detected capacity change from 0 to 2048 [ 1104.025954][T14200] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1104.461130][T14228] loop1: detected capacity change from 0 to 2048 [ 1104.543231][T14246] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1104.554475][ T30] kauditd_printk_skb: 4 callbacks suppressed [ 1104.554497][ T30] audit: type=1326 audit(1774365641.257:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14245 comm="syz.3.12466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0dce99c799 code=0x7ffc0000 [ 1104.626314][T14252] RDS: rds_bind could not find a transport for fe80::bb, load rds_tcp or rds_rdma? [ 1104.658623][ T30] audit: type=1326 audit(1774365641.257:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14245 comm="syz.3.12466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0dce99c799 code=0x7ffc0000 [ 1104.744045][ T30] audit: type=1326 audit(1774365641.320:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14245 comm="syz.3.12466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0dce99c799 code=0x7ffc0000 [ 1104.826808][T14262] netlink: 4 bytes leftover after parsing attributes in process `syz.2.12472'. [ 1104.839112][ T30] audit: type=1326 audit(1774365641.320:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14245 comm="syz.3.12466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f0dce99c799 code=0x7ffc0000 [ 1104.945554][ T30] audit: type=1326 audit(1774365641.320:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14245 comm="syz.3.12466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0dce99c799 code=0x7ffc0000 [ 1105.033435][ T30] audit: type=1326 audit(1774365641.320:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14245 comm="syz.3.12466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0dce99c799 code=0x7ffc0000 [ 1105.101490][ T30] audit: type=1326 audit(1774365641.320:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14245 comm="syz.3.12466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0dce99c799 code=0x7ffc0000 [ 1105.226699][T14283] netlink: 40 bytes leftover after parsing attributes in process `syz.4.12479'. [ 1105.229454][ T30] audit: type=1326 audit(1774365641.320:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14245 comm="syz.3.12466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f0dce99c799 code=0x7ffc0000 [ 1105.254613][T14283] netlink: 12 bytes leftover after parsing attributes in process `syz.4.12479'. [ 1105.287380][T14287] netlink: 28 bytes leftover after parsing attributes in process `syz.5.12480'. [ 1105.297025][T14283] netlink: 8 bytes leftover after parsing attributes in process `syz.4.12479'. [ 1105.305817][ T30] audit: type=1326 audit(1774365641.320:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14245 comm="syz.3.12466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f0dce99c799 code=0x7ffc0000 [ 1105.555434][T14287] veth5: entered allmulticast mode [ 1105.583928][T14312] netlink: 16 bytes leftover after parsing attributes in process `syz.3.12485'. [ 1106.003262][T14321] loop4: detected capacity change from 0 to 4096 [ 1106.078605][ T5951] usb 6-1: new high-speed USB device number 118 using dummy_hcd [ 1106.258853][ T5951] usb 6-1: Using ep0 maxpacket: 32 [ 1106.282474][ T5951] usb 6-1: config 0 has an invalid interface number: 12 but max is 0 [ 1106.295452][ T5951] usb 6-1: config 0 has no interface number 0 [ 1106.310116][ T5951] usb 6-1: config 0 interface 12 has no altsetting 0 [ 1106.339155][ T5951] usb 6-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 1106.354633][ T5951] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1106.383592][ T5951] usb 6-1: Product: syz [ 1106.387817][ T5951] usb 6-1: Manufacturer: syz [ 1106.394345][ T5951] usb 6-1: SerialNumber: syz [ 1106.405531][ T5951] usb 6-1: config 0 descriptor?? [ 1106.861322][ T5951] f81534 6-1:0.12: f81534_get_register: reg: 1003 failed: -71 [ 1106.888059][ T5951] f81534 6-1:0.12: f81534_find_config_idx: read failed: -71 [ 1106.895408][ T5951] f81534 6-1:0.12: f81534_calc_num_ports: find idx failed: -71 [ 1106.954287][ T5951] f81534 6-1:0.12: probe with driver f81534 failed with error -71 [ 1107.031020][ T5951] usb 6-1: USB disconnect, device number 118 [ 1107.249616][T14388] loop1: detected capacity change from 0 to 2048 [ 1107.303737][T14388] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1107.573488][T14405] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1108.032020][T14370] loop3: detected capacity change from 0 to 32768 [ 1108.061762][T14370] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.12498 (14370) [ 1108.130457][T14438] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12519'. [ 1108.142730][T14370] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 1108.199451][T14370] BTRFS info (device loop3): using sha256 checksum algorithm [ 1108.343703][T14466] netlink: 'syz.1.12524': attribute type 1 has an invalid length. [ 1108.353622][T14466] netlink: 'syz.1.12524': attribute type 2 has an invalid length. [ 1108.425814][T14370] BTRFS info (device loop3): enabling ssd optimizations [ 1108.466645][T14475] loop1: detected capacity change from 0 to 8 [ 1108.476674][T14370] BTRFS info (device loop3): turning on async discard [ 1108.483726][T14370] BTRFS info (device loop3): enabling free space tree [ 1108.490590][T14370] BTRFS info (device loop3): enabling auto defrag [ 1108.517710][T14370] BTRFS info (device loop3): max_inline set to 4096 [ 1108.637306][T14370] BTRFS info (device loop3 state M): max_inline set to 4096 [ 1108.722263][T14493] loop2: detected capacity change from 0 to 64 [ 1108.887228][ T5872] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 1109.121366][T14511] loop2: detected capacity change from 0 to 16 [ 1109.156999][T14511] erofs (device loop2): DAX unsupported by block device. Turning off DAX. [ 1109.203547][T14511] erofs (device loop2): mounted with root inode @ nid 36. [ 1109.259608][T14511] erofs (device loop2): read error -117 @ 0 of nid 36 [ 1109.395126][T14531] loop3: detected capacity change from 0 to 8 [ 1109.468527][T14531] SQUASHFS error: xz decompression failed, data probably corrupt [ 1109.517368][T14531] SQUASHFS error: Failed to read block 0x108: -5 [ 1109.523787][T14531] SQUASHFS error: Unable to read metadata cache entry [106] [ 1109.576769][T14531] SQUASHFS error: Unable to read inode 0x11f [ 1109.599803][T14541] loop2: detected capacity change from 0 to 64 [ 1109.954933][T14567] loop2: detected capacity change from 0 to 16 [ 1109.961272][T14564] loop3: detected capacity change from 0 to 2048 [ 1109.975049][T14567] erofs (device loop2): mounted with root inode @ nid 36. [ 1110.027569][ T51] erofs (device loop2): failed to decompress (lz4) corrupted compressed data @ pa 4096 size 4096 => 9000 [ 1110.047029][ T9] usb 5-1: new high-speed USB device number 122 using dummy_hcd [ 1110.065234][T14567] erofs (device loop2): failed to decompress (lz4) corrupted compressed data @ pa 4096 size 4096 => 8192 [ 1110.084252][T14567] erofs (device loop2): read error -117 @ 1 of nid 89 [ 1110.085942][T14564] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1110.199654][ T30] audit: type=1800 audit(1774365647.178:628): pid=14567 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.12551" name="file2" dev="loop2" ino=89 res=0 errno=0 [ 1110.295100][ T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1110.348457][ T9] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 1110.392759][T14581] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 1110.408451][ T9] usb 5-1: New USB device found, idVendor=0dfc, idProduct=0001, bcdDevice= c.19 [ 1110.443951][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1110.505946][ T9] usb 5-1: config 0 descriptor?? [ 1110.510847][ T5872] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1110.577582][T14603] loop5: detected capacity change from 0 to 64 [ 1110.754336][ T9] usb 5-1: USB disconnect, device number 122 [ 1111.180952][T14641] netlink: 32 bytes leftover after parsing attributes in process `syz.0.12568'. [ 1111.232603][T14641] netlink: 168 bytes leftover after parsing attributes in process `syz.0.12568'. [ 1111.295538][T14641] batadv0: left promiscuous mode [ 1111.359131][T14641] netlink: 168 bytes leftover after parsing attributes in process `syz.0.12568'. [ 1111.359858][T14651] tmpfs: Bad value for 'nr_blocks' [ 1111.425767][T14641] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check. [ 1111.640611][T14667] IPv6: NLM_F_CREATE should be specified when creating new route [ 1111.690523][ T30] audit: type=1326 audit(1774365648.763:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14670 comm="syz.5.12578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe13019c799 code=0x7ffc0000 [ 1111.764424][ T30] audit: type=1326 audit(1774365648.805:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14670 comm="syz.5.12578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7fe13019c799 code=0x7ffc0000 [ 1111.787749][ T30] audit: type=1326 audit(1774365648.805:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14670 comm="syz.5.12578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe13019c799 code=0x7ffc0000 [ 1111.811053][ T30] audit: type=1326 audit(1774365648.805:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14670 comm="syz.5.12578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe13019c799 code=0x7ffc0000 [ 1112.117335][T14696] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12586'. [ 1112.898674][T14739] set_capacity_and_notify: 1 callbacks suppressed [ 1112.898697][T14739] loop5: detected capacity change from 0 to 512 [ 1112.972933][T14739] EXT4-fs: Ignoring removed i_version option [ 1112.996749][T14744] netlink: 6032 bytes leftover after parsing attributes in process `syz.1.12602'. [ 1113.038137][T14739] EXT4-fs error (device loop5): ext4_orphan_get:1391: inode #15: comm syz.5.12601: inode has both inline data and extents flags [ 1113.090453][T14697] loop4: detected capacity change from 0 to 32768 [ 1113.099363][T14739] loop5: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 1113.101227][T14749] netlink: 12 bytes leftover after parsing attributes in process `syz.0.12603'. [ 1113.110472][ C0] EXT4-fs (loop5): error count since last fsck: 1 [ 1113.110504][ C0] EXT4-fs (loop5): initial error at time 1774365650: ext4_orphan_get:1391: inode 15 [ 1113.110546][ C0] EXT4-fs (loop5): last error at time 1774365650: ext4_orphan_get:1391: inode 15 [ 1113.145801][T14739] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.12601: couldn't read orphan inode 15 (err -117) [ 1113.158651][T14739] loop5: lost filesystem error report for type 5 error -117 [ 1113.161931][T14749] netlink: 580 bytes leftover after parsing attributes in process `syz.0.12603'. [ 1113.181651][T14739] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1113.186481][T14697] ocfs2: Slot 0 on device (7,4) was already allocated to this node! [ 1113.312331][T14697] JBD2: Ignoring recovery information on journal [ 1113.411159][T14697] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 1113.486386][ T5887] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1113.532508][T14728] loop2: detected capacity change from 0 to 32768 [ 1113.561381][T14728] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.12597 (14728) [ 1113.636843][T14728] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1113.680010][T14728] BTRFS info (device loop2): using sha256 checksum algorithm [ 1113.708984][T14709] loop3: detected capacity change from 0 to 32768 [ 1113.796889][ T5878] ocfs2: Unmounting device (7,4) on (node local) [ 1113.864664][T14709] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1113.938620][T14794] vivid-000: ================= START STATUS ================= [ 1113.981599][T14728] BTRFS info (device loop2): enabling ssd optimizations [ 1114.022355][T14728] BTRFS info (device loop2): turning on async discard [ 1114.039751][T14794] vivid-000: Generate PTS: true [ 1114.071486][T14728] BTRFS info (device loop2): enabling free space tree [ 1114.091558][T14794] vivid-000: Generate SCR: true [ 1114.164752][T14794] tpg source WxH: 1920x1080 (R'G'B) [ 1114.182638][T14794] tpg field: 1 [ 1114.210621][T14794] tpg crop: (0,0)/1920x1080 [ 1114.245112][T14794] tpg compose: (0,0)/1920x1080 [ 1114.270825][T14794] tpg colorspace: 1 [ 1114.275809][T14794] tpg transfer function: 6/0 [ 1114.290515][T14794] tpg quantization: 2/0 [ 1114.317532][T14794] tpg RGB range: 0/2 [ 1114.322096][ T5873] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1114.337839][T14794] vivid-000: ================== END STATUS ================== [ 1114.400320][T14709] XFS (loop3): Ending clean mount [ 1114.626224][ T5872] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1114.681186][T14828] loop1: detected capacity change from 0 to 512 [ 1114.839023][T14828] EXT4-fs error (device loop1): ext4_orphan_get:1417: comm syz.1.12616: bad orphan inode 15 [ 1114.908081][T14828] loop1: lost filesystem error report for type 5 error -117 [ 1114.912494][T14828] ext4_test_bit(bit=14, block=5) = 0 [ 1114.919904][ C1] EXT4-fs (loop1): error count since last fsck: 1 [ 1114.919933][ C1] EXT4-fs (loop1): initial error at time 1774365652: ext4_orphan_get:1417 [ 1114.919964][ C1] EXT4-fs (loop1): last error at time 1774365652: ext4_orphan_get:1417 [ 1115.150947][T14828] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1115.165445][ T9] usb 6-1: new high-speed USB device number 119 using dummy_hcd [ 1115.174819][T14847] loop4: detected capacity change from 0 to 4096 [ 1115.334623][T14847] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 1115.376341][ T9] usb 6-1: Using ep0 maxpacket: 8 [ 1115.388574][ T9] usb 6-1: config 135 has an invalid interface number: 230 but max is 0 [ 1115.399098][ T9] usb 6-1: config 135 contains an unexpected descriptor of type 0x2, skipping [ 1115.412652][ T5874] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1115.444375][ T9] usb 6-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 1115.482560][ T9] usb 6-1: config 135 has no interface number 0 [ 1115.489671][ T9] usb 6-1: too many endpoints for config 135 interface 230 altsetting 126: 53, using maximum allowed: 30 [ 1115.531922][ T9] usb 6-1: config 135 interface 230 altsetting 126 has 0 endpoint descriptors, different from the interface descriptor's value: 53 [ 1115.579116][ T9] usb 6-1: config 135 interface 230 has no altsetting 0 [ 1115.606921][T14847] ntfs3(loop4): Failed to load $Extend (-22). [ 1115.623770][T14847] ntfs3(loop4): Failed to initialize $Extend. [ 1115.648499][ T9] usb 6-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 1115.698989][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1115.707214][ T9] usb 6-1: Product: syz [ 1115.786714][ T9] usb 6-1: Manufacturer: syz [ 1115.791363][ T9] usb 6-1: SerialNumber: syz [ 1115.829254][ T9] uvcvideo 6-1:135.230: Found UVC 0.00 device syz (18ec:3288) [ 1115.878301][ T9] uvcvideo 6-1:135.230: No valid video chain found. [ 1116.018110][ T9] usb 6-1: USB disconnect, device number 119 [ 1116.209053][T14902] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12634'. [ 1116.239291][T14902] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12634'. [ 1116.269085][T14902] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12634'. [ 1116.287469][T14902] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12634'. [ 1116.575462][T14919] loop1: detected capacity change from 0 to 1024 [ 1116.631357][T14919] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 1116.665407][T14928] loop4: detected capacity change from 0 to 512 [ 1116.715501][T14919] ext4 filesystem being mounted at /2097/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1116.748704][T14928] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 1116.754028][T14928] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e02c, mo2=0002] [ 1116.754306][T14928] EXT4-fs (loop4): orphan cleanup on readonly fs [ 1116.754328][T14928] EXT4-fs error (device loop4): ext4_orphan_get:1417: comm syz.4.12641: bad orphan inode 3 [ 1116.754354][T14928] loop4: lost filesystem error report for type 5 error -117 [ 1116.755601][ C0] EXT4-fs (loop4): error count since last fsck: 1 [ 1116.755623][ C0] EXT4-fs (loop4): initial error at time 1774365654: ext4_orphan_get:1417 [ 1116.755654][ C0] EXT4-fs (loop4): last error at time 1774365654: ext4_orphan_get:1417 [ 1116.765208][T14928] EXT4-fs (loop4): Remounting filesystem read-only [ 1116.777393][T14919] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.12640: bg 0: block 112: padding at end of block bitmap is not set [ 1116.787297][T14928] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 1116.788758][T14919] EXT4-fs (loop1): Remounting filesystem read-only [ 1116.987199][ T5874] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 1117.053065][ T5878] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 1117.393060][T14959] loop3: detected capacity change from 0 to 1024 [ 1117.452090][T14959] hfsplus: detected inconsistent attributes file, running fsck.hfsplus is recommended. [ 1117.504871][T14967] netlink: 8 bytes leftover after parsing attributes in process `syz.4.12652'. [ 1117.651533][T14961] loop5: detected capacity change from 0 to 4096 [ 1118.430224][T15010] netlink: 1 bytes leftover after parsing attributes in process `syz.3.12664'. [ 1118.454030][T14898] kexec: Could not allocate control_code_buffer [ 1118.671113][T15017] loop5: detected capacity change from 0 to 512 [ 1118.724108][T15017] EXT4-fs warning (device loop5): ext4_enable_quotas:7236: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 1118.820225][T15017] EXT4-fs (loop5): mount failed [ 1119.023263][ T5965] usb 3-1: new high-speed USB device number 112 using dummy_hcd [ 1119.112168][T15048] loop3: detected capacity change from 0 to 1024 [ 1119.172863][T14990] bridge0: port 2(bridge_slave_1) entered disabled state [ 1119.180269][T14990] bridge0: port 1(bridge_slave_0) entered disabled state [ 1119.223317][ T5965] usb 3-1: Using ep0 maxpacket: 8 [ 1119.248239][ T5965] usb 3-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4 [ 1119.275759][ T5965] usb 3-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3 [ 1119.303826][ T5965] usb 3-1: Product: syz [ 1119.313702][ T5965] usb 3-1: Manufacturer: syz [ 1119.323584][ T5965] usb 3-1: SerialNumber: syz [ 1119.351069][ T5965] usb 3-1: config 0 descriptor?? [ 1119.373343][ T5965] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd [ 1119.775765][ T5965] gspca_zc3xx: reg_r err -71 [ 1119.780493][ T5965] gspca_zc3xx 3-1:0.0: probe with driver gspca_zc3xx failed with error -71 [ 1119.812096][T15083] openvswitch: netlink: Unexpected mask (mask=2200040, allowed=2010048) [ 1119.829420][ T5965] usb 3-1: USB disconnect, device number 112 [ 1120.600348][T15121] loop0: detected capacity change from 0 to 4096 [ 1120.686736][T15121] ntfs3(loop0): ino=5, "/" indx_read_ra [ 1121.225307][T15118] loop5: detected capacity change from 0 to 32768 [ 1121.248226][T15118] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.12690 (15118) [ 1121.356669][T15118] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1121.405347][T15118] BTRFS info (device loop5): using sha256 checksum algorithm [ 1121.523076][T14990] veth0_macvtap: left allmulticast mode [ 1121.548478][T14990] veth1_macvtap: left allmulticast mode [ 1121.553903][T15118] BTRFS info (device loop5): rebuilding free space tree [ 1121.614632][T15118] BTRFS info (device loop5): enabling ssd optimizations [ 1121.662372][T15118] BTRFS info (device loop5): using spread ssd allocation scheme [ 1121.670078][T15118] BTRFS info (device loop5): turning on async discard [ 1121.704107][T15118] BTRFS info (device loop5): enabling free space tree [ 1121.716009][T15118] BTRFS info (device loop5): force clearing of disk cache [ 1121.792503][ T5887] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1122.168600][ T9] dummy0 speed is unknown, defaulting to 1000 [ 1122.174903][ T9] syz0: Port: 1 Link DOWN [ 1122.188823][ T3007] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1122.207089][ T3007] netdevsim netdevsim1 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0 [ 1122.252813][T15183] @ÿ: renamed from veth0_vlan [ 1122.309547][ T3007] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1122.348473][ T3007] netdevsim netdevsim1 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0 [ 1122.417597][ T3007] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1122.430233][T15201] netlink: 236 bytes leftover after parsing attributes in process `syz.1.12708'. [ 1122.442830][ T3007] netdevsim netdevsim1 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0 [ 1122.490220][ T3007] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1122.530758][ T3007] netdevsim netdevsim1 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0 [ 1122.604894][ T6025] usb 6-1: new high-speed USB device number 120 using dummy_hcd [ 1122.760692][T15224] netlink: 12 bytes leftover after parsing attributes in process `syz.1.12715'. [ 1122.794891][ T6025] usb 6-1: Using ep0 maxpacket: 8 [ 1122.805196][ T6025] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 13 [ 1122.832673][ T6025] usb 6-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58 [ 1122.849855][ T6025] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1122.873745][ T6025] usb 6-1: Product: syz [ 1122.894240][ T6025] usb 6-1: Manufacturer: syz [ 1122.914058][ T6025] usb 6-1: SerialNumber: syz [ 1122.978541][ T6025] usb 6-1: config 0 descriptor?? [ 1123.009473][ T6025] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae [ 1123.215016][ T6025] gspca_zc3xx: reg_w_i err -71 [ 1123.480818][T15068] usb 5-1: new high-speed USB device number 123 using dummy_hcd [ 1123.607843][T15228] loop2: detected capacity change from 0 to 32768 [ 1123.647304][T15068] usb 5-1: config 1 has an invalid descriptor of length 99, skipping remainder of the config [ 1123.673382][T15068] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1123.694159][T15068] usb 5-1: New USB device found, idVendor=0763, idProduct=1ff9, bcdDevice= 0.40 [ 1123.705303][T15068] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1123.724913][T15068] usb 5-1: Product: syz [ 1123.738391][T15068] usb 5-1: Manufacturer: syz [ 1123.746014][T15068] usb 5-1: SerialNumber: syz [ 1123.823709][ T6025] gspca_zc3xx: Unknown sensor - set to TAS5130C [ 1123.840233][ T6025] gspca_zc3xx 6-1:0.0: probe with driver gspca_zc3xx failed with error -71 [ 1123.901431][T15238] loop1: detected capacity change from 0 to 32768 [ 1123.919403][ T6025] usb 6-1: USB disconnect, device number 120 [ 1123.946202][T15238] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.12720 (15238) [ 1124.020752][T15068] usb 5-1: 0:1 : does not exist [ 1124.030191][T15068] usb 5-1: unit 4 not found! [ 1124.074046][T15238] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1124.126370][T15238] BTRFS info (device loop1): using sha256 checksum algorithm [ 1124.218779][T15257] loop3: detected capacity change from 0 to 32768 [ 1124.243034][T15111] usb 1-1: new high-speed USB device number 123 using dummy_hcd [ 1124.252482][T15068] usb 5-1: USB disconnect, device number 123 [ 1124.348281][T15257] JBD2: Ignoring recovery information on journal [ 1124.371539][T15257] jbd2_journal_bmap: journal block not found at offset 32 on loop3-75 [ 1124.380778][T15257] JBD2: bad block at offset 32 [ 1124.395047][T15238] BTRFS info (device loop1): enabling ssd optimizations [ 1124.435101][T15238] BTRFS info (device loop1): turning on async discard [ 1124.444447][T15111] usb 1-1: Using ep0 maxpacket: 8 [ 1124.450344][T15325] loop5: detected capacity change from 0 to 1764 [ 1124.453317][T15257] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 1124.458702][T15111] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 1124.480190][T15238] BTRFS info (device loop1): enabling free space tree [ 1124.536039][T15111] usb 1-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 1124.592293][T15111] usb 1-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 1124.601420][T15325] iso9660: Corrupted directory entry in block 14 of inode 1920 [ 1124.652480][T15111] usb 1-1: Product: syz [ 1124.656817][T15111] usb 1-1: Manufacturer: syz [ 1124.678141][T15111] usb 1-1: SerialNumber: syz [ 1124.745205][ T5874] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1124.824234][ T5872] ocfs2: Unmounting device (7,3) on (node local) [ 1124.920522][T15111] usb 1-1: Invalid connection information received from device [ 1125.081504][T15349] loop3: detected capacity change from 0 to 128 [ 1125.170320][T15068] usb 1-1: USB disconnect, device number 123 [ 1125.567989][T15289] loop2: detected capacity change from 0 to 32768 [ 1125.591468][T15368] bridge0: port 1(hsr0) entered disabled state [ 1125.597940][T15368] bridge0: port 3(dummy0) entered disabled state [ 1125.604445][T15368] bridge0: port 2(bridge_slave_1) entered disabled state [ 1125.667837][T15289] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1125.930759][T15289] XFS (loop2): Ending clean mount [ 1126.257990][ T5873] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1126.566018][T15368] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1127.071426][T15446] netlink: 'syz.2.12759': attribute type 10 has an invalid length. [ 1127.087803][T15411] geneve3: entered promiscuous mode [ 1127.112394][T15411] geneve3: entered allmulticast mode [ 1127.122832][T18455] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1127.143195][T18455] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1127.167422][T15068] usb 1-1: new full-speed USB device number 124 using dummy_hcd [ 1127.224794][T18455] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1127.245185][T18455] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1127.342750][T15068] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 10 [ 1127.367217][T15068] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1127.389835][T15068] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 10 [ 1127.393527][T15456] loop3: detected capacity change from 0 to 2048 [ 1127.413521][T15068] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 1127.438558][T15456] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1127.462947][T15068] usb 1-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13 [ 1127.479046][T15068] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1127.494577][T15068] usb 1-1: Product: syz [ 1127.504699][T15068] usb 1-1: Manufacturer: syz [ 1127.519562][T15068] usb 1-1: SerialNumber: syz [ 1127.551584][T15068] usb 1-1: config 0 descriptor?? [ 1127.690005][T15472] IPVS: sync thread started: state = MASTER, mcast_ifn = lo, syncid = 2, id = 0 [ 1127.780762][T15441] loop5: detected capacity change from 0 to 32768 [ 1127.808894][T15068] adutux 1-1:0.0: Could not retrieve serial number [ 1127.834981][T15068] adutux 1-1:0.0: probe with driver adutux failed with error -5 [ 1127.882614][T15483] loop3: detected capacity change from 0 to 512 [ 1128.018145][T15483] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.12766: inode has both inline data and extents flags [ 1128.053385][T15111] usb 1-1: USB disconnect, device number 124 [ 1128.100987][T15483] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 1128.104453][T15483] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.12766: couldn't read orphan inode 15 (err -117) [ 1128.114141][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 1128.114171][ C0] EXT4-fs (loop3): initial error at time 1774365665: ext4_orphan_get:1391: inode 15 [ 1128.114212][ C0] EXT4-fs (loop3): last error at time 1774365665: ext4_orphan_get:1391: inode 15 [ 1128.200399][T15505] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12769'. [ 1128.275797][T15483] loop3: lost filesystem error report for type 5 error -117 [ 1128.279575][T15483] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1128.550446][ T5872] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1128.621127][T15524] netlink: 32 bytes leftover after parsing attributes in process `syz.4.12779'. [ 1128.809222][T15536] vim2m vim2m.0: Fourcc format (0x47524247) invalid. [ 1129.383174][T15578] netlink: 'syz.2.12795': attribute type 2 has an invalid length. [ 1129.453725][ T9] usb 2-1: new high-speed USB device number 119 using dummy_hcd [ 1129.455063][T15578] hmac(sha224): entered promiscuous mode [ 1129.644656][ T9] usb 2-1: Using ep0 maxpacket: 32 [ 1129.656076][ T9] usb 2-1: config 0 has an invalid interface number: 196 but max is 0 [ 1129.683487][ T9] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1129.712636][ T9] usb 2-1: config 0 has no interface number 0 [ 1129.718801][ T9] usb 2-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 528 [ 1129.739522][ T30] audit: type=1326 audit(1774365667.702:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15597 comm="syz.0.12801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff97159c799 code=0x7ffc0000 [ 1129.786166][ T9] usb 2-1: config 0 interface 196 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1129.802073][ T30] audit: type=1326 audit(1774365667.744:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15597 comm="syz.0.12801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7ff97159c799 code=0x7ffc0000 [ 1129.832609][ T9] usb 2-1: config 0 interface 196 has no altsetting 0 [ 1129.866604][ T9] usb 2-1: New USB device found, idVendor=05ac, idProduct=7700, bcdDevice=eb.3a [ 1129.888869][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1129.897235][ T30] audit: type=1326 audit(1774365667.744:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15597 comm="syz.0.12801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff97159c799 code=0x7ffc0000 [ 1129.934342][ T9] usb 2-1: Product: syz [ 1129.938544][ T9] usb 2-1: Manufacturer: syz [ 1129.947475][T15609] netlink: zone id is out of range [ 1129.957135][T15609] netlink: zone id is out of range [ 1129.964706][ T9] usb 2-1: SerialNumber: syz [ 1129.979552][T15609] netlink: zone id is out of range [ 1129.984878][T15609] netlink: zone id is out of range [ 1129.994065][ T30] audit: type=1326 audit(1774365667.744:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15597 comm="syz.0.12801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff97159c799 code=0x7ffc0000 [ 1130.018899][ T9] usb 2-1: config 0 descriptor?? [ 1130.035438][T15565] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 1130.070180][T15609] netlink: zone id is out of range [ 1130.091812][T15609] netlink: zone id is out of range [ 1130.097178][T15609] netlink: zone id is out of range [ 1130.112228][T15609] netlink: zone id is out of range [ 1130.117656][T15609] netlink: zone id is out of range [ 1130.123192][T15609] netlink: zone id is out of range [ 1130.280477][ T9] ipheth 2-1:0.196: Unable to find endpoints [ 1130.333280][ T9] usb 2-1: USB disconnect, device number 119 [ 1130.354142][T15637] netlink: 'syz.5.12809': attribute type 1 has an invalid length. [ 1130.371915][T15640] netlink: 20 bytes leftover after parsing attributes in process `syz.3.12811'. [ 1130.393451][T15640] netlink: 11 bytes leftover after parsing attributes in process `syz.3.12811'. [ 1130.616738][T15655] netlink: 60 bytes leftover after parsing attributes in process `syz.5.12815'. [ 1130.806328][T15664] netlink: 'syz.0.12818': attribute type 1 has an invalid length. [ 1130.844788][T15664] netlink: 12 bytes leftover after parsing attributes in process `syz.0.12818'. [ 1130.999880][T15600] loop2: detected capacity change from 0 to 32768 [ 1131.065176][T15600] ERROR: (device loop2): dtSearch: stack overrun! [ 1131.065176][T15600] [ 1131.111202][T15600] ERROR: (device loop2): remounting filesystem as read-only [ 1131.141874][T15600] btstack dump: [ 1131.163357][T15600] bn = 0, index = 4 [ 1131.167315][T15600] bn = 0, index = 4 [ 1131.189000][T15600] bn = 0, index = 4 [ 1131.244868][T15600] bn = 0, index = 4 [ 1131.248869][T15600] bn = 0, index = 4 [ 1131.252792][T15600] bn = 0, index = 4 [ 1131.320901][T15600] bn = 0, index = 4 [ 1131.324827][T15600] bn = 0, index = 0 [ 1131.328712][T15600] jfs_lookup: dtSearch returned -5 [ 1131.341129][T15691] loop5: detected capacity change from 0 to 16 [ 1131.386997][T15692] CIFS: VFS: Malformed UNC in devname [ 1131.401629][T15691] erofs (device loop5): mounted with root inode @ nid 36. [ 1131.728727][T15716] netlink: 'syz.1.12833': attribute type 21 has an invalid length. [ 1131.758849][ T9] usb 1-1: new high-speed USB device number 125 using dummy_hcd [ 1131.779140][T15716] netlink: 128 bytes leftover after parsing attributes in process `syz.1.12833'. [ 1131.825717][T15722] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12834'. [ 1131.850589][T15716] netlink: 'syz.1.12833': attribute type 5 has an invalid length. [ 1131.879099][T15716] netlink: 3 bytes leftover after parsing attributes in process `syz.1.12833'. [ 1131.920527][ T9] usb 1-1: Using ep0 maxpacket: 32 [ 1131.932250][ T9] usb 1-1: config 0 has an invalid interface number: 119 but max is 0 [ 1131.967693][ T9] usb 1-1: config 0 has no interface number 0 [ 1131.974948][T15134] usb 5-1: new high-speed USB device number 124 using dummy_hcd [ 1132.006965][ T9] usb 1-1: config 0 interface 119 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 1132.037358][ T9] usb 1-1: config 0 interface 119 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83 [ 1132.081477][ T9] usb 1-1: config 0 interface 119 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 1132.120085][ T9] usb 1-1: config 0 interface 119 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 1132.153727][T15134] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 1132.166098][T15134] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1132.177836][T15134] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 1132.187792][ T9] usb 1-1: New USB device found, idVendor=05ac, idProduct=0292, bcdDevice=88.73 [ 1132.196955][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1132.205849][ T9] usb 1-1: Product: syz [ 1132.210820][T15134] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1132.223467][ T9] usb 1-1: Manufacturer: syz [ 1132.228682][ T9] usb 1-1: SerialNumber: syz [ 1132.233735][T15134] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1132.241365][T15735] loop5: detected capacity change from 0 to 4096 [ 1132.265212][ T9] usb 1-1: config 0 descriptor?? [ 1132.291374][ T9] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.119/input/input64 [ 1132.308296][T15134] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 1132.329083][T15134] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 1132.340856][ T6026] usb 4-1: new high-speed USB device number 87 using dummy_hcd [ 1132.341735][T15134] usb 5-1: Product: syz [ 1132.357127][T15134] usb 5-1: Manufacturer: syz [ 1132.378248][T15111] usb 2-1: new high-speed USB device number 120 using dummy_hcd [ 1132.391198][T15134] cdc_wdm 5-1:1.0: skipping garbage [ 1132.397571][T15134] cdc_wdm 5-1:1.0: skipping garbage [ 1132.427667][T15134] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 1132.433623][T15134] cdc_wdm 5-1:1.0: Unknown control protocol [ 1132.521118][ T6026] usb 4-1: Using ep0 maxpacket: 8 [ 1132.532283][ T6026] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 1132.562382][ T6026] usb 4-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=16.b3 [ 1132.580992][T30460] usb 1-1: USB disconnect, device number 125 [ 1132.590226][T15111] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1132.607190][T15715] cdc_wdm 5-1:1.0: Error submitting int urb - -90 [ 1132.623833][ T6026] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1132.631235][T15766] loop2: detected capacity change from 0 to 128 [ 1132.642403][T15111] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 3 [ 1132.663287][ T6026] usb 4-1: Product: syz [ 1132.669692][ T6026] usb 4-1: Manufacturer: syz [ 1132.678314][T15111] usb 2-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00 [ 1132.678786][T15134] usb 5-1: USB disconnect, device number 124 [ 1132.688908][ T6026] usb 4-1: SerialNumber: syz [ 1132.704547][T15111] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1132.769200][T15111] usb 2-1: config 0 descriptor?? [ 1132.776445][ T6026] usb 4-1: config 0 descriptor?? [ 1133.015122][T15111] Bluetooth: Can't get state to change to load ram patch err [ 1133.039260][T15111] Bluetooth: Loading patch file failed [ 1133.066907][T15111] ath3k 2-1:0.0: probe with driver ath3k failed with error -121 [ 1133.084152][ T6026] msi2500 4-1:0.0: Registered as swradio24 [ 1133.091542][ T6026] msi2500 4-1:0.0: SDR API is still slightly experimental and functionality changes may follow [ 1133.125944][ T6026] usb 4-1: USB disconnect, device number 87 [ 1133.209017][T15111] usb 2-1: USB disconnect, device number 120 [ 1133.323101][T15829] netlink: 1047 bytes leftover after parsing attributes in process `syz.0.12846'. [ 1133.570905][T15772] loop5: detected capacity change from 0 to 32768 [ 1133.602961][T15772] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.12843 (15772) [ 1133.663160][T15772] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1133.711752][T15772] BTRFS info (device loop5): using crc32c checksum algorithm [ 1133.781938][T15855] loop3: detected capacity change from 0 to 2048 [ 1133.826043][T15855] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1133.864061][T15875] loop1: detected capacity change from 0 to 1024 [ 1133.877084][T15875] hfsplus: Filesystem is marked locked, mounting read-only. [ 1133.982576][T15772] BTRFS info (device loop5): setting nodatasum [ 1134.035361][T15881] loop2: detected capacity change from 0 to 64 [ 1134.041675][T15772] BTRFS info (device loop5): setting nodatacow [ 1134.102437][T15772] BTRFS info (device loop5): turning on async discard [ 1134.109448][T15772] BTRFS info (device loop5): enabling free space tree [ 1134.149931][T15772] BTRFS info (device loop5): enabling auto defrag [ 1134.169984][T15772] BTRFS info (device loop5): max_inline set to 0 [ 1134.289354][T15772] BTRFS info (device loop5 state M): max_inline set to 0 [ 1134.472600][ T5887] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1134.786886][T15917] loop3: detected capacity change from 0 to 2048 [ 1134.886297][ T6255] loop3: p1 p3 p4 [ 1134.886297][ T6255] p1: [ 1134.934251][ T6255] loop3: p4 size 589824 extends beyond EOD, truncated [ 1135.036836][T15917] loop3: p1 p3 p4 [ 1135.036836][T15917] p1: [ 1135.165155][T15917] loop3: p4 size 589824 extends beyond EOD, truncated [ 1135.196570][T15944] bond3: entered promiscuous mode [ 1135.204287][T15944] 8021q: adding VLAN 0 to HW filter on device bond3 [ 1135.880647][T16020] netlink: 132 bytes leftover after parsing attributes in process `syz.2.12884'. [ 1135.917855][T16020] netlink: 8 bytes leftover after parsing attributes in process `syz.2.12884'. [ 1135.964175][T16020] tc_dump_action: action bad kind [ 1136.124525][ T5875] udevd[5875]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 1136.126185][ T6255] udevd[6255]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 1136.146976][ T6259] udevd[6259]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 1136.160829][ T5885] udevd[5885]: inotify_add_watch(7, /dev/loop3p5, 10) failed: No such file or directory [ 1136.818743][T16061] loop5: detected capacity change from 0 to 4096 [ 1136.870372][T16061] ntfs3(loop5): Different NTFS sector size (1024) and media sector size (512). [ 1136.871768][T16068] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12897'. [ 1137.035063][T16061] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 1137.072818][T16061] ntfs3(loop5): Failed to load $Extend (-22). [ 1137.102658][T16061] ntfs3(loop5): Failed to initialize $Extend. [ 1137.148428][T16061] ntfs3(loop5): ino=0, attr_set_size_ex [ 1137.455313][ T6026] usb 2-1: new high-speed USB device number 121 using dummy_hcd [ 1137.470575][T16055] loop0: detected capacity change from 0 to 32768 [ 1137.493205][T16055] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.12893 (16055) [ 1137.551909][T16097] loop3: detected capacity change from 0 to 4096 [ 1137.589879][T16055] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 1137.594665][T16106] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1137.641532][T16055] BTRFS info (device loop0): using blake2b checksum algorithm [ 1137.656869][ T6026] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 1137.675704][ T6026] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 1137.702574][ T6026] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 1137.713159][ T6026] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 1137.724982][ T6026] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 1137.754147][ T6026] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 1137.780686][ T6026] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 1137.799194][ T6026] usb 2-1: Product: syz [ 1137.808479][ T6026] usb 2-1: Manufacturer: syz [ 1137.858659][ T6026] cdc_wdm 2-1:1.0: skipping garbage [ 1137.874645][ T6026] cdc_wdm 2-1:1.0: skipping garbage [ 1137.881544][T16055] BTRFS info (device loop0): enabling ssd optimizations [ 1137.890700][T16055] BTRFS info (device loop0): turning on async discard [ 1137.898503][ T6026] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device [ 1137.903587][T16055] BTRFS info (device loop0): enabling free space tree [ 1137.905575][ T6026] cdc_wdm 2-1:1.0: Unknown control protocol [ 1138.244344][ C1] cdc_wdm 2-1:1.0: unknown notification 241 received: index 1706 len 10969 [ 1138.278411][ T9] usb 2-1: USB disconnect, device number 121 [ 1138.340471][ T5868] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 1138.427413][ T6026] usb 6-1: new high-speed USB device number 121 using dummy_hcd [ 1138.619753][ T6026] usb 6-1: Using ep0 maxpacket: 8 [ 1138.651126][ T6026] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 1138.673806][ T6026] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1138.703061][ T6026] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1138.721031][ T6026] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024 [ 1138.750684][ T6026] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 1138.796455][ T6026] usb 6-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 1138.835702][ T6026] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1138.895264][ T6026] usb 6-1: config 0 descriptor?? [ 1138.904054][T16143] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 1139.111043][T16190] netlink: 336 bytes leftover after parsing attributes in process `syz.0.12919'. [ 1139.152122][T16190] netlink: 156 bytes leftover after parsing attributes in process `syz.0.12919'. [ 1139.161938][T16186] Bluetooth: hci6: unexpected event 0x10 length: 71 > 1 [ 1139.358807][T15111] usb 6-1: USB disconnect, device number 121 [ 1139.358804][ T51] Bluetooth: hci6: Opcode 0x0c03 failed: -71 [ 1139.380530][ T51] Bluetooth: hci6: hardware error 0x51 [ 1139.484363][ T6026] usb 3-1: new full-speed USB device number 113 using dummy_hcd [ 1139.675921][T18449] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1139.691480][ T6026] usb 3-1: config 0 has an invalid interface number: 146 but max is 0 [ 1139.722241][ T6026] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1139.746256][ T6026] usb 3-1: config 0 has no interface number 0 [ 1139.774754][ T6026] usb 3-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0x1C, changing to 0xC [ 1139.830155][ T6026] usb 3-1: config 0 interface 146 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0 [ 1139.871603][ T6026] usb 3-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83 [ 1139.907051][ T6026] usb 3-1: config 0 interface 146 altsetting 0 endpoint 0x83 has invalid maxpacket 33307, setting to 64 [ 1139.921976][T18449] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1139.952705][ T6026] usb 3-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xF2, changing to 0x82 [ 1139.970454][ T6026] usb 3-1: config 0 interface 146 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1139.990005][ T6026] usb 3-1: New USB device found, idVendor=05da, idProduct=009a, bcdDevice=62.95 [ 1140.008388][ T6026] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1140.030050][T16235] macsec1: entered promiscuous mode [ 1140.042442][ T6026] usb 3-1: Product: syz [ 1140.048825][T16235] macsec1: entered allmulticast mode [ 1140.054282][ T6026] usb 3-1: Manufacturer: syz [ 1140.059921][ T6026] usb 3-1: SerialNumber: syz [ 1140.077421][ T6026] usb 3-1: config 0 descriptor?? [ 1140.097579][T16194] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1140.098593][T18449] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1140.108005][ T6026] microtek usb (rev 0.4.3): will this work? Command EP is not usually 12 [ 1140.140307][ T6026] microtek usb (rev 0.4.3): will this work? Response EP is not usually 3 [ 1140.149415][ T6026] microtek usb (rev 0.4.3): will this work? Image data EP is not usually 2 [ 1140.179842][ T6026] scsi host1: microtekX6 [ 1140.204648][T18455] microtek usb (rev 0.4.3): error -90 submitting URB [ 1140.239366][T18449] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1140.246380][ T2231] microtek usb (rev 0.4.3): error -90 submitting URB [ 1140.294397][ T2231] microtek usb (rev 0.4.3): error -90 submitting URB [ 1140.331812][ T2231] microtek usb (rev 0.4.3): error -90 submitting URB [ 1140.472360][ T6026] usb 3-1: USB disconnect, device number 113 [ 1140.801668][T16277] tracefs: Bad value for 'uid' [ 1140.806474][T16277] tracefs: Bad value for 'uid' [ 1140.893390][T16186] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1140.906336][T16186] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1140.923703][T16186] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1140.951622][T16186] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1140.964225][T16186] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1141.053388][T16292] netlink: 28 bytes leftover after parsing attributes in process `syz.4.12941'. [ 1141.308127][T16254] loop0: detected capacity change from 0 to 32768 [ 1141.719803][T16321] faux_driver vgem: [drm] Unknown color mode 7; guessing buffer size. [ 1142.263215][T18449] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1142.316423][T18449] bond_slave_0: left promiscuous mode [ 1142.322200][T18449] bond_slave_0: left allmulticast mode [ 1142.358224][T16353] usb usb8: selecting invalid altsetting 56942 [ 1142.367124][T18449] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1142.391225][T18449] bond_slave_1: left promiscuous mode [ 1142.397041][T18449] bond_slave_1: left allmulticast mode [ 1142.403909][T18449] bond0 (unregistering): Released all slaves [ 1142.421607][T18449] bond1 (unregistering): Released all slaves [ 1142.441437][T18449] bond2 (unregistering): Released all slaves [ 1142.519679][T18449] bond3 (unregistering): Released all slaves [ 1142.570059][T18449] bond4 (unregistering): Released all slaves [ 1142.590461][T18449] bond5 (unregistering): Released all slaves [ 1142.833340][T16278] dummy0 speed is unknown, defaulting to 1000 [ 1142.868055][T16278] lo speed is unknown, defaulting to 1000 [ 1142.963719][T16384] loop4: detected capacity change from 0 to 16 [ 1142.981341][T16186] Bluetooth: hci1: command tx timeout [ 1143.002261][T16384] erofs (device loop4): mounted with root inode @ nid 36. [ 1143.025151][ T30] audit: type=1800 audit(1774365681.654:637): pid=16384 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.12959" name="file1" dev="loop4" ino=86 res=0 errno=0 [ 1143.141279][T16400] loop5: detected capacity change from 0 to 64 [ 1143.192374][T16400] BFS-fs: bfs_fill_super(): loop5 is unclean, continuing [ 1143.664769][T16435] loop0: detected capacity change from 0 to 512 [ 1143.704112][T16435] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 1143.790252][T16435] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #16: comm syz.0.12967: invalid indirect mapped block 4294967295 (level 0) [ 1143.884857][T16435] loop0: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 1143.889634][T16435] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #16: comm syz.0.12967: invalid indirect mapped block 4294967295 (level 1) [ 1143.899082][ C0] EXT4-fs (loop0): error count since last fsck: 1 [ 1143.899114][ C0] EXT4-fs (loop0): initial error at time 1774365682: ext4_free_branches:1023: inode 16 [ 1143.899157][ C0] EXT4-fs (loop0): last error at time 1774365682: ext4_free_branches:1023: inode 16 [ 1143.944853][T16435] loop0: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 1143.969423][T16435] EXT4-fs (loop0): 1 orphan inode deleted [ 1144.000265][T16435] EXT4-fs (loop0): 1 truncate cleaned up [ 1144.018779][ T6026] usb 5-1: new high-speed USB device number 125 using dummy_hcd [ 1144.030302][T16435] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1144.150092][ T5868] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1144.200500][ T6026] usb 5-1: Using ep0 maxpacket: 32 [ 1144.208525][ T6026] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1144.226788][ T6026] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1144.250328][ T6026] usb 5-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 1144.269414][ T6026] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1144.308977][ T6026] usb 5-1: config 0 descriptor?? [ 1144.388265][T16503] loop1: detected capacity change from 0 to 64 [ 1144.515963][T16512] loop0: detected capacity change from 0 to 256 [ 1144.673913][T16512] FAT-fs (loop0): Directory bread(block 64) failed [ 1144.711336][T16512] FAT-fs (loop0): Directory bread(block 65) failed [ 1144.721813][T16278] chnl_net:caif_netlink_parms(): no params data found [ 1144.757773][T16512] FAT-fs (loop0): Directory bread(block 66) failed [ 1144.781492][ T6026] ft260 0003:0403:6030.0001: item fetching failed at offset 0/2 [ 1144.801614][T16512] FAT-fs (loop0): Directory bread(block 67) failed [ 1144.808332][T16512] FAT-fs (loop0): Directory bread(block 68) failed [ 1144.826350][ T6026] ft260 0003:0403:6030.0001: failed to parse HID [ 1144.836930][ T6026] ft260 0003:0403:6030.0001: probe with driver ft260 failed with error -22 [ 1144.861469][T16512] FAT-fs (loop0): Directory bread(block 69) failed [ 1144.887937][T16512] FAT-fs (loop0): Directory bread(block 70) failed [ 1144.910941][T16512] FAT-fs (loop0): Directory bread(block 71) failed [ 1144.944734][T16512] FAT-fs (loop0): Directory bread(block 72) failed [ 1144.980000][T16186] Bluetooth: hci1: command tx timeout [ 1144.995395][T16512] FAT-fs (loop0): Directory bread(block 73) failed [ 1145.002867][ T9] usb 5-1: USB disconnect, device number 125 [ 1145.106046][T18449] hsr_slave_0: left promiscuous mode [ 1145.122810][T18449] hsr_slave_1: left promiscuous mode [ 1145.132817][T18449] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1145.162706][T18449] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1145.229399][T16571] loop5: detected capacity change from 0 to 64 [ 1145.243203][T16573] loop1: detected capacity change from 0 to 512 [ 1145.256812][T16573] EXT4-fs: Ignoring removed nobh option [ 1145.274394][T16573] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 1145.298961][T16573] EXT4-fs (loop1): 1 truncate cleaned up [ 1145.327196][T16573] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1145.480224][ T5874] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1145.868005][T18449] team_slave_1 (unregistering): left promiscuous mode [ 1145.885405][T18449] team_slave_1 (unregistering): left allmulticast mode [ 1145.903496][T18449] team0 (unregistering): Port device team_slave_1 removed [ 1145.983580][T16609] netlink: 28 bytes leftover after parsing attributes in process `syz.4.12988'. [ 1146.013256][T18449] team_slave_0 (unregistering): left promiscuous mode [ 1146.047997][T18449] team_slave_0 (unregistering): left allmulticast mode [ 1146.067992][T18449] team0 (unregistering): Port device team_slave_0 removed [ 1146.216433][T16614] loop1: detected capacity change from 0 to 4096 [ 1146.354010][T18449] batadv0 (unregistering): left promiscuous mode [ 1146.360590][T18449] batadv0 (unregistering): left allmulticast mode [ 1146.370442][T18449] team0 (unregistering): Port device batadv0 removed [ 1146.404818][T16614] ntfs3(loop1): failed to convert "0080" to cp860 [ 1146.453390][T16614] ntfs3(loop1): failed to convert name for inode 1e. [ 1146.469917][T16614] ntfs3(loop1): ino=1f, mi_enum_attr [ 1146.689182][ T9] lo speed is unknown, defaulting to 1000 [ 1146.718335][ T9] infiniband syz2: ib_query_port failed (-19) [ 1146.951873][T16186] Bluetooth: hci1: command tx timeout [ 1147.114318][T16278] bridge0: port 1(bridge_slave_0) entered blocking state [ 1147.158401][T16278] bridge0: port 1(bridge_slave_0) entered disabled state [ 1147.169304][T16278] bridge_slave_0: entered allmulticast mode [ 1147.193738][T16278] bridge_slave_0: entered promiscuous mode [ 1147.217897][T16278] bridge0: port 2(bridge_slave_1) entered blocking state [ 1147.253863][T16278] bridge0: port 2(bridge_slave_1) entered disabled state [ 1147.284528][T16278] bridge_slave_1: entered allmulticast mode [ 1147.320267][T16278] bridge_slave_1: entered promiscuous mode [ 1147.512398][T16278] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1147.586326][T16278] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1147.606863][T16743] loop5: detected capacity change from 0 to 4096 [ 1147.658607][T16743] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 1147.674852][T16743] ntfs3(loop5): It is recommended to use chkdsk. [ 1147.733433][ T9] usb 1-1: new high-speed USB device number 126 using dummy_hcd [ 1147.778443][T16743] ntfs3(loop5): failed to convert "076c" to cp857 [ 1147.811491][T16743] ntfs3(loop5): ino=5, "/" ntfs_readdir [ 1147.847049][T16278] team0: Port device team_slave_0 added [ 1147.894942][T16278] team0: Port device team_slave_1 added [ 1147.903986][T18449] IPVS: stop unused estimator thread 0... [ 1147.936243][ T9] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1147.978979][ T9] usb 1-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1148.051633][ T9] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1148.091426][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1148.142343][ T9] usb 1-1: Product: syz [ 1148.159921][ T9] usb 1-1: Manufacturer: syz [ 1148.181445][T16278] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1148.189839][ T9] usb 1-1: SerialNumber: syz [ 1148.229318][T16278] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1148.252112][ T9] cdc_ncm 1-1:1.0: skipping garbage [ 1148.295257][ T9] cdc_ncm 1-1:1.0: NCM or ECM functional descriptors missing [ 1148.334773][T16278] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1148.356703][T16278] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1148.363607][ T9] cdc_ncm 1-1:1.0: bind() failure [ 1148.413555][ T9] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found [ 1148.430963][T16278] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1148.477575][ T9] cdc_ncm 1-1:1.1: bind() failure [ 1148.536704][ T9] usb 1-1: USB disconnect, device number 126 [ 1148.562259][T16278] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1148.927980][T16186] Bluetooth: hci1: command tx timeout [ 1148.985515][T16278] hsr_slave_0: entered promiscuous mode [ 1149.025743][T16278] hsr_slave_1: entered promiscuous mode [ 1149.090505][T16278] debugfs: 'hsr0' already exists in 'hsr' [ 1149.111246][T16278] Cannot create hsr debugfs directory [ 1149.450922][T16902] loop4: detected capacity change from 0 to 2048 [ 1149.525251][T16902] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1149.646544][T16931] loop1: detected capacity change from 0 to 1024 [ 1149.741243][T16931] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1149.976693][T16931] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4222: comm syz.1.13032: Allocating blocks 497-513 which overlap fs metadata [ 1150.216873][T16931] EXT4-fs (loop1): pa ffff888076af1488: logic 131104, phys. 177, len 21 [ 1150.226454][T16931] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5465: group 0, free 0, pa_free 1 [ 1150.369126][ T30] audit: type=1804 audit(1774365689.370:638): pid=17010 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.13039" name="/newroot/2222/cgroup.controllers" dev="tmpfs" ino=11405 res=1 errno=0 [ 1150.451874][ T30] audit: type=1800 audit(1774365689.401:639): pid=17010 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.13039" name="cgroup.controllers" dev="tmpfs" ino=11405 res=0 errno=0 [ 1150.492344][T16278] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 1150.536461][T16278] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 1150.584510][T16278] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 1150.665040][ T5874] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1150.765472][T16278] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 1151.302499][T16278] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1151.397780][T16278] 8021q: adding VLAN 0 to HW filter on device team0 [ 1151.413331][T15111] usb 6-1: new high-speed USB device number 122 using dummy_hcd [ 1151.507736][ T65] bridge0: port 1(bridge_slave_0) entered blocking state [ 1151.515048][ T65] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1151.578456][T18447] bridge0: port 2(bridge_slave_1) entered blocking state [ 1151.586062][T18447] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1151.635450][T15111] usb 6-1: Using ep0 maxpacket: 16 [ 1151.675314][T17081] Bluetooth: MGMT ver 1.23 [ 1151.694649][T15111] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1151.700440][T16278] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1151.724882][T15111] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1151.754995][T15111] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1151.814487][T15111] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1151.869631][T15111] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1151.917795][T15111] usb 6-1: config 0 descriptor?? [ 1152.078899][T17100] loop1: detected capacity change from 0 to 1024 [ 1152.095539][T17102] dummy0: entered allmulticast mode [ 1152.110861][T17102] dummy0: left allmulticast mode [ 1152.320538][T18455] hfsplus: b-tree write err: -5, ino 25 [ 1152.355059][T15111] microsoft 0003:045E:07DA.0002: unbalanced collection at end of report description [ 1152.363055][T18455] hfsplus: b-tree write err: -5, ino 4 [ 1152.383761][T17110] netlink: 20 bytes leftover after parsing attributes in process `syz.2.13060'. [ 1152.398228][T15111] microsoft 0003:045E:07DA.0002: parse failed [ 1152.403007][T18455] hfsplus: b-tree write err: -5, ino 2 [ 1152.429726][T17110] netlink: 20 bytes leftover after parsing attributes in process `syz.2.13060'. [ 1152.441008][T18455] hfsplus: b-tree write err: -5, ino 17 [ 1152.441462][T15111] microsoft 0003:045E:07DA.0002: probe with driver microsoft failed with error -22 [ 1152.482231][T15134] kernel write not supported for file /sequencer (pid: 15134 comm: kworker/0:8) [ 1152.646341][T16278] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1152.674299][T15111] usb 6-1: USB disconnect, device number 122 [ 1152.753195][T17133] loop2: detected capacity change from 0 to 256 [ 1153.252513][T17166] loop0: detected capacity change from 0 to 64 [ 1153.872917][T17202] netlink: 'syz.0.13079': attribute type 62 has an invalid length. [ 1153.910353][T16278] veth0_vlan: entered promiscuous mode [ 1153.984690][T16278] veth1_vlan: entered promiscuous mode [ 1154.092283][T16278] veth0_macvtap: entered promiscuous mode [ 1154.117919][T16278] veth1_macvtap: entered promiscuous mode [ 1154.147193][T17207] loop2: detected capacity change from 0 to 4096 [ 1154.172524][T16278] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1154.233640][T16278] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1154.371316][ T1155] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1154.393333][ T1155] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1154.436538][T18449] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1154.475349][T18449] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1154.641664][T17179] loop5: detected capacity change from 0 to 32768 [ 1154.669471][ T9] usb 1-1: new full-speed USB device number 127 using dummy_hcd [ 1154.845724][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1154.867194][T17179] ialloc: diAlloc returned -5! [ 1154.892800][T17179] ialloc: diAlloc returned -5! [ 1154.904814][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1154.963066][ T9] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 1154.977418][T18449] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1155.013697][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1155.025815][T18449] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1155.111046][ T9] usb 1-1: config 0 descriptor?? [ 1155.231184][ T9] hub 1-1:0.0: USB hub found [ 1155.274886][T18447] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1155.324478][T18447] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1155.333644][T17298] qnx4: block size(16384) > page size(4096) not supported by filesystem [ 1155.368383][ T9] hub 1-1:0.0: config failed, can't read hub descriptor (err -90) [ 1155.371612][T17298] qnx4: no qnx4 filesystem (no root dir). [ 1155.578985][ T9] usbhid 1-1:0.0: can't add hid device: -71 [ 1155.599716][ T9] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 1155.697276][ T9] usb 1-1: USB disconnect, device number 127 [ 1155.996761][T17340] netlink: 'syz.5.13101': attribute type 1 has an invalid length. [ 1156.015485][T17340] netlink: 96 bytes leftover after parsing attributes in process `syz.5.13101'. [ 1156.038709][T17340] netlink: 'syz.5.13101': attribute type 1 has an invalid length. [ 1156.047754][T17340] netlink: 638 bytes leftover after parsing attributes in process `syz.5.13101'. [ 1156.057806][T17340] netlink: 1 bytes leftover after parsing attributes in process `syz.5.13101'. [ 1156.379767][T17361] loop4: detected capacity change from 0 to 64 [ 1156.647501][T17375] loop6: detected capacity change from 0 to 1024 [ 1156.725066][T17375] EXT4-fs (loop6): stripe (4) is not aligned with cluster size (4096), stripe is disabled [ 1156.834015][T17375] EXT4-fs error (device loop6): ext4_map_blocks:776: inode #3: block 2: comm syz.6.13111: lblock 2 mapped to illegal pblock 2 (length 1) [ 1156.850514][T17396] loop5: detected capacity change from 0 to 2048 [ 1156.899384][T17375] loop6: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 1156.904507][T17375] Quota error (device loop6): qtree_write_dquot: dquota write failed [ 1156.908146][T15136] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 1156.913753][ C1] EXT4-fs (loop6): error count since last fsck: 1 [ 1156.936056][ C1] EXT4-fs (loop6): initial error at time 1774365696: ext4_map_blocks:776: inode 3: block 2 [ 1156.946153][ C1] EXT4-fs (loop6): last error at time 1774365696: ext4_map_blocks:776: inode 3: block 2 [ 1156.960299][T17396] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1157.005568][T17404] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1157.009447][T17375] EXT4-fs error (device loop6): ext4_map_blocks:776: inode #3: block 48: comm syz.6.13111: lblock 0 mapped to illegal pblock 48 (length 1) [ 1157.069095][T17375] loop6: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 1157.069455][T17375] Quota error (device loop6): v2_write_file_info: Can't write info structure [ 1157.134147][T17375] EXT4-fs error (device loop6): ext4_acquire_dquot:7001: comm syz.6.13111: Failed to acquire dquot type 0 [ 1157.155691][T17375] loop6: lost filesystem error report for type 5 error -117 [ 1157.157999][T17375] EXT4-fs error (device loop6) in ext4_reserve_inode_write:6246: Corrupt filesystem [ 1157.204005][T17375] loop6: lost filesystem error report for type 5 error -117 [ 1157.204513][T17375] EXT4-fs error (device loop6): ext4_evict_inode:255: inode #11: comm syz.6.13111: mark_inode_dirty error [ 1157.258018][T17375] loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 1157.258382][T17375] EXT4-fs warning (device loop6): ext4_evict_inode:258: couldn't mark inode dirty (err -117) [ 1157.297326][T17375] EXT4-fs (loop6): 1 orphan inode deleted [ 1157.305326][T17375] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1157.310237][T15136] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023 [ 1157.328360][ T3007] EXT4-fs error (device loop6): ext4_map_blocks:776: inode #3: block 1: comm kworker/u8:10: lblock 1 mapped to illegal pblock 1 (length 1) [ 1157.362742][ T3007] loop6: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 1157.365044][ T3007] Quota error (device loop6): remove_tree: Can't read quota data block 1 [ 1157.391705][T15136] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A [ 1157.409989][T15136] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121 [ 1157.431075][ T3007] EXT4-fs error (device loop6): ext4_release_dquot:7037: comm kworker/u8:10: Failed to release dquot type 0 [ 1157.462363][T17406] loop2: detected capacity change from 0 to 4096 [ 1157.478271][T15136] usb 1-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10 [ 1157.500418][T15136] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1157.519400][T15136] usb 1-1: Product: syz [ 1157.523641][T15136] usb 1-1: Manufacturer: syz [ 1157.544695][T15136] usb 1-1: SerialNumber: syz [ 1157.574153][T16278] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1157.584773][ T3007] EXT4-fs error (device loop6): ext4_map_blocks:776: inode #3: block 1: comm kworker/u8:10: lblock 1 mapped to illegal pblock 1 (length 1) [ 1157.614247][T15136] usb 1-1: config 0 descriptor?? [ 1157.625280][T17379] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 1157.640824][T17379] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 1157.645719][ T3007] loop6: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 1157.650924][ T3007] Quota error (device loop6): remove_tree: Can't read quota data block 1 [ 1157.670891][T15136] usb 1-1: ucan: probing device on interface #0 [ 1157.718062][ T3007] EXT4-fs error (device loop6): ext4_release_dquot:7037: comm kworker/u8:10: Failed to release dquot type 0 [ 1157.740507][T15134] usb 6-1: new high-speed USB device number 123 using dummy_hcd [ 1157.775561][ T3007] loop6: lost filesystem error report for type 5 error -117 [ 1157.777112][T16278] EXT4-fs error (device loop6): __ext4_get_inode_loc:4782: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 1157.837018][T16278] loop6: lost filesystem error report for type 5 error -117 [ 1157.840371][T16278] EXT4-fs error (device loop6) in ext4_reserve_inode_write:6246: Corrupt filesystem [ 1157.897708][T16278] loop6: lost filesystem error report for type 5 error -117 [ 1157.898102][T16278] EXT4-fs error (device loop6): ext4_quota_off:7285: inode #3: comm syz-executor: mark_inode_dirty error [ 1157.932837][T15134] usb 6-1: Using ep0 maxpacket: 16 [ 1157.968357][T15134] usb 6-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 1157.982485][T16278] loop6: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 1158.001692][T15134] usb 6-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 1158.051468][T15134] usb 6-1: Product: syz [ 1158.065603][T15134] usb 6-1: Manufacturer: syz [ 1158.089027][T15136] usb 1-1: ucan: device reported invalid device info [ 1158.095796][T15136] usb 1-1: ucan: probe failed; try to update the device firmware [ 1158.106445][T15134] usb 6-1: SerialNumber: syz [ 1158.155573][T15134] usb 6-1: config 0 descriptor?? [ 1158.422302][T15136] usb 1-1: USB disconnect, device number 2 [ 1158.502601][T15134] usb 6-1: USB disconnect, device number 123 [ 1158.660614][T17494] loop4: detected capacity change from 0 to 128 [ 1158.681044][T17494] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 1158.728240][T17494] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 1158.903076][ T65] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 1158.997555][T17515] loop2: detected capacity change from 0 to 512 [ 1159.089007][T17515] EXT4-fs: Ignoring removed orlov option [ 1159.141696][T17515] EXT4-fs: Ignoring removed bh option [ 1159.166576][T17515] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1159.200598][T17515] EXT4-fs (loop2): orphan cleanup on readonly fs [ 1159.252871][T17515] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.13140: bg 0: block 248: padding at end of block bitmap is not set [ 1159.296199][T17515] loop2: lost filesystem error report for type 5 error -117 [ 1159.296895][T17515] Quota error (device loop2): write_blk: dquota write failed [ 1159.304345][ C1] EXT4-fs (loop2): error count since last fsck: 1 [ 1159.304376][ C1] EXT4-fs (loop2): last error at time 1774365698: ext4_validate_block_bitmap:441 [ 1159.331240][T17515] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 1159.343215][T17515] EXT4-fs error (device loop2): ext4_acquire_dquot:7001: comm syz.2.13140: Failed to acquire dquot type 1 [ 1159.355836][T17515] loop2: lost filesystem error report for type 5 error -117 [ 1159.357838][T17515] EXT4-fs (loop2): 1 truncate cleaned up [ 1159.409592][T17515] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1159.422718][T15134] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 1159.531110][T17544] loop5: detected capacity change from 0 to 2048 [ 1159.573552][T15134] usb 1-1: Using ep0 maxpacket: 16 [ 1159.581111][T15134] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 1159.585553][ T5873] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1159.590204][T15134] usb 1-1: config 0 has no interface number 0 [ 1159.614707][T15134] usb 1-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d [ 1159.630878][T15134] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1159.632501][T17544] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1159.640460][T15134] usb 1-1: Product: syz [ 1159.665599][T15134] usb 1-1: Manufacturer: syz [ 1159.675508][T15134] usb 1-1: SerialNumber: syz [ 1159.778696][T15134] usb 1-1: config 0 descriptor?? [ 1159.796579][T17561] netlink: 24 bytes leftover after parsing attributes in process `syz.6.13150'. [ 1159.820121][T15134] gspca_main: spca1528-2.14.0 probing 04fc:1528 [ 1159.935793][ T5887] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1160.025792][T17567] loop4: detected capacity change from 0 to 256 [ 1160.083257][T17567] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x204323ec, utbl_chksum : 0xe619d30d) [ 1160.406774][T15134] gspca_spca1528: reg_w err -71 [ 1160.431362][T15134] spca1528 1-1:0.1: probe with driver spca1528 failed with error -71 [ 1160.471985][T15134] usb 1-1: USB disconnect, device number 3 [ 1160.536468][T17604] netlink: 52 bytes leftover after parsing attributes in process `syz.4.13159'. [ 1160.575950][T17604] tipc: Invalid UDP bearer configuration [ 1160.576022][T17604] tipc: Enabling of bearer rejected, failed to enable media [ 1160.691528][T17615] loop5: detected capacity change from 0 to 64 [ 1160.873249][ T5887] hfs: node 4:3 still has 1 user(s)! [ 1161.256240][T17646] loop5: detected capacity change from 0 to 1024 [ 1161.266714][T17647] netlink: 76 bytes leftover after parsing attributes in process `syz.1.13171'. [ 1161.296545][T17647] netlink: 76 bytes leftover after parsing attributes in process `syz.1.13171'. [ 1161.818919][T17672] loop0: detected capacity change from 0 to 256 [ 1161.850451][T15134] usb 2-1: new high-speed USB device number 122 using dummy_hcd [ 1161.882401][T17683] loop2: detected capacity change from 0 to 128 [ 1161.891839][T17678] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1161.933733][T17672] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d) [ 1161.953109][T17683] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1161.999659][T17683] ext4 filesystem being mounted at /2254/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1162.039507][T17694] netlink: 8 bytes leftover after parsing attributes in process `syz.6.13182'. [ 1162.076955][T15134] usb 2-1: New USB device found, idVendor=0c45, idProduct=6005, bcdDevice=b5.55 [ 1162.081472][ T5873] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1162.108666][T15134] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1162.116717][T15134] usb 2-1: Product: syz [ 1162.154931][T15134] usb 2-1: Manufacturer: syz [ 1162.186993][T15134] usb 2-1: SerialNumber: syz [ 1162.217361][T15134] usb 2-1: config 0 descriptor?? [ 1162.223567][T15134] gspca_main: sonixb-2.14.0 probing 0c45:6005 [ 1162.392136][T17715] loop2: detected capacity change from 0 to 64 [ 1162.564704][T17713] loop6: detected capacity change from 0 to 4096 [ 1162.581061][T17713] ntfs3: Bad value for 'gid' [ 1162.596419][T17713] ntfs3: Bad value for 'gid' [ 1162.665960][T15134] input: sonixb as /devices/platform/dummy_hcd.1/usb2/2-1/input/input65 [ 1162.846418][T15134] usb 2-1: USB disconnect, device number 122 [ 1162.871215][T16186] Bluetooth: hci1: command tx timeout [ 1163.534615][T17783] loop0: detected capacity change from 0 to 2048 [ 1163.578820][T17783] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1163.991595][T17813] block nbd0: shutting down sockets [ 1164.337766][T17837] ip6tnl0: Caught tx_queue_len zero misconfig [ 1164.826816][T17870] loop1: detected capacity change from 0 to 24 [ 1164.984505][T17874] loop6: detected capacity change from 0 to 1024 [ 1165.433351][T18455] hfsplus: b-tree write err: -5, ino 25 [ 1165.494686][T18455] hfsplus: b-tree write err: -5, ino 4 [ 1165.509821][T18455] hfsplus: b-tree write err: -5, ino 2 [ 1165.821452][T17925] loop0: detected capacity change from 0 to 64 [ 1165.828690][T17919] loop6: detected capacity change from 0 to 512 [ 1165.894329][T17919] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1166.143312][T17943] netlink: 16 bytes leftover after parsing attributes in process `syz.1.13241'. [ 1166.178057][T18447] ------------[ cut here ]------------ [ 1166.183949][T18447] kernel BUG at fs/hfs/inode.c:474! [ 1166.201492][T18447] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI [ 1166.207963][T18447] CPU: 1 UID: 0 PID: 18447 Comm: kworker/u8:13 Tainted: G L syzkaller #0 PREEMPT(full) [ 1166.219183][T18447] Tainted: [L]=SOFTLOCKUP [ 1166.223517][T18447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1166.233766][T18447] Workqueue: writeback wb_workfn (flush-7:0) [ 1166.239869][T18447] RIP: 0010:hfs_write_inode+0x934/0x960 [ 1166.245451][T18447] Code: 40 31 ff e8 7e 56 15 ff 81 e3 00 00 00 40 75 1c e8 31 52 15 ff 48 bb f8 f8 f8 f8 f8 f8 f8 f8 e9 dc f7 ff ff e8 1d 52 15 ff 90 <0f> 0b e8 15 52 15 ff e8 e0 b2 82 fe eb dd 44 89 f1 80 e1 07 80 c1 [ 1166.265416][T18447] RSP: 0018:ffffc9000549f1a0 EFLAGS: 00010293 [ 1166.271764][T18447] RAX: ffffffff82b04ec3 RBX: ffff8880786ea218 RCX: ffff88804b921e80 [ 1166.279832][T18447] RDX: 0000000000000000 RSI: ffffffff8e9c6980 RDI: 0000000000000000 [ 1166.287800][T18447] RBP: ffffc9000549f328 R08: ffff88804b921e80 R09: 0000000000000003 [ 1166.295775][T18447] R10: 0000000000000004 R11: 0000000000000000 R12: dffffc0000000000 [ 1166.303748][T18447] R13: 1ffff92000a93e38 R14: 0000000000000000 R15: ffff8880786ea1d8 [ 1166.311737][T18447] FS: 0000000000000000(0000) GS:ffff888125560000(0000) knlGS:0000000000000000 [ 1166.320667][T18447] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1166.327282][T18447] CR2: 00007f1fb52cb000 CR3: 0000000059c24000 CR4: 0000000000350ef0 [ 1166.335274][T18447] Call Trace: [ 1166.338585][T18447] [ 1166.341509][T18447] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1166.347145][T18447] ? __lock_acquire+0x6b5/0x2cf0 [ 1166.352175][T18447] ? __pfx_hfs_write_inode+0x10/0x10 [ 1166.357560][T18447] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1166.363316][T18447] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1166.368977][T18447] ? do_raw_spin_unlock+0xf5/0x210 [ 1166.374265][T18447] __writeback_single_inode+0x75a/0x11a0 [ 1166.379920][T18447] writeback_sb_inodes+0x992/0x1a20 [ 1166.385494][T18447] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 1166.391231][T18447] ? do_raw_spin_lock+0x12b/0x2f0 [ 1166.396281][T18447] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1166.402089][T18447] ? rcu_is_watching+0x15/0xb0 [ 1166.406963][T18447] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1166.412963][T18447] wb_writeback+0x456/0xb70 [ 1166.417488][T18447] ? queue_io+0x271/0x4a0 [ 1166.421923][T18447] ? __pfx_wb_writeback+0x10/0x10 [ 1166.426956][T18447] ? do_raw_spin_lock+0x12b/0x2f0 [ 1166.432166][T18447] wb_workfn+0x414/0xf50 [ 1166.436637][T18447] ? look_up_lock_class+0x57/0x110 [ 1166.441847][T18447] ? __pfx_wb_workfn+0x10/0x10 [ 1166.446705][T18447] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1166.452540][T18447] ? do_raw_spin_lock+0x12b/0x2f0 [ 1166.457571][T18447] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1166.463035][T18447] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1166.468764][T18447] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1166.474402][T18447] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1166.480044][T18447] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1166.485685][T18447] ? process_scheduled_works+0xa8d/0x18c0 [ 1166.491421][T18447] ? process_scheduled_works+0xa8d/0x18c0 [ 1166.497166][T18447] process_scheduled_works+0xb6e/0x18c0 [ 1166.502749][T18447] ? __pfx_process_scheduled_works+0x10/0x10 [ 1166.508762][T18447] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1166.514500][T18447] ? assign_work+0x3d5/0x5e0 [ 1166.519120][T18447] worker_thread+0xa53/0xfc0 [ 1166.523738][T18447] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1166.529402][T18447] kthread+0x388/0x470 [ 1166.533480][T18447] ? __pfx_worker_thread+0x10/0x10 [ 1166.538700][T18447] ? __pfx_kthread+0x10/0x10 [ 1166.543302][T18447] ret_from_fork+0x51e/0xb90 [ 1166.547966][T18447] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1166.553887][T18447] ? __pfx_ret_from_fork+0x10/0x10 [ 1166.559003][T18447] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1166.564642][T18447] ? __switch_to+0xc7d/0x1450 [ 1166.569404][T18447] ? __pfx_kthread+0x10/0x10 [ 1166.574160][T18447] ret_from_fork_asm+0x1a/0x30 [ 1166.578936][T18447] [ 1166.581943][T18447] Modules linked in: [ 1166.587597][T18447] ---[ end trace 0000000000000000 ]--- [ 1166.813730][T18447] RIP: 0010:hfs_write_inode+0x934/0x960 [ 1166.814279][T16278] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1166.819423][T18447] Code: 40 31 ff e8 7e 56 15 ff 81 e3 00 00 00 40 75 1c e8 31 52 15 ff 48 bb f8 f8 f8 f8 f8 f8 f8 f8 e9 dc f7 ff ff e8 1d 52 15 ff 90 <0f> 0b e8 15 52 15 ff e8 e0 b2 82 fe eb dd 44 89 f1 80 e1 07 80 c1 [ 1166.850566][T18447] RSP: 0018:ffffc9000549f1a0 EFLAGS: 00010293 [ 1166.856727][T18447] RAX: ffffffff82b04ec3 RBX: ffff8880786ea218 RCX: ffff88804b921e80 [ 1166.872839][T18447] RDX: 0000000000000000 RSI: ffffffff8e9c6980 RDI: 0000000000000000 [ 1166.882098][T18447] RBP: ffffc9000549f328 R08: ffff88804b921e80 R09: 0000000000000003 [ 1166.893038][T18447] R10: 0000000000000004 R11: 0000000000000000 R12: dffffc0000000000 [ 1166.901507][T18447] R13: 1ffff92000a93e38 R14: 0000000000000000 R15: ffff8880786ea1d8 [ 1166.923846][T18447] FS: 0000000000000000(0000) GS:ffff888125460000(0000) knlGS:0000000000000000 [ 1166.933044][T18447] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1166.940222][T18447] CR2: 0000001b33d20ff8 CR3: 00000000733b5000 CR4: 0000000000350ef0 [ 1166.955838][T18447] Kernel panic - not syncing: Fatal exception [ 1166.962140][T18447] Kernel Offset: disabled [ 1166.966486][T18447] Rebooting in 86400 seconds..