last executing test programs: 2m4.892457503s ago: executing program 4 (id=515): r0 = syz_io_uring_setup(0x1efb, &(0x7f0000000140)={0x0, 0x800729, 0x3010, 0x0, 0x1}, &(0x7f0000000100), &(0x7f0000000480), &(0x7f0000000000)) r1 = epoll_create(0xaf2) poll(&(0x7f0000000040)=[{r1, 0x88}], 0x1, 0xa5f) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0xe000200f}) 2m3.000519792s ago: executing program 4 (id=519): r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000040)=0x8, 0x4) sendmsg$TIPC_NL_BEARER_DISABLE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x4dd11876d04ce31a}, 0x20040800) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f0000000040)={0x1, &(0x7f0000000140)=[{0x6, 0x8, 0x1, 0xfffffffd}]}, 0x8) 2m2.052695922s ago: executing program 4 (id=523): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r0, 0x0) 2m1.132145833s ago: executing program 4 (id=525): syz_mount_image$nilfs2(&(0x7f0000000180), &(0x7f0000000840)='./file3\x00', 0x0, &(0x7f0000001040)=ANY=[], 0x1, 0xaf3, &(0x7f0000002400)="$eJzs3V2IXFcBAOBzd3c2u2lrJjWxaxrbpNW2/nTTbNb4EzQpCYKhKeJLofgS0rQGYwQrqKXQJE++2VJS8MkffOpLqSJYEAl98qVgA0XoUxX0oSFiwYcaTUayc87MnZOZnZnN7tz9+T44e+bcc+49587euXPn3nvuCcCGNbbwd35+pgjhwhsvH3n/gX9M35hysFWivvB3opSqhRCKmJ7IlvfeeDO+9sHzJ7rFRZhb+JvS4fErrXlvCyGcDbvCxVAPOy5ceumtuceOnTt6fvfbrx64vDJrDwAAG8s3Lh6Y3/7XP9+99epr9xwKm1rT0/F5PU2Yah73H4oH/un4fyx0potSKJvMyk3EMDbdWW68S7lyPbWs3ESP+iez+ms9ym0Ki9c/XprWbb1hLUvbcT0UY7MhhM2t9NjY7GzzN3lY+F0/WcyeOXX66Wcraiiw7P59bwhhVykcPt+ZXm3h4Cpow+ChVk43qm/P2gyHRlfX1UZT5es8otDYUvUeCKApv154k7P5mYVb01raxGD1X3l0rPv8sAxGvf0PVf9kxfUH9f/6nD0Oy2e9bk1pvdLn6PaYzq8j5PcvvfKHzvna8isdnVPz6xG1AdvZ6zrCWrm+0Kud4yNux1L1an++XaxXX4lxeh++2pF7b8fnJ/+frpX/MdDdh/n5f0EQVncIHenarSyrUfH+B1i98vvmGun6aJTf15fnb+qTP9Unf7pP/uY++bf1yYeN7Lc/+Gl4sWif78p/0w97PjydZ7sjxh8Zsj35+chh68/v+x3Wrdaf308Mq9nvjz9x8otPPXmpef9/0dr+r8ftPf3cqMfP1sVYIJ0vzM+rt+79r3fWM9aj3J1Ze+7oUn7h9bbOcsW29nJCaT9zUztmOufb0qvczs5y9azcdAxTWXvz45PN2Xzp+CPtV9P7NZGtby1bj8msHWm/sjXGeTtgKdL2mO7/b/cHaN7/n7bPmVArnj51+uQjMZ220z+N1zbdmL53xO0Glk+vz3/6/poJnf1/bm9Nr42V9wtb2tOL5n7h9bi8zulzrXpK00tfaul77tvj0wvlZ0987/RTK7DesJE9++PnvnP89OmT3/diyS++tjqaMcyL9LNltbRnBV+8EFd1tbRnmV7sWukqKtwpASOx54XmQcDDp757/JmTz5w8s2///n1zc/u/tG9+z8Jx/Z7y0X3Z2QpaCyyn9pd+1S0BAAAAAAAAAAAABvXDo0cuvfPmF95t9v9v9/9L/f/Tnb+p//9Psv7/eT/51A8+9QPc2iV/oUz2gNXJrFwtho9m7U2PAShit47t2Xwfi3FrHL/Y/z9Vlz/XNbXnrmx6rUcye5zATc9LmcyeQZKPF3hfjM/H+FcBKlRMd58c40Web118WNrW0/MpSl14G54PvHak/1v+/KLU/7vrc5269NdmbRlFj8Wq1xHo7p/r7fnfU4vl/6u94lW3U1gkTIy2vp9t3G2i0fMofdARbACWR9Xjf/49NOtN5z/P/PHrUzdCKnbl0c79Zf78UhjGX97pTK/28SdXuv583L5R11/1+o96/M/W+Hdx/5f2e733f9mIefWl1fufn19+t1Rt2DFo/fn6p+dAbxuu/qux/rQ2D4bB6m/8Mqs/vyA0oP9m9W8esP6b1n/n0ur/X6w/vW0P3T9o/c0WF2Od7ZjO1iNd/8vPGyfXsvVPz/ZcpP5vPtdt/Zc4UOP1WD9sZGtlnNlhZccRrYP2fuP/Dvv9f6vj/7Yam+3W8vswPh/TaUec7nPIxzsZtv3p/or0PbA9W37R5/vN+L9r25dj3O/zkMb/TdtjPX7ll9IL72VK17q8t+t1XwNr1Xvr7frfqgiXmz+Dljb/VPXtF5qh9I3Vu1xjfAnL3tR/uSMJjUZjZU9o9VFp5VT+/ld99bnq3yn3VVx/P/n4v/kxfD7+b56fj/+b5+fj/+b50/E/9H6P/Hz833x7zsf/zfPvypabjw880yf/413yi9DO39F9/tbP9rv7LH9nn/xP9Mnf3co/2FEi5d+z6Pztcr2Wf2ef/Pv75H8yhGuNRfI/1Wf+B/rkP1TKL48BnfI/nc1fZPnrXdr/9Hr/gPUr75/n8w8bR7r+0+vzv62dP1kuMtpWAivhldf2Hn7yN9+qN/v/T7bOh6TreIdiuhZ/G/0opvPr3qGUvpH3Zkz/Lcuv+nwT0JY/PyP//n+wTz6wdqX7vHy+YQMqprpPjnG/51b1Os5nbflMjD8b48/F+OEYz8Z4T4z3xnhuRO1jZRx+/XcHXizav/e3ZPmD3k+e9wfqeE5UCGHfgO3Jzw8Mez97/hy/Yd1q/UvsDgYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFCZsYW/8/MzRQgX3nj5yBPHTu25MeVgq0R94e9EKVVrzRfCIzEej/Ev4otrHzx/ohxfj3ER5kIRitb08PiVVk23hRDOhl3hYqiHHRcuvfTW3GPHzh09v/vtVw9cXrl3AAAAANa//wcAAP//yHMF9A==") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x1c1) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x80086601, 0x0) 1m59.180583318s ago: executing program 4 (id=530): r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000680)=ANY=[@ANYBLOB="12010000f2303920422c021240850102030109022400010000100009040c0202c17f0c00090502020002020000090582020002"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$uac3(r0, 0x0, 0x0) syz_usb_control_io$uac2(r0, 0x0, &(0x7f00000004c0)={0x44, &(0x7f0000000200)={0x0, 0x15, 0x1, ';'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 1m57.277868895s ago: executing program 4 (id=536): syz_mount_image$hfs(&(0x7f00000005c0), &(0x7f00000000c0)='./file1\x00', 0x10012, &(0x7f00000004c0)=ANY=[@ANYBLOB='codepage=cp775,umask=00000000007777,iocharset=koi8-ru,\x00'/64, @ANYBLOB="7b467be6d2ffd5dbc39d475a3efbcc5666f07a12652e81e75be5e881b521fcda9e61566e2b548201f553091a16ad9bb6888f170e5d63f7a84c585f22f2397bf6c9fe0ad346d27e428fa6322e2a05eddacbf8af7162ea449789312db392743800000004002300"/111, @ANYRES8], 0x4, 0x339, &(0x7f0000000140)="$eJzs3U9P1EwcB/DvtLtL94EHK2BIPBmUxBMBPGi8QAzxNXgwRIQlIayYKCZKTETPxngzMfHIzbPRt6AX4xvQEwfjSS/EgzUzne5Ol5m2C7iF7PeTuHbb+fObttPO7GYpiKhvXVv4unNpV/4TVQA+gKuAByAAKgDOYDx4sLGZW5DfWhKIc4p9aZY3GrasAXQOLZTvKhgy19G/EUVR9C031c+exELlEWYPNnjAgO6danvQ88gObc62cjtuV38xjrDYwx4eYrjMcIiIqHz6/u/pu8SQHr97HjCpx+En9f6fSI1v9sqL41ho3f+9+H0k5P45pTbJ+d7aZrOxEk/h5NH3klmirSzrORG1d3cN8ZnlDxpDLqMWOxWLV19dazamtlUBzzCnGcnG1OsKkoYormhrwAyACcvcNENW27MNqjZUZRtmHfGPZtVonQB/+I5X9uoWPxWISXwUn8WiCPEaK63xXyUScueoIxV2dJU4/ml3iaqVYZwq1cp2+KdVJWd1DXj/tt3Kumu/BvBlLDayFNE5fg+TOF/W3LkwgvTHCnHrZtytU7lGgYpQswYz12wr0W9rrrHOuuqr1WZjavlu03XSHy3rjE68EDfEBH7gHRaM8b8nU0/C3TNTvVyolPrMyGxPRaV0HMcU1YHvdNUzSbmeuvgV8xy3cQXD9x9trS81m4175S8kXeWA2c8dcTzxiahPR7lG/m+kQSAXqgCc5VTdm6wLf6Iosm6qoBeHoKqaevlNu8lb60tCX/MOV4W8cnZsmncnBjAPQK9JrggHqf1JK9dAu8BC2X/Jo63W2E/IJKoedJCkqtQmHwOFekp935qdnFyP/z/YVYhOoPbRx/jNsoOhMsixg4jnf8Z8ZVpddeRLmDH/ifIKN0qcccyARtTrf8VmcK1inePEwWQhZ851/iJwoaNGD0mNTzuLDXWcOI7fSnb/VYZYwBfc4uf/REREREREREREREREREREREREREQnTbe/Rtj/c4L8hXSNu334hzeIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiA7HeP4v4KsnxtRsz//NelKT4sdPiAmO4vm/foHn/4rtLlpJRDZ/AwAA//9eD1xQ") unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1f1) renameat2(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) 1m54.119438594s ago: executing program 32 (id=536): syz_mount_image$hfs(&(0x7f00000005c0), &(0x7f00000000c0)='./file1\x00', 0x10012, &(0x7f00000004c0)=ANY=[@ANYBLOB='codepage=cp775,umask=00000000007777,iocharset=koi8-ru,\x00'/64, @ANYBLOB="7b467be6d2ffd5dbc39d475a3efbcc5666f07a12652e81e75be5e881b521fcda9e61566e2b548201f553091a16ad9bb6888f170e5d63f7a84c585f22f2397bf6c9fe0ad346d27e428fa6322e2a05eddacbf8af7162ea449789312db392743800000004002300"/111, @ANYRES8], 0x4, 0x339, &(0x7f0000000140)="$eJzs3U9P1EwcB/DvtLtL94EHK2BIPBmUxBMBPGi8QAzxNXgwRIQlIayYKCZKTETPxngzMfHIzbPRt6AX4xvQEwfjSS/EgzUzne5Ol5m2C7iF7PeTuHbb+fObttPO7GYpiKhvXVv4unNpV/4TVQA+gKuAByAAKgDOYDx4sLGZW5DfWhKIc4p9aZY3GrasAXQOLZTvKhgy19G/EUVR9C031c+exELlEWYPNnjAgO6danvQ88gObc62cjtuV38xjrDYwx4eYrjMcIiIqHz6/u/pu8SQHr97HjCpx+En9f6fSI1v9sqL41ho3f+9+H0k5P45pTbJ+d7aZrOxEk/h5NH3klmirSzrORG1d3cN8ZnlDxpDLqMWOxWLV19dazamtlUBzzCnGcnG1OsKkoYormhrwAyACcvcNENW27MNqjZUZRtmHfGPZtVonQB/+I5X9uoWPxWISXwUn8WiCPEaK63xXyUScueoIxV2dJU4/ml3iaqVYZwq1cp2+KdVJWd1DXj/tt3Kumu/BvBlLDayFNE5fg+TOF/W3LkwgvTHCnHrZtytU7lGgYpQswYz12wr0W9rrrHOuuqr1WZjavlu03XSHy3rjE68EDfEBH7gHRaM8b8nU0/C3TNTvVyolPrMyGxPRaV0HMcU1YHvdNUzSbmeuvgV8xy3cQXD9x9trS81m4175S8kXeWA2c8dcTzxiahPR7lG/m+kQSAXqgCc5VTdm6wLf6Iosm6qoBeHoKqaevlNu8lb60tCX/MOV4W8cnZsmncnBjAPQK9JrggHqf1JK9dAu8BC2X/Jo63W2E/IJKoedJCkqtQmHwOFekp935qdnFyP/z/YVYhOoPbRx/jNsoOhMsixg4jnf8Z8ZVpddeRLmDH/ifIKN0qcccyARtTrf8VmcK1inePEwWQhZ851/iJwoaNGD0mNTzuLDXWcOI7fSnb/VYZYwBfc4uf/REREREREREREREREREREREREREQnTbe/Rtj/c4L8hXSNu334hzeIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiA7HeP4v4KsnxtRsz//NelKT4sdPiAmO4vm/foHn/4rtLlpJRDZ/AwAA//9eD1xQ") unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1f1) renameat2(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) 1m41.549819814s ago: executing program 3 (id=577): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000440)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="22003300d0000800ffffffffffff0802110008000000ffffffff004004"], 0x40}, 0x1, 0x0, 0x0, 0xc0}, 0x0) 1m39.68433064s ago: executing program 3 (id=581): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) r1 = epoll_create(0xea3) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000380)={0xb0000001}) connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e21, @empty}, 0x10) 1m38.288762767s ago: executing program 3 (id=584): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000000)='.\x00', 0x8500017e) removexattr(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000500)=@known='system.posix_acl_default\x00') 1m37.099584714s ago: executing program 3 (id=588): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000680)='./file0\x00', 0x10e, &(0x7f0000000280)={[{@errors_remount}, {@nodelalloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}, {@jqfmt_vfsv0}, {@quota}]}, 0x3, 0x45f, &(0x7f0000000ec0)="$eJzs3MtvG8UfAPDvrpO26eOX/Ep59AEECiLikTRpgR44AAKJA0hIXMoxJGlV6jaoCRKtKggIlSOqxB1xROIv4AQXBJyQuMIdVapQLxRORmvv1o/abpI6cag/H2mTmd1xZr6eHXt2p9sABtZ49iOJ2B0Rv0XEaC3bXGC89uvG9Utzf1+/NJdEpfLWn0m13F/XL80VRYvX7cozE2lE+mkSB9vUu3Th4pnZcnnhfJ6fWj773tTShYvPnD47e2rh1MK5mePHjx2dfv65mWd7Euf/s7Ye+HDx0P7X3r7yxtyJK+/89E1SxN8Sxx0bqf4c71bk8UqlZ9VtBXsa0slQHxvCmpQiIuuu4er4H41S1DtvNF79pK+NAzZUJdfh8EoFuIsl0e8WAP1RfNFn17/Ftnmzj/679lLtAiiL+0a+1Y4MRRq1C6PhluvbXhqPiBMr/3yZbdHr+xAAAG18l81/nm43/0vjvoZy/8vXhsbytZS9EXFPROyLiHsjqmXvj4gH1lh/6yLJrfOf9Oq6AlulbP73Qr621Tz/S4siY6U8t6eaGU5Oni4vHMnfk4kY3p7lp7vU8f0rv37e6Vjj/C/bsvqLuWDejqtD25tfMz+7PHsnMTe69nHEgaF28Sc3VwKSiNgfEQfWWcfpJ78+1OlYa/yVpNtferE524N1pspXEU/U+n8lWuIvJN3XJ6d2RHnhyFRxVtzq518uv9mp/tv3/8bK+n9n2/P/ZvxjSeN67dLa67j8+2cdr2km13X+13dsy39/MLu8fH46Ylvyeq3Rjftn6q8t8kX5LP6Jw+3H/96ovxMHIyI7iR+MiIci4uG87x6JiEcj4nCnAFcifnz5sXc7Hd4K/T/f0v9jzUVa+r+e2Bate9onSmd++Lb5L9aTq/v8O1ZNTeR7VvP5t5p2re9sBgAAgP+eNCJ2R5JO3kyn6eRk7d/w74udaXlxafmpk4vvn5uvPSMwFsNpcaerdj+4dj90Or+sL/IzLfmj+X3jL0oj1fzk3GJ5vt/Bw4Db1WH8Z/4o9bt1wIbzvBYMLuMfBpfxD4PL+IfB1Wb8j/SjHcDma/f9/1E9WRndzMYAm6pl/Fv2gwHi+h8Gl/EPg6tx/Hd9/h64myyNxO0fkpfYyokdRVdubu2RboHYe5VINngU7O53gI2J4v/+7F64zx9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPfJvAAAA//+Zfec0") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x1c1) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x80086601, 0x0) 1m35.250784899s ago: executing program 3 (id=591): r0 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x7fb, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x6, 0x1, 0x1, 0x0, 0x3}) ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000040)=0x1) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000140)={0x4, 0x1, 0x4, 0x0, 0x9}) 1m33.345145444s ago: executing program 3 (id=597): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x88, r1, 0x1, 0x270b565, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x65, 0x33, @probe_response={{{0x0, 0x0, 0x5, 0x0, 0x0, 0x1}, {0x8}, @device_b, @device_a, @initial, {0x4, 0x3}}, 0x5, @default, 0x2, @val={0x0, 0x6, @default_ibss_ssid}, @val, @val={0x3, 0x1, 0xab}, @val={0x4, 0x6, {0xc, 0xdb, 0x7, 0x7}}, @val={0x6, 0x2, 0x7}, @val={0x2d, 0x1a, {0x2, 0x3, 0x3, 0x0, {0x2, 0x40, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1, 0x1}, 0x1, 0x7, 0x9}}, @val={0x72, 0x6}, @void}}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}]}, 0x88}}, 0x0) 1m30.897988103s ago: executing program 33 (id=597): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x88, r1, 0x1, 0x270b565, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x65, 0x33, @probe_response={{{0x0, 0x0, 0x5, 0x0, 0x0, 0x1}, {0x8}, @device_b, @device_a, @initial, {0x4, 0x3}}, 0x5, @default, 0x2, @val={0x0, 0x6, @default_ibss_ssid}, @val, @val={0x3, 0x1, 0xab}, @val={0x4, 0x6, {0xc, 0xdb, 0x7, 0x7}}, @val={0x6, 0x2, 0x7}, @val={0x2d, 0x1a, {0x2, 0x3, 0x3, 0x0, {0x2, 0x40, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1, 0x1}, 0x1, 0x7, 0x9}}, @val={0x72, 0x6}, @void}}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}]}, 0x88}}, 0x0) 11.855691587s ago: executing program 6 (id=824): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmmsg$unix(r2, &(0x7f0000009040)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[@rights={{0x10, 0x1, 0x1, [r0]}}], 0x10, 0x4000800}}], 0x1, 0x4) 10.029206317s ago: executing program 6 (id=828): syz_mount_image$nilfs2(&(0x7f0000000140), &(0x7f0000000f00)='./file1\x00', 0x208800, &(0x7f0000003100)=ANY=[], 0x2, 0xf04, &(0x7f0000000f40)="$eJzs3U9sHNUZAPA3a6/txCZeAwUDJaTQikDBDkmkprcgUI+IS++gkNAIQ1FDD0T8MT0gKiGKhDhVHKi4UCqlSK0EqlShntqeWvXWE+qFSlUqBfXQRkpc2X5vvX72sOuxPbv2/n7St2/fvNn5vslazsx49m0AhlZj5fHkydkihHc/fefRl58qfru87K72GkdWHovYa4UQmh39Itve53HBtSsvndmsLcLxlcfUD49dbr92MoSwGI6Ez0IrfDS/8OWH7z1y9OPXJ2556+Izr+zS7rfl+wEAAPvRpT8v/P2+f/7pgZmrlw6fDuPt5en4vBX7k/G4/1g8UE7Hy42wvl90RKexbL2RGI1svZFsvdEsz2hJvma2nWbJemNd8o10LNtsPwEAAGAvSue1rVA05tb1G425udXz/mWfT48Vc8+dXzh3oU+FAgAAAJX959WVm26FEEIIIUSt0RyAGoQQQgxTLE33+woEAAAAMGzy+cI2WNzZmbraW2v1lv/yw43NXw87oO6ff/n3Vv4PXvMbBwCA6vbr0WTar3QcneYxyOcRHMlet9Xj/0a2ndEt1lk2r+C65cXgvk1l9ef/roOqrP6tvo/9UlZ/Ph/moCqrP5+nc1CV1T9ecx1VldU/UXMdVZXVf6DmOqoqq/9gzXVUVVb/ZM11VFVW/1TNdVRVVv8NNddRVVn9h2quo6qy+vfKbbVl9bdqrqOqsvpnaq6jqrL6b6y5jqrK6r+p5jqqKqv/5prr6Jc7Y5v+HQ5n453nz/k53V45xwMAAIBh9z/z/wkhhBAbYuU+iAGoQ4j9HcUA1CC+Ktp/7xuAWoQQ249X+3r1AQAAABgE6XMB6QPoS1EaH+kyPho/S7QyPrG2Qhpvdnn9WJfx8S7jAAAAQAi/e+PcbW8Xa5/z3+58eB3zRl0PFeYxyie622r+7c57tt38e2XeMgAAAIZL8b3Prt//6PsvzFy9dPh0x9nv9Xi+m+YBHY3XBj6J/XRfwFTWL9I59On1eRol6+XXB24o297j29xRAAAAGGLp/L0VisZcx3l3KzQac3Nr5+OzoVmcO79w9ljsp+9n+eN0c3x5+UM11w0AAAD0bu18f/Pz//Q9vrNhrJh77vzCuQur/an28maj87rA9NryovO6QCtbfrxk+YnYT9/f+YPpAyvL5878cOGpnd55AAAAGBIXXrz4zJMLC2d/5IknnnjSftLv30wAAMBO++KLd5o/PjH1+9XP/6/Nf5c+/38k9ltxbr+/xBXSfQLpcwAbPq//xPo802XrPb9+vVa23kiM8azuiY7tLDuQvW6mLF9r/XbGSvJNZvmmsnz5PAWj2fop36FseT4/YVpvOluez8M4muUosvx3BwAAACg3/8Kzz89fePHig+efffLps0+ffe7E8VPfPXXq2EPfeWh+5b7++c67+wEAAIC9aO2m335XAgAAAAAAAAAAAAAAAAAAAMOrjq8T6/c+AgAAwLD796shhEUhhKgcS+P9r0EIIYQQQog9Eyvf7V5/3ka/rz8AAAAAw+falZfOhDARQlhuN7FY7Gi+9tZaq831K6t5Uzv14N9mliOtdvnhkXWvP7ij1TDsrsWfu9RusMM///LvrfwfvLaz+SfSk55//2WXjE9Xy3vv/C9nO/PfPtpj/nz/H6+W/2iW/97QW/6l97P8T1TLf1+W/2CP+Tfs//PV8t8f88/G/tF7es2//v0fj23ajwM95v92tv9PhV7zZ/vf6jFh5oGYHwCG0X69ASAdJaTj6MnYT/sbDzfDSPa6rR7/N7LtjG678vXbTcdBt8Z+Ol6ayvImW61/MtveDRXrzOV1Daqy+nfqfdxtZfU3a66jqrL6x2quo6qy+sdrrqOqsvonaq6jqrL6ez0P7bey+vfKdeWy+idrrqOqsvqnaq6jqrL6t/r/eL+U1X+o5jqqKqt/uuY6qiqrv+JltdqV1T9Tcx1VldV/Y811VFVW/00111FVWf0311xHv9wR27Lz4XT+OR3HUr+V9cc3+bfcr9cWAAAAYK/519DO/xevdPS9DiGEEELs1ZgY9GOJZFe2P7rL2xd1x3+XVvW7DiHE7sXSUt1XHBgku/tpZgAGld//w837P9y8/8PN+89XSffwF1k/GekyPtplvNllfCwbz39ex7uM35Rtdyld14xu7jL+tS7jh7qM39plfLbL+G1dxm/vMn5Hl3EAAACGwy2xdX4IAAAA+9fLv/rkzd/c+8SVmauXDp8OYxvmnT8W++Pxb+tvxH4+733SjH/z/0ns/yK2f4jtP7L13X8CAAAAuy99T4y//wMAAMD+lb6n1Pk/AAAA7F8zsXX+DwAAAPvXjbF1/g8AAAD7WDGx+eLYpusCd8e213n9AIDB9/XY3hnbw7G9K7bfiG06Drgntt+sqT4AYOf8/Ps/PfV2sTbf/4ls/FpcntoNFlevFBSN9TP5H4jtwdh+q8d68u8D6DV/cqjHPLuVf3qb+QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/aOx8njy5GwRwrufvvPoz8be/OvysrvaaxxZeSxirxVCaLZfl0bX+r+OK1678tKZzvZ6bItwPBShaC8Pj11uZ5oMISyGI+Gz0AofzS98+eF7jxz9+PWJW966+Mwru/hPsG7/AAAAYD/6fwAAAP//ScMebw==") syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x184a438, &(0x7f0000000280)=ANY=[], 0xa, 0x0, &(0x7f0000000180)) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) sendfile(r0, r0, 0x0, 0xe3aa6ea) 9.341941828s ago: executing program 5 (id=830): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@ipv4_deladdr={0x34, 0x15, 0x1, 0xfffffffd, 0x2, {0x2, 0x18, 0x54, 0xff, r1}, [@IFA_LABEL={0x14, 0x3, 'veth0\x00'}, @IFA_ADDRESS={0x8, 0x1, @empty}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000084}, 0x0) 9.279161456s ago: executing program 1 (id=831): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000840)=ANY=[@ANYBLOB="1c0000000203030000000000000000000000ffff0800010001"], 0x1c}}, 0x0) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000020303000000610000000000020000100800010001"], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) close(r0) 8.550127534s ago: executing program 0 (id=833): sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000043c0)=[{{0x0, 0x0, &(0x7f0000003d00)=[{&(0x7f0000000580)="d037f0fdeedf4142954d9432a41031f33090e0b81c8f8b7de72313c03bd2a59630da4cd3d6fa21c6f0547f300811d00e2014def35980a9f5288f922f0a107a56e36400945fad8ed10ae799a09c5dc8dcc8569beca37ccf6c6bddf3454a7cc40098b347cd234673f83fc4079f79f7c7a7592b187c7f6fb5c35602d1af974f", 0x7e}, {&(0x7f0000000840)="cbbe361c26c50664444698605a2ec47a63db0d45584fd5b26edb080cef3c1307be4ea90f465d95ef4fc24f265939bfbd834dbdacfffb4c5f2dda887c32a11cb957b45065bb6f3066740e346150a25c1585f063f74cbee2bec82104fa5aa5ff455a505d8a1be5e6d084c2042bab66084c670993e01749f4", 0x77}, {&(0x7f0000001a40)="afbb1d59a071f24870c276e0f06e744c325c362cc5c30055c6caea0293e8686348ca64ff7355201209aebcdba04627304b636829c0fd7f3e0ea671b6bcba1019d19f41705d7d1add758c4d03207e3f1b578cb2685a080596a2cfe2363ab456c865ab91142770e113b16141eb0a4f39c0f54a84b9e09f2cf7d52ab8960c4d0d2b3a4da3af67b7c68ae6c90eb3505a59c00e9236ba9f4d7de4d22bfc3a24cf527243d685b7815686708c158f3fd3a14d1d4aa13cd046abce809d40d63d4d0bde4dcc0d7c4d80f955f354ddda481f3627fb4f6c87204dc269845f85cf4e23bff5b72a8ae0358c1f956bb9dab1bf771e75b0d605413ea0e2b8193a537181d27300917096885a4d96e3cd9478ca90c25f4b7970ef7f24f81969baefc9ed8f5c70dd290f885e08db5d13f41b72400b072deed4a8d5c2bd6dd69201ebb914042c3f1616f16d05aa55b501fd0f61785aeaccd2ae04d65eca6be33a94a4b63aa01e5c93f9c6bcaed14511d0bde882fc8378d678829a9566eaa31c1d999d71ecce285c87ab07d155a7fe7bf028935cefa9a3c81b5f403aae264f33511927863c7be9d41243e4669d5e2e399c060d3205e6c59880adb1446e01424fcf840b93bd98e1a4ea560f06624a2b2e49c03db7099f9fe798aba0b39d8e824ee95f66faea51845334c3d8a7d400eb0bf886ab248c34936a585512584e5a98672ddbc409b0632e5226829f121848fcee8bc75f97e860d095c226eaaa5545dd9a5490cd90c52abe9de7c8ac120c397cac6ace755ffa53046ba53f79b1e5738dccc00a40da55ffd42932e92f4ed50817be341c1cd19fe489ee4341c1577551115f49e2145856b360ef458269222fff3c5e2baa561a972a0e92a8c555fce9739446669788d2858f6ce039c14dff95da40c42e2648594c8d15508cd20e70fa15a57eb9ffce0413ab63b4e1ecff82ab0ba46910c6a6758a5cf929ef69cf96cef76634cf3fd5ef68409b1b60e65943589672246280e54c7fc7e81a64e0a193c042ea58251febf64d15edac13d2f94462054548d8d02875ad3aabdd1343550f62744d69f0cab1a75fb004e5dc9c2b97", 0x302}, {&(0x7f0000002a40)='C', 0x1}], 0x4}}], 0x1, 0x24000801) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0xb}, 0xe) sendmmsg$sock(r0, &(0x7f0000004100)=[{{0x0, 0x0, 0x0}}], 0xffffff80, 0x0) 8.330242378s ago: executing program 5 (id=834): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @loopback={0x10000000000000}, 0x200}, 0x1c) listen(r0, 0xfffffffe) accept4$inet6(r0, &(0x7f0000000000), 0x0, 0x800) 8.009089507s ago: executing program 1 (id=835): r0 = add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000140)='_', 0x1, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000006400), &(0x7f0000006c00)={'syz', 0x1}, &(0x7f00000009c0)="3e12d23d346cfdeb1716f738374bc1c03bee4423fa20837e6e86b86592e9be8351aabbd6e24f37d5095f839fa4a3507df4f7526f2440e7988da94ccd868dd8741d1e43eba0b67b516be14a8b51a75bfd611b2d7ae6a21d056c2c5116a416a76b1a03dc55ea62d43c809e0ed6e56163fdab317afd5c34d614367e4425bb9a97e38b8beb84ef6d549eed5aaa86dbe646fc95b4b88e17fb55ae6f", 0x99, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000100)={r0, r1, r2}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'sha256\x00'}}) 7.751358746s ago: executing program 6 (id=837): r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000900)=ANY=[@ANYBLOB="1201000000000040341d0a0000000000000109022400010000000009040000010300000009210000000122030009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000000c0)={0x2c, &(0x7f0000000040)={0x40, 0x22, 0x8, {0x8, 0x5, "5f4c1b85bc06"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f00000001c0)={0x20, 0xf, 0x53, {0x53, 0x23, "bca92a173c2298b03d2bfe4dee55e9998a47e8134145b29d7f5cdbc2f69ad1161609dc655798bb73cd82fa239929a3abc6338135c9096cce95b40999ee5eada06c640e137bba8d0e88e2179072c6fba622"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) 5.927742845s ago: executing program 2 (id=838): capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffffb}) r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) setns(r1, 0x2000000) 5.687795683s ago: executing program 5 (id=839): sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="5c000000020605000000000000000000000000000c00078005001500267d00000500010007000000050005000a000000050004"], 0x5c}}, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000380), r0) sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000580)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000040200f2c8dc1b000000180001801400020073797a5f74756e0003000000000000000c000280"], 0x38}, 0x1, 0x0, 0x0, 0x20000844}, 0x0) 5.368932223s ago: executing program 0 (id=840): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a74000000060a0b04000000000000000002000000480004802800018011000100666c6f775f6f66666c6f616400000000100002800900010073797a30000000001c0001800a00010072656469720000000c000280"], 0x9c}, 0x1, 0x0, 0x0, 0x2000094}, 0x4084) r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10) sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="2c0000001a00d3b2f23ff762be7100000a000000000000000000000006001d000000000008001e"], 0x2c}}, 0x0) 4.696358163s ago: executing program 1 (id=841): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000003200)=@newsa={0x138, 0x10, 0x1, 0xfffffffe, 0x100, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x714, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', {0x0, 0x192, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc}, 0x70bd2a, 0x3504, 0x2, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000003c0)=@newsa={0x148, 0x1a, 0x1, 0xfffffffe, 0x100, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x717, 0x4e23, 0x5, 0xa, 0x0, 0x20, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in=@remote, {0xfe, 0x1000000000000192, 0x9ba3, 0xffff, 0x8251c, 0x5, 0xffffffbffffffffc, 0x4}, {0x10000000000009, 0x0, 0x1f, 0xfffffffffffffffe}, {0xfffffffe, 0x3fc}, 0x7e, 0x3505, 0x2, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @XFRMA_IF_ID={0x8, 0x1f, 0x2}, @XFRMA_SET_MARK={0x8, 0x1d, 0xfffffc00}]}, 0x148}}, 0x844) 4.647982347s ago: executing program 2 (id=842): openat$incfs(0xffffffffffffffff, &(0x7f00000001c0)='.pending_reads\x00', 0x0, 0x130) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x82, 0x0, &(0x7f00000001c0)) 4.270285003s ago: executing program 5 (id=843): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x380000c, &(0x7f0000000340)={[{@nojournal_checksum}, {@max_batch_time={'max_batch_time', 0x3d, 0x1}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@errors_remount}, {@debug}, {@lazytime}]}, 0x1, 0x437, &(0x7f0000001840)="$eJzs289PHFUcAPDv7EKR/hBs6o/Sqmg1En9AobX24EWjiQdNTPRQjwi0wW6LKZjYhigaU4+miXfj0cS/wJNejHoy8ap306QxXFo9rZndGdhddrdAF7a6n08y8N7MW9777szbfW8eE0DPGk1/JBH7I+L3iBiqZusLjFZ/3Vpdnvl7dXkmiXL5rb+SSrmbq8szedH8dfvyTF9E4bMkjjSpd/HylfPTpdLcpSw/sXTh/YnFy1eem78wfW7u3NzFqdOnT56YfOHU1PMdiTON6+bIRwtHD7/2zrU3Zs5ce/fnb5M8/oY4OmS03cEny+UOV9ddB2rSSV8XG8KWFKvdNPor/X8oirF+8obi1U+72jhgR5XL5fIDrQ+vlIH/sSS63QKgO/Iv+nT+m2+7NPS4K9x4qToBSuO+lW3VI31RyMr0N8xvO2k0Is6s/PNVusXO3IcAAKjzfTr+ebbZ+K8QtfeF7s3WUIYj4r6IOBgRpyLiUETcH1Ep+2BEPNSskqR1/Y2LJBvHP4Xr2w5uE9Lx34vZ2lb9+C8f/cVwMcsdqMTfn5ydL80dz96TsegfSPOTber44ZXfvmh1rHb8l25p/flYMGvH9b6B+tfMTi9N30nMtW58EjHS1yz+ZG0lID19hyNiZJt1zD/9zdFWx24ffxsdWGcqfx3xVPX8r0RD/Lmk/frkxD1Rmjs+kV8VG/3y69U3W9V/R/F3QHr+9za9/tfiH05q12sXt17H1T8+bzmn2e71vyd5u27fh9NLS5cmI/Ykr1cbXbt/qqHc1Hr5NP6xY837/8FYfyeORER6ET8cEY9ExKNZ2x+LiMcj4lib+H96+Yn3thf/QJu/2hlp/LNbOv/riT3RuKd5onj+x+/qKh3ebPyRnf+TldRYtmczn3+badf2rmYAAAD47ylExP5ICuNr6UJhfLz6P/yHYm+htLC49MzZhQ8uzlafERiO/kJ+p2uo5n7oZDatz/NTDfkT2X3jL4uDlfz4zEJpttvBQ4/b16L/p/4sdrt1wI7zvBb0Lv0fepf+D71L/4fe1aT/D3ajHcDua/b9/3EX2gHsvob+b9kPeoj5P/Qu/R96l/4PPWlxMG7/kLyExIZEFO6KZkjsUKLbn0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACd8W8AAAD//zpS5t0=") lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f0000000000), &(0x7f00000001c0)=ANY=[], 0xfe37, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000080)={0x2000, 0x8000}) 4.219683797s ago: executing program 0 (id=844): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x46c, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000002280)={'vlan0\x00', 0x0}) sendto$packet(r0, &(0x7f00000002c0)="3303120081fd120000007ef52f555f2a0c09000000fd88a800f788a83baa", 0x1e, 0x40008c1, &(0x7f00000000c0)={0x11, 0x0, r1, 0x1, 0xcf}, 0x14) 3.431740761s ago: executing program 2 (id=845): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newlink={0x68, 0x10, 0xffffffffffffffff, 0x70bd26, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x0, 0x31863}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x38, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LINK={0x8, 0x1, r1}, @IFLA_IPTUN_REMOTE={0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @IFLA_IPTUN_COLLECT_METADATA={0x4}, @IFLA_IPTUN_LOCAL={0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x30}}]}}}]}, 0x68}, 0x1, 0x0, 0x0, 0x14008005}, 0x20008090) 3.324252723s ago: executing program 1 (id=846): r0 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f00000001c0)={{0xa, 0x4e23, 0x0, @loopback}, {0xa, 0x4e26, 0x0, @mcast1}, 0x0, {[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}}, 0x5c) setsockopt$MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000000)={{0xa, 0x0, 0x0, @private2}, {0xa, 0x0, 0x0, @empty}}, 0x5c) setsockopt$MRT6_FLUSH(r0, 0x29, 0xd4, &(0x7f00000000c0)=0x7, 0x4) 2.990228707s ago: executing program 0 (id=847): r0 = socket(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'veth0_virt_wifi\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newqdisc={0x94, 0x24, 0x70b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x64, 0x2, {{0xfffffffd, 0xffc00, 0x3, 0x1, 0x1, 0x9}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x0, 0x10000, 0xa895, 0x7, 0xf, 0x20f8019b}}, @TCA_NETEM_LOSS={0x1c, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18, 0x1, {0x8, 0x9, 0x6, 0x3, 0x2}}]}]}}}]}, 0x94}}, 0x10) 2.960336705s ago: executing program 6 (id=848): r0 = socket(0xa, 0x3, 0xff) setsockopt$inet6_int(r0, 0x29, 0x5, &(0x7f0000000040)=0xfffffff9, 0x4) syz_emit_ethernet(0x4e, &(0x7f00000000c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa3986dd6c370c8900182b01fe800000000000000000000000000025fe8000000000000000000000000000aaff"], 0x0) recvmmsg(r0, &(0x7f0000000100)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=""/1, 0x1}, 0x1}], 0x1, 0x62, 0x0) 2.298396129s ago: executing program 2 (id=849): r0 = socket$kcm(0x2b, 0x1, 0x0) sendmsg$inet(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x200048cc) setsockopt$sock_attach_bpf(r0, 0x1, 0xd, &(0x7f0000000080), 0x24) close(r0) 2.18882243s ago: executing program 5 (id=850): unshare(0x28000600) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0) r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt(r0, 0x65, 0x1, &(0x7f0000000100)="cd1c", 0x2) 2.104123915s ago: executing program 1 (id=851): capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_VM_DISABLE_NX_HUGE_PAGES(r1, 0x4068aea3, &(0x7f0000000280)) 1.792869788s ago: executing program 0 (id=852): r0 = socket$packet(0x11, 0xa, 0x300) fcntl$setstatus(r0, 0x4, 0x2800) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000740)=ANY=[], 0x50}, 0x1, 0x0, 0x0, 0x48890}, 0x0) 1.249084779s ago: executing program 2 (id=853): r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$UHID_CREATE(r0, &(0x7f0000000240)={0x0, {'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000040)=""/2, 0x2}}, 0x11c) readv(r0, &(0x7f0000000140)=[{&(0x7f0000000080)=""/155, 0x9b}, {0x0, 0x4}], 0x2) write$UHID_DESTROY(r0, &(0x7f0000000200), 0x4) 1.22180193s ago: executing program 6 (id=854): link(0x0, &(0x7f0000000400)='./file0/../file0/file0\x00') r0 = socket$vsock_stream(0x28, 0x1, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f0000000400)=0x1615, 0x4) 701.761654ms ago: executing program 1 (id=855): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'rmd160\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000008dc0)={0x0, 0x0, &(0x7f0000008cc0)=[{&(0x7f0000008a40)="7c72bf03f7d9c0fd0826786ffcfb99e55c1272594d5be5c7f1de9562bbf652", 0x1f}, {&(0x7f0000008c80)="9d", 0x7fffefe1}], 0x2}, 0xfffffff0) 623.529385ms ago: executing program 0 (id=856): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x8000, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0xc}]}, 0x24}}, 0x0) 609.260322ms ago: executing program 5 (id=857): unshare(0x22020600) r0 = io_uring_setup(0xdd4, &(0x7f0000000180)={0x0, 0xeb7f, 0x40, 0x2, 0x26c}) r1 = eventfd2(0x7, 0x0) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r0, 0x7, &(0x7f00000000c0)=r1, 0x1) 569.081056ms ago: executing program 6 (id=858): r0 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xfffffffd, {0x0, 0x0, 0x0, r1, {0x0, 0xfff3}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x4c840) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@newtfilter={0x478, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, {0xb, 0xfff3}, {0x0, 0xfff3}, {0xd, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x448, 0x2, [@TCA_BASIC_POLICE={0x444, 0x4, [@TCA_POLICE_RATE={0x404, 0x2, [0xbf1, 0x0, 0x80000000, 0x9, 0x234, 0x10000, 0x9, 0x810, 0x5, 0x8, 0x8, 0x3, 0x7fff, 0x2, 0x6, 0x3, 0xc59, 0x401, 0x7, 0x100, 0x7b5, 0x9, 0x8, 0x1, 0x0, 0x8, 0xd90, 0x80, 0x6, 0x5, 0x1, 0x8, 0x2, 0x5, 0xfffffff7, 0xef, 0x9, 0x0, 0x7, 0x3, 0x7, 0x4, 0x1, 0xfffffffc, 0x6, 0x23, 0x0, 0xe, 0x1, 0xf7, 0x9, 0x7, 0x5, 0x1, 0x6, 0x5, 0x5, 0xd7e8, 0x10000, 0x4, 0xf8c, 0x7, 0x4, 0x490, 0x7, 0x56, 0xb, 0x5c, 0xa0, 0xf5, 0xf, 0x7fff, 0x0, 0x1ff, 0x14f0, 0xff, 0x0, 0x2, 0x7f, 0x1, 0x4, 0x1, 0x8, 0x6, 0x7, 0x9, 0x0, 0x7, 0x7, 0x2, 0x8, 0x2, 0x8, 0x4, 0x2d7, 0x3, 0x9, 0x7fff, 0x10001, 0x3, 0xff, 0x7f, 0x2, 0x6, 0x0, 0x954, 0x6, 0xa1, 0x0, 0x7, 0x6, 0x7006, 0x1ff, 0x6, 0x3, 0x4, 0x2, 0x10, 0x8, 0x1, 0x6, 0x7, 0x937, 0x0, 0x18229ccc, 0x5, 0x10000, 0xfff, 0x3ff, 0x40, 0xfff, 0x55dd1513, 0xbb6, 0xb7, 0x8, 0x5c0fe678, 0x3, 0x4, 0x981, 0x81, 0x78, 0x8, 0x7, 0x4, 0x7, 0x3, 0xec8, 0x0, 0x800, 0x1, 0x3, 0x8, 0x4, 0xfff, 0xfffffff7, 0xce5c, 0x9, 0x10000, 0x54c, 0x9c, 0x8, 0x5, 0x7, 0x2, 0x486b, 0x8, 0x200, 0x720, 0xb, 0x7fffffff, 0x2, 0x8, 0x79e, 0x9489, 0x10, 0x4, 0x9, 0x7f, 0x0, 0xf, 0x7ff, 0x10000, 0x3ff, 0x2bdc, 0x4, 0x1, 0xb9, 0x3, 0x4b, 0x1, 0x4, 0x4, 0x3, 0x2, 0x8001, 0xe, 0x6e, 0x3, 0x1, 0x5, 0x80000001, 0xfffffffe, 0xfff, 0x8, 0x4, 0x2, 0x9, 0x9, 0x101, 0x1000, 0x7, 0x5, 0x12c800, 0x3, 0x4, 0x2, 0x5, 0x4, 0xf, 0x0, 0x3d2, 0x2, 0x1, 0x6, 0x48, 0x2, 0x8, 0x1, 0x2ad39381, 0x1eb, 0x10000, 0x0, 0xadc, 0xf, 0x3, 0x8, 0x3, 0x1000, 0xb, 0x100, 0x8, 0x6043, 0xe8, 0xffffff00, 0x1, 0xed4, 0x2, 0x9, 0x8001, 0x4, 0x6, 0x0, 0xfff, 0x9, 0x2, 0x2]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x8c05, 0x20000003, 0x3972, 0x5, 0x8000, {0x4, 0x2, 0xffff, 0x9, 0x5, 0x6}, {0x7, 0x1, 0x1a2, 0x6, 0x1, 0x74}, 0x4, 0x6c, 0x8}}]}]}}]}, 0x478}, 0x1, 0x0, 0x0, 0x20041004}, 0x0) 0s ago: executing program 2 (id=859): r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f00000000c0)={0x2, 0x8, 0x2}) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000140)={0x2, 0x388b}) ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r0, 0x4020565b, &(0x7f0000000000)={0x0, 0x1, 0x3}) kernel console output (not intermixed with test programs): ilter on device team0 [ 224.169622][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.177239][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 224.248318][ T5578] 8021q: adding VLAN 0 to HW filter on device team0 [ 224.333192][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 224.340936][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 224.416504][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.424000][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 224.499377][ T5573] 8021q: adding VLAN 0 to HW filter on device bond0 [ 224.557263][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 224.564831][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 224.798323][ T5573] 8021q: adding VLAN 0 to HW filter on device team0 [ 224.874864][ T5574] 8021q: adding VLAN 0 to HW filter on device bond0 [ 224.975981][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.983577][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 225.148339][ T34] bridge0: port 2(bridge_slave_1) entered blocking state [ 225.156132][ T34] bridge0: port 2(bridge_slave_1) entered forwarding state [ 225.249639][ T5574] 8021q: adding VLAN 0 to HW filter on device team0 [ 225.453323][ T156] bridge0: port 1(bridge_slave_0) entered blocking state [ 225.461227][ T156] bridge0: port 1(bridge_slave_0) entered forwarding state [ 225.617428][ T71] bridge0: port 2(bridge_slave_1) entered blocking state [ 225.625078][ T71] bridge0: port 2(bridge_slave_1) entered forwarding state [ 228.121460][ T5577] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 229.209224][ T5569] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 229.765016][ T5578] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 230.093597][ T5569] veth0_vlan: entered promiscuous mode [ 230.132969][ T5573] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 230.311522][ T5569] veth1_vlan: entered promiscuous mode [ 230.438654][ T5574] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 230.794284][ T5578] veth0_vlan: entered promiscuous mode [ 230.834516][ T5577] veth0_vlan: entered promiscuous mode [ 230.969663][ T5569] veth0_macvtap: entered promiscuous mode [ 231.037510][ T5578] veth1_vlan: entered promiscuous mode [ 231.058556][ T5577] veth1_vlan: entered promiscuous mode [ 231.098754][ T5569] veth1_macvtap: entered promiscuous mode [ 231.156099][ T5573] veth0_vlan: entered promiscuous mode [ 231.309315][ T5573] veth1_vlan: entered promiscuous mode [ 231.381600][ T5569] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 231.433824][ T5574] veth0_vlan: entered promiscuous mode [ 231.466954][ T5569] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 231.578683][ T5715] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.589030][ T5715] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.622009][ T5578] veth0_macvtap: entered promiscuous mode [ 231.633847][ T5715] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.648934][ T5715] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.662462][ T5574] veth1_vlan: entered promiscuous mode [ 231.697058][ T5577] veth0_macvtap: entered promiscuous mode [ 231.788826][ T5578] veth1_macvtap: entered promiscuous mode [ 231.835601][ T5577] veth1_macvtap: entered promiscuous mode [ 232.014632][ T5573] veth0_macvtap: entered promiscuous mode [ 232.103616][ T5578] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 232.126885][ T5573] veth1_macvtap: entered promiscuous mode [ 232.225013][ T5577] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 232.289904][ T5578] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 232.344565][ T5574] veth0_macvtap: entered promiscuous mode [ 232.394820][ T5577] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 232.473578][ T5715] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.483733][ T5715] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.532097][ T5574] veth1_macvtap: entered promiscuous mode [ 232.550139][ T5715] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.614033][ T5573] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 232.629018][ T5715] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.696653][ T5715] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.714793][ T5715] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.767415][ T5715] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.835733][ T5573] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 232.870112][ T5715] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.011460][ T5715] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.037942][ T5715] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.069726][ T5574] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 233.106761][ T5715] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.183099][ T168] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.302517][ T5574] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 233.472797][ T168] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.514771][ T168] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.557050][ T168] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.592650][ T168] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 237.706654][ T56] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 237.762389][ T56] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 237.958846][ T55] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 237.999929][ T55] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 238.522440][ T5569] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 239.407213][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 239.438208][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 239.615549][ T34] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 239.634040][ T34] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 240.214074][ T56] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 240.252701][ T56] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 240.275300][ T55] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 240.305734][ T55] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 240.327628][ T5835] ======================================================= [ 240.327628][ T5835] WARNING: The mand mount option has been deprecated and [ 240.327628][ T5835] and is ignored by this kernel. Remove the mand [ 240.327628][ T5835] option from the mount to silence this warning. [ 240.327628][ T5835] ======================================================= [ 240.660298][ T156] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 240.694791][ T156] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 240.927232][ T141] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 240.989968][ T141] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 241.418236][ T34] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 241.450987][ T34] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 241.703246][ T141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 241.724289][ T141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 242.132969][ T5843] Invalid ELF header magic: != ELF [ 243.002286][ T5851] netlink: 4 bytes leftover after parsing attributes in process `syz.1.11'. [ 243.453443][ T5857] loop3: detected capacity change from 0 to 512 [ 243.595695][ T5857] EXT4-fs error (device loop3): ext4_orphan_get:1397: inode #15: comm syz.3.12: inode has both inline data and extents flags [ 243.734657][ T5857] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 243.744386][ T5857] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.12: couldn't read orphan inode 15 (err -117) [ 243.744618][ C1] EXT4-fs (loop3): error count since last fsck: 1 [ 243.772705][ C1] EXT4-fs (loop3): initial error at time 1779114976: ext4_orphan_get:1397: inode 15 [ 243.782659][ C1] EXT4-fs (loop3): last error at time 1779114976: ext4_orphan_get:1397: inode 15 [ 243.820852][ T5857] loop3: lost filesystem error report for type 5 error -117 [ 243.828761][ T5857] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 244.327359][ T5868] loop2: detected capacity change from 0 to 8 [ 244.448246][ T5578] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 245.200027][ T5874] loop1: detected capacity change from 0 to 8 [ 245.552584][ T5878] pim6reg: entered allmulticast mode [ 245.631995][ T5876] pim6reg: left allmulticast mode [ 246.237451][ T29] audit: type=1326 audit(1779114979.255:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5885 comm="syz.4.24" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702f01c code=0x7ffc0000 [ 246.380798][ T29] audit: type=1326 audit(1779114979.285:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5885 comm="syz.4.24" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=175 compat=1 ip=0xf702f01c code=0x7ffc0000 [ 246.560133][ T29] audit: type=1326 audit(1779114979.285:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5885 comm="syz.4.24" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702f01c code=0x7ffc0000 [ 246.688031][ T29] audit: type=1326 audit(1779114979.285:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5885 comm="syz.4.24" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702f01c code=0x7ffc0000 [ 246.851205][ T29] audit: type=1326 audit(1779114979.305:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5885 comm="syz.4.24" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702f01c code=0x7ffc0000 [ 247.042513][ T29] audit: type=1326 audit(1779114979.335:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5885 comm="syz.4.24" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=311 compat=1 ip=0xf702f01c code=0x7ffc0000 [ 247.167894][ T5894] loop2: detected capacity change from 0 to 1024 [ 247.176560][ T29] audit: type=1326 audit(1779114979.335:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5885 comm="syz.4.24" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=175 compat=1 ip=0xf702f01c code=0x7ffc0000 [ 247.287591][ T29] audit: type=1326 audit(1779114979.345:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5885 comm="syz.4.24" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf702f01c code=0x7ffc0000 [ 247.359497][ T29] audit: type=1326 audit(1779114979.345:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5885 comm="syz.4.24" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702f01c code=0x7ffc0000 [ 247.386768][ T29] audit: type=1326 audit(1779114979.365:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5885 comm="syz.4.24" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702f01c code=0x7ffc0000 [ 247.546508][ T5894] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 247.594203][ T5894] ext4 filesystem being mounted at /3/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 247.918574][ T5894] EXT4-fs error (device loop2): ext4_free_blocks:6718: comm syz.2.27: Freeing blocks not in datazone - block = 0, count = 16 [ 247.991077][ T5894] EXT4-fs (loop2): Remounting filesystem read-only [ 248.217011][ T5904] netlink: 4 bytes leftover after parsing attributes in process `syz.0.30'. [ 248.524505][ T5574] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 250.613191][ T5934] netlink: 4 bytes leftover after parsing attributes in process `syz.4.42'. [ 250.781611][ T9] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 250.996963][ T9] usb 4-1: Using ep0 maxpacket: 16 [ 251.052458][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 251.108290][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 251.147123][ T9] usb 4-1: New USB device found, idVendor=056a, idProduct=0084, bcdDevice= 0.00 [ 251.209236][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 251.286606][ T9] usb 4-1: config 0 descriptor?? [ 251.961851][ T9] wacom 0003:056A:0084.0001: unknown main item tag 0x0 [ 252.125120][ T9] usb 4-1: USB disconnect, device number 2 [ 253.407947][ T5955] loop6: detected capacity change from 0 to 2640 [ 253.420101][ T5955] Buffer I/O error on dev loop6, logical block 0, async page read [ 253.460777][ T5955] Buffer I/O error on dev loop6, logical block 0, async page read [ 253.561602][ T5955] Buffer I/O error on dev loop6, logical block 0, async page read [ 253.629533][ T5955] Buffer I/O error on dev loop6, logical block 0, async page read [ 253.687544][ T5955] Buffer I/O error on dev loop6, logical block 0, async page read [ 253.702923][ T5963] netlink: 236 bytes leftover after parsing attributes in process `syz.3.52'. [ 253.726862][ T5955] Buffer I/O error on dev loop6, logical block 0, async page read [ 253.741055][ T5963] netlink: 236 bytes leftover after parsing attributes in process `syz.3.52'. [ 253.763171][ T5955] Buffer I/O error on dev loop6, logical block 0, async page read [ 253.821119][ T5955] Buffer I/O error on dev loop6, logical block 0, async page read [ 253.861246][ T5955] ldm_validate_partition_table(): Disk read failed. [ 253.909263][ T5955] Buffer I/O error on dev loop6, logical block 0, async page read [ 253.939550][ T5965] netlink: 16 bytes leftover after parsing attributes in process `syz.1.54'. [ 253.975054][ T5955] Buffer I/O error on dev loop6, logical block 0, async page read [ 254.031223][ T5955] Dev loop6: unable to read RDB block 0 [ 254.067073][ T5955] loop6: unable to read partition table [ 254.118060][ T5955] loop_reread_partitions: partition scan of loop6 (3Ÿ ¾‚³˜) failed (rc=-5) [ 255.038468][ T5975] loop4: detected capacity change from 0 to 256 [ 256.639378][ T5987] netlink: 124 bytes leftover after parsing attributes in process `syz.2.65'. [ 257.549145][ T5995] netlink: 64 bytes leftover after parsing attributes in process `syz.4.68'. [ 257.635828][ T5993] loop1: detected capacity change from 0 to 4096 [ 257.698116][ T5993] EXT4-fs: Ignoring removed orlov option [ 257.740193][ T5993] EXT4-fs (loop1): Test dummy encryption mode enabled [ 257.935127][ T5993] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 258.676448][ T5569] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 259.281735][ T6013] netlink: 4 bytes leftover after parsing attributes in process `syz.1.74'. [ 259.699967][ T6016] netlink: 4 bytes leftover after parsing attributes in process `syz.3.75'. [ 260.453999][ T6025] bond1: option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 260.561871][ T6025] bond1 (unregistering): Released all slaves [ 261.198543][ T6032] netlink: 56 bytes leftover after parsing attributes in process `syz.1.83'. [ 261.241745][ T6032] netlink: 24 bytes leftover after parsing attributes in process `syz.1.83'. [ 261.265754][ T6034] netlink: 4 bytes leftover after parsing attributes in process `syz.2.82'. [ 261.322880][ T6034] netlink: 4 bytes leftover after parsing attributes in process `syz.2.82'. [ 262.252179][ T6040] netlink: 4 bytes leftover after parsing attributes in process `syz.2.87'. [ 262.290064][ T6040] Zero length message leads to an empty skb [ 263.010183][ T6048] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 265.293749][ T6071] faux_driver vkms: [drm] Unknown color mode 9; guessing buffer size. [ 266.771662][ T6086] sch_fq: defrate 53322 ignored. [ 268.502903][ T6102] loop4: detected capacity change from 0 to 128 [ 268.740217][ T29] kauditd_printk_skb: 8 callbacks suppressed [ 268.778469][ T29] audit: type=1800 audit(1779115001.745:20): pid=6102 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.115" name="file1" dev="loop4" ino=1048605 res=0 errno=0 [ 268.854656][ T6108] loop1: detected capacity change from 0 to 1764 [ 268.965328][ T6108] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 269.599172][ T6115] netlink: 4 bytes leftover after parsing attributes in process `syz.3.119'. [ 269.672681][ T6115] netlink: 4 bytes leftover after parsing attributes in process `syz.3.119'. [ 269.818194][ T6119] capability: warning: `syz.4.120' uses deprecated v2 capabilities in a way that may be insecure [ 269.930081][ T6119] program syz.4.120 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 270.380875][ T808] usb 2-1: new full-speed USB device number 2 using dummy_hcd [ 270.454928][ T6124] input: syz0 as /devices/virtual/input/input5 [ 270.479747][ T6126] loop3: detected capacity change from 0 to 8 [ 270.583184][ T808] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 270.614692][ T808] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 270.657461][ T808] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80 [ 270.712251][ T808] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 270.766083][ T808] usb 2-1: config 0 descriptor?? [ 271.338088][ T1308] ieee802154 phy0 wpan0: encryption failed: -22 [ 271.347635][ T1308] ieee802154 phy1 wpan1: encryption failed: -22 [ 271.455944][ T808] cp2112 0003:10C4:EA90.0002: item fetching failed at offset 6/7 [ 271.523716][ T808] cp2112 0003:10C4:EA90.0002: parse failed [ 271.553092][ T808] cp2112 0003:10C4:EA90.0002: probe with driver cp2112 failed with error -22 [ 271.666274][ T808] usb 2-1: USB disconnect, device number 2 [ 272.032012][ T6137] Bluetooth: MGMT ver 1.23 [ 272.627645][ T6142] loop4: detected capacity change from 0 to 512 [ 272.686800][ T6142] EXT4-fs: Ignoring removed nobh option [ 272.741158][ T6142] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 272.800911][ T6142] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 272.893670][ T6142] EXT4-fs (loop4): 1 truncate cleaned up [ 272.952301][ T6142] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 273.114851][ T6142] EXT4-fs error (device loop4): ext4_find_dest_de:2050: inode #2: block 13: comm syz.4.131: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 273.697385][ T5577] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 275.139669][ T6165] netlink: 4 bytes leftover after parsing attributes in process `syz.4.140'. [ 275.731965][ T6171] loop1: detected capacity change from 0 to 1024 [ 276.087060][ T6175] loop4: detected capacity change from 0 to 16 [ 276.574358][ T808] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 276.811711][ T808] usb 4-1: Using ep0 maxpacket: 16 [ 276.873431][ T808] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 276.958894][ T808] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 276.960675][ T6180] loop1: detected capacity change from 0 to 256 [ 277.058125][ T808] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 277.089615][ T808] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 277.136773][ T808] usb 4-1: Product: syz [ 277.146416][ T808] usb 4-1: Manufacturer: syz [ 277.163460][ T808] usb 4-1: SerialNumber: syz [ 277.251912][ T808] usb 4-1: config 0 descriptor?? [ 277.352854][ T808] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 277.399404][ T6180] FAT-fs (loop1): Directory bread(block 64) failed [ 277.407423][ T808] em28xx 4-1:0.0: Audio interface 0 found (Vendor Class) [ 277.421017][ T6180] FAT-fs (loop1): Directory bread(block 65) failed [ 277.459203][ T6180] FAT-fs (loop1): Directory bread(block 66) failed [ 277.508324][ T6180] FAT-fs (loop1): Directory bread(block 67) failed [ 277.527130][ T6180] FAT-fs (loop1): Directory bread(block 68) failed [ 277.572884][ T6180] FAT-fs (loop1): Directory bread(block 69) failed [ 277.627593][ T6180] FAT-fs (loop1): Directory bread(block 70) failed [ 277.667598][ T6180] FAT-fs (loop1): Directory bread(block 71) failed [ 277.686002][ T6180] FAT-fs (loop1): Directory bread(block 72) failed [ 277.716549][ T6180] FAT-fs (loop1): Directory bread(block 73) failed [ 278.008787][ T808] em28xx 4-1:0.0: chip ID is em2750 [ 278.216164][ T808] em28xx 4-1:0.0: Config register raw data: 0xfffffffb [ 278.260776][ T808] em28xx 4-1:0.0: AC97 chip type couldn't be determined [ 278.305350][ T808] em28xx 4-1:0.0: No AC97 audio processor [ 278.431843][ T808] usb 4-1: USB disconnect, device number 3 [ 278.460958][ T808] em28xx 4-1:0.0: Disconnecting em28xx [ 278.497938][ T808] em28xx 4-1:0.0: Freeing device [ 279.723576][ T4870] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 279.732441][ T4870] Bluetooth: hci2: Injecting HCI hardware error event [ 279.740060][ T4870] Bluetooth: hci2: hardware error 0x00 [ 279.985085][ T6197] netlink: 8 bytes leftover after parsing attributes in process `syz.3.155'. [ 280.025645][ T6199] netlink: 27 bytes leftover after parsing attributes in process `syz.0.153'. [ 281.285196][ T6211] loop4: detected capacity change from 0 to 1024 [ 281.880653][ T4870] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 282.433748][ T6223] netlink: 4 bytes leftover after parsing attributes in process `syz.2.166'. [ 282.565062][ T6224] netlink: 104 bytes leftover after parsing attributes in process `syz.2.166'. [ 282.621468][ T6224] netlink: 104 bytes leftover after parsing attributes in process `syz.2.166'. [ 283.621413][ T6234] netlink: 4 bytes leftover after parsing attributes in process `syz.0.170'. [ 283.728876][ T6238] netlink: 4 bytes leftover after parsing attributes in process `syz.0.170'. [ 284.215144][ T6244] loop4: detected capacity change from 0 to 512 [ 284.331872][ T6244] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 284.621769][ T6248] netlink: 'syz.2.176': attribute type 3 has an invalid length. [ 284.663993][ T6248] netlink: 8 bytes leftover after parsing attributes in process `syz.2.176'. [ 285.164890][ T5577] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 286.985467][ T6272] program syz.4.184 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 288.066746][ T6282] loop0: detected capacity change from 0 to 256 [ 288.675299][ T6282] FAT-fs (loop0): Directory bread(block 64) failed [ 288.687169][ T6292] netlink: 76 bytes leftover after parsing attributes in process `syz.4.192'. [ 288.761161][ T6282] FAT-fs (loop0): Directory bread(block 65) failed [ 288.809603][ T6282] FAT-fs (loop0): Directory bread(block 66) failed [ 288.880724][ T6291] veth0_to_bond: entered promiscuous mode [ 288.911171][ T6282] FAT-fs (loop0): Directory bread(block 67) failed [ 288.920049][ T6291] macsec1: entered promiscuous mode [ 288.974807][ T6291] macsec1: entered allmulticast mode [ 288.980906][ T6282] FAT-fs (loop0): Directory bread(block 68) failed [ 288.981046][ T6282] FAT-fs (loop0): Directory bread(block 69) failed [ 289.023920][ T6282] FAT-fs (loop0): Directory bread(block 70) failed [ 289.044786][ T6282] FAT-fs (loop0): Directory bread(block 71) failed [ 289.081292][ T6291] veth0_to_bond: entered allmulticast mode [ 289.081952][ T6282] FAT-fs (loop0): Directory bread(block 72) failed [ 289.236463][ T6282] FAT-fs (loop0): Directory bread(block 73) failed [ 291.330830][ T6310] usb usb8: usbfs: process 6310 (syz.3.201) did not claim interface 0 before use [ 292.818770][ T6319] loop3: detected capacity change from 0 to 2048 [ 293.028327][ T6322] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 293.205791][ T6322] NILFS (loop3): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 293.258237][ T6322] NILFS error (device loop3): nilfs_bmap_propagate: broken bmap (inode number=4) [ 293.319504][ T6322] Remounting filesystem read-only [ 293.749327][ T5578] NILFS (loop3): disposed unprocessed dirty file(s) when stopping log writer [ 293.938454][ T6329] loop4: detected capacity change from 0 to 2048 [ 294.065609][ T6329] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 295.700568][ T6340] loop3: detected capacity change from 0 to 128 [ 296.506822][ T6349] input: syz0 as /devices/virtual/input/input6 [ 297.183236][ T808] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 297.435046][ T808] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 297.519020][ T808] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 297.540591][ T6360] netlink: 4 bytes leftover after parsing attributes in process `syz.0.219'. [ 297.578095][ T808] usb 4-1: config 0 descriptor?? [ 297.629810][ T808] cp210x 4-1:0.0: cp210x converter detected [ 298.128117][ T808] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 298.246381][ T808] usb 4-1: cp210x converter now attached to ttyUSB0 [ 298.397443][ T808] usb 4-1: USB disconnect, device number 4 [ 298.459473][ T9] usb 5-1: new full-speed USB device number 2 using dummy_hcd [ 298.489985][ T808] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 298.589566][ T808] cp210x 4-1:0.0: device disconnected [ 298.708020][ T9] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 298.742416][ T9] usb 5-1: config 0 has no interface number 0 [ 298.763544][ T9] usb 5-1: config 0 interface 1 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 298.827969][ T9] usb 5-1: config 0 interface 1 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0 [ 298.902487][ T9] usb 5-1: config 0 interface 1 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 298.978545][ T9] usb 5-1: config 0 interface 1 has no altsetting 0 [ 299.015471][ T9] usb 5-1: New USB device found, idVendor=145f, idProduct=0212, bcdDevice= 0.00 [ 299.045020][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 299.121560][ T9] usb 5-1: config 0 descriptor?? [ 299.900187][ T9] uclogic 0003:145F:0212.0003: pen parameters not found [ 299.932667][ T9] uclogic 0003:145F:0212.0003: interface is invalid, ignoring [ 300.006069][ T9] usb 5-1: USB disconnect, device number 2 [ 306.258958][ T6431] warning: `syz.3.253' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 309.447138][ T6465] loop0: detected capacity change from 0 to 1024 [ 309.523131][ T6465] EXT4-fs: inline encryption not supported [ 309.633150][ T6466] loop3: detected capacity change from 0 to 2048 [ 309.866193][ T6465] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 309.946101][ T6466] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 309.971005][ T6465] ext4 filesystem being mounted at /36/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 310.522639][ T6471] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 112: padding at end of block bitmap is not set [ 311.309412][ T5573] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 311.776544][ T6486] loop4: detected capacity change from 0 to 256 [ 314.255465][ T6506] loop0: detected capacity change from 0 to 256 [ 316.722238][ T6529] sctp: Trying to GSO but underlying device doesn't support it. [ 318.713051][ T6541] loop4: detected capacity change from 0 to 4096 [ 318.807248][ T6541] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 318.890105][ T6546] loop3: detected capacity change from 0 to 1024 [ 318.981262][ T6546] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945) [ 319.071520][ T6546] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 319.202210][ T6546] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 319.245066][ T6546] EXT4-fs (loop3): orphan cleanup on readonly fs [ 319.330723][ T6546] EXT4-fs error (device loop3): ext4_read_inode_bitmap:167: comm syz.3.301: Inode bitmap for bg 0 marked uninitialized [ 319.488900][ T6546] loop3: lost filesystem error report for type 5 error -117 [ 319.490498][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 319.504971][ C0] EXT4-fs (loop3): initial error at time 1779115052: ext4_read_inode_bitmap:167 [ 319.514437][ C0] EXT4-fs (loop3): last error at time 1779115052: ext4_read_inode_bitmap:167 [ 319.548701][ T6546] EXT4-fs (loop3): Remounting filesystem read-only [ 319.589411][ T6541] ntfs3(loop4): Failed to initialize $Extend/$Reparse. [ 319.669420][ T6546] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 319.763741][ T6546] EXT4-fs (loop3): shut down requested (1) [ 319.931285][ T29] audit: type=1800 audit(1779115052.925:21): pid=6541 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.299" name="bus" dev="loop4" ino=33 res=0 errno=0 [ 320.098536][ T5578] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 320.748694][ T6551] loop0: detected capacity change from 0 to 16 [ 321.020112][ T6551] erofs (device loop0): mounted with root inode @ nid 36. [ 321.330060][ T6551] syz.0.303: attempt to access beyond end of device [ 321.330060][ T6551] loop0: rw=0, sector=1936876908, nr_sectors = 1 limit=16 [ 321.367575][ T6553] loop3: detected capacity change from 0 to 1024 [ 321.429371][ T6553] EXT4-fs: Ignoring removed orlov option [ 321.518622][ T6551] syz.0.303: attempt to access beyond end of device [ 321.518622][ T6551] loop0: rw=0, sector=3955228672, nr_sectors = 1 limit=16 [ 321.609089][ T6553] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a002c018, mo2=0002] [ 321.692049][ T6553] System zones: 0-1, 3-12 [ 321.728805][ T6553] EXT4-fs (loop3): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 321.783326][ T6556] syz.0.303: attempt to access beyond end of device [ 321.783326][ T6556] loop0: rw=0, sector=1936876908, nr_sectors = 1 limit=16 [ 321.894413][ T6556] syz.0.303: attempt to access beyond end of device [ 321.894413][ T6556] loop0: rw=0, sector=3955228672, nr_sectors = 1 limit=16 [ 321.942893][ T6553] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2860: Unable to expand inode 12. Delete some EAs or run e2fsck. [ 322.656658][ T5578] EXT4-fs (loop3): unmounting filesystem 00000000-0500-0000-0000-000000000000. [ 323.758669][ T6569] loop4: detected capacity change from 0 to 256 [ 323.943492][ T29] audit: type=1800 audit(1779115056.965:22): pid=6569 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.311" name="bus" dev="loop4" ino=1048611 res=0 errno=0 [ 324.046983][ T6569] Invalid ELF header magic: != ELF [ 324.179407][ T6571] loop0: detected capacity change from 0 to 512 [ 324.478951][ T6571] EXT4-fs error (device loop0): ext4_orphan_get:1397: inode #15: comm syz.0.309: inode has both inline data and extents flags [ 324.571007][ T6571] loop0: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 324.572622][ T6571] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.309: couldn't read orphan inode 15 (err -117) [ 324.582387][ C0] EXT4-fs (loop0): error count since last fsck: 1 [ 324.582484][ C0] EXT4-fs (loop0): initial error at time 1779115057: ext4_orphan_get:1397: inode 15 [ 324.582645][ C0] EXT4-fs (loop0): last error at time 1779115057: ext4_orphan_get:1397: inode 15 [ 324.712742][ T6576] loop3: detected capacity change from 0 to 128 [ 324.850727][ T6576] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 324.910950][ T6571] loop0: lost filesystem error report for type 5 error -117 [ 324.985283][ T6576] ext4 filesystem being mounted at /63/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 325.038526][ T6571] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 325.281042][ T29] audit: type=1800 audit(1779115058.295:23): pid=6571 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.309" name="file1" dev="loop0" ino=18 res=0 errno=0 [ 325.318140][ T6582] loop4: detected capacity change from 0 to 512 [ 325.610652][ T5578] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 326.037959][ T5573] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 326.356453][ T6590] loop4: detected capacity change from 0 to 128 [ 326.392024][ T808] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 326.446503][ T6590] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 326.507756][ T6590] hpfs: filesystem error: improperly stopped [ 326.547619][ T6590] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 326.601658][ T6590] hpfs: You really don't want any checks? You are crazy... [ 326.609398][ T808] usb 4-1: Using ep0 maxpacket: 16 [ 326.656842][ T6590] hpfs: hpfs_map_sector(): read error [ 326.691209][ T808] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 326.702791][ T6590] hpfs: code page support is disabled [ 326.726525][ T6590] hpfs: hpfs_map_4sectors(): unaligned read [ 326.739459][ T808] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 326.778136][ T6590] hpfs: hpfs_map_4sectors(): unaligned read [ 326.805114][ T808] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 326.815152][ T6590] hpfs: filesystem error: unable to find root dir [ 326.851313][ T808] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 326.878039][ T808] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 326.983222][ T808] usb 4-1: config 0 descriptor?? [ 327.468433][ T6595] loop0: detected capacity change from 0 to 1024 [ 327.548993][ T808] microsoft 0003:045E:07DA.0004: item 0 4 0 9 parsing failed [ 327.634008][ T808] microsoft 0003:045E:07DA.0004: parse failed [ 327.673069][ T808] microsoft 0003:045E:07DA.0004: probe with driver microsoft failed with error -22 [ 327.789939][ T6595] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 327.892094][ T9] usb 4-1: USB disconnect, device number 5 [ 328.248991][ T6595] EXT4-fs (loop0): Online defrag not supported with bigalloc [ 328.765720][ T6602] loop4: detected capacity change from 0 to 4096 [ 329.002429][ T5573] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 330.603282][ T6618] loop4: detected capacity change from 0 to 24 [ 330.673767][ T6618] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 331.696631][ T6628] netlink: 4 bytes leftover after parsing attributes in process `syz.4.335'. [ 332.145938][ T6632] loop0: detected capacity change from 0 to 764 [ 332.486390][ T6632] rock: directory entry would overflow storage [ 332.561000][ T6632] rock: sig=0x4f50, size=4, remaining=3 [ 332.595815][ T6632] iso9660: Corrupted directory entry in block 6 of inode 1792 [ 332.727382][ T6632] rock: directory entry would overflow storage [ 332.773090][ T1308] ieee802154 phy0 wpan0: encryption failed: -22 [ 332.779767][ T1308] ieee802154 phy1 wpan1: encryption failed: -22 [ 332.817064][ T6632] rock: sig=0x4f50, size=4, remaining=3 [ 332.839672][ T6632] iso9660: Corrupted directory entry in block 6 of inode 1792 [ 333.173139][ T9] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 333.413371][ T9] usb 2-1: config 0 interface 0 altsetting 251 bulk endpoint 0x9 has invalid maxpacket 99 [ 333.463716][ T9] usb 2-1: config 0 interface 0 has no altsetting 0 [ 333.555266][ T9] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 333.587776][ T9] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 333.632839][ T9] usb 2-1: Product: syz [ 333.674083][ T9] usb 2-1: Manufacturer: syz [ 333.691072][ T9] usb 2-1: SerialNumber: syz [ 333.807837][ T9] usb 2-1: config 0 descriptor?? [ 333.835017][ T6640] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 334.021132][ T9] usb 2-1: selecting invalid altsetting 0 [ 334.571733][ T6640] usb 2-1: cannot submit urb 0, error -2: endpoint not enabled [ 334.840730][ T5583] Bluetooth: hci3: command 0x0406 tx timeout [ 334.845134][ T5571] Bluetooth: hci0: command 0x0406 tx timeout [ 334.847079][ T5583] Bluetooth: hci1: command 0x0406 tx timeout [ 334.876462][ T9] usb 2-1: USB disconnect, device number 3 [ 335.449684][ T5807] udevd[5807]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 335.933906][ T6661] netlink: 4 bytes leftover after parsing attributes in process `syz.3.350'. [ 336.015508][ T6661] netlink: 4 bytes leftover after parsing attributes in process `syz.3.350'. [ 336.955080][ T6672] netlink: 4 bytes leftover after parsing attributes in process `syz.3.354'. [ 338.861987][ T9] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 339.114841][ T9] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 339.178288][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 339.234708][ T9] usb 2-1: config 0 descriptor?? [ 339.289924][ T9] cp210x 2-1:0.0: cp210x converter detected [ 339.762389][ T9] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 339.896480][ T9] usb 2-1: cp210x converter now attached to ttyUSB0 [ 340.062497][ T808] usb 2-1: USB disconnect, device number 4 [ 340.094750][ T10] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 340.195699][ T808] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 340.296365][ T808] cp210x 2-1:0.0: device disconnected [ 340.361512][ T10] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 340.395581][ T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 340.421071][ T10] usb 4-1: Product: syz [ 340.427463][ T10] usb 4-1: Manufacturer: syz [ 340.450615][ T10] usb 4-1: SerialNumber: syz [ 340.542246][ T6696] loop4: detected capacity change from 0 to 1764 [ 340.558730][ T10] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 340.751261][ T6696] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 340.781109][ T5675] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 340.895360][ T9] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 341.012641][ T5675] usb 3-1: Using ep0 maxpacket: 32 [ 341.108748][ T5675] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 341.247371][ T5675] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 341.346617][ T5675] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 341.402913][ T5675] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 341.514792][ T5675] usb 3-1: config 0 descriptor?? [ 341.667570][ T5675] hub 3-1:0.0: USB hub found [ 342.001550][ T808] usb 4-1: USB disconnect, device number 6 [ 342.187909][ T5675] hub 3-1:0.0: config failed, can't read hub descriptor (err -90) [ 342.421029][ T5675] usbhid 3-1:0.0: can't add hid device: -71 [ 342.438870][ T6702] loop4: detected capacity change from 0 to 256 [ 342.459738][ T5675] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 342.528248][ T5675] usb 3-1: USB disconnect, device number 2 [ 342.670785][ T6704] Bluetooth: MGMT ver 1.23 [ 342.807347][ T6702] FAT-fs (loop4): Directory bread(block 64) failed [ 342.833779][ T6702] FAT-fs (loop4): Directory bread(block 65) failed [ 342.851292][ T6702] FAT-fs (loop4): Directory bread(block 66) failed [ 342.860565][ T9] usb 4-1: Service connection timeout for: 258 [ 342.889903][ T6702] FAT-fs (loop4): Directory bread(block 67) failed [ 342.905978][ T9] ath9k_htc 4-1:1.0: ath9k_htc: Unable to initialize HTC services [ 342.923276][ T6702] FAT-fs (loop4): Directory bread(block 68) failed [ 342.945179][ T9] ath9k_htc: Failed to initialize the device [ 342.954895][ T6702] FAT-fs (loop4): Directory bread(block 69) failed [ 342.987934][ T6702] FAT-fs (loop4): Directory bread(block 70) failed [ 342.998171][ T808] usb 4-1: ath9k_htc: USB layer deinitialized [ 343.037281][ T6702] FAT-fs (loop4): Directory bread(block 71) failed [ 343.094990][ T6702] FAT-fs (loop4): Directory bread(block 72) failed [ 343.156297][ T6702] FAT-fs (loop4): Directory bread(block 73) failed [ 344.664841][ T6723] netlink: 4 bytes leftover after parsing attributes in process `syz.4.375'. [ 345.344722][ T6728] loop3: detected capacity change from 0 to 64 [ 346.244488][ T6738] loop2: detected capacity change from 0 to 64 [ 346.311186][ T6738] minix: block size(59136) > page size(4096) not supported by filesystem [ 346.590833][ T6741] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 347.413666][ T6754] process 'syz.2.391' launched '/dev/fd/3' with NULL argv: empty string added [ 348.428660][ T6762] netlink: 4 bytes leftover after parsing attributes in process `syz.0.394'. [ 349.447029][ T6775] cgroup: fork rejected by pids controller in /syz0 [ 349.577812][ T6778] netlink: 'syz.2.400': attribute type 8 has an invalid length. [ 349.577902][ T6778] netlink: 16 bytes leftover after parsing attributes in process `syz.2.400'. [ 350.469980][ T6784] loop2: detected capacity change from 0 to 256 [ 350.619189][ T6784] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x32e3664b, utbl_chksum : 0xe619d30d) [ 350.793457][ T9] kernel write not supported for file /comedi4 (pid: 9 comm: kworker/0:0) [ 351.196631][ T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 351.382307][ T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 351.616147][ T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 351.909271][ T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 352.474732][ T13] bridge_slave_1: left allmulticast mode [ 352.482774][ T13] bridge_slave_1: left promiscuous mode [ 352.502839][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 352.533385][ T13] bridge_slave_0: left allmulticast mode [ 352.539508][ T13] bridge_slave_0: left promiscuous mode [ 352.548667][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 353.240029][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 353.345366][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 353.405695][ T13] bond0 (unregistering): Released all slaves [ 353.763223][ T6799] loop4: detected capacity change from 0 to 256 [ 353.813288][ T6800] loop3: detected capacity change from 0 to 512 [ 354.105228][ T6800] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 354.217805][ T6800] ext4 filesystem being mounted at /82/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 354.276746][ T6796] loop1: detected capacity change from 0 to 4096 [ 354.625576][ T6807] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 355.122931][ T5578] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 355.237530][ T13] hsr_slave_0: left promiscuous mode [ 355.307319][ T13] hsr_slave_1: left promiscuous mode [ 355.375392][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 355.449304][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 355.463353][ T4870] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 355.476244][ T4870] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 355.491526][ T4870] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 355.508223][ T4870] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 355.528505][ T4870] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 355.594504][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 355.631055][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 355.676417][ T13] veth1_macvtap: left promiscuous mode [ 355.686459][ T13] veth0_macvtap: left promiscuous mode [ 355.692655][ T13] veth1_vlan: left promiscuous mode [ 355.698261][ T13] veth0_vlan: left promiscuous mode [ 357.560766][ T10] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 357.640643][ T5580] Bluetooth: hci1: command tx timeout [ 357.798191][ T10] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 357.827501][ T10] usb 4-1: config 0 has no interface number 0 [ 357.863759][ T10] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 357.904020][ T10] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 357.938877][ T10] usb 4-1: config 0 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 357.989164][ T10] usb 4-1: New USB device found, idVendor=28bd, idProduct=0042, bcdDevice= 0.00 [ 358.036939][ T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 358.115199][ T10] usb 4-1: config 0 descriptor?? [ 358.757918][ T13] team0 (unregistering): Port device team_slave_1 removed [ 358.971055][ T13] team0 (unregistering): Port device team_slave_0 removed [ 358.983184][ T10] input: HID 28bd:0042 Pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.1/0003:28BD:0042.0005/input/input7 [ 359.113289][ T10] uclogic 0003:28BD:0042.0005: input,hidraw0: USB HID v0.00 Keypad [HID 28bd:0042] on usb-dummy_hcd.3-1/input1 [ 359.226564][ T10] usb 4-1: USB disconnect, device number 7 [ 359.720687][ T5580] Bluetooth: hci1: command tx timeout [ 360.302736][ T6845] fido_id[6845]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 360.392379][ T6815] erspan0: entered promiscuous mode [ 360.487286][ T5225] 8021q: adding VLAN 0 to HW filter on device eth1 [ 361.697338][ T6865] pim6reg0: tun_chr_ioctl cmd 1074812118 [ 361.801125][ T5580] Bluetooth: hci1: command tx timeout [ 361.963769][ T6871] loop4: detected capacity change from 0 to 128 [ 363.015392][ T6881] loop2: detected capacity change from 0 to 1024 [ 363.881525][ T5580] Bluetooth: hci1: command tx timeout [ 364.332911][ T6896] input: syz0 as /devices/virtual/input/input8 [ 364.766036][ T10] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 364.963560][ T10] usb 3-1: Using ep0 maxpacket: 16 [ 365.042764][ T10] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 365.125127][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 365.221687][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 365.289717][ T10] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 365.341042][ T10] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 365.405395][ T10] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 365.463476][ T10] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 365.503957][ T10] usb 3-1: Manufacturer: syz [ 365.557093][ T10] usb 3-1: config 0 descriptor?? [ 366.236940][ T5225] 8021q: adding VLAN 0 to HW filter on device eth2 [ 366.304882][ T10] rc_core: IR keymap rc-hauppauge not found [ 366.327670][ T10] Registered IR keymap rc-empty [ 366.338267][ T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 366.370848][ T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 366.427133][ T10] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0 [ 366.514433][ T10] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input9 [ 366.633964][ T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 366.723866][ T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 366.772359][ T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 366.814803][ T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 366.887384][ T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 366.975424][ T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 367.034970][ T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 367.092667][ T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 367.141147][ T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 367.202880][ T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 367.289886][ T10] mceusb 3-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 367.334328][ T10] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 367.442962][ T10] usb 3-1: USB disconnect, device number 3 [ 367.461912][ T6932] netlink: 4 bytes leftover after parsing attributes in process `syz.3.446'. [ 367.685982][ T6929] loop1: detected capacity change from 0 to 2048 [ 367.858763][ T6929] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 368.518331][ T5715] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 368.637576][ T5715] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 11 with error 28 [ 368.651030][ T5715] EXT4-fs (loop1): This should not happen!! Data will be lost [ 368.651030][ T5715] [ 368.661406][ T5715] EXT4-fs (loop1): Total free blocks count 0 [ 368.670134][ T5715] EXT4-fs (loop1): Free/Dirty block details [ 368.681148][ T5715] EXT4-fs (loop1): free_blocks=2415919104 [ 368.698317][ T5715] EXT4-fs (loop1): dirty_blocks=16 [ 368.704407][ T5715] EXT4-fs (loop1): Block reservation details [ 368.721679][ T5715] EXT4-fs (loop1): i_reserved_data_blocks=1 [ 368.778981][ T5569] EXT4-fs warning (device loop1): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost [ 368.823854][ T5569] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 369.452437][ T6952] loop3: detected capacity change from 0 to 64 [ 369.769122][ T6811] bridge0: port 1(bridge_slave_0) entered blocking state [ 369.816316][ T6811] bridge0: port 1(bridge_slave_0) entered disabled state [ 369.855155][ T6811] bridge_slave_0: entered allmulticast mode [ 369.910932][ T6811] bridge_slave_0: entered promiscuous mode [ 369.993548][ T6811] bridge0: port 2(bridge_slave_1) entered blocking state [ 370.022329][ T6811] bridge0: port 2(bridge_slave_1) entered disabled state [ 370.058449][ T6811] bridge_slave_1: entered allmulticast mode [ 370.093975][ T6811] bridge_slave_1: entered promiscuous mode [ 370.651639][ T6811] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 370.680719][ T4870] Bluetooth: hci4: command 0x0406 tx timeout [ 370.803228][ T6811] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 371.313251][ T6811] team0: Port device team_slave_0 added [ 371.410404][ T6811] team0: Port device team_slave_1 added [ 372.027980][ T6811] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 372.072276][ T6811] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 372.194951][ T6811] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 372.328030][ T6811] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 372.344430][ T6811] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 372.470135][ T6811] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 373.019698][ T6984] loop4: detected capacity change from 0 to 1024 [ 373.086299][ T6984] ext3: Unknown parameter 'noacl' [ 373.253676][ T6811] hsr_slave_0: entered promiscuous mode [ 373.326077][ T6811] hsr_slave_1: entered promiscuous mode [ 373.365087][ T6811] debugfs: 'hsr0' already exists in 'hsr' [ 373.398079][ T6811] Cannot create hsr debugfs directory [ 373.674960][ T5225] 8021q: adding VLAN 0 to HW filter on device eth3 [ 374.173633][ T10] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 374.361613][ T10] usb 4-1: Using ep0 maxpacket: 8 [ 374.430623][ T10] usb 4-1: config index 0 descriptor too short (expected 301, got 45) [ 374.464511][ T10] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 374.484204][ T10] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 374.498431][ T10] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 374.557212][ T10] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 374.599838][ T10] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 374.679529][ T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 375.046746][ T10] usb 4-1: GET_CAPABILITIES returned 0 [ 375.075027][ T10] usbtmc 4-1:16.0: can't read capabilities [ 375.299356][ T6991] usb 4-1: usbtmc_ioctl_clear_in_halt returned -32 [ 375.357183][ T5675] usb 4-1: USB disconnect, device number 8 [ 375.753824][ T7004] loop2: detected capacity change from 0 to 2048 [ 375.909095][ T7004] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 376.594428][ T5574] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 377.213894][ T7019] loop3: detected capacity change from 0 to 512 [ 377.305508][ T7019] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 377.396577][ T7019] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.472: Invalid block bitmap block 0 in block_group 0 [ 377.477539][ T6811] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 377.504481][ T7019] loop3: lost filesystem error report for type 5 error -117 [ 377.506722][ T7019] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6679: Corrupt filesystem [ 377.514592][ C1] EXT4-fs (loop3): error count since last fsck: 1 [ 377.514689][ C1] EXT4-fs (loop3): initial error at time 1779115110: ext4_read_block_bitmap_nowait:483 [ 377.514823][ C1] EXT4-fs (loop3): last error at time 1779115110: ext4_read_block_bitmap_nowait:483 [ 377.551352][ T7019] loop3: lost filesystem error report for type 5 error -117 [ 377.554552][ T7019] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #11: comm syz.3.472: attempt to clear invalid blocks 983261 len 1 [ 377.632161][ T7019] loop3: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 377.639817][ T7019] EXT4-fs error (device loop3): __ext4_get_inode_loc:4885: comm syz.3.472: Invalid inode table block 0 in block_group 0 [ 377.674502][ T6811] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 377.754598][ T6811] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 377.763490][ T7019] loop3: lost filesystem error report for type 5 error -117 [ 377.764960][ T7019] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6383: Corrupt filesystem [ 377.821388][ T7019] loop3: lost filesystem error report for type 5 error -117 [ 377.824697][ T7019] EXT4-fs error (device loop3) in ext4_orphan_del:303: Corrupt filesystem [ 377.888390][ T6811] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 377.927177][ T7019] loop3: lost filesystem error report for type 5 error -117 [ 377.929313][ T7019] EXT4-fs error (device loop3): __ext4_get_inode_loc:4885: comm syz.3.472: Invalid inode table block 0 in block_group 0 [ 377.954558][ T6811] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 378.049776][ T7019] loop3: lost filesystem error report for type 5 error -117 [ 378.051544][ T7019] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6383: Corrupt filesystem [ 378.083410][ T6811] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 378.144060][ T6811] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 378.169006][ T7019] loop3: lost filesystem error report for type 5 error -117 [ 378.172454][ T7019] EXT4-fs error (device loop3): ext4_truncate:4690: inode #11: comm syz.3.472: mark_inode_dirty error [ 378.275950][ T7019] loop3: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 378.282864][ T7019] EXT4-fs error (device loop3) in ext4_process_orphan:345: Corrupt filesystem [ 378.306227][ T6811] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 378.326408][ T7030] loop4: detected capacity change from 0 to 256 [ 378.403118][ T7019] loop3: lost filesystem error report for type 5 error -117 [ 378.406115][ T7019] EXT4-fs error (device loop3): __ext4_get_inode_loc:4885: comm syz.3.472: Invalid inode table block 0 in block_group 0 [ 378.512475][ T7019] loop3: lost filesystem error report for type 5 error -117 [ 378.516153][ T7019] EXT4-fs (loop3): 1 truncate cleaned up [ 378.616730][ T7019] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 378.689175][ T7030] FAT-fs (loop4): Directory bread(block 64) failed [ 378.735583][ T7030] FAT-fs (loop4): Directory bread(block 65) failed [ 378.773853][ T7030] FAT-fs (loop4): Directory bread(block 66) failed [ 378.806406][ T7030] FAT-fs (loop4): Directory bread(block 67) failed [ 378.854337][ T7030] FAT-fs (loop4): Directory bread(block 68) failed [ 378.924170][ T7030] FAT-fs (loop4): Directory bread(block 69) failed [ 378.961632][ T7019] EXT4-fs (loop3): shut down requested (2) [ 378.969720][ T7030] FAT-fs (loop4): Directory bread(block 70) failed [ 379.014580][ T7030] FAT-fs (loop4): Directory bread(block 71) failed [ 379.038222][ T7039] EXT4-fs error (device loop3): __ext4_get_inode_loc:4885: comm syz.3.472: Invalid inode table block 0 in block_group 0 [ 379.055448][ T7030] FAT-fs (loop4): Directory bread(block 72) failed [ 379.085463][ T7030] FAT-fs (loop4): Directory bread(block 73) failed [ 379.486186][ T5578] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 380.352137][ T7047] loop2: detected capacity change from 0 to 256 [ 380.523368][ T7047] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 380.631250][ T6811] 8021q: adding VLAN 0 to HW filter on device bond0 [ 381.075371][ T6811] 8021q: adding VLAN 0 to HW filter on device team0 [ 381.371524][ T156] bridge0: port 1(bridge_slave_0) entered blocking state [ 381.379322][ T156] bridge0: port 1(bridge_slave_0) entered forwarding state [ 381.496507][ T7059] loop3: detected capacity change from 0 to 256 [ 381.538640][ T156] bridge0: port 2(bridge_slave_1) entered blocking state [ 381.546387][ T156] bridge0: port 2(bridge_slave_1) entered forwarding state [ 381.598604][ T7059] exfat: Deprecated parameter 'namecase' [ 381.611877][ T7059] exfat: Deprecated parameter 'namecase' [ 381.777381][ T7059] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 382.703104][ T5675] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 382.922095][ T5675] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 382.978081][ T5675] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 383.038875][ T5675] usb 5-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80 [ 383.098827][ T5675] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 383.192679][ T5675] usb 5-1: config 0 descriptor?? [ 383.788706][ T5675] cp2112 0003:10C4:EA90.0006: unknown main item tag 0x0 [ 383.890826][ T5675] cp2112 0003:10C4:EA90.0006: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.4-1/input0 [ 384.014979][ T5675] cp2112 0003:10C4:EA90.0006: error requesting version [ 384.102854][ T5675] cp2112 0003:10C4:EA90.0006: probe with driver cp2112 failed with error -71 [ 384.200938][ T5675] usb 5-1: USB disconnect, device number 3 [ 384.812342][ T7086] fido_id[7086]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory [ 385.471178][ T7098] loop3: detected capacity change from 0 to 256 [ 385.623872][ T7098] exFAT-fs (loop3): failed to test first cluster bit of root dir(5) [ 386.210761][ T9] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 386.412789][ T9] usb 2-1: Using ep0 maxpacket: 16 [ 386.467846][ T9] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 386.527063][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 386.596917][ T9] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 386.655022][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 386.692746][ T9] usb 2-1: Product: syz [ 386.724419][ T9] usb 2-1: Manufacturer: syz [ 386.753082][ T9] usb 2-1: SerialNumber: syz [ 386.844298][ T9] usb 2-1: config 0 descriptor?? [ 386.951856][ T9] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 386.992568][ T9] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class) [ 387.103748][ T7116] program syz.2.499 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 387.433500][ T7112] loop3: detected capacity change from 0 to 4096 [ 387.464051][ T7112] EXT4-fs: Ignoring removed orlov option [ 387.524915][ T7112] EXT4-fs (loop3): Test dummy encryption mode enabled [ 387.632170][ T9] em28xx 2-1:0.0: chip ID is em2882/3 [ 387.690051][ T7112] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 387.876303][ T9] em28xx 2-1:0.0: Config register raw data: 0xfffffffb [ 387.941739][ T9] em28xx 2-1:0.0: AC97 chip type couldn't be determined [ 387.979633][ T9] em28xx 2-1:0.0: No AC97 audio processor [ 388.023381][ T7123] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 388.069710][ T9] usb 2-1: USB disconnect, device number 5 [ 388.125340][ T9] em28xx 2-1:0.0: Disconnecting em28xx [ 388.219677][ T9] em28xx 2-1:0.0: Freeing device [ 388.347148][ T7127] loop2: detected capacity change from 0 to 256 [ 388.569385][ T5578] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 388.848004][ T6811] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 389.452073][ T7134] netlink: 4 bytes leftover after parsing attributes in process `syz.3.501'. [ 389.912153][ T6811] veth0_vlan: entered promiscuous mode [ 390.128355][ T6811] veth1_vlan: entered promiscuous mode [ 390.751898][ T6811] veth0_macvtap: entered promiscuous mode [ 390.913955][ T6811] veth1_macvtap: entered promiscuous mode [ 391.307446][ T6811] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 391.589667][ T6811] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 391.858189][ T55] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 391.892035][ T9] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 391.908420][ T55] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 391.963580][ T55] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 392.024804][ T55] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 392.112655][ T9] usb 3-1: Using ep0 maxpacket: 32 [ 392.182977][ T9] usb 3-1: config index 0 descriptor too short (expected 35577, got 27) [ 392.222875][ T9] usb 3-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 392.264979][ T9] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 392.318296][ T9] usb 3-1: config 1 has no interface number 0 [ 392.351042][ T9] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 392.419566][ T9] usb 3-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 392.496174][ T9] usb 3-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 392.544981][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 392.673821][ T9] snd_usb_pod 3-1:1.1: Line 6 Pocket POD found [ 392.913859][ T9] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now attached [ 393.466278][ T5675] usb 3-1: USB disconnect, device number 4 [ 393.518521][ T5675] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now disconnected [ 394.209760][ T1308] ieee802154 phy0 wpan0: encryption failed: -22 [ 394.221264][ T1308] ieee802154 phy1 wpan1: encryption failed: -22 [ 394.483948][ T808] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 394.696014][ T808] usb 2-1: Using ep0 maxpacket: 8 [ 394.716176][ T7188] netlink: 4 bytes leftover after parsing attributes in process `syz.3.521'. [ 394.749305][ T808] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 394.799518][ T808] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 394.966518][ T808] pvrusb2: Hardware description: Terratec Grabster AV400 [ 395.006552][ T808] pvrusb2: ********** [ 395.021122][ T808] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 395.056865][ T808] pvrusb2: Important functionality might not be entirely working. [ 395.097012][ T808] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 395.162702][ T808] pvrusb2: ********** [ 395.184823][ T2350] pvrusb2: Invalid write control endpoint [ 395.467741][ T7184] pvrusb2: Invalid write control endpoint [ 395.539253][ T808] usb 2-1: USB disconnect, device number 6 [ 395.766161][ T2350] pvrusb2: Invalid write control endpoint [ 395.827652][ T2350] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 395.867616][ T2350] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 395.921013][ T2350] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 395.987113][ T2350] pvrusb2: Device being rendered inoperable [ 396.022463][ T2350] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 396.060950][ T2350] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 396.119137][ T2350] pvrusb2: Attached sub-driver cx25840 [ 396.156689][ T2350] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 396.244676][ T2350] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 396.439657][ T7205] loop4: detected capacity change from 0 to 2048 [ 396.647618][ T7211] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 396.970653][ T7213] loop3: detected capacity change from 0 to 512 [ 397.021735][ T7217] netlink: 8 bytes leftover after parsing attributes in process `syz.1.528'. [ 397.156029][ T7213] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 397.297288][ T7213] ext4 filesystem being mounted at /112/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 397.444756][ T5577] syz-executor: attempt to access beyond end of device [ 397.444756][ T5577] loop4: rw=0, sector=2198922592328, nr_sectors = 2 limit=2048 [ 397.499147][ T29] audit: type=1800 audit(1779115130.505:24): pid=7213 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.527" name="file2" dev="loop3" ino=16 res=0 errno=0 [ 397.537962][ T5577] NILFS (loop4): I/O error reading meta-data file (ino=6, block-offset=1) [ 397.656264][ T5577] NILFS (loop4): vblocknr = 5121 has abnormal lifetime: start cno (= 100663298) > current cno (= 3) [ 397.719061][ T5577] NILFS error (device loop4): nilfs_bmap_truncate: broken bmap (inode number=13) [ 397.796422][ T5577] Remounting filesystem read-only [ 397.839919][ T5577] NILFS (loop4): error -5 truncating bmap (ino=13) [ 397.867051][ T5577] syz-executor: attempt to access beyond end of device [ 397.867051][ T5577] loop4: rw=0, sector=2198922592328, nr_sectors = 2 limit=2048 [ 397.977446][ T5577] NILFS (loop4): I/O error reading meta-data file (ino=6, block-offset=1) [ 398.035623][ T5578] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 399.072543][ T5577] NILFS (loop4): disposed unprocessed dirty file(s) when detaching log writer [ 399.249775][ T34] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 399.563207][ T34] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 399.685590][ T7242] loop2: detected capacity change from 0 to 512 [ 399.781612][ T7242] EXT4-fs: Ignoring removed orlov option [ 399.858133][ T7242] EXT4-fs (loop2): Test dummy encryption mode enabled [ 399.897350][ T34] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 399.927529][ T7242] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 400.014519][ T7242] EXT4-fs (loop2): 1 truncate cleaned up [ 400.057374][ T7242] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 400.215739][ T34] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 400.348234][ T7242] fscrypt (loop2): Missing crypto API support for AES-256-CBC-CTS (API name: "cts(cbc(aes))") [ 400.878519][ T5574] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 401.121591][ T34] bridge_slave_1: left allmulticast mode [ 401.167999][ T34] bridge_slave_1: left promiscuous mode [ 401.188489][ T34] bridge0: port 2(bridge_slave_1) entered disabled state [ 401.285753][ T34] bridge_slave_0: left allmulticast mode [ 401.326316][ T34] bridge_slave_0: left promiscuous mode [ 401.367356][ T34] bridge0: port 1(bridge_slave_0) entered disabled state [ 402.379559][ T34] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 402.432927][ T34] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 402.485497][ T34] bond0 (unregistering): Released all slaves [ 402.911412][ T7271] input: syz0 as /devices/virtual/input/input10 [ 404.038188][ T34] hsr_slave_0: left promiscuous mode [ 404.086034][ T34] hsr_slave_1: left promiscuous mode [ 404.135503][ T34] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 404.164756][ T34] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 404.207466][ T34] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 404.228011][ T34] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 404.324244][ T34] veth1_macvtap: left promiscuous mode [ 404.324262][ T4870] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 404.341551][ T4870] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 404.354110][ T4870] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 404.356831][ T34] veth0_macvtap: left promiscuous mode [ 404.380563][ T4870] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 404.390114][ T34] veth1_vlan: left promiscuous mode [ 404.401516][ T4870] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 404.421036][ T34] veth0_vlan: left promiscuous mode [ 405.416997][ T34] team0 (unregistering): Port device team_slave_1 removed [ 405.461061][ T34] team0 (unregistering): Port device team_slave_0 removed [ 405.850199][ T55] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 405.889502][ T55] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 406.361886][ T55] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 406.412542][ T55] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 406.520602][ T4870] Bluetooth: hci3: command tx timeout [ 408.610912][ T4870] Bluetooth: hci3: command tx timeout [ 410.221474][ T7345] program syz.3.560 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 410.680881][ T4870] Bluetooth: hci3: command tx timeout [ 411.912727][ T7368] loop1: detected capacity change from 0 to 128 [ 412.761471][ T4870] Bluetooth: hci3: command tx timeout [ 413.128781][ T7383] netlink: 44 bytes leftover after parsing attributes in process `syz.1.570'. [ 413.896355][ T7392] loop3: detected capacity change from 0 to 512 [ 413.956429][ T7393] tmpfs: Cannot retroactively limit size [ 414.046578][ T7392] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 414.061888][ T7392] ext4 filesystem being mounted at /124/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 414.409951][ T7386] loop0: detected capacity change from 0 to 4096 [ 414.704498][ T7286] bridge0: port 1(bridge_slave_0) entered blocking state [ 414.741418][ T7286] bridge0: port 1(bridge_slave_0) entered disabled state [ 414.782125][ T7395] loop1: detected capacity change from 0 to 4096 [ 414.809608][ T7286] bridge_slave_0: entered allmulticast mode [ 414.864904][ T7395] EXT4-fs: inline encryption not supported [ 414.877729][ T7286] bridge_slave_0: entered promiscuous mode [ 414.930005][ T7395] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 414.977718][ T7286] bridge0: port 2(bridge_slave_1) entered blocking state [ 415.006451][ T5578] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 415.013374][ T7395] EXT4-fs (loop1): Test dummy encryption mode enabled [ 415.025644][ T7286] bridge0: port 2(bridge_slave_1) entered disabled state [ 415.026232][ T7286] bridge_slave_1: entered allmulticast mode [ 415.112866][ T7286] bridge_slave_1: entered promiscuous mode [ 415.212229][ T7395] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c198, mo2=0003] [ 415.275848][ T7395] System zones: 0-5 [ 415.297317][ T7395] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 415.555364][ T29] audit: type=1800 audit(1779115148.575:25): pid=7386 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.572" name="file1" dev="loop0" ino=33 res=0 errno=0 [ 415.916520][ T7286] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 416.067394][ T7286] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 416.087546][ T5569] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 416.838948][ T7286] team0: Port device team_slave_0 added [ 416.945632][ T7286] team0: Port device team_slave_1 added [ 416.969953][ T7414] loop2: detected capacity change from 0 to 128 [ 417.143537][ T7414] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 417.157902][ T7414] ext4 filesystem being mounted at /132/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 417.679143][ T7286] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 417.751395][ T7286] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 417.825762][ T7418] loop1: detected capacity change from 0 to 2048 [ 417.915907][ T7286] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 417.992383][ T5574] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 418.059837][ T7286] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 418.102768][ T7286] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 418.157762][ T7418] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 418.170904][ T7286] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 418.569347][ T5569] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 419.009194][ T7286] hsr_slave_0: entered promiscuous mode [ 419.076074][ T7286] hsr_slave_1: entered promiscuous mode [ 419.923412][ T7444] loop3: detected capacity change from 0 to 512 [ 419.993510][ T7444] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 420.028653][ T7439] loop1: detected capacity change from 0 to 4096 [ 420.103452][ T7444] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #16: comm syz.3.588: invalid indirect mapped block 32768 (level 2) [ 420.212537][ T7444] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 420.220448][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 420.236659][ C0] EXT4-fs (loop3): initial error at time 1779115153: ext4_free_branches:1023: inode 16 [ 420.246761][ C0] EXT4-fs (loop3): last error at time 1779115153: ext4_free_branches:1023: inode 16 [ 420.274363][ T7444] EXT4-fs (loop3): Remounting filesystem read-only [ 420.352298][ T7444] EXT4-fs (loop3): 1 orphan inode deleted [ 420.393975][ T7444] EXT4-fs (loop3): 1 truncate cleaned up [ 420.459367][ T7444] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 420.783069][ T7450] loop0: detected capacity change from 0 to 1024 [ 420.835740][ T29] audit: type=1800 audit(1779115153.845:26): pid=7439 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.585" name="file1" dev="loop1" ino=33 res=0 errno=0 [ 422.499028][ T7286] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 422.638134][ T5675] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 422.676612][ T7286] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 422.811992][ T5675] usb 1-1: Using ep0 maxpacket: 16 [ 422.861921][ T5675] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 422.907126][ T7286] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 422.911151][ T5675] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 422.998581][ T5675] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 423.028379][ T5920] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 423.046034][ T5675] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 423.084756][ T5675] usb 1-1: Product: syz [ 423.089674][ T5675] usb 1-1: Manufacturer: syz [ 423.101325][ T5675] usb 1-1: SerialNumber: syz [ 423.122377][ T5675] usb 1-1: config 0 descriptor?? [ 423.166096][ T7286] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 423.211211][ T5675] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 423.257249][ T5675] em28xx 1-1:0.0: Audio interface 0 found (Vendor Class) [ 423.382283][ T55] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 423.486148][ T7286] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 423.618203][ T7286] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 423.707372][ T55] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 423.779640][ T7286] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 423.852240][ T5675] em28xx 1-1:0.0: chip ID is em2870 [ 423.900031][ T7286] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 424.057862][ T55] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 424.135541][ T9] usb 1-1: USB disconnect, device number 2 [ 424.175632][ T9] em28xx 1-1:0.0: Disconnecting em28xx [ 424.286720][ T55] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 424.312831][ T9] em28xx 1-1:0.0: Freeing device [ 425.027290][ T55] bridge_slave_1: left allmulticast mode [ 425.049892][ T55] bridge_slave_1: left promiscuous mode [ 425.070046][ T55] bridge0: port 2(bridge_slave_1) entered disabled state [ 425.178848][ T55] bridge_slave_0: left allmulticast mode [ 425.198439][ T55] bridge_slave_0: left promiscuous mode [ 425.216153][ T55] bridge0: port 1(bridge_slave_0) entered disabled state [ 425.810993][ T55] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 425.893311][ T55] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 425.952557][ T55] bond0 (unregistering): Released all slaves [ 425.979815][ T7479] netlink: 4 bytes leftover after parsing attributes in process `syz.1.600'. [ 426.051642][ T55] bond1 (unregistering): Released all slaves [ 426.444085][ T5225] 8021q: adding VLAN 0 to HW filter on device eth1 [ 427.169927][ T5580] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 427.187524][ T5580] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 427.201159][ T5580] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 427.233803][ T5580] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 427.258095][ T5580] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 427.532711][ T55] hsr_slave_0: left promiscuous mode [ 427.601226][ T55] hsr_slave_1: left promiscuous mode [ 427.626624][ T55] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 427.653280][ T55] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 427.703820][ T55] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 427.719932][ T55] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 427.790892][ T7496] loop1: detected capacity change from 0 to 1024 [ 427.825522][ T7496] EXT4-fs: Ignoring removed orlov option [ 427.851555][ T55] veth1_macvtap: left promiscuous mode [ 427.889468][ T55] veth0_macvtap: left promiscuous mode [ 427.913368][ T55] veth1_vlan: left promiscuous mode [ 427.937612][ T55] veth0_vlan: left promiscuous mode [ 427.975138][ T7496] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 428.227107][ T7496] EXT4-fs error (device loop1): __ext4_new_inode:1285: comm syz.1.605: failed to insert inode 15: doubly allocated? [ 428.313997][ T7496] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem [ 428.616259][ T5569] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 429.320596][ T5580] Bluetooth: hci4: command tx timeout [ 429.410701][ T9] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 429.635981][ T9] usb 2-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65 [ 429.664182][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 429.714369][ T9] usb 2-1: Product: syz [ 429.736833][ T9] usb 2-1: Manufacturer: syz [ 429.756199][ T9] usb 2-1: SerialNumber: syz [ 429.792465][ T9] usb 2-1: config 0 descriptor?? [ 430.088931][ T55] team0 (unregistering): Port device team_slave_1 removed [ 430.131081][ T9] usb 2-1: ignoring: probably an ADSL modem [ 430.187096][ T55] team0 (unregistering): Port device team_slave_0 removed [ 430.553205][ T9] cxacru 2-1:0.0: usbatm_usb_probe: bind failed: -19! [ 430.799573][ T5675] usb 2-1: USB disconnect, device number 7 [ 431.298334][ T7286] 8021q: adding VLAN 0 to HW filter on device bond0 [ 431.409332][ T5580] Bluetooth: hci4: command tx timeout [ 431.645765][ T7286] 8021q: adding VLAN 0 to HW filter on device team0 [ 431.816249][ T156] bridge0: port 1(bridge_slave_0) entered blocking state [ 431.824214][ T156] bridge0: port 1(bridge_slave_0) entered forwarding state [ 432.035675][ T5715] bridge0: port 2(bridge_slave_1) entered blocking state [ 432.043494][ T5715] bridge0: port 2(bridge_slave_1) entered forwarding state [ 432.959509][ T7535] loop2: detected capacity change from 0 to 128 [ 433.481402][ T5580] Bluetooth: hci4: command tx timeout [ 435.560634][ T5580] Bluetooth: hci4: command tx timeout [ 435.809927][ T7566] loop1: detected capacity change from 0 to 512 [ 435.892456][ T7566] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 435.981310][ T7566] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.623: bg 0: block 104: invalid block bitmap [ 435.996519][ T7566] loop1: lost filesystem error report for type 5 error -117 [ 436.000487][ C0] EXT4-fs (loop1): error count since last fsck: 1 [ 436.014874][ C0] EXT4-fs (loop1): initial error at time 1779115169: ext4_validate_block_bitmap:432 [ 436.024695][ C0] EXT4-fs (loop1): last error at time 1779115169: ext4_validate_block_bitmap:432 [ 436.039876][ T7566] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6679: Corrupt filesystem [ 436.121563][ T7566] loop1: lost filesystem error report for type 5 error -117 [ 436.125671][ T7566] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.623: invalid indirect mapped block 1 (level 1) [ 436.226149][ T7566] loop1: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 436.227933][ T7566] EXT4-fs (loop1): 1 truncate cleaned up [ 436.252261][ T7566] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 436.560226][ T5569] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 436.985832][ T5673] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 437.232262][ T5673] usb 1-1: Using ep0 maxpacket: 16 [ 437.312981][ T5673] usb 1-1: unable to get BOS descriptor or descriptor too short [ 437.362675][ T5673] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 64 [ 437.446318][ T5673] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 437.492849][ T5673] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 437.537279][ T5673] usb 1-1: Product: syz [ 437.569448][ T5673] usb 1-1: Manufacturer: syz [ 437.593273][ T5673] usb 1-1: SerialNumber: syz [ 437.934708][ T7576] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 438.406278][ T5225] 8021q: adding VLAN 0 to HW filter on device eth2 [ 438.599679][ T5673] cdc_ncm 1-1:1.0: SET_CRC_MODE failed [ 438.633598][ T5673] cdc_ncm 1-1:1.0: SET_NTB_FORMAT failed [ 438.685295][ T5673] cdc_ncm 1-1:1.0: bind() failure [ 438.795170][ T5673] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found [ 438.831236][ T5673] cdc_ncm 1-1:1.1: bind() failure [ 438.965998][ T5673] usb 1-1: USB disconnect, device number 3 [ 440.350191][ T7491] bridge0: port 1(bridge_slave_0) entered blocking state [ 440.368201][ T7491] bridge0: port 1(bridge_slave_0) entered disabled state [ 440.409335][ T7491] bridge_slave_0: entered allmulticast mode [ 440.465599][ T7491] bridge_slave_0: entered promiscuous mode [ 440.572157][ T7491] bridge0: port 2(bridge_slave_1) entered blocking state [ 440.609399][ T7491] bridge0: port 2(bridge_slave_1) entered disabled state [ 440.694389][ T7491] bridge_slave_1: entered allmulticast mode [ 440.772100][ T7491] bridge_slave_1: entered promiscuous mode [ 441.098099][ T7286] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 441.546841][ T7491] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 441.703093][ T7491] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 442.417549][ T7491] team0: Port device team_slave_0 added [ 442.534983][ T7491] team0: Port device team_slave_1 added [ 443.000065][ T7491] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 443.041412][ T7491] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 443.194873][ T7491] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 443.291992][ T7491] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 443.314325][ T7491] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 443.400653][ T7491] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 443.955223][ T7637] netlink: 4 bytes leftover after parsing attributes in process `syz.1.638'. [ 444.010978][ T7491] hsr_slave_0: entered promiscuous mode [ 444.063064][ T7491] hsr_slave_1: entered promiscuous mode [ 444.093946][ T7491] debugfs: 'hsr0' already exists in 'hsr' [ 444.124530][ T7491] Cannot create hsr debugfs directory [ 444.712595][ T5225] 8021q: adding VLAN 0 to HW filter on device eth3 [ 446.425010][ T7286] veth0_vlan: entered promiscuous mode [ 446.651612][ T7664] netlink: 4 bytes leftover after parsing attributes in process `syz.1.649'. [ 446.744842][ T7491] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 446.825221][ T7491] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 446.923878][ T7491] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 447.012606][ T7491] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 447.058806][ T7286] veth1_vlan: entered promiscuous mode [ 447.148401][ T7491] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 447.242998][ T7491] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 447.277373][ T7491] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 447.395264][ T7491] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 447.420830][ T5673] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 447.610552][ T5673] usb 3-1: Using ep0 maxpacket: 8 [ 447.674057][ T5673] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 447.703899][ T5673] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 447.740530][ T5673] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 447.781980][ T5673] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 447.837201][ T5673] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 447.879118][ T5673] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 447.946494][ T7286] veth0_macvtap: entered promiscuous mode [ 448.218646][ T7286] veth1_macvtap: entered promiscuous mode [ 448.280931][ T5673] usb 3-1: usb_control_msg returned -32 [ 448.320854][ T5673] usbtmc 3-1:16.0: can't read capabilities [ 448.450838][ T5673] usb 3-1: USB disconnect, device number 5 [ 448.777839][ T7286] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 449.203337][ T7286] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 449.576774][ T34] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 449.618593][ T34] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 449.694705][ T34] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 449.732020][ T34] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 450.041064][ T9] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 450.232129][ T9] usb 2-1: Using ep0 maxpacket: 16 [ 450.263544][ T7491] 8021q: adding VLAN 0 to HW filter on device bond0 [ 450.275597][ T9] usb 2-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4 [ 450.327518][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 450.409415][ T9] usb 2-1: config 0 descriptor?? [ 450.501534][ T9] gspca_main: sonixj-2.14.0 probing 0471:0327 [ 450.637567][ T7491] 8021q: adding VLAN 0 to HW filter on device team0 [ 450.671169][ T7703] netlink: 4 bytes leftover after parsing attributes in process `syz.2.660'. [ 450.803176][ T55] bridge0: port 1(bridge_slave_0) entered blocking state [ 450.810842][ T55] bridge0: port 1(bridge_slave_0) entered forwarding state [ 450.989070][ T5692] bridge0: port 2(bridge_slave_1) entered blocking state [ 450.996763][ T5692] bridge0: port 2(bridge_slave_1) entered forwarding state [ 451.272739][ T5225] 8021q: adding VLAN 0 to HW filter on device eth4 [ 451.360963][ T9] gspca_sonixj: reg_r err -71 [ 451.384403][ T9] sonixj 2-1:0.0: probe with driver sonixj failed with error -71 [ 451.427458][ T9] usb 2-1: USB disconnect, device number 8 [ 453.615675][ T7727] loop0: detected capacity change from 0 to 512 [ 453.704397][ T7727] EXT4-fs: Ignoring removed nomblk_io_submit option [ 453.806788][ T7727] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 453.834486][ T7732] loop1: detected capacity change from 0 to 512 [ 453.917679][ T7727] EXT4-fs (loop0): 1 truncate cleaned up [ 454.031684][ T7727] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 454.071785][ T7732] EXT4-fs error (device loop1): ext4_expand_extra_isize_ea:2810: inode #11: comm syz.1.666: corrupted xattr block 95: invalid header [ 454.165388][ T7732] loop1: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 454.172729][ C1] EXT4-fs (loop1): error count since last fsck: 1 [ 454.189032][ C1] EXT4-fs (loop1): initial error at time 1779115187: ext4_expand_extra_isize_ea:2810: inode 11 [ 454.199822][ C1] EXT4-fs (loop1): last error at time 1779115187: ext4_expand_extra_isize_ea:2810: inode 11 [ 454.216925][ T7732] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.666: bg 0: block 7: invalid block bitmap [ 454.317357][ T7732] loop1: lost filesystem error report for type 5 error -117 [ 454.322602][ T7732] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6679: Corrupt filesystem [ 454.432911][ T7732] loop1: lost filesystem error report for type 5 error -117 [ 454.434987][ T7732] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2972: inode #11: comm syz.1.666: corrupted xattr block 95: invalid header [ 454.528271][ T7732] loop1: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 454.535253][ T7732] EXT4-fs warning (device loop1): ext4_evict_inode:287: xattr delete (err -117) [ 454.611034][ T7732] EXT4-fs (loop1): 1 orphan inode deleted [ 454.651889][ T7732] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 454.856869][ T6811] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 455.303897][ T5569] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 455.659516][ T1308] ieee802154 phy0 wpan0: encryption failed: -22 [ 455.673118][ T1308] ieee802154 phy1 wpan1: encryption failed: -22 [ 455.993733][ T7758] netlink: 8 bytes leftover after parsing attributes in process `syz.1.670'. [ 456.040989][ T7758] netlink: 200 bytes leftover after parsing attributes in process `syz.1.670'. [ 456.910976][ T9] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 457.110717][ T9] usb 1-1: Using ep0 maxpacket: 32 [ 457.154273][ T9] usb 1-1: config 0 has an invalid interface number: 12 but max is 0 [ 457.192082][ T9] usb 1-1: config 0 has no interface number 0 [ 457.223263][ T9] usb 1-1: config 0 interface 12 has no altsetting 0 [ 457.275935][ T9] usb 1-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 457.304361][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 457.342854][ T9] usb 1-1: Product: syz [ 457.369397][ T9] usb 1-1: Manufacturer: syz [ 457.388914][ T9] usb 1-1: SerialNumber: syz [ 457.438405][ T9] usb 1-1: config 0 descriptor?? [ 457.556151][ T7491] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 458.484717][ T9] f81534 1-1:0.12: f81534_set_register: reg: 1002 data: 0 failed: -71 [ 458.533005][ T9] f81534 1-1:0.12: f81534_find_config_idx: read failed: -71 [ 458.575233][ T9] f81534 1-1:0.12: f81534_calc_num_ports: find idx failed: -71 [ 458.589411][ T5225] 8021q: adding VLAN 0 to HW filter on device eth5 [ 458.614853][ T9] f81534 1-1:0.12: probe with driver f81534 failed with error -71 [ 458.688228][ T9] usb 1-1: USB disconnect, device number 4 [ 458.716704][ T7784] netlink: 4 bytes leftover after parsing attributes in process `syz.2.676'. [ 459.083002][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 459.129178][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 459.536260][ T168] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 459.580409][ T168] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 461.411832][ T7491] veth0_vlan: entered promiscuous mode [ 461.637567][ T7491] veth1_vlan: entered promiscuous mode [ 462.276089][ T7491] veth0_macvtap: entered promiscuous mode [ 462.354095][ T7817] netlink: 8 bytes leftover after parsing attributes in process `syz.0.685'. [ 462.376598][ T7491] veth1_macvtap: entered promiscuous mode [ 462.440938][ T7817] netlink: 12 bytes leftover after parsing attributes in process `syz.0.685'. [ 462.547782][ T7820] netlink: 4 bytes leftover after parsing attributes in process `syz.1.686'. [ 462.665667][ T7491] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 462.971434][ T7491] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 463.166450][ T12] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 463.206193][ T12] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 463.252420][ T12] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 463.287571][ T12] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 464.406838][ T7837] netlink: 16 bytes leftover after parsing attributes in process `syz.0.691'. [ 464.927151][ T7842] loop9: detected capacity change from 0 to 7 [ 464.976988][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 465.716826][ T5225] 8021q: adding VLAN 0 to HW filter on device eth6 [ 467.547383][ T7860] loop5: detected capacity change from 0 to 4096 [ 469.733899][ T7892] netlink: 'syz.1.710': attribute type 4 has an invalid length. [ 469.793833][ T7892] netlink: 4168 bytes leftover after parsing attributes in process `syz.1.710'. [ 470.879435][ T7906] mmap: syz.5.712 (7906) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 472.760081][ T5225] 8021q: adding VLAN 0 to HW filter on device eth7 [ 473.149958][ T5692] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 473.203812][ T5692] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 473.585936][ T55] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 473.612601][ T55] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 474.938406][ T7948] program syz.2.727 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 475.246248][ T7951] netlink: 'syz.6.598': attribute type 10 has an invalid length. [ 475.303417][ T7951] netlink: 12 bytes leftover after parsing attributes in process `syz.6.598'. [ 477.146510][ T7968] loop6: detected capacity change from 0 to 4096 [ 477.302112][ T7968] NILFS (loop6): invalid segment: Checksum error in segment payload [ 477.371372][ T7968] NILFS (loop6): trying rollback from an earlier position [ 477.589738][ T7968] NILFS (loop6): recovery complete [ 477.675319][ T7983] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 478.203628][ T4870] Bluetooth: hci1: command 0x0406 tx timeout [ 479.097461][ T7993] loop0: detected capacity change from 0 to 16 [ 480.945429][ T5225] 8021q: adding VLAN 0 to HW filter on device eth8 [ 481.649061][ T8019] loop0: detected capacity change from 0 to 512 [ 481.876591][ T8019] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 481.968933][ T8019] ext4 filesystem being mounted at /55/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 482.903683][ T6811] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 483.218721][ T8035] Bluetooth: hci0: load_link_keys: expected 3 bytes, got 7 bytes [ 485.037352][ T8063] netlink: 36 bytes leftover after parsing attributes in process `syz.1.761'. [ 485.122738][ T8059] loop0: detected capacity change from 0 to 512 [ 485.251178][ T8059] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -13 [ 485.266839][ T5580] block nbd0: Receive control failed (result -32) [ 485.274778][ T4870] block nbd0: Receive control failed (result -32) [ 485.350954][ T8059] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.760: invalid indirect mapped block 2683928664 (level 1) [ 485.516183][ T8059] loop0: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 485.517749][ T8059] EXT4-fs (loop0): Remounting filesystem read-only [ 485.527396][ C0] EXT4-fs (loop0): error count since last fsck: 1 [ 485.527497][ C0] EXT4-fs (loop0): initial error at time 1779115218: ext4_free_branches:1023: inode 13 [ 485.527676][ C0] EXT4-fs (loop0): last error at time 1779115218: ext4_free_branches:1023: inode 13 [ 485.781468][ T8059] EXT4-fs (loop0): 1 truncate cleaned up [ 485.838393][ T6138] block nbd0: NBD_DISCONNECT [ 485.867845][ T8059] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 485.892833][ T6138] block nbd0: Send disconnect failed -32 [ 485.937349][ T6138] block nbd0: Send disconnect failed -32 [ 485.963017][ T6138] block nbd0: shutting down sockets [ 486.537841][ T6138] udevd[6138]: inotify_add_watch(7, /dev/nbd0, 10) failed: No such file or directory [ 486.806855][ T6811] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 487.546039][ T8081] loop5: detected capacity change from 0 to 2048 [ 487.594986][ T9] IPVS: starting estimator thread 0... [ 487.685756][ T8081] UDF-fs: error (device loop5): udf_process_sequence: Primary Volume Descriptor not found! [ 487.712929][ T8074] loop6: detected capacity change from 0 to 4096 [ 487.740782][ T8084] IPVS: using max 192 ests per chain, 9600 per kthread [ 487.799189][ T8074] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512). [ 487.817781][ T8086] loop2: detected capacity change from 0 to 256 [ 487.842074][ T8081] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 488.415938][ T8074] ntfs3(loop6): ino=1a, mi_enum_attr [ 488.470002][ T8074] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 488.560154][ T8074] ntfs3(loop6): ino=1a, mi_enum_attr [ 488.608285][ T8074] ntfs3(loop6): Failed to initialize $Extend/$Reparse. [ 488.888754][ T29] audit: type=1800 audit(1779115221.905:27): pid=8074 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.765" name="file1" dev="loop6" ino=24 res=0 errno=0 [ 488.973526][ T8074] ntfs3(loop6): ino=5, "/" ntfs_readdir [ 489.695162][ T8100] loop1: detected capacity change from 0 to 128 [ 489.796167][ T8100] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 489.981733][ T8100] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 491.455365][ T8112] loop5: detected capacity change from 0 to 64 [ 491.534808][ T8112] minix: block size(59136) > page size(4096) not supported by filesystem [ 493.615455][ T5681] usb 1-1: new low-speed USB device number 5 using dummy_hcd [ 493.830648][ T5681] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 493.873682][ T5681] usb 1-1: config 0 has no interface number 0 [ 493.898580][ T5681] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 493.973211][ T5681] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8 [ 494.049929][ T5681] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 494.090752][ T5681] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 494.163952][ T5681] usb 1-1: config 0 descriptor?? [ 494.206132][ T8128] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 494.347488][ T5681] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 494.613485][ T5681] usb 1-1: USB disconnect, device number 5 [ 498.603976][ T808] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 498.677321][ T808] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 498.752785][ T808] hid-generic 0000:0000:0000.0007: hidraw0: HID v0.00 Device [syz0] on syz0 [ 499.680931][ T8187] Bluetooth: hci0: load_link_keys: expected 3 bytes, got 7 bytes [ 499.927183][ T8181] fido_id[8181]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 501.440028][ T8204] loop5: detected capacity change from 0 to 512 [ 501.761719][ T8204] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 501.802320][ T8204] ext4 filesystem being mounted at /27/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 502.629587][ T7286] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 503.075699][ T8223] loop6: detected capacity change from 0 to 512 [ 503.135804][ T8223] EXT4-fs: inline encryption not supported [ 503.241584][ T8223] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended [ 503.412374][ T8223] EXT4-fs warning (device loop6): ext4_update_dynamic_rev:1148: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 503.473932][ T8223] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.816: bg 0: block 248: padding at end of block bitmap is not set [ 503.501616][ T8223] loop6: lost filesystem error report for type 5 error -117 [ 503.510416][ C0] EXT4-fs (loop6): error count since last fsck: 1 [ 503.524729][ C0] EXT4-fs (loop6): last error at time 1779115236: ext4_validate_block_bitmap:441 [ 503.556398][ T8223] Quota error (device loop6): write_blk: dquota write failed [ 503.581561][ T8223] Quota error (device loop6): qtree_write_dquot: Error -28 occurred while creating quota [ 503.665093][ T8223] EXT4-fs error (device loop6): ext4_acquire_dquot:7034: comm syz.6.816: Failed to acquire dquot type 1 [ 503.795337][ T8223] loop6: lost filesystem error report for type 5 error -28 [ 503.830807][ T8223] EXT4-fs (loop6): 1 truncate cleaned up [ 503.973279][ T8223] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback. [ 504.505566][ T8237] loop2: detected capacity change from 0 to 512 [ 504.650763][ T8237] EXT4-fs error (device loop2): ext4_iget_extra_inode:5128: inode #15: comm syz.2.820: corrupted in-inode xattr: invalid ea_ino [ 504.690434][ T8223] syz.6.816 (8223) used greatest stack depth: 2752 bytes left [ 504.796977][ T7491] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0008-000000000000. [ 504.830547][ T34] Quota error (device loop6): do_check_range: Getting block 0 out of range 1-5 [ 504.843132][ T8237] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 504.846154][ T8237] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.820: couldn't read orphan inode 15 (err -117) [ 504.855862][ C1] EXT4-fs (loop2): error count since last fsck: 1 [ 504.855962][ C1] EXT4-fs (loop2): initial error at time 1779115237: ext4_iget_extra_inode:5128: inode 15 [ 504.856132][ C1] EXT4-fs (loop2): last error at time 1779115237: ext4_iget_extra_inode:5128: inode 15 [ 504.886728][ T34] EXT4-fs error (device loop6): ext4_release_dquot:7070: comm kworker/u8:2: Failed to release dquot type 1 [ 504.990757][ T8237] loop2: lost filesystem error report for type 5 error -117 [ 504.999017][ T8237] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 505.020140][ T34] loop6: lost filesystem error report for type 5 error -117 [ 505.801853][ T5574] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 506.174910][ T8247] loop5: detected capacity change from 0 to 2048 [ 506.419608][ T8256] loop1: detected capacity change from 0 to 512 [ 506.565618][ T8256] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 506.725003][ T8256] EXT4-fs (loop1): shut down requested (0) [ 506.756044][ T8256] EXT4-fs warning (device loop1): dx_probe:791: inode #2: lblock 0: comm syz.1.825: error -117 reading directory block [ 507.313668][ T5569] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 507.353728][ T8265] loop0: detected capacity change from 0 to 1024 [ 507.903961][ T8267] loop6: detected capacity change from 0 to 4096 [ 508.158617][ T8276] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 508.762974][ T4870] Bluetooth: hci4: link tx timeout [ 508.768445][ T4870] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 508.777355][ T5580] Bluetooth: hci4: link tx timeout [ 508.783190][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 508.792297][ T5580] Bluetooth: hci4: link tx timeout [ 508.797725][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 508.809640][ T5580] Bluetooth: hci4: link tx timeout [ 508.815213][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 508.823675][ T5580] Bluetooth: hci4: link tx timeout [ 508.829039][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 508.859396][ T5580] Bluetooth: hci4: link tx timeout [ 508.865081][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 508.873412][ T5580] Bluetooth: hci4: link tx timeout [ 508.878806][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 508.894308][ T5580] Bluetooth: hci4: link tx timeout [ 508.899742][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 508.915331][ T5580] Bluetooth: hci4: link tx timeout [ 508.921099][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 508.929153][ T5580] Bluetooth: hci4: link tx timeout [ 508.934757][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.000651][ T5580] Bluetooth: hci4: link tx timeout [ 509.006104][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.016245][ T5580] Bluetooth: hci4: link tx timeout [ 509.022123][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.036875][ T5580] Bluetooth: hci4: link tx timeout [ 509.042440][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.052665][ T5580] Bluetooth: hci4: link tx timeout [ 509.063446][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.073767][ T5580] Bluetooth: hci4: link tx timeout [ 509.079229][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.087584][ T5580] Bluetooth: hci4: link tx timeout [ 509.093095][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.103204][ T5580] Bluetooth: hci4: link tx timeout [ 509.108590][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.121493][ T5580] Bluetooth: hci4: link tx timeout [ 509.126937][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.135406][ T5580] Bluetooth: hci4: link tx timeout [ 509.141071][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.164895][ T5580] Bluetooth: hci4: link tx timeout [ 509.170605][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.181810][ T5580] Bluetooth: hci4: link tx timeout [ 509.187211][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.195754][ T5580] Bluetooth: hci4: link tx timeout [ 509.201294][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.215948][ T5580] Bluetooth: hci4: link tx timeout [ 509.221505][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.229547][ T5580] Bluetooth: hci4: link tx timeout [ 509.235105][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.243356][ T5580] Bluetooth: hci4: link tx timeout [ 509.248759][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.273029][ T5580] Bluetooth: hci4: link tx timeout [ 509.278943][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.287060][ T5580] Bluetooth: hci4: link tx timeout [ 509.292548][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.313530][ T5580] Bluetooth: hci4: link tx timeout [ 509.318955][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.327107][ T5580] Bluetooth: hci4: link tx timeout [ 509.334301][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.344072][ T5580] Bluetooth: hci4: link tx timeout [ 509.349649][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.357769][ T5580] Bluetooth: hci4: link tx timeout [ 509.368908][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.379538][ T5580] Bluetooth: hci4: link tx timeout [ 509.385102][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.393116][ T5580] Bluetooth: hci4: link tx timeout [ 509.398414][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.416240][ T5580] Bluetooth: hci4: link tx timeout [ 509.423521][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.431594][ T5580] Bluetooth: hci4: link tx timeout [ 509.436890][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.445094][ T5580] Bluetooth: hci4: link tx timeout [ 509.450504][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.459528][ T5580] Bluetooth: hci4: link tx timeout [ 509.472210][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.480783][ T5580] Bluetooth: hci4: link tx timeout [ 509.486086][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.494209][ T5580] Bluetooth: hci4: link tx timeout [ 509.499505][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.507587][ T5580] Bluetooth: hci4: link tx timeout [ 509.513160][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.549581][ T5580] Bluetooth: hci4: link tx timeout [ 509.555067][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.563122][ T5580] Bluetooth: hci4: link tx timeout [ 509.574048][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.583731][ T5580] Bluetooth: hci4: link tx timeout [ 509.589154][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.597497][ T5580] Bluetooth: hci4: link tx timeout [ 509.602961][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.718888][ T5580] Bluetooth: hci4: link tx timeout [ 509.724425][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.734306][ T5580] Bluetooth: hci4: link tx timeout [ 509.739697][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.753877][ T5580] Bluetooth: hci4: link tx timeout [ 509.759286][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.767464][ T5580] Bluetooth: hci4: link tx timeout [ 509.779445][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.802258][ T5580] Bluetooth: hci4: link tx timeout [ 509.807687][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.830044][ T5580] Bluetooth: hci4: link tx timeout [ 509.835553][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.843592][ T5580] Bluetooth: hci4: link tx timeout [ 509.848888][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.896171][ T5580] Bluetooth: hci4: link tx timeout [ 509.902650][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.912273][ T5580] Bluetooth: hci4: link tx timeout [ 509.917670][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.926493][ T5580] Bluetooth: hci4: link tx timeout [ 509.931951][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.940362][ T5580] Bluetooth: hci4: link tx timeout [ 509.945785][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.973262][ T5580] Bluetooth: hci4: link tx timeout [ 509.983770][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 509.991906][ T5580] Bluetooth: hci4: link tx timeout [ 509.997280][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 510.046356][ T5580] Bluetooth: hci4: link tx timeout [ 510.055181][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 510.066624][ T5580] Bluetooth: hci4: link tx timeout [ 510.072105][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 510.091012][ T5580] Bluetooth: hci4: link tx timeout [ 510.096623][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 510.107722][ T5580] Bluetooth: hci4: link tx timeout [ 510.113281][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 510.121712][ T5580] Bluetooth: hci4: link tx timeout [ 510.127134][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 510.142124][ T5580] Bluetooth: hci4: link tx timeout [ 510.147578][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 510.155615][ T5580] Bluetooth: hci4: link tx timeout [ 510.161110][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 510.177813][ T5580] Bluetooth: hci4: link tx timeout [ 510.188610][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 510.196697][ T5580] Bluetooth: hci4: link tx timeout [ 510.202129][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 510.235362][ T5580] Bluetooth: hci4: link tx timeout [ 510.241191][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 510.249292][ T5580] Bluetooth: hci4: link tx timeout [ 510.254794][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 510.282118][ T5580] Bluetooth: hci4: link tx timeout [ 510.293274][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 510.301455][ T5580] Bluetooth: hci4: link tx timeout [ 510.306818][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 510.341299][ T5580] Bluetooth: hci4: link tx timeout [ 510.346825][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 510.355865][ T5580] Bluetooth: hci4: link tx timeout [ 510.361687][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 510.373735][ T5580] Bluetooth: hci4: link tx timeout [ 510.379213][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 510.393789][ T5580] Bluetooth: hci4: link tx timeout [ 510.399119][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 510.421042][ T5580] Bluetooth: hci4: link tx timeout [ 510.427098][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 510.435455][ T5580] Bluetooth: hci4: link tx timeout [ 510.441009][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 510.455926][ T5580] Bluetooth: hci4: link tx timeout [ 510.462243][ T5580] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 510.831677][ T5675] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 510.850867][ T5580] Bluetooth: hci4: command 0x0406 tx timeout [ 511.121015][ T5675] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 511.189311][ T5675] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 511.281728][ T5675] usb 7-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00 [ 511.354729][ T5675] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 511.447003][ T5675] usb 7-1: config 0 descriptor?? [ 512.268998][ T5675] hid-led 0003:1D34:000A.0008: hidraw0: USB HID v0.00 Device [HID 1d34:000a] on usb-dummy_hcd.6-1/input0 [ 512.396812][ T5675] hid-led 0003:1D34:000A.0008: Dream Cheeky Webmail Notifier initialized [ 512.585695][ T5675] usb 7-1: USB disconnect, device number 2 [ 512.597092][ T8302] netlink: 4 bytes leftover after parsing attributes in process `syz.1.841'. [ 512.714339][ T8302] netlink: 4 bytes leftover after parsing attributes in process `syz.1.841'. [ 513.252211][ T8312] loop5: detected capacity change from 0 to 512 [ 513.297187][ T8305] fido_id[8305]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory [ 513.352037][ T8312] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 513.443357][ T8312] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c028, mo2=0002] [ 513.489599][ T8312] System zones: 1-12 [ 513.569578][ T8312] EXT4-fs (loop5): 1 truncate cleaned up [ 513.578543][ T8312] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 514.453400][ T7286] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 516.051163][ T5681] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 516.091051][ T5681] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 516.154571][ T5681] hid-generic 0000:0000:0000.0009: hidraw0: HID v0.00 Device [syz0] on syz0 [ 517.102184][ T1308] ieee802154 phy0 wpan0: encryption failed: -22 [ 517.111047][ T1308] ieee802154 phy1 wpan1: encryption failed: -22 [ 517.131408][ T1308] ------------[ cut here ]------------ [ 517.137182][ T1308] WARNING: ./include/linux/skbuff.h:3242 at lowpan_xmit+0xa0e/0x1d00, CPU#1: aoe_tx0/1308 [ 517.147927][ T1308] Modules linked in: [ 517.152250][ T1308] CPU: 1 UID: 0 PID: 1308 Comm: aoe_tx0 Tainted: G L syzkaller #0 PREEMPT(full) [ 517.163262][ T1308] Tainted: [L]=SOFTLOCKUP [ 517.167882][ T1308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 517.178337][ T1308] RIP: 0010:lowpan_xmit+0xa0e/0x1d00 [ 517.184068][ T1308] Code: fb 8b 7d d4 e8 a3 70 25 f2 48 89 df e9 35 fd ff ff 44 89 f7 e8 93 70 25 f2 66 41 83 fd ff 0f 85 7f fd ff ff e8 43 51 77 f1 90 <0f> 0b 90 80 7d c0 00 0f 84 3b 12 00 00 48 8b bd 00 ff ff ff 0f b7 [ 517.204514][ T1308] RSP: 0000:ffff888108a77960 EFLAGS: 00010293 [ 517.210951][ T1308] RAX: ffffffff90892bad RBX: 0000000000000000 RCX: ffff888104f44280 [ 517.219164][ T1308] RDX: 0000000000000000 RSI: 000000000000ffff RDI: 000000000000ffff [ 517.227568][ T1308] RBP: ffff888108a77ac0 R08: ffffea000000000f R09: 0000000000000000 [ 517.235897][ T1308] R10: ffff8881082778d8 R11: ffff8881016cd3d0 R12: ffff888104f44e40 [ 517.244194][ T1308] R13: 000000000000ffff R14: 0000000000000000 R15: ffff888100688800 [ 517.252483][ T1308] FS: 0000000000000000(0000) GS:ffff8881aa710000(0000) knlGS:0000000000000000 [ 517.261744][ T1308] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 517.268595][ T1308] CR2: 00007fb94d6a8432 CR3: 0000000032d8c000 CR4: 00000000003526f0 [ 517.276974][ T1308] Call Trace: [ 517.280599][ T1308] [ 517.283705][ T1308] ? validate_xmit_xfrm+0x84/0x19e0 [ 517.289316][ T1308] ? netif_skb_features+0x1bd3/0x1ea0 [ 517.295218][ T1308] ? kmsan_report+0x2e0/0x320 [ 517.300363][ T1308] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 517.307025][ T1308] ? __pfx_lowpan_xmit+0x10/0x10 [ 517.312339][ T1308] dev_hard_start_xmit+0x22f/0xa80 [ 517.317813][ T1308] __dev_queue_xmit+0x2990/0x5a00 [ 517.323289][ T1308] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 517.329710][ T1308] ? kmsan_get_metadata+0xf1/0x160 [ 517.335281][ T1308] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 517.342053][ T1308] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 517.348499][ T1308] ? __dev_queue_xmit+0x2d4/0x5a00 [ 517.354060][ T1308] ? kmsan_get_metadata+0xf1/0x160 [ 517.359571][ T1308] tx+0xb6/0x440 [ 517.363683][ T1308] ? __pfx_tx+0x10/0x10 [ 517.368165][ T1308] kthread+0x17d/0x370 [ 517.372643][ T1308] ? __pfx_default_wake_function+0x10/0x10 [ 517.378876][ T1308] kthread+0x53a/0x5f0 [ 517.383351][ T1308] ? __pfx_kthread+0x10/0x10 [ 517.388255][ T1308] ? __pfx_kthread+0x10/0x10 [ 517.393262][ T1308] ret_from_fork+0x20f/0x8d0 [ 517.398163][ T1308] ? __switch_to+0x573/0x7a0 [ 517.403179][ T1308] ? __pfx_kthread+0x10/0x10 [ 517.408098][ T1308] ret_from_fork_asm+0x1a/0x30 [ 517.413357][ T1308] [ 517.416555][ T1308] ---[ end trace 0000000000000000 ]--- [ 517.422304][ T1308] ===================================================== [ 517.429596][ T1308] BUG: KMSAN: uninit-value in lowpan_xmit+0xa6b/0x1d00 [ 517.436751][ T1308] lowpan_xmit+0xa6b/0x1d00 [ 517.441529][ T1308] dev_hard_start_xmit+0x22f/0xa80 [ 517.446850][ T1308] __dev_queue_xmit+0x2990/0x5a00 [ 517.452198][ T1308] tx+0xb6/0x440 [ 517.456077][ T1308] kthread+0x17d/0x370 [ 517.460428][ T1308] kthread+0x53a/0x5f0 [ 517.464744][ T1308] ret_from_fork+0x20f/0x8d0 [ 517.469538][ T1308] ret_from_fork_asm+0x1a/0x30 [ 517.474631][ T1308] [ 517.477063][ T1308] Uninit was stored to memory at: [ 517.482460][ T1308] lowpan_xmit+0x68f/0x1d00 [ 517.487154][ T1308] dev_hard_start_xmit+0x22f/0xa80 [ 517.492561][ T1308] __dev_queue_xmit+0x2990/0x5a00 [ 517.497802][ T1308] tx+0xb6/0x440 [ 517.501652][ T1308] kthread+0x17d/0x370 [ 517.505925][ T1308] kthread+0x53a/0x5f0 [ 517.510351][ T1308] ret_from_fork+0x20f/0x8d0 [ 517.515136][ T1308] ret_from_fork_asm+0x1a/0x30 [ 517.520129][ T1308] [ 517.522657][ T1308] Uninit was created at: [ 517.527186][ T1308] kmem_cache_alloc_node_noprof+0x3cd/0x12c0 [ 517.533523][ T1308] __alloc_skb+0x855/0x1190 [ 517.538323][ T1308] new_skb+0x4a/0x550 [ 517.542605][ T1308] aoecmd_cfg+0x2c2/0xb70 [ 517.547149][ T1308] discover_timer+0x64/0x80 [ 517.551970][ T1308] call_timer_fn+0x4c/0x510 [ 517.556678][ T1308] __run_timer_base+0x80a/0xdb0 [ 517.561801][ T1308] run_timer_softirq+0x3a/0x70 [ 517.566756][ T1308] handle_softirqs+0x171/0x7b0 [ 517.571885][ T1308] __irq_exit_rcu+0x9a/0x1e0 [ 517.576721][ T1308] irq_exit_rcu+0x12/0x20 [ 517.581358][ T1308] sysvec_apic_timer_interrupt+0x84/0x90 [ 517.587354][ T1308] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 517.593670][ T1308] [ 517.596170][ T1308] CPU: 1 UID: 0 PID: 1308 Comm: aoe_tx0 Tainted: G W L syzkaller #0 PREEMPT(full) [ 517.607080][ T1308] Tainted: [W]=WARN, [L]=SOFTLOCKUP [ 517.612507][ T1308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 517.622810][ T1308] ===================================================== [ 517.629905][ T1308] Disabling lock debugging due to kernel taint [ 517.636375][ T1308] Kernel panic - not syncing: kmsan.panic set ... [ 517.642998][ T1308] CPU: 1 UID: 0 PID: 1308 Comm: aoe_tx0 Tainted: G B W L syzkaller #0 PREEMPT(full) [ 517.653887][ T1308] Tainted: [B]=BAD_PAGE, [W]=WARN, [L]=SOFTLOCKUP [ 517.660462][ T1308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 517.670712][ T1308] Call Trace: [ 517.674137][ T1308] [ 517.677223][ T1308] __dump_stack+0x26/0x30 [ 517.681810][ T1308] dump_stack_lvl+0x50/0x1c0 [ 517.686658][ T1308] ? dump_stack+0x12/0x25 [ 517.691262][ T1308] dump_stack+0x1e/0x25 [ 517.695658][ T1308] vpanic+0x7b4/0x1430 [ 517.699998][ T1308] panic+0x15d/0x160 [ 517.704179][ T1308] kmsan_report+0x31a/0x320 [ 517.708961][ T1308] ? __msan_warning+0x1b/0x30 [ 517.713852][ T1308] ? lowpan_xmit+0xa6b/0x1d00 [ 517.718746][ T1308] ? dev_hard_start_xmit+0x22f/0xa80 [ 517.724248][ T1308] ? __dev_queue_xmit+0x2990/0x5a00 [ 517.729673][ T1308] ? tx+0xb6/0x440 [ 517.733630][ T1308] ? kthread+0x17d/0x370 [ 517.738065][ T1308] ? kthread+0x53a/0x5f0 [ 517.742532][ T1308] ? ret_from_fork+0x20f/0x8d0 [ 517.747517][ T1308] ? ret_from_fork_asm+0x1a/0x30 [ 517.752677][ T1308] ? kmsan_get_metadata+0xf1/0x160 [ 517.758021][ T1308] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 517.764563][ T1308] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 517.770891][ T1308] ? report_bug+0x196/0x1d0 [ 517.775716][ T1308] ? lowpan_xmit+0xa10/0x1d00 [ 517.780587][ T1308] ? lowpan_xmit+0xa0e/0x1d00 [ 517.785444][ T1308] ? handle_bug+0xb2/0x230 [ 517.790150][ T1308] ? exc_invalid_op+0x1f/0x50 [ 517.795058][ T1308] ? kmsan_get_metadata+0xf1/0x160 [ 517.800419][ T1308] __msan_warning+0x1b/0x30 [ 517.805196][ T1308] lowpan_xmit+0xa6b/0x1d00 [ 517.809935][ T1308] ? validate_xmit_xfrm+0x84/0x19e0 [ 517.815367][ T1308] ? netif_skb_features+0x1bd3/0x1ea0 [ 517.821000][ T1308] ? kmsan_report+0x2e0/0x320 [ 517.825958][ T1308] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 517.832553][ T1308] ? __pfx_lowpan_xmit+0x10/0x10 [ 517.837710][ T1308] dev_hard_start_xmit+0x22f/0xa80 [ 517.843098][ T1308] __dev_queue_xmit+0x2990/0x5a00 [ 517.848345][ T1308] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 517.854641][ T1308] ? kmsan_get_metadata+0xf1/0x160 [ 517.859975][ T1308] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 517.866519][ T1308] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 517.872814][ T1308] ? __dev_queue_xmit+0x2d4/0x5a00 [ 517.878125][ T1308] ? kmsan_get_metadata+0xf1/0x160 [ 517.883495][ T1308] tx+0xb6/0x440 [ 517.887256][ T1308] ? __pfx_tx+0x10/0x10 [ 517.891605][ T1308] kthread+0x17d/0x370 [ 517.895863][ T1308] ? __pfx_default_wake_function+0x10/0x10 [ 517.901882][ T1308] kthread+0x53a/0x5f0 [ 517.906177][ T1308] ? __pfx_kthread+0x10/0x10 [ 517.910994][ T1308] ? __pfx_kthread+0x10/0x10 [ 517.915829][ T1308] ret_from_fork+0x20f/0x8d0 [ 517.920611][ T1308] ? __switch_to+0x573/0x7a0 [ 517.925420][ T1308] ? __pfx_kthread+0x10/0x10 [ 517.930244][ T1308] ret_from_fork_asm+0x1a/0x30 [ 517.935250][ T1308] [ 517.938998][ T1308] Kernel Offset: disabled [ 517.943471][ T1308] Rebooting in 86400 seconds..