last executing test programs: 11.887598704s ago: executing program 3 (id=1406): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_MAX_FRAME_RETRIES(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f0000002dc0)={&(0x7f0000002d80)={0x14}, 0x14}}, 0x24040000) 11.306285327s ago: executing program 3 (id=1409): syz_clone(0x180022000, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000001640), 0x0) 10.699575173s ago: executing program 3 (id=1416): r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) mkdirat(r1, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x0, &(0x7f00000001c0)=0x40002) r2 = getpid() sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) execveat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES64=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x15, 0xc, &(0x7f00000004c0)=ANY=[@ANYRES32=r6, @ANYRESDEC=r5], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x31, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10) r8 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCBRDELBR(r8, 0x89a2, &(0x7f0000000200)='bridge0\x00') r9 = socket$nl_route(0x10, 0x3, 0x0) r10 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000180)={'wg2\x00', 0x0}) sendmsg$nl_route_sched(r9, &(0x7f0000006280)={0x0, 0x0, &(0x7f0000001100)={&(0x7f00000002c0)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x0, 0x20000000}, 0x4, r11}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a3, &(0x7f0000000200)='bridge0\x00') keyctl$KEYCTL_MOVE(0x18, 0x0, 0x0, 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c02, 0x0) 10.411394272s ago: executing program 1 (id=1420): r0 = socket$xdp(0x2c, 0x3, 0x0) getsockopt$sock_buf(r0, 0x1, 0x2b, 0x0, &(0x7f0000001ec0)) 10.159527666s ago: executing program 4 (id=1423): mlockall(0x1) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) r2 = dup3(r1, r0, 0x0) ioctl$F2FS_IOC_DEFRAGMENT(r2, 0x8901, &(0x7f0000000040)) 9.907799669s ago: executing program 1 (id=1424): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @local, 0x2}, 0x1c) close_range(0xffffffffffffffff, r5, 0x0) syz_clone(0x40a68180, 0x0, 0x0, 0x0, 0x0, 0x0) 6.433784897s ago: executing program 0 (id=1451): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) ioctl$TIOCGPGRP(r0, 0x540f, 0x0) timerfd_create(0x0, 0x0) timerfd_create(0x9, 0x0) syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./file0\x00', 0x280008a, &(0x7f0000000040)={[{@numtail}, {@shortname_win95}, {@shortname_win95}, {@fat=@nfs}, {@numtail}, {@rodir}, {@utf8no}, {@fat=@flush}, {@shortname_mixed}, {@shortname_win95}, {@shortname_winnt}, {@shortname_win95}, {@fat=@uid}, {@uni_xlateno}, {@utf8no}, {@uni_xlate}, {@uni_xlateno}, {@shortname_winnt}]}, 0x97, 0x2a9, &(0x7f0000002300)="$eJzs3T9ra2UYAPDnpGkSdEgEJxE8oINTabu6pEgLxUxKBnXQYluQJggtFPyDsZOri6OriyC4+SVc/AaCq+BmwcKRk5xjkt40N+m9ae+f32/p2/c8z3ue9/QtpcN58vGr/ZPDNI4vvvojGo0kKu1ox2USrahE6ZuY0v4uAICn2WWWxd/ZyDJ5SUQ0VlcWALBCS//9/2XlJQEAK/be+x+8s9Pp7L6bpo3Y63973s3/s8+/jq7vHMen0Yuj2IxmXEVk/xuN97IsG1TTXCve6A/Ou3lm/6PfivV3/ooY5m9FM1rDqen8/c7uVjoykT/I63ihuH87z9+OZrw84/77nd3tGfnRrcWbr0/UvxHN+P2T+Cx6cTgsYpQflYivt9L07ez7f778MC8vz08G5936MG4sW7vjHw0AAAAAAAAAAAAAAAAAAAAAAM+wjaJ3Tj2G/XvyqaL/ztpV/s16pKXWdH+eUX5SLnStP9Agix/K/jybaZpmReA4vxqvVKN6P7sGAAAAAAAAAAAAAAAAAACAJ8vZ51+cHPR6R6ePZVB2Ayhf67/tOu2JmddifnB9fK9KMZyzcqyVMUnE3DLyTSxc879F24PbPbqXbqr5p58XXufHh++9GKwvEPOIg/J0nRwks59hPcqZRnlIfp2MqcWC96rddClb6vjVZl5qLr332ovDwWBOTCTzCnvrz9GTK2aS67uoDZ/qzPT1YjCRPh3TWPw8578pD0h06wAAAAAAAAAAAAAAAAAAgJUav/Q74+LF3NRKVl9ZWQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwp8af/7/EYFAkLxBci9Oze94iAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz4H/AgAA///uD2MO") socket$inet6(0xa, 0x0, 0x0) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) recvmmsg(0xffffffffffffffff, &(0x7f0000005280)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) sendmmsg$sock(r1, &(0x7f0000004100)=[{{0x0, 0x0, 0x0}}], 0xffffff80, 0x0) 5.19869178s ago: executing program 0 (id=1456): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = socket(0x10, 0x803, 0x0) r1 = socket(0x10, 0x0, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=@getchain={0x24}, 0x24}}, 0x0) getsockname$packet(r0, &(0x7f0000000740)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000700)=0x14) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}]}, 0x38}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newlink={0x34, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x4}}}]}, 0x34}}, 0x0) 4.698909187s ago: executing program 0 (id=1458): move_pages(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) socket$can_bcm(0x1d, 0x2, 0x2) r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_VFIO_GET_API_VERSION(r0, 0x3b64) 4.445671154s ago: executing program 4 (id=1459): openat$dir(0xffffffffffffff9c, &(0x7f0000002a00)='./file0\x00', 0x40, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) write$FUSE_NOTIFY_INVAL_ENTRY(r0, &(0x7f00000000c0)={0x25, 0x3, 0x0, {0x1, 0x4, 0x0, '\'@,\xf9'}}, 0x25) 4.444818511s ago: executing program 0 (id=1460): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c000100000400090400bf900b64ea00"], 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) write$char_usb(r1, &(0x7f0000000080)="a9", 0x1) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(0xffffffffffffffff, 0x0, 0x0) accept4(r2, 0x0, 0x0, 0x0) sendmsg$nl_route_sched_retired(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000001380)=[{{0x0, 0x0, &(0x7f0000000300)}}], 0x1, 0x0, 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) shutdown(0xffffffffffffffff, 0x0) syz_usb_disconnect(r0) 4.251461155s ago: executing program 4 (id=1461): socket(0x28, 0x5, 0x0) r0 = socket(0x28, 0x5, 0x0) bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10) listen(r0, 0x0) accept4$vsock_stream(r0, &(0x7f0000000100)={0x28, 0x0, 0x0, @hyper}, 0x10, 0x0) connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000080), 0x10) 3.935379389s ago: executing program 5 (id=1463): rseq(&(0x7f0000000200), 0x20, 0x0, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000600)={{{@in=@multicast2}}, {{@in6=@remote}, 0x0, @in6=@private1}}, &(0x7f0000000340)=0xe8) mkdir(&(0x7f0000000140)='./bus\x00', 0x0) open(&(0x7f00000004c0)='./bus\x00', 0x0, 0xe4) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0) ftruncate(r0, 0x8800000) r1 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x2, 0x12, r0, 0x8000000) syz_io_uring_setup(0x3b, &(0x7f0000000080), &(0x7f0000000140), &(0x7f0000000100)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f0000ff6000/0x2000)=nil, 0x2000}) mremap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3000, 0x7, &(0x7f0000ff3000/0x3000)=nil) mremap(&(0x7f0000ff4000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000ffc000/0x4000)=nil) syz_mount_image$squashfs(&(0x7f00000001c0), &(0x7f0000000300)='./file0\x00', 0x800400, &(0x7f0000000340)=ANY=[], 0x0, 0x19d, &(0x7f0000000000)="$eJzskM9rE0EUxz9vdpI0gj9WPVUwAQvrhmqSrXrwFDxFyIJXD0VDGtviRm03B1ta7EUKUu2/oKfqTQQ9iSh4Lh4ED7peepPmUDyIB4nsZir4N3Q+MO877zsz7w1vLl6IC8CfvZUODTIcjvAJQQOlF5mVU2p09kbSqPkho3xzJFwx+YbR50bH46Xl2+0o6i6WL5dx/zOAn5n3z4q1KddAvuytdNpyM2TYoKdmQtwWlccUAf8J4/owJ2/gMPQ2uKpYEK8FR6v93r1qvLR8br7Xnu3Odu8EwdSl2oVa7WJQvTUfdWuvEf+RKJ6yih9SCCn6q+SmebitDzF5zPSXyoD8NJvbztkzkwOUv8sQ4b03oPBNz5XHzD0XmpwQnuGETLQoKjRZoyZyTb2Skv6sf+UUD9Yc53znbjSzfl3J7/xWQ3bHpL5DzqsTVOpMpaPhOB9YT5hIaCZsJex8pyRv0y77c9VraXxpslOchjz32/3+Yj0PH8ULCdLlUiArp7J/ufDOvDHC1/2NxWKxWCwWi8VisVgOAH8DAAD//4VcYHA=") mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB='dyn']) dup(0xffffffffffffffff) chdir(&(0x7f00000000c0)='./file0\x00') syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x4000, &(0x7f0000000380)={[{@test_dummy_encryption}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@stripe={'stripe', 0x3d, 0x7}}, {@commit={'commit', 0x3d, 0x5}}, {@orlov}, {@barrier_val={'barrier', 0x3d, 0x5}}, {@max_batch_time}, {@data_err_abort}]}, 0xd, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0)) r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r3, 0x0, &(0x7f0000000380)) ioctl$sock_inet_SIOCGIFPFLAGS(r4, 0x8935, &(0x7f0000001880)={'veth0_macvtap\x00'}) setsockopt$RDS_GET_MR_FOR_DEST(0xffffffffffffffff, 0x114, 0x7, &(0x7f0000000780)={@nfc_llcp={0x27, 0x0, 0x0, 0x0, 0x7, 0x1, "267385d1314eba9e40e8197112ae46c35a63e924c117f6c12406483d96a1402430a5929eb3c0dfc96646e42d37713e46df5bf8c2a6c138c629645d1a77bbc7", 0x11}, {0x0}, &(0x7f0000000740), 0x34}, 0xa0) chdir(0x0) fcntl$notify(0xffffffffffffffff, 0x402, 0x8000001c) fcntl$setsig(0xffffffffffffffff, 0xa, 0x21) rename(&(0x7f0000000b00)='./bus\x00', 0x0) socket$inet_tcp(0x2, 0x1, 0x0) open(&(0x7f0000000280)='.\x00', 0x0, 0x0) 3.619409754s ago: executing program 2 (id=1464): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)={0x2c8, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME={0x2ac, 0x33, @beacon={{{}, {}, @device_b, @device_b}, 0x0, @random, 0x0, @void, @val, @val={0x3, 0x1}, @void, @void, @val={0x5, 0x3}, @void, @void, @val={0x3c, 0x4}, @void, @void, @void, @val={0x76, 0x6}, [{0xdd, 0xb7, "31851c27f0515dccb7554d54162c7b9db37edff2415d5589b53027d4db2f9527a9858f2910b19c7737136d933c4cb8b186a2cb77d33dc186120309d0107aae1822ca939dc88880a147e71f89f5936e8d68041d7e8bcc0f1b2831ed25db982a9cd8fcd5160c5cdc0cbe25dce28dc9925779fc4799284de17406d9ac3b5e35515e37ca5568297e0d3e19d80a5d5addb3184fec9543e41f70eb1bcd9a87da2f4b39e15dca2e549f43749edc5d2150d9349f08894e39ac26f6"}, {0xdd, 0xba, "1cb11f4c9767b25df19d1cb86cc9f4059996ff0021375555251d74cf6f777d24ac2b13bbd9b9d6f27b608e3a58d27ba7b7e16a8e13f0d8f288fa3e9a5e6c9ba0bd7028c0866f7cec56d3e0ae5cb3c8963c4d6e991fbd1547b046152bed86b40dc529d6663ed96a2f54759ca9fd4841407c6fb63f588fed1344890b04c3914826eaa5b022f53aa9fb6bffaa0370be496fc201cd5b33db589eb87730dee906175a89a626342c521f0b18b5cb5ed9de356bf155e503ca39d841b335"}, {0xdd, 0x25, "523a4aa23e4123ca5c555c2b2bf412911511b4b39a758f6e3a496d64414c19f01ba62cf366"}, {0xdd, 0x12, "0941a0e096d40b7d3b60bec79aa8aaa3f566"}, {0xdd, 0x38, "7b1f666daa2c5732ac642cd918aea5ee68d9287e589b7d5326dd3b2bfb9e3d1679ee7c57f9ddfe7cc6179e25076e5fbf36bd5882a567a92f"}, {0xdd, 0xb, "0da71e815422994325dfec"}, {0xdd, 0x6b, "30d8ac98fdedffdf2ad390d8c532101bdebf905f4f96a12b5400578c02f802cac6cedd077c38a52b4fb790de3ab2c28eed8f45baef37217a654a07159fd6efe9fc5a4effdb0327c0802a3a873e92979e62ab34d31a748ae171a86d656075c5a8c88eaba15c64afa0d2a1d2"}, {0xdd, 0x6, "4f3fef835ea8"}]}}]}, 0x2c8}}, 0x0) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)=0xff, 0x4) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000080)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, 0x80, 0x0}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', 0x0}) syz_mount_image$msdos(&(0x7f0000000200), &(0x7f00000000c0)='./file1\x00', 0x10088, &(0x7f0000000580)=ANY=[@ANYBLOB="73686f77657865632c6e6f646f74732c7379735f696d6d757461626c652c646f74732c6e66732c6e6f646f74732c6e6f646f74732c64656275672c646f74732c756d61736b3d30303030303030303030303030303030303030303230302c00c4cd878e2e225ee8a12ec0f0234a613f191236529e2eb19792d74d539f7b74148c4cd01ca5836451894237f5161f323e3dff6322349bb51c07b887571b07ed2b9f7e59a22824b104346da8", @ANYRESOCT], 0x1, 0x1ff, &(0x7f00000002c0)="$eJzs3MtqU1scBvB12p5ecuhldEAnLnSik02tTxCkBTGg1EbUgbBLUw2JSckOmoiDjh35HMWhM0F8gb6FsyJIRx0ZaZNerTqxjZLfD8L6wkdgLULCfweytx68eVZZzZLVtBmGxmMYCmE97IQws5t6/umtQ3t5NBy1Hq7NPt9+fe/ho9v5QmF+McaF/NKNuRjj1KUPL169vfyx+d/9d1Pvx8LmzOOtL3OfNv/fvLD1delpOYvlLNbqzZjG5Xq9mS5XS3GlnFWSGO9WS2lWiuVaVmoc61er9bW1dkxrK5O5tUYpy2Jaa8dKqR2b9dhstGP6JC3XYpIkcTIX+JXixuJimu/3LjhbjUY+HQ4hTHzXFDf6siEAoK/M/4PM/D8Iduf/XO/ze5z5HwAAAAAAAAAAAAAA/gY7nc50p9OZ3l/3H2MhhPEQwv7zfu+Ts+H9H2xH/rg3HsLn9VaxVeyu3X7hVmF+Nu6ZOXzVdqtVHD7or3f7eLz/N+R6/dyp/Wi4eqXb73Y37xRO9BNh5eyPDwAAAAMhiQdOvb5Pkh/13XTk94ET1+8j4eLIuR0DAAAA+Ims/bKSVqulhiAIwkHo9zcTAADwux0O/f3eCQAAAAAAAAAAAAAAAAAAAAyu87idWL/PCAAAAAAAAAAAAAAAAAAAAAAAAH+KbwEAAP//VuHQrA==") unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file1/file3\x00', 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x3, 0x261, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r5}, 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r6, &(0x7f0000000000), &(0x7f0000000080)=@udp}, 0x20) socket$kcm(0x29, 0x2, 0x0) r7 = syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00') socket$kcm(0x29, 0x2, 0x0) preadv(r7, &(0x7f00000014c0)=[{&(0x7f0000000280)=""/191, 0xbf}], 0x1, 0x4a9a8af7, 0x0) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000d80)={{r6, 0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)='%+9llu \x00'}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000440)={r8, &(0x7f0000000340), &(0x7f0000000400)=@tcp6}, 0x20) setresuid(0x0, 0xee00, 0x0) sendmsg$NL80211_CMD_SET_STATION(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x54, r2, 0x200, 0x70bd29, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x800, 0x2d}}}}, [@NL80211_ATTR_STA_TX_POWER={0x6}, @NL80211_ATTR_STA_SUPPORTED_CHANNELS={0xe, 0xbd, [0x3, 0x1, 0x9, 0x9, 0x8]}, @NL80211_ATTR_STA_FLAGS2={0xc, 0x43, {0x800, 0xce}}, @NL80211_ATTR_STA_PLINK_STATE={0x5}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 3.268186191s ago: executing program 5 (id=1465): syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000040)=0xc) wait4(r1, &(0x7f0000000080), 0x1c0000000, 0x0) 3.211470444s ago: executing program 4 (id=1466): r0 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f0000000080)={0x1d, r1, 0x2}, 0x18) sendmsg$can_j1939(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)="79133a696bc2fb9a", 0x8}}, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) sendmsg$inet_sctp(r0, &(0x7f0000002c40)={0x0, 0x0, 0x0}, 0x0) 3.147477514s ago: executing program 1 (id=1467): socket$unix(0x1, 0x1, 0x0) socket$unix(0x1, 0x1, 0x0) accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$unix(0x1, 0x5, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001200)}, 0x0) setresuid(0xee01, 0x0, 0xee01) socketpair$unix(0x1, 0x5, 0x0, 0x0) r0 = mq_open(&(0x7f00000028c0)=' \x01\x00', 0x40, 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x5451, 0x0) 2.99908396s ago: executing program 2 (id=1468): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTALL(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={0x0}}, 0x24000041) 2.817665547s ago: executing program 1 (id=1469): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r0, &(0x7f0000000180), 0x40001) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r2}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='tlb_flush\x00', r3}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) 2.777432341s ago: executing program 2 (id=1470): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = socket(0x10, 0x803, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=@getchain={0x24}, 0x24}}, 0x0) getsockname$packet(r0, &(0x7f0000000740)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000700)=0x14) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}]}, 0x38}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newlink={0x34, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x4}}}]}, 0x34}}, 0x0) 2.75830447s ago: executing program 3 (id=1471): r0 = socket$inet6(0xa, 0x3, 0x1) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) writev(r0, 0x0, 0x0) 2.744175527s ago: executing program 5 (id=1472): r0 = socket$nl_generic(0x10, 0x3, 0x10) getpeername(r0, &(0x7f00000001c0)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, &(0x7f0000000080)=0x80) ioctl$sock_inet_SIOCRTMSG(r1, 0x5450, 0x0) 2.523803372s ago: executing program 2 (id=1473): syz_clone(0x2000000, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)) 2.487681236s ago: executing program 0 (id=1474): pipe2(&(0x7f0000000040)={0xffffffffffffffff}, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) dup3(r1, r0, 0x0) setsockopt$inet_group_source_req(r0, 0x0, 0x7, 0x0, 0x0) 2.487431234s ago: executing program 5 (id=1475): r0 = fsopen(&(0x7f0000000040)='tmpfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f00000001c0)={r3, 0x1, 0x6, @dev}, 0x10) 2.388206565s ago: executing program 3 (id=1476): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000540)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)={0x1c, r2, 0x801, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}}, 0x1c}}, 0x0) 2.373867355s ago: executing program 1 (id=1477): openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) fremovexattr(0xffffffffffffffff, &(0x7f0000000040)=@known='user.syz\x00') mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4) lsetxattr$system_posix_acl(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040)='system.posix_acl_default\x00', 0x0, 0x0, 0x0) 2.268399211s ago: executing program 0 (id=1478): rseq(&(0x7f0000000200), 0x20, 0x0, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000600)={{{@in=@multicast2}}, {{@in6=@remote}, 0x0, @in6=@private1}}, &(0x7f0000000340)=0xe8) mkdir(&(0x7f0000000140)='./bus\x00', 0x0) open(&(0x7f00000004c0)='./bus\x00', 0x0, 0xe4) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0) ftruncate(r0, 0x8800000) r1 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x2, 0x12, r0, 0x8000000) syz_io_uring_setup(0x3b, &(0x7f0000000080), &(0x7f0000000140), &(0x7f0000000100)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f0000ff6000/0x2000)=nil, 0x2000}) mremap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3000, 0x7, &(0x7f0000ff3000/0x3000)=nil) mremap(&(0x7f0000ff4000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000ffc000/0x4000)=nil) syz_mount_image$squashfs(&(0x7f00000001c0), &(0x7f0000000300)='./file0\x00', 0x800400, &(0x7f0000000340)=ANY=[], 0x0, 0x19d, &(0x7f0000000000)="$eJzskM9rE0EUxz9vdpI0gj9WPVUwAQvrhmqSrXrwFDxFyIJXD0VDGtviRm03B1ta7EUKUu2/oKfqTQQ9iSh4Lh4ED7peepPmUDyIB4nsZir4N3Q+MO877zsz7w1vLl6IC8CfvZUODTIcjvAJQQOlF5mVU2p09kbSqPkho3xzJFwx+YbR50bH46Xl2+0o6i6WL5dx/zOAn5n3z4q1KddAvuytdNpyM2TYoKdmQtwWlccUAf8J4/owJ2/gMPQ2uKpYEK8FR6v93r1qvLR8br7Xnu3Odu8EwdSl2oVa7WJQvTUfdWuvEf+RKJ6yih9SCCn6q+SmebitDzF5zPSXyoD8NJvbztkzkwOUv8sQ4b03oPBNz5XHzD0XmpwQnuGETLQoKjRZoyZyTb2Skv6sf+UUD9Yc53znbjSzfl3J7/xWQ3bHpL5DzqsTVOpMpaPhOB9YT5hIaCZsJex8pyRv0y77c9VraXxpslOchjz32/3+Yj0PH8ULCdLlUiArp7J/ufDOvDHC1/2NxWKxWCwWi8VisVgOAH8DAAD//4VcYHA=") mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB='dyn']) dup(0xffffffffffffffff) chdir(&(0x7f00000000c0)='./file0\x00') syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x4000, &(0x7f0000000380)={[{@test_dummy_encryption}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@stripe={'stripe', 0x3d, 0x7}}, {@commit={'commit', 0x3d, 0x5}}, {@orlov}, {@barrier_val={'barrier', 0x3d, 0x5}}, {@max_batch_time}, {@data_err_abort}]}, 0xd, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0)) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000000)=0xfe8e, 0x12) ioctl$IOCTL_GET_NCIDEV_IDX(r3, 0x0, &(0x7f0000000380)) ioctl$sock_inet_SIOCGIFPFLAGS(0xffffffffffffffff, 0x8935, &(0x7f0000001880)={'veth0_macvtap\x00'}) setsockopt$RDS_GET_MR_FOR_DEST(0xffffffffffffffff, 0x114, 0x7, &(0x7f0000000780)={@nfc_llcp={0x27, 0x0, 0x0, 0x0, 0x7, 0x1, "267385d1314eba9e40e8197112ae46c35a63e924c117f6c12406483d96a1402430a5929eb3c0dfc96646e42d37713e46df5bf8c2a6c138c629645d1a77bbc7", 0x11}, {0x0}, &(0x7f0000000740), 0x34}, 0xa0) chdir(0x0) fcntl$notify(0xffffffffffffffff, 0x402, 0x8000001c) fcntl$setsig(0xffffffffffffffff, 0xa, 0x21) rename(&(0x7f0000000b00)='./bus\x00', 0x0) socket$inet_tcp(0x2, 0x1, 0x0) open(&(0x7f0000000280)='.\x00', 0x0, 0x0) 2.258063573s ago: executing program 2 (id=1479): pipe2$watch_queue(&(0x7f0000000000), 0xb82e336200000000) socket(0x11, 0x2, 0x0) r0 = openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) dup3(0xffffffffffffffff, r0, 0x0) splice(r0, &(0x7f0000000200), 0xffffffffffffffff, 0x0, 0x0, 0x12) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) openat(0xffffffffffffff9c, 0x0, 0x181442, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/address_bits', 0x0, 0x0) close(0xffffffffffffffff) socket$inet6_tcp(0xa, 0x1, 0x0) getsockname$netlink(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, 0x0, 0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @empty}, 0x10) connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r3, &(0x7f0000000680)="8c", 0x1, 0x0, 0x0, 0x0) shutdown(r3, 0x2) r4 = fcntl$dupfd(r3, 0x0, r1) sendto$inet_nvme_icreq_pdu(r4, 0x0, 0x0, 0x0, 0x0, 0x0) 2.116443348s ago: executing program 5 (id=1480): r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000140), 0x8, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x80042, 0x83) dup3(r1, r0, 0x0) fallocate(r0, 0x0, 0x0, 0x800008f) execve(&(0x7f00000000c0)='./file1\x00', 0x0, 0x0) 2.077335993s ago: executing program 4 (id=1481): mkdir(&(0x7f0000000300)='./file0\x00', 0x1d5) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) preadv(r3, &(0x7f0000000000)=[{&(0x7f00000010c0)=""/4106, 0x100a}], 0x1, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x0) epoll_create(0x802) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000300)={0x1}) ioctl$FS_IOC_GETFLAGS(r4, 0x5437, 0x0) fchdir(0xffffffffffffffff) bpf$ENABLE_STATS(0x20, 0x0, 0x0) mkdir(0x0, 0x2) mount(0x0, 0x0, &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) ioprio_get$pid(0x1, r0) mmap(&(0x7f000062d000/0x1000)=nil, 0x1000, 0x0, 0x10, r5, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x19, 0x4, 0x4, 0x5}, 0x48) listen(0xffffffffffffffff, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) 2.029175745s ago: executing program 5 (id=1482): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) ioctl$TIOCGPGRP(r0, 0x540f, 0x0) timerfd_create(0x0, 0x0) timerfd_create(0x9, 0x0) syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./file0\x00', 0x280008a, &(0x7f0000000040)={[{@numtail}, {@shortname_win95}, {@shortname_win95}, {@fat=@nfs}, {@numtail}, {@rodir}, {@utf8no}, {@fat=@flush}, {@shortname_mixed}, {@shortname_win95}, {@shortname_winnt}, {@shortname_win95}, {@fat=@uid}, {@uni_xlateno}, {@utf8no}, {@uni_xlate}, {@uni_xlateno}, {@shortname_winnt}]}, 0x97, 0x2a9, &(0x7f0000002300)="$eJzs3T9ra2UYAPDnpGkSdEgEJxE8oINTabu6pEgLxUxKBnXQYluQJggtFPyDsZOri6OriyC4+SVc/AaCq+BmwcKRk5xjkt40N+m9ae+f32/p2/c8z3ue9/QtpcN58vGr/ZPDNI4vvvojGo0kKu1ox2USrahE6ZuY0v4uAICn2WWWxd/ZyDJ5SUQ0VlcWALBCS//9/2XlJQEAK/be+x+8s9Pp7L6bpo3Y63973s3/s8+/jq7vHMen0Yuj2IxmXEVk/xuN97IsG1TTXCve6A/Ou3lm/6PfivV3/ooY5m9FM1rDqen8/c7uVjoykT/I63ihuH87z9+OZrw84/77nd3tGfnRrcWbr0/UvxHN+P2T+Cx6cTgsYpQflYivt9L07ez7f778MC8vz08G5936MG4sW7vjHw0AAAAAAAAAAAAAAAAAAAAAAM+wjaJ3Tj2G/XvyqaL/ztpV/s16pKXWdH+eUX5SLnStP9Agix/K/jybaZpmReA4vxqvVKN6P7sGAAAAAAAAAAAAAAAAAACAJ8vZ51+cHPR6R6ePZVB2Ayhf67/tOu2JmddifnB9fK9KMZyzcqyVMUnE3DLyTSxc879F24PbPbqXbqr5p58XXufHh++9GKwvEPOIg/J0nRwks59hPcqZRnlIfp2MqcWC96rddClb6vjVZl5qLr332ovDwWBOTCTzCnvrz9GTK2aS67uoDZ/qzPT1YjCRPh3TWPw8578pD0h06wAAAAAAAAAAAAAAAAAAgJUav/Q74+LF3NRKVl9ZWQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwp8af/7/EYFAkLxBci9Oze94iAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz4H/AgAA///uD2MO") socket$inet6(0xa, 0x0, 0x0) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) recvmmsg(0xffffffffffffffff, &(0x7f0000005280)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) sendmmsg$sock(r1, &(0x7f0000004100)=[{{0x0, 0x0, 0x0}}], 0xffffff80, 0x0) 2.0182454s ago: executing program 3 (id=1483): mkdir(&(0x7f0000000300)='./file0\x00', 0x1d5) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001080)='/proc/diskstats\x00', 0x0, 0x0) preadv(r3, &(0x7f0000000000)=[{&(0x7f00000010c0)=""/4106, 0x100a}], 0x1, 0x7a, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x0, 0x8, &(0x7f0000002100)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x1}, 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000002c0)='objagg_obj_put\x00', r4}, 0x10) r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r6 = epoll_create(0x802) epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000300)={0x1}) ioctl$FS_IOC_GETFLAGS(r5, 0x5437, 0x0) fchdir(0xffffffffffffffff) mkdir(&(0x7f0000000340)='./file0/file0\x00', 0x2) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) ioprio_get$pid(0x1, r0) mmap(&(0x7f000062d000/0x1000)=nil, 0x1000, 0x0, 0x28011, r7, 0x0) listen(0xffffffffffffffff, 0x0) 2.000759751s ago: executing program 1 (id=1484): r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) mkdirat(r1, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x0, &(0x7f00000001c0)=0x40002) r2 = getpid() sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) execveat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES64=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x15, 0xc, &(0x7f00000004c0)=ANY=[@ANYRES32=r6, @ANYRESDEC=r5], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x31, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10) r8 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCBRDELBR(r8, 0x89a2, &(0x7f0000000200)='bridge0\x00') r9 = socket$nl_route(0x10, 0x3, 0x0) r10 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000180)={'wg2\x00', 0x0}) sendmsg$nl_route_sched(r9, &(0x7f0000006280)={0x0, 0x0, &(0x7f0000001100)={&(0x7f00000002c0)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x0, 0x20000000}, 0x4, r11}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a3, &(0x7f0000000200)='bridge0\x00') keyctl$KEYCTL_MOVE(0x18, 0x0, 0x0, 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c02, 0x0) 1.942352463s ago: executing program 2 (id=1485): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$packet(0x11, 0x4000000000002, 0x300) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x70, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x9) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r1, 0x0, r2, 0x0, 0x8000f28, 0x0) syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000040)='./bus\x00', 0x14542, &(0x7f0000000240)=ANY=[], 0x1, 0x1222, &(0x7f0000001580)="$eJzs3E9rHGUcB/Bf18TE1PxRa7U96INePA1NDnpRJEgKkgWldoVWEKZmosuOuyGzBLaIsSevvg7x6E0Q30AuvgZvuXjsQRzpbNLUmlbEJuufz+ew84Pn+e7zDLMMPMM8u//6V5/2NqtsMx9G68yZaG1FpNtpNqIVEVHf+XhhPRrXrq+vtttrV1K6vHp1+dWU0sKL33/w2Tcv/TA8+/63C9/NxN7Sh/s/r/y0d37vwv6vVz/pVqlbpf5gmPJ0YzAY5jfKIm10q16W0rtlkVdF6varYvt37ZvlYGtrlPL+xvzc1nZRVSnvj1KvGKXhIA23Ryn/OO/2U5ZlaX4ueKDpP+/S+fp2XdcRdT0dj0dd1/UTMRdn48mYj4X4IiKeiqfjmTgXz8b5eC6ejwtNr9OYPgAAAAAAAAAAAAAAAAAAAPx/PGz//2Is2f8PAAAAAAAAAAAAAAAAAAAAp+C9a9fXV9vttSspzUaUX+50djrj47j91mHHS7EYv0Sz+39sXF9+u712KTWW4la5e5Df3ek81sRWN6MbZRSx3PydwEF+qmk7zC+P8+koH7s7nZmYuze/Eotx7vjxV/6Qv3OcjVdeviefxWL8+FEMooyNZuyj/OfLKb31Tvu+/MWmHwAAAPwXZOmuY9fvWfag9nH+7vr6uOcDb0TE0fOB+9bXU3FxarLnTkQ1utnLy7LYrkY3W4dFL589LMp/cfHapEZvndA3t+KRT3U6/lZ85uBn9E+43IpHWjz0tpFO5ebEiTu66JOeCQAAAAAAAAAAAH/FCb9FOBXHvFn25mROFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5jB44FAAAAAIT5W6fRsQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQwUAAP//2C/Elw==") open(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmmsg$inet(r0, &(0x7f0000000380), 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000071120c000000000095200000000000001e140c5456d1aca8dc7394071dbea66b988ce238f3313cfcd1e028"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x80) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f0000000600), 0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$PROG_LOAD(0x23, &(0x7f00000000c0)={0x0, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 0s ago: executing program 4 (id=1486): syz_init_net_socket$llc(0x1a, 0x1, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18030000000000000000000000000000851000000600000018100000", @ANYRES32=r0, @ANYBLOB="00000000000000006600000000000000180000000000000000000000000000009500000000000000260300000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$packet(0x11, 0x2, 0x300) r2 = socket(0x1, 0x803, 0x0) pipe(&(0x7f0000000100)) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x4c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88adfda5}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x4c}}, 0x0) kernel console output (not intermixed with test programs): found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 119.697267][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 119.705880][ T5155] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 119.893234][ T5155] usb 3-1: Using ep0 maxpacket: 16 [ 119.922166][ T5155] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 119.961561][ T5155] usb 3-1: New USB device found, idVendor=0738, idProduct=1709, bcdDevice= 0.40 [ 119.978892][ T25] usb 2-1: usb_control_msg returned -71 [ 119.992352][ T5155] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 120.002827][ T25] usbtmc 2-1:16.0: can't read capabilities [ 120.006458][ T5155] usb 3-1: Product: syz [ 120.018525][ T5155] usb 3-1: Manufacturer: syz [ 120.043858][ T25] usb 2-1: USB disconnect, device number 2 [ 120.061499][ T5155] usb 3-1: SerialNumber: syz [ 120.327458][ T6293] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5) [ 120.334068][ T6293] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 120.388866][ T6293] vhci_hcd vhci_hcd.0: Device attached [ 120.446068][ T6315] vhci_hcd: connection closed [ 120.452614][ T1046] vhci_hcd: stop threads [ 120.472613][ T5155] usbhid 3-1:1.0: couldn't find an input interrupt endpoint [ 120.491159][ T1046] vhci_hcd: release socket [ 120.499762][ T1046] vhci_hcd: disconnect device [ 120.517778][ T5155] usb 3-1: USB disconnect, device number 7 [ 121.338830][ T25] usb 4-1: USB disconnect, device number 4 [ 121.568683][ T6356] loop5: detected capacity change from 0 to 128 [ 122.354328][ T6381] loop1: detected capacity change from 0 to 256 [ 122.398261][ T5151] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 122.575874][ T5099] Bluetooth: hci3: link tx timeout [ 122.582625][ T5099] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 122.600757][ T5105] Bluetooth: hci3: link tx timeout [ 122.608192][ T5105] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 122.617059][ T5105] Bluetooth: hci3: link tx timeout [ 122.622398][ T5105] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 122.624686][ C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 122.631850][ T5151] usb 6-1: Using ep0 maxpacket: 16 [ 122.640326][ T5194] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 122.648788][ T5151] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 122.668309][ T5105] Bluetooth: hci3: link tx timeout [ 122.673565][ T5105] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 122.683369][ T5105] Bluetooth: hci3: link tx timeout [ 122.688843][ T5105] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 122.698771][ T5151] usb 6-1: New USB device found, idVendor=0738, idProduct=1709, bcdDevice= 0.40 [ 122.708999][ T5105] Bluetooth: hci3: link tx timeout [ 122.714221][ T5105] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 122.723070][ T5151] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 122.723296][ T5105] Bluetooth: hci3: link tx timeout [ 122.736426][ T5105] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 122.745353][ T5105] Bluetooth: hci3: link tx timeout [ 122.750491][ T5105] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 122.758341][ T5151] usb 6-1: Product: syz [ 122.762534][ T5151] usb 6-1: Manufacturer: syz [ 122.767857][ T5151] usb 6-1: SerialNumber: syz [ 122.774415][ T5105] Bluetooth: hci3: link tx timeout [ 122.779554][ T5105] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 122.789215][ T5105] Bluetooth: hci3: link tx timeout [ 122.794536][ T5105] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 122.804338][ T5105] Bluetooth: hci3: link tx timeout [ 122.809516][ T5105] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 122.818890][ T5105] Bluetooth: hci3: link tx timeout [ 122.825626][ T5105] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 122.833785][ T5105] Bluetooth: hci3: link tx timeout [ 122.838972][ T5105] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 122.847292][ T5105] Bluetooth: hci3: link tx timeout [ 122.852520][ T5105] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 122.863073][ T5105] Bluetooth: hci3: link tx timeout [ 122.868273][ T5105] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 122.883361][ T5105] Bluetooth: hci3: link tx timeout [ 122.888728][ T5105] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 123.051351][ T6375] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5) [ 123.057949][ T6375] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 123.083511][ T5194] usb 3-1: Using ep0 maxpacket: 8 [ 123.085691][ T6375] vhci_hcd vhci_hcd.0: Device attached [ 123.114855][ T5194] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 123.123361][ T6395] vhci_hcd: connection closed [ 123.126595][ T5151] usbhid 6-1:1.0: couldn't find an input interrupt endpoint [ 123.134931][ T1046] vhci_hcd: stop threads [ 123.148387][ T5194] usb 3-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 123.174428][ T1046] vhci_hcd: release socket [ 123.183951][ T5151] usb 6-1: USB disconnect, device number 4 [ 123.198801][ T1046] vhci_hcd: disconnect device [ 123.206807][ T5194] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 123.257454][ T5194] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 123.312036][ T5194] usb 3-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 123.366864][ T5194] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 123.391878][ T5194] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 123.459546][ T5194] usbtmc 3-1:16.0: bulk endpoints not found [ 123.510518][ T6405] loop0: detected capacity change from 0 to 128 [ 124.244689][ T6419] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 124.655625][ T5105] Bluetooth: hci3: command 0x0406 tx timeout [ 125.108244][ T6422] loop1: detected capacity change from 0 to 1024 [ 126.087995][ T5155] usb 3-1: USB disconnect, device number 8 [ 126.174125][ T6442] loop0: detected capacity change from 0 to 128 [ 126.969966][ T6483] loop1: detected capacity change from 0 to 512 [ 127.033737][ T6483] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 127.215655][ T6483] EXT4-fs error (device loop1): ext4_orphan_get:1394: inode #17: comm syz.1.477: iget: bad i_size value: -6917529027641081756 [ 127.350302][ T6483] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz.1.477: couldn't read orphan inode 17 (err -117) [ 127.401314][ T6483] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 127.519798][ T6483] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.477: bg 0: block 65: padding at end of block bitmap is not set [ 127.589820][ T6483] Quota error (device loop1): write_blk: dquota write failed [ 127.637596][ T6483] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 127.672135][ T6483] EXT4-fs error (device loop1): ext4_acquire_dquot:6860: comm syz.1.477: Failed to acquire dquot type 0 [ 127.726326][ T6503] Quota error (device loop1): write_blk: dquota write failed [ 127.751712][ T6503] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota [ 127.813925][ T6503] EXT4-fs error (device loop1): ext4_acquire_dquot:6860: comm syz.1.477: Failed to acquire dquot type 0 [ 127.894993][ T5097] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 128.125351][ T6520] input: syz0 as /devices/virtual/input/input10 [ 128.291642][ T6530] netlink: 32 bytes leftover after parsing attributes in process `syz.3.494'. [ 128.613397][ C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 129.471868][ T6572] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 129.481544][ T6572] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 130.203271][ T5099] Bluetooth: hci0: command 0x0401 tx timeout [ 130.607408][ T6598] input: syz0 as /devices/virtual/input/input11 [ 131.497489][ T6618] loop4: detected capacity change from 0 to 128 [ 132.003528][ T6624] vlan2: entered promiscuous mode [ 132.027508][ T6624] team0: entered promiscuous mode [ 132.050818][ T6624] team_slave_0: entered promiscuous mode [ 132.063616][ T6624] team_slave_1: entered promiscuous mode [ 132.102879][ T6624] team0: Device vlan2 is already an upper device of the team interface [ 132.116554][ T29] audit: type=1800 audit(1719326776.090:6): pid=6629 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.535" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 132.209279][ T6624] team0: left promiscuous mode [ 132.224031][ T5099] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0 [ 132.233252][ T5099] Bluetooth: hci5: Injecting HCI hardware error event [ 132.243187][ T5099] Bluetooth: hci5: hardware error 0x00 [ 132.252921][ T6624] team_slave_0: left promiscuous mode [ 132.288618][ T6635] loop1: detected capacity change from 0 to 256 [ 132.313132][ T6624] team_slave_1: left promiscuous mode [ 132.430684][ T6635] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 132.450182][ T1233] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.456757][ T1233] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.934306][ T6655] input: syz0 as /devices/virtual/input/input13 [ 133.381879][ T29] audit: type=1800 audit(1719326777.360:7): pid=6676 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.555" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 134.201051][ T6703] input: syz0 as /devices/virtual/input/input15 [ 134.365121][ T5099] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 134.666599][ T6719] loop4: detected capacity change from 0 to 256 [ 134.784877][ T6719] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 135.038657][ T6737] netlink: 4 bytes leftover after parsing attributes in process `syz.5.582'. [ 135.488139][ T6749] input: syz0 as /devices/virtual/input/input16 [ 137.483876][ T5155] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 137.594363][ T6808] input: syz0 as /devices/virtual/input/input17 [ 137.681870][ T6784] loop3: detected capacity change from 0 to 32768 [ 137.727349][ T5155] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 137.736449][ T6784] BTRFS: device fsid 3a492a15-ac49-4ce6-945e-cef7a687c6c9 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.603 (6784) [ 137.790438][ T5155] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 137.831063][ T5155] usb 1-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 137.844209][ T6784] BTRFS info (device loop3): first mount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9 [ 137.848826][ T5155] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 137.899813][ T6784] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 137.942573][ T5155] usb 1-1: config 0 descriptor?? [ 137.950501][ T6784] BTRFS info (device loop3): using free-space-tree [ 138.591575][ T45] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 138.792937][ T45] usb 5-1: device descriptor read/64, error -71 [ 139.062898][ T45] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 139.282841][ T45] usb 5-1: device descriptor read/64, error -71 [ 139.433772][ T45] usb usb5-port1: attempt power cycle [ 139.552239][ T5155] usbhid 1-1:0.0: can't add hid device: -71 [ 139.562896][ T5155] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 139.602565][ T5155] usb 1-1: USB disconnect, device number 4 [ 139.892983][ T45] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 139.935851][ T45] usb 5-1: device descriptor read/8, error -71 [ 140.205783][ T6875] netlink: 32 bytes leftover after parsing attributes in process `syz.5.628'. [ 140.253473][ T45] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 140.314176][ T45] usb 5-1: device descriptor read/8, error -71 [ 140.462384][ T45] usb usb5-port1: unable to enumerate USB device [ 140.874466][ T5095] BTRFS info (device loop3): last unmount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9 [ 141.395021][ T6901] input: syz0 as /devices/virtual/input/input18 [ 141.527868][ T29] audit: type=1804 audit(1719326785.510:8): pid=6902 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.642" name="/root/syzkaller.PUUE1f/111/cgroup.controllers" dev="sda1" ino=1964 res=1 errno=0 [ 142.123944][ T5105] Bluetooth: hci0: command 0x0401 tx timeout [ 142.713701][ T6899] loop1: detected capacity change from 0 to 32768 [ 142.753113][ T6899] BTRFS: device fsid c6b85f58-0c7e-41ca-a553-c8d9f94f6663 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.640 (6899) [ 142.843170][ T6899] BTRFS info (device loop1): first mount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663 [ 142.895404][ T29] audit: type=1800 audit(1719326786.880:9): pid=6940 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.656" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0 [ 142.896419][ T6899] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm [ 143.008174][ T6899] BTRFS info (device loop1): using free-space-tree [ 143.109795][ T5193] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 143.333060][ T5193] usb 3-1: device descriptor read/64, error -71 [ 143.642820][ T5193] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 143.852768][ T5193] usb 3-1: device descriptor read/64, error -71 [ 143.993412][ T5193] usb usb3-port1: attempt power cycle [ 144.123208][ T5105] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 144.132316][ T5105] Bluetooth: hci1: Injecting HCI hardware error event [ 144.141669][ T5099] Bluetooth: hci1: hardware error 0x00 [ 144.462987][ T5193] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 144.503291][ T6987] loop3: detected capacity change from 0 to 512 [ 144.555343][ T5193] usb 3-1: device descriptor read/8, error -71 [ 144.649248][ T6987] EXT4-fs warning (device loop3): ext4_block_to_path:107: block 3279945729 > max in inode 13 [ 144.763014][ T6987] EXT4-fs warning (device loop3): ext4_block_to_path:107: block 3279945730 > max in inode 13 [ 144.848506][ T6987] EXT4-fs (loop3): 1 truncate cleaned up [ 144.878373][ T6987] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 144.905939][ T5193] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 144.957324][ T6987] fscrypt (loop3, inode 2): Error -61 getting encryption context [ 144.973671][ T5193] usb 3-1: device descriptor read/8, error -71 [ 145.005418][ T5097] BTRFS info (device loop1): last unmount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663 [ 145.037159][ T5095] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 145.103577][ T5193] usb usb3-port1: unable to enumerate USB device [ 145.521656][ T7010] input: syz0 as /devices/virtual/input/input19 [ 145.972364][ T29] audit: type=1800 audit(1719326789.950:10): pid=7026 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.685" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0 [ 146.362974][ T5099] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 146.734362][ T7054] netlink: 'syz.3.694': attribute type 2 has an invalid length. [ 147.102826][ T5193] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 147.327463][ T5193] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 147.347001][ T5193] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 147.390577][ T5193] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 147.441395][ T5193] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 147.474989][ T29] audit: type=1804 audit(1719326791.460:11): pid=7087 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.705" name="/root/syzkaller.j8uBcl/108/cgroup.controllers" dev="sda1" ino=1966 res=1 errno=0 [ 147.523380][ T5193] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 147.536054][ T5193] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 147.542848][ T5194] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 147.546006][ T5193] usb 2-1: Product: syz [ 147.556537][ T5193] usb 2-1: Manufacturer: syz [ 147.595012][ T5193] cdc_wdm 2-1:1.0: skipping garbage [ 147.603569][ T5193] cdc_wdm 2-1:1.0: probe with driver cdc_wdm failed with error -22 [ 147.753315][ T5194] usb 1-1: Using ep0 maxpacket: 8 [ 147.764195][ T5194] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 147.786696][ T5194] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 147.811171][ T5194] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 147.841847][ T5194] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 147.874120][ T5194] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0 [ 147.924823][ T5194] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 147.989723][ T5194] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 148.037522][ T5156] usb 2-1: USB disconnect, device number 3 [ 148.099430][ T5194] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 148.156390][ T5194] usbtmc 1-1:16.0: probe with driver usbtmc failed with error -22 [ 148.839110][ T7122] input: syz0 as /devices/virtual/input/input20 [ 149.992885][ T5194] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 150.196518][ T5194] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 150.219842][ T5194] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 150.271378][ T5194] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 150.305949][ T5156] usb 1-1: USB disconnect, device number 5 [ 150.331745][ T5194] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 150.387320][ T5194] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 150.409743][ T5194] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 150.434706][ T5194] usb 6-1: Product: syz [ 150.464211][ T5194] usb 6-1: Manufacturer: syz [ 150.514626][ T5194] cdc_wdm 6-1:1.0: skipping garbage [ 150.561970][ T5194] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22 [ 150.980239][ T45] usb 6-1: USB disconnect, device number 5 [ 151.202591][ T7209] input: syz0 as /devices/virtual/input/input21 [ 151.214497][ T7171] loop1: detected capacity change from 0 to 32768 [ 151.221371][ T7211] loop4: detected capacity change from 0 to 1024 [ 151.354845][ T7171] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 151.565131][ T7171] XFS (loop1): Ending clean mount [ 151.744120][ T5156] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 151.820238][ T5097] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 151.913117][ T7233] loop2: detected capacity change from 0 to 128 [ 152.018227][ T5156] usb 1-1: Using ep0 maxpacket: 8 [ 152.050583][ T5156] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 152.079313][ T5156] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 152.101766][ T5156] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 152.112609][ T5156] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 152.121911][ T7206] loop3: detected capacity change from 0 to 32768 [ 152.136641][ T5156] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0 [ 152.192782][ T5156] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 152.204116][ T7206] BTRFS: device fsid 3a492a15-ac49-4ce6-945e-cef7a687c6c9 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.749 (7206) [ 152.257184][ T5156] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 152.294566][ T5156] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 152.296151][ T7206] BTRFS info (device loop3): first mount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9 [ 152.349603][ T5156] usbtmc 1-1:16.0: probe with driver usbtmc failed with error -22 [ 152.383111][ T7206] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 152.450888][ T7206] BTRFS info (device loop3): using free-space-tree [ 154.185171][ T7258] loop4: detected capacity change from 0 to 32768 [ 154.196997][ T7315] loop2: detected capacity change from 0 to 512 [ 154.219704][ T7258] BTRFS: device /dev/loop4 (7:4) using temp-fsid e2aa6243-247b-4793-8d10-cb7ac85b8731 [ 154.352994][ T7258] BTRFS: device fsid 3a492a15-ac49-4ce6-945e-cef7a687c6c9 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.766 (7258) [ 154.392144][ T7315] EXT4-fs warning (device loop2): ext4_block_to_path:107: block 3279945729 > max in inode 13 [ 154.412825][ T7315] EXT4-fs warning (device loop2): ext4_block_to_path:107: block 3279945730 > max in inode 13 [ 154.441420][ T7315] EXT4-fs (loop2): 1 truncate cleaned up [ 154.472300][ T7315] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 154.514206][ T7258] BTRFS info (device loop4): first mount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9 [ 154.535522][ T45] usb 1-1: USB disconnect, device number 6 [ 154.581203][ T7315] fscrypt (loop2, inode 2): Error -61 getting encryption context [ 154.584415][ T7258] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 154.663070][ T7258] BTRFS info (device loop4): using free-space-tree [ 154.723341][ T5089] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 155.183324][ T7347] loop1: detected capacity change from 0 to 512 [ 155.416361][ T7347] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 155.786738][ T7347] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 155.899095][ T7352] syz.4.766 (7352) used greatest stack depth: 17848 bytes left [ 156.405628][ T7347] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2856: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 156.440905][ T7355] Illegal XDP return value 2111041577 on prog (id 34) dev N/A, expect packet loss! [ 156.492965][ T7347] EXT4-fs (loop1): 1 truncate cleaned up [ 156.500184][ T7347] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 156.511950][ T5092] BTRFS info (device loop4): last unmount of filesystem e2aa6243-247b-4793-8d10-cb7ac85b8731 [ 156.558952][ T7359] loop5: detected capacity change from 0 to 128 [ 156.642156][ T7360] EXT4-fs error (device loop1): mb_free_blocks:1948: group 0, inode 16: block 33:freeing already freed block (bit 32); block bitmap corrupt. [ 156.684151][ T7359] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (39871!=39978) [ 156.767610][ T7359] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none. [ 156.810294][ T7359] EXT4-fs warning (device loop5): ext4_dirblock_csum_verify:405: inode #2: comm syz.5.797: No space for directory leaf checksum. Please run e2fsck -D. [ 156.836206][ T7365] netlink: 'syz.2.799': attribute type 2 has an invalid length. [ 156.881956][ T7359] EXT4-fs error (device loop5): __ext4_find_entry:1695: inode #2: comm syz.5.797: checksumming directory block 0 [ 157.026213][ T7368] Bluetooth: MGMT ver 1.22 [ 157.075397][ T5088] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 157.085166][ T5097] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /root/syzkaller.yONMZZ/132/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 157.182258][ T5097] EXT4-fs error (device loop1): ext4_empty_dir:3127: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 157.218616][ T5097] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /root/syzkaller.yONMZZ/132/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 157.256567][ T5097] EXT4-fs error (device loop1): ext4_empty_dir:3127: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 157.308987][ T5097] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /root/syzkaller.yONMZZ/132/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 157.424580][ T5097] EXT4-fs error (device loop1): ext4_empty_dir:3127: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 157.490870][ T29] audit: type=1804 audit(1719326801.470:12): pid=7374 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.802" name="/root/syzkaller.qN2N0A/135/cgroup.controllers" dev="sda1" ino=1959 res=1 errno=0 [ 157.560031][ T5097] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /root/syzkaller.yONMZZ/132/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 157.730606][ T5097] EXT4-fs error (device loop1): ext4_empty_dir:3127: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 157.804777][ T5097] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /root/syzkaller.yONMZZ/132/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 157.888355][ T5095] BTRFS info (device loop3): last unmount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9 [ 157.935415][ T7382] loop5: detected capacity change from 0 to 1024 [ 158.603739][ T7401] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 158.837509][ T25] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 159.462766][ T25] usb 5-1: Using ep0 maxpacket: 32 [ 159.471646][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 159.532905][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 159.552803][ T25] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 159.561933][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 159.595957][ T25] usb 5-1: config 0 descriptor?? [ 159.616866][ T25] hub 5-1:0.0: USB hub found [ 159.827405][ T25] hub 5-1:0.0: 1 port detected [ 159.849985][ T7413] netlink: 'syz.2.814': attribute type 2 has an invalid length. [ 159.858135][ T5155] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 160.050162][ T7400] loop4: detected capacity change from 0 to 512 [ 160.071631][ T5155] usb 1-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 160.106608][ T5155] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 160.155018][ T7421] loop2: detected capacity change from 0 to 512 [ 160.155266][ T5155] usb 1-1: config 0 descriptor?? [ 160.192316][ T7400] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 160.216582][ T7425] loop5: detected capacity change from 0 to 64 [ 160.223948][ T7421] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 160.232443][ T7421] EXT4-fs (loop2): orphan cleanup on readonly fs [ 160.242267][ T7400] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 160.256435][ T7400] System zones: 0-1, 15-15, 18-18, 34-34 [ 160.272826][ T7421] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2234: inode #15: comm syz.2.817: corrupted in-inode xattr: overlapping e_value [ 160.276591][ T5097] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.303427][ T7400] EXT4-fs (loop4): orphan cleanup on readonly fs [ 160.311331][ T7400] Quota error (device loop4): v2_read_header: Failed header read: expected=8 got=0 [ 160.371191][ T7425] hfs: invalid extent max_key_len 510 [ 160.377094][ T7400] EXT4-fs warning (device loop4): ext4_enable_quotas:7078: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 160.402995][ T7421] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz.2.817: couldn't read orphan inode 15 (err -117) [ 160.452062][ T7400] EXT4-fs (loop4): Cannot turn on quotas: error -22 [ 160.488960][ T7425] hfs: unable to open extent tree [ 160.505373][ T7421] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 160.547084][ T7425] hfs: can't find a HFS filesystem on dev loop5 [ 160.551228][ T7403] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.636712][ T7400] EXT4-fs error (device loop4): ext4_orphan_get:1420: comm syz.4.811: bad orphan inode 16 [ 160.698816][ T7400] ext4_test_bit(bit=15, block=18) = 1 [ 160.730338][ T7400] is_bad_inode(inode)=0 [ 160.756405][ T7400] NEXT_ORPHAN(inode)=0 [ 160.775771][ T7400] max_ino=32 [ 160.810447][ T7400] i_nlink=2 [ 160.820687][ T7429] IPVS: Error joining to the multicast group [ 160.834089][ T7425] loop5: detected capacity change from 0 to 256 [ 160.836501][ T7400] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 160.860958][ T5155] usb 1-1: Cannot set autoneg [ 160.887153][ T5155] MOSCHIP usb-ethernet driver 1-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71 [ 160.934943][ T25] hub 5-1:0.0: hub_hub_status failed (err = -71) [ 160.953650][ T5155] usb 1-1: USB disconnect, device number 7 [ 160.958486][ T25] hub 5-1:0.0: config failed, can't get hub status (err -71) [ 161.009307][ T25] usbhid 5-1:0.0: can't add hid device: -71 [ 161.028924][ T25] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 161.053245][ T7403] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.112046][ T25] usb 5-1: USB disconnect, device number 9 [ 161.218176][ T5089] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 161.267548][ T7403] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.467176][ T7403] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.597189][ T5092] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 162.110924][ T7448] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 162.913178][ T7403] bridge_slave_1: left allmulticast mode [ 162.919161][ T7403] bridge_slave_1: left promiscuous mode [ 162.958663][ T7403] bridge0: port 2(bridge_slave_1) entered disabled state [ 163.215551][ T7403] bridge_slave_0: left allmulticast mode [ 163.221294][ T7403] bridge_slave_0: left promiscuous mode [ 163.306420][ T7403] bridge0: port 1(bridge_slave_0) entered disabled state [ 163.881337][ T7464] loop4: detected capacity change from 0 to 32768 [ 163.893416][ T7464] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.832 (7464) [ 163.992228][ T5105] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 164.001567][ T7464] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 164.011959][ T7464] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 164.020854][ T7464] BTRFS info (device loop4): using free-space-tree [ 164.028278][ T5105] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 164.037541][ T5105] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 164.047583][ T5105] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 164.056448][ T5105] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 164.066335][ T5105] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 164.227481][ T7491] input: syz0 as /devices/virtual/input/input22 [ 165.387918][ T5092] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 166.127260][ T5105] Bluetooth: hci4: command tx timeout [ 166.814700][ T7504] loop2: detected capacity change from 0 to 32768 [ 166.904898][ T7504] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 167.081711][ T7519] loop5: detected capacity change from 0 to 32768 [ 167.102104][ T7519] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.840 (7519) [ 167.113593][ T7403] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 167.126962][ T7504] XFS (loop2): Ending clean mount [ 167.129804][ T7519] BTRFS info (device loop5): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 167.140610][ T7504] XFS (loop2): Quotacheck needed: Please wait. [ 167.162138][ T7403] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 167.169713][ T7519] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm [ 167.205146][ T7519] BTRFS info (device loop5): using free-space-tree [ 167.215802][ T7403] bond0 (unregistering): Released all slaves [ 167.248477][ T7504] XFS (loop2): Quotacheck: Done. [ 167.359663][ T7514] netlink: 12 bytes leftover after parsing attributes in process `syz.3.839'. [ 167.383417][ T7514] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR [ 168.020332][ T7558] loop3: detected capacity change from 0 to 32768 [ 168.039484][ T7558] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.846 (7558) [ 168.086243][ T7558] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 168.096669][ T7558] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 168.105633][ T7558] BTRFS info (device loop3): using free-space-tree [ 168.203243][ T5105] Bluetooth: hci4: command tx timeout [ 168.678146][ T5088] BTRFS info (device loop5): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 169.729888][ T5095] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 169.753062][ T5089] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 170.305569][ T5105] Bluetooth: hci4: command tx timeout [ 171.335626][ T7403] hsr_slave_0: left promiscuous mode [ 171.432182][ T7403] hsr_slave_1: left promiscuous mode [ 171.522996][ T7403] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 171.557060][ T7403] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 171.633061][ T7403] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 171.669226][ T7403] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 171.826391][ T7403] veth1_macvtap: left promiscuous mode [ 171.832554][ T7403] veth0_macvtap: left promiscuous mode [ 171.863340][ T7403] veth1_vlan: left promiscuous mode [ 171.868913][ T7403] veth0_vlan: left promiscuous mode [ 172.363209][ T5105] Bluetooth: hci4: command tx timeout [ 172.985068][ T7638] loop5: detected capacity change from 0 to 32768 [ 173.051672][ T7638] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 173.160348][ T7403] team0 (unregistering): Port device team_slave_1 removed [ 173.229113][ T7403] team0 (unregistering): Port device team_slave_0 removed [ 173.245825][ T7638] XFS (loop5): Ending clean mount [ 173.274227][ T7638] XFS (loop5): Quotacheck needed: Please wait. [ 173.358343][ T7638] XFS (loop5): Quotacheck: Done. [ 173.889991][ T7624] vlan2: entered promiscuous mode [ 173.912819][ T7624] team0: entered promiscuous mode [ 173.921791][ T7624] team_slave_0: entered promiscuous mode [ 173.937908][ T7624] team_slave_1: entered promiscuous mode [ 173.950519][ T7624] team0: Device vlan2 is already an upper device of the team interface [ 173.979934][ T7624] team0: left promiscuous mode [ 173.990441][ T7624] team_slave_0: left promiscuous mode [ 173.998177][ T7624] team_slave_1: left promiscuous mode [ 174.527056][ T7467] chnl_net:caif_netlink_parms(): no params data found [ 174.896049][ T5151] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 174.903542][ T7678] loop0: detected capacity change from 0 to 8 [ 174.998131][ T7678] squashfs image failed sanity check [ 175.103013][ T5151] usb 5-1: Using ep0 maxpacket: 32 [ 175.111691][ T5151] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 175.174402][ T5151] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 175.233052][ T7467] bridge0: port 1(bridge_slave_0) entered blocking state [ 175.246124][ T5151] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 175.278586][ T7467] bridge0: port 1(bridge_slave_0) entered disabled state [ 175.313068][ T5151] usb 5-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 175.320961][ T7467] bridge_slave_0: entered allmulticast mode [ 175.322137][ T5151] usb 5-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 175.363432][ T5151] usb 5-1: Product: syz [ 175.367847][ T5151] usb 5-1: Manufacturer: syz [ 175.373544][ T5151] usb 5-1: SerialNumber: syz [ 175.385873][ T7671] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 175.400332][ T7467] bridge_slave_0: entered promiscuous mode [ 175.409805][ T5151] input: appletouch as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/input/input23 [ 175.423432][ T7467] bridge0: port 2(bridge_slave_1) entered blocking state [ 175.477567][ T7467] bridge0: port 2(bridge_slave_1) entered disabled state [ 175.547464][ T7467] bridge_slave_1: entered allmulticast mode [ 175.578801][ T7467] bridge_slave_1: entered promiscuous mode [ 175.604846][ C0] appletouch 5-1:1.0: atp_complete: usb_submit_urb failed with result -1 [ 175.690607][ T5156] usb 5-1: USB disconnect, device number 10 [ 175.690611][ C1] appletouch 5-1:1.0: atp_complete: usb_submit_urb failed with result -19 [ 175.831982][ T5156] appletouch 5-1:1.0: input: appletouch disconnected [ 175.941817][ T7467] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 176.014139][ T7467] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 176.185307][ T7705] netlink: 277 bytes leftover after parsing attributes in process `syz.0.878'. [ 176.341292][ T7706] vlan2: entered promiscuous mode [ 176.363045][ T7706] team0: entered promiscuous mode [ 176.368354][ T7706] team_slave_0: entered promiscuous mode [ 176.402956][ T7706] team_slave_1: entered promiscuous mode [ 176.424407][ T7706] team0: Device vlan2 is already an upper device of the team interface [ 176.483296][ T7706] team0: left promiscuous mode [ 176.495999][ T7706] team_slave_0: left promiscuous mode [ 176.505034][ T7712] loop4: detected capacity change from 0 to 128 [ 176.528244][ T7706] team_slave_1: left promiscuous mode [ 176.660094][ T7467] team0: Port device team_slave_0 added [ 176.692248][ T7688] loop2: detected capacity change from 0 to 32768 [ 176.705695][ T7467] team0: Port device team_slave_1 added [ 176.732203][ T7688] BTRFS: device fsid 3a492a15-ac49-4ce6-945e-cef7a687c6c9 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.875 (7688) [ 176.790791][ T5088] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 176.811742][ T7688] BTRFS info (device loop2): first mount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9 [ 176.843017][ T7688] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 176.859232][ T7688] BTRFS info (device loop2): using free-space-tree [ 176.868388][ T7716] netlink: 8 bytes leftover after parsing attributes in process `syz.0.881'. [ 177.055542][ T7467] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 177.062544][ T7467] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 177.127071][ T7467] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 177.215419][ T7467] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 177.222417][ T7467] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 177.332843][ T7467] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 177.383612][ T7740] netlink: 8 bytes leftover after parsing attributes in process `syz.3.885'. [ 177.861089][ T7467] hsr_slave_0: entered promiscuous mode [ 177.907208][ T7467] hsr_slave_1: entered promiscuous mode [ 177.942003][ T7467] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 177.981710][ T7467] Cannot create hsr debugfs directory [ 178.095946][ T5155] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 178.316465][ T5155] usb 1-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=14.d4 [ 178.374657][ T5155] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 178.432217][ T5155] usb 1-1: config 0 descriptor?? [ 178.853249][ T5089] BTRFS info (device loop2): last unmount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9 [ 178.879225][ T5155] gs_usb 1-1:0.0: Couldn't get device config: (err=-71) [ 178.903433][ T5155] gs_usb 1-1:0.0: probe with driver gs_usb failed with error -71 [ 178.947369][ T5155] usb 1-1: USB disconnect, device number 8 [ 179.743381][ T7784] netlink: 8 bytes leftover after parsing attributes in process `syz.0.899'. [ 180.281168][ T7794] bridge0: port 2(bridge_slave_1) entered disabled state [ 180.291327][ T7794] bridge0: port 1(bridge_slave_0) entered disabled state [ 180.631305][ T7805] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 180.672987][ T7805] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 180.712938][ T7805] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 180.721817][ T7805] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 180.773210][ T7805] geneve2: entered promiscuous mode [ 180.794348][ T7805] geneve2: entered allmulticast mode [ 180.991668][ T7467] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 181.080967][ T7467] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 181.167951][ T7467] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 181.221235][ T7467] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 181.282896][ T7823] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 181.919015][ T7832] loop0: detected capacity change from 0 to 32768 [ 181.922417][ T7467] 8021q: adding VLAN 0 to HW filter on device bond0 [ 181.939566][ T7832] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.916 (7832) [ 181.993691][ T7832] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 182.004041][ T7832] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 182.012844][ T7832] BTRFS info (device loop0): using free-space-tree [ 182.192059][ T7467] 8021q: adding VLAN 0 to HW filter on device team0 [ 182.218348][ T5156] bridge0: port 1(bridge_slave_0) entered blocking state [ 182.225629][ T5156] bridge0: port 1(bridge_slave_0) entered forwarding state [ 182.252216][ T5156] bridge0: port 2(bridge_slave_1) entered blocking state [ 182.259536][ T5156] bridge0: port 2(bridge_slave_1) entered forwarding state [ 182.618319][ T7467] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 183.102080][ T7829] loop5: detected capacity change from 0 to 32768 [ 183.234260][ T7829] XFS: noikeep mount option is deprecated. [ 183.515953][ T7829] XFS (loop5): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 183.532111][ T5087] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 183.731322][ T7829] XFS (loop5): Ending clean mount [ 183.802182][ T7467] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 183.863895][ T7829] XFS (loop5): Quotacheck needed: Please wait. [ 183.960932][ T7824] loop2: detected capacity change from 0 to 40427 [ 184.020344][ T7829] XFS (loop5): Quotacheck: Done. [ 184.147828][ T7467] veth0_vlan: entered promiscuous mode [ 184.163374][ T7824] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 184.171725][ T7824] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 184.257441][ T7467] veth1_vlan: entered promiscuous mode [ 184.362185][ T7824] F2FS-fs (loop2): invalid crc value [ 184.387399][ T7824] F2FS-fs (loop2): Failed to start F2FS issue_checkpoint_thread (-4) [ 184.583571][ T7467] veth0_macvtap: entered promiscuous mode [ 184.695118][ T7467] veth1_macvtap: entered promiscuous mode [ 185.501135][ T7467] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 185.563850][ T7467] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 185.602886][ T7467] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 185.669846][ T7467] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 185.702757][ T7467] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 185.753563][ T7467] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 185.776498][ T7467] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 185.808045][ T7467] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 185.832695][ T7467] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 185.853089][ T7467] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 185.892528][ T7467] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 185.912169][ T5088] XFS (loop5): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 185.992784][ T5194] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 186.032159][ T7467] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 186.044520][ T7467] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.071174][ T7467] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 186.091171][ T7467] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.130651][ T7467] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 186.172735][ T7467] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.199229][ T7467] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 186.226494][ T7467] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.228203][ T5194] usb 4-1: Using ep0 maxpacket: 16 [ 186.261826][ T7467] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 186.266428][ T5194] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 186.286700][ T7467] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.341608][ T5194] usb 4-1: New USB device found, idVendor=0738, idProduct=1709, bcdDevice= 0.40 [ 186.357986][ T7467] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 186.369062][ T5194] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 186.419291][ T5194] usb 4-1: Product: syz [ 186.456451][ T5194] usb 4-1: Manufacturer: syz [ 186.461126][ T5194] usb 4-1: SerialNumber: syz [ 186.507356][ T7907] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 186.609798][ T7467] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.663281][ T7467] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.694235][ T7467] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.725419][ T7467] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.755024][ T7887] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5) [ 186.761614][ T7887] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 186.813107][ T7887] vhci_hcd vhci_hcd.0: Device attached [ 186.927988][ T7915] vhci_hcd: connection closed [ 186.930765][ T5194] usbhid 4-1:1.0: couldn't find an input interrupt endpoint [ 186.970903][ T7916] input: syz0 as /devices/virtual/input/input24 [ 186.987505][ T61] vhci_hcd: stop threads [ 187.002896][ T61] vhci_hcd: release socket [ 187.008690][ T61] vhci_hcd: disconnect device [ 187.054518][ T5093] vhci_hcd: vhci_device speed not set [ 187.071405][ T5194] usb 4-1: USB disconnect, device number 5 [ 187.498877][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 187.583031][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 187.740920][ T5194] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 187.807387][ T7450] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 187.860981][ T7450] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 187.972770][ T5194] usb 1-1: Using ep0 maxpacket: 8 [ 187.980081][ T5194] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 188.014055][ T5194] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 188.064152][ T5194] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 188.086777][ T5194] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 188.094315][ T7944] input: syz0 as /devices/virtual/input/input25 [ 188.114092][ T5194] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 188.215147][ T5194] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 188.272110][ T5194] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 188.549087][ T5194] usb 1-1: usb_control_msg returned -32 [ 188.586278][ T5194] usbtmc 1-1:16.0: can't read capabilities [ 188.615422][ T7959] loop2: detected capacity change from 0 to 128 [ 188.686427][ T5194] usb 1-1: USB disconnect, device number 9 [ 189.124950][ T7969] loop1: detected capacity change from 0 to 2048 [ 189.245885][ T7969] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 189.264663][ T7976] input: syz0 as /devices/virtual/input/input26 [ 189.374862][ T7969] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 189.624826][ C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 189.648698][ T7928] loop5: detected capacity change from 0 to 40427 [ 189.735242][ T7928] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 189.793610][ T7928] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 189.848479][ T7928] F2FS-fs (loop5): invalid crc value [ 189.959035][ T7928] F2FS-fs (loop5): Found nat_bits in checkpoint [ 190.243298][ T29] audit: type=1800 audit(1719326834.230:13): pid=8012 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.960" name="SYSV00000000" dev="hugetlbfs" ino=2 res=0 errno=0 [ 190.843170][ T5103] Bluetooth: hci0: command 0x0401 tx timeout [ 190.843539][ T5106] Bluetooth: hci2: command 0x0406 tx timeout [ 190.873362][ T5093] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 191.112760][ T5093] usb 4-1: Using ep0 maxpacket: 8 [ 191.125055][ T5093] usb 4-1: config index 0 descriptor too short (expected 301, got 45) [ 191.157524][ T5093] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 191.215220][ T5093] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 191.266131][ T5093] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 191.326381][ T5093] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 191.372825][ T5093] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 191.397295][ T5105] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 191.408318][ T5093] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 191.422766][ T5105] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 191.431406][ T5105] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 191.441306][ T5105] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 191.451802][ T5105] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 191.460490][ T5105] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 191.603189][ T8037] loop4: detected capacity change from 0 to 2048 [ 191.682520][ T5093] usb 4-1: GET_CAPABILITIES returned 0 [ 191.694149][ T8037] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 191.706478][ T5093] usbtmc 4-1:16.0: can't read capabilities [ 191.715761][ T8011] loop1: detected capacity change from 0 to 32768 [ 191.766514][ T8037] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 191.856570][ T51] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.935254][ T51] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 192.207117][ T51] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 192.247617][ T51] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 192.293376][ T8044] loop1: detected capacity change from 32768 to 0 [ 192.321748][ T8049] syz.1.955: attempt to access beyond end of device [ 192.321748][ T8049] loop1: rw=0, sector=288, nr_sectors = 8 limit=0 [ 192.393658][ T8049] metapage_read_end_io: I/O error [ 192.433148][ T8049] read_mapping_page failed! [ 192.444800][ T51] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 192.462960][ T8011] capability: warning: `syz.1.955' uses deprecated v2 capabilities in a way that may be insecure [ 192.474782][ T8051] loop4: detected capacity change from 0 to 1024 [ 192.481319][ T51] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 192.504755][ T8049] diRead: read_metapage failed [ 192.511790][ T8051] EXT4-fs: Ignoring removed orlov option [ 192.525099][ T8049] jfs_lookup: iget failed on inum 32 [ 192.535119][ T8051] EXT4-fs (loop4): Test dummy encryption mode enabled [ 192.552160][ T8044] syz.1.955: attempt to access beyond end of device [ 192.552160][ T8044] loop1: rw=0, sector=288, nr_sectors = 8 limit=0 [ 192.568965][ T29] audit: type=1800 audit(1719326836.550:14): pid=8053 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.974" name="SYSV00000000" dev="hugetlbfs" ino=2 res=0 errno=0 [ 192.591582][ T8051] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 192.614529][ T8044] metapage_read_end_io: I/O error [ 192.641620][ T8051] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (12914!=20869) [ 192.652286][ T8044] read_mapping_page failed! [ 192.655640][ T8051] EXT4-fs (loop4): invalid journal inode [ 192.663808][ T8051] EXT4-fs (loop4): can't get journal size [ 192.702866][ T8044] diRead: read_metapage failed [ 192.717797][ T8044] jfs_lookup: iget failed on inum 32 [ 192.724391][ T51] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 192.738449][ T8051] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 192.790491][ T51] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 192.887227][ T5092] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 193.095034][ T7467] syz-executor: attempt to access beyond end of device [ 193.095034][ T7467] loop1: rw=0, sector=288, nr_sectors = 8 limit=0 [ 193.145271][ T7467] metapage_read_end_io: I/O error [ 193.162856][ T7467] read_mapping_page failed! [ 193.191218][ T7467] diRead: read_metapage failed [ 193.218437][ T7467] jfs_lookup: iget failed on inum 32 [ 193.224557][ T7467] syz-executor: attempt to access beyond end of device [ 193.224557][ T7467] loop1: rw=0, sector=288, nr_sectors = 8 limit=0 [ 193.237940][ T7467] metapage_read_end_io: I/O error [ 193.243332][ T7467] read_mapping_page failed! [ 193.247914][ T7467] diRead: read_metapage failed [ 193.254595][ T7467] jfs_lookup: iget failed on inum 32 [ 193.377463][ T8063] loop4: detected capacity change from 0 to 128 [ 193.483182][ T5099] Bluetooth: hci2: command tx timeout [ 193.699923][ T8031] chnl_net:caif_netlink_parms(): no params data found [ 193.761128][ T51] bridge_slave_1: left allmulticast mode [ 193.768389][ T51] bridge_slave_1: left promiscuous mode [ 193.784187][ T51] bridge0: port 2(bridge_slave_1) entered disabled state [ 193.821424][ T51] bridge_slave_0: left allmulticast mode [ 193.829628][ T51] bridge_slave_0: left promiscuous mode [ 193.830328][ T35] kworker/u8:2: attempt to access beyond end of device [ 193.830328][ T35] loop1: rw=1, sector=264, nr_sectors = 8 limit=0 [ 193.845348][ T51] bridge0: port 1(bridge_slave_0) entered disabled state [ 193.894931][ T1233] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.901348][ T1233] ieee802154 phy1 wpan1: encryption failed: -22 [ 193.915118][ T35] metapage_write_end_io: I/O error [ 193.923272][ T35] kworker/u8:2: attempt to access beyond end of device [ 193.923272][ T35] loop1: rw=2049, sector=30752, nr_sectors = 8 limit=0 [ 193.947041][ T35] lbmIODone: I/O error in JFS log [ 193.957829][ T35] kworker/u8:2: attempt to access beyond end of device [ 193.957829][ T35] loop1: rw=1, sector=344, nr_sectors = 8 limit=0 [ 194.006200][ T35] kworker/u8:2: attempt to access beyond end of device [ 194.006200][ T35] loop1: rw=1, sector=360, nr_sectors = 16 limit=0 [ 194.035539][ T35] kworker/u8:2: attempt to access beyond end of device [ 194.035539][ T35] loop1: rw=1, sector=160, nr_sectors = 8 limit=0 [ 194.058449][ T35] metapage_write_end_io: I/O error [ 194.068341][ T35] kworker/u8:2: attempt to access beyond end of device [ 194.068341][ T35] loop1: rw=1, sector=224, nr_sectors = 8 limit=0 [ 194.124491][ T35] metapage_write_end_io: I/O error [ 194.155047][ T35] lbmIODone: I/O error in JFS log [ 194.186132][ T35] metapage_write_end_io: I/O error [ 194.201315][ T7467] metapage_write_end_io: I/O error [ 194.240673][ T7467] metapage_write_end_io: I/O error [ 194.268741][ T7467] metapage_write_end_io: I/O error [ 194.296906][ T7467] metapage_write_end_io: I/O error [ 194.335304][ T7467] metapage_write_end_io: I/O error [ 194.341234][ T7467] metapage_write_end_io: I/O error [ 194.387415][ T7467] metapage_write_end_io: I/O error [ 194.400290][ T7467] metapage_write_end_io: I/O error [ 194.408943][ T7467] metapage_write_end_io: I/O error [ 194.419499][ T7467] lbmIODone: I/O error in JFS log [ 194.454029][ T7467] lbmIODone: I/O error in JFS log [ 194.459487][ T7467] lbmIODone: I/O error in JFS log [ 194.513380][ T7467] lmLogShutdown: exit(-5) [ 194.518374][ T7467] jfs_umount failed with return code -5 [ 195.563028][ T5099] Bluetooth: hci2: command tx timeout [ 195.695896][ T5105] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 195.712042][ T5105] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 195.725191][ T5105] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 195.743333][ T5105] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 195.751572][ T5105] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 195.759557][ T5105] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 196.107437][ T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 196.142497][ T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 196.168096][ T51] bond0 (unregistering): Released all slaves [ 196.761756][ T8117] loop4: detected capacity change from 0 to 2048 [ 196.775068][ T8117] EXT4-fs: Ignoring removed mblk_io_submit option [ 196.881312][ T8117] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 196.941212][ T8020] usbtmc 4-1:16.0: usb_control_msg returned -110 [ 196.966649][ T8117] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.994: bg 0: block 234: padding at end of block bitmap is not set [ 197.022196][ T5194] usb 4-1: USB disconnect, device number 6 [ 197.047981][ T8117] EXT4-fs (loop4): Remounting filesystem read-only [ 197.134677][ T5092] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 197.473346][ T8031] bridge0: port 1(bridge_slave_0) entered blocking state [ 197.480606][ T8031] bridge0: port 1(bridge_slave_0) entered disabled state [ 197.522993][ T8031] bridge_slave_0: entered allmulticast mode [ 197.531033][ T8031] bridge_slave_0: entered promiscuous mode [ 197.572496][ T8031] bridge0: port 2(bridge_slave_1) entered blocking state [ 197.593388][ T8031] bridge0: port 2(bridge_slave_1) entered disabled state [ 197.613013][ T8031] bridge_slave_1: entered allmulticast mode [ 197.632379][ T8031] bridge_slave_1: entered promiscuous mode [ 197.643540][ T5105] Bluetooth: hci2: command tx timeout [ 197.813254][ T5105] Bluetooth: hci4: command tx timeout [ 197.874950][ T8141] loop4: detected capacity change from 0 to 256 [ 197.989233][ T8134] vlan2: entered promiscuous mode [ 198.017900][ T8134] team0: entered promiscuous mode [ 198.061722][ T8134] team_slave_0: entered promiscuous mode [ 198.079731][ T8134] team_slave_1: entered promiscuous mode [ 198.091520][ T8134] team0: Device vlan2 is already an upper device of the team interface [ 198.127408][ T8134] team0: left promiscuous mode [ 198.159083][ T8134] team_slave_0: left promiscuous mode [ 198.175468][ T8134] team_slave_1: left promiscuous mode [ 198.425258][ T8155] input: syz0 as /devices/virtual/input/input27 [ 198.738570][ T51] hsr_slave_0: left promiscuous mode [ 198.830509][ T51] hsr_slave_1: left promiscuous mode [ 198.907696][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 198.930231][ T51] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 199.000266][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 199.071718][ T51] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 199.273142][ T51] veth1_macvtap: left promiscuous mode [ 199.278771][ T51] veth0_macvtap: left promiscuous mode [ 199.335687][ T51] veth1_vlan: left promiscuous mode [ 199.341207][ T51] veth0_vlan: left promiscuous mode [ 199.723284][ T5105] Bluetooth: hci2: command tx timeout [ 199.795077][ T8194] loop0: detected capacity change from 0 to 128 [ 199.882967][ T5105] Bluetooth: hci4: command tx timeout [ 200.997196][ T51] team0 (unregistering): Port device team_slave_1 removed [ 201.105179][ T51] team0 (unregistering): Port device team_slave_0 removed [ 201.826094][ T8205] loop5: detected capacity change from 0 to 32768 [ 201.858344][ T8205] BTRFS: device fsid c6b85f58-0c7e-41ca-a553-c8d9f94f6663 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1025 (8205) [ 201.961346][ T8205] BTRFS info (device loop5): first mount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663 [ 201.972895][ T5105] Bluetooth: hci4: command tx timeout [ 201.982863][ T8205] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm [ 201.992318][ T8205] BTRFS info (device loop5): using free-space-tree [ 202.867897][ T8031] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 202.927908][ T8031] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 203.581160][ T5088] BTRFS info (device loop5): last unmount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663 [ 203.713766][ T8031] team0: Port device team_slave_0 added [ 203.742582][ T8031] team0: Port device team_slave_1 added [ 204.042880][ T5105] Bluetooth: hci4: command tx timeout [ 204.457684][ T8031] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 204.502849][ T8031] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 204.632488][ T8031] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 204.707896][ T8031] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 204.739593][ T8031] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 204.853503][ T8031] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 205.462257][ T8264] loop3: detected capacity change from 0 to 128 [ 205.804854][ T8031] hsr_slave_0: entered promiscuous mode [ 205.854163][ T8031] hsr_slave_1: entered promiscuous mode [ 205.882982][ T8031] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 205.937810][ T8031] Cannot create hsr debugfs directory [ 206.470358][ T29] audit: type=1800 audit(1719326850.450:15): pid=8299 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1046" name="SYSV00000000" dev="hugetlbfs" ino=2 res=0 errno=0 [ 206.881519][ T51] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 207.032041][ T8100] chnl_net:caif_netlink_parms(): no params data found [ 207.056492][ T8317] loop0: detected capacity change from 0 to 16 [ 207.118687][ T8317] erofs: Unknown parameter ')|' [ 207.276181][ T51] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 207.561222][ T51] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 207.682019][ T5093] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 207.908440][ T5093] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 207.925663][ T51] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 207.942911][ T5093] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 207.993467][ T5093] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 208.022203][ T5093] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 208.075054][ T5093] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 208.115327][ T5093] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 208.126510][ T5093] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 208.144420][ T5093] usb 6-1: Product: syz [ 208.168302][ T5093] usb 6-1: Manufacturer: syz [ 208.207586][ T5093] cdc_wdm 6-1:1.0: skipping garbage [ 208.230743][ T5093] cdc_wdm 6-1:1.0: skipping garbage [ 208.255984][ T5093] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 208.264974][ T29] audit: type=1800 audit(1719326852.250:16): pid=8350 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1061" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0 [ 208.303615][ T5093] cdc_wdm 6-1:1.0: Unknown control protocol [ 208.446540][ T8100] bridge0: port 1(bridge_slave_0) entered blocking state [ 208.480472][ T8100] bridge0: port 1(bridge_slave_0) entered disabled state [ 208.511741][ T8100] bridge_slave_0: entered allmulticast mode [ 208.538072][ T8100] bridge_slave_0: entered promiscuous mode [ 208.585435][ T8100] bridge0: port 2(bridge_slave_1) entered blocking state [ 208.633709][ T8100] bridge0: port 2(bridge_slave_1) entered disabled state [ 208.641026][ T8100] bridge_slave_1: entered allmulticast mode [ 208.649416][ T5093] usb 6-1: USB disconnect, device number 6 [ 208.699635][ T8100] bridge_slave_1: entered promiscuous mode [ 209.077977][ T8100] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 209.148821][ T8100] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 209.992949][ T5156] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 210.128375][ T8366] loop4: detected capacity change from 0 to 32768 [ 210.179252][ T8100] team0: Port device team_slave_0 added [ 210.181151][ T8366] BTRFS: device fsid 3a492a15-ac49-4ce6-945e-cef7a687c6c9 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1067 (8366) [ 210.201236][ T51] bridge_slave_1: left allmulticast mode [ 210.207128][ T5156] usb 4-1: Using ep0 maxpacket: 16 [ 210.224815][ T51] bridge_slave_1: left promiscuous mode [ 210.230657][ T51] bridge0: port 2(bridge_slave_1) entered disabled state [ 210.247767][ T5156] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 210.280100][ T8366] BTRFS info (device loop4): first mount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9 [ 210.302088][ T51] bridge_slave_0: left allmulticast mode [ 210.302279][ T5156] usb 4-1: New USB device found, idVendor=0738, idProduct=1709, bcdDevice= 0.40 [ 210.321442][ T51] bridge_slave_0: left promiscuous mode [ 210.331673][ T8366] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 210.353346][ T51] bridge0: port 1(bridge_slave_0) entered disabled state [ 210.363372][ T5156] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 210.371410][ T5156] usb 4-1: Product: syz [ 210.377445][ T8366] BTRFS info (device loop4): using free-space-tree [ 210.414939][ T5156] usb 4-1: Manufacturer: syz [ 210.429368][ T5156] usb 4-1: SerialNumber: syz [ 211.518939][ T8401] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5) [ 211.525523][ T8401] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 211.726248][ T8401] vhci_hcd vhci_hcd.0: Device attached [ 211.860938][ T8402] vhci_hcd: connection closed [ 211.864370][ T5156] usbhid 4-1:1.0: couldn't find an input interrupt endpoint [ 211.897051][ T7450] vhci_hcd: stop threads [ 211.923048][ T7450] vhci_hcd: release socket [ 211.956014][ T7450] vhci_hcd: disconnect device [ 211.962880][ T5144] vhci_hcd: vhci_device speed not set [ 211.989059][ T5156] usb 4-1: USB disconnect, device number 7 [ 212.139363][ T5092] BTRFS info (device loop4): last unmount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9 [ 213.043596][ T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 213.087851][ T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 213.108066][ T51] bond0 (unregistering): Released all slaves [ 213.192946][ T9] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 213.193788][ T8100] team0: Port device team_slave_1 added [ 213.395991][ T9] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 213.425207][ T9] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 213.447740][ T9] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 213.467068][ T9] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 213.493594][ T9] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 213.515356][ T9] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 213.527163][ T9] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 213.539037][ T9] usb 5-1: Product: syz [ 213.546117][ T9] usb 5-1: Manufacturer: syz [ 213.567618][ T9] cdc_wdm 5-1:1.0: skipping garbage [ 213.573674][ T9] cdc_wdm 5-1:1.0: skipping garbage [ 213.605344][ T9] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 213.648418][ T9] cdc_wdm 5-1:1.0: Unknown control protocol [ 213.674851][ T8418] netlink: 'syz.5.1081': attribute type 2 has an invalid length. [ 213.769774][ T8429] cdc_wdm 5-1:1.0: Error submitting int urb - -90 [ 213.794861][ T8429] cdc_wdm 5-1:1.0: Error submitting int urb - -90 [ 213.876805][ T8100] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 213.909247][ T8100] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 213.962821][ T8100] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 214.021157][ T9] usb 5-1: USB disconnect, device number 11 [ 214.215967][ T8100] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 214.235579][ T8100] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 214.290332][ T8100] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 214.332983][ T5193] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 214.562730][ T5193] usb 6-1: Using ep0 maxpacket: 16 [ 214.580626][ T5193] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 214.618541][ T5193] usb 6-1: New USB device found, idVendor=0738, idProduct=1709, bcdDevice= 0.40 [ 214.652793][ T5193] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 214.664926][ T5193] usb 6-1: Product: syz [ 214.669644][ T5193] usb 6-1: Manufacturer: syz [ 214.683376][ T5193] usb 6-1: SerialNumber: syz [ 214.781417][ T51] hsr_slave_0: left promiscuous mode [ 214.842844][ T51] hsr_slave_1: left promiscuous mode [ 214.871104][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 214.903336][ T51] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 214.915754][ T8446] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5) [ 214.922327][ T8446] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 214.956251][ T8446] vhci_hcd vhci_hcd.0: Device attached [ 214.965416][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 214.977235][ T8463] vhci_hcd: connection closed [ 214.978946][ T35] vhci_hcd: stop threads [ 214.991579][ T5193] usbhid 6-1:1.0: couldn't find an input interrupt endpoint [ 215.001711][ T35] vhci_hcd: release socket [ 215.004891][ T51] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 215.017707][ T5193] usb 6-1: USB disconnect, device number 7 [ 215.024363][ T35] vhci_hcd: disconnect device [ 215.084490][ T51] veth1_macvtap: left promiscuous mode [ 215.103159][ T51] veth0_macvtap: left promiscuous mode [ 215.120731][ T51] veth1_vlan: left promiscuous mode [ 215.139285][ T51] veth0_vlan: left promiscuous mode [ 217.380228][ T51] team0 (unregistering): Port device team_slave_1 removed [ 217.464860][ T51] team0 (unregistering): Port device team_slave_0 removed [ 218.357715][ T8100] hsr_slave_0: entered promiscuous mode [ 218.373113][ T8100] hsr_slave_1: entered promiscuous mode [ 218.380229][ T8100] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 218.399683][ T8100] Cannot create hsr debugfs directory [ 218.407122][ T8466] netlink: 'syz.4.1101': attribute type 2 has an invalid length. [ 218.722841][ T8031] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 218.789681][ T8031] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 219.009476][ T8031] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 219.108442][ T8031] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 219.281261][ T8531] netlink: 'syz.4.1129': attribute type 2 has an invalid length. [ 220.482496][ T8031] 8021q: adding VLAN 0 to HW filter on device bond0 [ 220.560932][ T8569] netlink: 'syz.3.1142': attribute type 2 has an invalid length. [ 220.654650][ T8031] 8021q: adding VLAN 0 to HW filter on device team0 [ 221.117612][ T5194] bridge0: port 1(bridge_slave_0) entered blocking state [ 221.124880][ T5194] bridge0: port 1(bridge_slave_0) entered forwarding state [ 221.174355][ T5156] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 221.220540][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 221.227826][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 221.317004][ T29] audit: type=1804 audit(1719326865.300:17): pid=8583 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1146" name="/root/syzkaller.9ZO9W7/211/cgroup.controllers" dev="sda1" ino=1948 res=1 errno=0 [ 221.414830][ T5156] usb 4-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0 [ 221.497415][ T8031] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 221.512909][ T5156] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 221.533293][ T5156] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 221.541343][ T5156] usb 4-1: Manufacturer: 㥚醎潽⭩Ȩ孬餝캳었禟ꦣ➳ [ 221.552767][ T8031] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 221.575171][ T5156] usb 4-1: SerialNumber: 夐睯㄁줿翁ᵎ⨋녌笁ꚽ큵ㄇ舨䁎粜ϳ􂌛桲俪䓂㾄โ銻랪ﱇ뙆⨳᪒ᐡሚ끄뛜稉뮢폵褼룓䀳䛦ꆂ똸㚍⊮ᮗ쵐守 [ 221.621960][ T5156] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -22 [ 221.797284][ T8100] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 221.837287][ T5151] usb 4-1: USB disconnect, device number 8 [ 221.850751][ T8100] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 221.925869][ T8599] input: syz0 as /devices/virtual/input/input28 [ 221.941991][ T8100] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 222.019633][ T8100] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 222.363701][ T8031] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 222.671151][ T8612] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1154'. [ 222.778028][ T8031] veth0_vlan: entered promiscuous mode [ 222.882998][ T5193] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 223.056504][ T8031] veth1_vlan: entered promiscuous mode [ 223.114685][ T5193] usb 4-1: Using ep0 maxpacket: 8 [ 223.122242][ T5193] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 223.141466][ T8100] 8021q: adding VLAN 0 to HW filter on device bond0 [ 223.194995][ T5193] usb 4-1: language id specifier not provided by device, defaulting to English [ 223.230375][ T5193] usb 4-1: New USB device found, idVendor=045e, idProduct=00e3, bcdDevice= 0.40 [ 223.256585][ T5193] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 223.259776][ T8031] veth0_macvtap: entered promiscuous mode [ 223.280110][ T8630] loop5: detected capacity change from 0 to 1024 [ 223.280160][ T29] audit: type=1804 audit(1719326867.260:18): pid=8629 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1161" name="/root/syzkaller.YR7hZW/218/cgroup.controllers" dev="sda1" ino=1964 res=1 errno=0 [ 223.317162][ T5193] usb 4-1: Product: syz [ 223.338087][ T5193] usb 4-1: Manufacturer: 械킲噫Aꍧ乼㲡乼涃ဎ闔ꝲ냊購侄„ᅔ㳴塒塵⤥猉嚣㳘灳袎섚덁⏌Դᴹ矊뾗뷸䑴╚쵁⊵劉粺ȷ圵唬ɳ [ 223.367962][ T8630] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 223.393858][ T8100] 8021q: adding VLAN 0 to HW filter on device team0 [ 223.414840][ T8630] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (12914!=20869) [ 223.428313][ T8031] veth1_macvtap: entered promiscuous mode [ 223.443323][ T5193] usb 4-1: SerialNumber: syz [ 223.479951][ T5093] bridge0: port 1(bridge_slave_0) entered blocking state [ 223.487220][ T5093] bridge0: port 1(bridge_slave_0) entered forwarding state [ 223.497147][ T5193] usbhid 4-1:1.0: couldn't find an input interrupt endpoint [ 223.519416][ T8630] EXT4-fs (loop5): invalid journal inode [ 223.555873][ T8630] EXT4-fs (loop5): can't get journal size [ 223.623416][ T5194] bridge0: port 2(bridge_slave_1) entered blocking state [ 223.630707][ T5194] bridge0: port 2(bridge_slave_1) entered forwarding state [ 223.665083][ T8630] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 223.798929][ T8031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 223.834828][ T8031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 223.862848][ T8031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 223.884241][ T8611] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 223.905317][ T8031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 223.916579][ T8611] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 223.942796][ T8031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 223.989814][ T5193] usb 4-1: USB disconnect, device number 9 [ 223.992369][ T8031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 224.040682][ T8031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 224.070060][ T8031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 224.097652][ T8031] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 224.111072][ T5088] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 224.155860][ T8031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 224.193860][ T8031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 224.209882][ T8031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 224.220655][ T8031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 224.231914][ T8031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 224.243852][ T8031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 224.267572][ T8031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 224.293168][ T5093] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 224.300821][ T8031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 224.305470][ T8031] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 224.407090][ T8031] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.481107][ T8031] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.508686][ T8031] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.529307][ T8031] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.543639][ T5093] usb 5-1: device descriptor read/64, error -71 [ 224.835027][ T5093] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 224.885231][ T7450] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 224.942914][ T7450] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 225.032850][ T5093] usb 5-1: device descriptor read/64, error -71 [ 225.131781][ T7450] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 225.158507][ T8100] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 225.169853][ T5093] usb usb5-port1: attempt power cycle [ 225.172855][ T7450] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 225.451522][ T8100] veth0_vlan: entered promiscuous mode [ 225.466531][ T8680] loop2: detected capacity change from 0 to 128 [ 225.533245][ T8100] veth1_vlan: entered promiscuous mode [ 225.612787][ T5093] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 225.696345][ T5093] usb 5-1: device descriptor read/8, error -71 [ 225.740282][ T8100] veth0_macvtap: entered promiscuous mode [ 225.800813][ T8100] veth1_macvtap: entered promiscuous mode [ 225.921981][ T8100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 225.982791][ T5093] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 226.008572][ T8658] loop0: detected capacity change from 0 to 32768 [ 226.015304][ T8100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.048281][ T8100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 226.083141][ T8658] BTRFS: device fsid 3a492a15-ac49-4ce6-945e-cef7a687c6c9 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1166 (8658) [ 226.096752][ T5093] usb 5-1: device descriptor read/8, error -71 [ 226.113739][ T8100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.150189][ T8100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 226.184551][ T8658] BTRFS info (device loop0): first mount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9 [ 226.213434][ T8100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.233260][ T5093] usb usb5-port1: unable to enumerate USB device [ 226.240255][ T8658] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 226.252749][ T8100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 226.278649][ T8658] BTRFS info (device loop0): using free-space-tree [ 226.291421][ T8100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.318238][ T8100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 226.363934][ T8100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.378671][ T8100] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 226.479542][ T8100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 226.537410][ T8100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.594343][ T8100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 226.671086][ T8100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.725269][ T8100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 226.756379][ T8100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.793065][ T8100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 226.816780][ T8100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.846793][ T8100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 226.861639][ T8733] input: syz0 as /devices/virtual/input/input29 [ 226.867721][ T8100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.904231][ T8100] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 226.994895][ T8100] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 227.073437][ T8100] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 227.126810][ T8100] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 227.178772][ T8100] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 227.588575][ T8748] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1183'. [ 227.668508][ T8751] loop2: detected capacity change from 0 to 256 [ 227.725209][ T8751] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 228.133065][ T3774] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 228.146645][ C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 228.189954][ T3774] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 228.279036][ T8758] loop5: detected capacity change from 0 to 128 [ 228.293158][ T7450] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 228.325020][ T7450] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 228.607852][ T5087] BTRFS info (device loop0): last unmount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9 [ 229.012890][ T5155] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 229.202784][ T5155] usb 4-1: device descriptor read/64, error -71 [ 229.354940][ T8780] loop1: detected capacity change from 0 to 1024 [ 229.483697][ T5155] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 229.672734][ T5155] usb 4-1: device descriptor read/64, error -71 [ 229.823293][ T5155] usb usb4-port1: attempt power cycle [ 229.858505][ T8783] input: syz0 as /devices/virtual/input/input30 [ 230.228459][ T5099] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 230.272757][ T5155] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 230.272938][ T5099] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 230.292001][ T5099] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 230.303723][ T5099] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 230.304065][ T5155] usb 4-1: device descriptor read/8, error -71 [ 230.319457][ T5099] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 230.337663][ T5099] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 230.588013][ T8804] loop0: detected capacity change from 0 to 256 [ 230.620512][ T5155] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 230.728506][ T5155] usb 4-1: device descriptor read/8, error -71 [ 230.853234][ T5155] usb usb4-port1: unable to enumerate USB device [ 231.357223][ T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 231.589132][ T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 231.731966][ T8807] loop2: detected capacity change from 0 to 32768 [ 231.746831][ T8832] vlan0: entered promiscuous mode [ 231.771708][ T8807] BTRFS: device fsid c6b85f58-0c7e-41ca-a553-c8d9f94f6663 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1199 (8807) [ 231.861831][ T8832] team0: entered promiscuous mode [ 231.871241][ T8807] BTRFS info (device loop2): first mount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663 [ 231.902731][ T8832] team_slave_0: entered promiscuous mode [ 231.920478][ T8807] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 231.935992][ T8807] BTRFS info (device loop2): using free-space-tree [ 231.973393][ T8832] team_slave_1: entered promiscuous mode [ 231.982573][ T8832] team0: Device vlan0 is already an upper device of the team interface [ 232.002305][ T8832] team0: left promiscuous mode [ 232.007853][ T8832] team_slave_0: left promiscuous mode [ 232.013902][ T8832] team_slave_1: left promiscuous mode [ 232.443115][ T5105] Bluetooth: hci6: command tx timeout [ 232.527925][ T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 232.537393][ T8859] loop1: detected capacity change from 0 to 256 [ 232.628204][ T8859] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 232.848541][ T8827] loop0: detected capacity change from 0 to 32768 [ 232.896678][ T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 232.918738][ T8827] BTRFS: device fsid 3a492a15-ac49-4ce6-945e-cef7a687c6c9 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1203 (8827) [ 232.982575][ T8864] loop3: detected capacity change from 0 to 512 [ 233.053326][ T8827] BTRFS info (device loop0): first mount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9 [ 233.106805][ T8827] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 233.136785][ T8864] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002] [ 233.145302][ T8827] BTRFS info (device loop0): using free-space-tree [ 233.173421][ T8864] System zones: 1-12 [ 233.215173][ T8864] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.1208: invalid indirect mapped block 1819239214 (level 1) [ 233.348842][ T8864] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1208: bg 0: block 361: padding at end of block bitmap is not set [ 233.380822][ T8864] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 233.410774][ T8864] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #13: comm syz.3.1208: attempt to clear invalid blocks 33619980 len 1 [ 233.526844][ T8031] BTRFS info (device loop2): last unmount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663 [ 233.537735][ T8864] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.1208: invalid indirect mapped block 1819239214 (level 0) [ 233.695172][ T8864] EXT4-fs (loop3): 1 truncate cleaned up [ 233.758572][ T8864] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 233.791654][ T12] bridge_slave_1: left allmulticast mode [ 233.813082][ T12] bridge_slave_1: left promiscuous mode [ 233.823257][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 233.889996][ T8864] EXT4-fs error (device loop3): dx_probe:822: inode #2: comm syz.3.1208: Directory hole found for htree index block [ 233.976191][ T12] bridge_slave_0: left allmulticast mode [ 233.987426][ T12] bridge_slave_0: left promiscuous mode [ 234.042379][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 234.066042][ T5095] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 234.534085][ T5105] Bluetooth: hci6: command tx timeout [ 234.991749][ T5087] BTRFS info (device loop0): last unmount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9 [ 235.099635][ T5093] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 235.260928][ T8907] loop5: detected capacity change from 0 to 256 [ 235.284035][ T5093] usb 2-1: device descriptor read/64, error -71 [ 235.489419][ T8910] loop2: detected capacity change from 0 to 128 [ 235.602826][ T5093] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 235.783194][ T5093] usb 2-1: device descriptor read/64, error -71 [ 235.906865][ T5093] usb usb2-port1: attempt power cycle [ 235.961119][ T8918] input: syz0 as /devices/virtual/input/input32 [ 236.213892][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 236.251554][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 236.284757][ T12] bond0 (unregistering): Released all slaves [ 236.309732][ T8799] chnl_net:caif_netlink_parms(): no params data found [ 236.332807][ T5093] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 236.378281][ T5093] usb 2-1: device descriptor read/8, error -71 [ 236.606496][ T5105] Bluetooth: hci6: command tx timeout [ 236.714153][ T5093] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 236.828494][ T5093] usb 2-1: device descriptor read/8, error -71 [ 236.961329][ T5093] usb usb2-port1: unable to enumerate USB device [ 237.042379][ T8937] input: syz0 as /devices/virtual/input/input33 [ 237.150215][ T8942] vlan2: entered promiscuous mode [ 237.188523][ T8942] team0: entered promiscuous mode [ 237.198596][ T8942] team_slave_0: entered promiscuous mode [ 237.204872][ T8942] team_slave_1: entered promiscuous mode [ 237.255622][ T8942] team0: Device vlan2 is already an upper device of the team interface [ 237.364685][ T8942] team0: left promiscuous mode [ 237.383865][ T8942] team_slave_0: left promiscuous mode [ 237.423623][ T8942] team_slave_1: left promiscuous mode [ 237.569361][ T8955] loop3: detected capacity change from 0 to 512 [ 237.619655][ T8955] EXT4-fs warning (device loop3): ext4_block_to_path:107: block 3279945729 > max in inode 13 [ 237.642502][ T8955] EXT4-fs warning (device loop3): ext4_block_to_path:107: block 3279945730 > max in inode 13 [ 237.719226][ T8955] EXT4-fs (loop3): 1 truncate cleaned up [ 237.791981][ T8955] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 237.893655][ T8955] fscrypt (loop3, inode 2): Error -61 getting encryption context [ 238.107552][ T5095] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 238.595620][ T8799] bridge0: port 1(bridge_slave_0) entered blocking state [ 238.617460][ T8799] bridge0: port 1(bridge_slave_0) entered disabled state [ 238.650402][ T8799] bridge_slave_0: entered allmulticast mode [ 238.683545][ T5105] Bluetooth: hci6: command tx timeout [ 238.690340][ T8799] bridge_slave_0: entered promiscuous mode [ 238.714117][ T8950] loop2: detected capacity change from 0 to 32768 [ 238.723902][ T8799] bridge0: port 2(bridge_slave_1) entered blocking state [ 238.746638][ T8799] bridge0: port 2(bridge_slave_1) entered disabled state [ 238.765511][ T8950] BTRFS: device fsid 3a492a15-ac49-4ce6-945e-cef7a687c6c9 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1229 (8950) [ 238.785516][ T8799] bridge_slave_1: entered allmulticast mode [ 238.825948][ T8799] bridge_slave_1: entered promiscuous mode [ 238.911453][ T8950] BTRFS info (device loop2): first mount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9 [ 238.978921][ T8950] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 239.027327][ T8950] BTRFS info (device loop2): using free-space-tree [ 239.089118][ T12] hsr_slave_0: left promiscuous mode [ 239.174046][ T12] hsr_slave_1: left promiscuous mode [ 239.326812][ T8999] loop3: detected capacity change from 0 to 8 [ 239.377452][ T8999] squashfs: Unknown parameter '' [ 239.438280][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 239.479947][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 239.564389][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 239.571874][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 239.595105][ T8999] loop3: detected capacity change from 0 to 1024 [ 239.836994][ T9015] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1243'. [ 239.881420][ T12] veth1_macvtap: left promiscuous mode [ 239.925519][ T12] veth0_macvtap: left promiscuous mode [ 239.961851][ T12] veth1_vlan: left promiscuous mode [ 240.025755][ T12] veth0_vlan: left promiscuous mode [ 240.106326][ T5093] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 240.356598][ T5093] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0 [ 240.409089][ T5093] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 240.442679][ T5093] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 240.485744][ T5093] usb 2-1: SerialNumber: 夐睯㄁줿翁ᵎ⨋녌笁ꚽ큵ㄇ舨䁎粜ϳ􂌛桲俪䓂㾄โ銻랪ﱇ뙆⨳᪒ᐡሚ끄뛜稉뮢폵褼룓䀳䛦ꆂ똸㚍⊮ᮗ쵐守 [ 240.617597][ T5093] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -22 [ 240.821194][ T45] usb 2-1: USB disconnect, device number 8 [ 241.138219][ T8031] BTRFS info (device loop2): last unmount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9 [ 241.315200][ T5154] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 241.544773][ T5154] usb 1-1: Using ep0 maxpacket: 16 [ 241.564415][ T5154] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 241.597044][ T5154] usb 1-1: New USB device found, idVendor=0738, idProduct=1709, bcdDevice= 0.40 [ 241.618255][ T5154] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 241.665149][ T5154] usb 1-1: Product: syz [ 241.709729][ T5154] usb 1-1: Manufacturer: syz [ 241.770818][ T5154] usb 1-1: SerialNumber: syz [ 241.774082][ T9055] loop1: detected capacity change from 0 to 256 [ 242.041269][ T9049] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5) [ 242.047855][ T9049] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 242.084825][ T9049] vhci_hcd vhci_hcd.0: Device attached [ 242.121535][ T9060] vhci_hcd: connection closed [ 242.127533][ T3774] vhci_hcd: stop threads [ 242.176723][ T3774] vhci_hcd: release socket [ 242.191929][ T5154] usbhid 1-1:1.0: couldn't find an input interrupt endpoint [ 242.202320][ T3774] vhci_hcd: disconnect device [ 242.248701][ T5154] usb 1-1: USB disconnect, device number 10 [ 244.101251][ T9066] loop2: detected capacity change from 0 to 32768 [ 244.125691][ T9066] BTRFS: device fsid c6b85f58-0c7e-41ca-a553-c8d9f94f6663 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1253 (9066) [ 244.185155][ T9066] BTRFS info (device loop2): first mount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663 [ 244.187093][ T12] team0 (unregistering): Port device team_slave_1 removed [ 244.205149][ T9066] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 244.218547][ T9066] BTRFS info (device loop2): using free-space-tree [ 244.308989][ T12] team0 (unregistering): Port device team_slave_0 removed [ 244.647466][ T9082] loop0: detected capacity change from 0 to 32768 [ 244.669581][ T9082] BTRFS: device fsid 3a492a15-ac49-4ce6-945e-cef7a687c6c9 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1264 (9082) [ 244.733042][ T9082] BTRFS info (device loop0): first mount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9 [ 244.782856][ T9082] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 244.796286][ T9082] BTRFS info (device loop0): using free-space-tree [ 245.621181][ T8031] BTRFS info (device loop2): last unmount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663 [ 246.493188][ T9144] loop2: detected capacity change from 0 to 256 [ 246.657524][ T9146] loop3: detected capacity change from 0 to 128 [ 246.890169][ T8799] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 246.970337][ T9076] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 246.980044][ T9076] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 247.125737][ T8799] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 247.352139][ T9160] loop1: detected capacity change from 0 to 8 [ 247.365334][ T9160] squashfs: Unknown parameter '' [ 247.564263][ T8799] team0: Port device team_slave_0 added [ 247.582088][ T9160] loop1: detected capacity change from 0 to 1024 [ 247.778288][ T8799] team0: Port device team_slave_1 added [ 247.954999][ T9177] loop2: detected capacity change from 0 to 16 [ 247.994566][ T9177] erofs: Unknown parameter ')|' [ 248.144116][ T5300] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 248.308099][ T8799] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 248.357755][ T8799] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 248.413372][ T8799] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 248.472316][ T9183] vlan0: entered promiscuous mode [ 248.506308][ T9183] team0: entered promiscuous mode [ 248.529558][ T9183] team_slave_0: entered promiscuous mode [ 248.589239][ T9183] team_slave_1: entered promiscuous mode [ 248.622483][ T9183] team0: Device vlan0 is already an upper device of the team interface [ 248.684983][ T9183] team0: left promiscuous mode [ 248.701360][ T9183] team_slave_0: left promiscuous mode [ 248.748442][ T9183] team_slave_1: left promiscuous mode [ 248.988783][ T5087] BTRFS info (device loop0): last unmount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9 [ 249.039362][ T8799] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 249.720085][ T8799] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 249.811812][ T8799] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 249.838445][ T9191] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 249.848127][ T9191] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 250.218564][ T8799] hsr_slave_0: entered promiscuous mode [ 250.705864][ T8799] hsr_slave_1: entered promiscuous mode [ 250.759115][ T8799] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 250.832358][ T8799] Cannot create hsr debugfs directory [ 250.839270][ T9205] input: syz0 as /devices/virtual/input/input34 [ 251.293620][ T9213] serio: Serial port pts0 [ 252.191426][ T29] audit: type=1800 audit(1719326896.170:19): pid=9246 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1300" name="SYSV00000000" dev="hugetlbfs" ino=3 res=0 errno=0 [ 253.233092][ T9244] vlan0: entered promiscuous mode [ 253.238218][ T9244] team0: entered promiscuous mode [ 253.252721][ T9244] team_slave_0: entered promiscuous mode [ 253.258638][ T9244] team_slave_1: entered promiscuous mode [ 253.295384][ T9244] team0: Device vlan0 is already an upper device of the team interface [ 253.349422][ T9244] team0: left promiscuous mode [ 253.362875][ T9244] team_slave_0: left promiscuous mode [ 253.368525][ T9244] team_slave_1: left promiscuous mode [ 253.525118][ T9254] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 253.534837][ T9254] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 253.904444][ T9265] input: syz0 as /devices/virtual/input/input35 [ 254.807943][ T9292] loop5: detected capacity change from 0 to 512 [ 254.903168][ T9292] EXT4-fs warning (device loop5): ext4_block_to_path:107: block 3279945729 > max in inode 13 [ 254.963405][ T9292] EXT4-fs warning (device loop5): ext4_block_to_path:107: block 3279945730 > max in inode 13 [ 255.028850][ T9292] EXT4-fs (loop5): 1 truncate cleaned up [ 255.065329][ T9292] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 255.146876][ T8799] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 255.263766][ T9292] fscrypt (loop5, inode 2): Error -61 getting encryption context [ 255.302373][ T8799] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 255.328873][ T1233] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.335757][ T1233] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.298842][ T8799] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 256.358574][ T5088] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 256.399444][ T9314] loop1: detected capacity change from 0 to 1024 [ 256.421486][ T9308] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 256.431241][ T9308] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 256.452971][ T8799] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 256.671562][ T5300] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 256.923241][ T5810] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 257.169301][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 257.193880][ T8799] 8021q: adding VLAN 0 to HW filter on device bond0 [ 257.319053][ T8799] 8021q: adding VLAN 0 to HW filter on device team0 [ 257.449312][ T25] bridge0: port 1(bridge_slave_0) entered blocking state [ 257.456676][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state [ 257.489807][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 257.497103][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 257.620884][ T9348] loop3: detected capacity change from 0 to 16 [ 257.667612][ T9348] erofs: Unknown parameter ')|' [ 257.787710][ T5355] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 258.313196][ T5093] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 258.553611][ T5093] usb 3-1: Using ep0 maxpacket: 16 [ 258.561654][ T5093] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 258.682415][ T5093] usb 3-1: New USB device found, idVendor=0738, idProduct=1709, bcdDevice= 0.40 [ 258.694346][ T5093] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 258.702400][ T5093] usb 3-1: Product: syz [ 258.742802][ T5093] usb 3-1: Manufacturer: syz [ 258.747479][ T5093] usb 3-1: SerialNumber: syz [ 258.863568][ T8799] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 259.374281][ T9356] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5) [ 259.380874][ T9356] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 259.685659][ T9356] vhci_hcd vhci_hcd.0: Device attached [ 259.845438][ T9377] vhci_hcd: connection closed [ 259.851641][ T51] vhci_hcd: stop threads [ 259.912114][ T51] vhci_hcd: release socket [ 259.961905][ T51] vhci_hcd: disconnect device [ 260.023098][ T5093] usbhid 3-1:1.0: couldn't find an input interrupt endpoint [ 260.044055][ T5093] usb 3-1: USB disconnect, device number 13 [ 260.150419][ T9389] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 260.160117][ T9389] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 260.962082][ T9360] loop5: detected capacity change from 0 to 32768 [ 261.099603][ T9360] workqueue: Failed to create a rescuer kthread for wq "xfs-blockgc/loop5": -EINTR [ 261.206710][ T9407] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1340'. [ 261.238031][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 261.411926][ T8799] veth0_vlan: entered promiscuous mode [ 261.504168][ T8799] veth1_vlan: entered promiscuous mode [ 261.728132][ T8799] veth0_macvtap: entered promiscuous mode [ 261.768519][ T8799] veth1_macvtap: entered promiscuous mode [ 261.850048][ T8799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 261.931213][ T8799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 261.971597][ T8799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 262.032662][ T8799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.068515][ T8799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 262.112807][ T8799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.153353][ T8799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 262.212640][ T8799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.262934][ T8799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 262.278954][ T29] audit: type=1804 audit(1719326906.260:20): pid=9439 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.1346" name="/root/syzkaller.qN2N0A/243/cgroup.controllers" dev="sda1" ino=1959 res=1 errno=0 [ 262.295465][ T8799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.382096][ T8799] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 262.507309][ T8799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.620753][ T8799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.682878][ T8799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.722745][ T8799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.762104][ T8799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.817427][ T8799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.845404][ T8799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.911904][ T8799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.926305][ T8799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.932743][ T5156] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 262.958564][ T8799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 263.054958][ T8799] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 263.137195][ T8799] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.182826][ T5156] usb 6-1: Using ep0 maxpacket: 16 [ 263.190274][ T8799] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.213600][ T5156] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 263.259325][ T8799] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.278220][ T5156] usb 6-1: New USB device found, idVendor=0738, idProduct=1709, bcdDevice= 0.40 [ 263.292839][ T8799] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.311550][ T5156] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 263.351095][ T5156] usb 6-1: Product: syz [ 263.365905][ T5156] usb 6-1: Manufacturer: syz [ 263.370566][ T5156] usb 6-1: SerialNumber: syz [ 263.539010][ T9473] loop3: detected capacity change from 0 to 256 [ 263.640547][ T9448] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5) [ 263.647127][ T9448] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 263.715878][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 263.767324][ T9448] vhci_hcd vhci_hcd.0: Device attached [ 263.810360][ T9477] vhci_hcd: connection closed [ 263.812738][ T51] vhci_hcd: stop threads [ 263.827823][ T5156] usbhid 6-1:1.0: couldn't find an input interrupt endpoint [ 263.836737][ T1095] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 263.873492][ T51] vhci_hcd: release socket [ 263.904595][ T1095] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 263.918872][ T51] vhci_hcd: disconnect device [ 263.979145][ T5156] usb 6-1: USB disconnect, device number 8 [ 263.996184][ T25] vhci_hcd: vhci_device speed not set [ 264.128565][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 264.185407][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 264.214811][ T29] audit: type=1804 audit(1719326908.180:21): pid=9492 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1361" name="/root/syzkaller.HLfAzC/37/cgroup.controllers" dev="sda1" ino=1959 res=1 errno=0 [ 264.858434][ T9512] loop2: detected capacity change from 0 to 256 [ 265.112229][ T9512] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 265.394837][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 266.242728][ T5194] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 266.482713][ T5194] usb 5-1: Using ep0 maxpacket: 16 [ 266.523229][ T5194] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 266.586407][ T5194] usb 5-1: New USB device found, idVendor=0738, idProduct=1709, bcdDevice= 0.40 [ 266.622730][ T5194] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 266.674681][ T5194] usb 5-1: Product: syz [ 266.691135][ T5194] usb 5-1: Manufacturer: syz [ 266.715007][ T5194] usb 5-1: SerialNumber: syz [ 266.992065][ T9548] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5) [ 266.998658][ T9548] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 267.052907][ T9548] vhci_hcd vhci_hcd.0: Device attached [ 267.112022][ T9567] vhci_hcd: connection closed [ 267.115166][ T5194] usbhid 5-1:1.0: couldn't find an input interrupt endpoint [ 267.127474][ T12] vhci_hcd: stop threads [ 267.131756][ T12] vhci_hcd: release socket [ 267.162771][ T12] vhci_hcd: disconnect device [ 267.208865][ T5194] usb 5-1: USB disconnect, device number 16 [ 268.189840][ T9596] loop2: detected capacity change from 0 to 1024 [ 268.866465][ T9604] loop0: detected capacity change from 0 to 256 [ 269.016158][ T9604] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 270.004490][ T9613] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 270.014321][ T9613] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 271.624731][ T9645] loop4: detected capacity change from 0 to 1024 [ 271.828839][ T9653] input: syz0 as /devices/virtual/input/input36 [ 272.812728][ T5155] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 272.956361][ T9684] loop2: detected capacity change from 0 to 128 [ 273.052698][ T5155] usb 6-1: Using ep0 maxpacket: 8 [ 273.072068][ T5155] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 273.127767][ T5155] usb 6-1: language id specifier not provided by device, defaulting to English [ 273.177353][ T5155] usb 6-1: New USB device found, idVendor=045e, idProduct=00e3, bcdDevice= 0.40 [ 273.213160][ T5155] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 273.221227][ T5155] usb 6-1: Product: syz [ 273.276840][ T5155] usb 6-1: Manufacturer: 械킲噫Aꍧ乼㲡乼涃ဎ闔ꝲ냊購侄„ᅔ㳴塒塵⤥猉嚣㳘灳袎섚덁⏌Դᴹ矊뾗뷸䑴╚쵁⊵劉粺ȷ圵唬ɳ [ 273.359011][ T9694] loop4: detected capacity change from 0 to 1024 [ 273.368075][ T5155] usb 6-1: SerialNumber: syz [ 273.406926][ T5155] usbhid 6-1:1.0: couldn't find an input interrupt endpoint [ 273.869945][ T29] audit: type=1804 audit(1719326917.840:22): pid=9705 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1421" name="/root/syzkaller.wlWQVD/44/cgroup.controllers" dev="sda1" ino=1957 res=1 errno=0 [ 273.920407][ T9702] input: syz0 as /devices/virtual/input/input37 [ 273.923170][ T9668] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 273.981440][ T9668] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 274.043363][ T5144] usb 6-1: USB disconnect, device number 9 [ 275.273790][ T9729] netlink: 'syz.2.1432': attribute type 15 has an invalid length. [ 275.337886][ T9734] loop5: detected capacity change from 0 to 128 [ 275.363752][ T9729] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1432'. [ 276.585556][ T9758] loop2: detected capacity change from 0 to 8 [ 276.640620][ T9758] squashfs: Unknown parameter '' [ 276.782504][ T9758] loop2: detected capacity change from 0 to 1024 [ 276.801822][ T9765] loop5: detected capacity change from 0 to 128 [ 277.498550][ T9778] loop0: detected capacity change from 0 to 256 [ 277.787342][ T5105] Bluetooth: hci6: link tx timeout [ 277.793819][ T5105] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa [ 277.810375][ T5099] Bluetooth: hci6: link tx timeout [ 277.815667][ T5099] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa [ 277.902879][ T5099] Bluetooth: hci6: link tx timeout [ 277.909336][ T5099] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa [ 277.923010][ T5099] Bluetooth: hci6: link tx timeout [ 277.928171][ T5099] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa [ 277.936498][ T5099] Bluetooth: hci6: link tx timeout [ 277.944147][ T5099] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa [ 277.966048][ T5099] Bluetooth: hci6: link tx timeout [ 277.971213][ T5099] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa [ 277.982118][ T5099] Bluetooth: hci6: link tx timeout [ 277.987443][ T5099] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa [ 277.995457][ T5099] Bluetooth: hci6: link tx timeout [ 278.000586][ T5099] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa [ 278.008657][ T5099] Bluetooth: hci6: link tx timeout [ 278.014384][ T5099] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa [ 278.022266][ T5099] Bluetooth: hci6: link tx timeout [ 278.027566][ T5099] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa [ 278.035757][ T5099] Bluetooth: hci6: link tx timeout [ 278.043533][ T5099] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa [ 278.063825][ T5099] Bluetooth: hci6: link tx timeout [ 278.069730][ T5099] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa [ 278.084727][ T5099] Bluetooth: hci6: link tx timeout [ 278.089858][ T5099] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa [ 278.105871][ T5099] Bluetooth: hci6: link tx timeout [ 278.110989][ T5099] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa [ 278.120008][ T5099] Bluetooth: hci6: link tx timeout [ 278.125221][ T5099] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa [ 278.135686][ T5099] Bluetooth: hci6: link tx timeout [ 278.140822][ T5099] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa [ 278.174767][ T5099] Bluetooth: hci6: link tx timeout [ 278.179924][ T5099] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa [ 278.192664][ T5099] Bluetooth: hci6: link tx timeout [ 278.197802][ T5099] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa [ 278.206884][ T5099] Bluetooth: hci6: link tx timeout [ 278.212013][ T5099] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa [ 278.229769][ T5099] Bluetooth: hci6: link tx timeout [ 278.234991][ T5099] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa [ 278.242901][ T5099] Bluetooth: hci6: link tx timeout [ 278.249254][ T5099] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa [ 278.262860][ T5099] Bluetooth: hci6: link tx timeout [ 278.269120][ T5099] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa [ 278.276962][ T5099] Bluetooth: hci6: link tx timeout [ 278.282097][ T5099] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa [ 278.710865][ T9795] loop2: detected capacity change from 0 to 256 [ 278.856503][ T9795] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 279.310270][ T9805] fuse: Bad value for 'user_id' [ 279.602771][ T5093] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 279.792741][ T5093] usb 1-1: Using ep0 maxpacket: 32 [ 279.800521][ T5093] usb 1-1: config index 0 descriptor too short (expected 156, got 27) [ 279.813536][ T5093] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 279.819970][ T9814] loop5: detected capacity change from 0 to 8 [ 279.846771][ T5093] usb 1-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 279.851993][ T9814] squashfs: Unknown parameter '' [ 279.887914][ T5093] usb 1-1: config 0 interface 0 altsetting 191 has 0 endpoint descriptors, different from the interface descriptor's value: 144 [ 279.904522][ T5099] Bluetooth: hci6: command 0x0406 tx timeout [ 279.923284][ T5093] usb 1-1: config 0 interface 0 has no altsetting 0 [ 279.933102][ T5093] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 279.943377][ T5093] usb 1-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 279.952734][ T5093] usb 1-1: Product: syz [ 279.957052][ T5093] usb 1-1: Manufacturer: syz [ 279.961740][ T5093] usb 1-1: SerialNumber: syz [ 279.972170][ T5093] usb 1-1: config 0 descriptor?? [ 279.980652][ T5093] ldusb 1-1:0.0: Interrupt in endpoint not found [ 279.995765][ T5355] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 280.104670][ T9814] loop5: detected capacity change from 0 to 1024 [ 280.328836][ T5093] usb 1-1: USB disconnect, device number 11 [ 280.435289][ T9822] loop2: detected capacity change from 0 to 128 [ 281.576003][ T9855] loop0: detected capacity change from 0 to 8 [ 281.634599][ T9855] squashfs: Unknown parameter '' [ 283.644962][ T9855] loop0: detected capacity change from 0 to 1024 [ 283.657834][ T9866] loop5: detected capacity change from 0 to 256 [ 388.882585][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 388.889592][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P9865/1:b..l P9506/1:b..l [ 388.899378][ C0] rcu: (detected by 0, t=10502 jiffies, g=34833, q=848 ncpus=2) [ 388.907121][ C0] task:syz.3.1363 state:R running task stack:20536 pid:9506 tgid:9506 ppid:5095 flags:0x00004002 [ 388.920581][ C0] Call Trace: [ 388.923889][ C0] [ 388.926842][ C0] __schedule+0x17e8/0x4a20 [ 388.931376][ C0] ? mark_lock+0x9a/0x350 [ 388.935764][ C0] ? __pfx___schedule+0x10/0x10 [ 388.940646][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 388.946305][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 388.952330][ C0] ? preempt_schedule_irq+0xf0/0x1c0 [ 388.957645][ C0] preempt_schedule_irq+0xfb/0x1c0 [ 388.962788][ C0] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 388.968539][ C0] ? __lruvec_stat_mod_folio+0x7d/0x300 [ 388.974111][ C0] ? __mod_memcg_lruvec_state+0x2b5/0x3b0 [ 388.979892][ C0] irqentry_exit+0x5e/0x90 [ 388.984343][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 388.990365][ C0] RIP: 0010:__folio_start_writeback+0x96d/0x11a0 [ 388.996730][ C0] Code: 85 e4 75 16 e8 f4 47 c6 ff eb 15 e8 ed 47 c6 ff e8 08 f9 b5 09 4d 85 e4 74 ea e8 de 47 c6 ff fb 48 b8 00 00 00 00 00 fc ff df <48> 8b 4c 24 08 80 3c 01 00 74 08 4c 89 f7 e8 b0 f4 2b 00 49 8b 1e [ 389.016369][ C0] RSP: 0018:ffffc9000434ecc0 EFLAGS: 00000293 [ 389.022469][ C0] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffff88802037da00 [ 389.030463][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 389.038485][ C0] RBP: ffffc9000434ee38 R08: ffffffff81cfdd88 R09: 1ffffffff25f4ec4 [ 389.046494][ C0] R10: dffffc0000000000 R11: fffffbfff25f4ec5 R12: 0000000000000200 [ 389.054492][ C0] R13: 1ffff92000869da4 R14: ffffea00016d0400 R15: 0000000000000046 [ 389.062497][ C0] ? __folio_start_writeback+0x938/0x11a0 [ 389.068283][ C0] ? __pfx___folio_start_writeback+0x10/0x10 [ 389.074301][ C0] ? __lruvec_stat_mod_folio+0x7d/0x300 [ 389.079888][ C0] ? folio_clear_dirty_for_io+0x25a/0xcf0 [ 389.085662][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.091330][ C0] ? folio_clear_dirty_for_io+0x7e1/0xcf0 [ 389.097105][ C0] ext4_bio_write_folio+0x1062/0x1da0 [ 389.102529][ C0] mpage_submit_folio+0x1af/0x230 [ 389.107597][ C0] ext4_do_writepages+0x1db0/0x3d40 [ 389.112881][ C0] ? __pfx_ext4_do_writepages+0x10/0x10 [ 389.118488][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.124156][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.129814][ C0] ? rcu_read_lock_any_held+0xb7/0x160 [ 389.135400][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.141082][ C0] ext4_writepages+0x213/0x3c0 [ 389.145886][ C0] ? __pfx_ext4_writepages+0x10/0x10 [ 389.151219][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.156904][ C0] ? __pfx_ext4_writepages+0x10/0x10 [ 389.162230][ C0] do_writepages+0x35b/0x870 [ 389.166857][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.172529][ C0] ? __pfx_do_writepages+0x10/0x10 [ 389.177679][ C0] ? filemap_fdatawrite_wbc+0x11a/0x180 [ 389.183265][ C0] ? do_raw_spin_lock+0x14f/0x370 [ 389.188327][ C0] ? __pfx_lock_release+0x10/0x10 [ 389.193388][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.199052][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 389.204295][ C0] ? wbc_attach_and_unlock_inode+0x568/0x580 [ 389.210314][ C0] filemap_fdatawrite_wbc+0x125/0x180 [ 389.215726][ C0] filemap_flush+0xdf/0x130 [ 389.220265][ C0] ? __pfx_filemap_flush+0x10/0x10 [ 389.225457][ C0] ? __pfx___fsnotify_parent+0x10/0x10 [ 389.230960][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.236618][ C0] ? rcu_is_watching+0x15/0xb0 [ 389.241415][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.247092][ C0] ext4_release_file+0x81/0x300 [ 389.251974][ C0] ? __pfx_ext4_release_file+0x10/0x10 [ 389.257469][ C0] __fput+0x408/0x8b0 [ 389.261494][ C0] task_work_run+0x251/0x310 [ 389.266126][ C0] ? __pfx_task_work_run+0x10/0x10 [ 389.271277][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.276938][ C0] ? kmem_cache_free+0x145/0x350 [ 389.281921][ C0] do_exit+0xa27/0x27e0 [ 389.286128][ C0] ? __pfx_do_exit+0x10/0x10 [ 389.290777][ C0] do_group_exit+0x207/0x2c0 [ 389.295395][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 389.300627][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.306280][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 389.311512][ C0] get_signal+0x16a1/0x1740 [ 389.316102][ C0] ? __pfx_get_signal+0x10/0x10 [ 389.321010][ C0] ? __pfx_force_sig_fault+0x10/0x10 [ 389.326345][ C0] arch_do_signal_or_restart+0x96/0x860 [ 389.331934][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 389.338142][ C0] ? irqentry_exit_to_user_mode+0x53/0x280 [ 389.343993][ C0] irqentry_exit_to_user_mode+0x79/0x280 [ 389.349673][ C0] exc_page_fault+0x590/0x8c0 [ 389.354395][ C0] asm_exc_page_fault+0x26/0x30 [ 389.359286][ C0] RIP: 0033:0x7f9472d75d41 [ 389.363763][ C0] RSP: 002b:0000000000000010 EFLAGS: 00010217 [ 389.369868][ C0] RAX: 0000000000000000 RBX: 00007f9472f03fa0 RCX: 00007f9472d75d39 [ 389.377870][ C0] RDX: 0000000020000040 RSI: 0000000000000010 RDI: 0000000002480480 [ 389.385868][ C0] RBP: 00007f9472df6766 R08: 0000000000000000 R09: 0000000000000000 [ 389.393866][ C0] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 389.401866][ C0] R13: 000000000000000b R14: 00007f9472f03fa0 R15: 00007ffdb087f9f8 [ 389.409927][ C0] [ 389.412964][ C0] task:syz.1.1484 state:R running task stack:24528 pid:9865 tgid:9864 ppid:8100 flags:0x00004002 [ 389.424741][ C0] Call Trace: [ 389.428039][ C0] [ 389.430992][ C0] __schedule+0x17e8/0x4a20 [ 389.435545][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.441210][ C0] ? __pfx___schedule+0x10/0x10 [ 389.446088][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.451745][ C0] ? mark_lock+0x9a/0x350 [ 389.456118][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 389.462475][ C0] ? preempt_schedule+0xe1/0xf0 [ 389.467351][ C0] preempt_schedule_common+0x84/0xd0 [ 389.472665][ C0] preempt_schedule+0xe1/0xf0 [ 389.477363][ C0] ? __pfx_preempt_schedule+0x10/0x10 [ 389.482764][ C0] ? syscall_exit_to_user_mode+0xc9/0x370 [ 389.488521][ C0] ? syscall_exit_to_user_mode+0xc8/0x370 [ 389.494277][ C0] preempt_schedule_thunk+0x1a/0x30 [ 389.499503][ C0] ? unwind_next_frame+0x196f/0x2a00 [ 389.504818][ C0] ? unwind_next_frame+0x1e75/0x2a00 [ 389.510138][ C0] ? unwind_next_frame+0x211f/0x2a00 [ 389.515457][ C0] unwind_next_frame+0x2124/0x2a00 [ 389.520612][ C0] ? syscall_exit_to_user_mode+0xc9/0x370 [ 389.526365][ C0] ? syscall_exit_to_user_mode+0xc9/0x370 [ 389.532113][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 389.538289][ C0] arch_stack_walk+0x151/0x1b0 [ 389.543100][ C0] ? do_syscall_64+0x100/0x230 [ 389.547919][ C0] stack_trace_save+0x118/0x1d0 [ 389.552797][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 389.558205][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.563885][ C0] save_stack+0xfb/0x1f0 [ 389.568175][ C0] ? __pfx_save_stack+0x10/0x10 [ 389.573064][ C0] ? free_unref_folios+0xf23/0x19e0 [ 389.578298][ C0] ? folios_put_refs+0x93a/0xa60 [ 389.583262][ C0] ? free_pages_and_swap_cache+0x2ea/0x690 [ 389.589095][ C0] ? tlb_flush_mmu+0x3a3/0x680 [ 389.593891][ C0] ? unmap_page_range+0x36f2/0x40f0 [ 389.599118][ C0] ? unmap_vmas+0x3cc/0x5f0 [ 389.603645][ C0] ? exit_mmap+0x264/0xc80 [ 389.608085][ C0] ? __mmput+0x115/0x3c0 [ 389.612352][ C0] ? exit_mm+0x220/0x310 [ 389.616620][ C0] ? do_exit+0x9aa/0x27e0 [ 389.620977][ C0] ? do_group_exit+0x207/0x2c0 [ 389.625768][ C0] ? get_signal+0x16a1/0x1740 [ 389.630476][ C0] ? arch_do_signal_or_restart+0x96/0x860 [ 389.636223][ C0] ? syscall_exit_to_user_mode+0xc9/0x370 [ 389.641979][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.647642][ C0] ? page_ext_get+0x20/0x2a0 [ 389.652266][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.657930][ C0] __reset_page_owner+0x75/0x3f0 [ 389.662926][ C0] free_unref_folios+0xf23/0x19e0 [ 389.668019][ C0] folios_put_refs+0x93a/0xa60 [ 389.672827][ C0] ? __pfx_folios_put_refs+0x10/0x10 [ 389.678156][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.683807][ C0] ? free_swap_cache+0x141/0x880 [ 389.688781][ C0] free_pages_and_swap_cache+0x2ea/0x690 [ 389.694451][ C0] ? __pfx_free_pages_and_swap_cache+0x10/0x10 [ 389.700661][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.706335][ C0] ? tlb_table_flush+0x143/0x410 [ 389.711302][ C0] ? __pfx_lock_release+0x10/0x10 [ 389.716358][ C0] tlb_flush_mmu+0x3a3/0x680 [ 389.720987][ C0] unmap_page_range+0x36f2/0x40f0 [ 389.726067][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.731734][ C0] ? __pfx_unmap_page_range+0x10/0x10 [ 389.737146][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.742811][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.748472][ C0] ? mas_next_slot+0xeab/0xf90 [ 389.753272][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.759013][ C0] ? uprobe_munmap+0x183/0x410 [ 389.763810][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.769471][ C0] ? unmap_single_vma+0x1bd/0x2b0 [ 389.774539][ C0] unmap_vmas+0x3cc/0x5f0 [ 389.778909][ C0] ? __pfx_unmap_vmas+0x10/0x10 [ 389.783814][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.789475][ C0] ? tlb_gather_mmu_fullmm+0x160/0x210 [ 389.794971][ C0] exit_mmap+0x264/0xc80 [ 389.799248][ C0] ? __pfx_exit_mmap+0x10/0x10 [ 389.804038][ C0] ? __asan_memset+0x23/0x50 [ 389.808677][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.814329][ C0] ? uprobe_clear_state+0x277/0x290 [ 389.819554][ C0] ? mm_update_next_owner+0x53c/0x660 [ 389.824963][ C0] __mmput+0x115/0x3c0 [ 389.829147][ C0] exit_mm+0x220/0x310 [ 389.833250][ C0] ? __pfx_exit_mm+0x10/0x10 [ 389.837874][ C0] ? taskstats_exit+0x348/0xa70 [ 389.842752][ C0] ? tty_audit_exit+0x155/0x200 [ 389.847635][ C0] do_exit+0x9aa/0x27e0 [ 389.851830][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.857495][ C0] ? __pfx_do_exit+0x10/0x10 [ 389.862116][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 389.867528][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.873184][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 389.879193][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 389.885564][ C0] ? _raw_spin_lock_irq+0xdf/0x120 [ 389.890721][ C0] do_group_exit+0x207/0x2c0 [ 389.895347][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 389.900582][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.906235][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 389.911473][ C0] get_signal+0x16a1/0x1740 [ 389.916031][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.921694][ C0] ? __pfx_get_signal+0x10/0x10 [ 389.926679][ C0] arch_do_signal_or_restart+0x96/0x860 [ 389.932261][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 389.938446][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 389.944469][ C0] ? syscall_exit_to_user_mode+0xa3/0x370 [ 389.950233][ C0] syscall_exit_to_user_mode+0xc9/0x370 [ 389.955819][ C0] do_syscall_64+0x100/0x230 [ 389.960459][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 389.966390][ C0] RIP: 0033:0x7fe4c8f75d39 [ 389.970828][ C0] RSP: 002b:00007fe4c9c85048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 389.979272][ C0] RAX: 000000000000000b RBX: 00007fe4c9103fa0 RCX: 00007fe4c8f75d39 [ 389.987263][ C0] RDX: 0000000000000318 RSI: 00000000200bd000 RDI: 0000000000000005 [ 389.995252][ C0] RBP: 00007fe4c8ff6766 R08: 0000000000000000 R09: 0000000000000000 [ 390.003240][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 390.011231][ C0] R13: 000000000000000b R14: 00007fe4c9103fa0 R15: 00007ffd2ddb1e88 [ 390.019328][ C0] [ 390.022360][ C0] rcu: rcu_preempt kthread starved for 10324 jiffies! g34833 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 390.033577][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 390.043563][ C0] rcu: RCU grace-period kthread stack dump: [ 390.049461][ C0] task:rcu_preempt state:R running task stack:25520 pid:17 tgid:17 ppid:2 flags:0x00004000 [ 390.061234][ C0] Call Trace: [ 390.064529][ C0] [ 390.067481][ C0] __schedule+0x17e8/0x4a20 [ 390.072035][ C0] ? __pfx___schedule+0x10/0x10 [ 390.076917][ C0] ? __pfx_lock_release+0x10/0x10 [ 390.081966][ C0] ? __asan_memset+0x23/0x50 [ 390.086585][ C0] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 390.092418][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 390.098786][ C0] ? schedule+0x90/0x320 [ 390.103079][ C0] schedule+0x14b/0x320 [ 390.107265][ C0] schedule_timeout+0x1be/0x310 [ 390.112149][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 390.117555][ C0] ? __pfx_process_timeout+0x10/0x10 [ 390.122880][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 390.128533][ C0] ? prepare_to_swait_event+0x32e/0x350 [ 390.134110][ C0] rcu_gp_fqs_loop+0x2df/0x1330 [ 390.138997][ C0] ? __pfx_rcu_gp_init+0x10/0x10 [ 390.143964][ C0] ? __pfx_rcu_implicit_dynticks_qs+0x10/0x10 [ 390.150057][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 390.155361][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 390.161300][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 390.166956][ C0] ? finish_swait+0xd4/0x1e0 [ 390.171577][ C0] rcu_gp_kthread+0xa7/0x3b0 [ 390.176201][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 390.181423][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 390.187361][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 390.193022][ C0] ? __kthread_parkme+0x169/0x1d0 [ 390.198078][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 390.203298][ C0] kthread+0x2f2/0x390 [ 390.207399][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 390.212635][ C0] ? __pfx_kthread+0x10/0x10 [ 390.217259][ C0] ret_from_fork+0x4d/0x80 [ 390.221706][ C0] ? __pfx_kthread+0x10/0x10 [ 390.226327][ C0] ret_from_fork_asm+0x1a/0x30 [ 390.231144][ C0] [ 390.234178][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 390.240512][ C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 6.10.0-rc5-syzkaller-00018-g55027e689933 #0 [ 390.250250][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 390.260322][ C0] RIP: 0010:acpi_safe_halt+0x21/0x30 [ 390.265633][ C0] Code: 90 90 90 90 90 90 90 90 90 65 48 8b 04 25 c0 d4 03 00 48 f7 00 08 00 00 00 75 10 eb 07 0f 00 2d 95 6c a3 00 f3 0f 1e fa fb f4 e9 d4 33 2a 00 66 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 [ 390.285263][ C0] RSP: 0018:ffffffff8e007ca8 EFLAGS: 00000246 [ 390.291356][ C0] RAX: ffffffff8e094680 RBX: ffff8880176fb864 RCX: 00000000001015f1 [ 390.299347][ C0] RDX: 0000000000000001 RSI: ffff8880176fb800 RDI: ffff8880176fb864 [ 390.307426][ C0] RBP: 000000000003a578 R08: ffff8880b9437ccb R09: 1ffff11017286f99 [ 390.315417][ C0] R10: dffffc0000000000 R11: ffffffff8b8608e0 R12: ffff88801ab95000 [ 390.323405][ C0] R13: 0000000000000000 R14: 0000000000000001 R15: ffffffff8eacdd00 [ 390.331398][ C0] FS: 0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000 [ 390.340350][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 390.346952][ C0] CR2: 00007fffc8858ff8 CR3: 000000007ddf0000 CR4: 0000000000350ef0 [ 390.354972][ C0] Call Trace: [ 390.358287][ C0] [ 390.361152][ C0] ? rcu_check_gp_kthread_starvation+0x278/0x310 [ 390.367518][ C0] ? print_other_cpu_stall+0x1470/0x15a0 [ 390.373180][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 390.378871][ C0] ? __lock_acquire+0x1346/0x1fd0 [ 390.383950][ C0] ? __pfx_print_other_cpu_stall+0x10/0x10 [ 390.389800][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 390.395461][ C0] ? kvm_check_and_clear_guest_paused+0x6a/0xd0 [ 390.401738][ C0] ? rcu_sched_clock_irq+0x9f4/0x10a0 [ 390.407229][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 390.412899][ C0] ? __pfx_rcu_sched_clock_irq+0x10/0x10 [ 390.418565][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 390.424221][ C0] ? hrtimer_run_queues+0x16c/0x460 [ 390.429457][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 390.435116][ C0] ? update_process_times+0x1ce/0x230 [ 390.440518][ C0] ? tick_nohz_handler+0x37c/0x500 [ 390.445670][ C0] ? __pfx_tick_nohz_handler+0x10/0x10 [ 390.451168][ C0] ? __hrtimer_run_queues+0x553/0xd50 [ 390.456573][ C0] ? ktime_get_update_offsets_now+0x3c/0x250 [ 390.462598][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 390.468350][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 390.474007][ C0] ? ktime_get_update_offsets_now+0x22d/0x250 [ 390.480198][ C0] ? hrtimer_interrupt+0x396/0x990 [ 390.485377][ C0] ? __sysvec_apic_timer_interrupt+0x112/0x3f0 [ 390.491573][ C0] ? sysvec_apic_timer_interrupt+0xa1/0xc0 [ 390.497441][ C0] [ 390.500389][ C0] [ 390.503334][ C0] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 390.509562][ C0] ? __pfx_acpi_idle_enter+0x10/0x10 [ 390.514904][ C0] ? acpi_safe_halt+0x21/0x30 [ 390.519608][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 390.525366][ C0] acpi_idle_enter+0xe4/0x140 [ 390.530069][ C0] cpuidle_enter_state+0x114/0x480 [ 390.535214][ C0] ? __pfx_menu_select+0x10/0x10 [ 390.540187][ C0] cpuidle_enter+0x5d/0xa0 [ 390.544643][ C0] do_idle+0x375/0x5d0 [ 390.548747][ C0] ? __pfx_do_idle+0x10/0x10 [ 390.553361][ C0] ? poll_idle+0x90/0xb0 [ 390.557632][ C0] ? rest_init+0x31/0x300 [ 390.561980][ C0] cpu_startup_entry+0x42/0x60 [ 390.566765][ C0] rest_init+0x2dc/0x300 [ 390.571025][ C0] ? __pfx_x86_late_time_init+0x10/0x10 [ 390.576608][ C0] start_kernel+0x47a/0x500 [ 390.581149][ C0] x86_64_start_reservations+0x2a/0x30 [ 390.586633][ C0] x86_64_start_kernel+0x99/0xa0 [ 390.591592][ C0] common_startup_64+0x13e/0x147 [ 390.596569][ C0] [ 391.696582][ T4541] udevd[4541]: worker [5355] /devices/virtual/block/loop0 is taking a long time [ 391.824614][ T1233] ieee802154 phy0 wpan0: encryption failed: -22 [ 391.831065][ T1233] ieee802154 phy1 wpan1: encryption failed: -22 [ 391.842379][ T1233] ieee802154 phy0 wpan0: encryption failed: -22 [ 391.849055][ T1233] ieee802154 phy1 wpan1: encryption failed: -22 SYZFAIL: failed to send rpc fd=3 want=21880 sent=0 n=-1 (errno 32: Broken pipe)