last executing test programs: 4.679172064s ago: executing program 0 (id=785): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100009dea7840b418fbff7bdc01020301090212000100000000090401"], 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000008c0)={0x1c, &(0x7f0000010000)=ANY=[@ANYBLOB="00000100000001"], 0x0, 0x0}) r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402) ioctl$I2C_RDWR(r1, 0x707, &(0x7f0000000080)={&(0x7f0000000100)=[{0x5, 0x1200, 0x0, 0x0}], 0x1}) 4.327951051s ago: executing program 1 (id=790): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000001540)='./file0\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='iocharset=ascii,discard,dmask=00000000000000000000007,uid=', @ANYRESHEX=0x0, @ANYBLOB=',dmask=00000000000000000000152,iocharset=iso8859-1,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030372c646973636172642c00214b3cf244ea5fb7437f2c69f67a093e240a6e978fa4cd2d"], 0x1, 0x14fe, &(0x7f0000002a80)="$eJzs3AuYjlXXOPC99t43Y5r0NMlh2GuvmycNtkmSHBJySJIkSXJKSJokSUgMOSUNSchxkhyGkBymMWmcz4eckyavNEkSEhL2/9J78L5v7/f1ff/e/993fbN+17Wv2WvuZ61n3bPmmue+n+ua57ueo+q1qF+7GRGJPwT+/CVFCBEjhBgmhLhOCBEIISrFV4q/fLyAgpQ/9iTs3+vh9KvdAbuaeP55G88/b+P55208/7yN55+38fzzNp5/3sbzZywv2z6n2PW88u7i9//zMn79/18kt/zkrzaWv7HXfyOF55+38fzzNp5/3sbzz9t4/nkbz/9/v1r/yTGef97G82csL9sOWoj/Ae9D87o662r//jHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYyxvO+Su0EOKv+6vdF2OMMcYYY4wxxv59fP6r3QFjjDHGGGOMMcb+3wMhhRJaBCKfyC9iRAERK64RceJaUVBcJyLiehEvbhCFxI2isCgiiopiIkEUFyWEESisIBGKkqKUiIqbRGlxs0gUZURZUU44UV4kiVtEBXGrqChuE5XE7aKyuENUEVVFNVFd3ClqiLtETVFL1BZ3izqirqgn6ot7RANxr2go7hONxP2isXhANBEPiqbiIdFMPCyai0dEC/GoaCkeE61Ea9FGtBXt/q/yXxJ9xcuin+gvUsQAMVC8IgaJwWKIGCqGiVfFcPGaGCFeF6lipBgl3hCjxZtijHhLjBXjxHjxtpggJopJYrKYIqaKNPGOmCbeFdPFe2KGmClmidkiXcwRc8X7Yp6YLxaID8RC8aFYJBaLJWKpyBAfiUyxTGSJj8Vy8YnIFivESrFKrBZrxFqxTqwXG8RGsUlsFlvEVrFNbBefih1ip9gldos9Yq/YJz4T+8Xn4oD4QuSIL/+b+Wf/Kb8XCBAgQYIGDfkgH8RADMRCLMRBHBSEghCBCMRDPBSCQlAYCkNRKAoJkAAloAQgIBAQlISSEIUolIbSkAiJUBbKggMHSZAEFeBWqAgVoRJUgspQGapAVagK1aE61IAaUBNqQm2oDXWgDtSDenAP3AP3QkNoCI2gETSGxtAEmkBTaArNoBk0h+bQAlpAS2gJraAVtIE20A7aQXtoDx2gA3SCTtAZOkMX6ALJkAxdoSt0g27QHbpDD+gBPaEn9ILe0BtegpfgZXgZ+kMdOQAGwkAYBINgCAyFofAqDIfX4DV4HVJhJIyCN+ANeBPGwBkYC+NgPIyHGnIiTILJQHIqpEEaTINpMB2mwwyYCTNhNqTDHJgLc2EezIf58AEshA/hQ1gMi2EpZEAGZMIyyIIsWA5nIRtWwEpYBathDayGdbAe1sFG2AQbYQtsgW2wDT6FT2En7ITdsBv2wl74DD6Dz+FzSIUcyIGDcBAOwSE4DIchF3LhCByBo3AUjsExOA7H4QSchFNwEk7DaTgDZ+EcnIPzcB4uwAsJ3zTfW2ZDqpCXaallPplPxsgYGStjZZyMkwVlQRmRERkv42UhWUgWloVlUVlUJsgEWUKWkChRkgxlSVlSRmVUlpalZaJMlGVlWemkk0kySVaQFWRFWVFWkrfLyvIOWUVWlR1ddVld1pCdXE1ZS9aWtWUdWVfWk/VlfdlANpANZUPZSDaSjWVj2UQ+KJvKATAEHpaXJ9NCjoSWchS0kq1lG9lWvgmPy/ZyDHSQHWUn+aQcB2Ohi2zvkuUzsqucBN3kc3IyPC97yKnQU74oe8neso98SfaVHVw/2V/OgAFyoJwNg+RgOUQOlfOgrrw8sXrydZkqR8pR8g25FN6UY+RbcqwcJ8fLt+UEOVFOkpPlFDlVpsl35DT5rpwu35Mz5Ew5S86W6XKOnCvfl/PkfLlAfiAXyg/lIrlYLpFLZYb8SGbKZTJLfiyXy09ktlwhV8pVcrVcI9fKdXK93CA3yk1ys9wit8ptcrv8VO6QO+UuuVvukXvlPvmZ3C8/lwfkFzJHfikPyj/JQ/IreVh+LXPlN/KI/FYeld/JY/J7eVz+IE/Ik/KU/FGelj/JM/KsPCd/luflL/KCvCgvSS+FAiWVUloFKp/Kr2JUARWrrlFx6lpVUF2nIup6Fa9uUIXUjaqwKqKKqmIqQRVXJZRRqKwiFaqSqpSKqptUaXWzSlRlVFlVTjlVXiWpW1QFdauqqG5TldTtqrK6Q1VRVVU1VV3dqWqou1RNVUvVVnerOqquqqfqq3tUA3WvaqjuU43U/aqxekA1UQ+qpuoh1Uw9rJqrR1QL9ahqqR5TrVRr1Ua1Ve3U46q9ekJ1UB1VJ/Wk6qyeUl3U0ypZPaO6qmdVN/Wc6q6eVz3UC6qnelH1Ur1VH3VRXVJe9VP9VYoaoAaqV9QgNVgNUUPVMPWqGq5eUyPU6ypVjVSj1BtqtHpTjVFvqbFqnBqv3lYT1EQ1SU1WU9RUlabeUdPUu2q6ek/NUDPVLDVbpas5ashfKi34L+S/+y/yR/z67NvUdvWp2qF2ql1qt9qj9qp9ap/ar/arA+qAylE56qA6qA6pQ+qwOqxyVa46oo6oo+qoOqaOqePquDqhTqqf1Y/qtPpJnVFn1Vn1szqvzqsLf/kZCA1aaqW1DnQ+nV/H6AI6Vl+j4/S1uqC+Tkf09Tpe36AL6Rt1YV1EF9XFdIIurktoo1FbTTrUJXUpHdU36dL6Zp2oy+iyupx2urxO0rf84fzf66+dbqfb6/a6g+6gO+lOurPurLvoLjpZJ+uuuqvuprvp7rq77qF76J66p+6le+k+uo/uq/vqfrqfTtEpeqB+RQ/Sg/UQPVQP06/q4Xq4HqFH6FSdqkfpUXq0Hq3H6DF6rB6rx+vxeoKeoCfpSXqKnqLTdJqepqfp6Xq6nqFn6Fl6lk7X6Xqunqvn6Xl6gV6gF+qFepFepJfoJTpDZ+hMnamzdJZerpfrbL1Cr9Cr9Cq9Rq/R6/Q6vUFv0Jv0Jr1Fb9HZervernfoHXqX3qX36D16n96n9+v9+oA+oHN0jj6oD+pD+pA+rA/rXJ2rj+gj+qg+qo/pY/q4Pq5P6BP6lD6lT+vT+ow+o8/pc/q8Pq8v6Av6kr50+bIvkIEMdKCDfEG+ICaICWKD2CAuiAsKBgWDSBAJ4oP4oFBwY1A4KBIUDYoFCUHxoERgAgxsQEEYlAxKBdHgpqB0cHOQGJQJygblAheUD5KCW4IKwa1BxeC2oFJwe1A5uCOoUkAE1YLqwZ1BjeCuoGZQK6gd3B3UCeoG9YL6wT1Bg+DeoGFwX9AouD9oHDwQNAkeDJoGDwXNgoeD5sEjQYvg0aBl8FjQKmgdtAnaBu3+uX5Q9Q/U9/5MkSdcP9PfpJgBZqB5xQwyg80QM9QMM6+a4eY1M8K8blLNSDPKvGFGmzfNGPOWGWvGmfHmbTPBTDSTzGQzxUw1aeYdM828a6ab98wMM9PMMrNNuplj5pr3zTwz3ywwH5iF5kOzyCw2S8xSk2E+MplmmckyH5vl5hOTbVaYlWaVWW3WmLVmnVlvNpiNZpPZbLaYrWab2W4+NTvMTrPL7DZ7zF6zz3xm9pvPzQHzhckxX5qD5k/mkPnKHDZfm1zzjTlivjVHzXfmmPneHDc/mBPmpDllfjSnzU/mjDlrzpmfzXnzi7lgLppLxl++uL/88o4aNebDfBiDMRiLsRiHcVgQC2IEIxiP8VgIC2FhLIxFsSgmYAKWwBJ4GSFhSSyJUYxiaSyNiZiIZbEsOnSYhElYAStgRayIlbASVsbKWAWrYDWshnfinXgX3oW1sBbejXdjXayL9bE+NsAG2BAbYiNshI2xMTbBJtgUm2IzbIbNsTm2wBbYEltiK2yFbbANtsN22B7bYwfsgJ2wE3bGztgFu2AyJmNX7IrdsBt2x+7YA3tgT+yJvbAX9sE+2Bf7Yj/shymYggNxIA7CQTgEh+AwHIbDcTiOwBGYiqk4CkfhaByNY3AMjsVxOB7fxgk4ESfhZJyCUzEN03AaTsPpOB1n4AychbMwHdNxLs7FeTgPF+ACXIgLcREuwiW4BDMwAzMxE7MwC5fjcszGbFyJK3E1rsa1uBbX43rciBtxM27GrbgVt+N23IE7cBfuwj24B/fhPtyP+/EAHsAczMGDeBAP4SE8jIcxF3PxCB7Bo3gUj+ExPI7H8QSewFN4Ck/jaTyDZ/AcnsPz+AtewIt4CT3GWCli7TU2zl5rC9rrbIwtYP8+LmqL2QRb3Jawxha2Rf4hRmttoi1jy9py1tnyNsne8pu4iq1qq9nq9k5bw95la/4mbmDvtQ3tfbaRvd/Wt/f8Q9zYPmCb2EdtU/uYbWZb2+a2rW1hH7Ut7WO2lW1t29i2trN9ynaxT9tk+4ztap/9TZxpl9n1doPdaDfZ/fZze87+bI/a7+x5+4vtZ/vbYfZVO9y+ZkfY122qHfmbeLx9206wE+0kO9lOsVN/E8+ys226nWPn2vftPDv/N3GG/cgutFl2kV1sl9ilv8aXe8qyH9vl9hObbVfYlXaVXW3X2LV23d96XWW32K12m91nP7M77E67y+62e+zeX+PL53HAfmFz7Jf2iP3WHrJf2cP2mM213/waXz6/Y/Z7e9z+YE/Yk/aU/dGetj/ZM/bsr+d/+dx/tBftJeutICBJijQFlI/yUwwVoFi6huLoWipI11GErqd4uoEK0Y1UmIpQUSpGCVScSpAhJEtEIZWkUhSlm6g03UyJVIbKUjlyVJ6S6BaqQLdSRbqNKtHtVJnuoCpUlapRdbqTatBdVJNqUW26m+pQXapH9ekeakD3UkO6jxrR/dSYHqAm9CA1pYeoGT1MzekRakGPUkt6jFpRa2pDbakdPU7t6QnqQB2pEz1Jnekp6kJPUzI9Q13pWepGz1F3ep560AvUk16kXtSb+tBL1Jdepn7Un1JoAA2kV2gQDaYhNJSG0as0nF6jEfQ6pdJIGkVv0Gh6k8bQWzSWxtF4epsm0ESaRJNpCk2lNHqHptG7NJ3eoxk0k2bRbEqnOTSX3qd5NJ8W0Ae0kD6kRbSYltBSyqCPKJOWURZ9TMvpE8qmFbSSVtFqWkNraR2tpw20kTbRZtpCW2kbbadPaQftpF20m/bQXtpHn9F++pwO0BeUQ1/SQfoTHaKv6DB9Tbn0DR2hb+kofUfH6Hs6Tj/QCTpJp+hHOk0/0Rk6S+foZzpPv9AFukiXyJMIIZShCnUYhPnC/GFMWCCMDa8J48Jrw4LhdWEkvD6MD28IC4U3hoXDImHRsFiYEBYPS4QmxNCGFIZhybBUGA1vCkuHN4eJYZmwbFgudGH5MCm8JawQ3hpWDG8LK4W3h5XDO8IqYdXw0furh3eGNcK7wpphrbB2eHdYJ6wb1gvrh/eEDcJ7w4bhfWGj8P6wYvhA2CR8MGwaPhQ2Cx8Om4ePhC3CR8OW4WNhq7B12CZsG7YLHw/bh0+EHcKOYafwybBz+FTYJXw6TA6fCbuGz/7u8ZRwQDgwfCV8JfT+PrUkujSaEf0omhldFs2KfhxdHv0kmh1dEV0ZXRVdHV0TXRtdF10f3RDdGN0U3RzdEt0a3Rb1vn5+4cBJp5x2gcvn8rsYV8DFumtcnLvWFXTXuYi73sW7G1whd6Mr7Iq4oq6YS3DFXQlnHDrryIWupCvlou4mV9rd7BJdGVfWlXPOlXdJrq1r59q59u4J18F1dJ3ck+5J95R7yj3tnnbPuK7uWdfNPee6u+ddD/eCe8G96Hq53q6Pe8n1dS+7fq6/S3EpbqAb6Aa5QW6IG+KGuWFuuBvuRrgRLtWlulFulBvtRrsxbowb68a68W68m+AmuElukpviprg0l+amuWluupvuZrgZbpab5dJdupvr5rp5bp5b4Ba4hYkL3SK3yC1xS1yGy3CZLtNluSy33C132S7brXQr3Wq32q11a916t95tdBvdZrfZbXVb3Xa33e1wO9wut8vtcXvcPrfP7Xf73QF3wOW4HHfQHXSH3CF32H3tct037oj71h1137lj7nt33P3gTriT7pT70Z12P7kz7qw75352590v7oK76C4579Ii70SmRd6NTI+8F5kRmRmZFZkdSY/MicyNvB+ZF5kfWRD5ILIw8mFkUWRxZElkaSQj8lEkM7IskhX5OLI88kkkO7IisjKyKrI6sibiffEdoS/pS/mov8mX9jf7RF/Gl/XlvPPlfZK/xVfwt/qK/jZfyd/uK/s7fBVf1Vfzj/lWvrVv49v6dv5x394/4Tv4jr6Tf9J39k/5Lv5pn+yf8V39s76bf85398/7Hv4F39O/6Hv53r6Pf8n39S/7fr6/T/ED/ED/ih/kB/shfqgf5l/1w/1rfoR/3af6kX6Uf8OP9m/6Mf4tP9aP8+P9236Cn+gn+cl+ip/q0/w7fpp/10/37/kZfqaf5Wf7dD/Hz/Xv+3l+vl/gP/AL/Yd+kV/sl/ilPsN/5DP9Mp/lP/bL/Sc+26/wK/0qv9qv8Wv9Or/eb/Ab/Sa/2W/xW/02v91/6nf4nX6X3+33+L1+n//M7/ef+wP+C5/jv/QH/Z/8If+VP+y/9rn+G3/Ef+uP+u/8Mf+9P+5/8Cf8SX/K/+hP+5/8GX/Wn/M/+/P+F3/BX/SX+H/WGGOMMcb+S9TvHB/wL74n/7IuGyiEuHZnsdx/rrm58J/3g2VC54gQ4pn+PR/+66pTJyUl5S+PzVYiKLVYCBG5kp9PXIlXiE7iKZEsOooK/7K/wbL3efqd+tHbhYj9W+dCxIi/xn9f/9b/oP7jT47PrByei/9P6i8WIrHUlZwC4kp8pX7F/6B+kfa/03+Br9KE6PB3OXHiSnylfpJ4Qjwrkv/hkYwxxhhjjDHG2J8NltW6/9798+X78wR9JSe/uBL/3v05Y4wxxhhjjDHGrr7ne/d5+vHk5I7decMb3vDmb5ur/ZeJMcYYY4wx9u925aL/anfCGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4zlXf8/Pk7sap8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdrX9nwAAAP//JhA6YA==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x105042, 0xd) accept$inet6(0xffffffffffffffff, 0x0, 0x0) write$binfmt_format(r0, &(0x7f0000000000)='1\x00', 0x2400) 3.632702914s ago: executing program 4 (id=795): r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x50) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000440)={r1, &(0x7f0000000440), &(0x7f0000000040)=@udp=r0}, 0x20) ioctl$sock_TIOCINQ(r0, 0x541b, 0x0) 3.186754231s ago: executing program 1 (id=800): r0 = io_uring_setup(0x1684, &(0x7f0000000200)={0x0, 0x3a2b, 0x8, 0x7, 0x2}) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a00)=[{0x0}], 0x0, 0x1}, 0x20) 2.980182154s ago: executing program 2 (id=802): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x4001, 0x0, 0xf2b}, 0x10) recvmmsg(r0, &(0x7f0000004080)=[{{0x0, 0x0, 0x0}, 0x38000000}], 0x1, 0x2102, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="180000005600230d000000000000000007"], 0x18}, 0x1, 0x0, 0x0, 0x4000}, 0x4040000) 2.856327506s ago: executing program 4 (id=804): r0 = socket$kcm(0x2, 0x1, 0x84) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_usb_connect(0x5, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000079db8540da0b77010b7d000000010902120001000000000904", @ANYRES32, @ANYRES8=r1, @ANYRESOCT=r0], 0x0) 2.696559144s ago: executing program 2 (id=806): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000340)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_VENDOR(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000380)={0x38, r1, 0x87898b830c7bd19d, 0x3, 0x25dfdbfb, {{}, {@void, @val={0x8, 0x3, r2}, @val={0xc, 0x99, {0xfffffff0, 0x67}}}}, [@NL80211_ATTR_VENDOR_SUBCMD={0x8}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x6}]}, 0x38}, 0x1, 0x0, 0x0, 0x20008080}, 0x20008000) 2.683236188s ago: executing program 0 (id=807): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x6, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'geneve0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000180)="0b032200e0ff25a60200475400f6a13bb1000000080008004803", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r1}, 0x14) 2.551036468s ago: executing program 2 (id=809): mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x6c304000) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bridge0\x00'}) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x3) 2.08819342s ago: executing program 0 (id=813): r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f00000000c0)=0x8004, 0x4) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x44004000) sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000560001060200000000000000070000000080"], 0x1c}], 0x1}, 0x0) 1.991509605s ago: executing program 2 (id=815): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x12, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x1, 0x7e, 0x1, 0xffffffffffffffff, 0x2}, 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0xca, r0}, 0x38) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000005c0)={r0, &(0x7f0000000080), &(0x7f0000000140)=""/241}, 0x20) 1.884259819s ago: executing program 0 (id=816): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) openat$nullb(0xffffffffffffff9c, 0x0, 0x2400, 0x0) r1 = dup(r0) ioctl$VT_SETMODE(r1, 0x5602, &(0x7f0000000040)={0x0, 0x6, 0x7, 0x9}) 1.759043965s ago: executing program 2 (id=818): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) r0 = syz_open_procfs$pagemap(0x0, &(0x7f0000000240)) ioctl$PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f00000004c0)={0x60, 0x0, &(0x7f000023d000/0x4000)=nil, &(0x7f00004fa000/0x4000)=nil, 0x0, &(0x7f00000021c0), 0x4f, 0x3}) 1.616812544s ago: executing program 0 (id=820): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x301) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000780)={0xfffffffe, 0x0, 0x0, 'queue0\x00', 0x48}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r0, 0x40bc5311, &(0x7f0000000100)={0x80, 0x1, 'client1\x00', 0xffffffff80000004, "00000000ffffffe3", "71a19060009f0000000000000000001aa241d3c6895c4100", 0x800000}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a357b6b140cbb6215dd33459"}}], 0xfffffee4) 1.412215432s ago: executing program 4 (id=822): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xa, 0x4, 0xfff, 0x7}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000020b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="df33c9f7b9a60000000000000000", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 1.372714812s ago: executing program 1 (id=823): socket$pppl2tp(0x18, 0x1, 0x1) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file1\x00', 0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="00ea2eb34e7ea51c9446c55a2d1e0be39af9faf44ad59cb6ad1c94490d970e811439edddc71c9b18946b559ce53bee0a1abe562fc3f3898e5826eda1962cf6e3c4c0ade52151923a70b46eacfc1aaaebcf156e549e884bcabc1333f344f31cd30cd93cb2814e0dbc24a7a107e295e86e09283c825fe177c89c6385f68f2c843cffffffff15539bab6142ceed9265ba989d1a283fc4ffc83f3a7a6c746823e656ad78f3b5a336cdbd83dad59e0debb36b4ea5e658e253f01637cc03f704a08019f95b92fffffffff8dd21552d6967ab1b01e5d52a5793eb179deee4572770a5197127b090287bca2a4eaa1705b42c16968d0201d3ba3cc8000000657ea095f152b1b6a1e6ad8d24ad17f649ccc23d4ecbcdb5620cc48f95f563c2230f859d196e6c4f00b8e3a7b01fcb1d79dcc09b7a854ec8c31dd27ff9b4a2864e1dcaf719d20b56769d51228ecc1915fb8c8b598c11b3c296b05f9c5355fc6f19a7b28f5ae9a0d0804ccc5716cfac0246ddffa2f12077a02a959aa1b74373c38b2bcc90743b80666eae25dea73e127263b8fdbc64fe862b994ca8473d0000000000000000"], 0x1, 0x192, &(0x7f0000009480)="$eJzsmL9OKkEUxr/Z5U+4uQm3vbe5JpKAhcvuoEYKC2oLTTQaO4msBF3EwBZA51NY+wTWxIb30EKtLMTOymLN7A7ugH+wQMV4fsWZb2YOw5mzybfJgiCIH8v11f3laTqVEPo3UojL9Rs9zNGU/E7yYea8snJ2bN5ddLrL+eHzGADPe///RwB0CzpcOfe8wV+n5LgOra+j6v4mGAypt6FhQ2obDFtS7ym6JvINY7fi2MZOzSkJYYpgicBFyA3X1ztiKCn1MWW/0WrvFx3Hrn+gGNW/XkHDklKf+rz6vTHD/sGCBkvqHBjWpF5EvN+boCXK/f9FwvP1T77/9xZ/kyNyopiUUkmMQTAIcZsAJqOerxKhP3knDGnFnyKKf2Td6mG20WrPVqrFsl22DzjPLZhzpjnPs74RBfEN/0v4/vRLOT/6Sm6MxdAsum7dCuLTnDfjcOv8JceN+f6nITMdVM3kmor/PvjDpsSQ0eWcIAiCIAiCIAiCIAiCIAhi7PwH87+CDpB/tsRX/ezHAAAA//8Wh3En") r0 = open(&(0x7f00000000c0)='.\x00', 0x149000, 0x190) getdents(r0, 0x0, 0x0) 1.265754023s ago: executing program 4 (id=825): bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1802000000000000000000000000020085000000a800000095"], 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r0}, 0xc) 1.243847905s ago: executing program 0 (id=826): socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) setsockopt$sock_attach_bpf(r0, 0x10f, 0x8a, &(0x7f00000000c0), 0x4) 1.133359893s ago: executing program 4 (id=828): openat(0xffffffffffffff9c, 0x0, 0x42, 0x3c) socket$packet(0x11, 0x3, 0x300) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, 0x0, 0x13, 0x2600c851, &(0x7f0000b63fe4)={0xa, 0x3, 0x0, @loopback={0x0, 0xac141400}}, 0x1c) 1.022270692s ago: executing program 3 (id=829): r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000000)={0x4000000, {0x2, 0x4e22}, {0x2, 0x200, @local}, {0x2, 0x0, @broadcast}, 0x2, 0x0, 0x0, 0x0, 0xfff8, 0x0, 0x0, 0x3}) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCSIFBR(r1, 0x890c, &(0x7f0000000000)=@generic={0x0, 0x2}) 827.018836ms ago: executing program 1 (id=830): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000047c0), 0x2, 0x0) ioctl$PTP_PEROUT_REQUEST(0xffffffffffffffff, 0x40383d03, 0x0) ioctl$UI_SET_SNDBIT(r0, 0x4004556a, 0x700) openat$ptmx(0xffffffffffffff9c, 0x0, 0x70081, 0x0) 826.876149ms ago: executing program 3 (id=831): syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind$802154_raw(r0, &(0x7f0000000000)={0x24, @long}, 0x8) 731.302822ms ago: executing program 3 (id=832): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x6, 0x1, 0x7, 0x7fc00002}]}) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000000)={'bridge0\x00', &(0x7f0000000080)=@ethtool_per_queue_op={0x4b, 0xf, [0x10010001, 0x4, 0x4, 0x4, 0x1, 0x9, 0x57e, 0x8, 0x2, 0x28e8, 0x7, 0x9, 0xff, 0x7ffc, 0x805, 0x74a, 0x80000001, 0x7, 0x0, 0x800, 0xfffffffc, 0x2, 0x1, 0xffff8000, 0x91, 0xffffffff, 0x1, 0x400, 0x2, 0x3, 0x8, 0x8, 0xa2, 0x3, 0x7, 0xfff, 0x4, 0xffffffff, 0x4e6, 0xb13, 0xff, 0x1a5a, 0x10, 0x0, 0x4, 0x4, 0x8b, 0xffffff00, 0x8, 0x224, 0xa, 0x6, 0x9, 0x98f, 0x3d, 0x80000001, 0xfffffff8, 0x2b6395a6, 0x5510, 0x4, 0x9, 0x5, 0x7, 0x7f, 0x5, 0xaf97, 0x0, 0x1, 0x3ff, 0x5, 0x9dc, 0x0, 0x80b1, 0x80, 0x80000001, 0x9, 0x7, 0x3, 0x4, 0x9, 0x1, 0xd640, 0x7, 0x8, 0x3, 0x1, 0x11, 0x9, 0x401, 0x4, 0x9, 0x5, 0x1, 0xc9, 0x1ff, 0x7, 0x1, 0x4, 0x7fff, 0x8, 0x3, 0x400d07, 0x3, 0x6, 0x2000009, 0xfffffffc, 0x7, 0x140000, 0x9, 0x2, 0xfffffff9, 0x0, 0x350d, 0x4, 0x7fff, 0x80, 0x103, 0x80000000, 0x7, 0x5, 0x2, 0x9, 0x3, 0x3ff, 0x3, 0x1, 0x3, 0x7]}}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0182101, &(0x7f0000000180)={0x0, 0x6, 0xffff37a4}) 672.222994ms ago: executing program 3 (id=833): syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000800)='./file1\x00', 0x1000080, &(0x7f0000000b80)=ANY=[@ANYBLOB="0004ea5f4614b02a3b6bb71739d5e5fd1895bfd28f4260917c3ae072c05daa0d3505ebae3909d26847fe38170f0ec38ae8c4f1265fad3a65bf819d9507564d3e6ebeb1987dad4d1b6f6264eee7e3a99dcf28d1445b1711489c14476e595fbd3287789b88aee5e04a55a2ea4e2de71e8587600d496663e5c8742aa739212cb5e23d499f51b214ea99d5cc9a4997c4fb1a6687d1c836bbda3fddcc33b1d97bdf04acdc598f2954a0270e3e3cabd9feaf95e886f21deb4d028366edd8304c70c45d468d0557b99d22046db3d11a2c34b60b731115ff732c92c3c50a7eafbc9d93e1b1507cfd9b0a8931521bfa58bd5cf1b876c1959b27e77421ae7baf5fb6dc02f46b01b278e92b2be94ce52b5324510a922b93d56321e9a2d3d9eeb4f116539b2c6f2fd2fd22d034ca212ccc013bfb70629db63ff133e0ef0835ce5cb8285dc3eb80db66e9bccc3ba5062a86fb752871dbe3f7e513c6ca5305dacb94bbff4279aae3bded7847dd847abe6a92a78191c2f889f09d84009289c79a9e3650c94d6aa33af89e55b71146ab397a7051a194778ca9d097fc8ceff269c8061bdf423276f7a11f4ed0af9541a9a3aca9f5e371bd1610da01265d2cfee39007c95b7239f3fee0d7dbc1baee79e945dff2d298"], 0x1, 0x32b, &(0x7f0000000840)="$eJzs3cFrI1UcB/Bfu9tWKt30IIKC+NCLXoa2/gMG2QWxoNStrB6EWTvVkNmkZMJKVtHevPp3LB69CeI/0It3bx6EXjzuYTGSju22a5aVxTh1+/lA8n7Jy5d5Q3jhdwnv8Ma3t7q7VbabD2P+zRTzETF/L2L1qKrN1U9z9avFOG0/Xm/d+OWl9z/86J325ubVrZSuta+/sZFSuvLyj59/+d0rPw2f/eD7Kz8sxcHqx4e/b/x68PzBC4d/XP+sU6VOlXr9YcrTzX5/mN8si7TTqbpZSu+VRV4VqdOrisGZ+d/K/t7eKOW9nZXlvUFRVSnvjVK3GKVhPw0Ho5R/mnd6KcuytLIcPM723a2tvN30KpitwaCdTzbv0t9mtu82siAAoFH/uP+fvH9UN9n/7+r//1X6/4tg0v8v/rV/z9L/AwAAAAAAAAAAAADA/8G98bg1Ho9bx+PDjymRhQaWyYw8wffPU+TUH/eeiSi/ub19e7se6/n2bnSijCLWohX3I8Yn6vra25tX19KR1Vi59XWdn4yXzubXoxWr0/PrdT6dzS/E8un8RrTiuen5jan5xXjt1VP5LFrx8yfRjzJ2YpJ9kP9qPaW33t18KL909DkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALoYsnZh6fn+WPWq+zp+cr78Wrbg//Xz+tann81+OFy83e+8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcKwa3enmZVkMFE9R8cWlJq6+cC7ufYbF3H69ac7Leh5bHO/yJ4k3+KMEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADXlw6HfTKwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBJ1ehONy/LYjDD4lHXnquH/f/wdgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM69PwMAAP//aEUjOw==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) setresuid(0xffffffffffffffff, 0xee00, 0xffffffffffffffff) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0185879, 0x0) 540.975301ms ago: executing program 4 (id=834): syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x444, &(0x7f00000008c0)=ANY=[@ANYBLOB="75746638006d61703d6f983c756661703d6e6f726d616c2c6909210000f2ff00003dda5de4d586f0df206d65656b416d6f64653d3078303030303010303071303030303030302c73657373696f6e3d307830faffffff30303030303030f4e4b4f82c6d61736b3d4d4159574b50be30c8486470722677b93165cfe6f62127553b2017754598752d977369672c7063723d303030303030303030303030303030303030332c64566e745f6d6561737572652c00000000000000006bbf4d6406b59dbc529c00000000000000fada265ab14119997600a2299d2c35a2efc1bf037787a0d801f26d335ef2ba9ac2423a358ccbb776b21e1d3b", @ANYRESHEX, @ANYRESHEX, @ANYRESHEX, @ANYRES16, @ANYRES16, @ANYRES32, @ANYRES32], 0xfe, 0x678, &(0x7f0000000a80)="$eJzs3Utv29j5x/EfZdmW/QfyL9piEASe5EzSARwgVSR54oGRLqpSlM2pJAqkXNirIp3YgyBypk1SoPFm6k0vQPsGupvNLPoiCnTddd9AlwUG7a5ANyxIirpSku+Zdr4fI9ER+ZDn4SV6Qks8EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkGXXSqWypYbb2t0z09k132vOmJ+sbVH3k8b9uf1KVvRHhYJuJpNufnsw+53or7taS56tqRA9FHT8f+984/G38rl0+RkJnYfOusJXb46fP+l2D16er7fQOs9yV2IiE+VOsdS203IDz21Wtx3jBp7Z2twsPdypB6buNpxgP+g4TWP7Tq7j+Wbdvm/KW1sbxinue7ut7Vq14aQTP/xupVTaNB8t9w7/w4+Kgb3jNhpuazuOiWZHMcv9M8SpNo05fNY92JiXZBRUPk1QZV5QpVSplMuVSnnz0dajD0ul/MSE0hhNRAxO2q/OwccVWhyfcEmv3MDF5aL6/zdLaqiglna1J5P5Y6smX56aU+b3pPX//YfOzH6H639c5f9fazcHs28prv+3k2e3p9X/KbkYmXiBrDnWlOnn+3mlNzrWcz1RV10d6OXlrPfO5WV4tT/bUl5yFciTq6aq2pYj05titKVNbaoUhuFnSo5IXa4achRoX4E6ctSMj4kvR1V15MmX0bps3ZdRWVva0oaMHBW1L0+7amlbNVX1rzAMD/Us3u8bM3JUGlQ+TVC+fw5OBk2r/z9JNk5nq//439M/d04RA7x1Ye/6f7qFrIl3ri4jAAAAAABw2az4t+9W/N79u5JC1d2GU3rbaQEAAAAAgEsUv/O/Fj0sRq13ZU25/g+vPzcAAAAAAHA5rPgeO0vSavyhfmtwJ9RpPgSQeXMAAAAAAAD4aonf/7+9JIXx0Gp3ZJ3p+h8AAAAAAPwX+M3QGPv5dIzdMH1bPycpaC9bf/rHsvxF66S99x3rqBrNqR71YiY+AdCp37LySgbqjcfrXZIUP7OdNas3PnBvEEwrGdhX+vJw3lj/lj+WwNJC+uuLjARuHA8lsJnvPdPv9F4S816v36fHOcVzkl5W627DKdpe43FZ1eqNXMfZ6/z8xbNfSH5/Ow+fdQ+KH3/afRrnchJNOjmK8vhsJJ3cvFxex+MtxPdcZG3xiuppl79tNVetuN9Suv0Lqh7lhjs63fb/SneTmLuryePqcXoEZP2y1ygX40M22Pp4dAhrkEV5fMuzDsSULApxFveSmHvr95KHNL9oPfnkpKoUJ4+BP5xFZTiL+fvC+ufEvpiVhaxCdC5sRFn8OVrRlCw2zpbFxBEBgLflcFCF4kHMJ8fYH6+753mVm1/dvz/ay+s/hMkNhwtSvvfeRHIT4rS6ougVfT0JW0pGcc/fynhFL/XqSkFTXtFLF6huUV9/HHwHUi/t3px8P4t/h2H4uBz3+/uxqvp5tMDnU/sNGpWFaBc+fH3003gA/MgnB58cvKhUNjZLH5RKjypajDej90DtAQBkmP8dO6MRhUE969fuD/pX1U///n7SGqm73+x/pKCoj/WpunqqB+lXCNzJ7nd16GMIDyavWqPYFWk8tqwHU6/q4lo6FFvpxy4qXWT0/wtpAT7QxhUfBQAArtfdOXV4vP5nXbs/SK+7129lXneP1vLxbwieFlu+5j0BAMDXh+N/aa12fm35vtv+cXlrq1zt7DjG9+wfGt+tbTvGbXUc396ptrYd0/a9jmd7DdP2tezWnMAEu+2253dM3fNN2wvcvfib303vq98Dp1ltdVw7aDecauAY22t1qnbH1NzANu3dHzTcYMfx44WDtmO7ddeudlyvZQJvRbZTNCZwnKFAt+a0Om7djZot0/bdZtXfNz/yGrtNx9ScwPbddsdLVpj25bbqnt+MV1tUOOuLDgEA+Np49eb4+ZNu9+DljMaJkkb6ebQZwUtZK3zLmwgAAMactUoXBs3lK0sKAAAAAAAAAAAAAAAAAAAAAACMOM39fzMb6U2B6ZRFZQRL/Sk/u3GqNVsaTPnirxfK8ByN3PiU3ki74fzF/5I08lkxK1FjSVI33f3DMSeXlHx6i8ZpgpU08pe/D1ekrDPhyhrfOxw9DydiopmZs5b7xyJ/8X8OWY0XX0yZNf+MWh7dh0uzNnC0kZf0cukCh+B6X4cAXL//BAAA///pjTsQ") r0 = open(&(0x7f00000000c0)='.\x00', 0x8000, 0x50) getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8) getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8) 304.485061ms ago: executing program 3 (id=835): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1) r2 = eventfd(0x5ef) ioctl$KVM_IOEVENTFD(r1, 0x40a0ae49, &(0x7f0000000080)={0x7ff, 0xffff1000, 0x0, r2}) 291.298975ms ago: executing program 1 (id=836): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000c80)={0x50, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x888e}, @NL80211_ATTR_FRAME={0x20, 0x33, @data_frame={@msdu=@type10={{0x0, 0x2, 0x7, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1}, {0x9}, @random="589733b902f1", @broadcast, @device_a, {0x2, 0x500}, "", @void, @value=@ver_80211n={0x0, 0x5f, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, @a_msdu}}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000}, 0x0) 170.068206ms ago: executing program 2 (id=837): socket(0x10, 0x3, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x400448ca, 0x0) bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) 137.945959ms ago: executing program 1 (id=838): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000280)='nv', 0x2) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10) recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25) 0s ago: executing program 3 (id=839): r0 = socket(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newqdisc={0x14c, 0x24, 0x3fe3aa0262d8c783, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x8}}, [@qdisc_kind_options=@q_choke={{0xa}, {0x11c, 0x2, [@TCA_CHOKE_STAB={0x104, 0x2, "235f9d6797ba4e2a52a482ecd9d71f191473f91a1404d393e00dcc554982ba4b7f0f6ab0023de47ed768a3033ee7e1148743f8df48b601a5e23bb95e24f06252727a815fff47402465288b8433719b22054207f6d0dab066c525f2ca000a326ff5b1ec148d56967f419830b1cdc6271edec8e55c95756b61335190a790dac9a520975cef5353dc301e44f9e67f2b379a656197d91ea909f17ea0fe978a49eb625afdc62db61b739220a3668cd29fbaeef33ba2fea497826cd0de0f2d7ba4d77142e31bdf06bf61f47462d01471e7cad439b217aff332e84033dd3a4714a3d2a01a17817af4b6e44219b569c8d3beeaf0c59e5d60945195fce0c260d0b50586a9"}, @TCA_CHOKE_PARMS={0x14, 0x1, {0x8000, 0x9, 0x8, 0xa, 0x1f, 0x14, 0x7}}]}}]}, 0x14c}}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.68' (ED25519) to the list of known hosts. [ 77.134214][ T5591] cgroup: Unknown subsys name 'net' [ 77.375585][ T5591] cgroup: Unknown subsys name 'cpuset' [ 77.431476][ T5591] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 79.062207][ T5591] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 81.402167][ T60] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 81.421755][ T5608] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 81.422797][ T5608] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 81.425066][ T5608] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 81.433238][ T5608] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 81.434436][ T5612] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 81.437341][ T5612] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 81.448179][ T5608] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 81.455532][ T5608] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 81.460316][ T4922] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 81.590280][ T5608] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 81.616235][ T5608] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 81.618351][ T5608] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 81.619185][ T5612] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 81.631014][ T5612] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 81.631069][ T5608] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 81.633491][ T5608] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 81.646172][ T5608] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 81.647425][ T5608] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 81.648375][ T60] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 81.796697][ T4922] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 81.815489][ T4922] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 81.829362][ T4922] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 81.841488][ T4922] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 81.843677][ T4922] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 83.552787][ T60] Bluetooth: hci0: command tx timeout [ 83.552792][ T4922] Bluetooth: hci1: command tx timeout [ 83.720662][ T4922] Bluetooth: hci2: command tx timeout [ 83.720841][ T4922] Bluetooth: hci3: command tx timeout [ 83.870653][ T60] Bluetooth: hci4: command tx timeout [ 84.188492][ T5605] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.188658][ T5605] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.188826][ T5605] bridge_slave_0: entered allmulticast mode [ 84.194214][ T5605] bridge_slave_0: entered promiscuous mode [ 84.254199][ T5605] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.254349][ T5605] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.254519][ T5605] bridge_slave_1: entered allmulticast mode [ 84.256411][ T5605] bridge_slave_1: entered promiscuous mode [ 84.257901][ T5613] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.258096][ T5613] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.258289][ T5613] bridge_slave_0: entered allmulticast mode [ 84.261789][ T5613] bridge_slave_0: entered promiscuous mode [ 84.343092][ T5613] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.343292][ T5613] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.343611][ T5613] bridge_slave_1: entered allmulticast mode [ 84.345450][ T5613] bridge_slave_1: entered promiscuous mode [ 84.441434][ T5607] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.441738][ T5607] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.441958][ T5607] bridge_slave_0: entered allmulticast mode [ 84.444194][ T5607] bridge_slave_0: entered promiscuous mode [ 84.465550][ T5605] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 84.503891][ T5621] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.504062][ T5621] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.504451][ T5621] bridge_slave_0: entered allmulticast mode [ 84.507434][ T5621] bridge_slave_0: entered promiscuous mode [ 84.511244][ T5607] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.511486][ T5607] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.511722][ T5607] bridge_slave_1: entered allmulticast mode [ 84.517343][ T5607] bridge_slave_1: entered promiscuous mode [ 84.527280][ T5605] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 84.539809][ T5613] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 84.564930][ T5621] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.565176][ T5621] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.565406][ T5621] bridge_slave_1: entered allmulticast mode [ 84.568963][ T5621] bridge_slave_1: entered promiscuous mode [ 84.622408][ T5613] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 84.622742][ T5615] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.622890][ T5615] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.623034][ T5615] bridge_slave_0: entered allmulticast mode [ 84.624904][ T5615] bridge_slave_0: entered promiscuous mode [ 84.788566][ T5615] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.788744][ T5615] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.788887][ T5615] bridge_slave_1: entered allmulticast mode [ 84.792387][ T5615] bridge_slave_1: entered promiscuous mode [ 84.824743][ T5607] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 84.827475][ T5605] team0: Port device team_slave_0 added [ 84.853993][ T5621] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 84.877007][ T5607] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 84.879575][ T5605] team0: Port device team_slave_1 added [ 84.895803][ T5613] team0: Port device team_slave_0 added [ 84.899319][ T5621] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 84.953459][ T5613] team0: Port device team_slave_1 added [ 84.972458][ T5615] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.048203][ T5615] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.052398][ T5607] team0: Port device team_slave_0 added [ 85.055268][ T5605] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.055301][ T5605] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 85.055325][ T5605] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.093579][ T5621] team0: Port device team_slave_0 added [ 85.119147][ T5607] team0: Port device team_slave_1 added [ 85.120342][ T5605] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.120350][ T5605] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 85.120369][ T5605] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.124982][ T5613] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.124996][ T5613] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 85.125019][ T5613] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.131144][ T5621] team0: Port device team_slave_1 added [ 85.194857][ T5613] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.194873][ T5613] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 85.194897][ T5613] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.230363][ T5615] team0: Port device team_slave_0 added [ 85.292240][ T5615] team0: Port device team_slave_1 added [ 85.293430][ T5607] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.293438][ T5607] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 85.293451][ T5607] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.303779][ T5621] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.303788][ T5621] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 85.303802][ T5621] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.331552][ T5607] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.331567][ T5607] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 85.331591][ T5607] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.361109][ T5621] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.361125][ T5621] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 85.361149][ T5621] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.464108][ T5615] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.464124][ T5615] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 85.464147][ T5615] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.484067][ T5605] hsr_slave_0: entered promiscuous mode [ 85.486372][ T5605] hsr_slave_1: entered promiscuous mode [ 85.517916][ T5615] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.517932][ T5615] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 85.517957][ T5615] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.534127][ T5613] hsr_slave_0: entered promiscuous mode [ 85.536390][ T5613] hsr_slave_1: entered promiscuous mode [ 85.538242][ T5613] debugfs: 'hsr0' already exists in 'hsr' [ 85.538354][ T5613] Cannot create hsr debugfs directory [ 85.631928][ T60] Bluetooth: hci0: command tx timeout [ 85.640891][ T60] Bluetooth: hci1: command tx timeout [ 85.662845][ T5607] hsr_slave_0: entered promiscuous mode [ 85.664190][ T5607] hsr_slave_1: entered promiscuous mode [ 85.665182][ T5607] debugfs: 'hsr0' already exists in 'hsr' [ 85.665204][ T5607] Cannot create hsr debugfs directory [ 85.705662][ T5621] hsr_slave_0: entered promiscuous mode [ 85.706997][ T5621] hsr_slave_1: entered promiscuous mode [ 85.708000][ T5621] debugfs: 'hsr0' already exists in 'hsr' [ 85.708022][ T5621] Cannot create hsr debugfs directory [ 85.790769][ T60] Bluetooth: hci3: command tx timeout [ 85.790804][ T60] Bluetooth: hci2: command tx timeout [ 85.950859][ T60] Bluetooth: hci4: command tx timeout [ 86.255040][ T5615] hsr_slave_0: entered promiscuous mode [ 86.256263][ T5615] hsr_slave_1: entered promiscuous mode [ 86.257243][ T5615] debugfs: 'hsr0' already exists in 'hsr' [ 86.257264][ T5615] Cannot create hsr debugfs directory [ 86.867366][ T871] cfg80211: failed to load regulatory.db [ 87.041632][ T5605] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 87.101182][ T5605] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 87.117876][ T5605] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 87.157455][ T5605] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 87.164892][ T5605] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 87.196074][ T5605] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 87.223357][ T5605] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 87.255707][ T5605] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 87.388823][ T5607] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 87.417556][ T5607] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 87.429204][ T5607] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 87.453833][ T5607] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 87.455874][ T5607] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 87.478626][ T5607] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 87.508365][ T5607] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 87.534214][ T5607] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 87.661853][ T5621] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 87.697680][ T5621] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 87.710698][ T60] Bluetooth: hci0: command tx timeout [ 87.712150][ T60] Bluetooth: hci1: command tx timeout [ 87.712259][ T5621] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 87.745925][ T5621] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 87.756406][ T5621] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 87.797930][ T5621] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 87.826147][ T5621] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 87.855581][ T5621] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 87.872261][ T4922] Bluetooth: hci2: command tx timeout [ 87.872340][ T60] Bluetooth: hci3: command tx timeout [ 87.999479][ T5615] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 88.033237][ T60] Bluetooth: hci4: command tx timeout [ 88.042254][ T5615] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 88.060276][ T5615] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 88.097238][ T5615] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 88.105916][ T5615] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 88.134164][ T5615] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 88.161081][ T5615] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 88.205271][ T5615] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 88.368580][ T5613] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 88.397673][ T5613] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 88.411251][ T5605] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.411699][ T5613] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 88.454801][ T5613] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 88.458883][ T5613] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 88.496425][ T5613] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 88.512094][ T5613] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 88.555400][ T5613] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 88.642704][ T5605] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.711390][ T1178] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.711908][ T1178] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.745016][ T5607] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.785742][ T1178] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.785848][ T1178] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.903953][ T5621] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.907507][ T5607] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.984359][ T1178] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.984529][ T1178] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.098555][ T44] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.098662][ T44] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.141569][ T5621] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.205575][ T5615] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.229162][ T44] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.229313][ T44] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.279057][ T44] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.286867][ T44] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.413953][ T5615] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.496906][ T1178] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.497197][ T1178] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.513061][ T5613] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.562056][ T1178] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.563490][ T1178] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.683074][ T5613] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.785451][ T2258] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.785607][ T2258] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.791718][ T4922] Bluetooth: hci0: command tx timeout [ 89.791764][ T60] Bluetooth: hci1: command tx timeout [ 89.945428][ T2258] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.945606][ T2258] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.952707][ T4922] Bluetooth: hci2: command tx timeout [ 89.952753][ T60] Bluetooth: hci3: command tx timeout [ 90.114041][ T60] Bluetooth: hci4: command tx timeout [ 90.208330][ T5605] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 90.844540][ T5605] veth0_vlan: entered promiscuous mode [ 90.936311][ T5605] veth1_vlan: entered promiscuous mode [ 91.100216][ T5607] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.245058][ T5621] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.398035][ T5615] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.418085][ T5605] veth0_macvtap: entered promiscuous mode [ 91.482495][ T5605] veth1_macvtap: entered promiscuous mode [ 91.679701][ T5607] veth0_vlan: entered promiscuous mode [ 91.728211][ T5605] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 91.754888][ T5613] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.786524][ T5605] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 91.787455][ T5607] veth1_vlan: entered promiscuous mode [ 91.843021][ T1178] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.863467][ T1178] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.884616][ T1178] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.892846][ T1178] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.893106][ T5615] veth0_vlan: entered promiscuous mode [ 92.035217][ T5615] veth1_vlan: entered promiscuous mode [ 92.274578][ T5607] veth0_macvtap: entered promiscuous mode [ 92.290077][ T5621] veth0_vlan: entered promiscuous mode [ 92.321697][ T5607] veth1_macvtap: entered promiscuous mode [ 92.393771][ T5613] veth0_vlan: entered promiscuous mode [ 92.416899][ T5621] veth1_vlan: entered promiscuous mode [ 92.418068][ T1178] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.418088][ T1178] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.531181][ T5613] veth1_vlan: entered promiscuous mode [ 92.542029][ T5607] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.543002][ T5615] veth0_macvtap: entered promiscuous mode [ 92.596347][ T5607] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.599759][ T5615] veth1_macvtap: entered promiscuous mode [ 92.610241][ T1178] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.610260][ T1178] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.710313][ T1788] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.728259][ T1788] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.742978][ T2258] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.774104][ T2258] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.808265][ T5621] veth0_macvtap: entered promiscuous mode [ 92.825575][ T5615] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.942935][ T5621] veth1_macvtap: entered promiscuous mode [ 92.972220][ T5615] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.063951][ T5613] veth0_macvtap: entered promiscuous mode [ 93.177552][ T2258] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.284814][ T2258] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.307049][ T5613] veth1_macvtap: entered promiscuous mode [ 93.319601][ T2258] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.363002][ T2258] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.432721][ T5621] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.608203][ T1788] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.608221][ T1788] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.627419][ T5621] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.833715][ T5613] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.835996][ T144] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.977129][ T1788] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.081435][ T1788] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.119255][ T1788] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.194349][ T5613] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.197669][ T1788] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.197688][ T1788] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.359213][ T5736] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 94.359731][ T1788] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.373534][ T168] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.373555][ T168] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.375243][ T1788] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.444869][ T1788] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.463015][ T1788] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.733057][ T5736] usb 2-1: Using ep0 maxpacket: 32 [ 94.795100][ T5736] usb 2-1: config 0 interface 0 altsetting 128 endpoint 0x2 has an invalid bInterval 0, changing to 7 [ 94.795136][ T5736] usb 2-1: config 0 interface 0 has no altsetting 0 [ 94.795171][ T5736] usb 2-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00 [ 94.795193][ T5736] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 94.939154][ T5736] usb 2-1: config 0 descriptor?? [ 95.607513][ T5736] usbhid 2-1:0.0: can't add hid device: -71 [ 95.607631][ T5736] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 95.720165][ T5736] usb 2-1: USB disconnect, device number 2 [ 95.729902][ T168] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.729922][ T168] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.846243][ T2258] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.846259][ T2258] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.045262][ T44] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.045283][ T44] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.186615][ T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.186635][ T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.298815][ T1788] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.298834][ T1788] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.063027][ T5815] Bluetooth: MGMT ver 1.23 [ 97.207807][ T38] audit: type=1326 audit(1779833350.501:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5816 comm="syz.1.11" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7ab29ce59 code=0x7ffc0000 [ 97.207860][ T38] audit: type=1326 audit(1779833350.551:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5816 comm="syz.1.11" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fa7ab29ce59 code=0x7ffc0000 [ 97.207893][ T38] audit: type=1326 audit(1779833350.551:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5816 comm="syz.1.11" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7ab29ce59 code=0x7ffc0000 [ 97.207923][ T38] audit: type=1326 audit(1779833350.561:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5816 comm="syz.1.11" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fa7ab29ce59 code=0x7ffc0000 [ 97.207954][ T38] audit: type=1326 audit(1779833350.561:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5816 comm="syz.1.11" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7ab29ce59 code=0x7ffc0000 [ 97.219257][ T38] audit: type=1326 audit(1779833350.581:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5816 comm="syz.1.11" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7ab29ce59 code=0x7ffc0000 [ 97.280304][ T5819] loop3: detected capacity change from 0 to 512 [ 97.292686][ T5819] EXT4-fs: Ignoring removed orlov option [ 97.322173][ T5819] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 97.385478][ T5819] EXT4-fs error (device loop3): ext4_iget_extra_inode:5128: inode #15: comm syz.3.12: corrupted in-inode xattr: e_value size too large [ 97.385665][ T5819] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 97.391304][ C1] EXT4-fs (loop3): error count since last fsck: 1 [ 97.391327][ C1] EXT4-fs (loop3): initial error at time 1779833350: ext4_iget_extra_inode:5128: inode 15 [ 97.391351][ C1] EXT4-fs (loop3): last error at time 1779833350: ext4_iget_extra_inode:5128: inode 15 [ 97.400963][ T5819] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.12: couldn't read orphan inode 15 (err -117) [ 97.401147][ T5819] loop3: lost filesystem error report for type 5 error -117 [ 97.428502][ T5819] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 97.882034][ T5607] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.474502][ T5830] sg_write: data in/out 286720/136 bytes for SCSI command 0x0-- guessing data in; [ 98.474502][ T5830] program syz.4.5 not setting count and/or reply_len properly [ 99.594358][ T5853] xt_l2tp: missing protocol rule (udp|l2tpip) [ 99.757118][ T5856] loop3: detected capacity change from 0 to 512 [ 99.857434][ T5856] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 99.857454][ T5856] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 100.558319][ T38] audit: type=1326 audit(1779833353.921:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5866 comm="syz.4.30" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe6a39bce59 code=0x0 [ 100.729588][ T5856] EXT4-fs (loop3): 1 orphan inode deleted [ 100.729614][ T5856] EXT4-fs (loop3): 1 truncate cleaned up [ 100.804779][ T5856] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 100.829036][ T5875] loop1: detected capacity change from 0 to 2048 [ 100.850418][ T5875] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=3932051, location=3932051 [ 100.883528][ T5802] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 100.921076][ T5856] EXT4-fs error (device loop3): ext4_inlinedir_to_tree:1332: inode #12: block 7: comm syz.3.26: path /6/file0/file0: bad entry in directory: directory entry overrun - offset=788, inode=13, rec_len=784, size=60 fake=0 [ 101.018437][ T5875] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found! [ 101.111608][ T5802] usb 3-1: Using ep0 maxpacket: 8 [ 101.127700][ T5802] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 101.127749][ T5802] usb 3-1: New USB device found, idVendor=04d9, idProduct=a070, bcdDevice= 0.00 [ 101.127773][ T5802] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 101.178168][ T5875] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 101.185866][ T5856] EXT4-fs (loop3): Remounting filesystem read-only [ 101.324873][ T5802] usb 3-1: config 0 descriptor?? [ 101.747462][ T5884] netlink: 'syz.4.37': attribute type 19 has an invalid length. [ 101.747935][ T5884] netlink: 16 bytes leftover after parsing attributes in process `syz.4.37'. [ 102.138693][ T5607] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.358451][ T5802] holtek_mouse 0003:04D9:A070.0001: unexpected long global item [ 102.359202][ T5802] holtek_mouse 0003:04D9:A070.0001: hid parse failed: -22 [ 102.359277][ T5802] holtek_mouse 0003:04D9:A070.0001: probe with driver holtek_mouse failed with error -22 [ 102.396040][ T5888] loop4: detected capacity change from 0 to 1024 [ 102.519771][ T5802] usb 3-1: USB disconnect, device number 2 [ 102.620181][ T5896] netlink: 8 bytes leftover after parsing attributes in process `syz.3.36'. [ 102.620202][ T5896] netlink: 4 bytes leftover after parsing attributes in process `syz.3.36'. [ 102.620225][ T5896] netlink: 'syz.3.36': attribute type 15 has an invalid length. [ 102.620236][ T5896] netlink: 'syz.3.36': attribute type 18 has an invalid length. [ 102.793241][ T823] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 103.060703][ T823] usb 1-1: Using ep0 maxpacket: 32 [ 103.078636][ T823] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 103.078668][ T823] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 103.078705][ T823] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 103.078726][ T823] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 103.259479][ T823] usb 1-1: config 0 descriptor?? [ 103.289582][ T823] hub 1-1:0.0: USB hub found [ 103.498589][ T823] hub 1-1:0.0: config failed, can't read hub descriptor (err -90) [ 104.110571][ T823] hid-generic 0003:046D:C31C.0002: item fetching failed at offset 0/1 [ 104.111200][ T823] hid-generic 0003:046D:C31C.0002: probe with driver hid-generic failed with error -22 [ 104.311475][ T823] usb 1-1: USB disconnect, device number 2 [ 104.658464][ T5926] capability: warning: `syz.3.55' uses deprecated v2 capabilities in a way that may be insecure [ 104.803999][ T5926] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 104.804033][ T5926] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 104.804045][ T5926] overlayfs: fs on './file0' does not support file handles, falling back to xino=off. [ 104.804130][ T5926] overlayfs: conflicting lowerdir path [ 105.058491][ T5929] loop9: detected capacity change from 0 to 524287936 [ 105.076572][ T5923] loop1: detected capacity change from 0 to 8192 [ 105.130527][ T5923] ======================================================= [ 105.130527][ T5923] WARNING: The mand mount option has been deprecated and [ 105.130527][ T5923] and is ignored by this kernel. Remove the mand [ 105.130527][ T5923] option from the mount to silence this warning. [ 105.130527][ T5923] ======================================================= [ 106.013350][ T38] audit: type=1800 audit(1779833359.351:9): pid=5923 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.53" name="file1" dev="loop1" ino=1048605 res=0 errno=0 [ 106.549505][ T5958] process 'syz.2.68' launched './file0' with NULL argv: empty string added [ 106.580785][ T5736] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 106.780982][ T5736] usb 4-1: Using ep0 maxpacket: 32 [ 106.797964][ T5736] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 106.798002][ T5736] usb 4-1: too many endpoints for config 0 interface 0 altsetting 252: 255, using maximum allowed: 30 [ 106.798038][ T5736] usb 4-1: config 0 interface 0 altsetting 252 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 106.798062][ T5736] usb 4-1: config 0 interface 0 altsetting 252 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 106.798088][ T5736] usb 4-1: config 0 interface 0 has no altsetting 0 [ 106.798118][ T5736] usb 4-1: New USB device found, idVendor=056e, idProduct=00fd, bcdDevice= 0.00 [ 106.798139][ T5736] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 106.934442][ T5964] loop4: detected capacity change from 0 to 64 [ 107.021909][ T5736] usb 4-1: config 0 descriptor?? [ 107.276276][ T5972] netlink: 4 bytes leftover after parsing attributes in process `syz.1.74'. [ 107.494836][ T5736] elecom 0003:056E:00FD.0003: unknown main item tag 0x0 [ 107.494875][ T5736] elecom 0003:056E:00FD.0003: unknown main item tag 0x0 [ 107.494900][ T5736] elecom 0003:056E:00FD.0003: unknown main item tag 0x0 [ 107.719221][ T5736] elecom 0003:056E:00FD.0003: hidraw0: USB HID v0.02 Device [HID 056e:00fd] on usb-dummy_hcd.3-1/input0 [ 107.811756][ T5736] usb 4-1: USB disconnect, device number 2 [ 108.072409][ T5988] loop1: detected capacity change from 0 to 1024 [ 108.074217][ T5988] EXT4-fs: Ignoring removed orlov option [ 108.188835][ T5988] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a002c018, mo2=0002] [ 108.189009][ T5988] System zones: 0-1, 3-12 [ 108.230760][ T5988] EXT4-fs (loop1): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 108.456304][ T5986] fido_id[5986]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 108.626516][ T5996] EXT4-fs error (device loop1): ext4_find_dest_de:2050: inode #2: block 16: comm syz.1.81: bad entry in directory: directory entry overrun - offset=60, inode=21519, rec_len=1024, size=1024 fake=0 [ 108.824113][ T38] audit: type=1804 audit(1779833362.151:10): pid=6007 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.80" name="/newroot/9/file0" dev="tmpfs" ino=65 res=1 errno=0 [ 108.897507][ T5988] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2860: Unable to expand inode 12. Delete some EAs or run e2fsck. [ 109.104474][ T6016] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 109.132140][ T5605] EXT4-fs (loop1): unmounting filesystem 00000000-0500-0000-0000-000000000000. [ 109.645322][ T6022] loop2: detected capacity change from 0 to 4096 [ 109.731340][ T6024] Driver unsupported XDP return value 0 on prog (id 8) dev N/A, expect packet loss! [ 110.020765][ T6022] NILFS (loop2): invalid segment: Checksum error in segment payload [ 110.020788][ T6022] NILFS (loop2): trying rollback from an earlier position [ 110.493525][ T6022] NILFS (loop2): recovery complete [ 110.555171][ T6037] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 111.735563][ T6056] block nbd0: server does not support multiple connections per device. [ 111.853219][ T6056] block nbd0: shutting down sockets [ 112.585643][ T9] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 112.790867][ T9] usb 1-1: Using ep0 maxpacket: 8 [ 112.799941][ T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 112.799993][ T9] usb 1-1: New USB device found, idVendor=2833, idProduct=0201, bcdDevice=2a.d5 [ 112.800015][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 112.861315][ T9] usb 1-1: config 0 descriptor?? [ 113.459255][ T9] uvcvideo 1-1:0.0: Found UVC 0.00 device (2833:0201) [ 113.459362][ T9] uvcvideo 1-1:0.0: No valid video chain found. [ 113.483704][ T9] usb 1-1: USB disconnect, device number 3 [ 113.552220][ T6104] loop1: detected capacity change from 0 to 32768 [ 113.659056][ T6109] loop2: detected capacity change from 0 to 1024 [ 113.660196][ T6104] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 113.766207][ T6104] XFS (loop1): Ending clean mount [ 113.796521][ T6104] XFS (loop1): Quotacheck needed: Please wait. [ 113.833593][ T6109] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 113.833750][ T6109] ext4 filesystem being mounted at /30/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 114.234107][ T6104] XFS (loop1): Quotacheck: Done. [ 114.315361][ T6126] batadv_slave_0: entered promiscuous mode [ 114.316759][ T6124] batadv_slave_0: left promiscuous mode [ 114.456420][ T6095] loop4: detected capacity change from 0 to 32768 [ 114.602568][ T5605] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 114.688579][ T5613] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 114.869261][ T6095] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 114.909572][ T6135] loop3: detected capacity change from 0 to 256 [ 115.112209][ T6095] XFS (loop4): Ending clean mount [ 115.384769][ T6135] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012c80, chksum : 0x8ff561f5, utbl_chksum : 0xe619d30d) [ 115.528740][ T6135] exFAT-fs (loop3): start_clu is invalid cluster(0xffffffff) [ 116.169178][ T5621] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 117.001976][ T6175] loop2: detected capacity change from 0 to 2048 [ 117.117523][ T6182] capability: warning: `syz.1.150' uses 32-bit capabilities (legacy support in use) [ 117.122213][ T6182] program syz.1.150 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 117.309863][ T6175] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 117.456094][ T38] audit: type=1800 audit(1779833370.821:11): pid=6175 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.149" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 117.541793][ T6183] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 117.623310][ T6190] loop3: detected capacity change from 0 to 256 [ 117.727539][ T6175] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 19 with max blocks 479 with error 28 [ 117.727571][ T6175] EXT4-fs (loop2): This should not happen!! Data will be lost [ 117.727571][ T6175] [ 117.727585][ T6175] EXT4-fs (loop2): Total free blocks count 0 [ 117.727598][ T6175] EXT4-fs (loop2): Free/Dirty block details [ 117.728142][ T6175] EXT4-fs (loop2): free_blocks=4096 [ 117.728209][ T6175] EXT4-fs (loop2): dirty_blocks=512 [ 117.728220][ T6175] EXT4-fs (loop2): Block reservation details [ 117.728230][ T6175] EXT4-fs (loop2): i_reserved_data_blocks=32 [ 118.084466][ T6190] FAT-fs (loop3): Directory bread(block 64) failed [ 118.084508][ T6190] FAT-fs (loop3): Directory bread(block 65) failed [ 118.084635][ T6190] FAT-fs (loop3): Directory bread(block 66) failed [ 118.084656][ T6190] FAT-fs (loop3): Directory bread(block 67) failed [ 118.084758][ T6190] FAT-fs (loop3): Directory bread(block 68) failed [ 118.084780][ T6190] FAT-fs (loop3): Directory bread(block 69) failed [ 118.084865][ T6190] FAT-fs (loop3): Directory bread(block 70) failed [ 118.084885][ T6190] FAT-fs (loop3): Directory bread(block 71) failed [ 118.084984][ T6190] FAT-fs (loop3): Directory bread(block 72) failed [ 118.085004][ T6190] FAT-fs (loop3): Directory bread(block 73) failed [ 118.159951][ T1178] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 118.334512][ T5613] EXT4-fs warning (device loop2): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost [ 118.697784][ T6209] netlink: 12 bytes leftover after parsing attributes in process `syz.4.164'. [ 120.115065][ T6251] netlink: 12 bytes leftover after parsing attributes in process `syz.0.180'. [ 120.629675][ T6270] loop2: detected capacity change from 0 to 256 [ 121.100614][ T5702] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 121.209790][ T6287] loop0: detected capacity change from 0 to 256 [ 121.225745][ T6287] exfat: Deprecated parameter 'namecase' [ 121.250929][ T5702] usb 2-1: Using ep0 maxpacket: 32 [ 121.253746][ T5702] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 121.253773][ T5702] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 121.253795][ T5702] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 121.253816][ T5702] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 121.253836][ T5702] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 121.253876][ T5702] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 121.253897][ T5702] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 121.318112][ T9] usb 4-1: new full-speed USB device number 3 using dummy_hcd [ 121.365241][ T5702] usb 2-1: config 0 descriptor?? [ 121.497135][ T6287] exFAT-fs (loop0): failed to load upcase table (idx : 0x0001fe89, chksum : 0xeb34f926, utbl_chksum : 0xe619d30d) [ 121.527550][ T9] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 121.527576][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 121.619254][ T9] usb 4-1: config 0 descriptor?? [ 121.632292][ T9] cp210x 4-1:0.0: cp210x converter detected [ 121.708390][ T5702] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 3 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 122.301800][ T9] usb 4-1: cp210x converter now attached to ttyUSB0 [ 122.369398][ T9] usb 4-1: USB disconnect, device number 3 [ 122.458606][ T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 122.657392][ T6313] syz.4.208 uses obsolete (PF_INET,SOCK_PACKET) [ 122.668532][ T9] cp210x 4-1:0.0: device disconnected [ 122.883231][ T6319] loop4: detected capacity change from 0 to 256 [ 122.888466][ T6319] exfat: Deprecated parameter 'utf8' [ 122.888487][ T6319] exfat: Deprecated parameter 'utf8' [ 122.888599][ T6319] exfat: Deprecated parameter 'utf8' [ 123.017252][ T6319] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d) [ 123.197708][ T6326] loop3: detected capacity change from 0 to 64 [ 123.739677][ T6341] xt_l2tp: missing protocol rule (udp|l2tpip) [ 124.026930][ T5736] usb 2-1: USB disconnect, device number 3 [ 124.272300][ T6353] loop2: detected capacity change from 0 to 16 [ 124.273727][ T5736] usblp0: removed [ 124.694638][ T6353] erofs (device loop2): mounted with root inode @ nid 36. [ 125.284106][ T6378] kAFS: unable to lookup cell 'ÿ' [ 125.284530][ T6378] kAFS: unable to lookup cell '(,c¾Ì' [ 125.592178][ T5736] IPVS: starting estimator thread 0... [ 125.592197][ T6387] IPVS: ip_vs_add_dest(): server weight less than zero [ 125.780694][ T6390] IPVS: using max 9 ests per chain, 21600 per kthread [ 125.860672][ T9] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 125.963643][ T5702] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 126.011233][ T9] usb 2-1: Using ep0 maxpacket: 32 [ 126.013874][ T9] usb 2-1: config 0 has an invalid interface number: 51 but max is 0 [ 126.013899][ T9] usb 2-1: config 0 has no interface number 0 [ 126.042152][ T9] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 126.042182][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 126.042201][ T9] usb 2-1: Product: syz [ 126.042214][ T9] usb 2-1: Manufacturer: syz [ 126.042228][ T9] usb 2-1: SerialNumber: syz [ 126.111990][ T9] usb 2-1: config 0 descriptor?? [ 126.145822][ T5702] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 126.145879][ T5702] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 126.145902][ T5702] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 126.221033][ T9] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 126.271132][ T5702] usb 1-1: config 0 descriptor?? [ 126.635096][ T9] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 126.704568][ T9] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 126.755123][ T5702] ath6kl: Unsupported hardware version: 0x0 [ 126.775946][ T5702] ath6kl: Failed to init ath6kl core: -22 [ 126.804598][ T5702] ath6kl_usb 1-1:0.0: probe with driver ath6kl_usb failed with error -22 [ 126.882622][ C0] usb 2-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 126.891098][ T871] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 126.935131][ T5878] usb 2-1: USB disconnect, device number 4 [ 127.050658][ T871] usb 3-1: Using ep0 maxpacket: 16 [ 127.057120][ T871] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 127.057182][ T871] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 127.057209][ T871] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 127.057229][ T871] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 127.057247][ T871] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 127.118233][ T5736] usb 1-1: USB disconnect, device number 4 [ 127.135358][ T871] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 127.135385][ T871] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 127.135418][ T871] usb 3-1: Manufacturer: syz [ 127.269952][ T6412] loop3: detected capacity change from 0 to 1764 [ 127.271444][ T6412] iso9660: Bad value for 'dmode' [ 127.303686][ T5878] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 127.323655][ T871] usb 3-1: config 0 descriptor?? [ 127.363949][ T5878] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 127.374548][ T5878] quatech2 2-1:0.51: device disconnected [ 127.622221][ T6415] netlink: 'syz.3.253': attribute type 1 has an invalid length. [ 127.622242][ T6415] netlink: 244 bytes leftover after parsing attributes in process `syz.3.253'. [ 127.840705][ T871] rc_core: IR keymap rc-hauppauge not found [ 127.840724][ T871] Registered IR keymap rc-empty [ 127.861715][ T871] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 127.881688][ T871] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 127.957477][ T871] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0 [ 127.976928][ T871] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input6 [ 128.021129][ T6423] loop1: detected capacity change from 0 to 4096 [ 128.136859][ T871] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 128.153337][ T871] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 128.170850][ T871] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 128.192847][ T871] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 128.212920][ T871] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 128.230775][ T871] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 128.255078][ T871] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 128.271031][ T871] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 128.292271][ T871] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 128.310755][ T871] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 128.394901][ T871] mceusb 3-1:0.0: Registered with mce emulator interface version 1 [ 128.394985][ T871] mceusb 3-1:0.0: 2 tx ports (0x1 cabled) and 2 rx sensors (0x0 active) [ 128.469338][ T871] usb 3-1: USB disconnect, device number 3 [ 128.810849][ T6435] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 129.204212][ T6445] loop4: detected capacity change from 0 to 128 [ 129.219960][ T6441] syz.0.265 (6441) used greatest stack depth: 18880 bytes left [ 129.903969][ T5736] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 130.081528][ T5736] usb 3-1: Using ep0 maxpacket: 8 [ 130.087284][ T5736] usb 3-1: config 179 has an invalid interface number: 65 but max is 0 [ 130.087309][ T5736] usb 3-1: config 179 has no interface number 0 [ 130.087350][ T5736] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 130.087373][ T5736] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 130.087399][ T5736] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 52, changing to 9 [ 130.087423][ T5736] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 8241, setting to 1024 [ 130.087447][ T5736] usb 3-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 130.087470][ T5736] usb 3-1: config 179 interface 65 has no altsetting 0 [ 130.087500][ T5736] usb 3-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 130.087520][ T5736] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 130.251111][ T9] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 130.384752][ T6464] loop3: detected capacity change from 0 to 4096 [ 130.410625][ T9] usb 2-1: Using ep0 maxpacket: 32 [ 130.434581][ T9] usb 2-1: config index 0 descriptor too short (expected 29220, got 36) [ 130.434609][ T9] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 130.434628][ T9] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 130.434675][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 130.434695][ T9] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 130.434715][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 130.434733][ T9] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 130.434752][ T9] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 130.434789][ T9] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 130.434810][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 130.587024][ T9] usb 2-1: config 0 descriptor?? [ 130.721539][ T5736] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input7 [ 131.175336][ T9] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 5 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 131.319586][ T9] usb 2-1: USB disconnect, device number 5 [ 131.400411][ T4958] input input7: unable to receive magic message: -71 [ 131.454123][ T6477] loop4: detected capacity change from 0 to 2048 [ 131.585972][ C1] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -1 [ 131.615923][ T9] usblp0: removed [ 131.737521][ T4958] input input7: unable to receive magic message: -71 [ 131.788737][ T6477] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 131.788884][ T6477] ext4 filesystem being mounted at /56/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 132.017944][ T4958] input input7: unable to receive magic message: -71 [ 132.056783][ T6481] loop0: detected capacity change from 0 to 64 [ 132.493198][ T4958] input input7: unable to receive magic message: -71 [ 132.563978][ T5621] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 132.769107][ T5736] usb 3-1: USB disconnect, device number 4 [ 132.769201][ C1] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 132.953366][ T1336] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.961275][ T1336] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.124089][ T6464] ntfs3(loop3): Failed to read $UpCase (-4). [ 133.874466][ T6507] loop1: detected capacity change from 0 to 32768 [ 133.934111][ T6507] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 133.989893][ T6507] XFS (loop1): Ending clean mount [ 134.012658][ T6507] XFS (loop1): Quotacheck needed: Please wait. [ 134.088204][ T6513] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check. [ 134.529973][ T5802] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 134.700348][ T5802] usb 5-1: Using ep0 maxpacket: 32 [ 134.705017][ T5802] usb 5-1: config index 0 descriptor too short (expected 35577, got 27) [ 134.705044][ T5802] usb 5-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 134.705064][ T5802] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 134.705074][ T5802] usb 5-1: config 1 has no interface number 0 [ 134.705113][ T5802] usb 5-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 134.705127][ T5802] usb 5-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 134.705149][ T5802] usb 5-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 134.705161][ T5802] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 134.816935][ T5802] snd_usb_pod 5-1:1.1: Line 6 Pocket POD found [ 134.924852][ T6507] XFS (loop1): Quotacheck: Done. [ 135.074348][ T5802] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now attached [ 135.313862][ T5605] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 135.452744][ T6542] loop0: detected capacity change from 0 to 512 [ 135.458047][ T6542] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 135.604399][ T9] usb 5-1: USB disconnect, device number 2 [ 135.702156][ T9] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now disconnected [ 135.797975][ T6542] EXT4-fs (loop0): 1 truncate cleaned up [ 135.843960][ T6542] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 135.909345][ T6542] EXT4-fs error (device loop0): ext4_generic_delete_entry:2673: inode #2: block 13: comm syz.0.303: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 135.909923][ T6542] EXT4-fs error (device loop0) in ext4_delete_entry:2744: Corrupt filesystem [ 135.910422][ T6542] EXT4-fs warning (device loop0): ext4_rename_delete:3739: inode #2: comm syz.0.303: Deleting old file: nlink 4, error=-117 [ 136.389010][ T6553] isofs_fill_super: bread failed, dev=loop9, iso_blknum=16, block=32 [ 136.447080][ T5615] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.510674][ T9] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 136.660776][ T9] usb 3-1: Using ep0 maxpacket: 16 [ 136.662945][ T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 136.662996][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 136.663022][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 136.663042][ T9] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 136.663065][ T9] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 136.664356][ T9] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 136.664382][ T9] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 136.664401][ T9] usb 3-1: Manufacturer: syz [ 136.671367][ T9] usb 3-1: config 0 descriptor?? [ 137.103963][ T6565] loop3: detected capacity change from 0 to 256 [ 137.111486][ T9] rc_core: IR keymap rc-hauppauge not found [ 137.111507][ T9] Registered IR keymap rc-empty [ 137.111649][ T9] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 137.130662][ T9] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 137.202198][ T9] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0 [ 137.242472][ T9] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input8 [ 137.335722][ T6565] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 137.335754][ T6565] FAT-fs (loop3): Filesystem has been set read-only [ 137.336174][ T6565] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 137.336208][ T6565] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 137.337826][ T38] audit: type=1800 audit(1779833390.701:12): pid=6565 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.312" name="file1" dev="loop3" ino=1048610 res=0 errno=0 [ 137.339693][ T9] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 137.375749][ T9] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 137.412033][ T9] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 137.437056][ T9] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 137.451037][ T9] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 137.471038][ T9] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 137.493373][ T9] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 137.510824][ T9] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 137.530668][ T9] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 137.555320][ T9] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 137.585956][ T5831] usb 1-1: new full-speed USB device number 5 using dummy_hcd [ 137.726451][ T9] mceusb 3-1:0.0: Registered with mce emulator interface version 1 [ 137.726474][ T9] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 137.822844][ T5831] usb 1-1: config 0 has no interfaces? [ 137.824112][ T5831] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 137.824138][ T5831] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 137.824170][ T5831] usb 1-1: SerialNumber: syz [ 137.873468][ T9] usb 3-1: USB disconnect, device number 5 [ 137.930722][ T5831] usb 1-1: config 0 descriptor?? [ 138.177612][ T5702] usb 1-1: USB disconnect, device number 5 [ 138.392606][ T5831] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 138.541348][ T5831] usb 5-1: Using ep0 maxpacket: 32 [ 138.543973][ T5831] usb 5-1: config 4 interface 0 altsetting 0 has an endpoint descriptor with address 0xE4, changing to 0x84 [ 138.544006][ T5831] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 64, changing to 10 [ 138.544030][ T5831] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 49791, setting to 1024 [ 138.546834][ T5831] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 138.546861][ T5831] usb 5-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 138.546877][ T5831] usb 5-1: Product: syz [ 138.546884][ T5831] usb 5-1: Manufacturer: syz [ 138.716587][ T6599] netlink: 'syz.1.325': attribute type 2 has an invalid length. [ 138.717449][ T5831] hub 5-1:4.0: USB hub found [ 138.837950][ T5831] hub 5-1:4.0: config failed, hub has too many ports! (err -19) [ 138.992399][ T6606] loop0: detected capacity change from 0 to 512 [ 139.240948][ T5831] usb 5-1: USB disconnect, device number 3 [ 139.576678][ T6620] loop0: detected capacity change from 0 to 512 [ 139.625780][ T6620] EXT4-fs error (device loop0): ext4_iget_extra_inode:5128: inode #15: comm syz.0.334: corrupted in-inode xattr: invalid ea_ino [ 139.625814][ T6620] loop0: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 139.635232][ C1] EXT4-fs (loop0): initial error at time 1779833392: ext4_iget_extra_inode:5128: inode 15 [ 139.635286][ C1] EXT4-fs (loop0): last error at time 1779833392: ext4_iget_extra_inode:5128: inode 15 [ 139.682364][ T6620] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.334: couldn't read orphan inode 15 (err -117) [ 139.682397][ T6620] loop0: lost filesystem error report for type 5 error -117 [ 139.686482][ T6620] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 139.711294][ T5702] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 139.864724][ T5702] usb 2-1: Using ep0 maxpacket: 32 [ 139.869842][ T5702] usb 2-1: too many endpoints for config 0 interface 0 altsetting 4: 254, using maximum allowed: 30 [ 139.869889][ T5702] usb 2-1: config 0 interface 0 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 254 [ 139.869915][ T5702] usb 2-1: config 0 interface 0 has no altsetting 0 [ 139.869947][ T5702] usb 2-1: New USB device found, idVendor=056a, idProduct=00e6, bcdDevice= 0.00 [ 139.869970][ T5702] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 139.914103][ T5702] usb 2-1: config 0 descriptor?? [ 140.167738][ T6632] loop2: detected capacity change from 0 to 2048 [ 140.292934][ T6632] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 140.351375][ T6632] EXT4-fs error (device loop2): ext4_ext_precache:631: inode #2: comm syz.2.338: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5) [ 140.406864][ T5702] wacom 0003:056A:00E6.0004: ignoring exceeding usage max [ 140.416049][ T5702] wacom 0003:056A:00E6.0004: unknown main item tag 0x0 [ 140.416088][ T5702] wacom 0003:056A:00E6.0004: unknown main item tag 0x2 [ 140.463221][ T6632] EXT4-fs (loop2): Remounting filesystem read-only [ 140.488141][ T5615] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 140.622022][ T5613] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 140.622857][ T5878] usb 2-1: USB disconnect, device number 6 [ 140.859941][ T6646] loop2: detected capacity change from 0 to 512 [ 140.868691][ T6646] EXT4-fs: Ignoring removed mblk_io_submit option [ 140.869672][ T6646] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 141.046779][ T6646] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #16: comm syz.2.342: invalid indirect mapped block 83886080 (level 1) [ 141.046817][ T6646] loop2: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 141.059416][ C1] EXT4-fs (loop2): initial error at time 1779833394: ext4_free_branches:1023: inode 16 [ 141.059452][ C1] EXT4-fs (loop2): last error at time 1779833394: ext4_free_branches:1023: inode 16 [ 141.204418][ T6646] EXT4-fs (loop2): Remounting filesystem read-only [ 141.205002][ T6646] EXT4-fs (loop2): 1 orphan inode deleted [ 141.205020][ T6646] EXT4-fs (loop2): 1 truncate cleaned up [ 141.207748][ T6646] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 141.450445][ T6665] loop0: detected capacity change from 0 to 2048 [ 141.479092][ T5613] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.677021][ T6669] netlink: 4 bytes leftover after parsing attributes in process `syz.1.354'. [ 141.678365][ T6665] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 141.963744][ T6679] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 141.998558][ T6679] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2 with error 28 [ 141.998591][ T6679] EXT4-fs (loop0): This should not happen!! Data will be lost [ 141.998591][ T6679] [ 141.998604][ T6679] EXT4-fs (loop0): Total free blocks count 0 [ 141.998616][ T6679] EXT4-fs (loop0): Free/Dirty block details [ 141.998629][ T6679] EXT4-fs (loop0): free_blocks=66060288 [ 141.998642][ T6679] EXT4-fs (loop0): dirty_blocks=16 [ 141.998654][ T6679] EXT4-fs (loop0): Block reservation details [ 141.998665][ T6679] EXT4-fs (loop0): i_reserved_data_blocks=1 [ 142.416958][ T144] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 2 with max blocks 2 with error 28 [ 142.495631][ T5615] EXT4-fs warning (device loop0): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost [ 142.574092][ T6689] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3) [ 142.574117][ T6689] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 142.627686][ T6689] vhci_hcd vhci_hcd.0: Device attached [ 142.780714][ T5831] usb 5-1: new low-speed USB device number 4 using dummy_hcd [ 142.860961][ T5702] usb 41-1: new low-speed USB device number 2 using vhci_hcd [ 142.950871][ T5802] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 142.970307][ T5831] usb 5-1: config 0 has no interfaces? [ 142.970342][ T5831] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 142.970361][ T5831] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 143.020283][ T5831] usb 5-1: config 0 descriptor?? [ 143.089011][ T871] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 143.143013][ T5802] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 143.143061][ T5802] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 143.143080][ T5802] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 143.204727][ T5802] usb 4-1: config 0 descriptor?? [ 143.270642][ T871] usb 3-1: Using ep0 maxpacket: 16 [ 143.272690][ T871] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 227, changing to 11 [ 143.272736][ T871] usb 3-1: New USB device found, idVendor=05ac, idProduct=027d, bcdDevice= 0.00 [ 143.272758][ T871] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 143.294414][ T6692] usb 41-1: recv xbuf, 0 [ 143.321423][ T823] usb 5-1: USB disconnect, device number 4 [ 143.350357][ T871] usb 3-1: config 0 descriptor?? [ 143.403966][ T1788] vhci_hcd vhci_hcd.4: stop threads [ 143.404834][ T1788] vhci_hcd vhci_hcd.4: release socket [ 143.444245][ T1788] vhci_hcd vhci_hcd.4: disconnect device [ 143.460760][ T5702] vhci_hcd vhci_hcd.4: vhci_device speed not set [ 143.509864][ T5802] usbhid 4-1:0.0: can't add hid device: -71 [ 143.509973][ T5802] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 143.570269][ T5802] usb 4-1: USB disconnect, device number 4 [ 143.867110][ T871] apple 0003:05AC:027D.0005: unknown main item tag 0x0 [ 143.867146][ T871] apple 0003:05AC:027D.0005: unknown main item tag 0x0 [ 143.867173][ T871] apple 0003:05AC:027D.0005: unknown main item tag 0x0 [ 143.867198][ T871] apple 0003:05AC:027D.0005: unknown main item tag 0x0 [ 143.867223][ T871] apple 0003:05AC:027D.0005: unknown main item tag 0x0 [ 143.867447][ T871] apple 0003:05AC:027D.0005: unknown main item tag 0x0 [ 143.867474][ T871] apple 0003:05AC:027D.0005: unknown main item tag 0x0 [ 143.867500][ T871] apple 0003:05AC:027D.0005: unknown main item tag 0x0 [ 144.028417][ T871] apple 0003:05AC:027D.0005: hidraw0: USB HID v7e.ff Device [HID 05ac:027d] on usb-dummy_hcd.2-1/input0 [ 144.086821][ T871] usb 3-1: USB disconnect, device number 6 [ 144.109599][ T6706] netlink: 20 bytes leftover after parsing attributes in process `syz.4.366'. [ 144.222914][ T6707] fido_id[6707]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory [ 144.313215][ T5802] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 144.472788][ T5802] usb 4-1: Using ep0 maxpacket: 32 [ 144.490075][ T5802] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 144.490124][ T5802] usb 4-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40 [ 144.490145][ T5802] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 144.497445][ T5802] usb 4-1: config 0 descriptor?? [ 144.517837][ T5802] ldusb 4-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 144.530189][ T5802] ldusb 4-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 144.758592][ T6704] loop0: detected capacity change from 0 to 32768 [ 144.932898][ T6713] loop2: detected capacity change from 0 to 256 [ 144.934137][ T6713] exfat: Deprecated parameter 'utf8' [ 144.966335][ T871] usb 4-1: USB disconnect, device number 5 [ 145.016999][ T871] ldusb 4-1:0.0: LD USB Device #0 now disconnected [ 145.045270][ T6713] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xbe5fd08b, utbl_chksum : 0xe619d30d) [ 146.741724][ T5938] udevd[5938]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory [ 146.841703][ T6742] loop2: detected capacity change from 0 to 64 [ 147.499890][ T6755] loop3: detected capacity change from 0 to 256 [ 147.584982][ T6755] exfat: Deprecated parameter 'utf8' [ 147.585004][ T6755] exfat: Deprecated parameter 'utf8' [ 147.585117][ T6755] exfat: Deprecated parameter 'utf8' [ 147.645552][ T6755] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d) [ 148.086739][ T6765] netlink: 12 bytes leftover after parsing attributes in process `syz.4.391'. [ 148.280000][ T6773] netlink: 8 bytes leftover after parsing attributes in process `syz.4.394'. [ 148.280021][ T6773] netlink: 32 bytes leftover after parsing attributes in process `syz.4.394'. [ 148.684374][ T6785] loop0: detected capacity change from 0 to 256 [ 149.133891][ T6794] loop1: detected capacity change from 0 to 4096 [ 149.711710][ T823] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 149.862772][ T823] usb 4-1: Using ep0 maxpacket: 16 [ 149.864914][ T823] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid maxpacket 1080, setting to 1024 [ 149.905578][ T6812] loop0: detected capacity change from 0 to 512 [ 149.906899][ T823] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 149.906927][ T823] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 149.906944][ T823] usb 4-1: Product: syz [ 149.906956][ T823] usb 4-1: Manufacturer: syz [ 149.906969][ T823] usb 4-1: SerialNumber: syz [ 150.089406][ T6812] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 150.092163][ T871] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 150.211415][ T6805] ntfs3(loop1): ino=9, attr_set_size_ex [ 150.257714][ T871] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023 [ 150.257747][ T871] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A [ 150.257771][ T871] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121 [ 150.301586][ T871] usb 5-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10 [ 150.301615][ T871] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 150.301634][ T871] usb 5-1: Product: syz [ 150.301646][ T871] usb 5-1: Manufacturer: syz [ 150.301659][ T871] usb 5-1: SerialNumber: syz [ 150.367189][ T871] usb 5-1: config 0 descriptor?? [ 150.369934][ T6810] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 150.370040][ T6810] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 150.422174][ T871] usb 5-1: ucan: probing device on interface #0 [ 150.486838][ T5615] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 150.611901][ T823] usb 4-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 150.688715][ T823] usb 4-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 150.691376][ T823] usb 4-1: unit 5 not found! [ 151.052986][ T871] ucan 5-1:0.0: probe with driver ucan failed with error -71 [ 151.129799][ T871] usb 5-1: USB disconnect, device number 5 [ 151.506351][ T6830] loop2: detected capacity change from 0 to 256 [ 151.524856][ T6830] exfat: Deprecated parameter 'namecase' [ 151.720744][ T6830] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011e8b, chksum : 0xf0cee8ef, utbl_chksum : 0xe619d30d) [ 151.774761][ T823] usb 4-1: USB disconnect, device number 6 [ 151.859276][ T6836] loop4: detected capacity change from 0 to 8 [ 152.219115][ T5938] udevd[5938]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 152.670123][ T6848] loop2: detected capacity change from 0 to 2048 [ 152.709933][ T6848] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 152.766919][ T38] audit: type=1800 audit(1779833406.141:13): pid=6836 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.420" name="file1" dev="loop4" ino=5 res=0 errno=0 [ 152.921932][ T6852] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 153.070834][ T5802] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 153.230776][ T5802] usb 2-1: Using ep0 maxpacket: 32 [ 153.238673][ T5802] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 153.238705][ T5802] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 153.238743][ T5802] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 153.238766][ T5802] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 153.312187][ T5802] usb 2-1: config 0 descriptor?? [ 153.342859][ T5802] hub 2-1:0.0: USB hub found [ 153.467677][ T6824] Set syz1 is full, maxelem 6117 reached [ 153.580165][ T5802] hub 2-1:0.0: 1 port detected [ 153.615408][ T6862] netlink: 24 bytes leftover after parsing attributes in process `syz.4.430'. [ 153.643663][ T871] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 153.825925][ T871] usb 4-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 153.825951][ T871] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 153.825969][ T871] usb 4-1: Product: syz [ 153.825982][ T871] usb 4-1: Manufacturer: syz [ 153.825994][ T871] usb 4-1: SerialNumber: syz [ 153.848104][ T871] usb 4-1: config 0 descriptor?? [ 153.904667][ T6864] loop0: detected capacity change from 0 to 24 [ 154.288412][ T871] usb 4-1: Firmware: major: 0, minor: 49, hardware type: UNKNOWN (56) [ 154.332092][ T5802] usb 2-1: USB disconnect, device number 7 [ 154.497716][ T871] usb 4-1: failed to fetch extended address, random address set [ 154.497826][ T871] usb 4-1: atusb_probe: initialization failed, error = -524 [ 154.542880][ T871] atusb 4-1:0.0: probe with driver atusb failed with error -524 [ 154.753385][ T871] usb 4-1: USB disconnect, device number 7 [ 155.213345][ T6879] loop3: detected capacity change from 0 to 512 [ 155.216268][ T6879] EXT4-fs: Ignoring removed orlov option [ 155.218721][ T6879] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 155.294501][ T6877] vlan2: entered promiscuous mode [ 155.294521][ T6877] bridge0: entered promiscuous mode [ 155.481774][ T6879] EXT4-fs error (device loop3): ext4_ext_check_inode:521: inode #16: comm syz.3.438: pblk 0 bad header/extent: invalid magic - magic 0, entries 0, max 28(0), depth 0(0) [ 155.481822][ T6879] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 155.504208][ C1] EXT4-fs (loop3): error count since last fsck: 1 [ 155.504233][ C1] EXT4-fs (loop3): initial error at time 1779833408: ext4_ext_check_inode:521: inode 16 [ 155.504259][ C1] EXT4-fs (loop3): last error at time 1779833408: ext4_ext_check_inode:521: inode 16 [ 155.540825][ T6879] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.438: couldn't read orphan inode 16 (err -117) [ 155.540859][ T6879] loop3: lost filesystem error report for type 5 error -117 [ 155.588596][ T6879] EXT4-fs (loop3): 1 orphan inode deleted [ 155.630092][ T6879] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 155.763485][ T6879] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 156.071447][ T6885] loop0: detected capacity change from 0 to 32768 [ 156.180788][ T6885] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 156.180812][ T6885] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 156.342198][ T6885] gfs2: fsid=syz:syz.0: can't lookup journal index: 0 [ 157.368811][ T5607] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 157.658863][ T6907] loop4: detected capacity change from 0 to 16 [ 158.608232][ T6907] erofs (device loop4): mounted with root inode @ nid 36. [ 159.201300][ T6896] kthread_run failed with err -4 [ 159.232546][ T6914] netlink: 8 bytes leftover after parsing attributes in process `syz.2.448'. [ 159.232568][ T6914] netlink: 4 bytes leftover after parsing attributes in process `syz.2.448'. [ 159.232592][ T6914] netlink: 'syz.2.448': attribute type 12 has an invalid length. [ 159.232607][ T6914] netlink: 'syz.2.448': attribute type 11 has an invalid length. [ 159.918856][ T6922] loop1: detected capacity change from 0 to 4096 [ 159.950053][ T6922] EXT4-fs (loop1): Test dummy encryption mode enabled [ 160.012544][ T6925] use of bytesused == 0 is deprecated and will be removed in the future, [ 160.012554][ T6925] use the actual size instead. [ 160.036275][ T6922] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0103] [ 160.036406][ T6922] System zones: 0-5 [ 160.198056][ T6922] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 160.495843][ T6941] loop3: detected capacity change from 0 to 16 [ 160.565313][ T6922] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni" [ 160.586963][ T6941] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 160.625553][ T5938] udevd[5938]: incorrect cramfs checksum on /dev/loop3 [ 160.663976][ T823] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 160.782160][ T38] audit: type=1326 audit(1779833414.051:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6942 comm="syz.0.459" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f802ed6ce59 code=0x0 [ 160.821560][ T6945] loop2: detected capacity change from 0 to 512 [ 160.856150][ T823] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 160.856183][ T823] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 160.856220][ T823] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 160.856242][ T823] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 160.892587][ T823] usb 5-1: config 0 descriptor?? [ 160.989158][ T6941] cramfs: empty filesystem [ 161.013234][ T6945] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2 [ 161.013447][ T6945] EXT4-fs error (device loop2): ext4_iget_extra_inode:5128: inode #15: comm syz.2.460: corrupted in-inode xattr: e_value size too large [ 161.013475][ T6945] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 161.014060][ T6945] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.460: couldn't read orphan inode 15 (err -117) [ 161.014148][ T6945] loop2: lost filesystem error report for type 5 error -117 [ 161.133655][ T6945] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 161.178403][ T823] usbhid 5-1:0.0: can't add hid device: -71 [ 161.178524][ T823] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 161.235335][ T823] usb 5-1: USB disconnect, device number 6 [ 161.294289][ T5613] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 161.599054][ T6954] netlink: 8 bytes leftover after parsing attributes in process `syz.0.465'. [ 161.622877][ T5605] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 161.785858][ T823] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 161.925280][ T6966] loop0: detected capacity change from 0 to 128 [ 161.930772][ T823] usb 5-1: Using ep0 maxpacket: 32 [ 161.954004][ T6966] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 161.954346][ T823] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 161.954373][ T823] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 161.954407][ T823] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40 [ 161.954429][ T823] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 161.957962][ T6966] ext4 filesystem being mounted at /98/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 161.986002][ T823] usb 5-1: config 0 descriptor?? [ 162.020550][ T823] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 162.127386][ T823] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 162.197812][ T6938] ldusb 5-1:0.0: Couldn't submit interrupt_in_urb -90 [ 162.268572][ T823] usb 5-1: USB disconnect, device number 7 [ 162.276698][ T6970] program syz.2.471 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 162.309100][ T6971] netlink: 8 bytes leftover after parsing attributes in process `syz.1.466'. [ 162.314048][ T823] ldusb 5-1:0.0: LD USB Device #0 now disconnected [ 162.475426][ T5615] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 162.984940][ T823] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 163.132626][ T823] usb 4-1: Using ep0 maxpacket: 32 [ 163.134428][ T823] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 163.134452][ T823] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 163.163281][ T823] usb 4-1: config 0 descriptor?? [ 163.390626][ T823] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 163.444295][ T5878] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 163.663773][ T5878] usb 1-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config [ 163.663835][ T5878] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 163.708671][ T5878] usb 1-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00 [ 163.708701][ T5878] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 163.708719][ T5878] usb 1-1: Product: syz [ 163.708733][ T5878] usb 1-1: Manufacturer: syz [ 163.708745][ T5878] usb 1-1: SerialNumber: syz [ 163.818944][ T823] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 163.829583][ T823] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 163.829684][ T823] usb 4-1: media controller created [ 163.882703][ T5878] rtl8150 1-1:1.0: couldn't find required endpoints [ 163.899642][ T5878] rtl8150 1-1:1.0: probe with driver rtl8150 failed with error -5 [ 163.940908][ T7004] loop2: detected capacity change from 0 to 256 [ 164.159107][ T823] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 164.479607][ T823] az6027: usb out operation failed. (-71) [ 164.484481][ T823] az6027: usb out operation failed. (-71) [ 164.484497][ T823] stb0899_attach: Driver disabled by Kconfig [ 164.484506][ T823] az6027: no front-end attached [ 164.484506][ T823] [ 164.571939][ T823] az6027: usb out operation failed. (-71) [ 164.571958][ T823] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 164.633774][ T5878] usb 1-1: USB disconnect, device number 6 [ 164.677411][ T823] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input9 [ 164.806559][ T823] dvb-usb: schedule remote query interval to 400 msecs. [ 164.806581][ T823] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 164.874907][ T823] usb 4-1: USB disconnect, device number 8 [ 165.845930][ T7016] loop2: detected capacity change from 0 to 131072 [ 165.979709][ T7022] loop3: detected capacity change from 0 to 32768 [ 166.057735][ T7016] F2FS-fs (loop2): Test dummy encryption mode enabled [ 166.063325][ T7022] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 166.063341][ T7022] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 166.086783][ T7016] F2FS-fs (loop2): invalid crc value [ 166.154511][ T7022] gfs2: fsid=syz:syz.0: can't lookup journal index: 0 [ 166.402480][ T7016] F2FS-fs (loop2): access invalid blkaddr:0 [ 166.402534][ T7016] CPU: 1 UID: 0 PID: 7016 Comm: syz.2.485 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 166.402558][ T7016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 166.402576][ T7016] Call Trace: [ 166.402587][ T7016] [ 166.402595][ T7016] dump_stack_lvl+0xe8/0x150 [ 166.402626][ T7016] __f2fs_is_valid_blkaddr+0xeb2/0x1570 [ 166.402650][ T7016] ? __pfx_f2fs_need_inode_block_update+0x10/0x10 [ 166.402682][ T7016] sanity_check_extent_cache+0x1a3/0x620 [ 166.402708][ T7016] ? f2fs_sanity_check_inline_data+0x75/0x780 [ 166.402737][ T7016] ? set_nlink+0x5f/0x170 [ 166.402759][ T7016] f2fs_iget+0x3e7d/0x5d00 [ 166.402817][ T7016] f2fs_fill_super+0x4ff5/0x78c0 [ 166.402890][ T7016] get_tree_bdev_flags+0x431/0x4f0 [ 166.402917][ T7016] ? __pfx_f2fs_fill_super+0x10/0x10 [ 166.402940][ T7016] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 166.402975][ T7016] vfs_get_tree+0x92/0x2a0 [ 166.403001][ T7016] do_new_mount+0x341/0xd30 [ 166.403018][ T7016] ? apparmor_capable+0x126/0x170 [ 166.403050][ T7016] ? __pfx_do_new_mount+0x10/0x10 [ 166.403070][ T7016] ? ns_capable+0x89/0xe0 [ 166.403093][ T7016] ? user_path_at+0xd4/0x160 [ 166.403118][ T7016] ? user_path_at+0xd4/0x160 [ 166.403143][ T7016] __se_sys_mount+0x31d/0x420 [ 166.403169][ T7016] ? __pfx___se_sys_mount+0x10/0x10 [ 166.403194][ T7016] ? __x64_sys_mount+0x20/0xc0 [ 166.403217][ T7016] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.403237][ T7016] do_syscall_64+0x174/0x580 [ 166.403255][ T7016] ? trace_irq_disable+0x3b/0x140 [ 166.403277][ T7016] ? clear_bhb_loop+0x40/0x90 [ 166.403301][ T7016] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.403320][ T7016] RIP: 0033:0x7f77f9b2e0ca [ 166.403346][ T7016] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 166.403364][ T7016] RSP: 002b:00007f77f7d7de58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 166.403384][ T7016] RAX: ffffffffffffffda RBX: 00007f77f7d7dee0 RCX: 00007f77f9b2e0ca [ 166.403397][ T7016] RDX: 0000200000000100 RSI: 0000200000010600 RDI: 00007f77f7d7dea0 [ 166.403410][ T7016] RBP: 0000200000000100 R08: 00007f77f7d7dee0 R09: 0000000000000082 [ 166.403422][ T7016] R10: 0000000000000082 R11: 0000000000000246 R12: 0000200000010600 [ 166.403434][ T7016] R13: 00007f77f7d7dea0 R14: 00000000000105a8 R15: 0000200000000440 [ 166.403463][ T7016] [ 166.403993][ T7016] loop2: lost filesystem error report for type 5 error -117 [ 166.404008][ T7016] F2FS-fs (loop2): sanity_check_extent_cache: inode (ino=3) extent info [0, 0, 50331648] is incorrect, run fsck to fix [ 166.404039][ T7016] loop2: lost filesystem error report for type 5 error -117 [ 166.404051][ T7016] loop2: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 166.404668][ T7016] F2FS-fs (loop2): Failed to read root inode [ 167.025140][ T7040] netlink: 56 bytes leftover after parsing attributes in process `syz.1.497'. [ 167.222058][ T7040] bond1: Unable to set peer notification delay as MII monitoring is disabled [ 167.399302][ T7040] bond1 (unregistering): Released all slaves [ 167.507966][ T7048] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 167.507999][ T7048] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 168.110021][ T823] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 168.321708][ T7061] loop2: detected capacity change from 0 to 1024 [ 168.794973][ T7063] loop1: detected capacity change from 0 to 32768 [ 168.848166][ T7063] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 168.848185][ T7063] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 168.936449][ T7063] gfs2: fsid=syz:syz.0: can't lookup journal index: 0 [ 170.014623][ T7086] loop4: detected capacity change from 0 to 128 [ 170.379593][ T7078] loop3: detected capacity change from 0 to 131072 [ 170.388079][ T7078] F2FS-fs (loop3): Test dummy encryption mode enabled [ 170.389255][ T7078] F2FS-fs (loop3): invalid crc value [ 170.498637][ T7078] F2FS-fs (loop3): access invalid blkaddr:0 [ 170.498667][ T7078] CPU: 1 UID: 0 PID: 7078 Comm: syz.3.514 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 170.498691][ T7078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 170.498702][ T7078] Call Trace: [ 170.498710][ T7078] [ 170.498719][ T7078] dump_stack_lvl+0xe8/0x150 [ 170.498752][ T7078] __f2fs_is_valid_blkaddr+0xeb2/0x1570 [ 170.498776][ T7078] ? __pfx_f2fs_need_inode_block_update+0x10/0x10 [ 170.498809][ T7078] sanity_check_extent_cache+0x1a3/0x620 [ 170.498834][ T7078] ? f2fs_sanity_check_inline_data+0x75/0x780 [ 170.498864][ T7078] ? set_nlink+0x5f/0x170 [ 170.498886][ T7078] f2fs_iget+0x3e7d/0x5d00 [ 170.498944][ T7078] f2fs_fill_super+0x4ff5/0x78c0 [ 170.499014][ T7078] get_tree_bdev_flags+0x431/0x4f0 [ 170.499043][ T7078] ? __pfx_f2fs_fill_super+0x10/0x10 [ 170.499065][ T7078] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 170.499100][ T7078] vfs_get_tree+0x92/0x2a0 [ 170.499129][ T7078] do_new_mount+0x341/0xd30 [ 170.499147][ T7078] ? apparmor_capable+0x126/0x170 [ 170.499181][ T7078] ? __pfx_do_new_mount+0x10/0x10 [ 170.499202][ T7078] ? ns_capable+0x89/0xe0 [ 170.499225][ T7078] ? user_path_at+0xd4/0x160 [ 170.499253][ T7078] ? user_path_at+0xd4/0x160 [ 170.499278][ T7078] __se_sys_mount+0x31d/0x420 [ 170.499306][ T7078] ? __pfx___se_sys_mount+0x10/0x10 [ 170.499334][ T7078] ? __x64_sys_mount+0x20/0xc0 [ 170.499363][ T7078] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 170.499385][ T7078] do_syscall_64+0x174/0x580 [ 170.499406][ T7078] ? trace_irq_disable+0x3b/0x140 [ 170.499432][ T7078] ? clear_bhb_loop+0x40/0x90 [ 170.499456][ T7078] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 170.499476][ T7078] RIP: 0033:0x7f876e2de0ca [ 170.499495][ T7078] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 170.499512][ T7078] RSP: 002b:00007f876c535e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 170.499533][ T7078] RAX: ffffffffffffffda RBX: 00007f876c535ee0 RCX: 00007f876e2de0ca [ 170.499548][ T7078] RDX: 0000200000000100 RSI: 0000200000010600 RDI: 00007f876c535ea0 [ 170.499562][ T7078] RBP: 0000200000000100 R08: 00007f876c535ee0 R09: 0000000000000082 [ 170.499576][ T7078] R10: 0000000000000082 R11: 0000000000000246 R12: 0000200000010600 [ 170.499589][ T7078] R13: 00007f876c535ea0 R14: 00000000000105a8 R15: 0000200000000440 [ 170.499620][ T7078] [ 170.503024][ T7078] loop3: lost filesystem error report for type 5 error -117 [ 170.503043][ T7078] F2FS-fs (loop3): sanity_check_extent_cache: inode (ino=3) extent info [0, 0, 50331648] is incorrect, run fsck to fix [ 170.503077][ T7078] loop3: lost filesystem error report for type 5 error -117 [ 170.503089][ T7078] loop3: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 170.503216][ T7078] F2FS-fs (loop3): Failed to read root inode [ 170.782346][ T7092] warning: `syz.0.521' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 171.984605][ T7099] Zero length message leads to an empty skb [ 172.294918][ T7118] loop2: detected capacity change from 0 to 512 [ 172.357691][ T7115] loop0: detected capacity change from 0 to 1024 [ 172.372584][ T7118] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 172.373035][ T7118] EXT4-fs (loop2): orphan cleanup on readonly fs [ 172.588102][ T7118] Quota error (device loop2): find_block_dqentry: Quota for id 0 referenced but not present [ 172.588293][ T7118] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0 [ 172.588313][ T7118] EXT4-fs error (device loop2): ext4_acquire_dquot:7034: comm syz.2.531: Failed to acquire dquot type 1 [ 172.588334][ T7118] loop2: lost filesystem error report for type 5 error -5 [ 172.591692][ C1] EXT4-fs (loop2): error count since last fsck: 1 [ 172.591713][ C1] EXT4-fs (loop2): initial error at time 1779833425: ext4_acquire_dquot:7034 [ 172.591730][ C1] EXT4-fs (loop2): last error at time 1779833425: ext4_acquire_dquot:7034 [ 172.624066][ T7118] EXT4-fs (loop2): Remounting filesystem read-only [ 172.744200][ T7118] EXT4-fs (loop2): 1 truncate cleaned up [ 172.771237][ T7118] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 173.154622][ T5613] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 173.368040][ T60] Bluetooth: hci1: adv larger than maximum supported [ 173.368071][ T60] Bluetooth: hci1: Malformed LE Event: 0x0d [ 173.380642][ T5831] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 173.532616][ T5831] usb 2-1: Using ep0 maxpacket: 16 [ 173.535488][ T5831] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 173.535516][ T5831] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 173.535551][ T5831] usb 2-1: New USB device found, idVendor=1b96, idProduct=0008, bcdDevice= 0.00 [ 173.535572][ T5831] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 173.592240][ T5831] usb 2-1: config 0 descriptor?? [ 173.707687][ T7138] netlink: 'syz.2.540': attribute type 14 has an invalid length. [ 173.821221][ T7129] loop4: detected capacity change from 0 to 32768 [ 174.313959][ T5831] ntrig 0003:1B96:0008.0006: item fetching failed at offset 5/7 [ 174.316239][ T5831] ntrig 0003:1B96:0008.0006: parse failed [ 174.316346][ T5831] ntrig 0003:1B96:0008.0006: probe with driver ntrig failed with error -22 [ 174.389338][ T5831] usb 2-1: USB disconnect, device number 8 [ 174.456209][ T7129] XFS (loop4): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 174.757031][ T7129] XFS (loop4): Ending clean mount [ 174.906275][ T5621] XFS (loop4): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 175.142504][ T7169] loop2: detected capacity change from 0 to 128 [ 175.467295][ T7175] loop1: detected capacity change from 0 to 512 [ 175.571135][ T7175] FAT-fs (loop1): Directory bread(block 199916) failed [ 175.571168][ T7175] FAT-fs (loop1): Directory bread(block 199917) failed [ 175.571192][ T7175] FAT-fs (loop1): Directory bread(block 199918) failed [ 175.571213][ T7175] FAT-fs (loop1): Directory bread(block 199919) failed [ 175.571233][ T7175] FAT-fs (loop1): Directory bread(block 199920) failed [ 175.571254][ T7175] FAT-fs (loop1): Directory bread(block 199921) failed [ 175.571285][ T7175] FAT-fs (loop1): Directory bread(block 199922) failed [ 175.571304][ T7175] FAT-fs (loop1): Directory bread(block 199923) failed [ 175.726400][ T7169] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 175.726679][ T7169] hpfs: filesystem error: improperly stopped [ 175.726695][ T7169] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 175.726708][ T7169] hpfs: You really don't want any checks? You are crazy... [ 175.727396][ T7169] hpfs: hpfs_map_sector(): read error [ 175.727408][ T7169] hpfs: code page support is disabled [ 175.819753][ T7169] hpfs: hpfs_map_4sectors(): unaligned read [ 175.820207][ T7169] hpfs: hpfs_map_4sectors(): unaligned read [ 175.820221][ T7169] hpfs: filesystem error: unable to find root dir [ 175.862889][ T7169] hpfs: hpfs_map_4sectors(): unaligned read [ 175.937311][ T7169] hpfs: hpfs_map_sector(): read error [ 175.937340][ T7169] hpfs: hpfs_map_sector(): read error [ 176.250187][ T7175] FAT-fs (loop1): FAT read failed (blocknr 128) [ 176.280229][ T7182] gfs2: path_lookup on usrquota returned error -2 [ 176.509450][ T7190] loop0: detected capacity change from 0 to 256 [ 176.652757][ T7190] FAT-fs (loop0): Directory bread(block 64) failed [ 176.652813][ T7190] FAT-fs (loop0): Directory bread(block 65) failed [ 176.652907][ T7190] FAT-fs (loop0): Directory bread(block 66) failed [ 176.652927][ T7190] FAT-fs (loop0): Directory bread(block 67) failed [ 176.653089][ T7190] FAT-fs (loop0): Directory bread(block 68) failed [ 176.653110][ T7190] FAT-fs (loop0): Directory bread(block 69) failed [ 176.653200][ T7190] FAT-fs (loop0): Directory bread(block 70) failed [ 176.653220][ T7190] FAT-fs (loop0): Directory bread(block 71) failed [ 176.653311][ T7190] FAT-fs (loop0): Directory bread(block 72) failed [ 176.653348][ T7190] FAT-fs (loop0): Directory bread(block 73) failed [ 176.926824][ T7195] netlink: 104 bytes leftover after parsing attributes in process `syz.1.562'. [ 177.321136][ T7206] loop2: detected capacity change from 0 to 128 [ 178.661590][ T7237] loop4: detected capacity change from 0 to 8 [ 178.937098][ T7246] netlink: 64 bytes leftover after parsing attributes in process `syz.1.580'. [ 179.226582][ T7254] netlink: 'syz.3.585': attribute type 1 has an invalid length. [ 179.549123][ T7254] 8021q: adding VLAN 0 to HW filter on device bond1 [ 180.342183][ T7282] loop4: detected capacity change from 0 to 256 [ 180.489759][ T7282] FAT-fs (loop4): Directory bread(block 64) failed [ 180.489789][ T7282] FAT-fs (loop4): Directory bread(block 65) failed [ 180.489878][ T7282] FAT-fs (loop4): Directory bread(block 66) failed [ 180.489896][ T7282] FAT-fs (loop4): Directory bread(block 67) failed [ 180.489988][ T7282] FAT-fs (loop4): Directory bread(block 68) failed [ 180.490007][ T7282] FAT-fs (loop4): Directory bread(block 69) failed [ 180.490108][ T7282] FAT-fs (loop4): Directory bread(block 70) failed [ 180.490127][ T7282] FAT-fs (loop4): Directory bread(block 71) failed [ 180.490225][ T7282] FAT-fs (loop4): Directory bread(block 72) failed [ 180.490246][ T7282] FAT-fs (loop4): Directory bread(block 73) failed [ 180.962704][ T7302] netlink: 4 bytes leftover after parsing attributes in process `syz.3.605'. [ 181.061835][ T7304] loop4: detected capacity change from 0 to 1024 [ 181.064918][ T7304] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869) [ 181.065027][ T7304] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 181.068188][ T7304] EXT4-fs (loop4): invalid journal inode [ 181.068291][ T7304] EXT4-fs (loop4): can't get journal size [ 181.131997][ T5878] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 181.132118][ T7304] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 181.304062][ T5878] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023 [ 181.304094][ T5878] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A [ 181.304119][ T5878] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121 [ 181.310059][ T5878] usb 2-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10 [ 181.310087][ T5878] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 181.310107][ T5878] usb 2-1: Product: syz [ 181.310122][ T5878] usb 2-1: Manufacturer: syz [ 181.310135][ T5878] usb 2-1: SerialNumber: syz [ 181.323794][ T7309] loop0: detected capacity change from 0 to 164 [ 181.355222][ T5878] usb 2-1: config 0 descriptor?? [ 181.360365][ T7296] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 181.360676][ T7296] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 181.378326][ T5878] usb 2-1: ucan: probing device on interface #0 [ 181.591900][ T5621] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 181.813056][ T5878] usb 2-1: ucan: device reported invalid tx-fifo size [ 181.813079][ T5878] usb 2-1: ucan: probe failed; try to update the device firmware [ 182.600250][ T7300] loop2: detected capacity change from 0 to 32768 [ 182.628033][ T7300] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 182.917191][ T7300] XFS (loop2): Ending clean mount [ 183.033701][ T5613] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 183.943228][ T5878] usb 2-1: USB disconnect, device number 9 [ 184.585446][ T7356] loop2: detected capacity change from 0 to 32768 [ 184.618408][ T7356] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 184.618420][ T7356] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 184.841474][ T7356] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms [ 184.865092][ T5736] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 184.865109][ T5736] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 185.170673][ T5736] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 305ms [ 185.309791][ T5736] gfs2: fsid=syz:syz.0: jid=0: Done [ 185.317859][ T7380] raw_sendmsg: syz.4.633 forgot to set AF_INET. Fix it! [ 185.401620][ T7356] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 185.628348][ T7356] gfs2: fsid=syz:syz.0: found 1 quota changes [ 185.683654][ T7356] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error - inode = 11 2339, function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 402 [ 185.683698][ T7356] gfs2: fsid=syz:syz.0: G: s:EX n:2/923 f:laqonN t:EX d:EX/0 a:0 v:0 r:3 m:20 p:1 [ 185.683728][ T7356] gfs2: fsid=syz:syz.0: H: s:EX f:H e:0 p:7356 [syz.2.614] gfs2_quota_sync+0x370/0x470 [ 185.683767][ T7356] gfs2: fsid=syz:syz.0: I: n:11/2339 t:0 f:0x00 d:0x00000000 s:0 p:0 [ 185.683796][ T7356] CPU: 0 UID: 0 PID: 7356 Comm: syz.2.614 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 185.683818][ T7356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 185.683830][ T7356] Call Trace: [ 185.683838][ T7356] [ 185.683846][ T7356] dump_stack_lvl+0xe8/0x150 [ 185.683876][ T7356] gfs2_withdraw+0xc3/0x1b0 [ 185.683906][ T7356] inode_go_instantiate+0xe69/0x12a0 [ 185.683940][ T7356] ? __pfx_bit_wait+0x10/0x10 [ 185.683961][ T7356] ? __pfx_inode_go_instantiate+0x10/0x10 [ 185.683984][ T7356] ? rt_spin_unlock+0x160/0x200 [ 185.684013][ T7356] ? __pfx_wake_bit_function+0x10/0x10 [ 185.684043][ T7356] gfs2_instantiate+0x168/0x220 [ 185.684073][ T7356] gfs2_glock_wait+0x1d7/0x2a0 [ 185.684104][ T7356] do_sync+0x49a/0xcb0 [ 185.684125][ T7356] ? gfs2_quota_sync+0x370/0x470 [ 185.684148][ T7356] ? __pfx_do_sync+0x10/0x10 [ 185.684167][ T7356] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 185.684204][ T7356] ? gfs2_quota_sync+0x370/0x470 [ 185.684230][ T7356] ? rt_spin_unlock+0x160/0x200 [ 185.684258][ T7356] gfs2_quota_sync+0x370/0x470 [ 185.684291][ T7356] gfs2_sync_fs+0x4c/0xb0 [ 185.684312][ T7356] sync_filesystem+0xed/0x250 [ 185.684342][ T7356] gfs2_reconfigure+0xbb/0xb20 [ 185.684383][ T7356] reconfigure_super+0x227/0x8a0 [ 185.684417][ T7356] path_mount+0xdc5/0x10e0 [ 185.684445][ T7356] ? user_path_at+0xd4/0x160 [ 185.684473][ T7356] __se_sys_mount+0x31d/0x420 [ 185.684502][ T7356] ? __pfx___se_sys_mount+0x10/0x10 [ 185.684531][ T7356] ? __x64_sys_mount+0x20/0xc0 [ 185.684552][ T7356] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 185.684581][ T7356] do_syscall_64+0x174/0x580 [ 185.684602][ T7356] ? trace_irq_disable+0x3b/0x140 [ 185.684626][ T7356] ? clear_bhb_loop+0x40/0x90 [ 185.684652][ T7356] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 185.684672][ T7356] RIP: 0033:0x7f77f9b2ce59 [ 185.684691][ T7356] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 185.684708][ T7356] RSP: 002b:00007f77f7d7e028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 185.684729][ T7356] RAX: ffffffffffffffda RBX: 00007f77f9da5fa0 RCX: 00007f77f9b2ce59 [ 185.684743][ T7356] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000000 [ 185.684756][ T7356] RBP: 00007f77f9bc2d6f R08: 0000000000000000 R09: 0000000000000000 [ 185.684768][ T7356] R10: 0000000002390024 R11: 0000000000000246 R12: 0000000000000000 [ 185.684781][ T7356] R13: 00007f77f9da6038 R14: 00007f77f9da5fa0 R15: 00007fffe7eba708 [ 185.684813][ T7356] [ 185.684820][ T7356] gfs2: fsid=syz:syz.0: about to withdraw this file system [ 186.062298][ T7386] loop0: detected capacity change from 0 to 128 [ 186.079330][ T9] gfs2: fsid=syz:syz.0: file system withdrawn [ 187.405412][ T7414] loop1: detected capacity change from 0 to 512 [ 187.420942][ T7412] loop0: detected capacity change from 0 to 512 [ 187.518022][ T7414] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 187.611145][ T5878] usb 4-1: new full-speed USB device number 9 using dummy_hcd [ 187.673617][ T7412] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 187.673639][ T7412] UDF-fs: Scanning with blocksize 512 failed [ 187.691808][ T7414] EXT4-fs (loop1): 1 truncate cleaned up [ 187.783937][ T7414] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 187.828437][ T5878] usb 4-1: config 0 has an invalid interface number: 11 but max is 0 [ 187.828465][ T5878] usb 4-1: config 0 has no interface number 0 [ 187.828506][ T5878] usb 4-1: config 0 interface 11 altsetting 253 endpoint 0x7 has invalid maxpacket 1023, setting to 64 [ 187.828531][ T5878] usb 4-1: config 0 interface 11 altsetting 253 endpoint 0x87 has an invalid bInterval 217, changing to 4 [ 187.828554][ T5878] usb 4-1: config 0 interface 11 altsetting 253 endpoint 0x87 has invalid maxpacket 56037, setting to 1023 [ 187.828577][ T5878] usb 4-1: config 0 interface 11 has no altsetting 0 [ 187.828606][ T5878] usb 4-1: New USB device found, idVendor=06cd, idProduct=010f, bcdDevice=d5.1b [ 187.828628][ T5878] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 187.862683][ T7412] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 187.862705][ T7412] UDF-fs: Scanning with blocksize 1024 failed [ 187.865945][ T7412] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 187.865964][ T7412] UDF-fs: Scanning with blocksize 2048 failed [ 187.867144][ T7412] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 187.872823][ T7412] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 187.889937][ T7402] loop4: detected capacity change from 0 to 32768 [ 187.973683][ T5878] usb 4-1: config 0 descriptor?? [ 188.020423][ T7405] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 188.039433][ T5878] keyspan 4-1:0.11: Keyspan 2 port adapter converter detected [ 188.039825][ T5878] keyspan 4-1:0.11: unsupported endpoint type 1 [ 188.060296][ T5878] keyspan 4-1:0.11: found no endpoint descriptor for endpoint 81 [ 188.060375][ T5878] keyspan 4-1:0.11: found no endpoint descriptor for endpoint 82 [ 188.076197][ T5878] keyspan 4-1:0.11: found no endpoint descriptor for endpoint 1 [ 188.076286][ T5878] keyspan 4-1:0.11: found no endpoint descriptor for endpoint 2 [ 188.076357][ T5878] keyspan 4-1:0.11: found no endpoint descriptor for endpoint 85 [ 188.076427][ T5878] keyspan 4-1:0.11: found no endpoint descriptor for endpoint 5 [ 188.080102][ T5878] usb 4-1: Keyspan 2 port adapter converter now attached to ttyUSB0 [ 188.137587][ T5878] keyspan 4-1:0.11: found no endpoint descriptor for endpoint 83 [ 188.137665][ T5878] keyspan 4-1:0.11: found no endpoint descriptor for endpoint 84 [ 188.137730][ T5878] keyspan 4-1:0.11: found no endpoint descriptor for endpoint 3 [ 188.137789][ T5878] keyspan 4-1:0.11: found no endpoint descriptor for endpoint 4 [ 188.137850][ T5878] keyspan 4-1:0.11: found no endpoint descriptor for endpoint 86 [ 188.137914][ T5878] keyspan 4-1:0.11: found no endpoint descriptor for endpoint 6 [ 188.139802][ T5878] usb 4-1: Keyspan 2 port adapter converter now attached to ttyUSB1 [ 188.245679][ T7420] loop2: detected capacity change from 0 to 64 [ 188.276112][ T5605] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 188.334632][ T5878] usb 4-1: USB disconnect, device number 9 [ 188.388708][ T5878] keyspan_2 ttyUSB0: Keyspan 2 port adapter converter now disconnected from ttyUSB0 [ 188.411183][ T5878] keyspan_2 ttyUSB1: Keyspan 2 port adapter converter now disconnected from ttyUSB1 [ 188.412075][ T5878] keyspan 4-1:0.11: device disconnected [ 189.078395][ T7431] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 189.078395][ T7431] The task syz.0.652 (7431) triggered the difference, watch for misbehavior. [ 189.610598][ T5831] usb 2-1: new full-speed USB device number 10 using dummy_hcd [ 189.779632][ T5831] usb 2-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 189.779667][ T5831] usb 2-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0 [ 189.779688][ T5831] usb 2-1: config 0 interface 0 has no altsetting 0 [ 189.779720][ T5831] usb 2-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00 [ 189.779740][ T5831] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 189.808283][ T5831] usb 2-1: config 0 descriptor?? [ 190.319374][ T5831] hid-steam 0003:28DE:1102.0007: item fetching failed at offset 3/5 [ 190.320141][ T5831] hid-steam 0003:28DE:1102.0007: steam_probe:parse of hid interface failed [ 190.320224][ T5831] hid-steam 0003:28DE:1102.0007: probe with driver hid-steam failed with error -22 [ 190.456298][ T5878] usb 2-1: USB disconnect, device number 10 [ 190.807994][ T7472] loop4: detected capacity change from 0 to 512 [ 190.809101][ T7472] EXT4-fs: Ignoring removed orlov option [ 190.875735][ T7468] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 190.885491][ T7472] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 190.942413][ T7472] EXT4-fs error (device loop4): ext4_iget_extra_inode:5128: inode #15: comm syz.4.672: corrupted in-inode xattr: e_value size too large [ 190.942448][ T7472] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 190.943286][ T7472] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.672: couldn't read orphan inode 15 (err -117) [ 190.943314][ T7472] loop4: lost filesystem error report for type 5 error -117 [ 190.958154][ T7472] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 191.121797][ T38] audit: type=1326 audit(1779833444.481:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7484 comm="syz.2.678" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77f9b2ce59 code=0x7ffc0000 [ 191.121916][ T38] audit: type=1326 audit(1779833444.491:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7484 comm="syz.2.678" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77f9b2ce59 code=0x7ffc0000 [ 191.186045][ T38] audit: type=1326 audit(1779833444.491:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7484 comm="syz.2.678" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f77f9b2ce59 code=0x7ffc0000 [ 191.188288][ T38] audit: type=1326 audit(1779833444.551:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7484 comm="syz.2.678" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77f9b2ce59 code=0x7ffc0000 [ 191.188332][ T38] audit: type=1326 audit(1779833444.551:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7484 comm="syz.2.678" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77f9b2ce59 code=0x7ffc0000 [ 191.188369][ T38] audit: type=1326 audit(1779833444.551:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7484 comm="syz.2.678" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7f77f9b2ce59 code=0x7ffc0000 [ 191.188397][ T38] audit: type=1326 audit(1779833444.551:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7484 comm="syz.2.678" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77f9b2ce59 code=0x7ffc0000 [ 191.188418][ T38] audit: type=1326 audit(1779833444.551:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7484 comm="syz.2.678" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77f9b2ce59 code=0x7ffc0000 [ 191.188611][ T38] audit: type=1326 audit(1779833444.551:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7484 comm="syz.2.678" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7f77f9b2ce59 code=0x7ffc0000 [ 191.188740][ T38] audit: type=1326 audit(1779833444.551:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7484 comm="syz.2.678" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77f9b2ce59 code=0x7ffc0000 [ 191.302556][ T5621] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 191.425339][ T7488] loop1: detected capacity change from 0 to 128 [ 192.155230][ T7510] loop4: detected capacity change from 0 to 2048 [ 194.368135][ T1336] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.368230][ T1336] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.784716][ T7569] program syz.2.714 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 195.444140][ T13] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 195.449902][ T13] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 195.449953][ T13] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 195.449982][ T13] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 195.620641][ T5802] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 195.678835][ T7565] loop1: detected capacity change from 0 to 32768 [ 195.787037][ T5802] usb 3-1: Using ep0 maxpacket: 16 [ 195.801905][ T5802] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 195.801931][ T5802] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 195.832689][ T5802] usb 3-1: New USB device found, idVendor=0b95, idProduct=772a, bcdDevice=82.73 [ 195.832718][ T5802] usb 3-1: New USB device strings: Mfr=237, Product=1, SerialNumber=3 [ 195.832738][ T5802] usb 3-1: Product: syz [ 195.832751][ T5802] usb 3-1: Manufacturer: syz [ 195.832763][ T5802] usb 3-1: SerialNumber: syz [ 195.876935][ T5802] usb 3-1: config 0 descriptor?? [ 195.963077][ T7600] netlink: 76 bytes leftover after parsing attributes in process `syz.4.730'. [ 195.963101][ T7600] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 196.049007][ T7565] add_index: next_index = 0. Resetting! [ 196.049024][ T7565] find_entry called with index >= next_index [ 196.049031][ T7565] find_entry called with index >= next_index [ 196.049038][ T7565] find_entry called with index >= next_index [ 196.049042][ T7565] find_entry called with index >= next_index [ 196.242352][ T7565] non-latin1 character 0x3ff found in JFS file name [ 196.242369][ T7565] mount with iocharset=utf8 to access [ 196.338320][ T5831] usb 3-1: USB disconnect, device number 7 [ 197.387800][ T7643] program syz.1.734 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 198.586678][ T7677] netlink: 'syz.2.767': attribute type 1 has an invalid length. [ 199.464721][ T7688] pimreg: tun_chr_ioctl cmd 2147767506 [ 199.612012][ T7697] netlink: 24 bytes leftover after parsing attributes in process `syz.1.776'. [ 199.612035][ T7697] netlink: 'syz.1.776': attribute type 6 has an invalid length. [ 200.224713][ T7725] loop1: detected capacity change from 0 to 256 [ 200.252733][ T7725] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x205ab87c, utbl_chksum : 0xe619d30d) [ 200.258252][ T7725] exFAT-fs (loop1): valid_size(562949953421322) is greater than size(10) [ 200.259083][ T38] kauditd_printk_skb: 1 callbacks suppressed [ 200.259096][ T38] audit: type=1800 audit(1779833453.621:26): pid=7725 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.790" name="file1" dev="loop1" ino=1048622 res=0 errno=0 [ 200.290701][ T5878] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 200.465855][ T5878] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 200.465884][ T5878] usb 1-1: config 0 has no interface number 0 [ 200.486914][ T5878] usb 1-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 200.486946][ T5878] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 200.486965][ T5878] usb 1-1: Product: syz [ 200.486979][ T5878] usb 1-1: Manufacturer: syz [ 200.486992][ T5878] usb 1-1: SerialNumber: syz [ 200.528965][ T5878] usb 1-1: config 0 descriptor?? [ 200.632263][ T7729] loop4: detected capacity change from 0 to 4096 [ 200.767855][ T5878] usb 1-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state [ 200.777424][ T7729] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 200.827800][ T5878] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 200.828238][ T5878] dvbdev: DVB: registering new adapter (E3C EC168 reference design) [ 200.828292][ T5878] usb 1-1: media controller created [ 200.889634][ T5878] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 201.105039][ T5621] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 201.271613][ T5878] i2c i2c-1: ec100: i2c rd failed=-71 reg=33 [ 201.348520][ T5878] usb 1-1: USB disconnect, device number 7 [ 202.017359][ T871] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 202.106493][ C1] IPv4: Oversized IP packet from 172.20.20.24 [ 202.202480][ T871] usb 5-1: config 0 has an invalid interface number: 255 but max is 0 [ 202.202508][ T871] usb 5-1: config 0 has no interface number 0 [ 202.202534][ T871] usb 5-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30 [ 202.202568][ T871] usb 5-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 202.202647][ T871] usb 5-1: config 0 interface 255 has no altsetting 0 [ 202.202677][ T871] usb 5-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b [ 202.202699][ T871] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 202.206879][ T871] usb 5-1: config 0 descriptor?? [ 202.429076][ T871] usb 5-1: string descriptor 0 read error: -71 [ 202.476354][ T871] ums-realtek 5-1:0.255: USB Mass Storage device detected [ 202.712227][ T871] usb 5-1: USB disconnect, device number 8 [ 203.284966][ T7804] loop1: detected capacity change from 0 to 16 [ 203.471337][ T7804] erofs (device loop1): mounted with root inode @ nid 36. [ 203.556626][ T7804] erofs (device loop1): bogus dirent @ nid 36 [ 204.115120][ T7828] loop4: detected capacity change from 0 to 164 [ 204.291601][ T7828] rock: corrupted directory entry. extent=41 out of volume (nzones=41) [ 204.311502][ T7828] rock: corrupted directory entry. extent=41 out of volume (nzones=41) [ 204.592104][ C1] ------------[ cut here ]------------ [ 204.592117][ C1] workqueue: cannot queue hci_conn_timeout on wq hci0 [ 204.592143][ C1] WARNING: kernel/workqueue.c:2298 at __queue_work+0xd87/0x1090, CPU#1: ktimers/1/30 [ 204.592168][ C1] Modules linked in: [ 204.592188][ C1] CPU: 1 UID: 0 PID: 30 Comm: ktimers/1 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 204.592207][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 204.592217][ C1] RIP: 0010:__queue_work+0xda4/0x1090 [ 204.592235][ C1] Code: 81 c7 68 01 00 00 4c 8d 35 29 5c 02 0e 48 89 f8 48 c1 e8 03 42 80 3c 20 00 74 05 e8 16 a8 a2 00 49 8b 75 18 4c 89 f7 4c 89 fa <67> 48 0f b9 3a 4c 89 e8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ef [ 204.592250][ C1] RSP: 0018:ffffc90000a4f998 EFLAGS: 00010046 [ 204.592265][ C1] RAX: 1ffff11007a6015b RBX: 0000000000000008 RCX: ffff88801de91f00 [ 204.592278][ C1] RDX: ffff888034b29968 RSI: ffffffff8a21c8f0 RDI: ffffffff8f8fb200 [ 204.592289][ C1] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000100 [ 204.592299][ C1] R10: dffffc0000000000 R11: ffffffff818d5cb0 R12: dffffc0000000000 [ 204.592311][ C1] R13: ffff88803d300ac0 R14: ffffffff8f8fb200 R15: ffff888034b29968 [ 204.592324][ C1] FS: 0000000000000000(0000) GS:ffff888125fd7000(0000) knlGS:0000000000000000 [ 204.592338][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 204.592350][ C1] CR2: 00007f876e26c080 CR3: 000000005e6da000 CR4: 00000000003526f0 [ 204.592367][ C1] Call Trace: [ 204.592374][ C1] [ 204.592387][ C1] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 204.592417][ C1] call_timer_fn+0x192/0x5e0 [ 204.592440][ C1] ? __pfx_delayed_work_timer_fn+0x10/0x10 [ 204.592456][ C1] ? call_timer_fn+0xd4/0x5e0 [ 204.592476][ C1] ? __pfx_call_timer_fn+0x10/0x10 [ 204.592507][ C1] ? do_raw_spin_unlock+0xf5/0x210 [ 204.592526][ C1] ? __pfx_delayed_work_timer_fn+0x10/0x10 [ 204.592547][ C1] __run_timer_base+0x764/0x9f0 [ 204.592584][ C1] ? __pfx___run_timer_base+0x10/0x10 [ 204.592604][ C1] ? rt_spin_lock+0x1e0/0x400 [ 204.592631][ C1] ? __local_bh_disable_ip+0x3c/0x420 [ 204.592659][ C1] run_timer_softirq+0xb7/0x170 [ 204.592680][ C1] handle_softirqs+0x1de/0x6d0 [ 204.592716][ C1] ? smpboot_thread_fn+0x4d/0xa50 [ 204.592733][ C1] run_ktimerd+0x69/0x100 [ 204.592752][ C1] smpboot_thread_fn+0x541/0xa50 [ 204.592773][ C1] ? smpboot_thread_fn+0x4d/0xa50 [ 204.592800][ C1] kthread+0x388/0x470 [ 204.592822][ C1] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 204.592839][ C1] ? __pfx_kthread+0x10/0x10 [ 204.592862][ C1] ret_from_fork+0x514/0xb70 [ 204.592888][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 204.592911][ C1] ? __switch_to+0xc79/0x1410 [ 204.592934][ C1] ? __pfx_kthread+0x10/0x10 [ 204.592955][ C1] ret_from_fork_asm+0x1a/0x30 [ 204.592998][ C1] [ 204.593007][ C1] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 204.593020][ C1] CPU: 1 UID: 0 PID: 30 Comm: ktimers/1 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 204.593041][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 204.593051][ C1] Call Trace: [ 204.593058][ C1] [ 204.593066][ C1] vpanic+0x56c/0xa60 [ 204.593088][ C1] ? __pfx__printk+0x10/0x10 [ 204.593106][ C1] ? __pfx_vpanic+0x10/0x10 [ 204.593128][ C1] ? is_bpf_text_address+0x292/0x2b0 [ 204.593152][ C1] ? is_bpf_text_address+0x26/0x2b0 [ 204.593184][ C1] panic+0xc5/0xd0 [ 204.593207][ C1] ? __pfx_panic+0x10/0x10 [ 204.593240][ C1] ? ret_from_fork_asm+0x1a/0x30 [ 204.593270][ C1] __warn+0x315/0x4c0 [ 204.593293][ C1] ? __queue_work+0xd87/0x1090 [ 204.593313][ C1] ? __queue_work+0xd87/0x1090 [ 204.593332][ C1] __report_bug+0x339/0x540 [ 204.593353][ C1] ? ret_from_fork_asm+0x1a/0x30 [ 204.593377][ C1] ? __queue_work+0xd87/0x1090 [ 204.593396][ C1] ? __pfx___report_bug+0x10/0x10 [ 204.593414][ C1] ? __pfx_hci_conn_timeout+0x10/0x10 [ 204.593448][ C1] ? add_lock_to_list+0xc7/0x100 [ 204.593480][ C1] report_bug_entry+0x19a/0x290 [ 204.593501][ C1] ? __queue_work+0xda4/0x1090 [ 204.593518][ C1] ? __queue_work+0xda9/0x1090 [ 204.593535][ C1] handle_bug+0xce/0x200 [ 204.593557][ C1] exc_invalid_op+0x1a/0x50 [ 204.593579][ C1] asm_exc_invalid_op+0x1a/0x20 [ 204.593598][ C1] RIP: 0010:__queue_work+0xda4/0x1090 [ 204.593617][ C1] Code: 81 c7 68 01 00 00 4c 8d 35 29 5c 02 0e 48 89 f8 48 c1 e8 03 42 80 3c 20 00 74 05 e8 16 a8 a2 00 49 8b 75 18 4c 89 f7 4c 89 fa <67> 48 0f b9 3a 4c 89 e8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ef [ 204.593633][ C1] RSP: 0018:ffffc90000a4f998 EFLAGS: 00010046 [ 204.593650][ C1] RAX: 1ffff11007a6015b RBX: 0000000000000008 RCX: ffff88801de91f00 [ 204.593663][ C1] RDX: ffff888034b29968 RSI: ffffffff8a21c8f0 RDI: ffffffff8f8fb200 [ 204.593676][ C1] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000100 [ 204.593687][ C1] R10: dffffc0000000000 R11: ffffffff818d5cb0 R12: dffffc0000000000 [ 204.593708][ C1] R13: ffff88803d300ac0 R14: ffffffff8f8fb200 R15: ffff888034b29968 [ 204.593725][ C1] ? __pfx_delayed_work_timer_fn+0x10/0x10 [ 204.593742][ C1] ? __pfx_hci_conn_timeout+0x10/0x10 [ 204.593762][ C1] ? __queue_work+0xd53/0x1090 [ 204.593778][ C1] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 204.593798][ C1] call_timer_fn+0x192/0x5e0 [ 204.593817][ C1] ? __pfx_delayed_work_timer_fn+0x10/0x10 [ 204.593829][ C1] ? call_timer_fn+0xd4/0x5e0 [ 204.593847][ C1] ? __pfx_call_timer_fn+0x10/0x10 [ 204.593874][ C1] ? do_raw_spin_unlock+0xf5/0x210 [ 204.593890][ C1] ? __pfx_delayed_work_timer_fn+0x10/0x10 [ 204.593906][ C1] __run_timer_base+0x764/0x9f0 [ 204.593936][ C1] ? __pfx___run_timer_base+0x10/0x10 [ 204.593950][ C1] ? rt_spin_lock+0x1e0/0x400 [ 204.593972][ C1] ? __local_bh_disable_ip+0x3c/0x420 [ 204.593994][ C1] run_timer_softirq+0xb7/0x170 [ 204.594014][ C1] handle_softirqs+0x1de/0x6d0 [ 204.594035][ C1] ? smpboot_thread_fn+0x4d/0xa50 [ 204.594050][ C1] run_ktimerd+0x69/0x100 [ 204.594066][ C1] smpboot_thread_fn+0x541/0xa50 [ 204.594082][ C1] ? smpboot_thread_fn+0x4d/0xa50 [ 204.594107][ C1] kthread+0x388/0x470 [ 204.594128][ C1] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 204.594144][ C1] ? __pfx_kthread+0x10/0x10 [ 204.594162][ C1] ret_from_fork+0x514/0xb70 [ 204.594185][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 204.594205][ C1] ? __switch_to+0xc79/0x1410 [ 204.594227][ C1] ? __pfx_kthread+0x10/0x10 [ 204.594249][ C1] ret_from_fork_asm+0x1a/0x30 [ 204.594287][ C1] [ 204.597502][ C1] Kernel Offset: disabled