last executing test programs: 2m11.325305177s ago: executing program 4 (id=594): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="11000000040000000400000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000000)={r0, &(0x7f0000000140), &(0x7f0000000200)=""/221}, 0x20) 2m11.120236672s ago: executing program 4 (id=596): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000680)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)={0x50, r1, 0x1, 0x70bd28, 0x25dfdbfd, {{}, {@void, @val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x8, 0x2c}}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'veth0_macvtap\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}, @mon_options=[@NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}]]}, 0x50}, 0x1, 0x0, 0x0, 0x81}, 0x24044884) 2m10.476544359s ago: executing program 4 (id=600): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_MSRS_cpu(r2, 0xc008ae88, &(0x7f00000002c0)={0xba, 0x0, [{0x40000107, 0x0, 0xffffffff}]}) 2m10.059728075s ago: executing program 4 (id=604): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) syz_mount_image$fuse(0x0, &(0x7f0000000140)='./file0\x00', 0x2a0000a, 0x0, 0x0, 0x0, 0x0) unlinkat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x200) 2m9.995663283s ago: executing program 4 (id=605): socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1000, 0xfffffff7) r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x40) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x8c, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 2m5.927255541s ago: executing program 4 (id=620): syz_mount_image$vfat(&(0x7f0000001800), &(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x8, &(0x7f0000000980)=ANY=[@ANYBLOB="00631dda01aef2b0bad477a11d13ec0c19456795dd9b2620df1c0f624854ea3dd5a00bd6df44035f5c3ae796fec6d633a0ffad0569794acfef7da01767fd4175f2cd82df769aa2ee7bfe3640554507d24c60c9f9e222a72e1e3e71145c480657d2864e5e276f028d64701ae31cde0ceaf408fdb0420f4142da00e9000001001d0149e6d308cbe315789f4baffe39bbced9b1d4db174c610fd2e290e9fc561a62225f002ee310e1fa7321000000000000d6231001a4b2d467825f3abb0c167e129cf1fa0e7854103f4bf2d3a0194983bc86cbd3d75ccef3c8ac4516dac10222664bbc980b4e99027c53ae2c6cc05d3be246e5837cbf286225d43e8c1d2e3fda86b86906b79fdedae7f3bbe362e8ad7f2b370442013de1788be93a3d553c2e1f5b559393d964df51bf393f52ecbe6f832b222231fbb9fee9e0343c2d3d567f7cff6d0b25303bcbcc99c879d3bc"], 0x1, 0x29d, &(0x7f0000000400)="$eJzs3M9OE10cxvGnUF54wTJVFAVjPNGNbiZQr6AhkBibaJAa/yQmg0y16dCSToOpMYIrt14HcenOxHgDbLwCF+5w4ZKFYQzTEVqoEY10pHw/mznTmWdyTn9nJmfR6cbd14ulgm8XnJp6EkZJaUibUlo96lVDItr2hO3/1GxVV0dyny7cvnf/RjaXm541ZiY7dy1jjBm++P7p8zeXPtSG7rwdftev9fTDja+Zz+uj62MbW3NPir4p+qZcqRnHzFcqNWfec81C0S/ZxtzyXMd3TbHsu9WW4wWvsrRUN055ITW4VHV93zjluim5dVOrmFq1bpzHTrFsbNs2qUHhV/Jrs7NONu5e4HBVq1lnSkok9h3Jr8XSIQAAEKs26//VP1n/J6N91v9Hw5eUWP93I2v/R9vr/wfR/duK9T8AAAAAAAAAAAAAAAAAAAAAAEfBZhBYQRBYP7Z9UviGTxDt/y9pUNKQpBOSUpKGo9cM0pJOSjolaUTSaUlnJI1KOivpnKSxpmvFPVbs97P691L/Y+GA9/+AqH9X4vl/vDX9cc+AtPhqOb+cb2wbx7MFFeXJ1YQsfQtrGWm0Z67npidMKK3ziytRfmU539uan5S1PWHa5ScbedOa7w/n3U4+I2t7grXLZ9rmB3TlclPelqWPj1SRp4VwTu7mX0waM3Uztyc/Hp7X7ezouzNJqV397J0T9ta3kT/A/Agm2tYnqfGk+uIdPfz6s5LjeW6VxmE3Xv7VC27FPZyONEb/jW50TyOxetCT434yoRN2ix53TwAAAAAAAAAAAAAAAAAAv6MTvz2Me4wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOz1PQAA//9O+l2y") socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) umount2(&(0x7f00000002c0)='./file0\x00', 0x9) sendmmsg$unix(r0, &(0x7f0000004080)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40084}}, {{&(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}], 0x2, 0x440e0) 2m5.361676823s ago: executing program 32 (id=620): syz_mount_image$vfat(&(0x7f0000001800), &(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x8, &(0x7f0000000980)=ANY=[@ANYBLOB="00631dda01aef2b0bad477a11d13ec0c19456795dd9b2620df1c0f624854ea3dd5a00bd6df44035f5c3ae796fec6d633a0ffad0569794acfef7da01767fd4175f2cd82df769aa2ee7bfe3640554507d24c60c9f9e222a72e1e3e71145c480657d2864e5e276f028d64701ae31cde0ceaf408fdb0420f4142da00e9000001001d0149e6d308cbe315789f4baffe39bbced9b1d4db174c610fd2e290e9fc561a62225f002ee310e1fa7321000000000000d6231001a4b2d467825f3abb0c167e129cf1fa0e7854103f4bf2d3a0194983bc86cbd3d75ccef3c8ac4516dac10222664bbc980b4e99027c53ae2c6cc05d3be246e5837cbf286225d43e8c1d2e3fda86b86906b79fdedae7f3bbe362e8ad7f2b370442013de1788be93a3d553c2e1f5b559393d964df51bf393f52ecbe6f832b222231fbb9fee9e0343c2d3d567f7cff6d0b25303bcbcc99c879d3bc"], 0x1, 0x29d, &(0x7f0000000400)="$eJzs3M9OE10cxvGnUF54wTJVFAVjPNGNbiZQr6AhkBibaJAa/yQmg0y16dCSToOpMYIrt14HcenOxHgDbLwCF+5w4ZKFYQzTEVqoEY10pHw/mznTmWdyTn9nJmfR6cbd14ulgm8XnJp6EkZJaUibUlo96lVDItr2hO3/1GxVV0dyny7cvnf/RjaXm541ZiY7dy1jjBm++P7p8zeXPtSG7rwdftev9fTDja+Zz+uj62MbW3NPir4p+qZcqRnHzFcqNWfec81C0S/ZxtzyXMd3TbHsu9WW4wWvsrRUN055ITW4VHV93zjluim5dVOrmFq1bpzHTrFsbNs2qUHhV/Jrs7NONu5e4HBVq1lnSkok9h3Jr8XSIQAAEKs26//VP1n/J6N91v9Hw5eUWP93I2v/R9vr/wfR/duK9T8AAAAAAAAAAAAAAAAAAAAAAEfBZhBYQRBYP7Z9UviGTxDt/y9pUNKQpBOSUpKGo9cM0pJOSjolaUTSaUlnJI1KOivpnKSxpmvFPVbs97P691L/Y+GA9/+AqH9X4vl/vDX9cc+AtPhqOb+cb2wbx7MFFeXJ1YQsfQtrGWm0Z67npidMKK3ziytRfmU539uan5S1PWHa5ScbedOa7w/n3U4+I2t7grXLZ9rmB3TlclPelqWPj1SRp4VwTu7mX0waM3Uztyc/Hp7X7ezouzNJqV397J0T9ta3kT/A/Agm2tYnqfGk+uIdPfz6s5LjeW6VxmE3Xv7VC27FPZyONEb/jW50TyOxetCT434yoRN2ix53TwAAAAAAAAAAAAAAAAAAv6MTvz2Me4wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOz1PQAA//9O+l2y") socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) umount2(&(0x7f00000002c0)='./file0\x00', 0x9) sendmmsg$unix(r0, &(0x7f0000004080)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40084}}, {{&(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}], 0x2, 0x440e0) 5.376030349s ago: executing program 0 (id=1317): r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x3) r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TIOCSTI(r1, 0x5412, &(0x7f00000004c0)=0x11) 4.843450532s ago: executing program 0 (id=1321): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000002200)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000440)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000000a00000008000300", @ANYRES32=r2, @ANYBLOB="1000508005000200f9"], 0x2c}}, 0x0) 4.655983209s ago: executing program 1 (id=1323): unshare(0x22020600) r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) open_by_handle_at(r1, &(0x7f0000002580)=ANY=[@ANYBLOB='\f'], 0x0) 4.404284541s ago: executing program 1 (id=1325): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) mremap(&(0x7f00006bd000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000721000/0x4000)=nil) 4.25943971s ago: executing program 0 (id=1326): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a01000000000000000100010000000900010073797a30000000000900020073797a300000000040000380080001400000000008"], 0x110}}, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000001300050000000000feffffff07000000", @ANYRES32=r1, @ANYBLOB="003000000000000014001a80100004800c000980"], 0x34}, 0x1, 0x0, 0x0, 0x800c000}, 0x0) 4.008353225s ago: executing program 0 (id=1329): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0x7, 0x7ffc0001}]}) 3.704412689s ago: executing program 3 (id=1334): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f00000000c0)=0xa, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000180)="10031400e4ff020002004788aa96a13bb100001100007fca1a00", 0x1000a, 0x0, &(0x7f0000000140)={0x11, 0x0, r1}, 0x14) 3.528257504s ago: executing program 3 (id=1335): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000000000), 0x4) setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f00000002c0)={0x0, 0x4, 0x14, 0xfffffffe, @vifc_lcl_addr=@dev={0xac, 0x14, 0x14, 0xd}, @remote}, 0x10) setsockopt$MRT_FLUSH(r0, 0x0, 0xd4, &(0x7f0000000040)=0x6, 0x4) 3.190784345s ago: executing program 2 (id=1338): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_GET_MSRS_cpu(r2, 0xc008ae88, &(0x7f0000000040)={0xfdfd, 0x0, [{0xc001001b, 0x0, 0x2}]}) 2.954008548s ago: executing program 0 (id=1340): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x63b5, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) sched_getscheduler(0x0) 2.803250255s ago: executing program 1 (id=1342): bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={0xffffffffffffffff, 0x0, 0x0}, 0x10) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="c4000000190001000000000000004000e00000020000000000000000000000000000000000000000000000000000000000000000000000000a00000087000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fbffffffffffffff00000000000000000000000000000000000000000000000200000000000000b9120000000000000000000000000000000c0015005a"], 0xc4}, 0x1, 0x0, 0x0, 0x40100}, 0x2c000010) syz_emit_ethernet(0xa6, &(0x7f0000000240)=ANY=[@ANYBLOB="bbbbbbbbbbbb00080300660086dd6000000000703afffe8000000000000000000000000000bbff020000000000000000000000000001"], 0x0) 2.735351722s ago: executing program 3 (id=1343): ioctl$int_in(0xffffffffffffffff, 0x40000000af01, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x40102, 0x0) r1 = dup(r0) read$FUSE(r1, 0x0, 0x0) 2.62596591s ago: executing program 2 (id=1344): r0 = socket(0x1e, 0x1, 0x0) connect$tipc(r0, &(0x7f0000000040)=@id, 0x10) recvmmsg(r0, &(0x7f0000002bc0)=[{{0x0, 0x0, &(0x7f0000000a80)=[{&(0x7f00000005c0)=""/32, 0x20}], 0x1, &(0x7f0000000b00)=""/55, 0x37}, 0x8}], 0x1, 0x21, 0x0) shutdown(r0, 0x2) 2.610384377s ago: executing program 1 (id=1345): r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=@newlink={0x48, 0x10, 0x1, 0x470bd27, 0x25dfd402, {0x0, 0x0, 0x0, r2, 0x64e98, 0x16ac1}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0x10, 0x5, 0x0, 0x1, [@IFLA_BRPORT_MULTICAST_ROUTER={0x5, 0x19, 0x2}, @IFLA_BRPORT_FLUSH={0x4}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x400c080}, 0x200088c2) 2.531889305s ago: executing program 3 (id=1346): syz_mount_image$hfsplus(&(0x7f0000000080), &(0x7f0000000100)='./file1\x00', 0x0, &(0x7f0000001780)=ANY=[@ANYRES16=0x0, @ANYBLOB="431ce52762211940fe1100c3efa6c9447dcba8785af7378246dc0f296919fd4acfb1eb09318705eef36345ffa6f1cd641c885ac8c73f6702787b0fc68635c23843f671e5c1326df09f4c7913c4c5b1d54e26349346d75206ce8de0a74d4040c141b734b40a3b0be5a8eac4ab9dc153190e2e420fe65f8263865482039643dfda0a7ca805ef414e34244f579b4b192c32dacb45075e34b79ca2315ae6d386772fa4ac106d7370ea2b9663467cce4a0718b8322dfacb398377bb6340511702c27468af279d6eb2927f1457883690d1e636fa73c480a0a5c08a49ed23b990aea9a45775e7625f6a58d1011a0f30ca8c090f1c64d9dd88d71519ad0a97064dedbe33220bd45e4aa18a34da378e60945aacc5cb41e54a2c058750f8454e385a9c4e7bfe884067e0cf16170ea21be0bf464c76dfafc23b933dbfb918d6fd3eab9c7eb0ab9435b3968341369739dcfe3c9ff7d2bba00cfa91a02a281650e28f889cb567a9b36420e57ab8205116f41b6e7a9daee2a8edfb339f2dbcc7079541482155e865d4a209dbd884adcd54dc6547483d70ea5ad930e0cbba9cb971285cf059285f75e236614e3145a052309513c6ee138f8459fb389da8aaf46e2f79190415ecbdf4ff8c76004d07a33e08f5695005e7d56e342a3605a4e9560dd48ac93b2d7dffdbeb3475005bb23064d3932e1eebaff96055185a0052b4f979c3b2fa18b30020c02077451249392ccbecfd0b43d93f464f0ae2c4d86587027ae4346da658c735659666bbd9cc0aa3e8b6ea4376166edb52db687978f4db799b44eac6266c47f99b513e4e7bc495b203705a308db455194f04f1fb95c17e8ac4f513a0c7563d3aefa0c86f1babe1283a1714d23651e03332512bbf171dfcfffc603f5e346bc46c60ceb21f83398e211f0c073c3315867171c09d6a4943dbfd28dc1a629b098081675b3f9b634ebb59e93384ec22a22e7685aa757c38a037142e32d7e25307af5546b80e0674a98d53de32da16da582efbeb370f73d582b18df7c10b8bad2fe0f151173a1a7754d80da5656fd5e2675f58ca20f293aab7f75562bfba66b5961a53a570c38bcbeb7e4b5dc040804420ccb852ee1a427e96c1f48f0c3e140e064da8f576a751766be49b5a021bc43f8c8fc1a82a1707609a5654900b707af11fbac650393dc7e3d0c5dd94aa75b4532f7b635d752fc72591de42bd9b77a81e4be8782423633c9c1ff558c25355a8fa731c097cd4ebf575a3fbd96e88506e6e84ccdfbb73b90c8e2d340ba21841fea480e1a41b220a455c43f3a6f71d4bb3d8b2c63106a67433ee8a79723605db560292dc3c227455d13c8d76d2aaccc30c89d70ad829e9ca5bf6f1c1882a234d465cf1b592fe33b441a5a165545b747422382f4194d08e41ea4b59307ee1d32752d4eaa0ca4c2b481be532f0927fcdc2602f0bc6d53a008141c4f0584a85f7d38054c9259eada1a9613375dfec7bd6d9449531ddc0b7df641a8f853a00fd85758e19f5dbbcdd20acadf560c1f26fe4cc57f1bc8b6aacdda0176313cbbb28243a8f65a1181b1c68943e1a98ca3fa046a48e6753503b83d4ba42115fbda92fbaa6ba815d91378307e83ca22322703df6c0fc00c2a981a0e390c5c18046e39058cbc685dd5f1fba23ec310069a7cf4f8cde676bec797df55a718609f1f6f616524dd8672ecb1536f7a109f56c143e674aa6a2ac3fcdcbdceae4717c1db6b0e9be9ef95e6a0b3c2955a9e278f3f0bee86a8181b1205d1661b052387a33c3846163b0a838bea1b2546ef88a2e2757595bfb36c25c556c07258cc7ab69a18bdac603bae4025e814c7fb07dbae2fb05867c5dd92787041e6c57bba71d0ac0c9bd1e55ecb39dc42dc9f8c652399d411231c1081123bef9e72dd4183b2401ce6e6757dfbaafbe5115568a9f704acf5a682d7ae28af02680f4be8bdff35f2998e427ffe0c7e9ae330ba3299e1738d9d3534db56dcfb4c0cf0687ad2b585fa787be7c7359bbff89908451acb7ebf15f17d4d6ef00d3bde540a4b058f8ebd002c5473b7ac5403297e650d7f325229717e734b3928efa6b2450a6f03999343d28ebc5d691bdf2a116c84949a0c7df591478f72539392d0d7e2b49c6b0e361370facff92d62969260293c478386bf6af7b6ddabaa1ac16885afff0a759c8a2e714a7998d5e3752385438918e7c7b5d0339e07335a68a1044bc0c36ab354a0b74aca38430aac9a336183d971ca00cfd4dbf70152431937824e3df58fe5739b09e93cdc0f305e85be50d5ec433591c332156f261ed35193feaba85264f570ce0353b27a5ed244e62dfb94b1ea260344127d508855ffdd8255d1b8cf4c3828db9a7be13d350d22bfce8aa9c8ce3a85ad84dbf69792e613fb0acbc15fa312e4cce4e042ad2fcfa2a90385efe5bc019ed360669cd05e8821f53a885e721d4acad6833f6d491636e38487cc9b6872af722d5d7614b5b03cc52b9f263bf4ae92c308ca0d95a5c877e0500b2eadd4a04ea9d1561a1b77c4e1eb591d4127b10bad3aaf100a07164f10def857eb72515269ffbd2975429e601d705daff7821036d7860ecda21f0905df445836faec7496000de2c83679c616c9a2b4b54567553f9ccf344788182f47787e23bb1e28491ad6c50c3dfc5ea261cef3caab73b7966e9bf20c89dc2e1cc27f1f0fe41483bd1a6ffd5c7c23140ae214afe75eae4d8b8765e08514be89ec6a4b5ea8bc3214855ec89d4c756e8d0459459e44ebae292ca60fce37ed91c2dd1d10e1bee6ffed16b85d09f979ea96c584dde851ab6b853bde6a00c4d609e4ef404c84a0801dc918a4b72c3e641074a2146d13ded094ccf3e355550817d5e20c7cf5d88524283e711f7a01821ecb8ad314c8851c3e6f28e8da3fcd66d1727e8f2f6135fe728ba625304e0f54108e7d525f67f085aaace5e164ebfd439fa831aff77becaa6f0c8c16ba33558b900521815ca972152019af88efa4462163c30662f389604514de81bee8c64c2a2c0e65b3d96249e6a95b1d22cea760e38d7865f7885534174ffefcc08e2641d23017d361773b20234ba4e7fe607f00b497366b57058eaee348d287cf458825c5510bbfec3f8372d0f6ea27a46ad263a735b24a9c44b7db5ca5c19a6c5247d2f04d4cc7d1a06ea4d05a8f42421c392b1d5d2c64e5a7c9c4165d402d7f61d1be134226924adf2dceea7248dd1540dd92c6aa454da9bf472cd2698a6d8b3e68f2d9d40e6d84e280e0d350e577d1940446f6626178ba92c76188921e54d4fa69033dcd6e52cd0751667086c0fdc36ffb1482938dd7938942fc885246155880d7095ab9a45de1dccc977bc0ab013ab98d4c2f8935bafa094cf98d33ddfe5fc799759c4b7f3acb54eed27d964c8f9d6c13656c243314a4d4a85aa1c22bbc6f9cbe648a68c006c60508b2d40ec21f339814251f745f10e940cb83571e28298e0e7e51d8eb110c8220a8435438b037c75c14cc7d4d793b0754ada73dff1f33327b3fee91938464bc5b387286d05d67f90854445ccc7b699a50cf6e98f4ee4c5cb219859740612746fa57b112b4aacba4d54256d2d1cc12fc863dd68b1c86ce3bedee2a0835375996ff5d8c087092a7138afca0e07ba6db8a95c44fc7c33e0c303e9e0db0d10926fd988b291cf4275a234efb3dd937b24d93099bf1f68e5fe9a27a9c298893082ffc00ad11cd1d1f39f8bdd5df2130aba0dae7b541bb93ff2c20a4bb0f5aeb1408dfb28e5927ec6cc6d88f84f0471eba0e6a3c9aed44f94c61cfdb7b6785faa185740cc53e054ea80d115b9a01f4329a600e41e1a311e09ae8c966fd9fc524a5d07d82b2d0b370cda1192244afb59bf174000b80fd6832ba7f108d984ef87ba33d0479ae8450990c41f1e9dc136c1a097bed018f5fb275dd1de62f5a2684749fece0c570e2aa4dececbccbc2ce1cddabc82cd5a93af9f54c6a113d0b07b7de81a8428ff91ecd65442b391e41955fca7fc39e4ecaaa21da1b0ef95b6dfcfe2d43788be94aa4aa570580286959bb5aed45eecec75c91866d1196bc04fd0e800fc9fd2cc0d886743f6b753a700d52d3cde0b1df332d7f7b478a9a7861a0bfb32f9e20936bc88892a11bd0b024ebb171cc53ceaba72416fb463131b14192b2bdb5618705cb930b6415f70fc1baeffdfb03c2451eb6f94d804b54009df854e4bb98908c4cdae95d73ccf1c59256a31d290aef9fd9ba8c4014916f1d78a2a7e0eb34d6ccd8eede0e83a4c257eb33f304732b904801bcd440568c456bdeb04e667c2c20df70f5b4636e848500b5fa5469aad385792dac58d800d2676aeb2b2d9bb93dea2de8d5190d73ba3d03b6260978452119990cf037270ddca876a668fce328e42f2c1ed6b1518a8f3204075d9fcab97996ddd95b57d3999893623231eee0fbcc148ce916786f462128b66c0e5bcfd05c12c6735a9753a2fafd975318aa15880b2787b13ccf35f01dfe9e256502813b5a0b28c667ab905bd0bd4c0f5e22ac827ae3415726c0310b12a06480bc8f7bfa60030490a1cd8989c3ffa98a6de468910323ce45bbd8c66a9f855cbe73d7761567496b63f21ca4f172e9126a5d560e083d03bf526803a42c716847acfd92eeffa53340f963cc12f7d006822356ab88ff24b10454c6ead98f0e8966c768b24299169c2f2162a8d653f97d5e77a38a199e50b4030be08d1c58de83809d3fcae337aaa1ea3969d281302e294d915e74f1e3f85e1e02ab8497c01a2e9a60828c68fd32501c3dae3673c7579d18236184243f595687a35a4e02117675502df4f00bcea784416282517264928b39f3770613ae620455567c7954c8e72636a5a4bdf9dff7cec5c68be6f1001b1cf7f9835200be7ed29712010c55f76150d5a559098d99c859b218a3b8469e1ca95c697dcb0f7bb46d2fc5793831c8f5393a2997b0b83671b50301733b541df529fdbe6f239aa5b397dcc72c7abf560d53a937560ed7ca6c0bbf56767f0efa6db319893fb050a4612c490c9c7f3038feefd83d1344a68cc169cfcb5e146b24e31f276f2c5d7ddb2992d8fa0ab01c9345bf0fa52ac0b3147df08dbd882091bdc7ebfc233510b6181e678ad907786625f27604818452e81d74405fdad6ebdb140585fd4abee8f8951e01d101e20195084c68431277db2ef7c4d27433fc224ee488e1608b5b90a939b8d56d168b9fc52c9196416ffcef5b34b80b01458da37731615ddc9fa287e6de0f23ed9c87dd6170321f1445994e1b7a554cbbe269d495ee9ac39307944a0549ae5542d881130e77c6c3155ac53dab5b8e8ad08a6cccdb3cc68c9c52c3ad38b35e09663fc0a93b620c834f62c0f06ef4a0ec5e3472ccd680034952f76a028142bdbd52e626a77a119ad233d608abbab0a765ccfaca26090438986a36118be5a9b08fbf8b94247f0aba3fdd9b46a272d51484f6cb16bfb19f8c58295d0b38c8e0282d42e5c13c4d13160f88f9c624105b5b5f60fe952a60362c74a95b2d0d520cce789526b5b07ae9ad7c4d65fcf1720f213d2333bac8559e75aadff6ac91698fabc7de54b1187b1d78098e90563ed843eb930ed6f90ccff355ef27afe4eec35392d60dbcca156391500bce5f1c1b75193e1b518bc30b94b91d5a4285c9bd7d74c0dce006207bf61c53eaf197f7a018accdefb7c539f377a10300c68c60e8ec0d5fe3d15cf3b195b252fd323100bd8d307213dfe216c1b9467ef48cd2b4c1aeddd737fe5f40c8b437d0d8febbf0e79c59ac7fc606ae7d4586caf74bb19108277f2dd73b36230bfefe3d62c1f1f6c"], 0x2, 0x648, &(0x7f0000001100)="$eJzs3c1vHGcdB/DvrN9TKXVpkgZUqVYjAcIi8YtcMBcCQshIFarKgbOVOIqVTVpsF7kVouZNXDn0DygH3zghcUFCslTOcOvVx0pIXHoyp0UzO2tvYmdZJ+usUz6faGaeZ56Z5/nNb+dldyNrA/zfWpnN6F6KrMy+uV3W93cXm/u7i/c75SQTSRrJaHuR4kFSfJLcTHvKl8uVdXfF48b5aH357U8/3/+sXRutp2r7Rq/9+rNTT5lJMlIvB9Xfrafurzg8wjJh1zqJg2EbS9J6yM+uHLX0duGpr1vgPCjaz81DrfrKnq4u80zW7wPaT8X2M/u5tjPsAAAAAGDQJo+vevEgB9nOxWGEAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM+r+vf/q1/9nzxclWImRef3/8c77UleGGKovY33t9le46wDAQAAAAAAAICz99pBDrKdi516q0gjyetV5VI1fyHvZTNr2cj1bGc1W9nKRuaTTHd1NL69urW1Md/Hngsn7rnQZ8BTT3/MAAAAAAAAAPAF9OusHP3/PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnAdFMtJeVNOlTnk6jdEkk0nGy+12kn92ys+zvWEHAAAAAM/Aiwc5yHYuduqtovrMf6X63D+Z9/IgW1nPVppZy+3qu4D2p/7G/u5ic3938X45He/3e/8+VRhVj2l/93DyyFerLaZyJ+vVmuu5lXfSzO00qj1LVzvxnBzXr8qYiu/Wkoz1Edntelke+R/q5dkb6WOb6TIj42OHGZmrYyuz8VLvTDz86uz0NVKORppP4/Cbn0unzHk/LtTLInnhR88s5/2oM/Fa6kwsdJ19V3pnIvnaX/7007vNB/fu3tmcPT+HdAoTrVarU370nFjsysQrX/hMdJurMnH5sL6SH+Ynmc1M3spG1vPzrGYra5nJD6rSan0+l/Pp3pm6+VDtrWo+9fhIxuvXpX33OF1Mr1f7Xsx6fpx3cjtreaP6t5D5fCtLWcpy1yt8uY+rvnG6q/7a1+tCeYC/732gz1iZ15fqvH5YPTeO7rnTVVv3mqMspcig742jX6kL5Ri/qZfnw6OZmO/KxMu9z5c/VreVzeaDext3V9/tb7iJTqG8jn53rp4S5fnypfLFqmoPnx1l28snts1XbZcO2xrH2i4ftv2vK3W8fg93vKeFqu2VE9sWq7arXW0nvd8C4Ny78I0L41P/mvrH1MdTv526O/Xm5Pcnvj3x6njG/j72ndG5ka82Xi3+nI/zy6PP/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJPbfP+De6vN5trGI4VWq/XhY5qetDCS0+z1t78OcvTO7xENoMPZDDYt7cLkaTYuigGPfvaF/7RarSfYfSSPrtnpcdIOrNCqnYvUDakw5BsTcOZubN1/98bm+x98c73ziFxaWp5bXnpj8cad9ebaXHs+5CCBM3H00B92JAAAAAAAAAAAAEC/nsWfEwz7GAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDn28psRvdSZH7u+lxZ399dbJZTp3y05WiSRpLiF0nxSXIz7SnTXd0Vx0fYq+YfrS+//enn+58d9TXa2b5x8n6nsVNPmUkyUi8H1d+tp+6vODzCMmHXOomDYftvAAAA//+6gA1m") r0 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0) sendfile(r0, r1, 0x0, 0x20fffe82) 2.383920158s ago: executing program 2 (id=1348): r0 = fanotify_init(0x40, 0x80000) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0xa880, 0x97) fanotify_mark(r0, 0x1, 0x40001019, r1, 0x0) getdents64(r1, &(0x7f0000000280)=""/167, 0xa7) 2.15478731s ago: executing program 1 (id=1349): r0 = socket$can_j1939(0x1d, 0x2, 0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000019300)={0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'gretap0\x00', 0x0}) bind$can_j1939(r0, &(0x7f0000000040)={0x1d, r2, 0x0, {0x2, 0xf0, 0x2}, 0xff}, 0x18) 2.138207967s ago: executing program 5 (id=1350): r0 = memfd_create(&(0x7f00000000c0)='-B\xd5N4\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\x8a\xd7Uw\x00\xbc\xa92\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x19\xea\xef\xe3\xe1@\x84\x13\xefZb:\x8f\t\x01B\xec\xde\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@Ip]D\xd6\r\xac\v#co\xd5\xb9\xc806\xa8\x99\xffs7\xa1b1\xb1;i)j\x0e\x1e\xedI\xa2\x80\x89\x1d\xd9p!\xc86s\xe07(\xee\xf9<\"\xf0\xc8\xae\x96J\xe2]\x01\x86\xb7.<\xf5N\xd3\x94W1\xff\x18z>\xa7q,\xf7\x96\xb8{\x8e\xbf4\xe0\x95\x1ce\xe4\x85\xcdi\xed\xd3>\xeb\xa5\xaf\x87\x90@\xd1\xbd`^\xfa\xb6\x9cj\x13/\xc5\\W\x04\br\x17X\xe3\xfb\xc8\xd4\xaeX\xc9s\xd18\xd9L\xbf\xa0\xa6\xdf2\a\x99i\xb1/\x19@\x1cq\xeb?\xc1z:\x913\xfa8\xac\xd3q\xe4vPGU', 0x0) r1 = dup(r0) write$binfmt_elf32(r1, &(0x7f0000000200)=ANY=[@ANYBLOB="7f454c464a030103ff0700000000000002000300040000003e03000038000000d600000097700000fe032000010007000c0007000000000003"], 0x58) execveat(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) 1.876784726s ago: executing program 2 (id=1351): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000b80), 0xffffffffffffffff) sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x24, r1, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x2}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @remote}]}, 0x24}, 0x1, 0x0, 0x0, 0x84}, 0x4000000) sendmsg$FOU_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000340)={0x1c, r1, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40040021}, 0x40080) 1.861021953s ago: executing program 5 (id=1352): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'macsec0\x00', 0x100}) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000240)={'macsec0\x00', 0x1}) 1.849338438s ago: executing program 1 (id=1353): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000980)=ANY=[@ANYBLOB="12010000b1bd2f087d0403508c2f010203010902120001000000000904"], 0x0) rmdir(&(0x7f0000000100)='./control\x00') syz_usb_control_io$cdc_ecm(r0, &(0x7f00000000c0)={0x14, &(0x7f0000000100)=ANY=[@ANYBLOB="0000f50000000341"], 0x0}, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) 1.319140626s ago: executing program 3 (id=1354): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000480), r0) sendmsg$IEEE802154_LLSEC_SETPARAMS(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000500)={0x28, r2, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x40000}, 0x800) 1.150212059s ago: executing program 5 (id=1355): r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000800)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0xffea, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3000000070000100000000000000000007000000", @ANYRES32=r2, @ANYBLOB="0c00018008000100070001000c0002"], 0x30}}, 0x0) 1.149428943s ago: executing program 2 (id=1356): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0xc, &(0x7f0000000280)=@assoc_value={0x0}, &(0x7f0000000880)=0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000100)={r2, 0x69fa}, 0x8) 944.233705ms ago: executing program 0 (id=1357): syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="d8df0f23b3b9ce000000b807000000ba000000000f301b8154fea900c1210680320000c4e28ddc8dcd000000c182fd3f0000c8b950020000b801000400b9a6080000b80000010026b87aeabbc900bbc9000f302f300fc79d53bf0000c4b9e16dc30101220f01c3", 0x67}], 0x1, 0x14, 0x0, 0x0) syz_emit_ethernet(0x3a, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaa0380c200000108004680002c0000000000069078ac141400ac1e000107"], 0x0) syz_usb_connect$cdc_ncm(0x4, 0xd1, &(0x7f0000000040)=ANY=[@ANYBLOB="12011003020000182505a1a44000010203010902bf0002010650000900000000020d00000524060001082400a9b30d240f010a0000000300ff000606241a05001407240a050905580c240c00000000a90c0900030424020204240200042406024424"], 0x0) syz_usb_connect(0x3, 0xf5, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000772aed408680070bb96c010203010902e30003dc2000000904003f000e01000505a40600010524007f000d240f0104000000080000000006241a03000a05240101070424020a1524120009a317a88b045e4f01a607c0ffcb7e392a09044c03003a92a2010a240109000102010205240401050c2402"], 0x0) 748.15154ms ago: executing program 2 (id=1358): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, 0xffffffffffffffff}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0x10, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000020000007b8a00fe0000000087080000000000007b8af0ff00000000bda100000000000027000000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000008000000850000004900000095"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000007c0)={r2, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000680)="76389e6a65585578f830e9000000", 0x0, 0x10001, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 628.075059ms ago: executing program 5 (id=1359): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'erspan0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000001c0)=@newlink={0x48, 0x10, 0xc3b, 0x0, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_ENCAP_DPORT={0x6, 0x11, 0x4e1e}, @IFLA_GRE_ENCAP_SPORT={0x6, 0x10, 0x4e20}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x81}, 0x0) 605.913711ms ago: executing program 3 (id=1360): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x1000000, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) mq_notify(0xffffffffffffffff, 0x0) 377.140868ms ago: executing program 5 (id=1361): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = openat$vicodec0(0xffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$VIDIOC_S_CTRL(r1, 0xc008561c, &(0x7f00000000c0)={0xf0f041, 0x8000}) close_range(r0, 0xffffffffffffffff, 0x0) 0s ago: executing program 5 (id=1362): pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r1 = memfd_create(&(0x7f00000002c0)='\x103q}2\x9a\xce\xaf\x03\x86\xe7\xc0\x14\x8f^\xd5\xfd\xa9\r\xac7A\x94\xeb\xcd\t\x00\x90k\xd6\x05\r\x84\x87\x1c\b\x8c`\xea\x13A\x90m\xb6&\xd0\x9daA\xc5\xb8_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2_\xdb\xc0\x8b\x19\x17\xb7Rvd\xcb:\b\xeeC0\xa3\xa6\xcf\x00\x00\xac\xc5h&+\t\x98\'\xfd|\x11\x99\xa2*6{\xd2C>2\x0e\"\xbc\xda\xee\xb0\xd8\xbf\xaf)\xf58c\x189K\x82\xd1(\xceY*\xcb\x9b\xbdn\x8e\x98m\x10L\xec\xfdWF\x7fj\x19\xb8<\xd2\x9d\xf0\xe9Qy\xe32\xed\x16f\xfe&\x1a\xdb\xeb\xad\xaaE\b\xa9\xf8\xa9s\xc4d\xd4\x03\xf1\xb7xO\x99\x804m[Ai\x13\x02\xf0\x84c2s\xd5P\t`\x9b\x12&\x8cx\x8eg\x9d\xe6g', 0x0) ftruncate(r1, 0x80079a0) splice(r1, 0x0, r0, 0x0, 0x100002, 0x9) kernel console output (not intermixed with test programs): 1261] zl10353_read_register: readreg error (reg=127, ret==-71) [ 135.840083][ T44] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 135.840134][ T44] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 135.840169][ T44] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 135.866856][ T161] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 135.999795][ T6140] netlink: 8 bytes leftover after parsing attributes in process `syz.2.119'. [ 136.355629][ T1261] dvb_usb_gl861 4-1:157.0: probe with driver dvb_usb_gl861 failed with error -5 [ 136.592860][ T1261] usb 4-1: USB disconnect, device number 2 [ 136.833735][ T6162] loop2: detected capacity change from 0 to 1024 [ 138.354983][ T6193] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 138.582874][ T6198] loop2: detected capacity change from 0 to 8 [ 138.990955][ T6204] netlink: 20 bytes leftover after parsing attributes in process `syz.1.144'. [ 139.299783][ T38] audit: type=1326 audit(1777891900.084:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6205 comm="syz.2.145" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4f0be7e159 code=0x7ffc0000 [ 139.299842][ T38] audit: type=1326 audit(1777891900.084:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6205 comm="syz.2.145" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4f0be7e159 code=0x7ffc0000 [ 139.453228][ T38] audit: type=1326 audit(1777891900.094:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6205 comm="syz.2.145" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4f0be7e159 code=0x7ffc0000 [ 139.509568][ T38] audit: type=1326 audit(1777891900.254:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6205 comm="syz.2.145" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4f0be7e159 code=0x7ffc0000 [ 139.509626][ T38] audit: type=1326 audit(1777891900.274:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6205 comm="syz.2.145" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4f0be7e159 code=0x7ffc0000 [ 139.509668][ T38] audit: type=1326 audit(1777891900.274:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6205 comm="syz.2.145" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4f0be7e159 code=0x7ffc0000 [ 139.509710][ T38] audit: type=1326 audit(1777891900.284:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6205 comm="syz.2.145" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4f0be7e159 code=0x7ffc0000 [ 139.509751][ T38] audit: type=1326 audit(1777891900.294:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6205 comm="syz.2.145" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4f0be7e159 code=0x7ffc0000 [ 139.509793][ T38] audit: type=1326 audit(1777891900.294:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6205 comm="syz.2.145" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4f0be7e159 code=0x7ffc0000 [ 139.509836][ T38] audit: type=1326 audit(1777891900.294:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6205 comm="syz.2.145" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4f0be7e159 code=0x7ffc0000 [ 140.220332][ T5922] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 140.372817][ T5922] usb 5-1: Using ep0 maxpacket: 32 [ 140.376112][ T5922] usb 5-1: config 0 has an invalid interface number: 85 but max is 0 [ 140.376139][ T5922] usb 5-1: config 0 has no interface number 0 [ 140.376262][ T5922] usb 5-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 140.376453][ T5922] usb 5-1: config 0 interface 85 has no altsetting 0 [ 140.424679][ T5922] usb 5-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 140.424710][ T5922] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 140.424731][ T5922] usb 5-1: Product: syz [ 140.424745][ T5922] usb 5-1: Manufacturer: syz [ 140.424759][ T5922] usb 5-1: SerialNumber: syz [ 140.670357][ T5922] usb 5-1: config 0 descriptor?? [ 141.354596][ T5922] appletouch 5-1:0.85: Geyser mode initialized. [ 141.516160][ T5922] input: appletouch as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.85/input/input5 [ 141.589385][ T6232] loop0: detected capacity change from 0 to 32768 [ 141.634271][ T6232] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.155 (6232) [ 141.715050][ T6228] loop3: detected capacity change from 0 to 32768 [ 142.542108][ T5922] usb 5-1: USB disconnect, device number 3 [ 142.542243][ C0] appletouch 5-1:0.85: atp_complete: usb_submit_urb failed with result -19 [ 142.624920][ T6232] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 142.624957][ T6232] BTRFS info (device loop0): using sha256 checksum algorithm [ 142.694047][ T6228] diRead: diIAGRead returned -5 [ 142.698681][ C1] vcan0: j1939_tp_rxtimer: 0xffff8880628cc800: rx timeout, send abort [ 142.913916][ T6232] BTRFS info (device loop0): enabling ssd optimizations [ 142.913947][ T6232] BTRFS info (device loop0): turning on async discard [ 142.913964][ T6232] BTRFS info (device loop0): enabling free space tree [ 143.200312][ C1] vcan0: j1939_tp_rxtimer: 0xffff8880628cc800: abort rx timeout. Force session deactivation [ 143.289383][ T6271] netlink: 8 bytes leftover after parsing attributes in process `syz.2.168'. [ 143.314162][ T5922] appletouch 5-1:0.85: input: appletouch disconnected [ 143.578289][ T6271] geneve2: entered promiscuous mode [ 143.578315][ T6271] geneve2: entered allmulticast mode [ 143.634910][ T161] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 143.635204][ T161] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 143.635245][ T161] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 143.635281][ T161] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 143.830411][ T5611] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 145.211718][ T32] hid_parser_main: 462 callbacks suppressed [ 145.211744][ T32] hid-generic 0000:0000:000E.0002: unknown main item tag 0x0 [ 145.211773][ T32] hid-generic 0000:0000:000E.0002: unknown main item tag 0x0 [ 145.211799][ T32] hid-generic 0000:0000:000E.0002: unknown main item tag 0x0 [ 145.211825][ T32] hid-generic 0000:0000:000E.0002: unknown main item tag 0x0 [ 145.211852][ T32] hid-generic 0000:0000:000E.0002: unknown main item tag 0x0 [ 145.211879][ T32] hid-generic 0000:0000:000E.0002: unknown main item tag 0x0 [ 145.211907][ T32] hid-generic 0000:0000:000E.0002: unknown main item tag 0x0 [ 145.211935][ T32] hid-generic 0000:0000:000E.0002: unknown main item tag 0x0 [ 145.211963][ T32] hid-generic 0000:0000:000E.0002: unknown main item tag 0x0 [ 145.211991][ T32] hid-generic 0000:0000:000E.0002: unknown main item tag 0x0 [ 145.443814][ T32] hid-generic 0000:0000:000E.0002: hidraw0: HID v0.00 Device [syz0] on syz0 [ 145.902462][ T6299] fido_id[6299]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 146.221392][ T6307] warning: `syz.4.179' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 146.750453][ T10] usb 2-1: new full-speed USB device number 2 using dummy_hcd [ 146.831847][ T6318] loop3: detected capacity change from 0 to 256 [ 146.931119][ T10] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 146.931152][ T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 147.050109][ T10] usb 2-1: config 0 descriptor?? [ 147.289083][ T10] udl 2-1:0.0: [drm] Unrecognized vendor firmware descriptor [ 147.756880][ T10] [drm] Initialized udl 0.0.1 for 2-1:0.0 on minor 2 [ 147.756908][ T10] [drm] Initialized udl on minor 2 [ 147.796887][ T10] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed [ 147.797399][ T10] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 147.996963][ T5727] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 148.065601][ T6311] loop0: detected capacity change from 0 to 32768 [ 148.177104][ T5727] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 148.177269][ T5727] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 148.299228][ T6311] XFS (loop0): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 148.348211][ T10] usb 2-1: USB disconnect, device number 2 [ 148.844063][ T6311] XFS (loop0): Ending clean mount [ 149.201468][ T6344] loop1: detected capacity change from 0 to 1024 [ 149.209626][ T6344] EXT4-fs: Ignoring removed orlov option [ 149.762682][ T6344] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 149.878003][ T6344] EXT4-fs error (device loop1): __ext4_new_inode:1285: comm syz.1.192: failed to insert inode 11: doubly allocated? [ 150.122143][ T60] Bluetooth: hci3: Dropping invalid advertising data [ 150.184592][ T5610] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 150.287267][ T5611] XFS (loop0): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 151.496532][ T6389] netlink: 52 bytes leftover after parsing attributes in process `syz.1.208'. [ 151.496554][ T6389] netlink: 108 bytes leftover after parsing attributes in process `syz.1.208'. [ 151.496717][ T6389] netlink: 52 bytes leftover after parsing attributes in process `syz.1.208'. [ 151.729718][ T6387] loop0: detected capacity change from 0 to 32768 [ 151.858160][ T6387] ocfs2: Slot 0 on device (7,0) was already allocated to this node! [ 151.886383][ T6387] JBD2: Ignoring recovery information on journal [ 151.968937][ T6396] loop3: detected capacity change from 0 to 512 [ 151.970059][ T6396] EXT4-fs: Ignoring removed nobh option [ 152.012897][ T6387] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 152.183864][ T6396] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13 [ 152.187762][ T10] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 152.277169][ T6387] ocfs2: Unmounting device (7,0) on (node local) [ 152.365223][ T10] usb 3-1: Using ep0 maxpacket: 16 [ 152.474889][ T10] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 152.474925][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 152.478537][ T10] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 152.478567][ T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 152.478588][ T10] usb 3-1: Product: syz [ 152.478603][ T10] usb 3-1: Manufacturer: syz [ 152.478633][ T10] usb 3-1: SerialNumber: syz [ 152.745483][ T10] usb 3-1: config 0 descriptor?? [ 152.815863][ T10] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 152.815900][ T10] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class) [ 153.177298][ T6396] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #13: comm syz.3.211: attempt to clear invalid blocks 1 len 1 [ 153.177814][ T6396] loop3: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 153.189797][ C1] EXT4-fs (loop3): initial error at time 1777891913: ext4_clear_blocks:876: inode 13 [ 153.189856][ C1] EXT4-fs (loop3): last error at time 1777891913: ext4_clear_blocks:876: inode 13 [ 153.316697][ T6396] EXT4-fs (loop3): Remounting filesystem read-only [ 153.363312][ T6396] EXT4-fs (loop3): 1 truncate cleaned up [ 153.381697][ T6396] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 153.484365][ T10] em28xx 3-1:0.0: chip ID is em2710 [ 153.506319][ T6416] loop0: detected capacity change from 0 to 4096 [ 153.608161][ T6416] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512). [ 153.793636][ T10] em28xx 3-1:0.0: Config register raw data: 0xfffffffb [ 153.799578][ T10] em28xx 3-1:0.0: AC97 chip type couldn't be determined [ 153.799602][ T10] em28xx 3-1:0.0: No AC97 audio processor [ 153.993348][ T10] usb 3-1: USB disconnect, device number 2 [ 154.116785][ T5613] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 154.117244][ T6420] loop4: detected capacity change from 0 to 512 [ 154.152667][ T6420] EXT4-fs: Ignoring removed bh option [ 154.164752][ T10] em28xx 3-1:0.0: Disconnecting em28xx [ 154.211782][ T6420] EXT4-fs (loop4): Test dummy encryption mode enabled [ 154.211804][ T6420] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 154.211817][ T6420] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 154.349141][ T6420] EXT4-fs error (device loop4): ext4_orphan_get:1397: inode #15: comm syz.4.220: inode has both inline data and extents flags [ 154.349177][ T6420] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 154.360624][ C0] EXT4-fs (loop4): initial error at time 1777891915: ext4_orphan_get:1397: inode 15 [ 154.360725][ C0] EXT4-fs (loop4): last error at time 1777891915: ext4_orphan_get:1397: inode 15 [ 154.515848][ T6425] loop3: detected capacity change from 0 to 1024 [ 154.517961][ T6425] EXT4-fs: Ignoring removed i_version option [ 154.542144][ T6425] EXT4-fs (loop3): Test dummy encryption mode enabled [ 154.624040][ T6420] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.220: couldn't read orphan inode 15 (err -117) [ 154.624196][ T6420] loop4: lost filesystem error report for type 5 error -117 [ 154.659960][ T6420] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 154.773753][ T6425] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 154.894100][ T6432] sch_tbf: burst 1735 is lower than device lo mtu (65550) ! [ 155.055670][ T10] em28xx 3-1:0.0: Freeing device [ 155.110079][ T5612] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 155.683142][ T5613] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 156.280389][ T5741] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 156.445976][ T5741] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 156.446009][ T5741] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 255 [ 156.480418][ T5741] usb 2-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 156.480451][ T5741] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 156.480472][ T5741] usb 2-1: Product: syz [ 156.480488][ T5741] usb 2-1: Manufacturer: syz [ 156.480504][ T5741] usb 2-1: SerialNumber: syz [ 156.533300][ T6458] loop4: detected capacity change from 0 to 1024 [ 156.572307][ T5741] usb 2-1: config 0 descriptor?? [ 156.577591][ T6452] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 156.577791][ T6452] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 156.604378][ T6458] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 156.834785][ T6452] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 156.834946][ T6452] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 156.899428][ T38] kauditd_printk_skb: 273 callbacks suppressed [ 156.899450][ T38] audit: type=1804 audit(1777891917.574:286): pid=6460 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.235" name="/newroot/42/file0" dev="tmpfs" ino=236 res=1 errno=0 [ 157.458619][ T5741] dm9601 2-1:0.0 (unnamed net_device) (uninitialized): Error reading chip ID [ 157.521502][ T5741] usb 2-1: USB disconnect, device number 3 [ 158.194662][ T6483] netlink: 8 bytes leftover after parsing attributes in process `syz.3.243'. [ 158.195006][ T6483] netlink: 28 bytes leftover after parsing attributes in process `syz.3.243'. [ 158.488719][ T6489] loop3: detected capacity change from 0 to 128 [ 158.823071][ T6489] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 158.825214][ T6489] hpfs: filesystem error: improperly stopped [ 158.845877][ T6489] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 158.845897][ T6489] hpfs: You really don't want any checks? You are crazy... [ 158.847594][ T6489] hpfs: hpfs_map_sector(): read error [ 158.847607][ T6489] hpfs: code page support is disabled [ 158.937910][ T6489] hpfs: hpfs_map_4sectors(): unaligned read [ 158.940109][ T6489] hpfs: hpfs_map_4sectors(): unaligned read [ 158.940125][ T6489] hpfs: filesystem error: unable to find root dir [ 159.049030][ T6489] hpfs: hpfs_map_4sectors(): unaligned read [ 159.078895][ T6471] loop2: detected capacity change from 0 to 40427 [ 159.190494][ T6471] F2FS-fs (loop2): invalid crc value [ 159.233159][ T6506] loop1: detected capacity change from 0 to 128 [ 159.313079][ T6489] hpfs: hpfs_map_sector(): read error [ 159.330108][ T6504] loop5: detected capacity change from 0 to 7 [ 159.403930][ T6504] Dev loop5: unable to read RDB block 7 [ 159.403951][ T6504] loop5: AHDI p1 [ 159.403984][ T6504] loop5: partition table partially beyond EOD, truncated [ 159.453886][ T6506] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 159.548544][ T6506] ext4 filesystem being mounted at /55/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 160.167833][ T5610] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 160.270928][ T5741] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 160.442226][ T5741] usb 4-1: Using ep0 maxpacket: 8 [ 160.446010][ T5741] usb 4-1: config 0 interface 0 altsetting 3 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 160.446045][ T5741] usb 4-1: config 0 interface 0 has no altsetting 0 [ 160.446081][ T5741] usb 4-1: New USB device found, idVendor=1b96, idProduct=0008, bcdDevice= 0.00 [ 160.446209][ T5741] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 160.514320][ T5741] usb 4-1: config 0 descriptor?? [ 160.675572][ T6471] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 160.953251][ T6514] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 160.953934][ T6514] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 161.107498][ T5741] hid_parser_main: 7 callbacks suppressed [ 161.107524][ T5741] ntrig 0003:1B96:0008.0003: unknown main item tag 0x0 [ 161.107556][ T5741] ntrig 0003:1B96:0008.0003: unknown main item tag 0x4 [ 161.107848][ T5741] ntrig 0003:1B96:0008.0003: unknown main item tag 0x0 [ 161.107877][ T5741] ntrig 0003:1B96:0008.0003: unknown main item tag 0x0 [ 161.107903][ T5741] ntrig 0003:1B96:0008.0003: unknown main item tag 0x0 [ 161.107929][ T5741] ntrig 0003:1B96:0008.0003: unknown main item tag 0x2 [ 161.107955][ T5741] ntrig 0003:1B96:0008.0003: unknown main item tag 0x0 [ 161.107981][ T5741] ntrig 0003:1B96:0008.0003: unknown main item tag 0x0 [ 161.108007][ T5741] ntrig 0003:1B96:0008.0003: unknown main item tag 0x0 [ 161.108033][ T5741] ntrig 0003:1B96:0008.0003: unknown main item tag 0x0 [ 161.108080][ T5741] ntrig 0003:1B96:0008.0003: item fetching failed at offset 40/41 [ 161.108705][ T5741] ntrig 0003:1B96:0008.0003: parse failed [ 161.108793][ T5741] ntrig 0003:1B96:0008.0003: probe with driver ntrig failed with error -22 [ 161.272481][ T5741] usb 4-1: USB disconnect, device number 3 [ 162.244645][ T6532] loop4: detected capacity change from 0 to 32768 [ 162.245669][ T6529] loop1: detected capacity change from 0 to 32768 [ 162.674595][ T5741] usb 3-1: new full-speed USB device number 3 using dummy_hcd [ 162.859433][ T5741] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 162.859460][ T5741] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 162.859528][ T5741] usb 3-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 162.859552][ T5741] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 162.919059][ T5741] usb 3-1: config 0 descriptor?? [ 162.953289][ T6532] JBD2: Ignoring recovery information on journal [ 162.953767][ T5741] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 162.955362][ T5741] dvb-usb: bulk message failed: -22 (3/0) [ 162.978752][ T6532] jbd2_journal_bmap: journal block not found at offset 32 on loop4-75 [ 163.003344][ T5741] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 163.004322][ T5741] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 163.004378][ T5741] usb 3-1: media controller created [ 163.007430][ T5741] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 163.071460][ T5741] dvb-usb: bulk message failed: -22 (6/0) [ 163.074449][ T5741] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 163.142646][ T6532] JBD2: bad block at offset 32 [ 163.145458][ T5741] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input6 [ 163.204177][ T5741] dvb-usb: schedule remote query interval to 150 msecs. [ 163.204204][ T5741] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 163.322696][ T6543] dvb-usb: bulk message failed: -22 (2/0) [ 163.322851][ T6543] dvb-usb: bulk message failed: -22 (4/0) [ 163.384093][ T5922] usb 3-1: USB disconnect, device number 3 [ 163.406614][ T1251] dvb-usb: bulk message failed: -22 (1/0) [ 163.406664][ T1251] dvb-usb: error while querying for an remote control event. [ 163.473855][ T6553] loop3: detected capacity change from 0 to 256 [ 163.612718][ T6532] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 164.076864][ T6560] netlink: 4 bytes leftover after parsing attributes in process `syz.2.275'. [ 164.269109][ T6562] netlink: 36 bytes leftover after parsing attributes in process `syz.2.276'. [ 164.326512][ T5922] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 164.469114][ T6532] OCFS2: ERROR (device loop4): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 71 has 16777215 used bits but only 1024 total [ 164.469280][ T6532] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 164.469293][ T6532] OCFS2: File system is now read-only. [ 164.469306][ T6532] (syz.4.263,6532,1):ocfs2_claim_suballoc_bits:2176 ERROR: status = -30 [ 164.469331][ T6532] (syz.4.263,6532,1):__ocfs2_claim_clusters:2557 ERROR: status = -30 [ 164.469353][ T6532] (syz.4.263,6532,1):__ocfs2_claim_clusters:2565 ERROR: status = -30 [ 164.469376][ T6532] (syz.4.263,6532,1):ocfs2_block_group_alloc_contig:531 ERROR: status = -30 [ 164.595952][ T6532] (syz.4.263,6532,0):ocfs2_block_group_alloc:805 ERROR: status = -30 [ 164.596239][ T6532] (syz.4.263,6532,0):ocfs2_block_group_alloc:858 ERROR: status = -30 [ 164.596271][ T6532] (syz.4.263,6532,0):ocfs2_reserve_suballoc_bits:933 ERROR: status = -30 [ 164.596295][ T6532] (syz.4.263,6532,0):ocfs2_reserve_suballoc_bits:950 ERROR: status = -30 [ 164.596317][ T6532] (syz.4.263,6532,0):ocfs2_reserve_new_metadata_blocks:1090 ERROR: status = -30 [ 164.596380][ T6532] (syz.4.263,6532,0):ocfs2_reserve_new_metadata_blocks:1113 ERROR: status = -30 [ 164.596411][ T6532] (syz.4.263,6532,0):ocfs2_expand_inline_dir:2874 ERROR: status = -30 [ 164.596440][ T6532] (syz.4.263,6532,0):ocfs2_extend_dir:3238 ERROR: status = -30 [ 164.596462][ T6532] (syz.4.263,6532,0):ocfs2_prepare_dir_for_insert:4356 ERROR: status = -30 [ 164.596484][ T6532] (syz.4.263,6532,0):ocfs2_symlink:1877 ERROR: status = -30 [ 164.596509][ T6532] (syz.4.263,6532,0):ocfs2_symlink:2078 ERROR: status = -30 [ 164.831054][ T1251] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 164.993357][ T1251] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 164.993392][ T1251] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 164.993431][ T1251] usb 1-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af [ 164.993455][ T1251] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 165.068744][ T1251] usb 1-1: config 0 descriptor?? [ 165.379480][ T5612] ocfs2: Unmounting device (7,4) on (node local) [ 165.483932][ T6571] loop2: detected capacity change from 0 to 32768 [ 165.542345][ T6571] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.281 (6571) [ 165.569000][ T6571] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 165.569032][ T6571] BTRFS info (device loop2): using sha256 checksum algorithm [ 165.862292][ T6571] BTRFS info (device loop2): rebuilding free space tree [ 166.081405][ T6571] BTRFS info (device loop2): enabling ssd optimizations [ 166.081433][ T6571] BTRFS info (device loop2): using spread ssd allocation scheme [ 166.081452][ T6571] BTRFS info (device loop2): turning on async discard [ 166.081470][ T6571] BTRFS info (device loop2): enabling free space tree [ 166.081487][ T6571] BTRFS info (device loop2): force clearing of disk cache [ 166.312041][ T1251] playstation 0003:054C:0DF2.0004: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.0-1/input0 [ 166.597240][ T1251] playstation 0003:054C:0DF2.0004: Invalid reportID received, expected 9 got 0 [ 166.597282][ T1251] playstation 0003:054C:0DF2.0004: Failed to retrieve DualSense pairing info: -22 [ 166.597436][ T1251] playstation 0003:054C:0DF2.0004: Failed to get MAC address from DualSense [ 166.597458][ T1251] playstation 0003:054C:0DF2.0004: Failed to create dualsense. [ 166.797457][ T1251] playstation 0003:054C:0DF2.0004: probe with driver playstation failed with error -22 [ 166.902956][ T1251] usb 1-1: USB disconnect, device number 3 [ 166.989426][ T6600] loop1: detected capacity change from 0 to 512 [ 167.139788][ T6600] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 167.502390][ T5610] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 168.060495][ T6620] loop0: detected capacity change from 0 to 2048 [ 168.330869][ T6620] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 168.582414][ T5611] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 168.676621][ T6635] sch_tbf: burst 0 is lower than device veth0_to_bridge mtu (1514) ! [ 169.673841][ T5614] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 169.979971][ T6656] input: syz0 as /devices/virtual/input/input7 [ 170.706573][ T6671] loop2: detected capacity change from 0 to 256 [ 171.001187][ T6675] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 171.084882][ T6671] FAT-fs (loop2): Directory bread(block 64) failed [ 171.084919][ T6671] FAT-fs (loop2): Directory bread(block 65) failed [ 171.085014][ T6671] FAT-fs (loop2): Directory bread(block 66) failed [ 171.085031][ T6671] FAT-fs (loop2): Directory bread(block 67) failed [ 171.085097][ T6671] FAT-fs (loop2): Directory bread(block 68) failed [ 171.085113][ T6671] FAT-fs (loop2): Directory bread(block 69) failed [ 171.085194][ T6671] FAT-fs (loop2): Directory bread(block 70) failed [ 171.085210][ T6671] FAT-fs (loop2): Directory bread(block 71) failed [ 171.085276][ T6671] FAT-fs (loop2): Directory bread(block 72) failed [ 171.085291][ T6671] FAT-fs (loop2): Directory bread(block 73) failed [ 171.088058][ T6675] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 172.977871][ T6712] netlink: 'syz.3.330': attribute type 22 has an invalid length. [ 172.977890][ T6712] netlink: 16 bytes leftover after parsing attributes in process `syz.3.330'. [ 173.053014][ T6714] netlink: 'syz.3.330': attribute type 22 has an invalid length. [ 173.053035][ T6714] netlink: 16 bytes leftover after parsing attributes in process `syz.3.330'. [ 173.292961][ T6710] netlink: 4 bytes leftover after parsing attributes in process `syz.2.329'. [ 173.347662][ T6713] netlink: 72 bytes leftover after parsing attributes in process `syz.4.327'. [ 173.862740][ T6724] loop4: detected capacity change from 0 to 4096 [ 174.048767][ T6726] bridge0: port 2(bridge_slave_1) entered disabled state [ 175.155282][ T6720] loop0: detected capacity change from 0 to 40427 [ 175.182663][ T6720] F2FS-fs (loop0): Small segment_count (9 < 1 * 24) [ 175.182692][ T6720] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 176.046837][ T6720] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 176.082922][ T6766] mmap: syz.1.350 (6766) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 176.148145][ T6768] netlink: 56 bytes leftover after parsing attributes in process `syz.4.353'. [ 176.470322][ T6720] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 176.470352][ T6720] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 176.560654][ T5922] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 176.679875][ T6780] loop3: detected capacity change from 0 to 256 [ 176.710425][ T5922] usb 3-1: Using ep0 maxpacket: 16 [ 176.719271][ T5922] usb 3-1: config 1 has an invalid interface number: 105 but max is 0 [ 176.719299][ T5922] usb 3-1: config 1 has no interface number 0 [ 176.719348][ T5922] usb 3-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 176.719375][ T5922] usb 3-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 176.719401][ T5922] usb 3-1: config 1 interface 105 has no altsetting 0 [ 176.794635][ T5922] usb 3-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 176.794665][ T5922] usb 3-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 176.794685][ T5922] usb 3-1: Product: syz [ 176.794699][ T5922] usb 3-1: Manufacturer: syz [ 176.794714][ T5922] usb 3-1: SerialNumber: syz [ 176.860860][ T6770] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 176.861070][ T6770] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 177.283877][ T6770] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 177.298964][ T6770] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 177.390070][ T6786] loop3: detected capacity change from 0 to 64 [ 177.692137][ T6791] loop1: detected capacity change from 0 to 8 [ 177.736843][ T5922] aqc111 3-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71 [ 177.737393][ T5922] aqc111 3-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71 [ 177.737900][ T5922] aqc111 3-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71 [ 178.020889][ T6786] BFS-fs: bfs_fill_super(): loop3 is unclean, continuing [ 178.065503][ T5922] aqc111 3-1:1.105 eth1: register 'aqc111' at usb-dummy_hcd.2-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, 70:10:50:67:15:3b [ 178.086184][ T5922] usb 3-1: USB disconnect, device number 4 [ 178.089781][ T5922] aqc111 3-1:1.105 eth1: unregister 'aqc111' usb-dummy_hcd.2-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter [ 178.433664][ T5922] aqc111 3-1:1.105 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19 [ 178.433806][ T5922] aqc111 3-1:1.105 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19 [ 178.433940][ T5922] aqc111 3-1:1.105 eth1 (unregistered): Failed to write(0x61) reg index 0x0000: -19 [ 178.796825][ T6798] 9p: Bad value for 'rfdno' [ 178.948760][ T6800] loop1: detected capacity change from 0 to 64 [ 179.413409][ T6792] loop4: detected capacity change from 0 to 32768 [ 179.856204][ T6816] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 179.856235][ T6816] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 180.000390][ T6816] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check. [ 180.352776][ T6827] netlink: 20 bytes leftover after parsing attributes in process `syz.0.378'. [ 180.352800][ T6827] netlink: 12 bytes leftover after parsing attributes in process `syz.0.378'. [ 180.412392][ T6827] netlink: 20 bytes leftover after parsing attributes in process `syz.0.378'. [ 180.412416][ T6827] netlink: 12 bytes leftover after parsing attributes in process `syz.0.378'. [ 180.563643][ T6832] loop1: detected capacity change from 0 to 256 [ 181.627337][ T6860] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.386' sets config #0 [ 182.263924][ T6849] loop4: detected capacity change from 0 to 131072 [ 182.427303][ T6849] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 182.472533][ T6849] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 182.581809][ T6856] loop3: detected capacity change from 0 to 32768 [ 182.630135][ T6856] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 182.640435][ T6872] program syz.2.391 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 182.843102][ T6879] netlink: 28 bytes leftover after parsing attributes in process `syz.1.393'. [ 182.950549][ T6856] XFS (loop3): Ending clean mount [ 183.534602][ T5613] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 184.240798][ T6907] loop2: detected capacity change from 0 to 16 [ 184.242024][ T6907] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 184.567556][ T5603] udevd[5603]: incorrect cramfs checksum on /dev/loop2 [ 184.626911][ T6696] udevd[6696]: incorrect cramfs checksum on /dev/loop2 [ 184.887282][ T6696] udevd[6696]: incorrect cramfs checksum on /dev/loop2 [ 184.964990][ T6914] pimreg: tun_chr_ioctl cmd 2147767506 [ 185.291929][ T6916] erspan0: entered promiscuous mode [ 185.753480][ T6929] loop2: detected capacity change from 0 to 128 [ 185.781179][ T6929] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 185.792241][ T6929] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 186.388227][ T6939] netlink: 72 bytes leftover after parsing attributes in process `syz.2.419'. [ 186.477989][ T6943] netlink: 12 bytes leftover after parsing attributes in process `syz.0.422'. [ 186.687184][ T6949] loop2: detected capacity change from 0 to 1024 [ 186.904088][ T6957] netlink: 'syz.3.426': attribute type 8 has an invalid length. [ 186.940624][ T6957] sch_fq: defrate 0 ignored. [ 188.293780][ T6988] netlink: 4 bytes leftover after parsing attributes in process `syz.0.439'. [ 188.341276][ T6988] veth1_macvtap: left promiscuous mode [ 188.574589][ T6992] XFS (nbd3): SB validate failed with error -5. [ 189.511158][ T5741] libceph: connect (1)[c::]:6789 error -101 [ 189.558643][ T5741] libceph: mon0 (1)[c::]:6789 connect error [ 189.712841][ T6989] loop2: detected capacity change from 0 to 32768 [ 189.720511][ T5727] IPVS: starting estimator thread 0... [ 189.756235][ T5741] libceph: connect (1)[c::]:6789 error -101 [ 189.756457][ T5741] libceph: mon0 (1)[c::]:6789 connect error [ 189.819880][ T7003] ceph: No mds server is up or the cluster is laggy [ 189.893182][ T7017] IPVS: using max 7 ests per chain, 16800 per kthread [ 190.017067][ T1251] libceph: connect (1)[c::]:6789 error -101 [ 190.064827][ T1251] libceph: mon0 (1)[c::]:6789 connect error [ 190.456444][ T7028] Bluetooth: MGMT ver 1.23 [ 190.575035][ T5741] libceph: connect (1)[c::]:6789 error -101 [ 190.575237][ T5741] libceph: mon0 (1)[c::]:6789 connect error [ 190.663320][ T7030] netlink: 4 bytes leftover after parsing attributes in process `syz.4.453'. [ 191.836883][ T7052] loop0: detected capacity change from 0 to 128 [ 191.958059][ T7052] EXT4-fs (loop0): Test dummy encryption mode enabled [ 191.989357][ T7052] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a806c018, mo2=0042] [ 191.989535][ T7052] System zones: 1-3, 19-19, 35-36 [ 192.082531][ T7052] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 192.137713][ T7054] sctp: [Deprecated]: syz.2.463 (pid 7054) Use of int in maxseg socket option. [ 192.137713][ T7054] Use struct sctp_assoc_value instead [ 192.163119][ T7052] ext4 filesystem being mounted at /97/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 192.795630][ T7074] loop1: detected capacity change from 0 to 512 [ 192.797940][ T7074] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 193.223093][ T5611] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 193.274941][ T7074] EXT4-fs (loop1): 1 orphan inode deleted [ 193.274967][ T7074] EXT4-fs (loop1): 1 truncate cleaned up [ 193.371027][ T7074] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 193.552670][ T5610] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 193.850373][ T5714] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 194.001723][ T5714] usb 1-1: Using ep0 maxpacket: 8 [ 194.005534][ T5714] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 194.005559][ T5714] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 194.005589][ T5714] usb 1-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00 [ 194.005605][ T5714] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 194.065363][ T5714] usb 1-1: config 0 descriptor?? [ 194.494534][ T1339] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.494868][ T1339] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.524212][ T5714] hid (null): usage index exceeded [ 194.547526][ T5714] hid_parser_main: 7 callbacks suppressed [ 194.547552][ T5714] uclogic 0003:5543:0781.0005: unknown main item tag 0x0 [ 194.547585][ T5714] uclogic 0003:5543:0781.0005: ignoring exceeding usage max [ 194.549219][ T5714] uclogic 0003:5543:0781.0005: ignoring exceeding usage max [ 194.549237][ T5714] uclogic 0003:5543:0781.0005: usage index exceeded [ 194.549251][ T5714] uclogic 0003:5543:0781.0005: item 0 1 2 2 parsing failed [ 194.555455][ T5714] uclogic 0003:5543:0781.0005: parse failed [ 194.555782][ T5714] uclogic 0003:5543:0781.0005: probe with driver uclogic failed with error -22 [ 194.792686][ T5714] usb 1-1: USB disconnect, device number 4 [ 195.499888][ T7109] loop0: detected capacity change from 0 to 256 [ 195.621411][ T7113] loop3: detected capacity change from 0 to 256 [ 195.638762][ T7109] exfat: Deprecated parameter 'namecase' [ 195.638880][ T7109] exfat: Deprecated parameter 'namecase' [ 195.654117][ T7113] exfat: Deprecated parameter 'namecase' [ 195.654171][ T7113] exfat: Deprecated parameter 'utf8' [ 195.732468][ T7113] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xea424414, utbl_chksum : 0xe619d30d) [ 195.833000][ T7109] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 196.168231][ T7117] netlink: 92 bytes leftover after parsing attributes in process `syz.1.489'. [ 196.168332][ T7117] netlink: 36 bytes leftover after parsing attributes in process `syz.1.489'. [ 196.218485][ T7123] loop0: detected capacity change from 0 to 64 [ 196.256056][ T7123] BFS-fs: bfs_fill_super(): loop0 is unclean, continuing [ 196.495677][ T7129] netlink: 4 bytes leftover after parsing attributes in process `syz.1.493'. [ 196.780922][ T7136] netlink: 8 bytes leftover after parsing attributes in process `syz.3.497'. [ 196.780946][ T7136] netlink: 44 bytes leftover after parsing attributes in process `syz.3.497'. [ 196.781055][ T7136] netlink: 8 bytes leftover after parsing attributes in process `syz.3.497'. [ 198.041101][ T7144] loop4: detected capacity change from 0 to 32768 [ 198.089262][ T7144] [ 198.089262][ T7144] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 198.089262][ T7144] [ 198.315381][ T7144] ERROR: (device loop4): diWrite: ixpxd invalid [ 198.315381][ T7144] [ 198.470591][ T7144] ERROR: (device loop4): txCommit: [ 198.470591][ T7144] [ 198.509802][ T7163] netdevsim netdevsim1 netdevsim0: IPsec offload requires 128 bit authentication [ 198.549831][ T7144] [ 198.549831][ T7144] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 198.549831][ T7144] [ 198.576290][ T7144] [ 198.576290][ T7144] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 198.576290][ T7144] [ 199.099231][ T5612] [ 199.099231][ T5612] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 199.099231][ T5612] [ 199.113149][ T5612] [ 199.113149][ T5612] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 199.113149][ T5612] [ 199.576806][ T7197] capability: warning: `syz.2.524' uses 32-bit capabilities (legacy support in use) [ 199.596563][ T7197] program syz.2.524 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 199.633087][ T7196] process 'syz.0.522' launched '/dev/fd/4' with NULL argv: empty string added [ 200.298453][ T7215] 9pnet_virtio: no channels available for device ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 200.396123][ T7215] @0Ù: renamed from bond_slave_1 (while UP) [ 201.009818][ T7202] loop2: detected capacity change from 0 to 32768 [ 201.147093][ T7202] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 201.470578][ T5922] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 201.566027][ T7202] XFS (loop2): Ending clean mount [ 201.630308][ T5922] usb 2-1: Using ep0 maxpacket: 16 [ 201.633144][ T5922] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 201.633177][ T5922] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 201.633201][ T5922] usb 2-1: config 0 interface 0 has no altsetting 0 [ 201.633236][ T5922] usb 2-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 201.633260][ T5922] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 201.740528][ T5922] usb 2-1: config 0 descriptor?? [ 201.860894][ T5614] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 202.213481][ T1260] kernel write not supported for file /snd/seq (pid: 1260 comm: kworker/0:2) [ 202.547899][ T5922] usb 2-1: USB disconnect, device number 4 [ 202.982825][ T7242] loop3: detected capacity change from 0 to 40427 [ 203.071022][ T7244] loop0: detected capacity change from 0 to 32768 [ 203.345586][ T7258] ªªªªªª: renamed from vlan0 (while UP) [ 203.396309][ T7242] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 203.396337][ T7242] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 203.504038][ T7242] F2FS-fs (loop3): invalid crc value [ 204.118916][ T7242] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 204.383134][ T7242] F2FS-fs (loop3): Try to recover 1th superblock, ret: -30 [ 204.383169][ T7242] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 205.305898][ T7287] loop0: detected capacity change from 0 to 512 [ 205.339621][ T7288] loop2: detected capacity change from 0 to 2048 [ 205.475260][ T7287] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 205.716625][ T7299] netlink: 48 bytes leftover after parsing attributes in process `syz.1.561'. [ 205.735398][ T5611] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 206.647038][ T7321] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 206.957264][ T7327] loop0: detected capacity change from 0 to 256 [ 207.072796][ T7323] loop4: detected capacity change from 0 to 32768 [ 207.088184][ T37] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 207.137023][ T7323] ocfs2: Slot 0 on device (7,4) was already allocated to this node! [ 207.164665][ T7323] JBD2: Ignoring recovery information on journal [ 207.282409][ T37] usb 2-1: Using ep0 maxpacket: 32 [ 207.282491][ T7323] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 207.300665][ T37] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 207.300697][ T37] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 207.300733][ T37] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00 [ 207.300756][ T37] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 207.361362][ T37] usb 2-1: config 0 descriptor?? [ 207.792995][ T7323] ocfs2: Unmounting device (7,4) on (node local) [ 207.851302][ T37] koneplus 0003:1E7D:2D51.0007: unknown main item tag 0x0 [ 207.851345][ T37] koneplus 0003:1E7D:2D51.0007: unknown main item tag 0x0 [ 207.851374][ T37] koneplus 0003:1E7D:2D51.0007: unknown main item tag 0x0 [ 207.851401][ T37] koneplus 0003:1E7D:2D51.0007: unknown main item tag 0x0 [ 207.851428][ T37] koneplus 0003:1E7D:2D51.0007: unknown main item tag 0x0 [ 207.904721][ T37] koneplus 0003:1E7D:2D51.0007: hidraw0: USB HID v0.00 Device [HID 1e7d:2d51] on usb-dummy_hcd.1-1/input0 [ 208.850107][ T37] usb 2-1: USB disconnect, device number 5 [ 211.162313][ T5727] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 211.342761][ T5727] usb 4-1: Using ep0 maxpacket: 16 [ 211.350929][ T5727] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 211.350979][ T5727] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 211.351002][ T5727] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 211.351054][ T5727] usb 4-1: New USB device found, idVendor=05a4, idProduct=2000, bcdDevice= 0.00 [ 211.351113][ T5727] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 211.474912][ T5727] usb 4-1: config 0 descriptor?? [ 212.477495][ T5727] ortek 0003:05A4:2000.0008: unknown main item tag 0x0 [ 212.477535][ T5727] ortek 0003:05A4:2000.0008: unknown main item tag 0x0 [ 212.477565][ T5727] ortek 0003:05A4:2000.0008: unknown main item tag 0x0 [ 212.477600][ T5727] ortek 0003:05A4:2000.0008: unknown main item tag 0x0 [ 212.477628][ T5727] ortek 0003:05A4:2000.0008: unknown main item tag 0x0 [ 212.483262][ T5727] ortek 0003:05A4:2000.0008: hidraw0: USB HID v0.00 Device [HID 05a4:2000] on usb-dummy_hcd.3-1/input0 [ 212.841097][ T7412] loop1: detected capacity change from 0 to 131072 [ 212.971792][ T1260] usb 4-1: USB disconnect, device number 4 [ 213.078691][ T7415] fido_id[7415]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/4-1/report_descriptor': No such file or directory [ 213.127140][ T7412] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 213.165844][ T7412] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 213.280408][ T7412] F2FS-fs (loop1): recover xattr in inode (7), error(0) [ 213.280483][ T7412] F2FS-fs (loop1): set inode (7) has corrupted xattr [ 214.154148][ T7432] loop0: detected capacity change from 0 to 1024 [ 214.410500][ T7432] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 214.410641][ T7432] ext4 filesystem being mounted at /131/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 214.570584][ T1260] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 214.622024][ T5611] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 214.733076][ T1260] usb 3-1: Using ep0 maxpacket: 32 [ 214.758910][ T1260] usb 3-1: config index 0 descriptor too short (expected 35577, got 27) [ 214.758941][ T1260] usb 3-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 214.758962][ T1260] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 214.758983][ T1260] usb 3-1: config 1 has no interface number 0 [ 214.759040][ T1260] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 214.759068][ T1260] usb 3-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 214.759113][ T1260] usb 3-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 214.759137][ T1260] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 214.889884][ T1260] snd_usb_pod 3-1:1.1: Line 6 Pocket POD found [ 215.429650][ T1260] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now attached [ 215.667438][ T5741] usb 3-1: USB disconnect, device number 5 [ 215.724461][ T5741] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now disconnected [ 216.489903][ T7455] loop2: detected capacity change from 0 to 64 [ 216.577828][ T5625] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 216.638835][ T5625] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 216.671951][ T5625] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 216.701235][ T5625] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 216.713585][ T5625] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 216.898541][ T1032] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 216.898580][ T1032] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 217.026083][ T4927] Bluetooth: hci1: command 0x0406 tx timeout [ 217.619101][ T7468] loop0: detected capacity change from 0 to 512 [ 217.634985][ T7468] EXT4-fs: Ignoring removed nobh option [ 217.635008][ T7468] EXT4-fs: Ignoring removed orlov option [ 217.635053][ T7468] EXT4-fs: Ignoring removed orlov option [ 217.663707][ T7468] EXT4-fs error (device loop0): __ext4_iget:5481: inode #11: block 1: comm syz.0.628: invalid block [ 217.663741][ T7468] loop0: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 217.666996][ T7468] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.628: couldn't read orphan inode 11 (err -117) [ 217.667032][ T7468] loop0: lost filesystem error report for type 5 error -117 [ 217.670267][ C0] EXT4-fs (loop0): error count since last fsck: 2 [ 217.670288][ C0] EXT4-fs (loop0): initial error at time 1777891978: __ext4_iget:5481: inode 11: block 1 [ 217.670320][ C0] EXT4-fs (loop0): last error at time 1777891978: ext4_orphan_get:1402 [ 217.864869][ T7468] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 217.907106][ T7468] EXT4-fs error (device loop0): __ext4_add_entry:2412: inode #2: comm syz.0.628: Directory hole found for htree leaf block 0 [ 218.019506][ T1032] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 218.019533][ T1032] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 218.215841][ T5611] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 218.856198][ T7471] loop1: detected capacity change from 0 to 32768 [ 218.869882][ T7471] btrfs: Deprecated parameter 'usebackuproot' [ 218.896199][ T7471] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 218.947077][ T60] Bluetooth: hci2: command tx timeout [ 218.973696][ T7471] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.609 (7471) [ 219.087453][ T7487] loop2: detected capacity change from 0 to 4096 [ 219.253868][ T7471] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 219.253905][ T7471] BTRFS info (device loop1): using crc32c checksum algorithm [ 219.478983][ T7487] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 219.685562][ T1323] BTRFS warning (device loop1): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0 [ 219.714537][ T7471] BTRFS error (device loop1): failed to load root extent [ 219.714589][ T7471] BTRFS warning (device loop1): try to load backup roots slot 1 [ 219.722426][ T57] BTRFS warning (device loop1): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0 [ 219.724636][ T7471] BTRFS warning (device loop1): couldn't read tree root [ 219.724705][ T7471] BTRFS warning (device loop1): try to load backup roots slot 2 [ 219.725630][ T5741] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 219.726757][ T57] BTRFS error (device loop1): level verify failed on logical 5255168 mirror 1 wanted 0 found 1 [ 219.837113][ T7471] BTRFS warning (device loop1): couldn't read tree root [ 219.837135][ T7471] BTRFS warning (device loop1): try to load backup roots slot 3 [ 219.954491][ T5614] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 219.975391][ T1032] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 219.975428][ T1032] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 219.984267][ T5741] usb 4-1: Using ep0 maxpacket: 8 [ 219.992074][ T5741] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 219.992122][ T5741] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 219.992220][ T5741] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 219.992314][ T5741] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 219.992434][ T5741] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 219.992494][ T5741] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 220.466466][ T5741] usb 4-1: GET_CAPABILITIES returned 0 [ 220.466525][ T5741] usbtmc 4-1:16.0: can't read capabilities [ 220.484592][ T7471] BTRFS info (device loop1): rebuilding free space tree [ 220.933329][ T5741] usb 4-1: USB disconnect, device number 5 [ 220.995162][ T1032] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 220.995200][ T1032] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.010395][ T5623] Bluetooth: hci2: command tx timeout [ 221.087916][ T7471] BTRFS info (device loop1): checking UUID tree [ 221.088022][ T7471] BTRFS error (device loop1): failed to check the UUID tree: -4 [ 221.752861][ T7471] BTRFS error (device loop1): open_ctree failed: -4 [ 222.213133][ T5625] Bluetooth: hci3: command 0x0406 tx timeout [ 222.233293][ T5623] Bluetooth: hci0: command 0x0406 tx timeout [ 222.557215][ T7538] loop2: detected capacity change from 0 to 2048 [ 222.607883][ T7538] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 222.758373][ T6242] udevd[6242]: incorrect nilfs2 checksum on /dev/loop2 [ 222.959468][ T6696] udevd[6696]: incorrect nilfs2 checksum on /dev/loop2 [ 223.015961][ T7544] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 223.095156][ T4927] Bluetooth: hci2: command tx timeout [ 225.171965][ T4927] Bluetooth: hci2: command tx timeout [ 225.286718][ T7581] loop2: detected capacity change from 0 to 2048 [ 225.402967][ T7581] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 225.403003][ T7581] NILFS (loop2): mounting unchecked fs [ 225.505113][ T1032] bridge_slave_1: left allmulticast mode [ 225.505297][ T1032] bridge_slave_1: left promiscuous mode [ 225.538295][ T1032] bridge0: port 2(bridge_slave_1) entered disabled state [ 225.575234][ T6696] udevd[6696]: incorrect nilfs2 checksum on /dev/loop2 [ 225.758496][ T1032] bridge_slave_0: left allmulticast mode [ 225.758527][ T1032] bridge_slave_0: left promiscuous mode [ 225.758783][ T1032] bridge0: port 1(bridge_slave_0) entered disabled state [ 225.859902][ T7581] NILFS (loop2): recovery complete [ 225.934218][ T7592] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 226.355380][ T7600] loop2: detected capacity change from 0 to 512 [ 226.437277][ T7600] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -13 [ 226.443540][ T7600] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #13: comm syz.2.661: iget: bad i_size value: 12154757448730 [ 226.443620][ T7600] loop2: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 226.454740][ C0] EXT4-fs (loop2): error count since last fsck: 1 [ 226.454766][ C0] EXT4-fs (loop2): initial error at time 1777891987: ext4_orphan_get:1397: inode 13 [ 226.454797][ C0] EXT4-fs (loop2): last error at time 1777891987: ext4_orphan_get:1397: inode 13 [ 226.469644][ T7600] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.661: couldn't read orphan inode 13 (err -117) [ 226.469751][ T7600] loop2: lost filesystem error report for type 5 error -117 [ 226.513355][ T7604] loop0: detected capacity change from 0 to 256 [ 226.514604][ T7604] exfat: Deprecated parameter 'namecase' [ 226.514682][ T7604] exfat: Deprecated parameter 'utf8' [ 226.529465][ T7600] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 226.597414][ T7600] fscrypt (loop2, inode 2): Error -61 getting encryption context [ 226.656157][ T5614] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 226.672892][ T7604] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x544194fd, utbl_chksum : 0xe619d30d) [ 227.128780][ T7610] loop0: detected capacity change from 0 to 128 [ 227.136131][ T7610] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 227.136254][ T7610] hpfs: filesystem error: improperly stopped [ 227.136290][ T7610] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 227.136320][ T7610] hpfs: You really don't want any checks? You are crazy... [ 227.137384][ T7610] hpfs: hpfs_map_sector(): read error [ 227.137417][ T7610] hpfs: code page support is disabled [ 227.151688][ T7610] hpfs: hpfs_map_4sectors(): unaligned read [ 227.151909][ T7610] hpfs: hpfs_map_4sectors(): unaligned read [ 227.152163][ T7610] hpfs: filesystem error: unable to find root dir [ 227.529056][ T38] audit: type=1326 audit(1777891988.314:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7613 comm="syz.0.668" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c37a5cdd9 code=0x7ffc0000 [ 227.554146][ T38] audit: type=1326 audit(1777891988.324:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7613 comm="syz.0.668" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c37a5cdd9 code=0x7ffc0000 [ 227.589161][ T38] audit: type=1326 audit(1777891988.374:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7613 comm="syz.0.668" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7f9c37a5cdd9 code=0x7ffc0000 [ 227.591943][ T38] audit: type=1326 audit(1777891988.374:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7613 comm="syz.0.668" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c37a5cdd9 code=0x7ffc0000 [ 227.592089][ T38] audit: type=1326 audit(1777891988.374:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7613 comm="syz.0.668" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c37a5cdd9 code=0x7ffc0000 [ 227.592220][ T38] audit: type=1326 audit(1777891988.374:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7613 comm="syz.0.668" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=235 compat=0 ip=0x7f9c37a5cdd9 code=0x7ffc0000 [ 227.593063][ T38] audit: type=1326 audit(1777891988.384:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7613 comm="syz.0.668" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c37a5cdd9 code=0x7ffc0000 [ 227.839055][ T7616] loop0: detected capacity change from 0 to 512 [ 227.959795][ T7616] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.669: bg 0: block 393: padding at end of block bitmap is not set [ 227.959831][ T7616] loop0: lost filesystem error report for type 5 error -117 [ 227.964366][ C0] EXT4-fs (loop0): initial error at time 1777891988: ext4_validate_block_bitmap:441 [ 227.964445][ C0] EXT4-fs (loop0): last error at time 1777891988: ext4_validate_block_bitmap:441 [ 228.051627][ T7616] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6679: Corrupt filesystem [ 228.051656][ T7616] loop0: lost filesystem error report for type 5 error -117 [ 228.118366][ T7616] EXT4-fs (loop0): 2 truncates cleaned up [ 228.147030][ T7616] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 228.194239][ T38] audit: type=1800 audit(1777891988.984:294): pid=7616 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.669" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 228.303541][ T5611] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 228.372778][ T1032] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 228.401833][ T7619] netlink: 332 bytes leftover after parsing attributes in process `syz.0.670'. [ 228.401910][ T7619] netlink: 'syz.0.670': attribute type 9 has an invalid length. [ 228.473328][ T1032] bond0 (unregistering): (slave c@0Ù): Releasing backup interface [ 228.516526][ T1032] bond0 (unregistering): Released all slaves [ 228.644667][ T5272] 8021q: adding VLAN 0 to HW filter on device eth1 [ 229.551138][ T5727] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 229.738999][ T5727] usb 4-1: Using ep0 maxpacket: 16 [ 229.746534][ T5727] usb 4-1: config index 0 descriptor too short (expected 52, got 36) [ 229.746563][ T5727] usb 4-1: config 0 has an invalid interface number: 251 but max is 0 [ 229.746583][ T5727] usb 4-1: config 0 has no interface number 0 [ 229.746630][ T5727] usb 4-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 229.746657][ T5727] usb 4-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 229.753092][ T5727] usb 4-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 229.753125][ T5727] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 229.753147][ T5727] usb 4-1: Product: syz [ 229.753163][ T5727] usb 4-1: Manufacturer: syz [ 229.753179][ T5727] usb 4-1: SerialNumber: syz [ 229.878335][ T5727] usb 4-1: config 0 descriptor?? [ 229.883703][ T7638] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 229.884181][ T7638] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 230.118111][ T7638] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 230.148267][ T7638] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 230.273186][ T7456] bridge0: port 1(bridge_slave_0) entered blocking state [ 230.277162][ T7456] bridge0: port 1(bridge_slave_0) entered disabled state [ 230.317045][ T7456] bridge_slave_0: entered allmulticast mode [ 230.320864][ T7456] bridge_slave_0: entered promiscuous mode [ 230.489608][ T7456] bridge0: port 2(bridge_slave_1) entered blocking state [ 230.490025][ T7456] bridge0: port 2(bridge_slave_1) entered disabled state [ 230.510229][ T7456] bridge_slave_1: entered allmulticast mode [ 230.513874][ T7456] bridge_slave_1: entered promiscuous mode [ 230.698099][ T7456] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 230.791357][ T5727] asix 4-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 230.791388][ T5727] asix 4-1:0.251 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 230.791689][ T5727] asix 4-1:0.251: probe with driver asix failed with error -71 [ 231.022260][ T7663] loop2: detected capacity change from 0 to 512 [ 231.022854][ T7456] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 231.023314][ T7665] loop0: detected capacity change from 0 to 256 [ 231.023424][ T5727] usb 4-1: USB disconnect, device number 6 [ 231.067590][ T7663] EXT4-fs: Ignoring removed nobh option [ 231.067649][ T7663] EXT4-fs: Ignoring removed orlov option [ 231.110607][ T7663] EXT4-fs error (device loop2): __ext4_iget:5481: inode #11: block 1: comm syz.2.684: invalid block [ 231.110633][ T7663] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 231.117132][ T7663] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.684: couldn't read orphan inode 11 (err -117) [ 231.117238][ T7663] loop2: lost filesystem error report for type 5 error -117 [ 231.146718][ C0] EXT4-fs (loop2): error count since last fsck: 2 [ 231.146820][ C0] EXT4-fs (loop2): initial error at time 1777891991: __ext4_iget:5481: inode 11: block 1 [ 231.146934][ C0] EXT4-fs (loop2): last error at time 1777891991: ext4_orphan_get:1402 [ 231.210067][ T7665] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x9059ffb0, utbl_chksum : 0xe619d30d) [ 231.426315][ T7663] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 231.808378][ T7663] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 216 vs 220 free clusters [ 232.126600][ T5614] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 232.664746][ T5272] 8021q: adding VLAN 0 to HW filter on device eth2 [ 232.937280][ T7698] loop3: detected capacity change from 0 to 256 [ 232.977567][ T7456] team0: Port device team_slave_0 added [ 233.072020][ T7456] team0: Port device team_slave_1 added [ 233.152533][ T7698] FAT-fs (loop3): Directory bread(block 64) failed [ 233.152570][ T7698] FAT-fs (loop3): Directory bread(block 65) failed [ 233.152667][ T7698] FAT-fs (loop3): Directory bread(block 66) failed [ 233.152688][ T7698] FAT-fs (loop3): Directory bread(block 67) failed [ 233.152774][ T7698] FAT-fs (loop3): Directory bread(block 68) failed [ 233.152795][ T7698] FAT-fs (loop3): Directory bread(block 69) failed [ 233.152900][ T7698] FAT-fs (loop3): Directory bread(block 70) failed [ 233.152922][ T7698] FAT-fs (loop3): Directory bread(block 71) failed [ 233.153013][ T7698] FAT-fs (loop3): Directory bread(block 72) failed [ 233.153034][ T7698] FAT-fs (loop3): Directory bread(block 73) failed [ 234.484558][ T1032] hsr_slave_0: left promiscuous mode [ 234.520304][ T1032] hsr_slave_1: left promiscuous mode [ 234.569025][ T1032] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 234.600443][ T1032] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 234.623891][ T1032] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 234.623920][ T1032] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 234.821478][ T1032] veth1_macvtap: left promiscuous mode [ 234.821663][ T1032] veth0_macvtap: left promiscuous mode [ 234.855964][ T1032] veth1_vlan: left promiscuous mode [ 234.856430][ T1032] veth0_vlan: left promiscuous mode [ 235.937656][ T7738] loop3: detected capacity change from 0 to 64 [ 236.786646][ T7743] loop0: detected capacity change from 0 to 4096 [ 236.990052][ T7749] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 237.438813][ T7753] loop3: detected capacity change from 0 to 2048 [ 237.536893][ T7754] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 238.153219][ T1032] team0 (unregistering): Port device team_slave_1 removed [ 238.258495][ T7754] NILFS (loop3): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 238.258530][ T7754] NILFS error (device loop3): nilfs_bmap_propagate: broken bmap (inode number=4) [ 238.379085][ T1032] team0 (unregistering): Port device team_slave_0 removed [ 238.385129][ T7754] Remounting filesystem read-only [ 238.423729][ T5613] NILFS (loop3): disposed unprocessed dirty file(s) when stopping log writer [ 238.969172][ T7456] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 238.969190][ T7456] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 238.969218][ T7456] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 239.025964][ T7724] tipc: Started in network mode [ 239.025988][ T7724] tipc: Node identity ac14140f, cluster identity 4711 [ 239.056785][ T7724] tipc: New replicast peer: 255.255.255.255 [ 239.076419][ T7724] tipc: Enabled bearer , priority 10 [ 239.110774][ T7456] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 239.110792][ T7456] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 239.110820][ T7456] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 239.116645][ T7726] netlink: 12 bytes leftover after parsing attributes in process `syz.1.704'. [ 239.116670][ T7726] tipc: Disabling bearer [ 239.678698][ T7456] hsr_slave_0: entered promiscuous mode [ 239.689934][ T7456] hsr_slave_1: entered promiscuous mode [ 239.703679][ T7456] debugfs: 'hsr0' already exists in 'hsr' [ 239.703708][ T7456] Cannot create hsr debugfs directory [ 239.787722][ T7772] loop3: detected capacity change from 0 to 4096 [ 240.166786][ T7772] ntfs3(loop3): Failed to initialize $Secure (-22). [ 240.912961][ T7769] pim6reg9: entered allmulticast mode [ 241.466411][ T5272] 8021q: adding VLAN 0 to HW filter on device eth3 [ 241.725175][ T7815] netlink: 4 bytes leftover after parsing attributes in process `syz.0.735'. [ 242.324146][ T7824] loop1: detected capacity change from 0 to 4096 [ 242.541322][ T1032] IPVS: stop unused estimator thread 0... [ 242.581411][ T7826] loop3: detected capacity change from 0 to 4096 [ 242.622620][ T7824] ntfs3(loop1): Failed to initialize $Extend/$ObjId. [ 242.903561][ T7829] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 244.738691][ T7862] A link change request failed with some changes committed already. Interface veth0_to_bond may have been left with an inconsistent configuration, please check. [ 245.045123][ T7871] program syz.0.752 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 245.478417][ T7880] loop0: detected capacity change from 0 to 256 [ 245.492898][ T5272] 8021q: adding VLAN 0 to HW filter on device eth4 [ 245.723251][ T7880] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xffade8b4, utbl_chksum : 0xe619d30d) [ 245.863264][ T7888] loop1: detected capacity change from 0 to 128 [ 246.284009][ T7456] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 246.440957][ T7456] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 246.593145][ T7894] syzkaller1: tun_chr_ioctl cmd 1074025676 [ 246.593167][ T7894] syzkaller1: owner set to 0 [ 246.593226][ T7456] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 246.767362][ T7456] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 247.004459][ T7456] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 247.192033][ T7456] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 247.197735][ T7909] netlink: 'syz.1.767': attribute type 29 has an invalid length. [ 247.198108][ T7456] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 247.473126][ T7456] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 247.477067][ T7909] netlink: 'syz.1.767': attribute type 29 has an invalid length. [ 247.478928][ T7911] netlink: 'syz.1.767': attribute type 29 has an invalid length. [ 248.090492][ T7941] loop0: detected capacity change from 0 to 512 [ 248.091606][ T7941] EXT4-fs: Ignoring removed nomblk_io_submit option [ 248.162164][ T7941] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8842c01c, mo2=0002] [ 248.162459][ T7941] EXT4-fs (loop0): orphan cleanup on readonly fs [ 248.169766][ T7941] EXT4-fs warning (device loop0): ext4_enable_quotas:7269: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 248.417691][ T7941] EXT4-fs (loop0): Cannot turn on quotas: error -22 [ 248.418219][ T7941] EXT4-fs error (device loop0): ext4_ext_check_inode:521: inode #13: comm syz.0.774: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 248.418263][ T7941] loop0: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 248.418815][ T7941] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.774: couldn't read orphan inode 13 (err -117) [ 248.418845][ T7941] loop0: lost filesystem error report for type 5 error -117 [ 248.484804][ T7941] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 248.953157][ T5611] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 249.132742][ T5741] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 249.314455][ T5741] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 249.314489][ T5741] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 249.345264][ T5741] usb 2-1: config 0 descriptor?? [ 249.415317][ T5741] cp210x 2-1:0.0: cp210x converter detected [ 249.764089][ T7456] 8021q: adding VLAN 0 to HW filter on device bond0 [ 249.785194][ T5741] cp210x 2-1:0.0: failed to get vendor val 0x0010 size 3: -32 [ 249.786637][ T5741] cp210x 2-1:0.0: GPIO initialisation failed: -524 [ 249.886086][ T5741] usb 2-1: cp210x converter now attached to ttyUSB0 [ 250.053524][ T5741] usb 2-1: USB disconnect, device number 6 [ 250.308894][ T7456] 8021q: adding VLAN 0 to HW filter on device team0 [ 250.337096][ T5741] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 250.356149][ T5741] cp210x 2-1:0.0: device disconnected [ 250.730964][ T44] bridge0: port 1(bridge_slave_0) entered blocking state [ 250.731140][ T44] bridge0: port 1(bridge_slave_0) entered forwarding state [ 250.902985][ T7977] netlink: 60 bytes leftover after parsing attributes in process `syz.0.786'. [ 250.935938][ T1032] bridge0: port 2(bridge_slave_1) entered blocking state [ 250.956785][ T1032] bridge0: port 2(bridge_slave_1) entered forwarding state [ 250.981536][ T7977] netlink: 60 bytes leftover after parsing attributes in process `syz.0.786'. [ 250.986329][ T7982] netlink: 60 bytes leftover after parsing attributes in process `syz.0.786'. [ 251.483698][ T7986] loop0: detected capacity change from 0 to 256 [ 251.860806][ T7989] loop2: detected capacity change from 0 to 4096 [ 251.875167][ T7989] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 251.974397][ T7986] FAT-fs (loop0): Directory bread(block 64) failed [ 251.974432][ T7986] FAT-fs (loop0): Directory bread(block 65) failed [ 251.974538][ T7986] FAT-fs (loop0): Directory bread(block 66) failed [ 251.974645][ T7986] FAT-fs (loop0): Directory bread(block 67) failed [ 251.974754][ T7986] FAT-fs (loop0): Directory bread(block 68) failed [ 251.974778][ T7986] FAT-fs (loop0): Directory bread(block 69) failed [ 251.974885][ T7986] FAT-fs (loop0): Directory bread(block 70) failed [ 251.974915][ T7986] FAT-fs (loop0): Directory bread(block 71) failed [ 251.975015][ T7986] FAT-fs (loop0): Directory bread(block 72) failed [ 251.975039][ T7986] FAT-fs (loop0): Directory bread(block 73) failed [ 252.169664][ T8000] netlink: 'syz.1.794': attribute type 39 has an invalid length. [ 252.474052][ T7989] ntfs3(loop2): ino=1a, mi_enum_attr [ 252.474404][ T7989] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 252.600435][ T7989] ntfs3(loop2): ino=1a, mi_enum_attr [ 252.600464][ T7989] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [ 253.575287][ T7989] ntfs3(loop2): ino=5, "/" ntfs_readdir [ 253.804300][ T8022] netlink: 20 bytes leftover after parsing attributes in process `syz.0.799'. [ 253.804408][ T8022] netlink: 20 bytes leftover after parsing attributes in process `syz.0.799'. [ 254.003267][ T7456] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 254.277761][ T8030] netlink: 276 bytes leftover after parsing attributes in process `syz.0.802'. [ 254.319571][ T8030] netlink: 276 bytes leftover after parsing attributes in process `syz.0.802'. [ 254.358642][ T8032] netlink: 24 bytes leftover after parsing attributes in process `syz.2.803'. [ 254.811186][ T8048] loop0: detected capacity change from 0 to 256 [ 254.979202][ T8048] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 255.623913][ T7456] veth0_vlan: entered promiscuous mode [ 255.735280][ T7456] veth1_vlan: entered promiscuous mode [ 255.908889][ T1339] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.909009][ T1339] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.973064][ T7456] veth0_macvtap: entered promiscuous mode [ 255.998841][ T7456] veth1_macvtap: entered promiscuous mode [ 256.060601][ T7456] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 256.376249][ T7456] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 256.479816][ T161] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 256.506115][ T161] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 256.509472][ T161] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 256.509522][ T161] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 257.141521][ T8082] loop2: detected capacity change from 0 to 512 [ 257.631357][ T8082] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 257.709737][ T8082] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=42c028, mo2=0002] [ 257.710101][ T8082] EXT4-fs (loop2): orphan cleanup on readonly fs [ 258.348011][ T8090] netlink: 4 bytes leftover after parsing attributes in process `syz.3.820'. [ 258.790059][ T3308] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 258.790082][ T3308] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 258.887820][ T8082] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4222: comm syz.2.818: Allocating blocks 41-42 which overlap fs metadata [ 258.887858][ T8082] loop2: lost filesystem error report for type 5 error -117 [ 258.897677][ C1] EXT4-fs (loop2): initial error at time 1777892019: ext4_mb_mark_diskspace_used:4222 [ 258.897836][ C1] EXT4-fs (loop2): last error at time 1777892019: ext4_mb_mark_diskspace_used:4222 [ 259.198928][ T8082] EXT4-fs (loop2): Remounting filesystem read-only [ 259.199325][ T8082] Quota error (device loop2): write_blk: dquota write failed [ 259.199510][ T8082] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 259.199692][ T8082] EXT4-fs (loop2): 1 truncate cleaned up [ 259.274528][ T8082] EXT4-fs (loop2): pa ffff88803444b818: logic 1, phys. 41, len 23 [ 259.330394][ T8082] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 259.586273][ T67] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 259.586295][ T67] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 259.626001][ T5922] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 259.792229][ T5922] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 259.792261][ T5922] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 259.826587][ T5922] usb 4-1: config 0 descriptor?? [ 259.920998][ T5922] cp210x 4-1:0.0: cp210x converter detected [ 260.061084][ T5614] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 260.355934][ T5922] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 260.487744][ T8118] loop1: detected capacity change from 0 to 1024 [ 260.539062][ T5922] usb 4-1: cp210x converter now attached to ttyUSB0 [ 260.607336][ T5922] usb 4-1: USB disconnect, device number 7 [ 260.800845][ T5922] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 260.988023][ T5922] cp210x 4-1:0.0: device disconnected [ 262.260398][ T5922] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 262.431770][ T5922] usb 4-1: Using ep0 maxpacket: 32 [ 262.434120][ T5922] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 262.434150][ T5922] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 262.507572][ T5922] usb 4-1: config 0 descriptor?? [ 262.803952][ T5922] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 263.031305][ T5922] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 263.032411][ T5922] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 263.032477][ T5922] usb 4-1: media controller created [ 263.074834][ T5922] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 263.125736][ T5922] az6027: usb out operation failed. (-71) [ 263.128514][ T5922] az6027: usb out operation failed. (-71) [ 263.128534][ T5922] stb0899_attach: Driver disabled by Kconfig [ 263.128544][ T5922] az6027: no front-end attached [ 263.128544][ T5922] [ 263.128997][ T5922] az6027: usb out operation failed. (-71) [ 263.129012][ T5922] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 263.190035][ T5922] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input10 [ 263.210052][ T5922] dvb-usb: schedule remote query interval to 400 msecs. [ 263.210079][ T5922] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 263.239300][ T5922] usb 4-1: USB disconnect, device number 8 [ 263.287020][ T8169] loop0: detected capacity change from 0 to 128 [ 263.579874][ T8169] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 263.631546][ T8169] ext4 filesystem being mounted at /198/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 263.671988][ T38] audit: type=1326 audit(1777892024.454:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8175 comm="syz.1.843" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f65a355cdd9 code=0x0 [ 263.860031][ T5922] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 264.267376][ T5611] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 264.468748][ T8155] loop5: detected capacity change from 0 to 32768 [ 265.664449][ T8207] sctp: [Deprecated]: syz.5.850 (pid 8207) Use of struct sctp_assoc_value in delayed_ack socket option. [ 265.664449][ T8207] Use struct sctp_sack_info instead [ 266.270402][ T10] usb 3-1: new full-speed USB device number 6 using dummy_hcd [ 266.840022][ T10] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 266.840079][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 266.840108][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 266.840297][ T10] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 266.840341][ T10] usb 3-1: New USB device found, idVendor=10c4, idProduct=8acf, bcdDevice= 0.00 [ 266.840364][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 266.922179][ T10] usb 3-1: config 0 descriptor?? [ 267.466308][ T10] hid-u2fzero 0003:10C4:8ACF.0009: item fetching failed at offset 0/5 [ 267.467129][ T10] hid-u2fzero 0003:10C4:8ACF.0009: probe with driver hid-u2fzero failed with error -22 [ 267.574656][ T10] usb 3-1: USB disconnect, device number 6 [ 267.961158][ T8256] bridge0: port 1(bridge_slave_0) entered disabled state [ 268.158385][ T8263] netlink: 12 bytes leftover after parsing attributes in process `syz.5.871'. [ 268.158413][ T8263] netlink: 12 bytes leftover after parsing attributes in process `syz.5.871'. [ 268.469903][ T10] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 268.672620][ T10] usb 2-1: Using ep0 maxpacket: 16 [ 268.675712][ T10] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 268.675741][ T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 268.709143][ T10] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 268.709173][ T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 268.709194][ T10] usb 2-1: Product: syz [ 268.709209][ T10] usb 2-1: Manufacturer: syz [ 268.709223][ T10] usb 2-1: SerialNumber: syz [ 268.781942][ T10] usb 2-1: config 0 descriptor?? [ 268.893712][ T10] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 268.893750][ T10] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class) [ 269.106728][ T8283] overlayfs: overlapping lowerdir path [ 269.328494][ T67] Bluetooth: (null): Invalid header checksum [ 269.482219][ T10] em28xx 2-1:0.0: chip ID is em28178 [ 269.699248][ T8296] loop0: detected capacity change from 0 to 16 [ 269.719247][ T10] usb 2-1: USB disconnect, device number 7 [ 269.752963][ T10] em28xx 2-1:0.0: Disconnecting em28xx [ 269.790280][ T37] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 269.828546][ T10] em28xx 2-1:0.0: Freeing device [ 269.893992][ T8298] loop3: detected capacity change from 0 to 256 [ 269.991174][ T37] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 269.991207][ T37] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 269.991244][ T37] usb 3-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00 [ 269.991265][ T37] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 270.041067][ T37] usb 3-1: config 0 descriptor?? [ 270.855648][ T8296] erofs (device loop0): mounted with root inode @ nid 36. [ 270.943771][ T37] hid-led 0003:27B8:01ED.000A: probe with driver hid-led failed with error -71 [ 271.095514][ T37] usb 3-1: USB disconnect, device number 7 [ 271.437630][ T8315] loop3: detected capacity change from 0 to 256 [ 271.461608][ T8315] exfat: Deprecated parameter 'utf8' [ 271.461669][ T8315] exfat: Deprecated parameter 'namecase' [ 271.461781][ T8315] exfat: Deprecated parameter 'namecase' [ 271.461807][ T8315] exfat: Deprecated parameter 'utf8' [ 271.711397][ T8315] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012153, chksum : 0x6a70c931, utbl_chksum : 0xe619d30d) [ 271.724431][ T8315] exFAT-fs (loop3): failed to test first cluster bit of root dir(5) [ 272.320657][ T8315] exfat: Deprecated parameter 'utf8' [ 272.320683][ T8315] exfat: Deprecated parameter 'utf8' [ 272.320817][ T8315] exfat: Deprecated parameter 'utf8' [ 272.986072][ T10] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 273.130323][ T10] usb 2-1: Using ep0 maxpacket: 8 [ 273.132424][ T10] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 13 [ 273.221070][ T10] usb 2-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58 [ 273.221103][ T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 273.221132][ T10] usb 2-1: Product: syz [ 273.221147][ T10] usb 2-1: Manufacturer: syz [ 273.221163][ T10] usb 2-1: SerialNumber: syz [ 273.245576][ T10] usb 2-1: config 0 descriptor?? [ 273.279756][ T8350] netlink: 4 bytes leftover after parsing attributes in process `syz.5.907'. [ 273.394211][ T10] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae [ 273.426743][ T8355] loop2: detected capacity change from 0 to 2048 [ 273.511932][ T37] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 273.538181][ T8355] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 273.714859][ T37] usb 1-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config [ 273.714904][ T37] usb 1-1: config 2 interface 0 has no altsetting 0 [ 273.718000][ T37] usb 1-1: New USB device found, idVendor=7a69, idProduct=0001, bcdDevice=a8.6b [ 273.718031][ T37] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 273.718053][ T37] usb 1-1: Product: syz [ 273.718069][ T37] usb 1-1: Manufacturer: syz [ 273.718092][ T37] usb 1-1: SerialNumber: syz [ 273.838251][ T37] usb 1-1: dvb_usb_v2: found a '774 Friio White ISDB-T USB2.0' in warm state [ 273.838280][ T37] usb 1-1: selecting invalid altsetting 0 [ 273.982545][ T37] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 273.988184][ T37] dvbdev: DVB: registering new adapter (774 Friio White ISDB-T USB2.0) [ 273.988239][ T37] usb 1-1: media controller created [ 273.990626][ T10] gspca_zc3xx: reg_w_i err -71 [ 274.045933][ T37] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 274.094799][ T8360] block nbd5: not configured, cannot reconfigure [ 274.169531][ T5614] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 274.580238][ T10] gspca_zc3xx: Unknown sensor - set to TAS5130C [ 274.580349][ T10] gspca_zc3xx 2-1:0.0: probe with driver gspca_zc3xx failed with error -71 [ 274.710483][ T10] usb 2-1: USB disconnect, device number 8 [ 274.908785][ T8373] loop5: detected capacity change from 0 to 512 [ 274.935623][ T8373] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 274.978565][ T37] usb 1-1: USB disconnect, device number 5 [ 275.153131][ T8373] EXT4-fs error (device loop5): ext4_orphan_get:1423: comm syz.5.916: bad orphan inode 131083 [ 275.153165][ T8373] loop5: lost filesystem error report for type 5 error -117 [ 275.187528][ T8373] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 275.298006][ T8373] EXT4-fs error (device loop5): ext4_generic_delete_entry:2673: inode #2: block 13: comm syz.5.916: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 275.350476][ T8373] EXT4-fs error (device loop5) in ext4_delete_entry:2744: Corrupt filesystem [ 275.620263][ T7456] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 275.790920][ T8385] netlink: 8 bytes leftover after parsing attributes in process `syz.3.919'. [ 276.146135][ T8393] netlink: 48 bytes leftover after parsing attributes in process `syz.0.922'. [ 276.161266][ T8393] netlink: 48 bytes leftover after parsing attributes in process `syz.0.922'. [ 276.621012][ T8413] loop0: detected capacity change from 0 to 64 [ 276.685341][ T8413] hfs: unable to locate alternate MDB [ 276.685356][ T8413] hfs: continuing without an alternate MDB [ 277.191104][ T8423] netlink: 28 bytes leftover after parsing attributes in process `syz.3.936'. [ 278.028412][ T8443] netlink: 27 bytes leftover after parsing attributes in process `syz.5.943'. [ 278.194540][ T8449] loop2: detected capacity change from 0 to 256 [ 278.219431][ T8449] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x9059ffb0, utbl_chksum : 0xe619d30d) [ 278.539205][ T8459] netlink: 'syz.0.949': attribute type 8 has an invalid length. [ 278.539228][ T8459] netlink: 16 bytes leftover after parsing attributes in process `syz.0.949'. [ 279.025376][ T8472] loop0: detected capacity change from 0 to 64 [ 279.338779][ T4927] block nbd2: Receive control failed (result -107) [ 279.830326][ T8469] block nbd2: shutting down sockets [ 280.362038][ T8494] loop1: detected capacity change from 0 to 1024 [ 280.643401][ T37] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 280.790287][ T37] usb 4-1: Using ep0 maxpacket: 16 [ 280.792708][ T37] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 280.792766][ T37] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 280.792796][ T37] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 280.792836][ T37] usb 4-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00 [ 280.792861][ T37] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 280.869873][ T37] usb 4-1: config 0 descriptor?? [ 281.370801][ T37] hid-picolcd 0003:04D8:F002.000B: No report with id 0xf3 found [ 281.370827][ T37] hid-picolcd 0003:04D8:F002.000B: No report with id 0xf4 found [ 281.457612][ T8481] loop5: detected capacity change from 0 to 32768 [ 281.605260][ T37] usb 4-1: USB disconnect, device number 9 [ 281.634059][ T8498] loop2: detected capacity change from 0 to 131072 [ 281.765003][ T8498] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 281.862048][ T8498] F2FS-fs (loop2): Mounted with checkpoint version = 753bd00b [ 282.053029][ T8481] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 282.988246][ T37] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 283.238817][ T8516] loop3: detected capacity change from 0 to 256 [ 283.255642][ T7456] ocfs2: Unmounting device (7,5) on (node local) [ 283.786675][ T8516] FAT-fs (loop3): Directory bread(block 64) failed [ 283.786715][ T8516] FAT-fs (loop3): Directory bread(block 65) failed [ 283.786834][ T8516] FAT-fs (loop3): Directory bread(block 66) failed [ 283.786861][ T8516] FAT-fs (loop3): Directory bread(block 67) failed [ 283.786966][ T8516] FAT-fs (loop3): Directory bread(block 68) failed [ 283.786991][ T8516] FAT-fs (loop3): Directory bread(block 69) failed [ 283.787097][ T8516] FAT-fs (loop3): Directory bread(block 70) failed [ 283.787122][ T8516] FAT-fs (loop3): Directory bread(block 71) failed [ 283.787226][ T8516] FAT-fs (loop3): Directory bread(block 72) failed [ 283.787263][ T8516] FAT-fs (loop3): Directory bread(block 73) failed [ 284.404740][ T37] usb 4-1: unable to get BOS descriptor or descriptor too short [ 284.405865][ T37] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 284.405905][ T37] usb 4-1: can't read configurations, error -71 [ 284.587119][ T8527] netlink: 28 bytes leftover after parsing attributes in process `syz.0.976'. [ 285.031730][ T8529] loop5: detected capacity change from 0 to 40427 [ 285.039228][ T8529] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 285.039255][ T8529] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 285.103801][ T8529] F2FS-fs (loop5): invalid crc value [ 285.313913][ T8529] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 285.356275][ T8529] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 285.356311][ T8529] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 286.149526][ T8550] loop0: detected capacity change from 0 to 256 [ 286.230767][ T8550] exfat: Deprecated parameter 'utf8' [ 286.230892][ T8550] exfat: Deprecated parameter 'namecase' [ 286.230955][ T8550] exfat: Deprecated parameter 'namecase' [ 286.417170][ T8550] exFAT-fs (loop0): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc3758327, utbl_chksum : 0xe619d30d) [ 287.352016][ T8562] netlink: 4 bytes leftover after parsing attributes in process `syz.3.991'. [ 287.356232][ T8562] netlink: 12 bytes leftover after parsing attributes in process `syz.3.991'. [ 287.981223][ T8572] loop3: detected capacity change from 0 to 256 [ 288.435690][ T37] usb 1-1: new full-speed USB device number 6 using dummy_hcd [ 288.591325][ T37] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 288.591356][ T37] usb 1-1: config 0 has no interface number 0 [ 288.595626][ T37] usb 1-1: New USB device found, idVendor=0b48, idProduct=1003, bcdDevice=7b.54 [ 288.595654][ T37] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 288.595673][ T37] usb 1-1: Product: syz [ 288.595687][ T37] usb 1-1: Manufacturer: syz [ 288.595699][ T37] usb 1-1: SerialNumber: syz [ 288.657034][ T37] usb 1-1: config 0 descriptor?? [ 288.666086][ T8585] loop5: detected capacity change from 0 to 4096 [ 288.687666][ T8585] ntfs3(loop5): Different NTFS sector size (1024) and media sector size (512). [ 288.723918][ T37] usb 1-1: selecting invalid altsetting 1 [ 288.725620][ T37] dvb_ttusb_budget: ttusb_init_controller: error [ 288.725639][ T37] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB) [ 288.933428][ T37] DVB: Unable to find symbol stv0299_attach() [ 289.179682][ T37] DVB: Unable to find symbol tda8083_attach() [ 289.179697][ T37] dvb_ttusb_budget: no frontend driver found for device [0b48:1003] [ 289.197437][ T8585] ntfs3(loop5): ino=1a, mi_enum_attr [ 289.197469][ T8585] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 289.208150][ T37] usb 1-1: USB disconnect, device number 6 [ 289.966446][ T8612] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1011'. [ 290.512585][ T8623] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1016'. [ 291.806087][ T8628] loop1: detected capacity change from 0 to 32768 [ 292.117895][ T8649] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 292.249433][ T8628] jfs_readdir called with invalid offset! [ 292.606736][ T8642] loop0: detected capacity change from 0 to 32768 [ 292.715600][ T8642] ERROR: (device loop0): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 3 [ 292.715600][ T8642] [ 292.947159][ T8642] ERROR: (device loop0): remounting filesystem as read-only [ 292.995536][ T8669] loop5: detected capacity change from 0 to 64 [ 293.458740][ T8670] hfs: keylen 94 too large [ 293.458759][ T8670] hfs: fail to get the keylen: node_id 2, record index 1 [ 293.807229][ T7456] hfs: node 4:2 still has 1 user(s)! [ 293.919475][ T8681] loop2: detected capacity change from 0 to 512 [ 294.137378][ T8681] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 294.156878][ T8681] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended [ 294.159877][ T8681] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 294.161604][ T8681] System zones: 0-2, 18-18, 34-35 [ 294.292810][ T8681] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 294.519389][ T8700] loop1: detected capacity change from 0 to 256 [ 294.567486][ T8700] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 294.636897][ T5614] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 294.910072][ T8706] program syz.3.1048 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 294.942382][ T37] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 295.009284][ T8709] loop1: detected capacity change from 0 to 256 [ 295.100931][ T37] usb 6-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00 [ 295.100964][ T37] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 295.100978][ T37] usb 6-1: Product: syz [ 295.100988][ T37] usb 6-1: Manufacturer: syz [ 295.100998][ T37] usb 6-1: SerialNumber: syz [ 295.378032][ T8714] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 295.600647][ T37] rtl8150 6-1:1.0: couldn't reset the device [ 295.600973][ T37] rtl8150 6-1:1.0: probe with driver rtl8150 failed with error -5 [ 295.773520][ T37] usb 6-1: USB disconnect, device number 2 [ 296.090044][ T8701] loop0: detected capacity change from 0 to 32768 [ 297.180527][ T1260] usb 4-1: new low-speed USB device number 12 using dummy_hcd [ 297.333149][ T1260] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 16, setting to 8 [ 297.333201][ T1260] usb 4-1: New USB device found, idVendor=5543, idProduct=006e, bcdDevice= 0.00 [ 297.333241][ T1260] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 297.392798][ T1260] usb 4-1: config 0 descriptor?? [ 297.397592][ T8731] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 297.859343][ T8731] loop3: detected capacity change from 0 to 512 [ 297.886449][ T8731] FAT-fs (loop3): Directory bread(block 199916) failed [ 297.886487][ T8731] FAT-fs (loop3): Directory bread(block 199917) failed [ 297.886514][ T8731] FAT-fs (loop3): Directory bread(block 199918) failed [ 297.886540][ T8731] FAT-fs (loop3): Directory bread(block 199919) failed [ 297.886563][ T8731] FAT-fs (loop3): Directory bread(block 199920) failed [ 297.886588][ T8731] FAT-fs (loop3): Directory bread(block 199921) failed [ 297.886613][ T8731] FAT-fs (loop3): Directory bread(block 199922) failed [ 297.886638][ T8731] FAT-fs (loop3): Directory bread(block 199923) failed [ 297.953510][ T1260] hid (null): unknown global tag 0x1c [ 298.164412][ T1260] usb 4-1: string descriptor 0 read error: -71 [ 298.194480][ T1260] uclogic 0003:5543:006E.000C: failed retrieving string descriptor #200: -71 [ 298.194547][ T1260] uclogic 0003:5543:006E.000C: failed retrieving pen parameters: -71 [ 298.194575][ T1260] uclogic 0003:5543:006E.000C: failed probing pen v2 parameters: -71 [ 298.194631][ T1260] uclogic 0003:5543:006E.000C: failed probing parameters: -71 [ 298.194746][ T1260] uclogic 0003:5543:006E.000C: probe with driver uclogic failed with error -71 [ 298.256816][ T1260] usb 4-1: USB disconnect, device number 12 [ 298.673210][ T8748] loop0: detected capacity change from 0 to 512 [ 298.674342][ T8748] EXT4-fs: Ignoring removed nobh option [ 298.674364][ T8748] EXT4-fs: Ignoring removed mblk_io_submit option [ 298.730583][ T8748] EXT4-fs (loop0): orphan cleanup on readonly fs [ 298.730607][ T8748] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -13 [ 298.926814][ T8748] EXT4-fs error (device loop0): ext4_clear_blocks:876: inode #13: comm syz.0.1062: attempt to clear invalid blocks 2 len 1 [ 298.926853][ T8748] loop0: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 298.933221][ C0] EXT4-fs (loop0): error count since last fsck: 1 [ 298.933249][ C0] EXT4-fs (loop0): initial error at time 1777892059: ext4_clear_blocks:876: inode 13 [ 298.933280][ C0] EXT4-fs (loop0): last error at time 1777892059: ext4_clear_blocks:876: inode 13 [ 299.154112][ T8748] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 299.305020][ T8748] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.1062: invalid indirect mapped block 1819239214 (level 0) [ 299.305061][ T8748] loop0: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 299.305634][ T8748] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.1062: invalid indirect mapped block 1819239214 (level 1) [ 299.305667][ T8748] loop0: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 299.375919][ T8748] EXT4-fs (loop0): 1 truncate cleaned up [ 299.409264][ T8748] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 299.530412][ T5741] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 299.683085][ T5611] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 299.770250][ T5741] usb 2-1: Using ep0 maxpacket: 16 [ 299.774258][ T5741] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 299.774296][ T5741] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 299.774321][ T5741] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 299.774369][ T5741] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 299.774396][ T5741] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 299.838555][ T5741] usb 2-1: config 0 descriptor?? [ 300.443392][ T5741] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.000D/input/input11 [ 301.073380][ T5741] microsoft 0003:045E:07DA.000D: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 301.132888][ T5741] usb 2-1: USB disconnect, device number 9 [ 301.218010][ T8789] loop1: detected capacity change from 0 to 2048 [ 301.448466][ T8790] fido_id[8790]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/2-1/report_descriptor': No such file or directory [ 301.545203][ T8798] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 302.003514][ T8802] netlink: 1 bytes leftover after parsing attributes in process `syz.3.1085'. [ 302.003535][ T8802] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1085'. [ 302.003634][ T8802] netlink: 1 bytes leftover after parsing attributes in process `syz.3.1085'. [ 302.962442][ T8819] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1092'. [ 303.740322][ T1261] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 303.987042][ T1261] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 303.987096][ T1261] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 303.987120][ T1261] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 304.040083][ T1261] usb 3-1: config 0 descriptor?? [ 304.524905][ T1261] keytouch 0003:0926:3333.000E: fixing up Keytouch IEC report descriptor [ 304.864652][ T1261] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.000E/input/input12 [ 305.175191][ T8856] loop3: detected capacity change from 0 to 4096 [ 305.208168][ T8856] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 305.883558][ T8856] ntfs3(loop3): ino=19, mi_enum_attr [ 305.883593][ T8856] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 306.663260][ T8881] loop5: detected capacity change from 0 to 128 [ 306.683759][ T8860] loop1: detected capacity change from 0 to 32768 [ 306.732214][ T8860] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1111 (8860) [ 306.848686][ T1261] keytouch 0003:0926:3333.000E: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0 [ 306.889604][ T8860] BTRFS info (device loop1): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 306.889656][ T8860] BTRFS info (device loop1): using blake2b checksum algorithm [ 306.951579][ T1261] usb 3-1: USB disconnect, device number 8 [ 307.303881][ T8860] BTRFS info (device loop1): enabling ssd optimizations [ 307.303907][ T8860] BTRFS info (device loop1): turning on async discard [ 307.303924][ T8860] BTRFS info (device loop1): enabling free space tree [ 307.303956][ T8860] BTRFS info (device loop1): use zstd compression, level 3 [ 307.904576][ T8902] fido_id[8902]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory [ 308.218573][ T8915] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1129'. [ 308.218720][ T38] audit: type=1800 audit(1777892069.004:296): pid=8860 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1111" name="file1" dev="loop1" ino=260 res=0 errno=0 [ 309.340996][ T8925] loop0: detected capacity change from 0 to 1024 [ 309.377704][ T8927] netlink: 'syz.3.1134': attribute type 1 has an invalid length. [ 309.492911][ T8925] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 309.745796][ T5610] BTRFS info (device loop1): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 310.129627][ T8940] loop2: detected capacity change from 0 to 64 [ 310.429023][ T5611] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 310.429494][ T8944] hfs: keylen 94 too large [ 310.429508][ T8944] hfs: fail to get the keylen: node_id 2, record index 1 [ 310.673881][ T5614] hfs: node 4:2 still has 1 user(s)! [ 310.956315][ T8954] netlink: 'syz.2.1143': attribute type 29 has an invalid length. [ 311.032316][ T8952] netlink: 'syz.2.1143': attribute type 29 has an invalid length. [ 311.050903][ T8954] netlink: 'syz.2.1143': attribute type 29 has an invalid length. [ 311.459912][ T8963] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1148'. [ 311.727403][ T8938] loop3: detected capacity change from 0 to 32768 [ 311.956117][ T8938] add_index: next_index = 0. Resetting! [ 311.956146][ T8938] find_entry called with index >= next_index [ 311.956155][ T8938] find_entry called with index >= next_index [ 311.956164][ T8938] find_entry called with index >= next_index [ 311.956172][ T8938] find_entry called with index >= next_index [ 311.997958][ T38] audit: type=1800 audit(1777892072.744:297): pid=8938 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1138" name="bus" dev="loop3" ino=7 res=0 errno=0 [ 312.552274][ T8959] loop1: detected capacity change from 0 to 131072 [ 312.602706][ T8959] F2FS-fs (loop1): invalid crc value [ 312.814670][ T8959] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 312.846366][ T8959] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 313.059885][ T8987] loop0: detected capacity change from 0 to 64 [ 313.365116][ T8987] hfs: keylen 94 too large [ 313.365135][ T8987] hfs: fail to get the keylen: node_id 2, record index 1 [ 313.629817][ T5611] hfs: node 4:2 still has 1 user(s)! [ 314.321913][ T4927] Bluetooth: hci4: command 0x0406 tx timeout [ 316.044863][ T9053] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1155'. [ 316.044893][ T9053] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1155'. [ 316.256214][ T9054] loop0: detected capacity change from 0 to 4096 [ 316.576822][ T9063] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 316.696795][ T9054] NILFS error (device loop0): nilfs_readdir: zero-length directory entry [ 316.753232][ T9054] Remounting filesystem read-only [ 317.335185][ T1339] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.335293][ T1339] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.113613][ T9094] loop2: detected capacity change from 0 to 4096 [ 318.325040][ T9098] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 319.169745][ T9118] program syz.3.1204 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 319.169951][ T9115] netlink: 200 bytes leftover after parsing attributes in process `syz.0.1203'. [ 319.494565][ T9124] loop0: detected capacity change from 0 to 2048 [ 320.287203][ T9124] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 320.349203][ T9124] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 320.627748][ T9124] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 320.875882][ T9146] loop1: detected capacity change from 0 to 256 [ 321.024385][ T9146] FAT-fs (loop1): Directory bread(block 64) failed [ 321.024419][ T9146] FAT-fs (loop1): Directory bread(block 65) failed [ 321.024519][ T9146] FAT-fs (loop1): Directory bread(block 66) failed [ 321.024542][ T9146] FAT-fs (loop1): Directory bread(block 67) failed [ 321.024634][ T9146] FAT-fs (loop1): Directory bread(block 68) failed [ 321.024656][ T9146] FAT-fs (loop1): Directory bread(block 69) failed [ 321.024745][ T9146] FAT-fs (loop1): Directory bread(block 70) failed [ 321.024766][ T9146] FAT-fs (loop1): Directory bread(block 71) failed [ 321.024869][ T9146] FAT-fs (loop1): Directory bread(block 72) failed [ 321.024891][ T9146] FAT-fs (loop1): Directory bread(block 73) failed [ 321.265758][ T9136] loop2: detected capacity change from 0 to 32768 [ 321.522447][ T9136] JBD2: Ignoring recovery information on journal [ 321.749577][ T9136] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 322.503971][ T5614] ocfs2: Unmounting device (7,2) on (node local) [ 322.798619][ T9182] loop3: detected capacity change from 0 to 256 [ 324.843574][ T60] Bluetooth: hci2: link tx timeout [ 324.843896][ T60] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 325.238532][ T60] Bluetooth: hci2: link tx timeout [ 325.238553][ T60] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 325.455382][ T60] Bluetooth: hci2: link tx timeout [ 325.455403][ T60] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 325.544191][ T60] Bluetooth: hci2: link tx timeout [ 325.544213][ T60] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 325.564603][ T9251] loop3: detected capacity change from 0 to 256 [ 325.598451][ T60] Bluetooth: hci2: link tx timeout [ 325.598467][ T60] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 325.707640][ T9254] loop0: detected capacity change from 0 to 2048 [ 325.936988][ T9254] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 326.194552][ T9252] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 326.283035][ T9252] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 34 with error 28 [ 326.283075][ T9252] EXT4-fs (loop0): This should not happen!! Data will be lost [ 326.283075][ T9252] [ 326.283091][ T9252] EXT4-fs (loop0): Total free blocks count 0 [ 326.283106][ T9252] EXT4-fs (loop0): Free/Dirty block details [ 326.283147][ T9252] EXT4-fs (loop0): free_blocks=4096 [ 326.283185][ T9252] EXT4-fs (loop0): dirty_blocks=48 [ 326.283199][ T9252] EXT4-fs (loop0): Block reservation details [ 326.283212][ T9252] EXT4-fs (loop0): i_reserved_data_blocks=3 [ 326.665580][ T5611] EXT4-fs warning (device loop0): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost [ 326.796381][ T5611] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 326.819529][ T60] Bluetooth: hci2: link tx timeout [ 326.819547][ T60] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 326.960243][ T5623] Bluetooth: hci2: command 0x0406 tx timeout [ 327.143687][ T5741] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 327.283829][ T9282] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add() [ 327.300340][ T5741] usb 6-1: Using ep0 maxpacket: 32 [ 327.304351][ T5741] usb 6-1: config 0 has an invalid interface number: 85 but max is 0 [ 327.304406][ T5741] usb 6-1: config 0 has no interface number 0 [ 327.304576][ T5741] usb 6-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 327.304655][ T5741] usb 6-1: config 0 interface 85 has no altsetting 0 [ 327.359191][ T5741] usb 6-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 327.359220][ T5741] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 327.359240][ T5741] usb 6-1: Product: syz [ 327.359273][ T5741] usb 6-1: Manufacturer: syz [ 327.359287][ T5741] usb 6-1: SerialNumber: syz [ 327.394652][ T5741] usb 6-1: config 0 descriptor?? [ 327.877537][ T5741] appletouch 6-1:0.85: Geyser mode initialized. [ 327.932302][ T5741] input: appletouch as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.85/input/input14 [ 328.131832][ C0] appletouch 6-1:0.85: appletouch: OVERFLOW with data length 64, actual length is 64 [ 328.457670][ T1260] usb 6-1: USB disconnect, device number 3 [ 328.457842][ C1] appletouch 6-1:0.85: atp_complete: usb_submit_urb failed with result -19 [ 328.458882][ T5714] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 328.620759][ T5714] usb 4-1: Using ep0 maxpacket: 16 [ 328.623059][ T5714] usb 4-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 25 [ 328.623094][ T5714] usb 4-1: config 0 interface 0 has no altsetting 0 [ 328.623125][ T5714] usb 4-1: New USB device found, idVendor=0e8f, idProduct=0012, bcdDevice= 0.00 [ 328.623149][ T5714] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 328.787052][ T5714] usb 4-1: config 0 descriptor?? [ 328.917065][ T1260] appletouch 6-1:0.85: input: appletouch disconnected [ 329.525828][ T5714] hid_parser_main: 33 callbacks suppressed [ 329.525854][ T5714] greenasia 0003:0E8F:0012.000F: unknown main item tag 0x0 [ 329.525887][ T5714] greenasia 0003:0E8F:0012.000F: unknown main item tag 0x0 [ 329.525917][ T5714] greenasia 0003:0E8F:0012.000F: unknown main item tag 0x0 [ 329.525945][ T5714] greenasia 0003:0E8F:0012.000F: unknown main item tag 0x0 [ 329.525973][ T5714] greenasia 0003:0E8F:0012.000F: unknown main item tag 0x0 [ 329.526003][ T5714] greenasia 0003:0E8F:0012.000F: unknown main item tag 0x0 [ 329.526031][ T5714] greenasia 0003:0E8F:0012.000F: unknown main item tag 0x7 [ 329.526060][ T5714] greenasia 0003:0E8F:0012.000F: invalid report_size 12084 [ 329.526077][ T5714] greenasia 0003:0E8F:0012.000F: item 0 2 1 7 parsing failed [ 329.526817][ T5714] greenasia 0003:0E8F:0012.000F: parse failed [ 329.526909][ T5714] greenasia 0003:0E8F:0012.000F: probe with driver greenasia failed with error -22 [ 329.698816][ T5714] usb 4-1: USB disconnect, device number 13 [ 329.836451][ T9325] loop2: detected capacity change from 0 to 64 [ 330.969678][ T9321] loop5: detected capacity change from 0 to 40427 [ 331.021906][ T9321] F2FS-fs (loop5): invalid crc value [ 331.353890][ T4927] block nbd0: Receive control failed (result -32) [ 331.378792][ T4927] block nbd0: Receive control failed (result -32) [ 331.540584][ T9294] nbd0: detected capacity change from 0 to 128 [ 331.564399][ T9321] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 1 [ 331.753970][ T9346] batadv0: entered allmulticast mode [ 331.774460][ T5601] block nbd0: Dead connection, failed to find a fallback [ 331.774490][ T5601] block nbd0: shutting down sockets [ 331.838380][ T5601] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 331.838765][ T5601] Buffer I/O error on dev nbd0, logical block 0, async page read [ 331.839560][ T5601] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 331.839589][ T5601] Buffer I/O error on dev nbd0, logical block 0, async page read [ 331.839754][ T5601] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 331.839780][ T5601] Buffer I/O error on dev nbd0, logical block 0, async page read [ 331.980370][ T5601] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 331.980402][ T5601] Buffer I/O error on dev nbd0, logical block 0, async page read [ 331.980574][ T5601] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 331.980602][ T5601] Buffer I/O error on dev nbd0, logical block 0, async page read [ 331.980900][ T5601] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 331.980926][ T5601] Buffer I/O error on dev nbd0, logical block 0, async page read [ 331.981103][ T5601] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 331.981138][ T5601] Buffer I/O error on dev nbd0, logical block 0, async page read [ 331.981320][ T5601] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 331.981351][ T5601] Buffer I/O error on dev nbd0, logical block 0, async page read [ 331.981451][ T5601] ldm_validate_partition_table(): Disk read failed. [ 331.981528][ T5601] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 331.981553][ T5601] Buffer I/O error on dev nbd0, logical block 0, async page read [ 332.146514][ T5601] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 332.169486][ T5601] Buffer I/O error on dev nbd0, logical block 0, async page read [ 332.169811][ T5601] Dev nbd0: unable to read RDB block 0 [ 332.200565][ T5601] nbd0: unable to read partition table [ 332.252128][ T5601] ldm_validate_partition_table(): Disk read failed. [ 332.252727][ T5601] Dev nbd0: unable to read RDB block 0 [ 332.253415][ T5601] nbd0: unable to read partition table [ 332.292111][ T9321] F2FS-fs (loop5): Start checkpoint disabled! [ 332.402949][ T9321] F2FS-fs (loop5): f2fs_disable_checkpoint() finish, err:0 [ 332.402980][ T9321] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6 [ 332.486120][ T9351] loop0: detected capacity change from 0 to 1024 [ 332.629803][ T9356] loop3: detected capacity change from 0 to 512 [ 332.657365][ T9356] EXT4-fs: Ignoring removed nobh option [ 332.681341][ T9356] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 333.262574][ T9356] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2860: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 333.392256][ T9356] EXT4-fs (loop3): 1 truncate cleaned up [ 333.399163][ T9356] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 333.956294][ T5613] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 334.511901][ T9388] loop2: detected capacity change from 0 to 512 [ 334.725304][ T9388] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 334.725455][ T9388] ext4 filesystem being mounted at /254/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 334.888273][ T9404] netlink: 'syz.3.1302': attribute type 29 has an invalid length. [ 334.911924][ T9404] netlink: 'syz.3.1302': attribute type 29 has an invalid length. [ 335.056178][ T9410] netlink: 'syz.1.1305': attribute type 21 has an invalid length. [ 335.056298][ T9410] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1305'. [ 335.092292][ T9410] netlink: 'syz.1.1305': attribute type 21 has an invalid length. [ 335.092369][ T9410] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1305'. [ 335.538767][ T5614] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 337.143969][ T9446] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1321'. [ 337.146915][ T9453] loop3: detected capacity change from 0 to 256 [ 337.702795][ T9467] 9p: Unknown access argument ;: -22 [ 338.273860][ T9477] pimreg: entered allmulticast mode [ 338.284634][ T9480] pimreg: left allmulticast mode [ 339.142959][ T9502] loop3: detected capacity change from 0 to 1024 [ 339.940932][ T9521] veth1_macvtap: left promiscuous mode [ 339.940959][ T9521] macsec0: entered promiscuous mode [ 340.025275][ T38] audit: type=1800 audit(1777892100.774:298): pid=9502 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1346" name="file1" dev="loop3" ino=20 res=0 errno=0 [ 340.062423][ T9524] veth1_macvtap: entered promiscuous mode [ 340.212970][ T5741] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 340.217902][ T9524] macsec0: left promiscuous mode [ 340.392842][ T5741] usb 2-1: Using ep0 maxpacket: 8 [ 340.410767][ T5741] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 340.410796][ T5741] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 340.410815][ T5741] usb 2-1: Product: syz [ 340.410829][ T5741] usb 2-1: Manufacturer: syz [ 340.410843][ T5741] usb 2-1: SerialNumber: syz [ 340.468506][ T5741] usb 2-1: config 0 descriptor?? [ 340.523962][ T5741] gspca_main: se401-2.14.0 probing 047d:5003 [ 340.980324][ T1260] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 341.172985][ T1260] usb 1-1: config 220 has an invalid interface number: 76 but max is 2 [ 341.173016][ T1260] usb 1-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 341.173036][ T1260] usb 1-1: config 220 contains an unexpected descriptor of type 0x1, skipping [ 341.173056][ T1260] usb 1-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 341.173077][ T1260] usb 1-1: config 220 has no interface number 2 [ 341.173172][ T1260] usb 1-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 341.173204][ T1260] usb 1-1: config 220 interface 0 has no altsetting 0 [ 341.173223][ T1260] usb 1-1: config 220 interface 76 has no altsetting 0 [ 341.173244][ T1260] usb 1-1: config 220 interface 1 has no altsetting 0 [ 341.175776][ T1260] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 341.175803][ T1260] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 341.175820][ T1260] usb 1-1: Product: syz [ 341.175832][ T1260] usb 1-1: Manufacturer: syz [ 341.175844][ T1260] usb 1-1: SerialNumber: syz [ 341.406384][ T5741] input: se401 as /devices/platform/dummy_hcd.1/usb2/2-1/input/input15 [ 341.465006][ T9548] vivid-007: disconnect [ 341.467263][ T9548] vivid-007: reconnect [ 341.774252][ T1260] [ 341.774267][ T1260] ====================================================== [ 341.774276][ T1260] WARNING: possible circular locking dependency detected [ 341.774295][ T1260] syzkaller #0 Tainted: G L [ 341.774308][ T1260] ------------------------------------------------------ [ 341.774316][ T1260] kworker/0:2/1260 is trying to acquire lock: [ 341.774329][ T1260] ffffffff8e0cc718 (pcpu_alloc_mutex){+.+.}-{4:4}, at: pcpu_alloc_noprof+0x239/0x1920 [ 341.774398][ T1260] [ 341.774398][ T1260] but task is already holding lock: [ 341.774406][ T1260] ffffffff8de67cd8 (wq_pool_mutex){+.+.}-{4:4}, at: __alloc_workqueue+0x9f8/0x1f30 [ 341.774463][ T1260] [ 341.774463][ T1260] which lock already depends on the new lock. [ 341.774463][ T1260] [ 341.774471][ T1260] [ 341.774471][ T1260] the existing dependency chain (in reverse order) is: [ 341.774479][ T1260] [ 341.774479][ T1260] -> #9 (wq_pool_mutex){+.+.}-{4:4}: [ 341.774508][ T1260] mutex_lock_nested+0x5a/0x1d0 [ 341.774531][ T1260] __alloc_workqueue+0x9f8/0x1f30 [ 341.774560][ T1260] alloc_workqueue_noprof+0xe3/0x210 [ 341.774589][ T1260] padata_alloc+0xc1/0x360 [ 341.774608][ T1260] pcrypt_init_padata+0x27/0x100 [ 341.774630][ T1260] pcrypt_init+0x60/0xc0 [ 341.774650][ T1260] do_one_initcall+0x250/0x870 [ 341.774676][ T1260] do_initcall_level+0x104/0x190 [ 341.774697][ T1260] do_initcalls+0x59/0xa0 [ 341.774716][ T1260] kernel_init_freeable+0x2a6/0x3e0 [ 341.774736][ T1260] kernel_init+0x1d/0x1d0 [ 341.774756][ T1260] ret_from_fork+0x514/0xb70 [ 341.774779][ T1260] ret_from_fork_asm+0x1a/0x30 [ 341.774805][ T1260] [ 341.774805][ T1260] -> #8 (cpu_hotplug_lock){++++}-{0:0}: [ 341.774834][ T1260] cpus_read_lock+0x42/0x160 [ 341.774855][ T1260] static_key_disable+0x12/0x20 [ 341.774876][ T1260] __inet_hash_connect+0x2623/0x2630 [ 341.774902][ T1260] tcp_v4_connect+0xd5f/0x19b0 [ 341.774921][ T1260] __inet_stream_connect+0x25a/0xdd0 [ 341.774950][ T1260] inet_stream_connect+0x66/0xa0 [ 341.774980][ T1260] __sys_connect+0x315/0x450 [ 341.775004][ T1260] __x64_sys_connect+0x7a/0x90 [ 341.775027][ T1260] do_syscall_64+0x15f/0xf80 [ 341.775055][ T1260] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 341.775075][ T1260] [ 341.775075][ T1260] -> #7 (sk_lock-AF_INET){+.+.}-{0:0}: [ 341.775103][ T1260] lock_sock_nested+0x41/0x130 [ 341.775124][ T1260] inet_shutdown+0x6a/0x390 [ 341.775162][ T1260] nbd_mark_nsock_dead+0x2e9/0x560 [ 341.775185][ T1260] recv_work+0x1c4c/0x1d60 [ 341.775207][ T1260] process_one_work+0x9a3/0x1710 [ 341.775229][ T1260] worker_thread+0xba8/0x11e0 [ 341.775253][ T1260] kthread+0x388/0x470 [ 341.775280][ T1260] ret_from_fork+0x514/0xb70 [ 341.775303][ T1260] ret_from_fork_asm+0x1a/0x30 [ 341.775330][ T1260] [ 341.775330][ T1260] -> #6 (&nsock->tx_lock){+.+.}-{4:4}: [ 341.775357][ T1260] mutex_lock_nested+0x5a/0x1d0 [ 341.775378][ T1260] nbd_queue_rq+0x37b/0x1100 [ 341.775398][ T1260] blk_mq_dispatch_rq_list+0xa77/0x1910 [ 341.775427][ T1260] __blk_mq_sched_dispatch_requests+0xddb/0x1610 [ 341.775459][ T1260] blk_mq_sched_dispatch_requests+0xda/0x1a0 [ 341.775489][ T1260] blk_mq_run_hw_queue+0x368/0x520 [ 341.775515][ T1260] blk_mq_dispatch_list+0xd1f/0xe20 [ 341.775544][ T1260] blk_mq_flush_plug_list+0x48d/0x570 [ 341.775573][ T1260] __blk_flush_plug+0x3ed/0x4d0 [ 341.775601][ T1260] __submit_bio+0x28d/0x580 [ 341.775617][ T1260] submit_bio_noacct_nocheck+0x2f4/0xa40 [ 341.775645][ T1260] block_read_full_folio+0x7b7/0x830 [ 341.775675][ T1260] filemap_read_folio+0x137/0x3b0 [ 341.775703][ T1260] do_read_cache_folio+0x2bf/0x560 [ 341.775732][ T1260] read_part_sector+0xb8/0x2b0 [ 341.775759][ T1260] adfspart_check_ICS+0xb1/0x960 [ 341.775787][ T1260] bdev_disk_changed+0x817/0x1770 [ 341.775815][ T1260] blkdev_get_whole+0x2e5/0x480 [ 341.775843][ T1260] bdev_open+0x31e/0xcc0 [ 341.775870][ T1260] blkdev_open+0x485/0x620 [ 341.775888][ T1260] do_dentry_open+0x83d/0x13e0 [ 341.775905][ T1260] vfs_open+0x3b/0x350 [ 341.775922][ T1260] path_openat+0x2e43/0x38a0 [ 341.775945][ T1260] do_file_open+0x23e/0x4a0 [ 341.775969][ T1260] do_sys_openat2+0x113/0x200 [ 341.775987][ T1260] __x64_sys_openat+0x138/0x170 [ 341.776006][ T1260] do_syscall_64+0x15f/0xf80 [ 341.776033][ T1260] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 341.776053][ T1260] [ 341.776053][ T1260] -> #5 (&cmd->lock){+.+.}-{4:4}: [ 341.776081][ T1260] mutex_lock_nested+0x5a/0x1d0 [ 341.776102][ T1260] nbd_queue_rq+0xc6/0x1100 [ 341.776121][ T1260] blk_mq_dispatch_rq_list+0xa77/0x1910 [ 341.776157][ T1260] __blk_mq_sched_dispatch_requests+0xddb/0x1610 [ 341.776188][ T1260] blk_mq_sched_dispatch_requests+0xda/0x1a0 [ 341.776218][ T1260] blk_mq_run_hw_queue+0x368/0x520 [ 341.776244][ T1260] blk_mq_dispatch_list+0xd1f/0xe20 [ 341.776273][ T1260] blk_mq_flush_plug_list+0x48d/0x570 [ 341.776302][ T1260] __blk_flush_plug+0x3ed/0x4d0 [ 341.776329][ T1260] __submit_bio+0x28d/0x580 [ 341.776346][ T1260] submit_bio_noacct_nocheck+0x2f4/0xa40 [ 341.776374][ T1260] block_read_full_folio+0x7b7/0x830 [ 341.776403][ T1260] filemap_read_folio+0x137/0x3b0 [ 341.776430][ T1260] do_read_cache_folio+0x2bf/0x560 [ 341.776459][ T1260] read_part_sector+0xb8/0x2b0 [ 341.776486][ T1260] adfspart_check_ICS+0xb1/0x960 [ 341.776514][ T1260] bdev_disk_changed+0x817/0x1770 [ 341.776539][ T1260] blkdev_get_whole+0x2e5/0x480 [ 341.776565][ T1260] bdev_open+0x31e/0xcc0 [ 341.776621][ T1260] blkdev_open+0x485/0x620 [ 341.776639][ T1260] do_dentry_open+0x83d/0x13e0 [ 341.776657][ T1260] vfs_open+0x3b/0x350 [ 341.776674][ T1260] path_openat+0x2e43/0x38a0 [ 341.776697][ T1260] do_file_open+0x23e/0x4a0 [ 341.776721][ T1260] do_sys_openat2+0x113/0x200 [ 341.776739][ T1260] __x64_sys_openat+0x138/0x170 [ 341.776758][ T1260] do_syscall_64+0x15f/0xf80 [ 341.776784][ T1260] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 341.776805][ T1260] [ 341.776805][ T1260] -> #4 (set->srcu){.+.+}-{0:0}: [ 341.776834][ T1260] __synchronize_srcu+0xca/0x300 [ 341.776863][ T1260] elevator_switch+0x1e8/0x7a0 [ 341.776890][ T1260] elevator_change+0x2cc/0x450 [ 341.776916][ T1260] elevator_set_default+0x36c/0x430 [ 341.776945][ T1260] blk_register_queue+0x3e9/0x4e0 [ 341.776962][ T1260] __add_disk+0x677/0xd50 [ 341.776981][ T1260] add_disk_fwnode+0xfb/0x480 [ 341.777001][ T1260] nbd_dev_add+0x72c/0xb50 [ 341.777019][ T1260] nbd_init+0x168/0x1f0 [ 341.777038][ T1260] do_one_initcall+0x250/0x870 [ 341.777063][ T1260] do_initcall_level+0x104/0x190 [ 341.777082][ T1260] do_initcalls+0x59/0xa0 [ 341.777100][ T1260] kernel_init_freeable+0x2a6/0x3e0 [ 341.777119][ T1260] kernel_init+0x1d/0x1d0 [ 341.777137][ T1260] ret_from_fork+0x514/0xb70 [ 341.777169][ T1260] ret_from_fork_asm+0x1a/0x30 [ 341.777197][ T1260] [ 341.777197][ T1260] -> #3 (&q->elevator_lock){+.+.}-{4:4}: [ 341.777227][ T1260] mutex_lock_nested+0x5a/0x1d0 [ 341.777248][ T1260] elevator_change+0x1b3/0x450 [ 341.777276][ T1260] elevator_set_none+0xb5/0x140 [ 341.777303][ T1260] blk_mq_update_nr_hw_queues+0x607/0x1a80 [ 341.777323][ T1260] nbd_start_device+0x17f/0xb20 [ 341.777343][ T1260] nbd_genl_connect+0x1651/0x1c80 [ 341.777362][ T1260] genl_family_rcv_msg_doit+0x22a/0x330 [ 341.777384][ T1260] genl_rcv_msg+0x61c/0x7a0 [ 341.777402][ T1260] netlink_rcv_skb+0x232/0x4b0 [ 341.777427][ T1260] genl_rcv+0x28/0x40 [ 341.777443][ T1260] netlink_unicast+0x780/0x920 [ 341.777465][ T1260] netlink_sendmsg+0x813/0xb40 [ 341.777491][ T1260] sock_sendmsg_nosec+0x112/0x150 [ 341.777510][ T1260] ____sys_sendmsg+0x55c/0x870 [ 341.777537][ T1260] ___sys_sendmsg+0x2a5/0x360 [ 341.777563][ T1260] __x64_sys_sendmsg+0x1c3/0x2a0 [ 341.777590][ T1260] do_syscall_64+0x15f/0xf80 [ 341.777620][ T1260] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 341.777639][ T1260] [ 341.777639][ T1260] -> #2 (&q->q_usage_counter(io)#49){++++}-{0:0}: [ 341.777673][ T1260] blk_alloc_queue+0x54e/0x690 [ 341.777697][ T1260] __blk_mq_alloc_disk+0x197/0x390 [ 341.777715][ T1260] nbd_dev_add+0x499/0xb50 [ 341.777733][ T1260] nbd_init+0x168/0x1f0 [ 341.777752][ T1260] do_one_initcall+0x250/0x870 [ 341.777776][ T1260] do_initcall_level+0x104/0x190 [ 341.777815][ T1260] do_initcalls+0x59/0xa0 [ 341.777834][ T1260] kernel_init_freeable+0x2a6/0x3e0 [ 341.777855][ T1260] kernel_init+0x1d/0x1d0 [ 341.777875][ T1260] ret_from_fork+0x514/0xb70 [ 341.777899][ T1260] ret_from_fork_asm+0x1a/0x30 [ 341.777926][ T1260] [ 341.777926][ T1260] -> #1 (fs_reclaim){+.+.}-{0:0}: [ 341.777954][ T1260] fs_reclaim_acquire+0x71/0x100 [ 341.777981][ T1260] prepare_alloc_pages+0x152/0x6b0 [ 341.778007][ T1260] __alloc_frozen_pages_noprof+0x12f/0x380 [ 341.778036][ T1260] __alloc_pages_noprof+0x10/0x100 [ 341.778063][ T1260] pcpu_populate_chunk+0x182/0xb30 [ 341.778090][ T1260] pcpu_alloc_noprof+0xc29/0x1920 [ 341.778119][ T1260] bpf_map_alloc_percpu+0x72/0x1f0 [ 341.778158][ T1260] prealloc_init+0x217/0x640 [ 341.778184][ T1260] htab_map_alloc+0x69e/0xc90 [ 341.778202][ T1260] map_create+0xafd/0x16b0 [ 341.778229][ T1260] __sys_bpf+0x6e1/0x950 [ 341.778255][ T1260] __x64_sys_bpf+0x7c/0x90 [ 341.778278][ T1260] do_syscall_64+0x15f/0xf80 [ 341.778306][ T1260] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 341.778326][ T1260] [ 341.778326][ T1260] -> #0 (pcpu_alloc_mutex){+.+.}-{4:4}: [ 341.778355][ T1260] __lock_acquire+0x15a5/0x2d10 [ 341.778386][ T1260] lock_acquire+0x106/0x350 [ 341.778414][ T1260] _mutex_lock_killable+0x63/0x1d0 [ 341.778436][ T1260] pcpu_alloc_noprof+0x239/0x1920 [ 341.778464][ T1260] __alloc_workqueue+0xa88/0x1f30 [ 341.778494][ T1260] alloc_workqueue_noprof+0xe3/0x210 [ 341.778525][ T1260] uvc_probe+0x1515/0x96e0 [ 341.778544][ T1260] usb_probe_interface+0x659/0xc70 [ 341.778572][ T1260] really_probe+0x267/0xaf0 [ 341.778596][ T1260] __driver_probe_device+0x1ef/0x380 [ 341.778621][ T1260] driver_probe_device+0x4f/0x240 [ 341.778648][ T1260] __device_attach_driver+0x279/0x430 [ 341.778673][ T1260] bus_for_each_drv+0x25b/0x2f0 [ 341.778691][ T1260] __device_attach+0x2c8/0x450 [ 341.778714][ T1260] device_initial_probe+0xa1/0xd0 [ 341.778737][ T1260] bus_probe_device+0x12d/0x220 [ 341.778755][ T1260] device_add+0x7e9/0xbb0 [ 341.778775][ T1260] usb_set_configuration+0x1a87/0x2110 [ 341.778799][ T1260] usb_generic_driver_probe+0x8d/0x150 [ 341.778824][ T1260] usb_probe_device+0x1c4/0x3b0 [ 341.778849][ T1260] really_probe+0x267/0xaf0 [ 341.778874][ T1260] __driver_probe_device+0x1ef/0x380 [ 341.778899][ T1260] driver_probe_device+0x4f/0x240 [ 341.778923][ T1260] __device_attach_driver+0x279/0x430 [ 341.778966][ T1260] bus_for_each_drv+0x25b/0x2f0 [ 341.778984][ T1260] __device_attach+0x2c8/0x450 [ 341.779009][ T1260] device_initial_probe+0xa1/0xd0 [ 341.779034][ T1260] bus_probe_device+0x12d/0x220 [ 341.779052][ T1260] device_add+0x7e9/0xbb0 [ 341.779072][ T1260] usb_new_device+0x9f8/0x16e0 [ 341.779093][ T1260] hub_event+0x2a49/0x4f60 [ 341.779117][ T1260] process_one_work+0x9a3/0x1710 [ 341.779146][ T1260] worker_thread+0xba8/0x11e0 [ 341.779170][ T1260] kthread+0x388/0x470 [ 341.779199][ T1260] ret_from_fork+0x514/0xb70 [ 341.779223][ T1260] ret_from_fork_asm+0x1a/0x30 [ 341.779251][ T1260] [ 341.779251][ T1260] other info that might help us debug this: [ 341.779251][ T1260] [ 341.779258][ T1260] Chain exists of: [ 341.779258][ T1260] pcpu_alloc_mutex --> cpu_hotplug_lock --> wq_pool_mutex [ 341.779258][ T1260] [ 341.779294][ T1260] Possible unsafe locking scenario: [ 341.779294][ T1260] [ 341.779300][ T1260] CPU0 CPU1 [ 341.779307][ T1260] ---- ---- [ 341.779313][ T1260] lock(wq_pool_mutex); [ 341.779327][ T1260] lock(cpu_hotplug_lock); [ 341.779343][ T1260] lock(wq_pool_mutex); [ 341.779359][ T1260] lock(pcpu_alloc_mutex); [ 341.779373][ T1260] [ 341.779373][ T1260] *** DEADLOCK *** [ 341.779373][ T1260] [ 341.779379][ T1260] 6 locks held by kworker/0:2/1260: [ 341.779392][ T1260] #0: ffff888022ab9938 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x890/0x1710 [ 341.779448][ T1260] #1: ffffc900062f7c40 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x8b7/0x1710 [ 341.779504][ T1260] #2: ffff8880213ce210 (&dev->mutex){....}-{4:4}, at: hub_event+0x17c/0x4f60 [ 341.779557][ T1260] #3: ffff8880618f4210 (&dev->mutex){....}-{4:4}, at: __device_attach+0x88/0x450 [ 341.779611][ T1260] #4: ffff8880256431d8 (&dev->mutex){....}-{4:4}, at: __device_attach+0x88/0x450 [ 341.779666][ T1260] #5: ffffffff8de67cd8 (wq_pool_mutex){+.+.}-{4:4}, at: __alloc_workqueue+0x9f8/0x1f30 [ 341.779727][ T1260] [ 341.779727][ T1260] stack backtrace: [ 341.779756][ T1260] CPU: 0 UID: 0 PID: 1260 Comm: kworker/0:2 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 341.779792][ T1260] Tainted: [L]=SOFTLOCKUP [ 341.779800][ T1260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 341.779819][ T1260] Workqueue: usb_hub_wq hub_event [ 341.779850][ T1260] Call Trace: [ 341.779859][ T1260] [ 341.779868][ T1260] dump_stack_lvl+0xe8/0x150 [ 341.779898][ T1260] print_circular_bug+0x2e1/0x300 [ 341.779925][ T1260] check_noncircular+0x12e/0x150 [ 341.779949][ T1260] __lock_acquire+0x15a5/0x2d10 [ 341.779979][ T1260] ? check_path+0x21/0x40 [ 341.780002][ T1260] ? lockdep_unlock+0x5d/0xd0 [ 341.780027][ T1260] ? __lock_acquire+0x146e/0x2d10 [ 341.780057][ T1260] ? pcpu_alloc_noprof+0x239/0x1920 [ 341.780085][ T1260] lock_acquire+0x106/0x350 [ 341.780128][ T1260] ? pcpu_alloc_noprof+0x239/0x1920 [ 341.780174][ T1260] ? pcpu_alloc_noprof+0x239/0x1920 [ 341.780226][ T1260] ? pcpu_alloc_noprof+0x239/0x1920 [ 341.780257][ T1260] _mutex_lock_killable+0x63/0x1d0 [ 341.780282][ T1260] ? pcpu_alloc_noprof+0x239/0x1920 [ 341.780312][ T1260] ? pcpu_alloc_noprof+0x239/0x1920 [ 341.780343][ T1260] pcpu_alloc_noprof+0x239/0x1920 [ 341.780380][ T1260] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 341.780411][ T1260] ? lockdep_hardirqs_on+0x7a/0x110 [ 341.780443][ T1260] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 341.780478][ T1260] __alloc_workqueue+0xa88/0x1f30 [ 341.780515][ T1260] alloc_workqueue_noprof+0xe3/0x210 [ 341.780545][ T1260] ? lruvec_stat_mod_folio+0x6e/0x3e0 [ 341.780579][ T1260] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 341.780612][ T1260] ? rcu_is_watching+0x15/0xb0 [ 341.780635][ T1260] ? kobject_get+0xcd/0x120 [ 341.780656][ T1260] uvc_probe+0x1515/0x96e0 [ 341.780692][ T1260] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 341.780725][ T1260] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 341.780764][ T1260] ? rt_spin_unlock+0x160/0x200 [ 341.780791][ T1260] usb_probe_interface+0x659/0xc70 [ 341.780827][ T1260] ? __pfx_usb_probe_interface+0x10/0x10 [ 341.780858][ T1260] really_probe+0x267/0xaf0 [ 341.780889][ T1260] __driver_probe_device+0x1ef/0x380 [ 341.780919][ T1260] driver_probe_device+0x4f/0x240 [ 341.780949][ T1260] __device_attach_driver+0x279/0x430 [ 341.780979][ T1260] bus_for_each_drv+0x25b/0x2f0 [ 341.781000][ T1260] ? __pfx___device_attach_driver+0x10/0x10 [ 341.781029][ T1260] ? __pfx_bus_for_each_drv+0x10/0x10 [ 341.781048][ T1260] ? rt_spin_unlock+0x160/0x200 [ 341.781075][ T1260] __device_attach+0x2c8/0x450 [ 341.781104][ T1260] ? __pfx___device_attach+0x10/0x10 [ 341.781131][ T1260] ? rt_spin_unlock+0x160/0x200 [ 341.781170][ T1260] device_initial_probe+0xa1/0xd0 [ 341.781199][ T1260] bus_probe_device+0x12d/0x220 [ 341.781221][ T1260] device_add+0x7e9/0xbb0 [ 341.781246][ T1260] usb_set_configuration+0x1a87/0x2110 [ 341.781286][ T1260] usb_generic_driver_probe+0x8d/0x150 [ 341.781314][ T1260] usb_probe_device+0x1c4/0x3b0 [ 341.781344][ T1260] ? __pfx_usb_probe_device+0x10/0x10 [ 341.781372][ T1260] really_probe+0x267/0xaf0 [ 341.781403][ T1260] __driver_probe_device+0x1ef/0x380 [ 341.781430][ T1260] driver_probe_device+0x4f/0x240 [ 341.781459][ T1260] __device_attach_driver+0x279/0x430 [ 341.781490][ T1260] bus_for_each_drv+0x25b/0x2f0 [ 341.781510][ T1260] ? __pfx___device_attach_driver+0x10/0x10 [ 341.781552][ T1260] ? __pfx_bus_for_each_drv+0x10/0x10 [ 341.781572][ T1260] ? rt_spin_unlock+0x160/0x200 [ 341.781599][ T1260] __device_attach+0x2c8/0x450 [ 341.781624][ T1260] ? __pfx___device_attach+0x10/0x10 [ 341.781651][ T1260] ? rt_spin_unlock+0x160/0x200 [ 341.781679][ T1260] device_initial_probe+0xa1/0xd0 [ 341.781708][ T1260] bus_probe_device+0x12d/0x220 [ 341.781729][ T1260] device_add+0x7e9/0xbb0 [ 341.781755][ T1260] usb_new_device+0x9f8/0x16e0 [ 341.781782][ T1260] ? __pfx_usb_new_device+0x10/0x10 [ 341.781807][ T1260] hub_event+0x2a49/0x4f60 [ 341.781855][ T1260] ? __pfx_hub_event+0x10/0x10 [ 341.781882][ T1260] ? process_one_work+0x8b7/0x1710 [ 341.781912][ T1260] ? process_one_work+0x8b7/0x1710 [ 341.781937][ T1260] process_one_work+0x9a3/0x1710 [ 341.781972][ T1260] ? __pfx_process_one_work+0x10/0x10 [ 341.781996][ T1260] ? do_raw_spin_lock+0x12b/0x2f0 [ 341.782033][ T1260] worker_thread+0xba8/0x11e0 [ 341.782071][ T1260] kthread+0x388/0x470 [ 341.782103][ T1260] ? __pfx_worker_thread+0x10/0x10 [ 341.782128][ T1260] ? __pfx_kthread+0x10/0x10 [ 341.782170][ T1260] ret_from_fork+0x514/0xb70 [ 341.782197][ T1260] ? __pfx_ret_from_fork+0x10/0x10 [ 341.782223][ T1260] ? __switch_to+0xc79/0x1410 [ 341.782244][ T1260] ? __pfx_kthread+0x10/0x10 [ 341.782294][ T1260] ret_from_fork_asm+0x1a/0x30 [ 341.782336][ T1260] [ 341.797466][ T5741] usb 2-1: USB disconnect, device number 10 [ 342.518649][ T1260] uvcvideo 1-1:220.0: Found UVC 7.01 device syz (8086:0b07) [ 342.518695][ T1260] uvcvideo 1-1:220.0: No valid video chain found. [ 342.518761][ T1260] usb 1-1: selecting invalid altsetting 0 [ 343.040302][ T1260] usb 1-1: selecting invalid altsetting 0 [ 343.040335][ T1260] usbtest 1-1:220.1: probe with driver usbtest failed with error -22 [ 343.376553][ T1260] usb 1-1: USB disconnect, device number 7