last executing test programs: 8m9.832218443s ago: executing program 1 (id=1922): openat$random(0xffffffffffffff9c, &(0x7f0000002c00), 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}}) 8m9.442947208s ago: executing program 1 (id=1925): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000580)='./file0\x00', 0x2000006, &(0x7f0000000200)={[{@rodir}, {@fat=@errors_continue}, {@uni_xlateno}, {@uni_xlate}, {@fat=@codepage={'codepage', 0x3d, '869'}}, {@shortname_lower}, {@rodir}, {@iocharset={'iocharset', 0x3d, 'maccyrillic'}}, {@iocharset={'iocharset', 0x3d, 'iso8859-6'}}, {@iocharset={'iocharset', 0x3d, 'cp949'}}, {@utf8}, {@iocharset={'iocharset', 0x3d, 'iso8859-6'}}, {@utf8no}, {@shortname_lower}, {@shortname_lower}]}, 0x28, 0x368, &(0x7f00000009c0)="$eJzs3U9oHNUfAPDvdpJsWtpfcvhB0dPqTRBpK4J6SigVijloZfHfxcWmWrNrIYsL6SGbvSjFk+JF0JO3HvTYs3gQ8ebBqxakKl7sRQoNjuzu7OxsdleTw8YWP59D+Ob73nfem5lHZhKSl9fasXFxPi7dvn0rFhdLMbdydiXulGI5jkQSfTsx0fsLk/MAwD3uTprG72nfP/f+8Ngg8uwHgPtX7/n/xolhonyA4mvHZzElAGDG9vn9/3MTs1dmNi0AYIbGnv8PjzTv+TH/XP47AQDA/euFl195dnUt4kKlshjReK9VbVXj6WH76qW4HPVYj1OxFLsR/ReF/ttC9+Mz59fOnap0/bwc1W5FqxrRaLeq/TeF1SQup/Uox+lYiuWsPs3rk2796V59JSJ22r3xo1FqVefjWDb+D8diPc7EUvx/rD7i/Nq5M5XsANXGoL4d0YnFwUl055/EUnz3elyJelyMbu1w/tunK5Wz6dpIfet6udcPAAAAAAAAAAAAAAAAAAAAAABm4bFKbjnf/yZttFvvXhjpcDPrn++PU+1/nu0P1OnvD5SWB7vzXEv27g80uj9PqzoXR/61swYAAAAAAAAAAAAAAAAAAIB7S3NrIWr1+vpmc+vqRjFoFzJvf/P5V0dj0DSXlb6VDKsiS65vNufzIw86Fo6cRD5EmpenyUifLEgiBp13atdv5DMu9innY42Vd4PyWFMpm1OtXj/x0E+fTKr6sxvs9DJJjF2W0aCUjV9oavyvm1iMiN1pVdOD8uR7kQd/pGk6rXz74/GqKEXMxYGnsY/g61tvPvB48+QTvcyX2aYPjzy69OKPH33260atHp3+lanXFzabu+nk4xwv3p3uXMf7JIX1U8quc2nCSpgcdIaZzmZzq5Z8/9tLD37w7Z7OyeT1kxYz70wf64u9mYV+UIpYHlyEv5vq/ITF3w2eHL2VVzdqr97NV+/UFT41OPnpSu3G9s1f9nuXC18kbNQBAAAAAAAAAAAAAAAAAACHovAHxgfw1POzmxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHL7h//8vBJ2xzH6Cu+0YbyqvbzanDn70UE8VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sL8CAAD//7JXbAQ=") r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x188) getdents(r0, &(0x7f0000001fc0)=""/184, 0x20002078) 8m8.710563239s ago: executing program 1 (id=1936): syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000300)='.\x02\x00', 0x1008008, &(0x7f0000000040)=ANY=[], 0x1, 0x2ee, &(0x7f0000000a80)="$eJzs3c1qE18UAPCTj6Zp+fNv1+Ii4EY3RV27CVJBDBQqWagbA60grQjTTRSEPIX4AK58JBc+RFcFF5HJjEmaDwplOmnt7wfTnrmn3LkzXHJncU/z9u6Ho4OPJ++GP79Fs9mKejQjziK2oxq1yFTSH82/cSOmDWrnTmM9AIDrbn+/116WG5Q7FApRn2tJknZvbeG7WfdHSYMCAAAAAAAAAACgYPP7/2OwcP9/RFTP7/8fBYOZegAA4Ppbtv9/fhc5N1WStHub2fvbTLWm/f8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA6tRjuDUcDh/8l52m8eRoxNaqxwcAFO9ser0fH7+HOes/APyDFq//k2PV4wMAije1/kdcsP7XVjdMAKBAL1+9ftHudHb3W61mxOmg3+13s99Z/tnzzu7D1sh2RFSz1tN+v1sb5x9l+dak1zS/Fpt5/vHCfCPu38vyae7pXmcmvx4H5TwCAAAAAAAAAAAAAAAAAAAAWLmdURl/JSKr789N6vt3dva+/no/rv+fymdR/v8BqjFT3//lez3u1LOz6tKrrxd8NwAAAAAAAAAAAAAAAAAAAHAznXz6fNQ7Pj5MygkqEVFsz7WIGAX1vKVW+CWmgqvrOQ2aMQoqMZdqRMSle04f+uJUmrnMUBv57DlMTiIuc6dP3kRc+MeVo42YS22UP2mvNtjIn2XZV18yJY7/j+Zosi37xGiU88EEAAAAAAAAAAAAAAAAAAC30FQ9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcWuPv/6/mDcm4pbBgxbcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3BJ/AgAA///w+mzI") syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f00000000c0)='./bus\x00', 0x2c600, 0x0, 0xbe, 0x0, &(0x7f00000007c0)) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x4, 0x1) 8m8.217760347s ago: executing program 1 (id=1938): symlinkat(&(0x7f0000000080)='.\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00') mount$9p_unix(&(0x7f00000000c0)='./file0/file0/..\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x12d7498, 0x0) umount2(&(0x7f0000000000)='./file0\x00', 0x0) 8m7.870906088s ago: executing program 1 (id=1940): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000003c0)={0x54, r1, 0xfe12482fe0801d67, 0x0, 0x25dfdbff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x2}, {0xc, 0x8f, 0x7fffffff}, {0xc, 0x90, 0x9}}]}, 0x54}, 0x1, 0x0, 0x0, 0x20040010}, 0x4000810) 8m7.437812354s ago: executing program 1 (id=1941): r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) preadv(r0, &(0x7f0000000480)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}, {&(0x7f0000000340)=""/144, 0x90}], 0x2, 0x0, 0x0) read$FUSE(r0, &(0x7f0000004500)={0x2020}, 0xfffffe0c) 8m7.164680656s ago: executing program 32 (id=1941): r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) preadv(r0, &(0x7f0000000480)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}, {&(0x7f0000000340)=""/144, 0x90}], 0x2, 0x0, 0x0) read$FUSE(r0, &(0x7f0000004500)={0x2020}, 0xfffffe0c) 5m21.143096257s ago: executing program 4 (id=3404): socket$inet6_udp(0xa, 0x2, 0x0) r0 = syz_open_dev$usbmon(&(0x7f0000001580), 0x5, 0x8240) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0xd9f0f) 5m20.77567344s ago: executing program 4 (id=3409): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000640)='/proc/key-users\x00', 0x0, 0x0) r1 = openat$sysfs(0xffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x1c9a82, 0x0) sendfile(r1, r0, 0x0, 0xbc44) 5m20.274693677s ago: executing program 4 (id=3415): syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x2008052, &(0x7f00000005c0)={[{@noauto_da_alloc}, {@errors_remount}, {@dioread_nolock}]}, 0x3, 0x4cf, &(0x7f0000000740)="$eJzs3E9sFNUfAPDvbFta/v3oDxEFUYtobCS2UFA4mBiMJh40MeJBj01bCFKooSURgmZJDB4NiXfj0asHr+qFGE8mXvFoYkiI4QKYGNfM7szudpltabvt2vTzSZZ5b/699+bNm33zXpcANqyh9J+kFr4ZETsiotS6w1Btce/OlYn7d65MRLlSOflnUj3sbhrPZKeJrVlkuBRR+ixpbGgye+ny2fHp6akLWXx07txHo7OXLr945tz46anTU+fHjh8/euTwsZfHXlp6oQrSS8t1d++nM/v2vPnB9bcnevP1A9myuRydMhRDRVmpeq7TiXXZ9qZw0tvFjLAk6f2fVldftf3viJ5QebBRVCqVSn/7zeVKq6sPrAHWrSS6nQOgO/Iv+vT9N/8UdQQ2rU73o+tun6i9AKXlvpd9Ip6urszHQfpa3m87aSgi3i//9VX6iVUahwAAaPbDibwn2NL/G6zNjPx98car6fJ/2RzKYET8PyJ2RsQjEbErIh6NiN0R8VhEPN5y/p6IqCyQ/lBLvJ5+fRKqdKtDRS2U9v9eyea2Gv2/eRkY7Mli2yPyDvPUoeyaDEdf/6kz01OHF0jjx9d//aLdtub+X/pJ08/7glk+bvW2DNBNjs+NL7vALW5fjdjb21r+pDciqc8EJBGxJyL2LuG8g03hMy98s68e6Zu/3+Llr6oUzqN1YKqi8nXE87X6L8e8+m+kmCw8Pzk6ENNTh0bTu+BQYRo//3LtnXbpL1r+735vPeSNY9+fzFrWyqX1v6Xp/o98/rZR/sEkIqnP184uPY1rv33e9p1muff/puS9ajh/L/14fG7uwuGITclbD64faxybx9NllGvlHz5Q3P53ZsekV+KJiEhv4icj4qmovSGmed8fEc9ExIEFyv/Ta89+uPzyr660/JOFz7959d+Yr28XSMq1vQs29Zzdf/N+m4fHw9X/0WpoOFtT/PxL5j0i2uU0/7ZL1/yz0osHAAAA60QpIrY1jSVti1JpZKQ2BrQrtpSmZ2bnDp6auXh+Mt0WMRh9pXykqzYe3Jfk45+DTfGxlviRbNz4y57N1fjIxMz0ZFdLDmyttvmkNFJ/FtTaf+qPzgwxA/9lfvIDG9dC7T/txO++voaZAdbUw3//3/hkVTMCrLmm9l9us0t5GX/3BawD3v+BhnbdgAbPDFj/KtoybGhLav8HF+8bAOtHb7xbD5e6mhNgren/w4a06O/6VxSo9BdvGogHd46BhU/YE8vLxuaCtLoSSHtWXUl983KOyv83hbb7RGlpJ+yPztTpqRVejfKF2dO7O37zV7K/le90DX67Ju20KNCVxxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDH/RsAAP//sp/iug==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) 5m19.500048804s ago: executing program 4 (id=3422): syz_mount_image$udf(&(0x7f0000000c40), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='noadinicb,nostrict,mode=00000000000000000000004,uid=forget,noadinicb,umask=00000000000000040002000,lastblock=00000000000000000013,undelete,partition=00000000000000000005,\x00'], 0x43, 0xc11, &(0x7f0000000d00)="$eJzs3V1oXOl5B/DnnSOtRto00WYTb9Jm04GUxCi18VdsBZcgZxW1AccbIit0r6LRh51h5ZGR5MabtkFtSQu9Cd2b0psimi4t5KJX3V5WabaQUAol5CK9KAiaLHvRC10ECi0bhXPmHWlky7ayXlvS7u+3zP7PnHnO+P0YnzkCvzoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAER89nOXTp1OB90KAOBxujL5pVNnff8DwLvKVT//AwAAAAAAAAAAAADAYZeiiGORYujVzTRdPe+oX261b92eGp/Y+7DBFClqUVT15aN++szZc586f2G0m/c//u324Xh+8uqlxnOLN24uzS8vz881ptqt2cW5+X2/w8Mef6eRagAaN168NXft2nLjzMmzu16+Pfz6wJPHhi9eOHF+tFs7NT4xMdlT09f/lv/0u9xrhccTUUQzUrw5/EZqRkQtHn4sHvDZedQGq06MVJ2YGp+oOrLQarZXyhdTLVfVIho9B411x+gxzMVDGYtYLZtfNnik7N7kzeZSc2ZhvvHF5tJKa6W12E61TmvL/jSiFqMpYi0iNgbufrv+KOKjkeLlU5tpJiKK7jh8sloY/OD21B5BH/ehbGejP2KtdgTm7BAbiCKuRIqfvXY8Zssxy4/4eMQXynw14pUyPxORyg/GuYif7vE54mjqiyL+PVIsps00V50PuueVy19ufL59bbGntnteOfLfD4/TIT831aOImeqMv5ne+sUOAAAAAAAAAAAAAAAAAG+3wSji25HiT579vWpdcVTr0t93cfQ9L/x275rxZx7wPmXtyYhYre1vTW5/XjqcauV/j6Bj7Es9ivhGXv/3RwfdGAAAAAAAAAAAAAAAAAAAgHe1Il6IFF85cTytRe89xVvt642rzZmFzl1hu/f+7d4zfWtra6uROjmWczrnas61nOs5N3JGLR+fcyzndM7VnGs513Nu5IwiH59zLOd0ztWcaznXc27kjL58fM6xnNM5V3Ou5VzPuZEzDsm9ewEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3klqUcTPI8W3vraZIkXEWMR0dHJ94KBbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU6qmIk5Fi/YV69XytFnE1In6+tbXVfUTEZpkP66D7CgAAAAAAAAAAAAAAAAAAAIdWKuJjkeLp/9tMjYi4Pfz6wJPHhi9eOHF+tIgiUlnSW//85NVLjecWb9xcml9enp9rTLVbs4tz8/v94+qXW+1bt6fGJx5JZx5o8BG3f7D+3OLNl5Za17+6sufrQ/VLM8srS83ZvV+OwahFTPfuGakaPDU+UTV6odVsV4em2j0aWIsY229nAAAAAAAAAAAAAAAAAAAAODSGUhGfixQ/+a9zqbtuvK+z5v9XOs+K7dpX/mDndwEs3JFdvb8/YD/bab8NHakW3jemxicmJnt29/XfXVq2KaUinokUn3j5Q9V6+BRDe66NL+veW9bdOJfrhn+trFvdVVUfmRqfaFxZbJ+4tLCwONtcac4szDcmbzZn9/2LAwAAAAAAAAAAAAAAAAAAAOA+hlIRP4oU//P3/5G6953P6//7Os961v//VrWEvlJPu3Nbtbb/vdXa/s72+y6ODn302XvtfxTr/8s2pVTENyPF2R99qLqffnf9//QdtWXdn0WKN579SK6rPVHWNbvd6bzjtdbC/Kmy9q8jxa+/2a2NqvZ6rn16p/Z0WTsYKf5yc3ftV3PtB3Zqz5S1xyPF9/5779oP7tSeLWt/Ein+6e8a3dqhsvb3c+2xndqTs4sLcw8a1nL+vxMp/vbK76Run+85/z2//2H1jtx215zff/vtmv/hnn2reV7/NM9/8wHzfz5SfKf+kVzXGfuZ/PpT1f935v8TkeI//2137bVc+/6d2tP77dZBK+f/25Hiu3/14+0+5/nPI7szQ73z/6t9u3P7U3JA8/9Uz77h3K7ZX3Is3o2WX/r6i82FhfklGzZs2NjeOOgzE49D+f3/55Hi/48VqXsdk7//39N5tnP997/f2Pn+v3hHbjug7//39+y7mK9a+vsi6is3bvY/E1FffunrJ1o3mtfnr8+3z5w+9elPnz996vT5/ie6F3c7W/seu3eCcv5/ECl++A8/3P45Zvf1397X/0N35LYDmv+ne/u067pm30PxrlTO/99Eiqc+++Ptnzfvd/3f/fn/+Md25/bfvwOa/w/07BvO7Wr9kmMBAAAAAAAAAABwlAylIv4iUvzuH/9m6q4h2s+//5u7I7cd0L//Otazb+4xrWvY9yADABwi5fXfByPFP299f3st9+7rv/iNbm3v9d+9HIb7/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFGXoog/jBRDr26m9YHyeUf9cqt96/bU+MTehw2mSFGLoqovH/XTZ86e+9T5C6PdvP/xb7cPx/OTVy81nlu8cXNpfnl5fq4x1W7NLs7N7/sdHvb4O41UA9C48eKtuWvXlhtnTp7d9fLt4dcHnjw2fPHCifOj3dqp8YmJyZ6avv63/KffJd1j/xNRxPcjxZvDb6TvDkTU4uHH4gGfnUdtsOrESNWJqfGJqiMLrWZ7pXwx1XJVLaLRc9BYd4wew1w8lLGI1bL5ZYNHyu5N3mwuNWcW5htfbC6ttFZai+1U67S27E8jajGaItYiYmPg7rfrjyK+GSlePrWZ/mUgouiOwyevTH7p1NkHt6f2CPq4D2U7G/0Ra7UjMGeH2EAU8Y+R4mevHY/vDUT0RecRH4/4QpmvRrxS5mciUvnBOBfx0z0+RxxNfVHEuUixmDbTawPl+aB7Xrn85cbn29cWe2q755Uj//3wOB3yc1M9ivhBdcbfTP/q7zUAAAAAAAAAAAAAAADAIVLEWqT4yonjqVofvL2muNW+3rjanFnoLOvrrv3rrpne2traaqROjuWczrmacy3nes6NnFHLx+ccyzmdczXnWs71nBs5o8jH5xzLOZ1zNedazvWcGzmjLx+fcyzndM7VnGs513Nu5IxDsnYPAAAAAAAAAAAAAAAAAAB4Z6lFUd3F/Vtf20xbA537S09HJ9fdD/Qd7xcBAAD//0kCdPc=") mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) 5m18.501141272s ago: executing program 4 (id=3427): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth1_macvtap\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=@newlink={0x44, 0x10, 0x401, 0xfffffffc, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x31943}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x7}]}, 0x44}, 0x1, 0x0, 0x0, 0x2004d808}, 0x0) 5m16.762714411s ago: executing program 4 (id=3434): mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_int(r0, 0x0, 0x31, &(0x7f0000000180)=0x6, 0x3) 5m16.003246654s ago: executing program 33 (id=3434): mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_int(r0, 0x0, 0x31, &(0x7f0000000180)=0x6, 0x3) 4.742818053s ago: executing program 6 (id=6049): getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) syz_clone(0x22023500, 0x0, 0xff4e, 0x0, 0x0, 0x0) 4.502859986s ago: executing program 3 (id=6053): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000006600000008000300", @ANYRES32=r2, @ANYBLOB="08002600940900000800b7"], 0x2c}}, 0x0) 4.407301399s ago: executing program 5 (id=6055): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0x64, 0x30, 0x871a15abc695fb3d, 0x0, 0x25dfdbfe, {}, [{0x50, 0x1, [@m_mpls={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0x8a1, 0x2, 0x2, 0x4, 0x207}, 0x4}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000010}, 0x0) r1 = socket$kcm(0x10, 0x2, 0x0) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xfe33) 4.246878706s ago: executing program 3 (id=6057): getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x16) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8) 4.031027619s ago: executing program 5 (id=6059): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000459bb2405804035000000000000109021b000111000000090400000195699b000905", @ANYRES32], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$lan78xx(r0, 0x0, &(0x7f0000000080)={0x34, &(0x7f0000000100)={0x20, 0x14, 0x3, "beed37"}, 0x0, 0x0, 0x0, 0x0, 0x0}) 3.768817496s ago: executing program 0 (id=6062): r0 = socket$inet_smc(0x2b, 0x1, 0x0) ppoll(&(0x7f00000000c0)=[{r0}], 0x1, 0x0, 0x0, 0x0) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000040)="5766b1b827f600333b09d3748ee7d700", 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f0000000240)=0x3, 0x4) 3.456947776s ago: executing program 2 (id=6064): syz_mount_image$udf(&(0x7f00000004c0), &(0x7f0000000a40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000c40)=ANY=[@ANYRES64=0x0, @ANYRESDEC=0x0, @ANYBLOB="2c766f6c756d653d303030303030303030303030302c0000000000000000501cb5d7c12e5184d12ef849f01234cc0632d887ab83b9a499f253a549724d60457bb58a75adb74f3af03ad3ce885b137f28e47a314f31f232c3a9f530c68d8ba34bf01945e243cbc23403afab131b58d3a2aa64136e0a7c462f6b7050c665746acc89d02bf21ece3866519a7826f4e18fda118954b3c6e9738bfb06d6c52c8d07"], 0x1, 0x489, &(0x7f0000000580)="$eJzs29trHOUfx/HPd7K72Wz7+3XbpmmVgquCSsWaQ4/Gix5iqNCkOTQiRYWYbOLSnMimkhTR4o233ngjIgoKUkULIt54pb3zD1AQBL3wQgT3wgMIgszszM5ks2nS7iHd9v2CdifPfGfmOewzz7M7zwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEinnjrZ2WVbnQsAANBIg6Mjnd2M/wAA3FXO8/kfAADgbmJy9L1MfSMFG/D+Lkqezc1dWh7r6698WJt5R7Z48e6/ZFd3z6HDR44eC15vfHyt3aNzo+dPZk7Pzy4sZvP57GRmbC43MT+Z3fQZqj2+3AGvAjKzFy9NTk3lM90He1btXk7/0rqtI917tOOEE8SO9fX3j0ZiYvFbvvoa683wE3K0T6bfHvrUBiU5qr4uNnjv1FubV4gDXiHG+vq9gszkxueW3J1DQUU4fll9iaCOGtAWVWmX3HxZojaf2eJydEKmjp8Ldk5SS1APj3pfDK9/YKwml79lbj6fl/SAmqDNbmOtcvSjTLM7khra+mZFg8XkaFmmP3oLNuzdD9z+5N42zz6TeXpuaj4SO2R+j2r28aGRbvN7U1KOBr07fsFGtjozaDh3svSWTHs+ftmbV8ibl+7oPfrEcE90hrF3g/O4sQf9+eNmxuS4HztkQ2ZO7csFAAAAAAAAQGo1R9/JVPgqEyamTU7kkXFSxQdDma3JIoB6MUdvyzQ8UvC+ho+uS2mJrO8pafZnf/XNf1vy9PzCymJu+qWlivtTyZMv5pcWxycq71abe59tiaZstI6lSnFzlJDpuT8/stJ1i/d/fylAmJsPnwzXzCTLr++9b/5fXM8UPEM6fmFvdLtilm/i+ah7TTNHSzKd2rXPX6uS0po6UzHuc5l+f2+/H+ck3MwHp00XzziVm8l2urFfy/T+v0GstyxK2/zY3WFslxtrMr05sDp2ux/bHsZ2u7H9Ml1/oXLsnjC2x419XaaFXzNBbMqNvc+P7QhjD07Mz0xWqkrgZrn9/yeZ3m3PWNA3YsX339r+/0o4FlwpP9E6fb7a/p+OpF3x+/UFt///tc/ry17/dyr3/zdk+uSL/X5cse8l/P07vf/D/v+sTNPfro5N+bG7wtiuTVdsk3Dbf79MZ/ZcK9WN3/5+C4StFm3/e8vfHXVq/52RtLR/3dbaFB2S8iuXL47PzGQX2WCDDTZKG1t9Z0IjuOP/Z+4s6ssfSvMdf/z3P6aEM6u/Xw3H/97yE9Vp/N8VSev1ZyPxmJRcml2I75WS+ZXLj+Vmx6ez09m5Q51HOg8fOt51/Fg8EUzuwq2q6+pO5Lb/NzL9s+1q6fPu6vlf5fl/qvxEdWr/3ZG01Kr5StVFh9/+V2W6//q10vcSN5r/B9//PPJg8bXUP+vU/u2RtLR/3f/VpugAAAAAAAAAAAAAAAAA0NTi5ugDmc48HrPgt2abWf+35gdodVr/1RFJm2zQ7xWqrlQAaAKOHL0j08Mq2GtuwnZpIPqKO9p/AQAA//9HASOO") mknod$loop(&(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1, 0x0) syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x848c1, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000040)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) 3.142800683s ago: executing program 7 (id=6066): r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01) io_submit(0x0, 0x1, &(0x7f0000000240)=[&(0x7f0000000000)={0x180a, 0x0, 0x3, 0x2, 0x0, r0, 0x0, 0x0, 0x8}]) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)}) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x23, &(0x7f0000000000), 0x0) 3.142350663s ago: executing program 2 (id=6067): r0 = signalfd4(0xffffffffffffffff, &(0x7f00000002c0)={[0xd]}, 0x8, 0x800) io_setup(0x1, &(0x7f0000000b80)=0x0) io_submit(r1, 0x1, &(0x7f0000001d00)=[&(0x7f0000001a80)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) syz_io_uring_setup(0x2b06, 0x0, 0x0, 0x0, &(0x7f0000000000)) 3.080215806s ago: executing program 6 (id=6068): r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e20}, 0x1c) r1 = socket$unix(0x1, 0x2, 0x0) bind$unix(r1, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e20}, 0x1c) 2.927511409s ago: executing program 7 (id=6069): r0 = socket(0x10, 0x80002, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[], 0x64}, 0x1, 0x0, 0x0, 0x4004001}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x40d, 0x70bd25, 0x25ffdbfc, {0x0, 0x0, 0x0, 0x0, 0x10}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_HELLO_TIME={0x8, 0x2, 0x6}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x0) sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x0) 2.853964973s ago: executing program 2 (id=6070): r0 = socket(0x2b, 0x1, 0x1) setsockopt$inet6_tcp_buf(r0, 0x6, 0xd, &(0x7f0000000100)="97", 0x1) sendmsg$TIPC_CMD_SHOW_PORTS(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={0x0}, 0x1, 0x0, 0x0, 0x10}, 0x2400c0c1) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, 0x0, 0x0) 2.786923973s ago: executing program 6 (id=6071): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=@newlink={0x28, 0x10, 0x1, 0x70bd28, 0x25dfdbf9, {0x0, 0x0, 0x0, 0x0, 0x48815, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x40801}, 0x4000000) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x1, 0x70bd25, 0x25dfdbf9, {0x0, 0x0, 0x0, 0x0, 0x48815, 0x40003}, [@IFLA_GROUP={0x8}, @IFLA_TXQLEN={0x8, 0xd, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x46801}, 0x4000000) 2.758868279s ago: executing program 0 (id=6072): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_tracing={0x1a, 0x30, &(0x7f00000006c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3fffffff}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}}, @btf_id={0x18, 0x3, 0x3, 0x0, 0x5}, @printk={@x, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x9}}, @map_idx={0x18, 0x6, 0x5, 0x0, 0xb}, @jmp={0x5, 0x0, 0x1, 0x0, 0xa, 0xd0, 0x4}, @btf_id={0x18, 0x7, 0x3, 0x0, 0x3}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x3}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x10000}}, @map_val={0x18, 0x7, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x8}]}, 0x0, 0x6, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xf475, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x40000001}, 0x94) r0 = socket$kcm(0x11, 0x2, 0x0) setsockopt$sock_attach_bpf(r0, 0x107, 0x14, &(0x7f0000000000), 0x4) sendmsg$kcm(r0, &(0x7f0000001780)={&(0x7f00000003c0)=@caif, 0x80, 0x0}, 0x0) 2.481011615s ago: executing program 7 (id=6073): bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x5, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0x2000000, 0xe, 0x0, &(0x7f0000000580)="63eced8e46aa7ce5a833c9f7b942", 0x0, 0x7ffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 2.430414498s ago: executing program 0 (id=6074): r0 = syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x80c406, &(0x7f0000000540)=ANY=[@ANYBLOB='dots,dots,dmask=000000000200000,nodots,discard,nfs=nostale_ro,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c646f733178666c6f70707900000000000000003030ffffffff303030303031373737373737373756c0f39fdb37372c004c0f1208ec0c34b7df4ba1c1e6b76697434db8574db9bcaef6a61a12c3f260bebc7ac5b1b11361119b83f1cf9f686b715b8e58fd37cea6623dc422c2ddbcefe94e5c255b5e8c90613e6b598b3b7a2c05de53dab7"], 0x1, 0x291, &(0x7f0000000280)="$eJzs3M9r034YwPGn6dZ0+7Ifpy/oxQe96CXMelQPVTYQC0q3inoQMpZpaG1HErQVwZw97e8YHr0J4j+w/8LbEGSnnYyszbKs+4Wza2f7fkHJkzz5tE8SUp5PId16uv66uupbq3YgRl7FEAllR2RWXNmTiZe5dpxLtsvdgoRyY+7N9sfFZ88fFkul+bLqQnHpVkFVp698ffv+09VvwX9PPk+bpmzOvtj6Wfi++f/mpa1fS69cX11f641AbV1uNAJ7ueboiutXLdXHNcf2HXXrvuMdyK/WGmtrLbXrK1OTa57j+2rXW2pIS4OG5uOq6mpZlk5N7sZ5GSG5Px5R2SiX7eK5FIMLw/OKdlZEJg7dDZWNwVQEAAAG6fj+30j22ev/je7+X+SU/v9DvNf0l573/1lJ+v+q0+7/A6+l9kvbTff/ONHZ+n/jfIrB38iEqZV7B1KeV5w4ehD9PwAAAAAAAAAAAAAAAAAAAAAA/4KdKJqJomhmd2mISBSvmyKSTa0fMXSknq0fVunrH6VeZnyBT7j+GAKpB/fyIj/CZqVZybSXnfzCg9L8nLalHvzbbjYr2SR/s5PXg/lxmYzzhSPzObl+rZPfzd1/VErn15uVCVk5sfKwV6cAAAAAAIChZ2liNtmYl2R+b1lqSne+PX/vROH+7wNd8/sxuTzWv+MAAAAAAADH81vvqnat5nj9CbJ9/KwzByJnG347MntSRlZETtmnvCgy+BN1KDDlQpQxzMGdnr1hlBHpbBmPvwy67gIAAAAAw2V/PjDoSgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGF39+OuyQR8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcFH8DgAA//8sg70h") syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f00000008c0)='.\x00', 0x1b4a47c, &(0x7f0000000a40)=ANY=[@ANYRES32=0x0, @ANYRES16=r0, @ANYRES32, @ANYRES8, @ANYBLOB="9a2dc45b1d73137442f706a2eef9b8ea7ce19c9369f01b13fdd858b36973be459e542df790691d7bf0", @ANYRES64, @ANYBLOB="3093e121f7523fece90a37d5a927c18dd10d3154456ac66e96749c346fd71173e12fcf6d1160b1a8ed194deb98dc67b07edd64d7e1afef339c828e956edf4068785cb0d7d4a24137cf9c2cac79060c0beb7d1ab2be0fac9a6d6028d2e9d895ec67dec6914528a112adced19a86ad8403eb4e04bc7d51afc6561063bbb696c825a82153efcf06941b3ae039ef7761b7a2bbddc32f3cc39f6ffb5d2a808f3e7ecd9039d8c7895b00ebbf6dc950788fbca296f89178e938440f8e57819e17eb79736882e9699d96b1959c119730542c4baf0af7acac79531d0c4623bb5055768b6228217225ea7782904746898b13fc6dab1c63a2c2d5a724a8bb745da18da54627d618842162c1367e4361737545a8628fb76106c1212ce6152ef12ebda119a33e28f17ba3fbf9eed69447ca88876cbabfce8b2aba2f668f5b91d00d5de2be7bf028b273ec31e63b4fbf87f6cbf1efb41a7e538e4f4a66962d7c7a0b2ff01e86df58b94f1a321aa1297c5a4cc42b656d9acb7a40490ede8099679fb86b4ee7a852aa68358dcea38ad3d2b3b794db5b3caec0228b39709eedd31a55aaf2b49146d0effdc3dfce3ec78e4bb2f65ceb9ca94a2e2fed7efc2b6bcd462955cf911ed5dbb62d6339d001bee46a4989d87cf0578d0f8913ed29d36c31e9b41678ec127f48d40003c0569b6102757c87f00adb7920ab2b78a82bfc115f831ab9abc72a93299c0e1971d17a2b3d376d66e6ddfe3dd86166507f87b6db73fe284aa52db7645601329b6087cab267eefc8bb846cad8ade3e61be692a066d0e6a3f0603d0405d58aa07c406950a69fff78a37cb9e2c9d420bb9394e483252739cabecc7418b142ec8c84e394b42c05c3f116409fc830fac08788bc2b93cb491696a8385d07cd1e19a9de182abeceb435e92d4eda2d2710cb06180c6271e5c1a26edf630ee16848993e3c3ef8804a87407b7e7cdb8d263238cec45424f7dfda3b1a8390e39820ac367c33aafc4edb3223578c108628e6fa84d7805208d796d91e4b83794fdea7fa49ed4c422aed72db2d46df97082b904dd80ed9cb4ab29b4cc1e345d76999971bb7a3bcf191634020eeda9c58c3b2a306921ef7830f672cc1da4905963b0a4aede35913fdf8dbd4e8ba22e39bfba342c6a302f7a03225d021f0e0e357200f7301ce560b065d1431ad16702e035caab022382d6251e88ef861145c1a3121ff099feda4dcf6561a026889ac3f0474d6a868a4f24ea60f7bc95bf7f2afb85a430658eb3b2b84b61a695f90e01f30a417c79caa44640e7eb9195f844346100c551d4fc23ef249f29ec1a5489839d153c3fce79b288d86a48eadc7024cab6f9b626c7eeb87e8f76ec6205c3487deaef65133ec2677c642887de743d1dcc2dbf72f7b9062b9654ff693aa688dd5e05ed48c8d681cd426bde017c08d31d83994284efb804a9beda7091240e7feb740307412e4c64aa422b91dfd31874a43aa2e76988e5933f557c884cd4b960a6321828692975a76f6473cd0650cbd9dd09acfad7aec17c7a6c34e3c9327469d77d1ee32992f1f2c47ff36026f74b4c8d01cf52eefd44d30519f33cc13cb30cf7a43f7305fd76b063d2363ac318e0090d3516cbbd82da99b3f53d570c2e2b85883abf68332f0ea3e0721bd251cea500281405d34aaed523c2684cd5e255919d828bf00f2d62a3d0b56d3d7cd18c5fa6f0764aeea0405e8731f0b223bd19471b8188c4b00cb5c2d057444148a390f36f2ddbf3bb6c46f4c96058ff00057311d2cff2a9c081f3f47967bc5c7c1dc554cd66c39ee403cd426a659131f3e2b9f0109af5414214e81344e0ff0129fe9ec7c01814823c995bf1b437e4f1f07f83055ded75331575d921231b448609f1aa76ae28edc70612e8de047c338712a43413a047c67a2fb3ec7c525a1720d01d8e0e92ae34f3b88c9b4e6c3e938919a4390628f6529dfa8d1f5666c28d4ae9bf8d5a579d5117e027a4cbbc5193a1c3f811a4822746e4c10fe9fd0ac93df86fb41e3d3993cdacb05f633be404a0d7fd256ca01c131859d08e5cd26809f786c5c57866d76f25ae000fc7517e2e74c29f1cf804fa6ae0bd985926daadbc1c61b9e042d8b6367d1e68e3e23476830f8fa2ff4999f17120d64537d601990fa130eaa19b6b660730f37f2256e028689c5b86582819ee5103d8cb23c246f4f34dfb7adebf2a14eb41eef768ecd6dbb37075ed8bf462104e0303f74fd81e69209c0d89cef3b0231a1b24b60d3edf5cb96043ef449823440c2edb1fcee97a9b56e811989ead072123d1090f1f7be126112497c2042bfdea16a14c34d6c90fe8be6a3558ecbcadba53a939f78bd2af5efcb96d697e78fdf099a57981099d4c3b10c560b814c3eb719bd441cc7fc1667776fe21b1a2288804a6b2a0c65341660053f800fef460b93d2dd27b38cdc32fd781fd34480278756e8b9ea8a3fd7687b55064bf95b80d01122f81ac7b1b33c08e92f9736dd80bd850f0f5d54197e28624e8aee1e171a449c21576f420f41d09c3f15c8723303338ede1f73020d1d637a59596092d02b7df0a649be2890b825978f5a571b88425cabbadbff56bbd2bcd3e1ff4c9197e7f639fec41ce603e34a18eb21fac02fcd0c68025c3eba6aa01a8470915ec51a499659a179b12deed0153e02c88dbf4429ecd922675132de722b0d225125e8650cbec160ea8dde590d87d37dda05aa4ebf21a9b2f96bebfc0a495cdea3258f732451716ee60bb9c69d7a1c87ea7e804ec2864234805f3f698f32289de4beecf3fa0cb3649aa6b2d6191ad9493dd01a5380a89af9fbbdcf8482429e254dce6e3d55cd012cf937ec058c922d9490228a7a75c8f28691452bc65184e89bc9b59278c05356c1e9db634b4c3d69ac5b0ac074e21b06cda6f57727dc67503cb78124c9ba71a98138ff73ff83344562a6835262517b239eb12244bafe6200595576f520b6cec0128cc18e94df1a2404dafa7b8631870d4b0b28706463fcdb12ff30a4dae6836cdb00080000d9a2a00d354ac4489be77b69de05646a12406473e2803bab37ca3a8e4057c8c1acdfe64529affda8ab2dc2a2912901dbdaf31add3db2a1998ac2524a6544cbbeea0015f2e3e219d9f65892345b9707a75e47308a0803076b1f3599804410513619a2224e51669d25b3d9ad1d795df41f6718a6bfec935fe61d5b4ed48c9b3506afac9e6215a64b56cc35d69c84914886da4f443aeb9ba4d7b92de2afcaae0d27dcb9fb587de4cfb501419ec1ecf6409761ac42a92d6bf9067f76eee3f459815459dadf700ffc024c511159626bc33f4b67ff894cada0dfd232639d1cb979d4f7f6064b2ff18c5376dd3bddcf70e0db0cbc4169aff2f81295cbcda865bb4d38b135003bf0db7264a80d74628c4e14a24d4453fbfa6ec81befc58c8dc52806961c90aacfbfcafd097d07e285158e96129b7d7fc1e692bb47e59fe42c86be772ce525f2df3cd7fee26fa6f2c4ae8820af6bd86f71a650a8fc636f50fa0be68986d8bc9c4af917c8483057f85700d177efc36127c5737439ccaae4753a97ab57b701a73a9580c497e11f07c60d47407898404f0b8b4187a51a6fa83ea3bca73d58e601f6d62eb86be9675dfc61620f09099de918c1e5d661d8cac1b4a638689ecc5ab23af6807a48be79af1a6fe9a0c4dd0496f8ff2c3e7e395719523d529a57c8cbde9594196e381a549b24e92f62e53f267bdfa214e5830513ca33fdc6abd42c274926eec5b9b26df5b1d19a4e5a33751419853cf372ff3b1f19b7f69b8cc21325828ab5a27ec12a6c6be92b3fe86cc1947e90032535c01dbf4bc8f511d71c2af2b5a2839be10d41786cac3037af2edc90e10005de6c7cd8c8f212ced643b901880e797cf39819200f2d7a52737ffb928798589a399ca3476cee2371e278d7a617cbc0ad3291f4c118d33366316be15a11738b0b36824064fd6e24a17e11c83a72fe54afe4b62d3280df32c0d7089cf67ca673613f223f0b66134c74878ca46fd11f965cbe337258f9e313da2edcd5fdeffc85d6ca8db1355b15d389d4068cefefc1e3e2dea21b22d07fb5120fd4827dd4b3dd6f0c1cdf773820f9b539065569f5e9bdeb6b8dd48cd01b30b3b9ed6b9fb48fa7dc87ceeff8f54cf0744b8c307319615ecb0d7b240cd663425d945cd00906e5b9bd63b89bcac0f4b28837fbfa299866f2b228e7341e517694f4a30c451512eb85e8e011911df0e050d125e63d559f1deae50745dc0a73eb6f0c04b725d8b0e2dfa7668442e9e0da2b83d07b6180a8152e6a35b61b642effaa6a57815d032dd643ed925884d4fdf0d115d5d75ea50999933a770ff1b10b4e172104ee61c2455987db88a053782b97a77af12f01f3f74d1d6224a14a047fda4c181e6b01de067d764d5e666e08d9be7bf5f936a3e3442f741d1619983c77e3bbedf97c4430ac96fe3cc8df98f15188ea9f796dd0e3e0e4bde70cf534a15d0e82d27ffbbafba15d8889451ec8cb0c4a63ef2d6907db89555385e11ec7ef2534ca29cc64df6dc5b3b92697ec11b826449c5db22f81b93868caf8e3df973edfa578b79c012ef8ef433a1eda720e22e30b2901e955dee0646c1efafdf997cd1163e08cf03e9d33f02bdffe0a89cf91acf2ac99796fa05018984ea13ce514460e159b49421c4356928031595dea599f000f0debe2c42e8d3bdd05207e74588ab36a6daaddc8ea2c7c4c5294c385886e58fc6309b94fd91b9b56a37b73a1c163a5a5ea1bfaecc1898c4fe857fec7e9b7f3a24c2f90f61119a9c72aa8df532787db0d25ac60db91b456d03baba0577d96ab9b8439ffc2b7b72e0146e3f2f61118d08449c2a816644c895345fd0a4c019bb4a983095e236a8c1a38b946bdb877c2ae202592cb0266f7d80e2c1d1292532204f9be9f2f5954ce2fa99697c9b20fe138db57ac3134ad556d16d8d615c356d05fd95ab1bef26b23e1ad2ea5abaffede3e14bfe2ee55f593700c49a6c9ecf28d1a01d72b1920b1b7944ef7ed7a2f96a6f5ee4f40f54978a735d155b259d7afd53ac19ed2443d45dcbc84335a419109ab159403b0f828d94079c0c5e5320f91496a043b92901a1e8a4966315ada9f8ffc5ac70868c0df278afe7bfe0affb68aa13ed029bb965b6d6a9ebaba1d0d1a2c17b69d0ca3b0edfa3fefedb5bc0064272577ac22fa84bf819a4eea0ab2ba920888e4c2bc89286184fc10b6dcce84466f3db078fe3af1a90a5b9aa7b66a9e5450807601c2a17460027109908618ac2cc1508029151fc96ee5ab264d2c4236aacfca06c0e6b71b748900652de55f7761a4606a237bd11902178e3a2afde4cc4964b3dfe1abdaad79ed0d80693674c4737a0b17c2e42ba390f98e776a4e758ed98ce8bdeb914b01707602b10fffca3992f1168e7ab3793ad47236351ff7a20ecd50b4edb63e95ed05d6093ead98bbc2dec9dda3ac4b902bd02e4d0eb528653ce3aa313cee066181d7612f40234c1c3aef14fc99b7d9196cd7dab2ff27c388ef67de7b351cf40d343059eeda90e45700c36febfde7a07fce384200618548cb76d8017c2053b332507045a914e39b93f927b33396ab82feb532870c4323c2305398867aac393339656bd4b39c5da5d676fa5a233c7c62f8cc9ab4417a658bf9e679d22bb801ab10d855897a75e4b3e523e87e4ea1e17f270830cee4185d62ea0afd170508453ab0f42d3b35292c4e0000000000000000", @ANYRESHEX, @ANYRES8, @ANYRESHEX, @ANYRES64, @ANYBLOB="07d78ba5b4b305ffa8003d3ce9ffa739e0663e1417c13e72c5279a4b999c88a472706213954865e31509148053419264d6e4ec3f597efaff912ace951125b3eefd14d39185759d6549fe537e3d3c4d5cca3176840af5baa12c6f9bf000085e9875bf09d5c1b1e68f64b44e689ec52c2df882e0d459003298db32777a378c4ace0a20ae4a3a02388044d29ef0ffa7adc737b0e171078e04e665b07fb8d05b5ccf37b7c0724193faac2f04266491289d17e88372335d09e151925ff8f7c30ba93bf421dab1b80566c94d8f42330d10a8b53d815ef818852dca140b21658b973a38b98965cf8af56a1be1543a9b5f596880c1911c54fecd5aefde798a5acb8833ad7e20a68b631cd72101baa470ccc24d68bd292b3d37cc4f1c8d103d99360b6b334059b0333f1540f8594962365e55c0810ef88297072101e1c8affb8b023d24892888c40da78bf946c60d81cc01f3f4e2a09e2e53f05810508579f8d2b298d0dc464180b160f0084060aeb860184400000000008313734b00336f0000f5d969bcf7fbb6ba8de2052baf059660df91e3a4947561683a317fe235858b566069fd7879aa92b18e38b1cb651d5cd3c13c3da31fb20c21c9d5ae9d01a1f64d72e6977aa83825c4f7e3d145ca0417c66270b0c3d1d421cb0b496be97f198d4d18ba35d50aff318cf3c58c8e8a8ee364a028f59a58eded1817cce0207ce5a63b23d3248c65cee3426cc8cadec7ca3c693fd7b4ac2c353922349c87c51cb01be73b1e7c6ed8ffbc146c68501e5a8d", @ANYRESDEC=0x0, @ANYRES32, @ANYRES16], 0x5, 0x0, &(0x7f0000000880)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) write$binfmt_script(r1, &(0x7f0000000000)={'#! ', './file0'}, 0xb) 2.429825s ago: executing program 3 (id=6075): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x8080}, 0x20004450) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000180)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x7c, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x50, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @payload={{0xc}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_DREG={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_PAYLOAD_OFFSET={0x8, 0x3, 0x1, 0x0, 0x4f}, @NFTA_PAYLOAD_LEN={0x8, 0x4, 0x1, 0x0, 0x37}, @NFTA_PAYLOAD_BASE={0x8, 0x2, 0x1, 0x0, 0x2}]}}}, {0x18, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0x10}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0xa4}, 0x1, 0x0, 0x0, 0x20004000}, 0x24000840) sendmsg$NFT_MSG_GETRULE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x14, 0x7, 0xa, 0x201, 0x0, 0x0, {0x0, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x4040800}, 0x20000010) 2.42944734s ago: executing program 2 (id=6076): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0041, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, &(0x7f0000000140)=0x90) write$tun(r0, &(0x7f0000000640)={@void, @void, @ipv6=@icmpv6={0x3, 0x6, "31fddf", 0x160, 0x3a, 0x0, @mcast2, @remote, {[@srh={0x32, 0x0, 0x4, 0x0, 0x1, 0x8, 0x3}, @hopopts={0x0, 0x10, '\x00', [@enc_lim={0x4, 0x1, 0x1}, @pad1, @generic={0xa, 0x55, "1924619e74ad3bff2a7092cf5fb0dfbaaf4aed1527b01e8626dcaab4bfb3407937e0383e76d30edd480ce4cb4bcb8778f0c9b46c5efe0624486d871aeb28a8b7dcb5666f5c7d61dcc5a09f4b1726668727b8b36b0d"}, @calipso={0x7, 0x20, {0x0, 0x6, 0x0, 0x4e69, [0x9, 0x0, 0xfffffffffffffffb]}}, @padn]}], @ndisc_na={0x88, 0x0, 0x0, 0x1, '\x00', @private2={0xfc, 0x2, '\x00', 0x1}, [{0x2, 0x9, "6b42f6d09495b7b0cad87fa7672114dcb0485de91102719e7861ec64ee0f5c6c02ee8e9e4d7b1214679cc2af8f1bd9856a6ff80ff9886ee86c6615d8515f14444f8b6d6987921217ee147b"}, {0x3, 0xb, "4ed046212c32f07cea720ca0402eece51beb2a30927aa6c74b59dcb2c2b390bec803117860e160b2fffeba47e78b2d958be27649f722531f08cbcd7f6fbd91dc5ebd4e5b4cd52efa82daacae3f25e47693d788d5f06a21b8dead68"}, {0x19, 0x0, "aed53486"}]}}}}, 0x188) 2.097676955s ago: executing program 2 (id=6077): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'sha3-224\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x80800) sendmmsg$alg(r1, &(0x7f0000004140)=[{0x0, 0x0, &(0x7f0000000600)=[{0x0}, {&(0x7f0000000280)=';', 0x1}], 0x2}], 0x1, 0x0) 2.03830097s ago: executing program 3 (id=6078): r0 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xfffffffd, {0x0, 0x0, 0x0, r1, {0x0, 0xfff3}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_RSC={0x10, 0x1, {0x0, 0x4, 0xc52d}}}}]}, 0x44}}, 0x4c850) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x48, 0x2c, 0xf3f, 0x30bd29, 0x25dfdc01, {0x0, 0x0, 0x0, r1, {0xfff3, 0xfff3}, {0x0, 0xfff3}, {0xd, 0xf}}, [@filter_kind_options=@f_flower={{0xb}, {0x18, 0x2, [@TCA_FLOWER_INDEV={0x14, 0x2, 'bond0\x00'}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20041004}, 0x0) 1.726937927s ago: executing program 2 (id=6079): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xffffffffffffff0b, 0xcc, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) 1.709601258s ago: executing program 0 (id=6080): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000000)=""/188) 1.670829064s ago: executing program 5 (id=6081): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0x10000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0}) ioctl$IOCTL_VMCI_NOTIFICATIONS_RECEIVE(r0, 0x7a6, 0x0) 1.351007254s ago: executing program 5 (id=6082): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x70, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_AUTH_TYPE={0x8}]}, 0x70}}, 0x0) 1.350518278s ago: executing program 7 (id=6083): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f0000000d40)=ANY=[], 0x1, 0x2bc, &(0x7f00000015c0)="$eJzs3U9rY1UUAPDz0uQ1QxftwpUIvsUs3Fims3VhBqkgdqVk4R/QwZmBoQkDDQRGxTArP4ELF34Pd+4FN34DwYVLdw5SuPLeS5NMkkmmHdMO5ffb9HLuOe/em3fbFMK7+fKN/vG9R4MHT779I9rtLBqd6MTTLPaiEWfSWAAA18LTlOLvC72/NxubmhMAsFkz7/+t56RsL4be3fS0AIAN+viTTz+8c3R0+FFRtCP63w+7WdQ/6/47D+Jh9OJ+3IrdOJ1+FpBS3X7/g6PDaBalvbjZHw27ZWX/i98mqXlU9QexG3vL6w+K2kz9aNis/vPIsoiHnXIit2M3XluoL/sPby+pj24eb7XHiyzH34/d+P2reBS9uFd9pjEd/7s8ivfSD/9881mZXNZno2F3u8qbSluXfW8AAAAAAAAAAAAAAAAAAAAAALi+9ouJvbjZL0P1+TvdrdOqf/+Z/up8nUbVX9dnEXnVmDsfaJTip7PzdW4VRZGyOn9yvs+NZrzejOaVLRwAAAAAAAAAAAAAAAAAAABeIYPHXx/f7fXun/wvjfFD/pPH+i96nc5M5M1Ynbx9rrFia5xeznU+5+DXz/uTSLmIi0x+2CoiVs25tRC5Uc5n/ZX/TSmlLIt4udvUepGx1jR2VueUL/AvP+68fXw3W/cats9u3M+zXXmcDB7P3dPIVg96+kwknWv75Sty8vGOeaHr7LzkL9E7f9aDjSPZmlW0ZiKtcSOet/3a59rPl/c3CAAAAAAAAAAAAAAAAAAAqE0f+l3S+WRlaWNjkwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACASzb9/v9pIxYic41R/FUVL89JKY0mkTxOBle9RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK6//wIAAP//qWdtxQ==") syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), 0xffffffffffffffff) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) 963.09803ms ago: executing program 7 (id=6084): syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x11d04b8, 0x0, 0x85, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='nr_inodes=1']) chdir(&(0x7f0000000240)='./file0\x00') syz_read_part_table(0x5df, &(0x7f0000000000)="$eJzs3DGIE1kYB/CXIBEFETs7gykichAh3UkEDXGQgAnBQ4s70c4t0qyVRYxgQCzMNhE5Gy0UYQ1aaCUiCCImFkIqUXavuN1l2eJY2CawLHMEZrvjYG/JHQe/Hzx4b97/zcfHMOVM4H8tHf6I4zgVQoj37vz0T/OVs+ey9dONCyGkwi8hhN/zs79OdlJJYvuuR5P1YrIuvt3TvDcf3en2Dhx+nd38nE72byVjZfjw8q6bY+qOXT/+/sh4dOhNNTwenBqc3N+8dK2fL7f7X+qvzjzNPtt+7oUp1X9Z+njwdmc26t4ozXyNWkvRanpjPTr/4FEhM9du5NdOJLkrU6rf3LqYef7kQ7mzvK/4qVqr9V58v59rVd51bo6GuW/ju1eT3MI/eLsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPj3Hbt+/P2R8ejQm2p4PDg1OLm/eelaP19u97/UX515mn12NMkVplT/Zenjwdud2ah7ozTzNWotRavpjfXo/INHhcxcu5FfO5HkrvzV4TiO27us39y6mHn+5EO5s7yv+Klaq/VefL+fa1XedW6Ohrlv47tXk9zC3l0WAgAAAAAAAAAAAAAAAAAAgL9ROXsuWz/duDCZ/xxC+GHmx7nJPE6+d08lue3/ACxOrqdDKL7d07w3H93p9g4cfp3d/Pxbkr+VjJXhw8v/QTvs0J8BAAD//9odjZ8=") 925.967974ms ago: executing program 6 (id=6085): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x55) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="020100090e0000000300000000000004050006"], 0x70}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x3ef, 0x0) 816.253298ms ago: executing program 3 (id=6086): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94) r1 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002380)={r0, 0x0, 0x2d, 0x0, @val=@netfilter={0x2, 0x4, 0x600, 0x1}}, 0x20) bpf$LINK_DETACH(0x22, &(0x7f0000000100)=r1, 0x4) bpf$LINK_DETACH(0x22, &(0x7f0000000140)=r1, 0x4) 751.05698ms ago: executing program 5 (id=6087): r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000880)={{&(0x7f00009d2000/0x4000)=nil, 0x4000}, 0x2}) 484.663767ms ago: executing program 3 (id=6088): r0 = syz_clone(0x800000, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) wait4(r0, 0x0, 0x40000000, 0x0) ptrace$ARCH_GET_GS(0x1e, r0, &(0x7f0000000140), 0x1004) 473.307166ms ago: executing program 6 (id=6089): r0 = syz_io_uring_setup(0x47a7, &(0x7f00000002c0)={0x0, 0x10006f55, 0x3080, 0x80002, 0x400203}, &(0x7f0000003400), &(0x7f0000000f80), &(0x7f0000000000)) r1 = eventfd2(0xd, 0x0) io_uring_register$IORING_REGISTER_EVENTFD(r0, 0x4, &(0x7f0000000140)=r1, 0x1) io_uring_register$IORING_UNREGISTER_EVENTFD(r0, 0x5, 0x0, 0x0) 422.568055ms ago: executing program 5 (id=6090): syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000b80)='./file0\x00', 0x800744, &(0x7f0000000300)={[{@data_err_ignore}, {@oldalloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@nobh}, {@errors_remount}, {@nodiscard}, {@grpid}]}, 0x1, 0x47a, &(0x7f00000006c0)="$eJzs28uPFMUfAPBv9z6AH4/lh/gAUVeJyUbjLrugcvCi0cQYjCZ6wOM6O5ANA2vY1QgSWYzxZGJI9Ew8Gv0LvBkTo55MuHryZEiIcgE8remebpgdZni4M8yy8/kkPVPVXT1VNdWP6qqZAPrWaPaSRGyKiN8jYqQeXZ5gtP525dKpytVLpypJLC299VeSp7t86VSlTFrut7GIjKUR6adJkcly8ydOHpmu1arHi/jEwtH3JuZPnHzmg6PTh6uHq8em9u/ft3fy+eemnu1IPbN6Xd758dyuHa++c/b1ysGz7/7yXVbeTcX2xnp0ymhW8b+Xcs3bnux0Zj22uSGcDPawINyRgYjImmsoP/9HYiCuN95IvPJJTwsHdFV2b1rXfvPiErCGJdHrEgC9Ud7os+ffcrlLXY9V4eKL9QegrN5XiqW+ZTDSIs1Q0/NtJ41GxMHFf85lS3RpHAIAoNHnla8ODEfER1e/fS3re4xERDke9ED++kf+uqWYQ9kaEf+PiG0RcV9EbI+I+4u0D0bEQyssz439n/TCCj/yprL+3wvF3Nby/l/Z+4utA0Vsc17/oeTQbK26J9bl38lYDK3L4pM3yeOHl89/0W5bY/8vW7L8y75gUY4Lg00DdDPTC9N5p7QDLp6J2DnYqv7JtZmAJCJ2RMTOO/voLWVg9qlvdrVL1Lr+l8/dVg4dmGda+jqr3mJW/8Voqn8paZyfnL1hfnJifdSqeybqR0Urv/722Zvt8r91+3fXxWr9vaH9m5NsTRrna+c7m/9/PP7T4eTtfJ55uFj34fTCwvHJiOHkQB5ftn7q+r5lvEyfHf9ju1uf/9uKfbL6PxwR2UH8SEQ8GhGPFWV/PCKeiIjdN6njzy/duv6R9qj9z0TMtLz+XTv+m9r/zgMDR376vl3+t9f++/LQWLEmv/7dQqviZJeL5gKu5LsDAACAe0Wa/wY+ScevhdN0fLz+G/7t8b+0Nje/8PShufePzcT5LfXxz7Qc6RopxkNrs7XqZLJYfGJ9fHSqGCsux0v3FuPGXw5syOPjlbnaTI/rDv1uY5vzP/PnQK9LB3TZhpZrp4bvekGAHmieR0+XR0+/ES4GsFb5vzb0r/L8b/O83/g/GGCNcf+H/tXq/D/dFDcXAGuT+z/0L+c/9Kn0xxXs7KkA7nXu/9CXVvK//i4G1q+OYvQmsFobJQ9ElIF0VZRHoEuBXl+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOuPfAAAA//+Pc+dq") inotify_add_watch(0xffffffffffffffff, 0x0, 0x100) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x115) getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000) 247.59625ms ago: executing program 0 (id=6091): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000000)=0x100000b3, 0x4) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f0000000040)={0x1, &(0x7f0000000380)=[{0x6, 0x2, 0x1}]}, 0x10) 242.636866ms ago: executing program 7 (id=6092): syz_mount_image$cramfs(&(0x7f0000000100), &(0x7f0000000040)='./bus\x00', 0x0, &(0x7f0000000540)=ANY=[], 0xfa, 0x155, &(0x7f0000000340)="$eJzskT9LQlEYxp/jvV41Mg0MKiiChsQwb1dsa9BIcrADhUtToCcSNEUh3LLmhj6AS0uTOERjQ9FkeSHsMzS6BUGLce4faW1/f8u953mf87zvOWd324wiDCiw2alV6w3RbIrSygHPZw/vHx5npO5THQOq9YY0l+zVUxo4lV8VGF3a8kvQA6AiNoq1SkkDkAaiADIyo+yFDts7JbWIHyflith0tOgqPp1WwnA1DdDmYPmSjraoApmQrek/wPgWWJN5s5jkfQFodbzO3PHY3ZKSdk/R6qz3uq/7g34uHlsW10Z2wbqBgpDzMln/SPTj74led2gOxhc8z82kYWwldUXXU0P+Nsil2jdQ96bPgSMGBP7kaTKjAFwxoMOArpU3enZ7c3/IFwkAnrMwwGSFBWXP9jevuu+gWJXi8byXudsmPwRBEARBEARBEATxX34DAAD//4EIV14=") r0 = fspick(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) 22.844743ms ago: executing program 6 (id=6093): r0 = socket$inet6(0xa, 0x3, 0x38) setsockopt$inet6_int(r0, 0x29, 0x7, &(0x7f0000000040)=0xeffe, 0x4) connect$inet6(r0, &(0x7f0000000280)={0xa, 0xfff6, 0x5, @empty, 0xb}, 0x1c) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)=',', 0xf338}], 0x1) 0s ago: executing program 0 (id=6094): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0x2000300, 0x70, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) kernel console output (not intermixed with test programs): uota mode: none. [ 670.022143][ T30] audit: type=1800 audit(1777409920.795:197): pid=18402 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.4911" name="file1" dev="loop6" ino=18 res=0 errno=0 [ 670.218260][ T5753] usb 3-1: USB disconnect, device number 42 [ 670.237518][T18414] loop5: detected capacity change from 0 to 2048 [ 670.328650][T10813] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 670.356784][T18414] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 670.501456][T18414] EXT4-fs: can't change dax mount option while remounting [ 670.683843][ T5622] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 670.747082][T18420] loop6: detected capacity change from 0 to 128 [ 670.798110][T18420] EXT4-fs (loop6): Test dummy encryption mode enabled [ 670.900219][T18420] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 670.986233][T18420] ext4 filesystem being mounted at /460/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 671.179156][T10813] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 671.370920][ T5633] usb 6-1: new high-speed USB device number 37 using dummy_hcd [ 671.545542][ T5633] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 671.591495][ T5633] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 671.623145][ T5633] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 671.659088][ T5633] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 671.684617][ T5633] usb 6-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13 [ 671.718506][ T5633] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 671.754681][ T5633] usb 6-1: Product: syz [ 671.770407][ T5633] usb 6-1: Manufacturer: syz [ 671.789538][ T5633] usb 6-1: SerialNumber: syz [ 671.809540][ T5633] usb 6-1: config 0 descriptor?? [ 671.846133][T18439] loop7: detected capacity change from 0 to 1024 [ 672.033428][ T5633] adutux 6-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0 [ 672.191375][ T9] usb 8-1: new high-speed USB device number 11 using dummy_hcd [ 672.245624][ T5762] usb 6-1: USB disconnect, device number 37 [ 672.350707][ T9] usb 8-1: too many configurations: 9, using maximum allowed: 8 [ 672.367761][ T9] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 672.387008][ T9] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 672.421685][ T9] usb 8-1: config 0 interface 0 has no altsetting 0 [ 672.441115][ T9] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 672.456490][ T9] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 672.495627][ T9] usb 8-1: config 0 interface 0 has no altsetting 0 [ 672.517514][ T9] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 672.550379][ T9] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 672.591787][ T9] usb 8-1: config 0 interface 0 has no altsetting 0 [ 672.610570][ T9] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 672.623641][ T9] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 672.645211][ T9] usb 8-1: config 0 interface 0 has no altsetting 0 [ 672.657887][ T9] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 672.677094][ T9] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 672.703777][ T9] usb 8-1: config 0 interface 0 has no altsetting 0 [ 672.727670][ T9] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 672.764216][ T9] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 672.818442][ T9] usb 8-1: config 0 interface 0 has no altsetting 0 [ 672.838515][ T9] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 672.858160][ T9] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 672.895975][ T9] usb 8-1: config 0 interface 0 has no altsetting 0 [ 672.928700][ T9] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 672.958100][ T9] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 672.986847][ T9] usb 8-1: config 0 interface 0 has no altsetting 0 [ 673.011044][ T9] usb 8-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 673.026206][ T9] usb 8-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 673.044860][ T9] usb 8-1: Product: syz [ 673.055181][ T9] usb 8-1: Manufacturer: syz [ 673.065124][ T9] usb 8-1: SerialNumber: syz [ 673.093265][ T9] usb 8-1: config 0 descriptor?? [ 673.129967][ T9] yurex 8-1:0.0: USB YUREX device now attached to Yurex #0 [ 673.365114][T18466] loop5: detected capacity change from 0 to 512 [ 673.415637][T18466] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 673.481095][T18466] EXT4-fs error (device loop5): ext4_validate_block_bitmap:431: comm syz.5.4937: bg 0: block 104: invalid block bitmap [ 673.495754][T18466] loop5: lost filesystem error report for type 5 error -117 [ 673.499583][ C1] EXT4-fs (loop5): error count since last fsck: 1 [ 673.513380][ C1] EXT4-fs (loop5): initial error at time 1777409924: ext4_validate_block_bitmap:431 [ 673.522820][ C1] EXT4-fs (loop5): last error at time 1777409924: ext4_validate_block_bitmap:431 [ 673.528264][T18466] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6679: Corrupt filesystem [ 673.556433][T18466] loop5: lost filesystem error report for type 5 error -117 [ 673.568340][ T9] usb 8-1: USB disconnect, device number 11 [ 673.589385][T18466] EXT4-fs error (device loop5): ext4_free_branches:1020: inode #11: comm syz.5.4937: invalid indirect mapped block 1 (level 1) [ 673.605760][T18466] loop5: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 673.625007][T18466] EXT4-fs (loop5): 1 truncate cleaned up [ 673.709235][ T9] yurex 8-1:0.0: USB YUREX #0 now disconnected [ 673.744198][T18466] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 673.894901][ T30] audit: type=1800 audit(1777409924.675:198): pid=18466 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.4937" name="file1" dev="loop5" ino=18 res=0 errno=0 [ 674.014127][ T5622] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 674.569401][T18498] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4950'. [ 674.603493][T18498] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4950'. [ 675.162499][T18511] netlink: 'syz.7.4957': attribute type 6 has an invalid length. [ 675.185749][T18511] netlink: 'syz.7.4957': attribute type 6 has an invalid length. [ 677.891945][ T24] usb 3-1: new high-speed USB device number 43 using dummy_hcd [ 678.071024][ T24] usb 3-1: Using ep0 maxpacket: 8 [ 678.088721][ T24] usb 3-1: config 0 has an invalid interface number: 55 but max is 0 [ 678.108339][ T24] usb 3-1: config 0 has no interface number 0 [ 678.128554][ T24] usb 3-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 678.166555][ T24] usb 3-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 678.211867][ T24] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 678.253831][ T24] usb 3-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 678.305578][ T24] usb 3-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 678.345620][ T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 678.386594][ T24] usb 3-1: config 0 descriptor?? [ 678.464832][ T24] ldusb 3-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 678.483226][T18576] loop7: detected capacity change from 0 to 2048 [ 678.525251][T18576] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 678.652257][T18576] EXT4-fs: can't change dax mount option while remounting [ 678.706515][ T5633] usb 3-1: USB disconnect, device number 43 [ 678.768184][ T5633] ldusb 3-1:0.55: LD USB Device #0 now disconnected [ 678.911528][T14665] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 679.826183][T18609] loop7: detected capacity change from 0 to 256 [ 680.142356][ T9] usb 8-1: new high-speed USB device number 12 using dummy_hcd [ 680.176424][T18619] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5000'. [ 680.201220][T18621] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 680.330393][ T9] usb 8-1: Using ep0 maxpacket: 16 [ 680.356225][ T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 680.400694][ T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 680.433502][ T9] usb 8-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.00 [ 680.468190][ T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 680.510838][ T9] usb 8-1: config 0 descriptor?? [ 680.948967][ T9] apple 0003:05AC:024B.0050: fixing up MacBook JIS keyboard report descriptor [ 681.002120][ T9] apple 0003:05AC:024B.0050: unknown global tag 0xe [ 681.029923][ T9] apple 0003:05AC:024B.0050: item 0 1 1 14 parsing failed [ 681.053412][ T9] apple 0003:05AC:024B.0050: parse failed [ 681.063093][ T9] apple 0003:05AC:024B.0050: probe with driver apple failed with error -22 [ 681.123411][T18648] faux_driver vgem: [drm] Unknown color mode 135165; guessing buffer size. [ 681.216390][ T9] usb 8-1: USB disconnect, device number 12 [ 682.301118][ T24] usb 3-1: new high-speed USB device number 44 using dummy_hcd [ 682.459887][ T9] usb 8-1: new full-speed USB device number 13 using dummy_hcd [ 682.464670][ T24] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD4, changing to 0x84 [ 682.523031][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 51544, setting to 1024 [ 682.547394][T18671] netlink: 32 bytes leftover after parsing attributes in process `syz.5.5022'. [ 682.559056][ T24] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x84 has invalid maxpacket 1024 [ 682.586408][ T24] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 682.606768][ T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 682.630400][ T24] usb 3-1: Product: syz [ 682.638336][ T24] usb 3-1: Manufacturer: syz [ 682.647935][ T24] usb 3-1: SerialNumber: syz [ 682.655880][ T9] usb 8-1: unable to read config index 0 descriptor/start: -71 [ 682.688675][ T9] usb 8-1: can't read configurations, error -71 [ 682.692044][ T24] usb 3-1: config 0 descriptor?? [ 682.748175][T18667] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 682.996885][T18667] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 683.248409][T18667] snd-usb-audio 3-1:0.0: Runtime PM usage count underflow! [ 683.442417][ T5633] usb 3-1: USB disconnect, device number 44 [ 683.887332][T18696] bond1: entered promiscuous mode [ 683.899399][T18696] netlink: 20 bytes leftover after parsing attributes in process `syz.5.5032'. [ 684.592149][T18711] loop3: detected capacity change from 0 to 256 [ 684.651796][T18711] FAT-fs (loop3): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 684.993270][T18717] loop7: detected capacity change from 0 to 128 [ 685.087063][T18717] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 685.112014][ T1307] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.127736][ T1307] ieee802154 phy1 wpan1: encryption failed: -22 [ 685.169912][T18717] ext4 filesystem being mounted at /210/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 685.684337][T14665] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 686.131929][ T5820] usb 4-1: new high-speed USB device number 38 using dummy_hcd [ 686.303125][ T5820] usb 4-1: Using ep0 maxpacket: 16 [ 686.352739][ T5820] usb 4-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3 [ 686.378238][ T5820] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 686.411193][ T5820] usb 4-1: Product: syz [ 686.419001][ T5820] usb 4-1: Manufacturer: syz [ 686.444932][ T5820] usb 4-1: SerialNumber: syz [ 686.476450][ T5820] usb 4-1: config 0 descriptor?? [ 686.535096][T18743] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 686.930214][ T5820] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state. [ 686.967632][ T5820] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 687.003860][ T5820] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T) [ 687.026389][ T5820] usb 4-1: media controller created [ 687.076623][ T5820] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 687.186007][ T5820] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T' [ 687.212806][ T5820] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected. [ 687.404239][ T5753] usb 4-1: USB disconnect, device number 38 [ 687.553261][ T5753] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected. [ 687.837329][T18777] netlink: 'syz.0.5068': attribute type 10 has an invalid length. [ 689.147794][T18805] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5080'. [ 689.343555][T18784] loop7: detected capacity change from 0 to 32768 [ 689.982255][T18822] loop6: detected capacity change from 0 to 512 [ 690.027758][T18822] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 690.086247][T18822] EXT4-fs error (device loop6): ext4_validate_block_bitmap:431: comm syz.6.5105: bg 0: block 104: invalid block bitmap [ 690.139738][T18822] loop6: lost filesystem error report for type 5 error -117 [ 690.146831][T18822] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6679: Corrupt filesystem [ 690.154248][ C1] EXT4-fs (loop6): error count since last fsck: 1 [ 690.154281][ C1] EXT4-fs (loop6): initial error at time 1777409940: ext4_validate_block_bitmap:431 [ 690.154326][ C1] EXT4-fs (loop6): last error at time 1777409940: ext4_validate_block_bitmap:431 [ 690.274401][T18822] loop6: lost filesystem error report for type 5 error -117 [ 690.276875][T18822] EXT4-fs error (device loop6): ext4_free_branches:1020: inode #11: comm syz.6.5105: invalid indirect mapped block 1 (level 1) [ 690.352000][T18822] loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 690.377914][T18822] EXT4-fs (loop6): 1 truncate cleaned up [ 690.474596][T18822] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 690.526265][ T30] audit: type=1800 audit(1777409941.305:199): pid=18822 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.5105" name="file1" dev="loop6" ino=18 res=0 errno=0 [ 690.731342][T10813] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 691.973256][T18834] loop3: detected capacity change from 0 to 131072 [ 691.984375][T18834] F2FS-fs (loop3): Test dummy encryption mode enabled [ 692.096120][T18834] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 692.112976][T18834] F2FS-fs (loop3): Mounted with checkpoint version = 753bd00b [ 692.290171][T18829] Bluetooth: hci4: command 0x0406 tx timeout [ 692.345568][T18857] loop5: detected capacity change from 0 to 1024 [ 692.373609][T18857] EXT4-fs: Ignoring removed orlov option [ 692.498918][T18857] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 692.968443][ T5622] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 693.390848][T18870] loop6: detected capacity change from 0 to 512 [ 693.424672][T18870] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem [ 693.494744][T18870] EXT4-fs (loop6): 1 truncate cleaned up [ 693.519297][T18870] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 693.646471][T10813] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 694.985021][T18904] loop7: detected capacity change from 0 to 128 [ 695.014135][T18904] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 695.112621][T18904] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 695.701991][ T6007] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 695.934050][T18926] cgroup: fork rejected by pids controller in /syz0 [ 696.505000][T18936] loop6: detected capacity change from 0 to 2048 [ 696.620878][T18936] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 698.028082][T18969] loop7: detected capacity change from 0 to 2048 [ 698.083078][T18969] EXT4-fs: Ignoring removed i_version option [ 698.112599][T18969] EXT4-fs (loop7): Test dummy encryption mode enabled [ 698.133435][T18969] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 698.217454][ T30] audit: type=1800 audit(1777409948.995:200): pid=18969 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.5148" name="file0" dev="loop7" ino=13 res=0 errno=0 [ 698.429128][T14665] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 698.527597][T18939] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 698.550602][T18939] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 698.560354][T18939] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 698.583673][T18939] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 698.591866][T18939] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 700.311670][T18984] loop5: detected capacity change from 0 to 131072 [ 700.342962][T18984] XFS (loop5): Mounting V5 Filesystem b93a8937-ccd4-41a2-86c7-66a1570a2846 [ 700.505867][T18984] XFS (loop5): Starting recovery (logdev: internal) [ 700.609506][T18984] XFS (loop5): Ending recovery (logdev: internal) [ 700.691178][T18887] Bluetooth: hci5: command tx timeout [ 700.940086][ T5622] XFS (loop5): Unmounting Filesystem b93a8937-ccd4-41a2-86c7-66a1570a2846 [ 701.372342][T19024] loop7: detected capacity change from 0 to 256 [ 701.451962][T19027] loop6: detected capacity change from 0 to 256 [ 701.474758][T19024] exfat: Deprecated parameter 'utf8' [ 701.498086][T19027] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 701.519663][T19024] exfat: Deprecated parameter 'utf8' [ 701.537933][T19024] exfat: Deprecated parameter 'utf8' [ 701.597147][T19024] exFAT-fs (loop7): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d) [ 702.736513][T18972] bridge0: port 1(bridge_slave_0) entered blocking state [ 702.744801][T18972] bridge0: port 1(bridge_slave_0) entered disabled state [ 702.752486][T18972] bridge_slave_0: entered allmulticast mode [ 702.761025][T18972] bridge_slave_0: entered promiscuous mode [ 702.771388][T18887] Bluetooth: hci5: command tx timeout [ 702.782357][T18972] bridge0: port 2(bridge_slave_1) entered blocking state [ 702.793438][T18972] bridge0: port 2(bridge_slave_1) entered disabled state [ 702.801893][T18972] bridge_slave_1: entered allmulticast mode [ 702.812084][T18972] bridge_slave_1: entered promiscuous mode [ 702.868547][T18972] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 702.904375][T18972] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 703.158340][T18972] team0: Port device team_slave_0 added [ 703.212489][T18972] team0: Port device team_slave_1 added [ 703.266834][T19033] loop5: detected capacity change from 0 to 32768 [ 703.322799][T19033] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.5168 (19033) [ 703.434052][T19033] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 703.477093][T18972] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 703.482496][T19033] BTRFS info (device loop5): using crc32c checksum algorithm [ 703.516636][T18972] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 703.598934][T18972] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 703.655046][T18972] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 703.675700][T18972] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 703.704058][T18972] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 703.808445][T19033] BTRFS info (device loop5): turning on async discard [ 703.855547][T18972] hsr_slave_0: entered promiscuous mode [ 703.857425][T19033] BTRFS info (device loop5): enabling free space tree [ 703.872544][T18972] hsr_slave_1: entered promiscuous mode [ 703.901665][T18972] debugfs: 'hsr0' already exists in 'hsr' [ 703.923187][T19033] BTRFS info (device loop5): enabling auto defrag [ 703.946046][T18972] Cannot create hsr debugfs directory [ 703.962377][T19033] BTRFS info (device loop5): force zlib compression, level 3 [ 704.023911][T19033] BTRFS info (device loop5): max_inline set to 0 [ 704.524700][ T5622] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 704.850724][T18887] Bluetooth: hci5: command tx timeout [ 705.011091][T19100] loop7: detected capacity change from 0 to 256 [ 705.067470][T19100] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 705.196258][T18972] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 706.008930][T19118] netlink: 13 bytes leftover after parsing attributes in process `syz.2.5197'. [ 706.276637][T18972] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 706.485664][T19125] bridge0: port 2(bridge_slave_1) entered disabled state [ 706.493114][T19125] bridge0: port 1(bridge_slave_0) entered disabled state [ 706.543139][T18972] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 706.797518][T18972] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 706.930897][T18887] Bluetooth: hci5: command tx timeout [ 707.425827][T19147] loop3: detected capacity change from 0 to 128 [ 707.462816][T19147] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 707.474196][T19151] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5209'. [ 707.518441][T19147] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 707.679764][ T9] usb 6-1: new high-speed USB device number 38 using dummy_hcd [ 707.849951][ T9] usb 6-1: Using ep0 maxpacket: 8 [ 707.858648][ T6007] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 707.880178][ T9] usb 6-1: config 0 has an invalid interface number: 186 but max is 0 [ 707.905417][ T9] usb 6-1: config 0 has no interface number 0 [ 707.926303][ T9] usb 6-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 707.958404][ T9] usb 6-1: config 0 interface 186 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 707.993031][ T9] usb 6-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A [ 708.041165][ T9] usb 6-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 708.086814][ T9] usb 6-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3 [ 708.134561][ T9] usb 6-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5 [ 708.138192][T18972] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 708.154665][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 708.154708][ T9] usb 6-1: Product: syz [ 708.154737][ T9] usb 6-1: Manufacturer: syz [ 708.203228][ T9] usb 6-1: SerialNumber: syz [ 708.232368][ T9] usb 6-1: config 0 descriptor?? [ 708.394448][T18972] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 708.462303][T18972] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 708.501086][ T9] iowarrior 6-1:0.186: IOWarrior product=0x1505, serial=42424242 interface=186 now attached to iowarrior0 [ 708.503926][T18972] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 708.574109][T18972] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 708.636970][T18972] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 708.656535][T18972] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 708.723554][T18972] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 708.793469][ T9] usb 6-1: USB disconnect, device number 38 [ 709.045532][T18972] 8021q: adding VLAN 0 to HW filter on device bond0 [ 709.142619][T18972] 8021q: adding VLAN 0 to HW filter on device team0 [ 709.169502][ T6007] bridge0: port 1(bridge_slave_0) entered blocking state [ 709.176759][ T6007] bridge0: port 1(bridge_slave_0) entered forwarding state [ 709.228137][ T109] bridge0: port 2(bridge_slave_1) entered blocking state [ 709.235388][ T109] bridge0: port 2(bridge_slave_1) entered forwarding state [ 709.643670][T19198] loop5: detected capacity change from 0 to 2048 [ 709.743148][T19198] Alternate GPT is invalid, using primary GPT. [ 709.779846][T19198] loop5: p1 p2 p3 [ 710.401346][T19212] loop3: detected capacity change from 0 to 256 [ 710.476380][T19216] loop7: detected capacity change from 0 to 256 [ 710.479384][ T5608] udevd[5608]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory [ 710.512229][ T5607] udevd[5607]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory [ 710.531402][ T6699] udevd[6699]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory [ 710.699173][T19216] FAT-fs (loop7): Directory bread(block 64) failed [ 710.731922][T19216] FAT-fs (loop7): Directory bread(block 65) failed [ 710.766137][T19216] FAT-fs (loop7): Directory bread(block 66) failed [ 710.796919][T19216] FAT-fs (loop7): Directory bread(block 67) failed [ 710.841069][T19216] FAT-fs (loop7): Directory bread(block 68) failed [ 710.859175][T19216] FAT-fs (loop7): Directory bread(block 69) failed [ 710.895025][T19216] FAT-fs (loop7): Directory bread(block 70) failed [ 710.926738][T19216] FAT-fs (loop7): Directory bread(block 71) failed [ 710.952850][T19216] FAT-fs (loop7): Directory bread(block 72) failed [ 710.971752][T19216] FAT-fs (loop7): Directory bread(block 73) failed [ 711.609336][T18972] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 711.824331][T18972] veth0_vlan: entered promiscuous mode [ 711.902182][T18972] veth1_vlan: entered promiscuous mode [ 712.074760][T18972] veth0_macvtap: entered promiscuous mode [ 712.119556][T18972] veth1_macvtap: entered promiscuous mode [ 712.226174][T18972] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 712.296966][T18972] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 712.377911][ T5800] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 712.414727][ T5800] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 712.465687][ T5800] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 712.496107][ T5800] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 712.784379][T19259] loop6: detected capacity change from 0 to 512 [ 712.889111][T19259] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 712.953994][ T6008] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 712.979143][ T6008] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 713.098264][ T109] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 713.124122][ T109] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 713.452773][T10813] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 713.855936][T19286] bridge0: port 2(bridge_slave_1) entered disabled state [ 713.863287][T19286] bridge0: port 1(bridge_slave_0) entered disabled state [ 714.499065][T19273] loop7: detected capacity change from 0 to 32768 [ 714.528152][T19273] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.5255 (19273) [ 714.587055][T19273] BTRFS info (device loop7): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 714.641038][T19273] BTRFS info (device loop7): using crc32c checksum algorithm [ 714.874101][T19273] BTRFS info (device loop7): enabling ssd optimizations [ 714.918466][T19273] BTRFS info (device loop7): turning on flush-on-commit [ 714.963165][T19273] BTRFS info (device loop7): enabling free space tree [ 715.008688][T19273] BTRFS info (device loop7): enabling auto defrag [ 715.033142][T19273] BTRFS info (device loop7): use lzo compression, level 1 [ 715.069949][T19273] BTRFS info (device loop7): max_inline set to 4096 [ 715.736117][T14665] BTRFS info (device loop7): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 716.844493][T19352] loop5: detected capacity change from 0 to 16 [ 716.865934][T19352] erofs (device loop5): mounted with root inode @ nid 36. [ 717.522504][T19341] loop6: detected capacity change from 0 to 40427 [ 717.549144][T19363] 8021q: adding VLAN 0 to HW filter on device bond1 [ 717.557376][T19341] F2FS-fs (loop6): build fault injection rate: 771 [ 717.568549][T19341] F2FS-fs (loop6): invalid crc value [ 717.589054][T19363] bond0: (slave bond1): Enslaving as an active interface with an up link [ 718.032625][T19341] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 718.135407][T19341] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 718.421892][ T30] audit: type=1326 audit(1777409969.195:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19379 comm="syz.3.5291" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd7b439cdd9 code=0x0 [ 718.504665][T19388] IPVS: fo: SCTP 172.20.20.187:0 - no destination available [ 719.476249][T19372] loop0: detected capacity change from 0 to 32768 [ 719.548111][T19372] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.5288 (19372) [ 719.639140][T19372] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 719.701095][T19372] BTRFS info (device loop0): using crc32c checksum algorithm [ 719.905238][T19372] BTRFS info (device loop0): enabling ssd optimizations [ 719.919737][T19372] BTRFS info (device loop0): turning on flush-on-commit [ 719.952299][T19372] BTRFS info (device loop0): enabling free space tree [ 719.959151][T19372] BTRFS info (device loop0): enabling auto defrag [ 719.967507][T19372] BTRFS info (device loop0): use lzo compression, level 1 [ 719.976526][T19372] BTRFS info (device loop0): max_inline set to 4096 [ 720.301719][T19425] loop5: detected capacity change from 0 to 4096 [ 720.448414][T19425] ntfs3(loop5): ino=19, mi_enum_attr [ 720.471860][T19425] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 720.542663][ T30] audit: type=1800 audit(1777409971.325:202): pid=19425 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.5303" name="file1" dev="loop5" ino=30 res=0 errno=0 [ 720.781582][T18972] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 721.154698][ T30] audit: type=1326 audit(1777409971.935:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19434 comm="syz.7.5308" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbf3059cdd9 code=0x0 [ 722.108428][T19464] netlink: 28 bytes leftover after parsing attributes in process `syz.7.5317'. [ 722.397262][T19470] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5321'. [ 722.739686][ T24] usb 8-1: new low-speed USB device number 15 using dummy_hcd [ 722.789318][T19473] loop3: detected capacity change from 0 to 32768 [ 722.834465][T19473] (syz.3.5322,19473,0):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 722.852587][T19473] (syz.3.5322,19473,0):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 722.936218][ T24] usb 8-1: config 0 has an invalid interface number: 1 but max is 0 [ 722.939713][T19473] JBD2: Ignoring recovery information on journal [ 722.950497][ T24] usb 8-1: config 0 has no interface number 0 [ 722.956811][ T24] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 722.972732][ T24] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8 [ 722.987715][ T24] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 722.999729][ T24] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 723.029207][ T24] usb 8-1: config 0 descriptor?? [ 723.046752][T19473] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 723.047783][T19475] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 723.064663][T19473] (syz.3.5322,19473,0):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0x98842a5e, computed 0xe74db1cd. Applying ECC. [ 723.125080][ T24] iowarrior 8-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 723.278383][T19473] (syz.3.5322,19473,0):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xdf8356d3, computed 0xb8c23ae4. Applying ECC. [ 723.293026][T19473] (syz.3.5322,19473,0):ocfs2_block_check_validate:415 ERROR: Fixed CRC32 failed: stored: 0xdf8356d3, computed 0x2acb7e3c [ 723.305731][T19473] (syz.3.5322,19473,0):ocfs2_read_quota_phys_block:160 ERROR: status = -5 [ 723.314945][T19473] (syz.3.5322,19473,0):ocfs2_quota_read:201 ERROR: status = -5 [ 723.322800][T19473] Quota error (device loop3): qtree_write_dquot: Error -5 occurred while creating quota [ 723.333052][T19473] (syz.3.5322,19473,0):ocfs2_acquire_dquot:904 ERROR: status = -5 [ 723.402371][ T24] usb 8-1: USB disconnect, device number 15 [ 723.408386][ C1] iowarrior 8-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19 [ 723.644395][ T5621] ocfs2: Unmounting device (7,3) on (node local) [ 723.763587][T19466] loop6: detected capacity change from 0 to 32768 [ 723.805865][T19466] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.5319 (19466) [ 723.877832][T19466] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 723.918362][T19466] BTRFS info (device loop6): using crc32c checksum algorithm [ 724.138553][T19466] BTRFS info (device loop6): enabling ssd optimizations [ 724.198574][T19466] BTRFS info (device loop6): turning on flush-on-commit [ 724.227816][T19503] netlink: 212360 bytes leftover after parsing attributes in process `syz.2.5329'. [ 724.251014][T19466] BTRFS info (device loop6): enabling free space tree [ 724.311909][T19466] BTRFS info (device loop6): enabling auto defrag [ 724.321908][T19466] BTRFS info (device loop6): use lzo compression, level 1 [ 724.352704][T19466] BTRFS info (device loop6): max_inline set to 4096 [ 724.558500][T19509] program syz.2.5331 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 724.834676][T10813] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 725.140788][ T9] usb 4-1: new high-speed USB device number 39 using dummy_hcd [ 725.310739][ T9] usb 4-1: Using ep0 maxpacket: 16 [ 725.332281][ T9] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 725.395792][ T9] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84 [ 725.434669][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 1794, setting to 1024 [ 725.497682][ T9] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x84 has invalid maxpacket 1024 [ 725.556486][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 725.597277][ T9] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 725.646789][ T9] usb 4-1: config 0 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 725.714956][ T9] usb 4-1: New USB device found, idVendor=104f, idProduct=0004, bcdDevice=c6.c3 [ 725.746394][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 725.771682][ T9] usb 4-1: Product: syz [ 725.798884][ T9] usb 4-1: Manufacturer: syz [ 725.815900][ T9] usb 4-1: SerialNumber: syz [ 725.839033][ T9] usb 4-1: config 0 descriptor?? [ 725.858140][T19516] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 725.877851][ T9] iuu_phoenix 4-1:0.0: iuu_phoenix converter detected [ 725.923442][ T9] usb 4-1: iuu_phoenix converter now attached to ttyUSB0 [ 726.138416][T19542] loop5: detected capacity change from 0 to 512 [ 726.214668][ T5767] usb 4-1: USB disconnect, device number 39 [ 726.268207][ T5767] iuu_phoenix ttyUSB0: iuu_phoenix converter now disconnected from ttyUSB0 [ 726.269145][T19542] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 726.279874][ T5767] iuu_phoenix 4-1:0.0: device disconnected [ 726.356362][T19542] ext4 filesystem being mounted at /933/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 726.495691][T19529] loop7: detected capacity change from 0 to 32768 [ 726.526779][T19529] BTRFS: device fsid 34a2da50-e117-4d40-8878-8e0fb0127b5f devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.5341 (19529) [ 726.587520][T19529] BTRFS info (device loop7): first mount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f [ 726.589457][ T5622] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 726.621147][T19529] BTRFS info (device loop7): using xxhash64 checksum algorithm [ 726.781762][T19529] BTRFS info (device loop7): enabling ssd optimizations [ 726.814687][T19529] BTRFS info (device loop7): turning on async discard [ 726.831737][T19529] BTRFS info (device loop7): enabling free space tree [ 727.008521][ T30] audit: type=1800 audit(1777409977.785:204): pid=19529 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.5341" name="file1" dev="loop7" ino=260 res=0 errno=0 [ 727.453615][T19570] xt_hashlimit: size too large, truncated to 1048576 [ 727.478506][T14665] BTRFS info (device loop7): last unmount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f [ 729.050193][T19582] loop3: detected capacity change from 0 to 32768 [ 729.072969][T19609] bridge0: port 2(bridge_slave_1) entered disabled state [ 729.080433][T19609] bridge0: port 1(bridge_slave_0) entered disabled state [ 729.092098][T19582] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.5350 (19582) [ 729.192331][T19582] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 729.245329][T19582] BTRFS info (device loop3): using crc32c checksum algorithm [ 729.346351][T19603] loop7: detected capacity change from 0 to 8192 [ 729.375422][T19623] loop0: detected capacity change from 0 to 128 [ 729.405100][T19623] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 729.441755][T19623] hpfs: filesystem error: improperly stopped [ 729.448015][T19623] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 729.478179][T19582] BTRFS info (device loop3): enabling ssd optimizations [ 729.517741][T19623] hpfs: You really don't want any checks? You are crazy... [ 729.550423][T19582] BTRFS info (device loop3): turning on flush-on-commit [ 729.593463][T19623] hpfs: hpfs_map_sector(): read error [ 729.607544][T19582] BTRFS info (device loop3): enabling free space tree [ 729.656927][T19623] hpfs: code page support is disabled [ 729.664776][T19582] BTRFS info (device loop3): enabling auto defrag [ 729.693911][T19623] hpfs: hpfs_map_4sectors(): unaligned read [ 729.707435][T19582] BTRFS info (device loop3): use lzo compression, level 1 [ 729.730374][T19623] hpfs: hpfs_map_4sectors(): unaligned read [ 729.753688][T19582] BTRFS info (device loop3): max_inline set to 4096 [ 729.773237][T19623] hpfs: filesystem error: unable to find root dir [ 730.287039][T19643] loop5: detected capacity change from 0 to 256 [ 730.344965][T19643] exfat: Deprecated parameter 'utf8' [ 730.361650][ T5621] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 730.392242][T19643] exfat: Deprecated parameter 'utf8' [ 730.403695][T19643] exfat: Deprecated parameter 'utf8' [ 730.437205][T19643] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 731.507736][T19652] nbd5: detected capacity change from 0 to 127 [ 731.576830][T18887] block nbd5: Receive control failed (result -32) [ 731.599068][ T5947] block nbd5: Dead connection, failed to find a fallback [ 731.615483][ T5947] block nbd5: shutting down sockets [ 731.642194][ T5947] I/O error, dev nbd5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 731.663935][ T5947] Buffer I/O error on dev nbd5, logical block 0, async page read [ 731.674178][ T5947] I/O error, dev nbd5, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 731.690494][ T5947] Buffer I/O error on dev nbd5, logical block 1, async page read [ 731.718737][ T5947] I/O error, dev nbd5, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 731.758939][ T5947] Buffer I/O error on dev nbd5, logical block 2, async page read [ 731.786555][ T5947] I/O error, dev nbd5, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 731.860813][ T5947] Buffer I/O error on dev nbd5, logical block 3, async page read [ 731.904516][ T5947] I/O error, dev nbd5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 731.952596][ T5947] Buffer I/O error on dev nbd5, logical block 0, async page read [ 732.053211][ T5947] I/O error, dev nbd5, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 732.114357][ T5947] Buffer I/O error on dev nbd5, logical block 1, async page read [ 732.163133][ T5947] I/O error, dev nbd5, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 732.175188][T19680] netlink: 'syz.0.5398': attribute type 27 has an invalid length. [ 732.199074][T19681] loop7: detected capacity change from 0 to 128 [ 732.212084][ T5947] Buffer I/O error on dev nbd5, logical block 2, async page read [ 732.248327][ T5947] I/O error, dev nbd5, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 732.267959][T19681] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 732.302087][ T5947] Buffer I/O error on dev nbd5, logical block 3, async page read [ 732.323611][T19681] hpfs: filesystem error: improperly stopped [ 732.330662][ T5947] I/O error, dev nbd5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 732.349285][T19681] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 732.361764][ T5947] Buffer I/O error on dev nbd5, logical block 0, async page read [ 732.381470][T19681] hpfs: You really don't want any checks? You are crazy... [ 732.391840][ T5947] I/O error, dev nbd5, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 732.403617][T19681] hpfs: Code page index out of array [ 732.419680][T19681] hpfs: code page support is disabled [ 732.425451][ T5947] Buffer I/O error on dev nbd5, logical block 1, async page read [ 732.439703][T19681] hpfs: hpfs_map_4sectors(): unaligned read [ 732.464023][T19681] hpfs: hpfs_map_4sectors(): unaligned read [ 732.484087][T19681] hpfs: filesystem error: unable to find root dir [ 732.492223][ T5947] ldm_validate_partition_table(): Disk read failed. [ 732.516373][ T5947] Dev nbd5: unable to read RDB block 0 [ 732.541108][ T5947] nbd5: unable to read partition table [ 732.575034][ T5947] ldm_validate_partition_table(): Disk read failed. [ 732.611100][ T5947] Dev nbd5: unable to read RDB block 0 [ 732.633522][ T5947] nbd5: unable to read partition table [ 732.901811][T19690] loop0: detected capacity change from 0 to 1024 [ 733.323072][T19679] loop5: detected capacity change from 0 to 32768 [ 733.353362][T19679] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.5385 (19679) [ 733.409223][T19679] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 733.447304][T19679] BTRFS info (device loop5): using crc32c checksum algorithm [ 733.662861][T19679] BTRFS info (device loop5): enabling ssd optimizations [ 733.684744][T19679] BTRFS info (device loop5): turning on flush-on-commit [ 733.693395][T19679] BTRFS info (device loop5): enabling free space tree [ 733.701988][T19679] BTRFS info (device loop5): enabling auto defrag [ 733.708599][T19679] BTRFS info (device loop5): use lzo compression, level 1 [ 733.721441][T19679] BTRFS info (device loop5): max_inline set to 4096 [ 734.123089][T19732] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 734.187668][ T5622] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 734.964520][T19746] bridge0: port 2(bridge_slave_1) entered disabled state [ 734.975705][T19746] bridge0: port 1(bridge_slave_0) entered disabled state [ 735.274585][T19735] loop3: detected capacity change from 0 to 32768 [ 735.317512][T19735] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.5415 (19735) [ 735.483044][T19735] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 735.515075][T19735] BTRFS info (device loop3): using crc32c checksum algorithm [ 735.758012][T19735] BTRFS info (device loop3): enabling ssd optimizations [ 735.831973][T19735] BTRFS info (device loop3): turning on flush-on-commit [ 735.843276][T19735] BTRFS info (device loop3): enabling free space tree [ 735.881074][T19735] BTRFS info (device loop3): enabling auto defrag [ 735.895806][T19735] BTRFS info (device loop3): use lzo compression, level 1 [ 735.934751][T19735] BTRFS info (device loop3): max_inline set to 4096 [ 736.556359][T19785] loop6: detected capacity change from 0 to 256 [ 736.953621][T19769] loop0: detected capacity change from 0 to 32768 [ 736.988310][T19769] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 737.111629][ T5621] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 737.176170][T19769] XFS (loop0): Ending clean mount [ 737.237744][T19769] XFS (loop0): Quotacheck needed: Please wait. [ 737.610085][T19769] XFS (loop0): Quotacheck: Done. [ 737.986809][T18972] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 739.357180][T19834] loop7: detected capacity change from 0 to 512 [ 739.433683][T19834] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 739.792114][T14665] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 740.080269][T19855] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5438'. [ 740.136198][T19855] veth1_macvtap: left promiscuous mode [ 740.788956][T19867] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5443'. [ 741.108062][ T30] audit: type=1326 audit(1777409991.885:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19869 comm="syz.3.5446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7b439cdd9 code=0x7ffc0000 [ 741.184028][ T30] audit: type=1326 audit(1777409991.885:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19869 comm="syz.3.5446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7b439cdd9 code=0x7ffc0000 [ 741.256666][ T30] audit: type=1326 audit(1777409991.895:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19869 comm="syz.3.5446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7b439cdd9 code=0x7ffc0000 [ 741.336450][ T30] audit: type=1326 audit(1777409991.905:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19869 comm="syz.3.5446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7b439cdd9 code=0x7ffc0000 [ 741.429330][ T30] audit: type=1326 audit(1777409991.905:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19869 comm="syz.3.5446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fd7b439cdd9 code=0x7ffc0000 [ 741.546364][ T30] audit: type=1326 audit(1777409991.905:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19869 comm="syz.3.5446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7b439cdd9 code=0x7ffc0000 [ 741.672961][T19882] loop0: detected capacity change from 0 to 512 [ 741.675758][ T30] audit: type=1326 audit(1777409991.905:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19869 comm="syz.3.5446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7b439cdd9 code=0x7ffc0000 [ 741.792281][T19882] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 741.824581][ T30] audit: type=1326 audit(1777409991.905:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19869 comm="syz.3.5446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7b439cdd9 code=0x7ffc0000 [ 741.878445][ T30] audit: type=1326 audit(1777409991.905:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19869 comm="syz.3.5446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7fd7b439cdd9 code=0x7ffc0000 [ 741.905856][ T30] audit: type=1326 audit(1777409991.905:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19869 comm="syz.3.5446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7b439cdd9 code=0x7ffc0000 [ 742.173390][T18972] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 742.651212][ T5820] usb 1-1: new high-speed USB device number 46 using dummy_hcd [ 742.811180][ T5820] usb 1-1: Using ep0 maxpacket: 32 [ 742.825753][ T5820] usb 1-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b [ 742.853951][ T5820] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 742.866612][ T5820] usb 1-1: Product: syz [ 742.880803][ T5820] usb 1-1: Manufacturer: syz [ 742.891880][ T5820] usb 1-1: SerialNumber: syz [ 742.902811][ T5820] usb 1-1: config 0 descriptor?? [ 743.322645][ T5820] peak_usb 1-1:0.0 can0: unable to request usb[type=0 value=0] err=-71 [ 743.337454][ T5820] peak_usb 1-1:0.0: unable to read PCAN-USB Pro bootloader info (err -71) [ 743.400610][ T5820] peak_usb 1-1:0.0: probe with driver peak_usb failed with error -71 [ 743.413829][ T5820] usb 1-1: USB disconnect, device number 46 [ 743.950061][T19915] netlink: 20 bytes leftover after parsing attributes in process `syz.5.5466'. [ 743.985402][T19915] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5466'. [ 744.319145][T19926] loop5: detected capacity change from 0 to 1024 [ 744.383994][T19930] tmpfs: Bad value for 'nr_inodes' [ 744.991328][ T5820] usb 3-1: new high-speed USB device number 45 using dummy_hcd [ 745.163092][ T5820] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 745.199755][ T5762] usb 1-1: new full-speed USB device number 47 using dummy_hcd [ 745.205879][ T5820] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 745.252632][ T5820] usb 3-1: config 0 descriptor?? [ 745.282285][ T5820] cp210x 3-1:0.0: cp210x converter detected [ 745.377916][ T5762] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 745.419190][ T5762] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 768, setting to 64 [ 745.430258][T19953] loop5: detected capacity change from 0 to 256 [ 745.449048][ T5762] usb 1-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 745.494043][ T5762] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 745.504617][T19953] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xf3da6b1f, utbl_chksum : 0xe619d30d) [ 745.536825][ T5762] usb 1-1: config 0 descriptor?? [ 745.563436][T19946] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 745.897184][ T5820] cp210x 3-1:0.0: failed to get vendor val 0x000e size 678: -71 [ 745.926610][ T5820] cp210x 3-1:0.0: GPIO initialisation failed: -71 [ 745.967959][ T5820] usb 3-1: cp210x converter now attached to ttyUSB0 [ 745.996897][ T5820] usb 3-1: USB disconnect, device number 45 [ 746.015259][ T5762] elan 0003:04F3:0755.0051: unknown main item tag 0x0 [ 746.043314][ T5820] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 746.047625][ T5762] elan 0003:04F3:0755.0051: unknown main item tag 0x0 [ 746.058238][T18887] Bluetooth: hci5: command tx timeout [ 746.085409][ T5820] cp210x 3-1:0.0: device disconnected [ 746.085507][ T5762] elan 0003:04F3:0755.0051: unknown main item tag 0x0 [ 746.102231][ T5762] elan 0003:04F3:0755.0051: unknown main item tag 0x0 [ 746.109883][ T5762] elan 0003:04F3:0755.0051: unknown main item tag 0x0 [ 746.119645][ T5633] usb 4-1: new high-speed USB device number 40 using dummy_hcd [ 746.127945][ T5762] elan 0003:04F3:0755.0051: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.0-1/input0 [ 746.232317][ T5762] usb 1-1: USB disconnect, device number 47 [ 746.294841][ T5633] usb 4-1: config 0 interface 0 altsetting 251 bulk endpoint 0x9 has invalid maxpacket 99 [ 746.321725][T19964] loop7: detected capacity change from 0 to 7 [ 746.322362][ T5633] usb 4-1: config 0 interface 0 has no altsetting 0 [ 746.345457][ T5633] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 746.355395][T19964] buffer_io_error: 138 callbacks suppressed [ 746.355416][T19964] Buffer I/O error on dev loop7, logical block 0, async page read [ 746.361484][ T5633] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 746.361526][ T5633] usb 4-1: Product: syz [ 746.361554][ T5633] usb 4-1: Manufacturer: syz [ 746.361582][ T5633] usb 4-1: SerialNumber: syz [ 746.371364][ T5633] usb 4-1: config 0 descriptor?? [ 746.423000][T19963] fido_id[19963]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 746.449996][T19959] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22 [ 746.452120][T19964] Buffer I/O error on dev loop7, logical block 0, async page read [ 746.474469][ T5633] usb 4-1: selecting invalid altsetting 0 [ 746.551898][ T1307] ieee802154 phy0 wpan0: encryption failed: -22 [ 746.565007][ T1307] ieee802154 phy1 wpan1: encryption failed: -22 [ 746.578554][T19967] support for the xor transformation has been removed. [ 746.647942][T19964] Buffer I/O error on dev loop7, logical block 0, async page read [ 746.665625][T19964] Buffer I/O error on dev loop7, logical block 0, async page read [ 746.676266][T19964] Buffer I/O error on dev loop7, logical block 0, async page read [ 746.696128][T19964] Buffer I/O error on dev loop7, logical block 0, async page read [ 746.713081][T19959] usb 4-1: cannot submit urb 0, error -2: endpoint not enabled [ 746.725366][T19964] Buffer I/O error on dev loop7, logical block 0, async page read [ 746.738123][ T24] usb 4-1: USB disconnect, device number 40 [ 746.783399][T19964] ldm_validate_partition_table(): Disk read failed. [ 746.807180][T19964] Buffer I/O error on dev loop7, logical block 0, async page read [ 746.867774][T19964] Buffer I/O error on dev loop7, logical block 0, async page read [ 746.890116][ T5762] usb 3-1: new high-speed USB device number 46 using dummy_hcd [ 746.904058][ T6699] udevd[6699]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 746.927623][T19964] Buffer I/O error on dev loop7, logical block 0, async page read [ 746.940524][T19964] Dev loop7: unable to read RDB block 0 [ 746.959447][T19964] loop7: unable to read partition table [ 746.966415][T19964] loop7: partition table beyond EOD, truncated [ 746.972929][T19964] loop_reread_partitions: partition scan of loop7 (7x~Sj̖P@?X) failed (rc=-5) [ 747.056665][ T5762] usb 3-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 747.083743][ T5762] usb 3-1: New USB device strings: Mfr=241, Product=2, SerialNumber=3 [ 747.107944][T19973] tipc: Started in network mode [ 747.117222][ T5762] usb 3-1: Product: syz [ 747.122501][T19973] tipc: Node identity ac14140f, cluster identity 4711 [ 747.129430][ T5762] usb 3-1: Manufacturer: syz [ 747.135148][ T5762] usb 3-1: SerialNumber: syz [ 747.140951][T19973] tipc: New replicast peer: 255.255.255.255 [ 747.148045][T19973] tipc: Enabled bearer , priority 17 [ 747.162167][ T5762] usb 3-1: config 0 descriptor?? [ 747.174560][ T5762] ch341 3-1:0.0: ch341-uart converter detected [ 747.977431][ T5762] usb 3-1: failed to send control message: -71 [ 747.985664][ T5762] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71 [ 747.997103][ T5762] usb 3-1: USB disconnect, device number 46 [ 748.006275][ T5762] ch341 3-1:0.0: device disconnected [ 748.272348][ T5820] tipc: Node number set to 2886997007 [ 748.972283][T19991] netlink: 332 bytes leftover after parsing attributes in process `syz.5.5494'. [ 749.034743][T19991] netlink: 'syz.5.5494': attribute type 1 has an invalid length. [ 749.756875][T19996] loop5: detected capacity change from 0 to 32768 [ 749.779855][T19996] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 749.788056][T19996] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 749.926076][T19996] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 1ms [ 749.943488][ T5633] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 749.959599][ T5633] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 750.129156][T20014] netlink: 16 bytes leftover after parsing attributes in process `syz.7.5501'. [ 750.282180][ T5633] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 322ms [ 750.344793][ T5633] gfs2: fsid=syz:syz.0: jid=0: Done [ 750.368382][T19996] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 750.436280][T20016] loop6: detected capacity change from 0 to 2048 [ 750.607320][T20016] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 750.802205][T19996] gfs2: fsid=syz:syz.0: found 1 quota changes [ 750.876261][T10813] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 752.811455][ T30] kauditd_printk_skb: 7 callbacks suppressed [ 752.811481][ T30] audit: type=1326 audit(1777410003.585:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20070 comm="syz.2.5525" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0be659cdd9 code=0x0 [ 752.989243][T20081] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5528'. [ 753.102518][T20083] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5528'. [ 753.220435][T20082] loop5: detected capacity change from 0 to 4096 [ 753.242056][T20082] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 753.347812][T20082] ntfs3(loop5): ino=19, mi_enum_attr [ 753.368224][T20082] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 753.528689][T20082] ntfs3(loop5): failed to convert "c46c" to cp865 [ 753.628940][T20082] ntfs3(loop5): ino=20, mi_enum_attr [ 754.605615][T20115] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5544'. [ 754.743835][T20119] bond1: invalid ARP target 0.0.0.0 specified for addition [ 754.789603][T20119] bond1: option arp_ip_target: invalid value (0) [ 754.828292][T20119] bond1 (unregistering): Released all slaves [ 755.028014][T20115] team0: Port device team_slave_0 removed [ 755.386962][T20139] netlink: 32 bytes leftover after parsing attributes in process `syz.7.5552'. [ 755.899346][T20151] netlink: 76 bytes leftover after parsing attributes in process `syz.6.5557'. [ 756.235390][T20159] netlink: 20 bytes leftover after parsing attributes in process `syz.6.5561'. [ 756.282558][T20159] netlink: 20 bytes leftover after parsing attributes in process `syz.6.5561'. [ 756.588148][T20145] loop5: detected capacity change from 0 to 32768 [ 756.602316][T20171] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5566'. [ 756.623729][T20145] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.5555 (20145) [ 756.663028][T20171] ipvlan2: entered allmulticast mode [ 756.684605][T20171] syz_tun: entered allmulticast mode [ 756.724359][T20145] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 756.779855][T20145] BTRFS info (device loop5): using crc32c checksum algorithm [ 756.956201][T20145] BTRFS info (device loop5): turning on async discard [ 757.008974][T20145] BTRFS info (device loop5): enabling free space tree [ 757.084836][T20145] BTRFS info (device loop5): enabling auto defrag [ 757.132203][T20145] BTRFS info (device loop5): force zlib compression, level 3 [ 757.187006][T20145] BTRFS info (device loop5): max_inline set to 0 [ 757.375498][T20205] bond0: entered promiscuous mode [ 757.400683][T20205] bond_slave_0: entered promiscuous mode [ 757.430383][T20205] bond_slave_1: entered promiscuous mode [ 757.457544][ T5622] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 757.484401][T20205] batadv0: entered promiscuous mode [ 757.606812][T20205] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 757.767332][T20205] bond0: left promiscuous mode [ 757.796787][T20205] bond_slave_0: left promiscuous mode [ 757.844287][T20205] bond_slave_1: left promiscuous mode [ 757.906123][T20205] batadv0: left promiscuous mode [ 758.063647][T20209] macvtap1: entered promiscuous mode [ 758.094216][T20209] macvtap1: entered allmulticast mode [ 758.136595][T20209] veth1_vlan: entered allmulticast mode [ 758.249819][ T9] usb 4-1: new full-speed USB device number 41 using dummy_hcd [ 758.423792][ T9] usb 4-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config [ 758.506398][ T9] usb 4-1: New USB device found, idVendor=3344, idProduct=22f0, bcdDevice=ef.4d [ 758.523704][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 758.573602][ T9] usb 4-1: Product: syz [ 758.608003][ T9] usb 4-1: Manufacturer: syz [ 758.618309][ T9] usb 4-1: SerialNumber: syz [ 758.912602][ T9] usb 4-1: selecting invalid altsetting 1 [ 759.119317][ T9] LME2510(C): Firmware Status: 1a 03 34 00 32 00 [ 759.119441][ T9] dvb_usb_lmedm04 4-1:2.0: probe with driver dvb_usb_lmedm04 failed with error -22 [ 759.344768][ T5633] usb 4-1: USB disconnect, device number 41 [ 760.066667][T20266] loop3: detected capacity change from 0 to 256 [ 760.534589][T20277] input: syz0 as /devices/virtual/input/input39 [ 761.132486][T20298] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5612'. [ 761.151234][ T5785] usb 4-1: new full-speed USB device number 42 using dummy_hcd [ 761.335734][ T5785] usb 4-1: unable to get BOS descriptor or descriptor too short [ 761.399291][ T5785] usb 4-1: not running at top speed; connect to a high speed hub [ 761.447476][ T5785] usb 4-1: New USB device found, idVendor=0582, idProduct=0582, bcdDevice= 0.40 [ 761.485826][ T5785] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 761.508407][ T5785] usb 4-1: Product: syz [ 761.523923][ T5785] usb 4-1: Manufacturer: syz [ 761.537652][ T5785] usb 4-1: SerialNumber: syz [ 761.690326][T20314] netlink: 276 bytes leftover after parsing attributes in process `syz.0.5619'. [ 761.719044][T20314] netlink: 276 bytes leftover after parsing attributes in process `syz.0.5619'. [ 761.812047][ T5785] usb 4-1: BAAD HEADPHONE p_chmask mismatch [ 761.863259][T20317] loop5: detected capacity change from 0 to 2048 [ 761.929637][T20317] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 762.267521][ T5785] snd-usb-audio 4-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 762.362546][ T5785] usb 4-1: USB disconnect, device number 42 [ 762.524967][ T5608] udevd[5608]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 762.534096][T20325] loop0: detected capacity change from 0 to 4096 [ 763.042186][T20338] loop3: detected capacity change from 0 to 512 [ 763.127273][T20342] loop6: detected capacity change from 0 to 256 [ 763.169142][T20342] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 763.206421][T20338] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 763.236111][T20338] ext4 filesystem being mounted at /928/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 763.560111][ T5621] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 764.378907][T20374] loop3: detected capacity change from 0 to 1024 [ 764.404421][T20376] tc_dump_action: action bad kind [ 764.412085][T20378] loop0: detected capacity change from 0 to 64 [ 764.483540][T20374] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 764.561946][T20378] hfs: cannot create new inode: file count exceeds limit [ 764.677965][T20374] EXT4-fs error (device loop3): ext4_free_inode:354: comm syz.3.5646: bit already cleared for inode 15 [ 764.877045][T20374] EXT4-fs (loop3): Remounting filesystem read-only [ 765.216508][ T5621] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 765.663241][T20382] loop7: detected capacity change from 0 to 131072 [ 765.701327][T20382] F2FS-fs (loop7): Test dummy encryption mode enabled [ 765.726657][T20382] F2FS-fs (loop7): invalid crc value [ 765.812380][T20382] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 765.837693][T20382] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5 [ 766.147639][T20405] fuse: Bad value for 'fd' [ 766.210386][T18887] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 766.220750][T18939] Bluetooth: hci6: command 0x1003 tx timeout [ 766.254198][T20407] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5659'. [ 766.273651][T20407] ipvlan2: entered allmulticast mode [ 766.796820][T20415] loop3: detected capacity change from 0 to 128 [ 766.864936][T20415] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 766.959097][T20415] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 767.167957][T20421] netlink: 20 bytes leftover after parsing attributes in process `syz.5.5664'. [ 767.738163][T20435] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5671'. [ 767.794859][T20435] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5671'. [ 768.586927][T20455] loop0: detected capacity change from 0 to 1024 [ 768.614509][T20455] hfsplus: failed to load extents file [ 769.295712][T20464] bridge0: port 2(bridge_slave_1) entered disabled state [ 769.538221][T20475] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5688'. [ 769.563993][T20475] bond0: entered promiscuous mode [ 769.569141][T20475] bond_slave_0: entered promiscuous mode [ 769.586029][T20475] bond_slave_1: entered promiscuous mode [ 769.605543][T20475] bond0: left promiscuous mode [ 769.619758][T20475] bond_slave_0: left promiscuous mode [ 769.626767][T20475] bond_slave_1: left promiscuous mode [ 769.642671][T20480] netlink: 'syz.2.5690': attribute type 12 has an invalid length. [ 769.669001][T20480] netlink: 'syz.2.5690': attribute type 29 has an invalid length. [ 769.691343][T20480] netlink: 148 bytes leftover after parsing attributes in process `syz.2.5690'. [ 769.711102][ T24] usb 4-1: new high-speed USB device number 43 using dummy_hcd [ 769.894891][ T24] usb 4-1: Using ep0 maxpacket: 16 [ 769.923329][ T24] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 769.954898][ T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 770.012651][ T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 770.034448][ T24] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 770.053759][ T24] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 770.078924][ T24] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 770.103498][ T24] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 770.122472][ T24] usb 4-1: Manufacturer: syz [ 770.137855][ T24] usb 4-1: config 0 descriptor?? [ 770.474655][ T24] rc_core: IR keymap rc-hauppauge not found [ 770.488530][ T24] Registered IR keymap rc-empty [ 770.509216][ T24] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 770.542831][ T24] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 770.573581][T20472] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 770.602707][ T24] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0 [ 770.620517][T20472] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 770.692300][ T24] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input40 [ 770.753312][ T24] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 770.802193][ T24] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 770.862050][ T24] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 770.904803][ T24] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 770.983715][ T24] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 771.021617][ T24] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 771.061063][ T24] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 771.105700][ T24] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 771.109702][ T9] usb 6-1: new full-speed USB device number 39 using dummy_hcd [ 771.145966][ T24] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 771.190612][ T24] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 771.243866][ T24] mceusb 4-1:0.0: Registered with mce emulator interface version 1 [ 771.266638][T20522] netlink: 'syz.6.5706': attribute type 4 has an invalid length. [ 771.291774][ T24] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 771.303788][T20522] netlink: 20 bytes leftover after parsing attributes in process `syz.6.5706'. [ 771.311923][ T9] usb 6-1: config 0 has no interfaces? [ 771.334045][ T9] usb 6-1: New USB device found, idVendor=12d1, idProduct=42f7, bcdDevice=aa.47 [ 771.336077][ T24] usb 4-1: USB disconnect, device number 43 [ 771.370126][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 771.460748][ T9] usb 6-1: config 0 descriptor?? [ 771.743298][T20536] sctp: Trying to GSO but underlying device doesn't support it. [ 771.793841][ T5633] usb 6-1: USB disconnect, device number 39 [ 771.973679][T20538] loop7: detected capacity change from 0 to 4096 [ 772.116114][T20544] loop6: detected capacity change from 0 to 2048 [ 772.230686][T20538] ntfs3(loop7): failed to convert "0000" to cp949 [ 772.250337][T20544] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 772.673055][T10813] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 773.383383][T20546] loop0: detected capacity change from 0 to 32768 [ 773.426874][T20574] loop3: detected capacity change from 0 to 128 [ 773.465342][T20574] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002] [ 773.485472][T20580] loop5: detected capacity change from 0 to 256 [ 773.495889][T20580] exfat: Deprecated parameter 'utf8' [ 773.503573][T20574] System zones: 1-3, 19-19, 35-36 [ 773.517627][T20546] find_entry called with index >= next_index [ 773.519765][T20580] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x72bddf51, utbl_chksum : 0xe619d30d) [ 773.543055][T20546] find_entry called with index >= next_index [ 773.553599][T20546] find_entry called with index >= next_index [ 773.561139][T20546] find_entry called with index >= next_index [ 773.567320][T20546] find_entry called with index >= next_index [ 773.577054][T20546] add_index: next_index = 0. Resetting! [ 773.579104][T20574] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 773.584388][T20546] find_entry called with index >= next_index [ 773.603761][T20546] find_entry called with index >= next_index [ 773.611131][T20546] find_entry called with index >= next_index [ 773.617141][T20546] find_entry called with index >= next_index [ 773.630805][T20574] ext4 filesystem being mounted at /946/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 773.671757][T20546] non-latin1 character 0x3ff found in JFS file name [ 773.681870][T20546] mount with iocharset=utf8 to access [ 773.736190][T20574] EXT4-fs warning (device loop3): ext4_group_add:1734: No reserved GDT blocks, can't resize [ 774.013097][ T5621] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 774.341538][T20593] netlink: 20 bytes leftover after parsing attributes in process `syz.6.5737'. [ 774.875506][T20587] overlayfs: statfs failed on './file0' [ 775.071543][T20600] loop6: detected capacity change from 0 to 32768 [ 775.113612][T20600] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 775.323936][T20600] XFS (loop6): Ending clean mount [ 775.444259][T20615] loop3: detected capacity change from 0 to 128 [ 775.576483][T20619] 9p: Bad value for 'rfdno' [ 775.582839][T10813] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 775.853701][T20624] loop3: detected capacity change from 0 to 256 [ 775.946485][T20624] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36a12e94, utbl_chksum : 0xe619d30d) [ 775.987280][T20629] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5751'. [ 776.020740][T20629] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5751'. [ 776.040120][T20629] netlink: 'syz.2.5751': attribute type 13 has an invalid length. [ 776.078870][T20629] netlink: 'syz.2.5751': attribute type 11 has an invalid length. [ 776.165828][ T9] usb 6-1: new high-speed USB device number 40 using dummy_hcd [ 776.349623][ T9] usb 6-1: Using ep0 maxpacket: 16 [ 776.383734][ T9] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 776.424222][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 776.443868][T20636] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5753'. [ 776.468460][ T9] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 776.507849][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 776.556686][ T9] usb 6-1: Product: syz [ 776.567062][ T9] usb 6-1: Manufacturer: syz [ 776.582734][ T9] usb 6-1: SerialNumber: syz [ 776.607980][ T9] usb 6-1: config 0 descriptor?? [ 776.655440][ T9] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 776.698102][ T9] em28xx 6-1:0.0: Audio interface 0 found (Vendor Class) [ 776.859760][ T5762] usb 1-1: new high-speed USB device number 48 using dummy_hcd [ 777.041774][ T5762] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 777.074348][ T5762] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 777.115525][ T5762] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 777.136836][ T5762] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 777.155455][ T5762] usb 1-1: Product: syz [ 777.166038][ T5762] usb 1-1: Manufacturer: syz [ 777.176093][ T5762] usb 1-1: SerialNumber: syz [ 777.262418][ T9] em28xx 6-1:0.0: chip ID is em28178 [ 777.316220][T20640] loop7: detected capacity change from 0 to 32768 [ 777.427391][T20642] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 777.453340][T20642] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 777.473644][ T24] usb 6-1: USB disconnect, device number 40 [ 777.508547][ T24] em28xx 6-1:0.0: Disconnecting em28xx [ 777.511332][ T5762] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -22 [ 777.590738][ T24] em28xx 6-1:0.0: Freeing device [ 777.599905][ T5762] usb 1-1: USB disconnect, device number 48 [ 777.957445][T20666] loop6: detected capacity change from 0 to 2640 [ 777.980411][T20666] buffer_io_error: 14 callbacks suppressed [ 777.980436][T20666] Buffer I/O error on dev loop6, logical block 0, async page read [ 778.012869][T20666] Buffer I/O error on dev loop6, logical block 0, async page read [ 778.032455][ T5762] usb 1-1: new high-speed USB device number 49 using dummy_hcd [ 778.105791][T20666] Buffer I/O error on dev loop6, logical block 0, async page read [ 778.159895][T20669] loop6: detected capacity change from 2640 to 524288000 [ 778.180912][T20666] Buffer I/O error on dev loop6, logical block 0, async page read [ 778.209224][T20666] Buffer I/O error on dev loop6, logical block 0, async page read [ 778.218143][ T5762] usb 1-1: Using ep0 maxpacket: 8 [ 778.238302][ T5762] usb 1-1: config index 0 descriptor too short (expected 301, got 72) [ 778.250576][T20666] Buffer I/O error on dev loop6, logical block 0, async page read [ 778.269711][ T5762] usb 1-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 778.285337][T20666] Buffer I/O error on dev loop6, logical block 0, async page read [ 778.304077][ T5762] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 778.314657][T20666] Buffer I/O error on dev loop6, logical block 0, async page read [ 778.329794][ T5762] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 778.340138][T20666] ldm_validate_partition_table(): Disk read failed. [ 778.357117][T20666] Buffer I/O error on dev loop6, logical block 0, async page read [ 778.367528][ T5762] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 778.400894][T20666] Buffer I/O error on dev loop6, logical block 0, async page read [ 778.409252][ T5762] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 778.424035][T20666] Dev loop6: unable to read RDB block 0 [ 778.436473][T20666] loop6: unable to read partition table [ 778.440761][ T5762] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 778.467097][ T5762] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 778.486839][T20666] loop_reread_partitions: partition scan of loop6 (irc VUXGZtM<I i8NL W@Q6%) failed (rc=-5) [ 778.506113][ T5762] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 778.766566][ T5762] usb 1-1: usb_control_msg returned -71 [ 778.786583][ T5762] usbtmc 1-1:16.0: can't read capabilities [ 778.818636][ T5762] usbtmc 1-1:16.0: Failed to submit iin_urb [ 778.845613][ T5762] usbtmc 1-1:16.0: probe with driver usbtmc failed with error -90 [ 778.933246][ T5762] usb 1-1: USB disconnect, device number 49 [ 779.256420][T20665] loop7: detected capacity change from 0 to 40427 [ 779.297164][T20665] F2FS-fs (loop7): Small segment_count (9 < 1 * 24) [ 779.327262][T20665] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 779.756052][T20665] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 779.838612][T20686] loop3: detected capacity change from 0 to 8 [ 779.946453][T20686] SQUASHFS error: Failed to read block 0x26067d: -5 [ 779.975406][T20686] SQUASHFS error: Unable to read metadata cache entry [26067d] [ 779.977553][T20665] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0 [ 779.993335][T20686] SQUASHFS error: Unable to read directory block [26067d:1fff] [ 780.060594][T20665] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5 [ 780.409129][T14665] syz-executor: attempt to access beyond end of device [ 780.409129][T14665] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 780.502412][T14665] CPU: 1 UID: 0 PID: 14665 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT(full) [ 780.502470][T14665] Tainted: [L]=SOFTLOCKUP [ 780.502484][T14665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 780.502506][T14665] Call Trace: [ 780.502519][T14665] [ 780.502533][T14665] dump_stack_lvl+0x100/0x190 [ 780.502580][T14665] f2fs_stop_checkpoint+0x600/0x9b0 [ 780.502641][T14665] ? srso_alias_return_thunk+0x5/0xfbef5 [ 780.502688][T14665] ? errseq_set+0xe3/0x150 [ 780.502752][T14665] ? errseq_set+0xe3/0x150 [ 780.502815][T14665] f2fs_write_end_io+0xf59/0x1340 [ 780.502880][T14665] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 780.502947][T14665] ? srso_alias_return_thunk+0x5/0xfbef5 [ 780.503008][T14665] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 780.503072][T14665] bio_endio+0x78f/0x8f0 [ 780.503125][T14665] submit_bio_noacct+0x64c/0x2000 [ 780.503176][T14665] f2fs_submit_write_bio+0x135/0x340 [ 780.503237][T14665] __submit_merged_bio+0x331/0x780 [ 780.503314][T14665] __submit_merged_write_cond+0x3fe/0x510 [ 780.503389][T14665] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 780.503463][T14665] ? __pfx___might_resched+0x10/0x10 [ 780.503516][T14665] ? srso_alias_return_thunk+0x5/0xfbef5 [ 780.503572][T14665] f2fs_write_cache_pages+0x20e9/0x2630 [ 780.503639][T14665] ? srso_alias_return_thunk+0x5/0xfbef5 [ 780.503687][T14665] ? __pfx_f2fs_write_cache_pages+0x10/0x10 [ 780.503733][T14665] ? srso_alias_return_thunk+0x5/0xfbef5 [ 780.503781][T14665] ? bpf_ksym_find+0x124/0x1c0 [ 780.503838][T14665] ? __lock_acquire+0x4a5/0x2630 [ 780.503909][T14665] ? srso_alias_return_thunk+0x5/0xfbef5 [ 780.503956][T14665] ? __lock_acquire+0x4a5/0x2630 [ 780.504016][T14665] ? srso_alias_return_thunk+0x5/0xfbef5 [ 780.504062][T14665] ? __lock_acquire+0x4a5/0x2630 [ 780.504106][T14665] ? srso_alias_return_thunk+0x5/0xfbef5 [ 780.504197][T14665] ? srso_alias_return_thunk+0x5/0xfbef5 [ 780.504244][T14665] ? rcu_is_watching+0x12/0xc0 [ 780.504312][T14665] f2fs_write_data_pages+0x799/0x16d0 [ 780.504371][T14665] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 780.504432][T14665] ? srso_alias_return_thunk+0x5/0xfbef5 [ 780.504478][T14665] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 780.504528][T14665] do_writepages+0x278/0x600 [ 780.504595][T14665] ? __pfx_do_writepages+0x10/0x10 [ 780.504652][T14665] ? do_raw_spin_unlock+0x145/0x1e0 [ 780.504706][T14665] ? srso_alias_return_thunk+0x5/0xfbef5 [ 780.504752][T14665] ? _raw_spin_unlock+0x28/0x50 [ 780.504799][T14665] filemap_writeback+0x22d/0x2e0 [ 780.504864][T14665] ? __pfx_filemap_writeback+0x10/0x10 [ 780.504924][T14665] ? check_noncircular+0x97/0x160 [ 780.505015][T14665] ? srso_alias_return_thunk+0x5/0xfbef5 [ 780.505061][T14665] ? find_held_lock+0x2b/0x80 [ 780.505119][T14665] ? f2fs_sync_dirty_inodes+0x3a6/0x990 [ 780.505165][T14665] ? f2fs_sync_dirty_inodes+0x3a6/0x990 [ 780.505212][T14665] ? srso_alias_return_thunk+0x5/0xfbef5 [ 780.505277][T14665] f2fs_sync_dirty_inodes+0x469/0x990 [ 780.505344][T14665] block_operations+0x2a6/0xfc0 [ 780.505387][T14665] ? __bfs+0x150/0x2a0 [ 780.505431][T14665] ? __pfx_block_operations+0x10/0x10 [ 780.505478][T14665] ? check_noncircular+0x97/0x160 [ 780.505569][T14665] ? srso_alias_return_thunk+0x5/0xfbef5 [ 780.505620][T14665] ? srso_alias_return_thunk+0x5/0xfbef5 [ 780.505666][T14665] ? rcu_is_watching+0x12/0xc0 [ 780.505720][T14665] ? srso_alias_return_thunk+0x5/0xfbef5 [ 780.505774][T14665] f2fs_write_checkpoint+0x582/0x5550 [ 780.505829][T14665] ? kasan_save_stack+0x3f/0x50 [ 780.505877][T14665] ? kasan_save_stack+0x30/0x50 [ 780.505924][T14665] ? kasan_record_aux_stack+0xa7/0xc0 [ 780.505961][T14665] ? __call_rcu_common.constprop.0+0xa5/0x9b0 [ 780.506008][T14665] ? shrinker_free+0xfe/0x440 [ 780.506058][T14665] ? deactivate_locked_super+0x94/0x1b0 [ 780.506112][T14665] ? deactivate_super+0xe7/0x110 [ 780.506161][T14665] ? cleanup_mnt+0x21f/0x450 [ 780.506219][T14665] ? task_work_run+0x150/0x240 [ 780.506269][T14665] ? exit_to_user_mode_loop+0x100/0x4a0 [ 780.506315][T14665] ? do_syscall_64+0x706/0xf80 [ 780.506363][T14665] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 780.506411][T14665] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 780.506483][T14665] kill_f2fs_super+0x3f1/0x4a0 [ 780.506531][T14665] ? __pfx_kill_f2fs_super+0x10/0x10 [ 780.506598][T14665] ? lockdep_hardirqs_on+0x78/0x100 [ 780.506646][T14665] ? srso_alias_return_thunk+0x5/0xfbef5 [ 780.506694][T14665] ? srso_alias_return_thunk+0x5/0xfbef5 [ 780.506755][T14665] deactivate_locked_super+0xc1/0x1b0 [ 780.506812][T14665] deactivate_super+0xe7/0x110 [ 780.506868][T14665] cleanup_mnt+0x21f/0x450 [ 780.506931][T14665] task_work_run+0x150/0x240 [ 780.506980][T14665] ? __pfx_task_work_run+0x10/0x10 [ 780.507030][T14665] ? srso_alias_return_thunk+0x5/0xfbef5 [ 780.507075][T14665] ? rcu_is_watching+0x12/0xc0 [ 780.507143][T14665] exit_to_user_mode_loop+0x100/0x4a0 [ 780.507189][T14665] ? srso_alias_return_thunk+0x5/0xfbef5 [ 780.507241][T14665] do_syscall_64+0x706/0xf80 [ 780.507296][T14665] ? irqentry_exit+0x117/0x790 [ 780.507348][T14665] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 780.507389][T14665] RIP: 0033:0x7fbf3059e017 [ 780.507420][T14665] Code: a2 c7 05 dc 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 780.507457][T14665] RSP: 002b:00007fff3505cda8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 780.507494][T14665] RAX: 0000000000000000 RBX: 00007fbf30632120 RCX: 00007fbf3059e017 [ 780.507519][T14665] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff3505ce60 [ 780.507543][T14665] RBP: 00007fff3505ce60 R08: 00007fff3505de60 R09: 00000000ffffffff [ 780.507568][T14665] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff3505def0 [ 780.507593][T14665] R13: 00007fbf30632120 R14: 00000000000be7f7 R15: 00007fff3505df30 [ 780.507643][T14665] [ 781.074203][T14665] F2FS-fs (loop7): Stopped filesystem due to reason: 3 [ 781.161370][T20701] loop6: detected capacity change from 0 to 4096 [ 781.408582][T20703] xt_hashlimit: size too large, truncated to 1048576 [ 781.589760][ T5762] usb 1-1: new high-speed USB device number 50 using dummy_hcd [ 781.767925][ T5762] usb 1-1: Using ep0 maxpacket: 16 [ 781.818397][ T5762] usb 1-1: config 0 has an invalid interface number: 251 but max is 0 [ 781.857550][ T5762] usb 1-1: config 0 has no interface number 0 [ 781.889152][ T5762] usb 1-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 781.942794][ T5762] usb 1-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 782.007664][ T5762] usb 1-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 782.046127][ T5762] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 782.097449][ T5762] usb 1-1: Product: syz [ 782.125247][ T5762] usb 1-1: Manufacturer: syz [ 782.147018][T20721] loop7: detected capacity change from 0 to 512 [ 782.159287][ T5762] usb 1-1: SerialNumber: syz [ 782.196065][ T5762] usb 1-1: config 0 descriptor?? [ 782.206366][T20721] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 782.225268][T20709] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 782.251283][T20709] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 782.286344][T20721] EXT4-fs (loop7): 1 truncate cleaned up [ 782.351060][T20721] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 782.411559][T20727] loop5: detected capacity change from 0 to 512 [ 782.479275][T20727] EXT4-fs error (device loop5): ext4_orphan_get:1397: inode #15: comm syz.5.5790: inode has both inline data and extents flags [ 782.494437][T20727] loop5: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 782.498816][T20727] EXT4-fs error (device loop5): ext4_orphan_get:1400: comm syz.5.5790: couldn't read orphan inode 15 (err -117) [ 782.508042][ C1] EXT4-fs (loop5): error count since last fsck: 1 [ 782.508074][ C1] EXT4-fs (loop5): initial error at time 1777410033: ext4_orphan_get:1397: inode 15 [ 782.508126][ C1] EXT4-fs (loop5): last error at time 1777410033: ext4_orphan_get:1397: inode 15 [ 782.551794][T20727] loop5: lost filesystem error report for type 5 error -117 [ 782.568706][T20709] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 782.595501][T20727] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 782.653618][T20709] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 782.686489][T20727] EXT4-fs error (device loop5): __ext4_add_entry:2412: inode #2: comm syz.5.5790: Directory hole found for htree leaf block 0 [ 782.768717][ T5622] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 782.824298][T14665] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 783.151170][T20741] loop3: detected capacity change from 0 to 1024 [ 783.306274][ T5762] asix 1-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 783.336217][ T5762] asix 1-1:0.251 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 783.368133][ T5762] asix 1-1:0.251: probe with driver asix failed with error -71 [ 783.416921][ T5762] usb 1-1: USB disconnect, device number 50 [ 784.242511][T20762] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check. [ 784.332000][T20767] loop5: detected capacity change from 0 to 64 [ 784.485922][T20767] BFS-fs: bfs_fill_super(): loop5 is unclean, continuing [ 784.992326][T20778] loop7: detected capacity change from 0 to 4096 [ 785.013707][T20778] EXT4-fs: Ignoring removed mblk_io_submit option [ 785.046712][T20778] EXT4-fs: Ignoring removed orlov option [ 785.103893][T20778] EXT4-fs (loop7): Test dummy encryption mode enabled [ 785.154795][T20778] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 785.226048][ T109] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 785.517138][T14665] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 785.698405][ T109] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 785.873261][T20791] loop5: detected capacity change from 0 to 64 [ 786.147965][ T109] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 786.198699][T20796] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 786.218846][T20796] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 786.238515][T20796] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 786.245287][T18939] block nbd6: Receive control failed (result -32) [ 786.262051][T18939] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 786.272933][T18939] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 786.744239][ T109] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 787.265349][T20822] loop6: detected capacity change from 0 to 512 [ 787.364284][T20822] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 787.487224][T20822] ext4 filesystem being mounted at /618/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 787.577427][T20822] EXT4-fs error (device loop6): ext4_empty_dir:3085: inode #12: comm syz.6.5830: Directory block failed checksum [ 787.897515][T10813] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 788.279995][T20844] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 788.290892][T20844] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 788.349235][ T109] bridge_slave_1: left allmulticast mode [ 788.370197][T18887] Bluetooth: hci5: command tx timeout [ 788.382048][ T109] bridge_slave_1: left promiscuous mode [ 788.445690][ T109] bridge0: port 2(bridge_slave_1) entered disabled state [ 788.582418][ T109] bridge_slave_0: left allmulticast mode [ 788.605438][ T109] bridge_slave_0: left promiscuous mode [ 788.628855][ T109] bridge0: port 1(bridge_slave_0) entered disabled state [ 788.711918][ T5633] usb 4-1: new high-speed USB device number 44 using dummy_hcd [ 788.891162][ T5633] usb 4-1: Using ep0 maxpacket: 8 [ 788.916363][ T5633] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 788.960112][ T5633] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 789.036537][ T5633] pvrusb2: Hardware description: Terratec Grabster AV400 [ 789.076198][ T5633] pvrusb2: ********** [ 789.100278][ T5633] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 789.138200][ T5633] pvrusb2: Important functionality might not be entirely working. [ 789.165456][ T5633] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 789.202602][ T5633] pvrusb2: ********** [ 789.230242][ T2358] pvrusb2: Invalid write control endpoint [ 789.456611][ T5633] usb 4-1: USB disconnect, device number 44 [ 789.674414][ T2358] pvrusb2: Invalid write control endpoint [ 789.693823][ T2358] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 789.726126][ T2358] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 789.774943][ T2358] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 789.814928][ T2358] pvrusb2: Device being rendered inoperable [ 789.855592][ T2358] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 789.874604][ T2358] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 789.914587][ T2358] pvrusb2: Attached sub-driver cx25840 [ 789.936604][ T2358] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 789.957113][ T2358] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 789.976529][ T109] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 790.066567][ T109] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 790.151470][ T109] bond0 (unregistering): Released all slaves [ 790.348867][T20885] loop3: detected capacity change from 0 to 7 [ 790.396261][ C1] blk_print_req_error: 138 callbacks suppressed [ 790.396298][ C1] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 790.411809][ C1] buffer_io_error: 7 callbacks suppressed [ 790.411835][ C1] Buffer I/O error on dev loop3, logical block 0, async page read [ 790.452074][T18887] Bluetooth: hci5: command tx timeout [ 790.468320][ C0] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 790.477601][ C0] Buffer I/O error on dev loop3, logical block 0, async page read [ 790.497281][ C0] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 790.506551][ C0] Buffer I/O error on dev loop3, logical block 0, async page read [ 790.515694][ C0] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 790.524916][ C0] Buffer I/O error on dev loop3, logical block 0, async page read [ 790.543113][ C0] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 790.552350][ C0] Buffer I/O error on dev loop3, logical block 0, async page read [ 790.562801][ C1] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 790.572027][ C1] Buffer I/O error on dev loop3, logical block 0, async page read [ 790.581825][ C1] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 790.591024][ C1] Buffer I/O error on dev loop3, logical block 0, async page read [ 790.599023][T20885] ldm_validate_partition_table(): Disk read failed. [ 790.608728][ C1] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 790.617982][ C1] Buffer I/O error on dev loop3, logical block 0, async page read [ 790.636958][ C0] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 790.646215][ C0] Buffer I/O error on dev loop3, logical block 0, async page read [ 790.655462][ C1] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 790.664707][ C1] Buffer I/O error on dev loop3, logical block 0, async page read [ 790.683274][T20885] Dev loop3: unable to read RDB block 0 [ 790.729314][T20885] loop3: unable to read partition table [ 790.735265][ T5281] 8021q: adding VLAN 0 to HW filter on device eth9 [ 790.760550][T20885] loop3: partition table beyond EOD, truncated [ 790.803144][T20885] loop_reread_partitions: partition scan of loop3 (Cj̖P=ý?}X %֐ȵ4FLQk݊5) failed (rc=-5) [ 791.073592][ T30] audit: type=1326 audit(1777410041.855:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20900 comm="syz.6.5857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa64179cdd9 code=0x7ffc0000 [ 791.175448][ T30] audit: type=1326 audit(1777410041.855:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20900 comm="syz.6.5857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa64179cdd9 code=0x7ffc0000 [ 791.230091][ T30] audit: type=1326 audit(1777410041.885:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20900 comm="syz.6.5857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7fa64179cdd9 code=0x7ffc0000 [ 791.288168][ T30] audit: type=1326 audit(1777410041.885:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20900 comm="syz.6.5857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa64179cdd9 code=0x7ffc0000 [ 791.335682][ T30] audit: type=1326 audit(1777410041.885:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20900 comm="syz.6.5857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa64179cdd9 code=0x7ffc0000 [ 791.492191][ T30] audit: type=1326 audit(1777410041.885:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20900 comm="syz.6.5857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=281 compat=0 ip=0x7fa64179cdd9 code=0x7ffc0000 [ 791.516647][ T30] audit: type=1326 audit(1777410042.115:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20900 comm="syz.6.5857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa64179cdd9 code=0x7ffc0000 [ 791.541786][ T30] audit: type=1326 audit(1777410042.115:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20900 comm="syz.6.5857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa64179cdd9 code=0x7ffc0000 [ 791.748319][T20919] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5862'. [ 792.008589][ T109] hsr_slave_0: left promiscuous mode [ 792.082553][ T109] hsr_slave_1: left promiscuous mode [ 792.097645][ T109] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 792.147409][ T109] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 792.191697][ T109] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 792.213927][ T109] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 792.271527][ T109] veth1_vlan: left allmulticast mode [ 792.285025][ T109] veth1_macvtap: left promiscuous mode [ 792.297854][T20931] loop6: detected capacity change from 0 to 4096 [ 792.303374][ T109] veth0_macvtap: left promiscuous mode [ 792.321636][ T109] veth1_vlan: left promiscuous mode [ 792.336184][ T109] veth0_vlan: left promiscuous mode [ 792.376620][T20931] NILFS (loop6): invalid segment: Checksum error in segment payload [ 792.404912][T20931] NILFS (loop6): trying rollback from an earlier position [ 792.436588][T20931] NILFS (loop6): recovery complete [ 792.495420][T20945] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 792.532278][T18887] Bluetooth: hci5: command tx timeout [ 793.363931][ T109] team0 (unregistering): Port device team_slave_1 removed [ 793.394277][ T109] team0 (unregistering): Port device team_slave_0 removed [ 793.616180][ T5281] 8021q: adding VLAN 0 to HW filter on device eth10 [ 794.000506][T20968] bond0: (slave macvlan3): Error -98 calling set_mac_address [ 794.574749][T20986] netlink: 212 bytes leftover after parsing attributes in process `syz.6.5884'. [ 794.609780][T18887] Bluetooth: hci5: command tx timeout [ 795.586092][ T5281] 8021q: adding VLAN 0 to HW filter on device eth11 [ 795.686550][T20795] bridge0: port 1(bridge_slave_0) entered blocking state [ 795.715069][T20795] bridge0: port 1(bridge_slave_0) entered disabled state [ 795.762122][T20795] bridge_slave_0: entered allmulticast mode [ 795.794720][T20795] bridge_slave_0: entered promiscuous mode [ 795.832932][T21018] TCP: TCP_TX_DELAY enabled [ 795.864991][T20795] bridge0: port 2(bridge_slave_1) entered blocking state [ 795.881917][T20795] bridge0: port 2(bridge_slave_1) entered disabled state [ 795.902887][T20795] bridge_slave_1: entered allmulticast mode [ 795.923520][T20795] bridge_slave_1: entered promiscuous mode [ 796.083522][T20795] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 796.138458][T20795] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 796.368208][T20795] team0: Port device team_slave_0 added [ 796.404285][T21028] loop7: detected capacity change from 0 to 64 [ 796.428023][T20795] team0: Port device team_slave_1 added [ 796.664075][T20795] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 796.715589][T20795] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 796.784612][T20795] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 796.865727][T21042] netlink: 56 bytes leftover after parsing attributes in process `syz.3.5898'. [ 796.882889][T20795] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 796.936091][T20795] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 797.044581][T20795] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 797.478767][T20795] hsr_slave_0: entered promiscuous mode [ 797.514917][T20795] hsr_slave_1: entered promiscuous mode [ 797.537532][T20795] debugfs: 'hsr0' already exists in 'hsr' [ 797.560136][T20795] Cannot create hsr debugfs directory [ 797.749909][ T9] usb 6-1: new high-speed USB device number 41 using dummy_hcd [ 797.931307][ T9] usb 6-1: Using ep0 maxpacket: 32 [ 797.954085][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 797.986896][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 798.011101][ T9] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 798.056333][ T9] usb 6-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00 [ 798.075986][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 798.117018][ T9] usb 6-1: config 0 descriptor?? [ 798.615477][ T9] input: HID 0458:5011 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0458:5011.0052/input/input41 [ 798.795932][ T9] input: HID 0458:5011 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0458:5011.0052/input/input42 [ 798.976551][ T9] kye 0003:0458:5011.0052: input,hiddev0,hidraw0: USB HID v0.00 Mouse [HID 0458:5011] on usb-dummy_hcd.5-1/input0 [ 799.284600][ T5753] usb 6-1: USB disconnect, device number 41 [ 799.378736][T21103] fido_id[21103]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/6-1/report_descriptor': No such file or directory [ 799.448538][T21109] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5918'. [ 800.333288][T21133] loop5: detected capacity change from 0 to 256 [ 800.377411][T21133] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x9059ffb0, utbl_chksum : 0xe619d30d) [ 801.755876][T20795] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 801.807819][T20795] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 801.835060][T20795] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 801.899105][T20795] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 801.926009][T20795] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 801.975041][T20795] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 802.010781][T20795] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 802.137467][T20795] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 802.241903][T21184] dummy0: entered promiscuous mode [ 802.300988][T21184] dummy0: left promiscuous mode [ 802.682119][T20795] 8021q: adding VLAN 0 to HW filter on device bond0 [ 802.743405][T20795] 8021q: adding VLAN 0 to HW filter on device team0 [ 802.777062][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 802.784275][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 802.832292][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 802.839544][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 802.841515][ T5633] usb 4-1: new high-speed USB device number 45 using dummy_hcd [ 803.022227][ T5633] usb 4-1: unable to get BOS descriptor or descriptor too short [ 803.062736][ T5633] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 64, changing to 7 [ 803.129695][ T5633] usb 4-1: New USB device found, idVendor=0582, idProduct=004c, bcdDevice= 0.40 [ 803.181431][ T5633] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 803.216038][ T5633] usb 4-1: Product: syz [ 803.228461][ T5633] usb 4-1: Manufacturer: syz [ 803.243724][ T5633] usb 4-1: SerialNumber: syz [ 803.293811][T21211] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5944'. [ 803.327607][T21211] netlink: 'syz.2.5944': attribute type 30 has an invalid length. [ 803.360899][T21211] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5944'. [ 803.564703][ T5633] usb 4-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 803.752017][ T5633] usb 4-1: 2:1 : unknown format tag 0x4 is detected. processed as MPEG. [ 803.785959][ T5633] usb 4-1: found format II with max.bitrate = 4, frame size=7372 [ 804.158820][ T5633] usb 4-1: parse_audio_format_rates_v2v3(): unable to retrieve sample rate range (clock 0) [ 804.391531][ T5633] usb 4-1: USB disconnect, device number 45 [ 804.652113][ T5608] udevd[5608]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 804.671349][T21251] 9p: Bad value for 'rfdno' [ 804.722673][T21247] loop6: detected capacity change from 0 to 4096 [ 804.735002][T20795] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 804.888507][T21255] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 805.117222][T20795] veth0_vlan: entered promiscuous mode [ 805.143404][T21261] loop7: detected capacity change from 0 to 7 [ 805.182367][T20795] veth1_vlan: entered promiscuous mode [ 805.216462][ C0] blk_print_req_error: 10 callbacks suppressed [ 805.216492][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 805.231903][ C0] buffer_io_error: 10 callbacks suppressed [ 805.231928][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 805.271478][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 805.280695][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 805.293320][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 805.302527][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 805.316955][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 805.326169][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 805.335111][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 805.344347][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 805.373634][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 805.382845][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 805.392337][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 805.401521][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 805.409420][T21261] ldm_validate_partition_table(): Disk read failed. [ 805.421574][T20795] veth0_macvtap: entered promiscuous mode [ 805.448567][T20795] veth1_macvtap: entered promiscuous mode [ 805.463824][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 805.473072][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 805.482903][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 805.492100][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 805.515236][T20795] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 805.528505][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 805.537758][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 805.553022][T21261] Dev loop7: unable to read RDB block 0 [ 805.558718][T20795] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 805.584773][T21261] loop7: unable to read partition table [ 805.608336][T21261] loop7: partition table beyond EOD, truncated [ 805.628359][ T5800] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 805.637511][T21261] loop_reread_partitions: partition scan of loop7 (Cj̖P=ý?}X %֐ȵ4FLQk݊5) failed (rc=-5) [ 805.674714][ T5800] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 805.696218][T21262] ldm_validate_partition_table(): Disk read failed. [ 805.717698][ T5800] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 805.732438][T21262] Dev loop7: unable to read RDB block 0 [ 805.751523][ T5800] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 805.764817][T21262] loop7: unable to read partition table [ 805.777376][T21262] loop7: partition table beyond EOD, truncated [ 806.117254][ T6006] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 806.148465][ T6006] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 806.213967][ T6008] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 806.252341][ T6008] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 807.073736][T21295] syz.2.5966 (21295) used greatest stack depth: 19720 bytes left [ 807.938284][T21324] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 807.974170][ T1307] ieee802154 phy0 wpan0: encryption failed: -22 [ 807.982795][ T1307] ieee802154 phy1 wpan1: encryption failed: -22 [ 808.001078][T21324] iommufd_mock iommufd_mock1: Adding to iommu group 1 [ 809.278569][T21365] loop3: detected capacity change from 0 to 256 [ 809.360873][T21365] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7c18d7b, utbl_chksum : 0xe619d30d) [ 810.233585][T21395] netlink: 212340 bytes leftover after parsing attributes in process `syz.0.6006'. [ 810.282782][T21395] openvswitch: netlink: Port 167772160 exceeds max allowable 65535 [ 810.666427][T21403] sysfs: cannot create duplicate filename '/class/ieee80211/1^!' [ 810.732492][T21403] CPU: 0 UID: 0 PID: 21403 Comm: syz.5.6008 Tainted: G L syzkaller #0 PREEMPT(full) [ 810.732550][T21403] Tainted: [L]=SOFTLOCKUP [ 810.732564][T21403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 810.732587][T21403] Call Trace: [ 810.732600][T21403] [ 810.732614][T21403] dump_stack_lvl+0x100/0x190 [ 810.732661][T21403] sysfs_warn_dup.cold+0x1c/0x28 [ 810.732726][T21403] sysfs_do_create_link_sd+0x113/0x140 [ 810.732795][T21403] sysfs_create_link+0x61/0xc0 [ 810.732859][T21403] device_add+0x675/0x1950 [ 810.732911][T21403] ? __pfx_device_add+0x10/0x10 [ 810.732955][T21403] ? srso_alias_return_thunk+0x5/0xfbef5 [ 810.733002][T21403] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 810.733048][T21403] ? srso_alias_return_thunk+0x5/0xfbef5 [ 810.733095][T21403] ? ieee80211_set_bitrate_flags+0x41b/0x6b0 [ 810.733168][T21403] wiphy_register+0x1edd/0x2d90 [ 810.733209][T21403] ? srso_alias_return_thunk+0x5/0xfbef5 [ 810.733254][T21403] ? __rtnl_unlock+0xb9/0xf0 [ 810.733316][T21403] ? __pfx_wiphy_register+0x10/0x10 [ 810.733358][T21403] ? srso_alias_return_thunk+0x5/0xfbef5 [ 810.733405][T21403] ? __asan_memset+0x23/0x50 [ 810.733449][T21403] ? minstrel_ht_alloc+0x5e6/0x7f0 [ 810.733525][T21403] ieee80211_register_hw+0x3055/0x4570 [ 810.733605][T21403] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 810.733660][T21403] ? __pfx___debug_object_init+0x10/0x10 [ 810.733726][T21403] ? srso_alias_return_thunk+0x5/0xfbef5 [ 810.733773][T21403] ? find_held_lock+0x2b/0x80 [ 810.733834][T21403] ? srso_alias_return_thunk+0x5/0xfbef5 [ 810.733880][T21403] ? srso_alias_return_thunk+0x5/0xfbef5 [ 810.733927][T21403] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 810.733971][T21403] ? srso_alias_return_thunk+0x5/0xfbef5 [ 810.734017][T21403] ? __hrtimer_setup+0x208/0x330 [ 810.734073][T21403] mac80211_hwsim_new_radio+0x2a01/0x5ae0 [ 810.734172][T21403] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 810.734243][T21403] ? srso_alias_return_thunk+0x5/0xfbef5 [ 810.734296][T21403] ? __asan_memcpy+0x3c/0x60 [ 810.734345][T21403] hwsim_new_radio_nl+0xc5f/0x1370 [ 810.734407][T21403] ? rcu_is_watching+0x12/0xc0 [ 810.734466][T21403] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 810.734543][T21403] ? srso_alias_return_thunk+0x5/0xfbef5 [ 810.734590][T21403] ? srso_alias_return_thunk+0x5/0xfbef5 [ 810.734636][T21403] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1ef/0x2f0 [ 810.734710][T21403] genl_family_rcv_msg_doit+0x214/0x300 [ 810.734775][T21403] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 810.734830][T21403] ? srso_alias_return_thunk+0x5/0xfbef5 [ 810.734876][T21403] ? genl_get_cmd+0x3e7/0x760 [ 810.734941][T21403] ? srso_alias_return_thunk+0x5/0xfbef5 [ 810.734987][T21403] ? security_capable+0x80/0x260 [ 810.735041][T21403] ? srso_alias_return_thunk+0x5/0xfbef5 [ 810.735087][T21403] ? ns_capable+0xd2/0xf0 [ 810.735142][T21403] genl_rcv_msg+0x560/0x800 [ 810.735204][T21403] ? __pfx_genl_rcv_msg+0x10/0x10 [ 810.735262][T21403] ? srso_alias_return_thunk+0x5/0xfbef5 [ 810.735318][T21403] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 810.735392][T21403] ? srso_alias_return_thunk+0x5/0xfbef5 [ 810.735448][T21403] netlink_rcv_skb+0x159/0x420 [ 810.735499][T21403] ? __pfx_genl_rcv_msg+0x10/0x10 [ 810.735559][T21403] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 810.735633][T21403] ? srso_alias_return_thunk+0x5/0xfbef5 [ 810.735678][T21403] ? netlink_deliver_tap+0x1ae/0xcc0 [ 810.735733][T21403] genl_rcv+0x28/0x40 [ 810.735785][T21403] netlink_unicast+0x585/0x850 [ 810.735844][T21403] ? __pfx_netlink_unicast+0x10/0x10 [ 810.735911][T21403] netlink_sendmsg+0x8b0/0xda0 [ 810.735972][T21403] ? __pfx_netlink_sendmsg+0x10/0x10 [ 810.736022][T21403] ? __might_fault+0x30/0x140 [ 810.736073][T21403] ? srso_alias_return_thunk+0x5/0xfbef5 [ 810.736120][T21403] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 810.736186][T21403] ____sys_sendmsg+0x9e1/0xb70 [ 810.736235][T21403] ? __pfx_netlink_sendmsg+0x10/0x10 [ 810.736300][T21403] ? __pfx_____sys_sendmsg+0x10/0x10 [ 810.736361][T21403] ? __pfx_futex_wake_mark+0x10/0x10 [ 810.736434][T21403] ___sys_sendmsg+0x190/0x1e0 [ 810.736492][T21403] ? __pfx____sys_sendmsg+0x10/0x10 [ 810.736544][T21403] ? srso_alias_return_thunk+0x5/0xfbef5 [ 810.736615][T21403] ? srso_alias_return_thunk+0x5/0xfbef5 [ 810.736698][T21403] __sys_sendmsg+0x170/0x220 [ 810.736738][T21403] ? __pfx___sys_sendmsg+0x10/0x10 [ 810.736775][T21403] ? srso_alias_return_thunk+0x5/0xfbef5 [ 810.736821][T21403] ? srso_alias_return_thunk+0x5/0xfbef5 [ 810.736890][T21403] ? srso_alias_return_thunk+0x5/0xfbef5 [ 810.736938][T21403] ? rcu_is_watching+0x12/0xc0 [ 810.737001][T21403] do_syscall_64+0x10b/0xf80 [ 810.737050][T21403] ? irqentry_exit+0x117/0x790 [ 810.737104][T21403] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 810.737145][T21403] RIP: 0033:0x7f47a939cdd9 [ 810.737175][T21403] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 810.737213][T21403] RSP: 002b:00007f47aa177028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 810.737250][T21403] RAX: ffffffffffffffda RBX: 00007f47a9616090 RCX: 00007f47a939cdd9 [ 810.737284][T21403] RDX: 0000000004000010 RSI: 0000200000000100 RDI: 0000000000000003 [ 810.737309][T21403] RBP: 00007f47a9432d69 R08: 0000000000000000 R09: 0000000000000000 [ 810.737333][T21403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 810.737357][T21403] R13: 00007f47a9616128 R14: 00007f47a9616090 R15: 00007fff232803a8 [ 810.737410][T21403] [ 811.711823][ T5753] usb 4-1: new high-speed USB device number 46 using dummy_hcd [ 811.901263][ T5753] usb 4-1: Using ep0 maxpacket: 16 [ 811.913801][ T5753] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 811.939068][ T5753] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 811.955245][ T5753] usb 4-1: config 0 interface 0 has no altsetting 0 [ 811.967458][ T5753] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 811.987662][T21435] loop5: detected capacity change from 0 to 256 [ 812.006792][ T5753] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 812.040597][ T30] audit: type=1800 audit(1777410062.815:231): pid=21435 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.6023" name="file1" dev="loop5" ino=1049094 res=0 errno=0 [ 812.076004][ T5753] usb 4-1: config 0 descriptor?? [ 812.518968][ T5753] hid (null): nested delimiters [ 812.738429][ T5753] usb 4-1: USB disconnect, device number 46 [ 812.853362][T21448] netlink: 24 bytes leftover after parsing attributes in process `syz.5.6029'. [ 813.279866][ T5633] usb 6-1: new high-speed USB device number 42 using dummy_hcd [ 813.426316][T21462] loop6: detected capacity change from 0 to 1024 [ 813.452049][ T5633] usb 6-1: config 0 has no interfaces? [ 813.461601][ T5633] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 813.512681][ T5633] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 813.521220][T21462] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 813.536159][T21462] ext4 filesystem being mounted at /652/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 813.574709][ T5633] usb 6-1: config 0 descriptor?? [ 813.702726][T10813] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 813.869857][T21473] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6040'. [ 813.916030][T21473] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6040'. [ 814.129362][T21478] netlink: 'syz.7.6041': attribute type 11 has an invalid length. [ 814.168683][T21478] netlink: 56 bytes leftover after parsing attributes in process `syz.7.6041'. [ 814.466888][ T5633] usb 6-1: USB disconnect, device number 42 [ 815.072063][T21510] netlink: 'syz.0.6056': attribute type 12 has an invalid length. [ 815.123612][T21510] netlink: 'syz.0.6056': attribute type 29 has an invalid length. [ 815.150121][T21510] netlink: 148 bytes leftover after parsing attributes in process `syz.0.6056'. [ 815.203024][T21510] netlink: 'syz.0.6056': attribute type 1 has an invalid length. [ 815.250199][T21510] netlink: 'syz.0.6056': attribute type 2 has an invalid length. [ 815.282420][T21510] netlink: 11 bytes leftover after parsing attributes in process `syz.0.6056'. [ 815.570205][ T9] usb 6-1: new high-speed USB device number 43 using dummy_hcd [ 815.697815][T21529] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6063'. [ 815.750304][ T9] usb 6-1: config 17 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 815.778340][ T9] usb 6-1: config 17 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 815.816133][ T9] usb 6-1: config 17 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 815.857422][ T9] usb 6-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 815.886915][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 815.910629][T21533] overlayfs: failed to resolve './file0': -2 [ 815.948317][T21517] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 816.583059][T21550] bridge0: port 2(bridge_slave_1) entered blocking state [ 816.590337][T21550] bridge0: port 2(bridge_slave_1) entered forwarding state [ 816.598023][T21550] bridge0: port 1(bridge_slave_0) entered blocking state [ 816.605254][T21550] bridge0: port 1(bridge_slave_0) entered forwarding state [ 816.610059][T21552] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 816.622370][T21552] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 816.884295][T21550] veth1_macvtap: entered promiscuous mode [ 816.926668][T21557] loop0: detected capacity change from 0 to 128 [ 816.993365][ T9] aiptek 6-1:17.0: Aiptek using 400 ms programming speed [ 817.008874][T21550] 8021q: adding VLAN 0 to HW filter on device eth0 [ 817.037622][ T9] input: Aiptek as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:17.0/input/input43 [ 817.095045][T21550] 8021q: adding VLAN 0 to HW filter on device eth1 [ 817.163679][T21550] 8021q: adding VLAN 0 to HW filter on device eth2 [ 817.222572][T21550] 8021q: adding VLAN 0 to HW filter on device eth3 [ 817.248693][T21557] FAT-fs (loop0): error, clusters badly computed (2 != 0) [ 817.297113][T21557] FAT-fs (loop0): Filesystem has been set read-only [ 817.391874][ T9] usb 6-1: USB disconnect, device number 43 [ 817.397913][ C0] aiptek 6-1:17.0: aiptek_irq - usb_submit_urb failed with result -19 [ 818.030572][T21577] loop7: detected capacity change from 0 to 256 [ 818.055993][T21577] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 818.098498][ T6008] netdevsim netdevsim6 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 818.129279][ T6008] netdevsim netdevsim6 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 818.247796][ T6008] netdevsim netdevsim6 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 818.302797][ T6008] netdevsim netdevsim6 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 818.594042][T21580] loop7: detected capacity change from 0 to 2048 [ 818.687981][T21580] Alternate GPT is invalid, using primary GPT. [ 818.726077][T21580] loop7: p1 p2 p3 [ 819.043516][T21593] loop5: detected capacity change from 0 to 512 [ 819.087947][T21593] EXT4-fs: Ignoring removed oldalloc option [ 819.117012][T21593] EXT4-fs: Ignoring removed nobh option [ 819.191974][ T5608] udevd[5608]: inotify_add_watch(7, /dev/loop7p1, 10) failed: No such file or directory [ 819.228151][ T5947] udevd[5947]: inotify_add_watch(7, /dev/loop7p2, 10) failed: No such file or directory [ 819.278059][ T5946] udevd[5946]: inotify_add_watch(7, /dev/loop7p3, 10) failed: No such file or directory [ 819.281909][T21601] loop7: detected capacity change from 0 to 8 [ 819.320806][T21601] MTD: Attempt to mount non-MTD device "/dev/loop7" [ 819.347719][T21593] [ 819.350080][T21593] ====================================================== [ 819.357094][T21593] WARNING: possible circular locking dependency detected [ 819.364115][T21593] syzkaller #0 Tainted: G L [ 819.370099][T21593] ------------------------------------------------------ [ 819.377121][T21593] syz.5.6090/21593 is trying to acquire lock: [ 819.383192][T21593] ffff88807ae36c18 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: do_writepages+0x278/0x600 [ 819.393102][T21593] [ 819.393102][T21593] but task is already holding lock: [ 819.400468][T21593] ffff888076922fa0 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x5f0/0x890 [ 819.410377][T21593] [ 819.410377][T21593] which lock already depends on the new lock. [ 819.410377][T21593] [ 819.420780][T21593] [ 819.420780][T21593] the existing dependency chain (in reverse order) is: [ 819.429799][T21593] [ 819.429799][T21593] -> #1 (&ei->xattr_sem){++++}-{4:4}: [ 819.437401][T21593] down_write+0x8b/0x1f0 [ 819.442204][T21593] ext4_destroy_inline_data+0x2d/0xe0 [ 819.448119][T21593] ext4_do_writepages+0x118b/0x3f20 [ 819.453879][T21593] ext4_writepages+0x347/0x790 [ 819.459208][T21593] do_writepages+0x278/0x600 [ 819.464360][T21593] filemap_writeback+0x22d/0x2e0 [ 819.469858][T21593] file_write_and_wait_range+0xcd/0x140 [ 819.475948][T21593] mmb_fsync_noflush+0x7a/0x2b0 [ 819.481355][T21593] ext4_fsync_nojournal.constprop.0+0xe6/0x420 [ 819.488065][T21593] ext4_sync_file+0x892/0xb90 [ 819.493286][T21593] vfs_fsync_range+0x9b/0x190 [ 819.498496][T21593] ext4_buffered_write_iter+0x2a0/0x3f0 [ 819.504584][T21593] ext4_file_write_iter+0xa2f/0x1cf0 [ 819.510413][T21593] iter_file_splice_write+0x830/0x10a0 [ 819.516402][T21593] direct_splice_actor+0x192/0x6c0 [ 819.522041][T21593] splice_direct_to_actor+0x345/0xa30 [ 819.527942][T21593] do_splice_direct+0x174/0x240 [ 819.533325][T21593] vfs_copy_file_range+0xc92/0x1910 [ 819.539052][T21593] __do_sys_copy_file_range+0x1a1/0x460 [ 819.545123][T21593] do_syscall_64+0x10b/0xf80 [ 819.550250][T21593] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 819.556676][T21593] [ 819.556676][T21593] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}: [ 819.565124][T21593] __lock_acquire+0x14b8/0x2630 [ 819.570510][T21593] lock_acquire+0x1b1/0x370 [ 819.575545][T21593] ext4_writepages+0x21d/0x790 [ 819.580859][T21593] do_writepages+0x278/0x600 [ 819.585998][T21593] __writeback_single_inode+0x164/0x1350 [ 819.592181][T21593] writeback_single_inode+0x4d3/0xf30 [ 819.598101][T21593] write_inode_now+0x174/0x1f0 [ 819.603410][T21593] iput.part.0+0x7f3/0xf50 [ 819.608364][T21593] iput+0x35/0x40 [ 819.612529][T21593] ext4_xattr_block_set+0x6f7/0x3660 [ 819.618352][T21593] ext4_expand_extra_isize_ea+0x17c6/0x1d70 [ 819.624784][T21593] __ext4_expand_extra_isize+0x346/0x480 [ 819.630955][T21593] __ext4_mark_inode_dirty+0x67d/0x890 [ 819.636967][T21593] ext4_evict_inode+0x846/0x1a30 [ 819.642429][T21593] evict+0x3c2/0xad0 [ 819.646857][T21593] iput.part.0+0x605/0xf50 [ 819.651812][T21593] iput+0x35/0x40 [ 819.655980][T21593] ext4_orphan_cleanup+0x71e/0x11e0 [ 819.661704][T21593] ext4_fill_super+0x916c/0xb5d0 [ 819.667173][T21593] get_tree_bdev_flags+0x38c/0x620 [ 819.672829][T21593] vfs_get_tree+0x92/0x320 [ 819.677783][T21593] path_mount+0x7d0/0x23d0 [ 819.682730][T21593] __x64_sys_mount+0x293/0x310 [ 819.688032][T21593] do_syscall_64+0x10b/0xf80 [ 819.693158][T21593] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 819.699578][T21593] [ 819.699578][T21593] other info that might help us debug this: [ 819.699578][T21593] [ 819.709800][T21593] Possible unsafe locking scenario: [ 819.709800][T21593] [ 819.717242][T21593] CPU0 CPU1 [ 819.722596][T21593] ---- ---- [ 819.727946][T21593] lock(&ei->xattr_sem); [ 819.732281][T21593] lock(&sbi->s_writepages_rwsem); [ 819.740007][T21593] lock(&ei->xattr_sem); [ 819.746865][T21593] rlock(&sbi->s_writepages_rwsem); [ 819.752157][T21593] [ 819.752157][T21593] *** DEADLOCK *** [ 819.752157][T21593] [ 819.760290][T21593] 3 locks held by syz.5.6090/21593: [ 819.765478][T21593] #0: ffff88807b85a0d8 (&type->s_umount_key#28/1){+.+.}-{4:4}, at: alloc_super+0x244/0xd20 [ 819.775652][T21593] #1: ffff88807b85a600 (sb_internal){.+.+}-{0:0}, at: evict+0x3c2/0xad0 [ 819.784147][T21593] #2: ffff888076922fa0 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x5f0/0x890 [ 819.794481][T21593] [ 819.794481][T21593] stack backtrace: [ 819.800374][T21593] CPU: 0 UID: 0 PID: 21593 Comm: syz.5.6090 Tainted: G L syzkaller #0 PREEMPT(full) [ 819.800427][T21593] Tainted: [L]=SOFTLOCKUP [ 819.800441][T21593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 819.800464][T21593] Call Trace: [ 819.800479][T21593] [ 819.800494][T21593] dump_stack_lvl+0x100/0x190 [ 819.800535][T21593] print_circular_bug.cold+0x178/0x1c7 [ 819.800599][T21593] check_noncircular+0x146/0x160 [ 819.800640][T21593] ? srso_alias_return_thunk+0x5/0xfbef5 [ 819.800695][T21593] __lock_acquire+0x14b8/0x2630 [ 819.800749][T21593] lock_acquire+0x1b1/0x370 [ 819.800791][T21593] ? do_writepages+0x278/0x600 [ 819.800852][T21593] ? __pfx___might_resched+0x10/0x10 [ 819.800907][T21593] ext4_writepages+0x21d/0x790 [ 819.800967][T21593] ? do_writepages+0x278/0x600 [ 819.801024][T21593] ? srso_alias_return_thunk+0x5/0xfbef5 [ 819.801071][T21593] ? __pfx_ext4_writepages+0x10/0x10 [ 819.801140][T21593] ? do_writepages+0x4b5/0x600 [ 819.801197][T21593] ? do_writepages+0x4b5/0x600 [ 819.801254][T21593] ? srso_alias_return_thunk+0x5/0xfbef5 [ 819.801308][T21593] ? __pfx_ext4_writepages+0x10/0x10 [ 819.801370][T21593] do_writepages+0x278/0x600 [ 819.801431][T21593] ? __pfx_do_writepages+0x10/0x10 [ 819.801491][T21593] ? srso_alias_return_thunk+0x5/0xfbef5 [ 819.801540][T21593] __writeback_single_inode+0x164/0x1350 [ 819.801598][T21593] ? find_held_lock+0x2b/0x80 [ 819.801653][T21593] ? srso_alias_return_thunk+0x5/0xfbef5 [ 819.801696][T21593] ? __pfx___writeback_single_inode+0x10/0x10 [ 819.801748][T21593] ? srso_alias_return_thunk+0x5/0xfbef5 [ 819.801789][T21593] ? do_raw_spin_unlock+0x145/0x1e0 [ 819.801836][T21593] ? srso_alias_return_thunk+0x5/0xfbef5 [ 819.801881][T21593] writeback_single_inode+0x4d3/0xf30 [ 819.801934][T21593] ? ext4_evict_inode+0x846/0x1a30 [ 819.801967][T21593] write_inode_now+0x174/0x1f0 [ 819.802018][T21593] ? path_mount+0x7d0/0x23d0 [ 819.802057][T21593] ? __pfx_write_inode_now+0x10/0x10 [ 819.802134][T21593] ? srso_alias_return_thunk+0x5/0xfbef5 [ 819.802175][T21593] ? find_held_lock+0x2b/0x80 [ 819.802227][T21593] ? iput.part.0+0x7e6/0xf50 [ 819.802268][T21593] ? iput.part.0+0x7e6/0xf50 [ 819.802313][T21593] ? srso_alias_return_thunk+0x5/0xfbef5 [ 819.802360][T21593] iput.part.0+0x7f3/0xf50 [ 819.802400][T21593] ? __pfx_ext4_drop_inode+0x10/0x10 [ 819.802456][T21593] iput+0x35/0x40 [ 819.802495][T21593] ext4_xattr_block_set+0x6f7/0x3660 [ 819.802542][T21593] ? srso_alias_return_thunk+0x5/0xfbef5 [ 819.802586][T21593] ? srso_alias_return_thunk+0x5/0xfbef5 [ 819.802633][T21593] ? __pfx_ext4_xattr_block_set+0x10/0x10 [ 819.802681][T21593] ? srso_alias_return_thunk+0x5/0xfbef5 [ 819.802726][T21593] ? xattr_find_entry+0x240/0x2e0 [ 819.802773][T21593] ? srso_alias_return_thunk+0x5/0xfbef5 [ 819.802815][T21593] ? ext4_xattr_block_find+0x59/0x430 [ 819.802860][T21593] ext4_expand_extra_isize_ea+0x17c6/0x1d70 [ 819.802924][T21593] ? __pfx_ext4_expand_extra_isize_ea+0x10/0x10 [ 819.802978][T21593] ? srso_alias_return_thunk+0x5/0xfbef5 [ 819.803022][T21593] ? dquot_initialize_needed+0x183/0x2a0 [ 819.803079][T21593] __ext4_expand_extra_isize+0x346/0x480 [ 819.803127][T21593] __ext4_mark_inode_dirty+0x67d/0x890 [ 819.803186][T21593] ? __pfx___ext4_mark_inode_dirty+0x10/0x10 [ 819.803243][T21593] ? __pfx___might_resched+0x10/0x10 [ 819.803301][T21593] ? srso_alias_return_thunk+0x5/0xfbef5 [ 819.803342][T21593] ? __ext4_journal_start_sb+0x1ce/0x670 [ 819.803394][T21593] ? srso_alias_return_thunk+0x5/0xfbef5 [ 819.803435][T21593] ? ext4_evict_inode+0x6c8/0x1a30 [ 819.803470][T21593] ext4_evict_inode+0x846/0x1a30 [ 819.803505][T21593] ? __pfx_ext4_evict_inode+0x10/0x10 [ 819.803536][T21593] ? evict+0x37e/0xad0 [ 819.803574][T21593] ? evict+0x37e/0xad0 [ 819.803612][T21593] ? srso_alias_return_thunk+0x5/0xfbef5 [ 819.803658][T21593] ? __pfx_ext4_evict_inode+0x10/0x10 [ 819.803691][T21593] evict+0x3c2/0xad0 [ 819.803733][T21593] ? __pfx_evict+0x10/0x10 [ 819.803772][T21593] ? srso_alias_return_thunk+0x5/0xfbef5 [ 819.803818][T21593] ? iput.part.0+0x5fd/0xf50 [ 819.803858][T21593] ? srso_alias_return_thunk+0x5/0xfbef5 [ 819.803905][T21593] iput.part.0+0x605/0xf50 [ 819.803946][T21593] ? __pfx_ext4_drop_inode+0x10/0x10 [ 819.804001][T21593] iput+0x35/0x40 [ 819.804040][T21593] ext4_orphan_cleanup+0x71e/0x11e0 [ 819.804081][T21593] ? __pfx_ext4_orphan_cleanup+0x10/0x10 [ 819.804117][T21593] ? srso_alias_return_thunk+0x5/0xfbef5 [ 819.804158][T21593] ? ext4_register_li_request+0xef/0xa00 [ 819.804200][T21593] ext4_fill_super+0x916c/0xb5d0 [ 819.804256][T21593] ? __pfx_ext4_fill_super+0x10/0x10 [ 819.804297][T21593] ? srso_alias_return_thunk+0x5/0xfbef5 [ 819.804342][T21593] ? srso_alias_return_thunk+0x5/0xfbef5 [ 819.804384][T21593] ? sb_set_blocksize+0x1fe/0x290 [ 819.804439][T21593] ? srso_alias_return_thunk+0x5/0xfbef5 [ 819.804480][T21593] ? setup_bdev_super+0x425/0x730 [ 819.804528][T21593] get_tree_bdev_flags+0x38c/0x620 [ 819.804577][T21593] ? __pfx_ext4_fill_super+0x10/0x10 [ 819.804615][T21593] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 819.804667][T21593] ? srso_alias_return_thunk+0x5/0xfbef5 [ 819.804711][T21593] ? srso_alias_return_thunk+0x5/0xfbef5 [ 819.804752][T21593] ? srso_alias_return_thunk+0x5/0xfbef5 [ 819.804793][T21593] ? security_capable+0x80/0x260 [ 819.804846][T21593] vfs_get_tree+0x92/0x320 [ 819.804888][T21593] ? srso_alias_return_thunk+0x5/0xfbef5 [ 819.804931][T21593] path_mount+0x7d0/0x23d0 [ 819.804974][T21593] ? __pfx_path_mount+0x10/0x10 [ 819.805012][T21593] ? lockdep_hardirqs_on+0x78/0x100 [ 819.805054][T21593] ? srso_alias_return_thunk+0x5/0xfbef5 [ 819.805098][T21593] ? srso_alias_return_thunk+0x5/0xfbef5 [ 819.805139][T21593] ? kmem_cache_free+0x127/0x6c0 [ 819.805186][T21593] ? __x64_sys_mount+0x293/0x310 [ 819.805224][T21593] __x64_sys_mount+0x293/0x310 [ 819.805265][T21593] ? __pfx___x64_sys_mount+0x10/0x10 [ 819.805312][T21593] ? srso_alias_return_thunk+0x5/0xfbef5 [ 819.805353][T21593] ? rcu_is_watching+0x12/0xc0 [ 819.805405][T21593] do_syscall_64+0x10b/0xf80 [ 819.805447][T21593] ? irqentry_exit+0x117/0x790 [ 819.805495][T21593] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 819.805532][T21593] RIP: 0033:0x7f47a939e04a [ 819.805558][T21593] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 819.805592][T21593] RSP: 002b:00007f47aa197e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 819.805624][T21593] RAX: ffffffffffffffda RBX: 00007f47aa197ee0 RCX: 00007f47a939e04a [ 819.805647][T21593] RDX: 00002000000001c0 RSI: 0000200000000b80 RDI: 00007f47aa197ea0 [ 819.805669][T21593] RBP: 00002000000001c0 R08: 00007f47aa197ee0 R09: 0000000000800744 [ 819.805692][T21593] R10: 0000000000800744 R11: 0000000000000246 R12: 0000200000000b80 [ 819.805714][T21593] R13: 00007f47aa197ea0 R14: 000000000000047a R15: 000000000000002c [ 819.805751][T21593] [ 820.534258][T21593] EXT4-fs error (device loop5): ext4_xattr_inode_iget:441: inode #11: comm syz.5.6090: iget: bad extra_isize 90 (inode size 256) [ 820.584226][T21593] loop5: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 820.584549][T21593] EXT4-fs (loop5): Remounting filesystem read-only [ 820.593783][ C0] EXT4-fs (loop5): error count since last fsck: 1 [ 820.593818][ C0] EXT4-fs (loop5): initial error at time 1777410071: ext4_xattr_inode_iget:441: inode 11 [ 820.593872][ C0] EXT4-fs (loop5): last error at time 1777410071: ext4_xattr_inode_iget:441: inode 11 [ 820.628800][T21593] EXT4-fs warning (device loop5): ext4_evict_inode:269: couldn't mark inode dirty (err -30) [ 820.641412][T21593] EXT4-fs (loop5): 1 orphan inode deleted [ 820.648110][T21593] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 820.667368][ T5608] udevd[5608]: incorrect cramfs checksum on /dev/loop7 [ 820.711595][ T5622] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 820.712822][ T5608] udevd[5608]: incorrect cramfs checksum on /dev/loop7