last executing test programs:

4m18.679222306s ago: executing program 0 (id=10426):
r0 = syz_open_dev$swradio(&(0x7f0000000200), 0x0, 0x2)
ioctl$VIDIOC_S_FREQUENCY(r0, 0x402c5639, &(0x7f0000000240)={0x1, 0x4})

4m18.495533124s ago: executing program 0 (id=10428):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b80)=@mangle={'mangle\x00', 0x2, 0x6, 0x578, 0x0, 0x3d8, 0xd0, 0x3d8, 0x3d8, 0x4a8, 0x4a8, 0x4a8, 0x4a8, 0x4a8, 0x6, 0x0, {[{{@ipv6={@mcast2, @ipv4={'\x00', '\xff\xff', @remote}, [0x0, 0xff, 0xff000000, 0xff000000], [0x0, 0xffffff00, 0xffffff00, 0xffffffff], 'gretap0\x00', 'batadv0\x00', {}, {0xff}, 0x11, 0x5, 0x1, 0x18}, 0x0, 0xa8, 0xd0, 0x0, {0x7a00000010000000}}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0x0, 0xfc, 0x6}}}}, {{@ipv6={@dev={0xfe, 0x80, '\x00', 0xb4}, @initdev={0xfe, 0x88, '\x00', 0xfd, 0x0}, [0xffffff00], [0xffffff00], 'ip6gre0\x00', 'bond_slave_0\x00', {}, {0xff}}, 0x0, 0xf0, 0x138, 0x48000000, {}, [@common=@dst={{0x48}, {0xff, 0x4, 0x0, [0x1, 0x7a, 0xfffd, 0x3f4, 0x0, 0x3, 0x5, 0x0, 0x8, 0x30, 0xe5, 0x4, 0x1, 0x6, 0x0, 0x7], 0x6}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}, 'ip6gre0\x00', {0x4}}}}, {{@ipv6={@remote, @dev={0xfe, 0x80, '\x00', 0xd}, [0x0, 0xffff00, 0xffffffff], [0xffffff00, 0xffffff00, 0xffffff00, 0xff000000], 'nr0\x00', 'vxcan1\x00', {}, {}, 0x62, 0x5, 0x3, 0x20}, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@remote, @ipv6=@mcast1, 0x6, 0x27, 0xd}}}, {{@ipv6={@loopback, @private0, [0xff000000, 0xffffff, 0x0, 0xffffff00], [0xffffff00, 0xffffff00, 0xff, 0xff000000], 'pim6reg1\x00', 'ip6erspan0\x00', {}, {}, 0x6c, 0x80, 0x5, 0x61}, 0x0, 0xa8, 0xd0}, @HL={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5d8)

4m18.266213577s ago: executing program 0 (id=10431):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000001280)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000540)={0x18, 0x2d, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}, 0x18}], 0x1}, 0x0)

4m18.12761548s ago: executing program 0 (id=10433):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000000c0)={[{@noinit_itable}, {@dax_inode}, {@nolazytime}, {@abort}, {@dax_inode}, {@lazytime}, {@noload}, {}, {@noauto_da_alloc}]}, 0xfe, 0x567, &(0x7f0000003080)="$eJzs3d9rW1UcAPDvTdv96nQdjKE+SGEPTubStfXHBB/mo+hwoO8ztHdlNF1Gk461Dtwe3IsvMgQRB+If4LsIwvAf8K8Y6GDIKPogSOWmN122Jv2ZLdny+cDdzrn3JuecnPs9PTcnIQH0rdHsn0LEyxHxdRJxqOnYYOQHR1fPW35wbSrbklhZ+eSvJJJ8X+P8JP9/OM+8FBG/fRlxorC+3Ori0mypXE7n8/xYbe7yWHVx6eTFudJMOpNempicPP3W5MS777zdsba+fu6f7z6+88Hpr44tf/vTvcO3kjgTB/Njze3YhevNmdEYzV+ToTjz2InjHSislyTdrgA7MpDH+VBkY8ChGMijHnj+fRERK0CfSsQ/9KnGPKBxb9+h++Bnxv33V2+A1rd/cPW9kdhXvzc6sJw8cmeU3e+OdKD8rIyf/7x9K9uic+9DAGzq+o2IODU4uH78S/Lxb+dObeGcx8vY5vi3ss0qAU3uZPOfN1rNfwpr859oMf8ZbhG7O9E6/pvDunCvA8W0lc3/3ms5/11btBoZyHMv1Od8Q8mFi+U0G9tejIjjMbQ3y2+0nnN6+W7bcap5/pdtWfmNuWBej3uDex99zHSpVtpNm5vdvxHxSsv5b7LW/0mL/s9ej3NbLONoevvVdsc2b/+TtfJjxGst+//hilay8frkWP16GGtcFev9ffPo7+3K73b7s/4/sHH7R5Lm9drq9sv4Yd+/abtjO73+9ySf1tN78n1XS7Xa/HjEnuSj9fsnHj62kW+cn7X/+LGNx79W1//+iPhsi+2/eeRm21N7of+nt9X/20/c/fDz79uVv7X+f7OeOp7v2cr4t9UK7ua1AwAAAAAAgF5TiIiDkRSKa+lCoVhc/XzHkThQKFeqtRMXKguXpqP+XdmRGCo0VrqHmz4PMZ5/HraRn3gsPxkRhyPim4H99XxxqlKe7nbjAQAAAAAAAAAAAAAAAAAAoEcMt/n+f+aPgW7XDnji/OQ39K9N478Tv/QE9CR//6F/iX/oX+If+pf4h/4l/qF/iX/oX9uK/9v/PbmKAE9di/j/5dduVAQAAAAAAAAAAAAAAAAAAAAAAAAAAACeD+fOns22leUH16ay/PSVxYXZypWT02l1tji3MFWcqsxfLs5UKjPltDhVmdvs+cqVyuXxiVi4OlZLq7Wx6uLS+bnKwqXa+YtzpZn0fDr0VFoFAAAAAAAAAAAAAAAAAAAAz5bq4tJsqVxO5yUkdpQY7I1qSKwmGoG96yfs7rgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM3+DwAA//9i5TpB")
mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}], [], 0x2c})

4m17.547056577s ago: executing program 0 (id=10439):
r0 = socket$nl_audit(0x10, 0x3, 0x9)
getsockopt$sock_timeval(r0, 0x1, 0x3f, &(0x7f0000000300), &(0x7f0000000340)=0x10)

4m14.490915336s ago: executing program 0 (id=10475):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000880)={0x1, 0x2})

4m14.136403161s ago: executing program 32 (id=10475):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000880)={0x1, 0x2})

25.860175321s ago: executing program 3 (id=13247):
r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:,:\x00\xfdM\xab\x89\xff\xda\xc7dw2\xa1\xb2\xabuQQ\x14\x97\xc9\xfae\xc7\xa1U\xe2\xbe\"\xb9t\xa0\x0e\xfa\xdb\xf1\xa5.\xd87\xc3p\xa5l\xf8vC\xe2\xe8 \xd5-<#\x186\xe1\xbd\xc0\xc3\xb5N(vj\xa7+<:\xc4\xe00\x01\xdd \x82\x83\xed\x0e\xc4\x1d\xac\xef7\b\xd3Z5\\A\'\x18\xa2\xc3\xab\xc7`\xc3\v\xf3L\x9d[Q\x9e\x11@=\xa1\x9b\xdc\xb1\xef\xc3k<\x97L\xa0\xab\xa6\x1ce\xcd\x99\xb3m\xef\x87\xc5i^N\xbd@\x01\xc0\xb2\x88\xc3\xe2\x96T\xa3\xa5\xeb\x0f\xf2f\xb9$\xd2\x14<L\x19K\xbf\xf7\x9c\xe7 \x12+4.\xa9\xa7\xdc[\xd2\xec\xbe\x1a\xa1\x04\xd3\x9e\x92\x8a\xf7\xdb\xe7f\xdeo\xc1\xa5\xb6T\r)\x1c\xbe\x12\xd1\xef\xc2S\xcci\xc8\x0e\x00]\xe6|\xccK\xc7\r\xfa \x02\xe8\x1b\xc1\x93\xce\x02%\x86\xcb\x94K\v\xe7x\xe3\x06[/\xf9\xa8\x82\x9b\xeeF\x88\xc0f\x82\xb7T\r\x04\xbb\x10\x1d3\xa6', 0x0)

25.549517182s ago: executing program 3 (id=13254):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x5, 0x9, 0x1}, 0x48)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0xf021, r0}, 0x38)

25.411429286s ago: executing program 3 (id=13256):
r0 = socket$kcm(0x2a, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000440)={&(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffffffffffff, 0x8000}, 0x80, 0x0}, 0x0)

25.141657632s ago: executing program 3 (id=13261):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f00000007c0)=ANY=[@ANYBLOB="696f636861727365743d6d61636963656c616e642c756d61736b3d30303030303030303030303030303030303030303030352c757466382c6572726f72733d636f6e74696e75652c696f636861727365743d6d616363656e746575726f2c646973636172642c696f636861727365743d63703836302c6572726f72733d72656d6f756e742d726f2c6572726f72733d636f6e74696e75652c6572726f72733d636f6e74696e75652c00d40644f916f42b6b63a3ddd3e96cc13f37556b6c48e92c5489e97fc7d832bee08705079918afb2d81bad43ba444490ffc574f6efdeb56a0e7132b223a9c8d5187fa5140d22265ea35c924720bef432e5229293514046bb39bf66c18191d79d3028e0aa057fed10deae393038b6e5a9e6754a38d872927b96a057495482"], 0x1, 0x1524, &(0x7f0000002280)="$eJzs3AuYTlXbOPD7XmvtMSbpaZLDsNa6N09yWCZJckiSQ5IkSZJTQtIkryQkhpyShiQkhyE5DCE5TEwa5/P5kJAkTZKE5JSs/yX8vb31fu/7fm/f67u+uX/XtS/rfva+1773cz+HvbeZ+a7zkBqNalZtQETwb8GL/yQDQCwADACA6wAgAICy8WXjL6zPKTH539sJ+3M9kna1K2BXE/c/e+P+Z2/c/+yN+5+9cf+zN+5/9sb9z964/4xlZ5umFbiel+y78P3/7Iy///8PySo15qs1pW7sAhDzz6Zw/7M37v//WcE/sxH3P3vj/mdXsVe7APa/AL//s4Mcf3cN9z974/4zlp1d7fvPV3uBSPZ+Dq72648xxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWPZw2l+hAODy+GrXxRhjjDHGGGOMsT+Pz3G1K2CMMcYYY4wxxtj/PAQBEhQEEAM5IBZyQhwIALgWcsN1EIHrIR5ugDxwI+SFfJAfCkACFIRCoMGABYIQCkMRiMJNUBRuhmJQHEpASXBQChLhFigNt0IZuA3Kwu1QDu6A8lABKkIluBMqw11QBe6GqnAPVIPqUANqwr1QC+6D2nA/1IEHoC48CPXgIagPD0MDeAQawqPQCB6DxvA4NIGm0AyaQ4v/Vv5L0B1ehh7QE5KhF/SGV6AP9IV+0B8GwKswEF6DQfA6pMBgGAJvwFB4E4bBWzAcRsBIeBtGwTswGsbAWBgHqTAeJsC7MBHeg0kwGabAVEiDaTAd3ocZMBNmwQcwGz6EOTAX5sF8SIePYAEshAz4GBbBJ5AJi2EJLIVlsBxWwEpYBathDayFdbAeNsBG2ASbYQtshW2wHXbAp7ATPoNdsBv2wOewF774F/NP/U1+FwQEFChQocIYjMFYjMU4jMNcmAtzY26MYATjMR7zYB7Mi3kxP+bHBEzAQlgIDRokJCyMhTGKUSyKRbEYFsMSWAIdOkzERCyNt2IZLINlsSyWw3JYHitgBayElbAyVsYqWAWrYlWshtWwBtbAe/Fe7IW1sTbWwTpYF+tevj2FDbABNsSG2AgbYWNsjE2wCTbDZtgCW2BLbImtsBW2wTbYFttiO2yHSZiE7bE9dsAO2BE7YifshJ2xM3bBrtg166UcgC/jy9gTq4le2Bt7Yx9MydEP+2N/fBUH4mv4Gr6OKTgYh+Ab+Aa+icPwJA7HETgSR2Jl8Q6OxjFIYhymYipOwAk4ESfiJJyMk3EqpuE0nI7TcQbOxJn4Ac7GD/FDnItzcT6mYzouwIWYgRm4CE9hJi7GJbgUl+FyXIYrcRWuxDW4FtfgelyPG3EjbsbNuBW34nbcjp+iAsDPcDfuxhTci3txH+7D/bgfD+ABzMIsPIgH8RAewsN4GI/gETyKx/A4HsMTeAJP4ik8jafxLJ7Fc/hCwjcNPy2+OgXEBUooESNiRKyIFXEiTuQSuURukVtERETEi3iRR+QReUVekV/kFwkiQRQShYQRRpAIYwBAREVUFBVFRTFRTJQQJYQTTiSKRFFalBZlRBlRVtwuyok7RHlRQbR2lUQlUVm0cVXE3aKqqCqqieqihqgpaopaopaoLWqLOqKOqCvqinriIVFf9MJ++Ii40JlGYjA2FkOwiWgq5KVPsJZiGLYSrUUb8ZQYgcOxnWjpksSzor0YjR3EX8QYfF50EuOws3hRdBFdRTfxkuguWrkeoqeYhL1EbzEV+4i+op/oL2ZgdfEBzs5ZQ7wuUsRgMUS8Iebjm2KYeEsMFyPESPG2GCXeEaPFGDFWjBOpYryYIN4VE8V7YpKYLKaIqSJNTBPTxftihpgpZokPxGzxoZgj5op5Yr5IFx+JBWKhyBAfi0XiE5EpFoslYqlYJpaLFWKlWCVWizVirVgn1osNYqPYJDaLLWKr2Ca2ix3iU7FTfCZ2id1ij/hc7BVfiH3iS7FffCUOiK9FlvhGHBTfikPiO3FYfC+OiB/EUXFMHBc/ihPiJ3FSnBKnxRlxVvwszolfxHnhBUiUQkqpZCBjZA4ZK3PKOHmNzCWDS8/u9TJe3iDzyBtlXplP5pcFZIIsKAtJLY20kmQoC8siMipvkkXlzbKYLC5LyJLSyVIyUd4iS8tbZRl5mywrb5fl5B2yvKwgK8pK8k5ZWd4lIXJxH9VkdVlD1pT3ymS4T9aW98s68gFZVz4o68mHZH35sGwgH5EN5aOykXxMNpaPyyayqWwmm8sW8gnZUj4pW8nWso18SraVT8t28hmZJJ+V7aW/9BJ5XnaSL8jO8kXZRXaV3eQv8rz0sofsKaEXyN7yFdlH9pX9ZH85QL4qB8rX5CD5ukyRg+UQ+YYcKt+Uw+RbcrgcIUfKt+Uo+Y4cLcfIsXKcTJXj5QT5rpwo35OT5GQ5RU6VaXKa7HdppllS/sP8d/8gf9Cve98oN8nNcovcKrfJ7XKH/FTulDvlLrlL7pF75F65V+6T++R+uV8ekAdklsySB+VBeUgekoflYXlEHpFH5TF5Rv4oT8if5El5Sp6SZ+RZeVaeu/QcgEIllFRKBSpG5VCxKqeKU9eoXOpalVtdpyLqehWvblB51I0qr8qn8qsCKkEVVIWUVkZZRSpUhVURFVU34aUXjCqhSiqnSqlEdcu/kq+KqptVMVX8N/mX60v+O/W1UC1US9VStVKtVBvVRrVVbVU71U4lqSTVXrVXHVQH1VF1VJ1UJ9VZdVZdVBfVTXVT3VV31UP1UMkqWfVWr6g+qq/qp/qrAepVNVANVIPUIJWiUtQQNUQNVUPVMDVMDVfD1Ug1Uo1So9RoNVqNVWNVqkpVE9QENVFNVJPUJDVFTVFpKk1NV9PVDDVDzVKz1Gw1W81Rc9Q8NU+lq3S1QC1QGSpDLVKLVKZarBarpWqpWq6Wq5VqpVqtVqu1aq1ar9arTLVJbVJb1Ba1TW1TO9QOtVPtVLvULrVH7VF71V61T+1T+9V+dUAdUFkqSx1UB9UhdUgdVofVEXVEHVVH1XF1XJ1QJ9RJdVKdVqfVWXVWnVPn1Hl1/sJpXyACEahABTFBTBAbxAZxQVyQK8gV5A5yB5EgEsQH8UGe4MYgb5AvyB8UCBKCgkGhQAcmsIG41PRocFNQNLg5KBYUD0oEJQMXlAoSg1uC0sGtQZngtqBscHtQLrgjKB9UCCoGlYI7g8rBXUGV4O6ganBPUC2oHtQIagb3BrWC+4Lawf1BneCBoG7wYFAveCioHzwcNAgeCRoGjwaNgseCxsHjQZOgadAsaB60+FPn9/5kviddD91TJ+teurd+RffRfXU/3V8P0K/qgfo1PUi/rlP0YD1Ev6GH6jf1MP2WHq5H6JH6bT1Kv6NH6zF6rB6nU/V4PUG/qyfq9/QkPVlP0VN1mp6mp+v39Qw9U8/SH+jZ+kM9R8/V8/R8na4/0gv0Qp2hP9aL9Cc6Uy/WS/RSvUwv1yv0Sr1Kr9Zr9Fq9Tq/XG/RGvUlv1lv0Vr1Nb9c79Kd6p/5M79K79R79ud6rv9D79Jd6v/5KH9Bf6yz9jT6ov9WH9Hf6sP5eH9E/6KP6mD6uf9Qn9E/6pD6lT+sz+qz+WZ/Tv+jz2l84ub/w9W6UUSbGxJhYE2viTJzJZXKZ3Ca3iZiIiTfxJo/JY/KavCa/yW8STIIpZAqZC8iQKWwKm6iJmqKmqClmipkSpoRxxplEk2hKm9KmjCljypqyppwpZ8qb8qaiqWjuNHeau8xd5m5zt7nH3GOqm+qmpqlpaplaprapbeqYOqauqWvqmXqmvqlvGpgGpqFpaBqZRqaxaWyamCammWlmWpgWpqVpaVqZVqaNaWPamramnWlnkkySaW/amw6mg+loOppOppPpbDqbLqaL6Wa6me6mu+lhephkk2x6m96mj+lj+pl+ZoAZYAaagWaQGWRSTIoZYoaYoWaoGWaGmeFmhBl54UTVvGNGmzFmrBlnUk2qmWAmmIlmoplkJpkpZopJM2lmupluZpgZZpaZZWab2WaOmWPmmXkm3aSbBWaByTAZZpFZZDJNpllilphlZplZYVaYVWaVWWPWmHWwzmwwG8wms8lsMVvMNrPN7DA7zE6z0+wyu8wes8fsNXvNPrPP7Df7zQFzwGSZLHPQHDSHzCFz2Bw2R8wRc9QcNcfNcXPCnDAnzUlz2pw2Z02+S9+X3sTanDbOXmNz2Wttbnud/ds4vy1gE2xBW8hqm9fm+01srLXFbHFbwpa0zpayifaW38XlbQVb0Vayd9rK9i5b5XdxLXufrW3vt3XsA7amvfc3cV37oK1nH7P1EQFsU9vQNreN7GO2sX3cNrFNbTPb3La1T9t29hmbZJ+17e1zv4sX2IV2lV1t19i1dpfdbU/bM/aQ/c6etT/bHranHWBftQPta3aQfd2m2MG/i0fat+0o+44dbcfYsXbc7+IpdqpNs9PsdPu+nWFn/i5Otx/Z2TbDzrFz7Tw7/9f4Qk0Z9mO7yH5iM20AS+xSu8wutyvsyv9f61K73m6wG+1O+5ndYrfabXa73XH5RNjutnvs53av/cIetN/a/fYre8Aetln2m1/jC8d32H5vj9gf7FF7zB63P9oT9id1OfvCsf9of7HnrbdASECSFAUUQzkolnJSHF1Duehayk3XUYSup3i6gfLQjZSX8lF+KkAJVJAKkSZDlohCKkxFKEo30eXySlBJclSKEukWKk23Uhm6jcrS7VSO7qDyVIEqUiW6kyrTXVSF7qaqdA9Vo+pUg2rSvVSL7qPadD/VoQeoLj1I9eghqk8PUwN6hBrSo9SIHqPG9Dg1oabUjJpTC3qCWtKT1IpaUxt6itrS09SOnqEkepba03PUgf5CHel56kQvUGd6kbpQV+pGL1F3epl6UE9Kpl7Um16hPtSX+lF/GkCv0kB6jQbR65RCg2kIvUFD6U0aRm/RcBpBI+ltGkXv0GgaQ2NpHKXSeJpA79JEeo8m0WSaQlMpjabRdHqfZtBMmkUf0Gz6kObQXJpH8ymdPqIFtJAy6GNaRJ9QJi2mJbSUltFyWkEraRWtpjW0ltbRetpAG2kTbaYttJW20XbaQZ/STvqMdtFu2kOf0176gvbRl7SfvqID9DVl0Td0kL6lQ/QdHabvfU/6gY7SMTpOP9IJ+olO0ik6TWfoLP1M5+gXOk+eIMRQhDJUYRDGhDnC2DBnGBdeE+YKrw1zh9eFkfD6MD68IcwT3hjmDfOF+cMCYUJYMCwU6tCENqQwDAuHRcJoeFNYNLw5LBYWD0uEJUMXlgoTw1vC0uGtYZnwtrBseHtYLrwjLB9WCB97oFJ4Z1g5vCusEt4dVg3vCauF1cMaYc3w3rBWeF9YO7w/rBM+EJYJHwzrhQ+F9cOHwwbhI2HD8NGwUfhY2Dh8PGwSNg2bhc3DFuETYcvwybBV2DpsEz4Vtg2fDtuFz4RJ4bNh+/C5X9c/uPDvr08Oe4W9w1fCV0Lv75fzovOj6dGPoguiC6MZ0Y+ji6KfRDOji6NLokujy6LLoyuiK6Oroquja6Jro+ui66Mbohuj3tfMAQ6dcNIpF7gYl8PFupwuzl3jcrlrXW53nYu46128u8HlcTe6vC6fy+8KuARX0BVy2hlnHbnQFXZFXNTd5Iq6m10xV9yVcCWdc6VcomvuWrgWrqV70rVyrV0b95R7yj3tnnbPuGfcs669e851cH9xHd3zrpN7wb3gXnRdXFfXzb3kurvxuS++J5Ndb9fb9XF9XD/Xzw1wA9xAN9ANcoNciktxQ9wQN9QNdcPcMDfcDXcj3Ug3yo1yo91oN9aNdaku1U1wE9xEN9FNcpPcFDfFpbk0N91NdzPcDFd55sW9zHFz3Dw3z6W7dLfAXThnzHCL3CKX6TLdErfELXPL3Aq3wq1yq9wat8atc+vcBrfBbXKb3Ba3xW1z29wOt8PtdDvdLn/dxUndXrfP7XP73X53wH3tstw37qD71h1y37nD7nt3xP3gjrpj7rj70Z1wP7mT7pQ77c64s+5nd8794s4771Ij4yMTIu9GJkbei0yKTI5MiUyNpEWmRaZH3o/MiMyMzIp8EJkd+TAyJzI3Mi8yP5Ie+SiyILIwkhH5OLIo8kkkM7I4siSyNLIssjzifcEtoS/si/iov8kX9Tf7Yr64L+FLeudL+UR/iy/tb/Vl/G2+rL/dl/N3+PK+gq/oH/dNfFPfzDf3LfwTvqV/0rfyrX0b/5Rv65/27fwzPsk/69v753wH/xff0T/vO/kXfGf/ou/iu/pu/iXf3b/se/iePtn38r39K76P7+v7+f5+gH/VD/Sv+UH+dZ/iB/sh/g0/1L/ph/m3/HA/wo+MeduPunyJDON8qh/vJ/h3/UT/np/kJ/spfqpP89P8dP++n+Fn+ln+Az/bf+jn+Ll+np/v0/1HfoFf6DP8x36R/8Rn+sWXbyr7FX6lX+VX+zV+rV/n1/sNfqPf5Df7LX6r3+a3+x3+U7/Tf+Z3+d1+j//c7/Vf+H3+S7/ff+UP+K99lv/GH/Tf+kP+O3/Yf++P+B/8UX/MH/c/+hP+J3/Sn/Kn/Rl/1v/sz/lf/Hn+nTXGGGOMsX/K+CtD8ds1F2/n9/qDHPFXG/cGgGu3Fsj66/UXzijX5b047isS2kYA4NmenR+5vFSrlpycfGnbTAlBkbkAl/8n6IIYuBIvhjbwNCRBayj9h/X3FV3P0j+YP3o7QNxf5cTClfjK/F8CYPIfzP/EUyMXlAtPx/8X888FKFbkSk5OuBIvhja/3l9pDWX+Tv35Wv6D+nN+lQrQ6q9ycsGV+Er9ifAkPAdJv9mSMcYYY4wxxhi7qK+o2PHy9efln/j8o+vzBHUlJwdcif/R9TljjDHGGGOMMcauvue7dnvmiaSk1h3/9UGV/1bWPz1oDP9TM/PgDwfeA1x+RAHAvzkhwIWB/E8exeb/yL5SLr11/nbVsjM+gP8drfwzBlf5g4kxxhhjjDH2p7ty0v/bx9XVKogxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMuG/hN/TuxqHyNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2/AAAA//9IVQM5")
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)

24.730676972s ago: executing program 3 (id=13266):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x181040)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000040)={{0x3, 0x0, 0x1, 0x1, 0x80}})

24.162857898s ago: executing program 3 (id=13272):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111ae00000000008510000002000000850000000500000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={r0, 0xfffffffffffffebe, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x27fffffe, 0x0, 0x2b, 0x10, &(0x7f0000002e00), &(0x7f0000001000), 0x8, 0x6e, 0x8, 0x0, 0x0}}, 0x10)

23.676971636s ago: executing program 33 (id=13272):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111ae00000000008510000002000000850000000500000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={r0, 0xfffffffffffffebe, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x27fffffe, 0x0, 0x2b, 0x10, &(0x7f0000002e00), &(0x7f0000001000), 0x8, 0x6e, 0x8, 0x0, 0x0}}, 0x10)

3.757821881s ago: executing program 2 (id=13426):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000008c0)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20305}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ICV_LEN={0x5, 0x3, 0xc}]}}}]}, 0x3c}}, 0x0)

3.382707098s ago: executing program 2 (id=13430):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000100)={0x3, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)={0x2, 0x3, 0x0, 0x2, 0xc, 0x0, 0x0, 0x0, [@sadb_key={0x2, 0x8, 0x8, 0x0, "fd"}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @dev}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @empty}}]}, 0x60}, 0x1, 0x7}, 0x0)

3.163021189s ago: executing program 2 (id=13432):
r0 = socket$inet(0x2, 0x6, 0x0)
getsockopt$inet_pktinfo(r0, 0x10d, 0x90, 0xfffffffffffffffe, &(0x7f0000000000)=0x300)

2.842596671s ago: executing program 2 (id=13436):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000080)={0x0, @in6={{0xa, 0x4e22, 0x4, @mcast1, 0x9}}, 0x99, 0x93, 0x1, 0x0, 0x3}, &(0x7f0000000180)=0x98)

2.510609043s ago: executing program 2 (id=13442):
r0 = socket(0xa, 0x5, 0x0)
sendmsg$inet_sctp(r0, &(0x7f0000001640)={&(0x7f0000000080)=@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x39}}, 0x10, &(0x7f0000000280)=[{&(0x7f0000000040)=')', 0x1}], 0x1, &(0x7f0000000400)=[@dstaddrv4={0x18, 0x84, 0x7, @rand_addr=0x64010102}, @prinfo={0x18, 0x84, 0x5, {0x0, 0x1}}], 0x30, 0x8000}, 0x2800c051)

2.372640057s ago: executing program 4 (id=13443):
r0 = syz_open_dev$I2C(&(0x7f0000003000), 0x0, 0x0)
ioctl$I2C_SMBUS(r0, 0x720, &(0x7f0000003080)={0x1, 0x0, 0x8, &(0x7f0000003040)={0xff, "f4e1a230be8f46463fb1a5f1b44f44eaa65e485b747aa95df8c005af07677d18bc"}})

2.210238693s ago: executing program 2 (id=13445):
syz_mount_image$squashfs(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0)={[{}]}, 0x1, 0x232, &(0x7f0000000000)="$eJzKKC4sZmdgYPj7sSaZgUGAAQRYGEQYLjAwMrAwMDDIM4KFGD4yQeipUPomlGaDyl+B0r5Q8XYo/de8KiKKgYExU+meGdMB8RRFRgEGHpGvpx4wJDPwxzJYzvNecykoc8pVobdL94PUe4VWbmJgVE/hXzRnwwSnmbxgYxkjo5DNYT4gM4sDZBADA8PkPxH3HrBIMoggmSXK8U/sVMvyVWad9xlmdExLY2A0mMXBwMCgd0R3pp0BbzcT1MziyqrsxJyc1KLiAwyo5k9m3M+kyAhSd+bv1eAHjHYM3bEMjAxyG/zVFn/7I1W5cVN95PSqiJqp3U03l66PY9im//eKidT7iRlh/x8cEtSyyMv/ME9G6fvmhjkfauqemDh2NirP5W+9/Pfd+5ja4gQ1psfiXYVs/AluWjWfnJ3cLB/PTa9u31KsuCArzWXisakX/yYcX8vAMPnCE1t9BgaGDSDnulXOjbnrFi/ItUz9fN2bFwwHoz5PZGBkZGBgYmCYGbZzD7K/yhugkcHAzMDAoMIAUsTCkJaZk2rgwcDIwMzAws6ADGCqmRg4wKr0kvNzUtoZGMFJAKxtOQML3AzDxwys/CDlII7RYwZWuIyxRQPMyHYorQKlPaD0cij9GErLoyUbFrAJ/VCeRgMDAxtDReJ//iJDNgYGhorEkpIiQ4hYSUmREVzMSABuMxPU1rlMqJ47zsQwCkbBKBgFo2AUjIJRMApGwSgYBSMZAAIAAP//kpC1eQ==")
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120100006325a640402000207265970000010902240001000000000904000002214c6a0009050702000000da000905"], 0x0)

2.04277949s ago: executing program 4 (id=13447):
r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0xf74, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000100)={0x1, @pix_mp={0x0, 0x0, 0x38415261}})

1.930121211s ago: executing program 5 (id=13448):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c000000040601010000000000000000000000000500010007"], 0x1c}}, 0x0)

1.743694699s ago: executing program 4 (id=13450):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000009c0)={{0x14}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xc}, @NFTA_SET_DATA_TYPE={0x8, 0x6, 0x1, 0x0, 0xffffff00}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x6c}}, 0x0)

1.664591606s ago: executing program 5 (id=13451):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendmmsg$sock(r0, &(0x7f0000000cc0)=[{{&(0x7f0000000100)=@l2tp={0x2, 0x0, @broadcast, 0x3}, 0x80, 0x0}}, {{&(0x7f0000000700)=@in6={0xa, 0x4e20, 0x7, @dev={0xfe, 0x80, '\x00', 0x18}, 0x60}, 0x80, 0x0}}], 0x2, 0x20048857)

1.432174059s ago: executing program 4 (id=13453):
r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0x0, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r0, 0xc02c564a, &(0x7f0000000080)={0x1, 0x50323234, 0x0, @discrete={0x7, 0x2001000}})

1.376840525s ago: executing program 1 (id=13454):
r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0)
write$sysctl(r0, &(0x7f0000000600)='2\x00', 0x2)

1.285568394s ago: executing program 5 (id=13455):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x4, 0xc, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000000000000000000000000008500000029000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000400)={r0, 0x0, 0xe, 0x0, &(0x7f0000000180)="e4e647c9d9b8e9a2f2ab30da5800", 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.22725225s ago: executing program 4 (id=13456):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r0, @ANYBLOB="0000000002000000b70500000800000085000000c200000095"], &(0x7f0000000300)='GPL\x00'}, 0x94)

1.128444669s ago: executing program 1 (id=13457):
r0 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r0, 0x800448d2, 0x0)

1.045585108s ago: executing program 4 (id=13458):
syz_mount_image$ext4(&(0x7f0000000ac0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x3810744, &(0x7f0000000000)={[{@nomblk_io_submit}, {@max_batch_time={'max_batch_time', 0x3d, 0x5314}}, {@usrquota}, {@jqfmt_vfsv1}, {@jqfmt_vfsv0}, {@delalloc}, {@journal_dev}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@i_version}]}, 0x1, 0x453, &(0x7f0000002a80)="$eJzs289vFFUcAPDvzG4BAdmK+AMEraKx8UdLCyoHPWg08aCJiR7wWNtCkIUaWhMhRKsxeDQk3o1HE/8CT56MejLxqndDQpSYgF5cM7sztLvdLf2xZSv7+SQL7+28nfe+mfdm377XCaBvDWX/JBE7I+LXiKg0ss0Fhhr/Xb96YfLvqxcmk6jV3vwjqZe7dvXCZFG0+NyOPDOcRqSfJnklzWbPnT81Ua1On83zo3On3xudPXf+6ZOnJ05Mn5g+M3706JHDY889O/5MV+LM2nRt34cz+/e++val1yePXXrnx2+y9t57oHF8cRzdMpQF/metrvXYY92urMf+rS3EmZR73RpWqhQR2eUaqI//SpRi4eJV4pVPeto4YENl9+ytnQ/P14DbWBK9bgHQG8UXffb7t3jdoqnHpnDlxcYPoCzu6/mrcaQcaV5mYAPrH4qIY/P/fJm9omUdotZm3QAAYL2+y+Y/Ty2d/9X3RhpFXtiRl61ExGBE3BURuyPi7ojYExH35GXvi4j7V1l/69bQ0vlnenmtsa1ENv97Pt/bap7/FbO/GCzluTvr8Q8kx09Wpw9FxK6IGI6BrVl+rN3Ji1O8/MvnnepfPP/LXln9xVwwP8nlcssC3dTE3ES3JqVXPo7YV24Xf3JjJyDrC3sjYt/qTr2rSJx84uv9nQrdPP5ldGGfqfZVxOON6z8fLfEXkuX3J0e3RXX60GjRK5b66eeLb3Sqf13xd0F2/bc39/+WEpW/ksX7tbOrr+Pib591/E1ZXmP/35K8Vd+z3pK/98HE3NzZsYgtyWv1fNP74wufLfJF+Sz+4YPtx//u/DNZ/A9ERNaJD0TEgxHxUH7tHo6IRyLi4DLx//DSo+92OrYZrv9U2/vfjf4/2Hz9V58onfr+2071r+z+d6SeGs7fqd//bqJzc7blJdbamwEAAOD/J42InZGkIzfSaToy0vh7+T2xPa3OzM49eXzm/TNTjWcEBmMgLVa6KovWQ8eS+fyMjfx4vlZcHD+crxt/Ubqjnh+ZnKlO9Th26Hc7Ooz/zO+lXrcO2HCe14L+1Tr+0x61A7j1fP9D/zL+oX8Z/9C/2o3/j1ry9gLg9uT7H/qX8Q/9y/iH/mX8Q19az3P9G5UoL/P0vsRmSUS6KZoh0SZR7sLo7vGNCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoEv+CwAA//9uCfIx")
syz_usb_connect(0x2, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000124d5240e316e9f958000000000109021b00010000000009047800018fa68d0009058a"], 0x0)

970.303725ms ago: executing program 5 (id=13459):
r0 = socket(0x1d, 0x2, 0x6)
close_range(r0, 0xffffffffffffffff, 0x0)

861.401616ms ago: executing program 1 (id=13460):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="680000001000010425bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="45080600000000004800128008000100677470003c00028008000100", @ANYRES32, @ANYBLOB="08000400ad5c0000080003"], 0x68}}, 0x0)

748.597766ms ago: executing program 5 (id=13461):
r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
write$binfmt_register(r0, &(0x7f0000000340)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x1541, 0x3a, '!+\xf0!\\+', 0x3a, 'a\xf1\to\x96\x91\xd9\x15\xea\x8a\xfc\x8aV\x87\xdf&$C\xd11<\x89\r\xb4I\x90q\x16F\xc9\x10\xe6q\xb5\xc9\xc95Y\xe9&j\x9c\x8d\xa9\x82q\xf4A\x8b3\xe0\x04\f\xf7H\xb8\xb4w\x9b\xe9N\x8cbi#wxAh\x97\xb1\xae\x8eZHr\xcd\xbaX(\xeehy\x9b\xe2\xfb\x1ab\x84*\xf7K4\x8c~\f\xf6\x9d\x9a\xcf[\x1aS\\xc\xcb\xf8\xf1\xd7V\xaa\xa97\xb4\x9f\xcc\xfe\xe8 \\Y\xe3\x03\xc1\xb6\xd5\x1fBU\xb4Vl\xb4w9*\xac\xe8\xcf\xefw\xd9\x8fmtx\x80\x93\xcb\x8e\x0e\xb8#\x99\xccp\xa9\x10\xce d\x03O?\xdc*w=\x00?_D\xe8\xcaTy\f\x00'/196, 0x3a, './file0'}, 0xf1)

628.510248ms ago: executing program 1 (id=13462):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xb, 0x5, &(0x7f00000003c0)=ANY=[@ANYBLOB="18020000ffffffe600000000000000008500000027000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={r0, 0x0, 0xe, 0x0, &(0x7f0000000340)="348b4d157b8ab1d21f8218e3c736", 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

355.296505ms ago: executing program 1 (id=13463):
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, 0x0, 0x0)

270.776133ms ago: executing program 5 (id=13464):
r0 = syz_open_dev$radio(&(0x7f0000000040), 0x2, 0x2)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r0, 0x40305652, &(0x7f00000000c0)={0x0, 0x1, 0x80, 0x0, 0x1e, 0x1002084, 0x65f4a})

0s ago: executing program 1 (id=13465):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000080)={r0, &(0x7f0000000580), &(0x7f0000000640), 0x2}, 0x20)

kernel console output (not intermixed with test programs):

="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd26458efc9 code=0x7ffc0000
[ 1170.455920][T13823] loop4: detected capacity change from 0 to 32768
[ 1170.564946][T13823] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1170.610749][T13836] loop3: detected capacity change from 0 to 32768
[ 1170.626726][T13836] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop3 scanned by syz.3.11704 (13836)
[ 1170.698203][T13836] BTRFS info (device loop3): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[ 1170.752987][T13836] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[ 1170.783432][T13836] BTRFS info (device loop3): turning on flush-on-commit
[ 1170.821663][T13836] BTRFS info (device loop3): turning off barriers
[ 1170.837287][T13836] BTRFS info (device loop3): turning on sync discard
[ 1170.840042][T13872] block device autoloading is deprecated and will be removed.
[ 1170.886507][T13836] BTRFS info (device loop3): using free space tree
[ 1171.209590][T13823] XFS (loop4): Ending clean mount
[ 1171.399597][ T5796] BTRFS info (device loop3): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[ 1171.513566][ T8892] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1171.819415][T13941] netlink: 20 bytes leftover after parsing attributes in process `syz.3.11717'.
[ 1171.863614][T13941] netlink: 36 bytes leftover after parsing attributes in process `syz.3.11717'.
[ 1172.344153][T13958] netlink: 16 bytes leftover after parsing attributes in process `syz.1.11725'.
[ 1172.950984][T13985] loop3: detected capacity change from 0 to 1024
[ 1172.983827][T13985] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1173.096474][T13985] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1173.151716][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1173.570970][ T5796] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1174.369335][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1174.858181][T14077] netlink: 'syz.3.11759': attribute type 3 has an invalid length.
[ 1174.892150][T14077] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1175.956895][T14134] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11778'.
[ 1176.589832][T14163] loop4: detected capacity change from 0 to 2048
[ 1176.646923][T14163] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1176.692038][T14171] loop2: detected capacity change from 0 to 64
[ 1177.053349][T14174] loop3: detected capacity change from 0 to 4096
[ 1177.226233][T14174] ntfs3: loop3: Failed to initialize $Extend/$ObjId.
[ 1177.378708][T14201] program syz.1.11797 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1177.653245][T14209] netlink: 'syz.2.11799': attribute type 1 has an invalid length.
[ 1177.658309][ T1285] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.667774][ T1285] ieee802154 phy1 wpan1: encryption failed: -22
[ 1177.691849][T14209] netlink: 248 bytes leftover after parsing attributes in process `syz.2.11799'.
[ 1177.695600][T14212] xt_cgroup: invalid path, errno=-2
[ 1178.189610][   T28] audit: type=1326 audit(1761494953.658:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14233 comm="syz.1.11809" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd26458efc9 code=0x7ffc0000
[ 1178.209515][T14240] netlink: 'syz.2.11810': attribute type 3 has an invalid length.
[ 1178.245004][   T28] audit: type=1326 audit(1761494953.668:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14233 comm="syz.1.11809" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd26458efc9 code=0x7ffc0000
[ 1178.267574][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1178.369220][   T28] audit: type=1326 audit(1761494953.668:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14233 comm="syz.1.11809" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd26458efc9 code=0x7ffc0000
[ 1178.430564][   T28] audit: type=1326 audit(1761494953.668:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14233 comm="syz.1.11809" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd26458efc9 code=0x7ffc0000
[ 1178.453082][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1178.504682][   T28] audit: type=1326 audit(1761494953.708:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14233 comm="syz.1.11809" exe="/root/syz-executor" sig=0 arch=c000003e syscall=93 compat=0 ip=0x7fd26458efc9 code=0x7ffc0000
[ 1178.592457][   T28] audit: type=1326 audit(1761494953.708:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14233 comm="syz.1.11809" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd26458efc9 code=0x7ffc0000
[ 1178.676033][   T28] audit: type=1326 audit(1761494953.708:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14233 comm="syz.1.11809" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd26458efc9 code=0x7ffc0000
[ 1178.742040][   T28] audit: type=1326 audit(1761494953.708:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14233 comm="syz.1.11809" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fd26458efc9 code=0x7ffc0000
[ 1178.805965][   T28] audit: type=1326 audit(1761494953.708:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14233 comm="syz.1.11809" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fd26458efc9 code=0x7ffc0000
[ 1179.428816][T14292] netlink: 'syz.2.11827': attribute type 21 has an invalid length.
[ 1179.474807][T14292] netlink: 'syz.2.11827': attribute type 1 has an invalid length.
[ 1179.509008][T14292] netlink: 132 bytes leftover after parsing attributes in process `syz.2.11827'.
[ 1179.794214][T14311] netlink: 12 bytes leftover after parsing attributes in process `syz.3.11833'.
[ 1179.838425][T14311] netlink: 68 bytes leftover after parsing attributes in process `syz.3.11833'.
[ 1179.863607][T14311] netlink: 12 bytes leftover after parsing attributes in process `syz.3.11833'.
[ 1179.907040][T14311] netlink: 68 bytes leftover after parsing attributes in process `syz.3.11833'.
[ 1180.542720][T10946] usb 3-1: new high-speed USB device number 107 using dummy_hcd
[ 1180.742892][T10946] usb 3-1: Using ep0 maxpacket: 16
[ 1180.766646][T10946] usb 3-1: config 127 has an invalid interface number: 102 but max is 2
[ 1180.796357][T10946] usb 3-1: config 127 has no interface number 2
[ 1180.800841][T14354] (unnamed net_device) (uninitialized): up delay (2) is not a multiple of miimon (100), value rounded to 0 ms
[ 1180.818382][T10946] usb 3-1: config 127 interface 0 has no altsetting 0
[ 1180.832660][T14354] (unnamed net_device) (uninitialized): down delay (2036) is not a multiple of miimon (100), value rounded to 2000 ms
[ 1180.841215][T10946] usb 3-1: config 127 interface 1 has no altsetting 0
[ 1180.921587][T10946] usb 3-1: config 127 interface 102 has no altsetting 0
[ 1180.951080][T10946] usb 3-1: New USB device found, idVendor=1199, idProduct=9015, bcdDevice=99.2d
[ 1180.977515][T10946] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1181.020199][T10946] usb 3-1: Product: syz
[ 1181.039265][T10946] usb 3-1: Manufacturer: syz
[ 1181.082590][T10946] usb 3-1: SerialNumber: syz
[ 1181.336804][T14402] netlink: 2 bytes leftover after parsing attributes in process `syz.3.11850'.
[ 1181.357612][T10946] usb 3-1: selecting invalid altsetting 0
[ 1181.378321][T10946] usb 3-1: Could not set interface, error -22
[ 1181.405504][T10946] usb 3-1: selecting invalid altsetting 0
[ 1181.425923][T10946] usb 3-1: Could not set interface, error -22
[ 1181.451165][T10946] usb 3-1: USB disconnect, device number 107
[ 1181.992879][T14444] sctp: [Deprecated]: syz.3.11860 (pid 14444) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1181.992879][T14444] Use struct sctp_sack_info instead
[ 1182.304549][T14461] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11866'.
[ 1182.765517][T14480] netlink: 60 bytes leftover after parsing attributes in process `syz.1.11872'.
[ 1183.208705][T14499] netlink: 44 bytes leftover after parsing attributes in process `syz.1.11879'.
[ 1183.209007][T14457] loop3: detected capacity change from 0 to 32768
[ 1183.339043][T14457] JBD2: Ignoring recovery information on journal
[ 1183.413346][T14457] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode.
[ 1183.516102][ T5796] ocfs2: Unmounting device (7,3) on (node local)
[ 1184.072764][T14539] dlm: no local IP address has been set
[ 1184.079387][T14539] dlm: cannot start dlm midcomms -107
[ 1184.392660][T14554] xt_policy: too many policy elements
[ 1184.868950][T14579] openvswitch: netlink: Flow actions attr not present in new flow.
[ 1185.334925][T14601] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1185.603646][T14615] loop4: detected capacity change from 0 to 256
[ 1185.680870][T14615] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x421408f7, utbl_chksum : 0xe619d30d)
[ 1185.726440][T14615] exFAT-fs (loop4): bogus allocation bitmap size(need : 2, cur : 17179869186)
[ 1186.232531][ T5857] usb 2-1: new high-speed USB device number 122 using dummy_hcd
[ 1186.361235][T14646] vim2m vim2m.0: Fourcc format (0x56595559) invalid.
[ 1186.388631][T14617] loop2: detected capacity change from 0 to 32768
[ 1186.406260][T14617] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop2 scanned by syz.2.11915 (14617)
[ 1186.443049][ T5857] usb 2-1: too many configurations: 25, using maximum allowed: 8
[ 1186.474516][T14617] BTRFS info (device loop2): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[ 1186.493369][ T5857] usb 2-1: New USB device found, idVendor=041e, idProduct=4011, bcdDevice=af.98
[ 1186.511067][ T5857] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1186.520895][T14617] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[ 1186.544173][T14617] BTRFS info (device loop2): turning on flush-on-commit
[ 1186.551214][T14617] BTRFS info (device loop2): turning off barriers
[ 1186.560833][ T5857] usb 2-1: config 0 descriptor??
[ 1186.591211][ T5857] pwc: Creative Labs Webcam Pro Ex detected.
[ 1186.602614][T14617] BTRFS info (device loop2): turning on sync discard
[ 1186.609384][T14617] BTRFS info (device loop2): using free space tree
[ 1186.616204][ T5857] pwc: Warning: more than 1 configuration available.
[ 1186.845875][ T5857] pwc: Failed to set LED on/off time (-71)
[ 1186.853324][ T5857] pwc: send_video_command error -71
[ 1186.879429][ T5857] pwc: Failed to set video mode VGA@30 fps; return code = -71
[ 1186.901396][ T5857] Philips webcam: probe of 2-1:0.0 failed with error -71
[ 1186.953514][ T5857] usb 2-1: USB disconnect, device number 122
[ 1187.084549][ T5797] BTRFS info (device loop2): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[ 1187.107559][T14692] netlink: 'syz.3.11930': attribute type 1 has an invalid length.
[ 1187.127067][T14692] netlink: 236 bytes leftover after parsing attributes in process `syz.3.11930'.
[ 1187.428479][T14708] netlink: 32 bytes leftover after parsing attributes in process `syz.4.11934'.
[ 1187.456893][ T5802] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop2 scanned by udevd (5802)
[ 1188.016754][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1188.232923][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1188.320828][T14747] netlink: 'syz.1.11945': attribute type 21 has an invalid length.
[ 1188.359352][T14749] netlink: 20 bytes leftover after parsing attributes in process `syz.3.11946'.
[ 1188.362292][T14747] netlink: 164 bytes leftover after parsing attributes in process `syz.1.11945'.
[ 1188.839740][T14770] netlink: 132 bytes leftover after parsing attributes in process `syz.3.11952'.
[ 1188.932666][ T5876] usb 2-1: new high-speed USB device number 123 using dummy_hcd
[ 1189.140980][ T5876] usb 2-1: Using ep0 maxpacket: 32
[ 1189.162658][ T5876] usb 2-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[ 1189.171876][ T5876] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1189.220145][ T5876] usb 2-1: config 0 descriptor??
[ 1189.259421][ T5876] gspca_main: sunplus-2.14.0 probing 041e:400b
[ 1189.332241][T14789] netlink: 'syz.2.11958': attribute type 9 has an invalid length.
[ 1189.670199][ T5876] gspca_sunplus: reg_w_riv err -71
[ 1189.696691][ T5876] sunplus: probe of 2-1:0.0 failed with error -71
[ 1189.712804][ T5857] usb 4-1: new high-speed USB device number 115 using dummy_hcd
[ 1189.729671][T14755] syz.4.11948 (14755): drop_caches: 2
[ 1189.734767][ T5876] usb 2-1: USB disconnect, device number 123
[ 1189.913131][ T5857] usb 4-1: Using ep0 maxpacket: 16
[ 1189.920663][ T5857] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1189.932721][T14818] netlink: 'syz.2.11963': attribute type 8 has an invalid length.
[ 1189.953854][ T5857] usb 4-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[ 1189.971396][ T5857] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1189.983485][ T5793] Bluetooth: hci1: command 0x0406 tx timeout
[ 1189.987235][ T5857] usb 4-1: Product: syz
[ 1190.017939][ T5857] usb 4-1: Manufacturer: syz
[ 1190.022818][ T5857] usb 4-1: SerialNumber: syz
[ 1190.031120][ T5857] usb 4-1: config 0 descriptor??
[ 1190.040541][ T5857] hub 4-1:0.0: bad descriptor, ignoring hub
[ 1190.047079][ T5857] hub: probe of 4-1:0.0 failed with error -5
[ 1190.056097][T20932] Bluetooth: hci1: unexpected event for opcode 0x0c26
[ 1190.065514][ T5857] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input55
[ 1190.532875][T10946] usb 3-1: new high-speed USB device number 108 using dummy_hcd
[ 1190.546704][T14850] loop4: detected capacity change from 0 to 4096
[ 1190.568417][T14850] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512).
[ 1190.658067][T14850] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[ 1190.732466][T10946] usb 3-1: Using ep0 maxpacket: 32
[ 1190.740402][T10946] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 9
[ 1190.764491][T10946] usb 3-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[ 1190.779125][T10946] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1190.787648][T14850] ntfs3: loop4: failed to convert "c46c" to macceltic
[ 1190.803350][T10946] usb 3-1: Product: syz
[ 1190.816675][T10946] usb 3-1: Manufacturer: syz
[ 1190.821531][T10946] usb 3-1: SerialNumber: syz
[ 1190.846230][T10946] usb 3-1: config 0 descriptor??
[ 1190.866067][T14837] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1190.888312][T10946] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input56
[ 1191.403981][T14837] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[ 1191.410594][T14837] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1191.427906][T14837] vhci_hcd vhci_hcd.0: Device attached
[ 1191.467677][T14885] vhci_hcd: connection closed
[ 1191.468183][T12633] vhci_hcd: stop threads
[ 1191.468984][ T5792] usb 3-1: USB disconnect, device number 108
[ 1191.473187][    C0] usbtouchscreen 3-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[ 1191.493237][T12633] vhci_hcd: release socket
[ 1191.522860][T12633] vhci_hcd: disconnect device
[ 1191.749572][T14910] loop3: detected capacity change from 0 to 64
[ 1191.954467][T14915] tmpfs: Bad value for 'mpol'
[ 1192.419621][T14933] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.11987'.
[ 1192.524091][T14907] loop4: detected capacity change from 0 to 32768
[ 1192.572524][T14907] BTRFS info (device loop4): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[ 1192.612829][T14907] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[ 1192.643492][T14907] BTRFS info (device loop4): turning on flush-on-commit
[ 1192.650550][T14907] BTRFS info (device loop4): turning off barriers
[ 1192.688709][T14907] BTRFS info (device loop4): turning on sync discard
[ 1192.728811][T14907] BTRFS info (device loop4): using free space tree
[ 1193.163901][ T8892] BTRFS info (device loop4): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[ 1193.436365][T14993] kAFS: unparsable volume name
[ 1193.669967][   T28] audit: type=1400 audit(1761494969.148:460): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=15001 comm="syz.3.12003"
[ 1193.903537][T14985] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1193.922514][T14985] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1194.757831][    T9] usb 4-1: USB disconnect, device number 115
[ 1195.032677][T15049] netlink: 16 bytes leftover after parsing attributes in process `syz.2.12015'.
[ 1195.059536][T15049] netlink: 30 bytes leftover after parsing attributes in process `syz.2.12015'.
[ 1195.177573][T15018] loop3: detected capacity change from 0 to 32768
[ 1195.192848][T15018] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.12007 (15018)
[ 1195.218678][T15018] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1195.237936][T15018] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[ 1195.252769][T20932] Bluetooth: hci1: command 0x0406 tx timeout
[ 1195.319460][T15018] BTRFS info (device loop3): using free space tree
[ 1195.571475][T15018] BTRFS info (device loop3): enabling ssd optimizations
[ 1195.593182][T15091] netlink: 12 bytes leftover after parsing attributes in process `syz.2.12023'.
[ 1195.632515][T15018] BTRFS info (device loop3): auto enabling async discard
[ 1195.650394][T15094] netlink: 8 bytes leftover after parsing attributes in process `syz.4.12026'.
[ 1195.893374][ T5796] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1196.232529][   T23] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[ 1196.323743][T15124] netlink: 12 bytes leftover after parsing attributes in process `syz.3.12030'.
[ 1196.467012][   T23] usb 5-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[ 1196.512583][   T23] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1196.520983][   T23] usb 5-1: Product: syz
[ 1196.552529][   T23] usb 5-1: Manufacturer: syz
[ 1196.557214][   T23] usb 5-1: SerialNumber: syz
[ 1196.590155][   T23] usb 5-1: config 0 descriptor??
[ 1196.618859][   T23] gspca_main: sunplus-2.14.0 probing 04fc:504a
[ 1197.071818][T14897] usb 5-1: USB disconnect, device number 5
[ 1197.091678][T15151] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[ 1197.332734][T20932] Bluetooth: hci1: command 0x0406 tx timeout
[ 1197.515786][T15182] loop2: detected capacity change from 0 to 64
[ 1197.691647][T15190] tc_dump_action: action bad kind
[ 1197.722719][    T9] usb 4-1: new high-speed USB device number 116 using dummy_hcd
[ 1197.942783][    T9] usb 4-1: Using ep0 maxpacket: 8
[ 1197.953673][    T9] usb 4-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=62.cb
[ 1197.953705][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1197.953727][    T9] usb 4-1: Product: syz
[ 1197.953743][    T9] usb 4-1: Manufacturer: syz
[ 1197.953760][    T9] usb 4-1: SerialNumber: syz
[ 1198.321117][T15230] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1198.415328][    T9] mxuport 4-1:254.0: mxuport_recv_ctrl_urb - usb_control_msg failed (-71)
[ 1198.438775][    T9] mxuport: probe of 4-1:254.0 failed with error -5
[ 1198.497776][    T9] usb 4-1: USB disconnect, device number 116
[ 1198.561857][T15246] netlink: 'syz.1.12061': attribute type 33 has an invalid length.
[ 1198.600544][T15246] netlink: 152 bytes leftover after parsing attributes in process `syz.1.12061'.
[ 1198.710535][T15254] netlink: 40 bytes leftover after parsing attributes in process `syz.4.12062'.
[ 1198.793279][T15259] fuse: Bad value for 'fd'
[ 1199.124960][T15273] loop2: detected capacity change from 0 to 2048
[ 1199.191997][T15265] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1199.212487][ T5787] blk_print_req_error: 17 callbacks suppressed
[ 1199.212507][ T5787] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1199.364808][T15285] [U] vÔ3¸Âfù¾"SçÁ/Éê4:ÃXTz“W¡t‘’lWµ«=
[ 1199.397738][T15285] [U] J"—e:ÀÆ"


[ 1199.633016][T15297] netlink: 28 bytes leftover after parsing attributes in process `syz.2.12074'.
[ 1199.649100][T15297] netlink: 28 bytes leftover after parsing attributes in process `syz.2.12074'.
[ 1199.668160][T15297] netlink: 52 bytes leftover after parsing attributes in process `syz.2.12074'.
[ 1200.323260][T15332] netlink: 'syz.2.12086': attribute type 1 has an invalid length.
[ 1200.336179][T15332] netlink: 112860 bytes leftover after parsing attributes in process `syz.2.12086'.
[ 1200.368958][T15332] netlink: 9 bytes leftover after parsing attributes in process `syz.2.12086'.
[ 1200.504291][T15340] loop4: detected capacity change from 0 to 1024
[ 1200.543234][T15340] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1200.562442][   T28] audit: type=1326 audit(1761494976.038:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15343 comm="syz.3.12091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c72d8efc9 code=0x7ffc0000
[ 1200.631263][T15340] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1200.642552][   T28] audit: type=1326 audit(1761494976.038:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15343 comm="syz.3.12091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c72d8efc9 code=0x7ffc0000
[ 1200.666086][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1200.733544][T15340] EXT4-fs error (device loop4): ext4_xattr_inode_iget:444: inode #11: comm syz.4.12088: missing EA_INODE flag
[ 1200.767422][   T28] audit: type=1326 audit(1761494976.078:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15343 comm="syz.3.12091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7f9c72d8efc9 code=0x7ffc0000
[ 1200.823278][T15340] EXT4-fs (loop4): Remounting filesystem read-only
[ 1200.839273][T15340] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2872: Unable to expand inode 15. Delete some EAs or run e2fsck.
[ 1200.874437][   T28] audit: type=1326 audit(1761494976.078:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15343 comm="syz.3.12091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c72d8efc9 code=0x7ffc0000
[ 1200.897051][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1200.935630][   T28] audit: type=1326 audit(1761494976.078:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15343 comm="syz.3.12091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c72d8efc9 code=0x7ffc0000
[ 1201.038019][ T8892] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1201.177908][T20932] Bluetooth: hci1: command 0x0406 tx timeout
[ 1201.694422][T15385] trusted_key: encrypted_key: keylen for the ecryptfs format must be equal to 64 bytes
[ 1201.827307][T15355] loop3: detected capacity change from 0 to 32768
[ 1201.972297][T15355] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode.
[ 1201.990853][T15397] (unnamed net_device) (uninitialized): option tlb_dynamic_lb: mode dependency failed, not supported in mode balance-xor(2)
[ 1202.141734][ T5796] (syz-executor,5796,1):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 76
[ 1202.237078][ T5796] ocfs2: Unmounting device (7,3) on (node local)
[ 1203.269012][T15449] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12120'.
[ 1203.327661][T15454] loop4: detected capacity change from 0 to 512
[ 1203.338530][T15454] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1203.395508][T15454] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1203.426108][T15454] ext4 filesystem being mounted at /381/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1203.546127][ T8892] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1203.596801][T15464] MTD: Attempt to mount non-MTD device "./file0"
[ 1203.615232][T15464] ./file0: Can't open blockdev
[ 1204.142459][    T9] usb 4-1: new high-speed USB device number 117 using dummy_hcd
[ 1204.159337][T15493] netlink: 'syz.4.12132': attribute type 21 has an invalid length.
[ 1204.376908][    T9] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1204.393143][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1204.432694][    T9] usb 4-1: config 0 descriptor??
[ 1204.450917][    T9] cp210x 4-1:0.0: cp210x converter detected
[ 1204.693811][    T9] cp210x 4-1:0.0: failed to get vendor val 0x370b size 1: -121
[ 1204.701463][    T9] cp210x 4-1:0.0: querying part number failed
[ 1204.730746][    T9] usb 4-1: cp210x converter now attached to ttyUSB0
[ 1204.936646][ T5876] usb 4-1: USB disconnect, device number 117
[ 1204.963554][ T5876] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1204.996236][ T5876] cp210x 4-1:0.0: device disconnected
[ 1205.486298][T15564] netlink: 'syz.1.12149': attribute type 39 has an invalid length.
[ 1205.541166][T15564] veth0_macvtap: left allmulticast mode
[ 1205.569274][T15564] veth0_macvtap: left promiscuous mode
[ 1205.582835][T15567] xt_l2tp: wrong L2TP version: 0
[ 1205.870240][T15582] netlink: 'syz.3.12154': attribute type 1 has an invalid length.
[ 1205.922515][   T28] audit: type=1326 audit(1761494981.388:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15586 comm="syz.4.12156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77cd8efc9 code=0x7ffc0000
[ 1205.937884][T15582] netlink: 224 bytes leftover after parsing attributes in process `syz.3.12154'.
[ 1206.006842][   T28] audit: type=1326 audit(1761494981.388:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15586 comm="syz.4.12156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77cd8efc9 code=0x7ffc0000
[ 1206.084643][   T28] audit: type=1326 audit(1761494981.388:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15586 comm="syz.4.12156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=281 compat=0 ip=0x7fa77cd8efc9 code=0x7ffc0000
[ 1206.157105][   T28] audit: type=1326 audit(1761494981.388:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15586 comm="syz.4.12156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77cd8efc9 code=0x7ffc0000
[ 1206.200069][   T28] audit: type=1326 audit(1761494981.388:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15586 comm="syz.4.12156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa77cd8efc9 code=0x7ffc0000
[ 1206.351393][T15606] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12162'.
[ 1206.765386][T15616] loop2: detected capacity change from 0 to 2048
[ 1206.811238][T15616] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1207.208652][T15600] loop4: detected capacity change from 0 to 32768
[ 1207.243841][T15600] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.12160 (15600)
[ 1207.289887][T15600] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1207.329742][T15600] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[ 1207.340003][T15604] loop3: detected capacity change from 0 to 32768
[ 1207.352744][T15600] BTRFS info (device loop4): using free space tree
[ 1207.622801][T15600] BTRFS info (device loop4): enabling ssd optimizations
[ 1207.629901][T15600] BTRFS info (device loop4): auto enabling async discard
[ 1207.909130][ T8892] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1208.064864][   T23] usb 2-1: new high-speed USB device number 124 using dummy_hcd
[ 1208.259042][T15679] netlink: 28 bytes leftover after parsing attributes in process `syz.4.12175'.
[ 1208.282699][   T23] usb 2-1: Using ep0 maxpacket: 16
[ 1208.331113][   T23] usb 2-1: config 0 has an invalid interface number: 20 but max is 0
[ 1208.349916][   T23] usb 2-1: config 0 has no interface number 0
[ 1208.359763][   T23] usb 2-1: New USB device found, idVendor=0402, idProduct=5602, bcdDevice=7c.94
[ 1208.377624][   T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1208.412900][   T23] usb 2-1: Product: syz
[ 1208.421505][   T23] usb 2-1: Manufacturer: syz
[ 1208.433017][   T23] usb 2-1: SerialNumber: syz
[ 1208.461548][   T23] usb 2-1: config 0 descriptor??
[ 1208.730999][   T23] gspca_main: ALi m5602-2.14.0 probing 0402:5602
[ 1208.766736][   T23] gspca_m5602: Failed to find a sensor
[ 1208.772484][   T23] ALi m5602 2-1:0.20: ALi m5602 webcam failed
[ 1208.795447][   T23] usb 2-1: USB disconnect, device number 124
[ 1209.024033][T15710] 9pnet_fd: p9_fd_create_tcp (15710): problem connecting socket to 127.0.0.1
[ 1210.027028][T15745] loop3: detected capacity change from 0 to 256
[ 1210.041018][T15714] loop4: detected capacity change from 0 to 32768
[ 1210.190028][T15714] XFS (loop4): DAX unsupported by block device. Turning off DAX.
[ 1210.195411][T15720] loop2: detected capacity change from 0 to 32768
[ 1210.267945][T15714] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1210.291185][T15720] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1210.421703][T15714] XFS (loop4): Ending clean mount
[ 1210.514342][T15714] XFS (loop4): Quotacheck needed: Please wait.
[ 1210.640211][T15780] loop3: detected capacity change from 0 to 512
[ 1210.677588][T15720] XFS (loop2): Ending clean mount
[ 1210.709895][T15780] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1210.737142][T15714] XFS (loop4): Quotacheck: Done.
[ 1210.752711][T15780] ext4 filesystem being mounted at /3001/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1210.943250][T15780] EXT4-fs error (device loop3): ext4_empty_dir:3145: inode #12: block 32: comm syz.3.12197: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[ 1210.983240][ T5797] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1211.016849][T15780] EXT4-fs warning (device loop3): ext4_empty_dir:3147: inode #12: comm syz.3.12197: directory missing '.'
[ 1211.076496][ T8892] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1211.178518][ T5796] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1211.541029][T15813] loop3: detected capacity change from 0 to 512
[ 1211.660058][T15813] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1211.714445][T15813] ext4 filesystem being mounted at /3003/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1211.911631][ T5796] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1212.572679][T15862] ip6t_REJECT: TCP_RESET illegal for non-tcp
[ 1213.884491][T15917] netlink: 'syz.2.12236': attribute type 1 has an invalid length.
[ 1214.077263][T15919] loop3: detected capacity change from 0 to 4096
[ 1214.091363][T15926] netlink: 4 bytes leftover after parsing attributes in process `syz.2.12239'.
[ 1214.122513][T15919] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512).
[ 1214.300512][T15886] loop4: detected capacity change from 0 to 40427
[ 1214.351786][T15886] F2FS-fs (loop4): invalid crc value
[ 1214.415513][T15886] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1214.538394][T15886] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[ 1214.572678][T14897] usb 2-1: new high-speed USB device number 125 using dummy_hcd
[ 1214.687658][T15955] blktrace: Concurrent blktraces are not allowed on loop4
[ 1214.783600][T14897] usb 2-1: Using ep0 maxpacket: 32
[ 1214.801616][T14897] usb 2-1: config index 0 descriptor too short (expected 35577, got 27)
[ 1214.822648][T14897] usb 2-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[ 1214.846304][T14897] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92
[ 1214.866623][T14897] usb 2-1: config 1 has no interface number 0
[ 1214.873562][T14897] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1214.886046][T14897] usb 2-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[ 1214.909563][T14897] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[ 1214.929951][T14897] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1215.005656][T14897] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found
[ 1215.216948][T14897] snd_usb_pod 2-1:1.1: invalid control EP
[ 1215.233288][T14897] snd_usb_pod 2-1:1.1: cannot start listening: -22
[ 1215.253776][T14897] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected
[ 1215.261504][T14897] snd_usb_pod: probe of 2-1:1.1 failed with error -22
[ 1215.424612][T15985] loop2: detected capacity change from 0 to 512
[ 1215.456350][T14897] usb 2-1: USB disconnect, device number 125
[ 1215.499679][T15985] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1215.537465][T15985] ext4 filesystem being mounted at /3059/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1215.603355][ T5876] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[ 1215.649279][T15985] EXT4-fs error (device loop2): ext4_search_dir:1549: inode #2: block 3: comm syz.2.12251: bad entry in directory: rec_len is smaller than minimal - offset=16444, inode=113, rec_len=0, size=2048 fake=0
[ 1215.658341][T16004] netlink: 172 bytes leftover after parsing attributes in process `syz.3.12254'.
[ 1215.697319][T16004] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12254'.
[ 1215.709746][T16004] netlink: 172 bytes leftover after parsing attributes in process `syz.3.12254'.
[ 1215.719697][T16004] netlink: 100 bytes leftover after parsing attributes in process `syz.3.12254'.
[ 1215.732112][ T5797] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1215.739454][T16004] netlink: 32 bytes leftover after parsing attributes in process `syz.3.12254'.
[ 1215.814616][ T5876] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1215.842619][ T5876] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1215.869296][ T5876] usb 5-1: config 1 interface 1 has no altsetting 1
[ 1215.897721][ T5876] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1215.913072][ T5876] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1215.921182][ T5876] usb 5-1: Product: syz
[ 1215.926009][ T5876] usb 5-1: Manufacturer: syz
[ 1215.930695][ T5876] usb 5-1: SerialNumber: syz
[ 1215.974517][ T5876] cdc_ncm 5-1:1.0: CDC Union missing and no IAD found
[ 1215.987621][ T5876] cdc_ncm 5-1:1.0: bind() failure
[ 1216.007133][ T5876] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[ 1216.014424][ T5876] cdc_ncm 5-1:1.1: bind() failure
[ 1216.258948][T14897] usb 5-1: USB disconnect, device number 6
[ 1216.300257][T16027] loop3: detected capacity change from 0 to 256
[ 1216.387887][T16027] FAT-fs (loop3): Directory bread(block 64) failed
[ 1216.421064][T16027] FAT-fs (loop3): Directory bread(block 65) failed
[ 1216.438261][T16027] FAT-fs (loop3): Directory bread(block 66) failed
[ 1216.466724][T16027] FAT-fs (loop3): Directory bread(block 67) failed
[ 1216.494827][T16027] FAT-fs (loop3): Directory bread(block 68) failed
[ 1216.501449][T16027] FAT-fs (loop3): Directory bread(block 69) failed
[ 1216.521711][T16042] loop2: detected capacity change from 0 to 1764
[ 1216.530045][T16027] FAT-fs (loop3): Directory bread(block 70) failed
[ 1216.537492][T16027] FAT-fs (loop3): Directory bread(block 71) failed
[ 1216.562622][T16027] FAT-fs (loop3): Directory bread(block 72) failed
[ 1216.602944][T16027] FAT-fs (loop3): Directory bread(block 73) failed
[ 1217.386469][T16079] (unnamed net_device) (uninitialized): option lp_interval: invalid value (18446744073709551611)
[ 1217.424866][T16079] (unnamed net_device) (uninitialized): option lp_interval: allowed values 1 - 2147483647
[ 1217.859563][T16102] loop2: detected capacity change from 0 to 512
[ 1217.939635][T16102] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a806e02c, mo2=0002]
[ 1217.953649][T16102] System zones: 1-12
[ 1217.964899][T16102] EXT4-fs error (device loop2): dx_probe:823: inode #2: comm syz.2.12278: Directory hole found for htree index block 0
[ 1217.980240][T16102] EXT4-fs (loop2): Remounting filesystem read-only
[ 1217.987105][T16102] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -117
[ 1217.995773][T16102] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[ 1218.005637][T16102] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1218.106344][T16102] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000.
[ 1218.211490][ T5797] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1218.514348][T16128] loop2: detected capacity change from 0 to 256
[ 1218.583011][T16127] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12284'.
[ 1219.027408][T16143] nvme_fabrics: missing parameter 'transport=%s'
[ 1219.035132][T16143] nvme_fabrics: missing parameter 'nqn=%s'
[ 1219.095875][T16152] loop4: detected capacity change from 0 to 512
[ 1219.234856][T16152] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1219.235030][   T28] audit: type=1326 audit(1761494994.718:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16160 comm="syz.2.12293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6d1b8efc9 code=0x7ffc0000
[ 1219.298986][T16152] ext4 filesystem being mounted at /407/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1219.343371][   T28] audit: type=1326 audit(1761494994.718:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16160 comm="syz.2.12293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6d1b8efc9 code=0x7ffc0000
[ 1219.373789][T16152] EXT4-fs error (device loop4): ext4_search_dir:1549: inode #2: block 3: comm syz.4.12290: bad entry in directory: rec_len is smaller than minimal - offset=16444, inode=113, rec_len=0, size=2048 fake=0
[ 1219.442475][   T28] audit: type=1326 audit(1761494994.738:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16160 comm="syz.2.12293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6d1b8efc9 code=0x7ffc0000
[ 1219.561873][   T28] audit: type=1326 audit(1761494994.748:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16160 comm="syz.2.12293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=126 compat=0 ip=0x7fa6d1b8efc9 code=0x7ffc0000
[ 1219.586324][T16173] netlink: 4 bytes leftover after parsing attributes in process `syz.2.12297'.
[ 1219.611273][ T8892] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1219.621581][   T28] audit: type=1326 audit(1761494994.748:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16160 comm="syz.2.12293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6d1b8efc9 code=0x7ffc0000
[ 1219.725973][   T28] audit: type=1326 audit(1761494994.748:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16160 comm="syz.2.12293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6d1b8efc9 code=0x7ffc0000
[ 1219.751444][   T28] audit: type=1326 audit(1761494994.748:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16160 comm="syz.2.12293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6d1b8efc9 code=0x7ffc0000
[ 1219.787310][T16179] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[ 1219.802698][   T28] audit: type=1326 audit(1761494994.748:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16160 comm="syz.2.12293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fa6d1b8efc9 code=0x7ffc0000
[ 1219.873258][   T28] audit: type=1326 audit(1761494994.768:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16160 comm="syz.2.12293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fa6d1b8efc9 code=0x7ffc0000
[ 1219.985944][T16209] netlink: 4 bytes leftover after parsing attributes in process `syz.2.12301'.
[ 1220.038590][T16209] netlink: 10 bytes leftover after parsing attributes in process `syz.2.12301'.
[ 1220.222119][T16230] binder: 16227:16230 ioctl c0046209 0 returned -22
[ 1220.257623][T16228] netlink: 'syz.1.12304': attribute type 21 has an invalid length.
[ 1220.402071][T16234] loop3: detected capacity change from 0 to 2048
[ 1220.454292][T16234] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[ 1220.496213][T16244] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null.
[ 1220.516781][T16244] overlayfs: missing 'lowerdir'
[ 1220.735612][T16251] loop4: detected capacity change from 0 to 2048
[ 1220.812904][ T5876] usb 4-1: new high-speed USB device number 118 using dummy_hcd
[ 1220.823379][T16260] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1220.927418][T16251] NILFS error (device loop4): nilfs_lookup: deleted inode referenced: 12
[ 1220.975082][T16251] Remounting filesystem read-only
[ 1221.022505][ T5876] usb 4-1: Using ep0 maxpacket: 8
[ 1221.033779][ T5876] usb 4-1: config 7 has an invalid interface number: 143 but max is 1
[ 1221.070079][ T5876] usb 4-1: config 7 has an invalid interface number: 217 but max is 1
[ 1221.102403][ T5876] usb 4-1: config 7 has an invalid descriptor of length 229, skipping remainder of the config
[ 1221.119347][ T5876] usb 4-1: config 7 has no interface number 0
[ 1221.137088][ T5876] usb 4-1: config 7 has no interface number 1
[ 1221.152132][ T5876] usb 4-1: too many endpoints for config 7 interface 217 altsetting 0: 255, using maximum allowed: 30
[ 1221.179410][ T5876] usb 4-1: config 7 interface 217 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[ 1221.225928][ T5876] usb 4-1: config 7 interface 143 has no altsetting 0
[ 1221.255620][ T5876] usb 4-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=ba.35
[ 1221.276937][ T5876] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1221.299433][ T5876] usb 4-1: Product: syz
[ 1221.309591][ T5876] usb 4-1: Manufacturer: syz
[ 1221.330021][ T5876] usb 4-1: SerialNumber: syz
[ 1221.573346][ T5876] qmi_wwan: probe of 4-1:7.143 failed with error -22
[ 1221.609125][ T5876] usb 4-1: USB disconnect, device number 118
[ 1221.891694][T16317] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1222.000750][T16321] overlayfs: cannot append lower layer
[ 1222.006688][T14897] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[ 1222.219897][T14897] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1222.248048][T14897] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1222.283649][T14897] usb 5-1: Product: syz
[ 1222.287897][T14897] usb 5-1: Manufacturer: syz
[ 1222.332694][T14897] usb 5-1: SerialNumber: syz
[ 1222.366831][T14897] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1222.442478][    T9] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1222.501922][T16348] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12334'.
[ 1222.726048][T16308] random: crng reseeded on system resumption
[ 1223.028900][T16367] loop2: detected capacity change from 0 to 256
[ 1223.502904][  T786] usb 5-1: USB disconnect, device number 7
[ 1223.510083][    T9] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[ 1223.522714][    T9] ath9k_htc: Failed to initialize the device
[ 1223.559851][  T786] usb 5-1: ath9k_htc: USB layer deinitialized
[ 1223.702681][T14897] usb 4-1: new full-speed USB device number 119 using dummy_hcd
[ 1223.935631][T14897] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1223.966418][T14897] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[ 1224.003270][T14897] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1224.023879][T14897] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1224.045584][T14897] usb 4-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[ 1224.056001][T14897] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1224.077605][T14897] usb 4-1: config 0 descriptor??
[ 1224.091163][T14897] gspca_main: spca561-2.14.0 probing abcd:cdee
[ 1224.314701][T14897] spca561: probe of 4-1:0.0 failed with error -22
[ 1224.342749][T14897] usb 4-1: Quirk or no altest; falling back to MIDI 1.0
[ 1224.363856][T14897] usb 4-1: MIDIStreaming interface descriptor not found
[ 1224.451006][T16430] bridge1: entered promiscuous mode
[ 1224.572029][T14897] snd-usb-audio: probe of 4-1:0.0 failed with error -12
[ 1224.645918][T14897] usb 4-1: USB disconnect, device number 119
[ 1224.906185][T16469] bond0: option fail_over_mac: unable to set because the bond device has slaves
[ 1225.134769][T16481] netlink: 40 bytes leftover after parsing attributes in process `syz.4.12365'.
[ 1225.826450][T16518] tmpfs: User quota inode hardlimit too large.
[ 1226.449243][ T8555] usb 4-1: new high-speed USB device number 120 using dummy_hcd
[ 1226.656168][ T8555] usb 4-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[ 1226.676340][ T8555] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1226.715693][ T8555] usb 4-1: config 0 descriptor??
[ 1227.142732][T16588] netlink: 'syz.4.12396': attribute type 15 has an invalid length.
[ 1227.147313][ T8555] usb 4-1: Cannot set MAC address
[ 1227.165143][ T8555] MOSCHIP usb-ethernet driver: probe of 4-1:0.0 failed with error -71
[ 1227.214882][ T8555] usb 4-1: USB disconnect, device number 120
[ 1227.951612][T16636] loop4: detected capacity change from 0 to 8
[ 1228.136014][T16643] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12412'.
[ 1228.285956][T16652] netlink: 16 bytes leftover after parsing attributes in process `syz.4.12414'.
[ 1228.508059][T16664] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.12418'.
[ 1228.694780][T16675] loop3: detected capacity change from 0 to 1024
[ 1228.706860][T16680] loop4: detected capacity change from 0 to 128
[ 1228.769578][T16680] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[ 1228.810002][T16680] FAT-fs (loop4): Filesystem has been set read-only
[ 1228.871650][T16675] hfsplus: hfsplus: Invalid key length: 29235
[ 1228.979856][ T8892] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[ 1229.247519][T16707] netlink: 'syz.1.12429': attribute type 10 has an invalid length.
[ 1229.282516][T16707] team0: Device ipvlan1 is up. Set it down before adding it as a team port
[ 1229.391862][T16711] loop4: detected capacity change from 0 to 1024
[ 1229.443664][T16711] EXT4-fs: Ignoring removed orlov option
[ 1229.507927][T16711] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1229.811115][ T8892] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1230.095897][T16705] loop3: detected capacity change from 0 to 32768
[ 1230.121996][T16705] (syz.3.12427,16705,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 1230.155724][T16705] (syz.3.12427,16705,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 1230.229107][T16705] (syz.3.12427,16705,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x729e4f9c, computed 0x295f958d. Applying ECC.
[ 1230.230922][T16705] JBD2: Ignoring recovery information on journal
[ 1230.302696][  T786] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[ 1230.316090][T16705] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[ 1230.320845][T16705] (syz.3.12427,16705,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x729e4f9c, computed 0x295f958d. Applying ECC.
[ 1230.494551][  T786] usb 5-1: config 0 has an invalid interface number: 156 but max is 0
[ 1230.494583][  T786] usb 5-1: config 0 has no interface number 0
[ 1230.494663][  T786] usb 5-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[ 1230.494693][  T786] usb 5-1: config 0 interface 156 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1230.494718][  T786] usb 5-1: config 0 interface 156 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[ 1230.494756][  T786] usb 5-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[ 1230.494781][  T786] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1230.497597][  T786] usb 5-1: config 0 descriptor??
[ 1230.501914][  T786] gspca_main: spca561-2.14.0 probing abcd:cdee
[ 1230.583708][T16705] (syz.3.12427,16705,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xdf8356d3, computed 0xa1ff4175. Applying ECC.
[ 1230.584068][T16705] (syz.3.12427,16705,0):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0xdf8356d3, computed 0xfd02ac81
[ 1230.584135][T16705] (syz.3.12427,16705,0):ocfs2_read_quota_phys_block:160 ERROR: status = -5
[ 1230.584378][T16705] (syz.3.12427,16705,0):ocfs2_quota_read:201 ERROR: status = -5
[ 1230.584408][T16705] Quota error (device loop3): find_block_dqentry: Can't read quota tree block 6
[ 1230.585022][T16705] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[ 1230.585055][T16705] (syz.3.12427,16705,0):ocfs2_acquire_dquot:878 ERROR: status = -5
[ 1230.587887][T16705] (syz.3.12427,16705,0):ocfs2_mknod:314 ERROR: status = -5
[ 1230.587953][T16705] (syz.3.12427,16705,0):ocfs2_mknod:502 ERROR: status = -5
[ 1230.587978][T16705] (syz.3.12427,16705,0):ocfs2_create:676 ERROR: status = -5
[ 1230.730363][ T5796] ocfs2: Unmounting device (7,3) on (node local)
[ 1230.736148][  T786] spca561: probe of 5-1:0.156 failed with error -22
[ 1230.737476][  T786] usb 5-1: Quirk or no altest; falling back to MIDI 1.0
[ 1230.737534][  T786] usb 5-1: MIDIStreaming interface descriptor not found
[ 1230.859671][  T786] usb 5-1: USB disconnect, device number 8
[ 1232.120828][T16833] loop4: detected capacity change from 0 to 256
[ 1232.212525][T16833] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[ 1232.301146][T16833] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008)
[ 1232.327523][T16833] exFAT-fs (loop4): Filesystem has been set read-only
[ 1232.338287][T16833] exFAT-fs (loop4): error, failed to bmap (inode : ffff88805898b560 iblock : 8, err : -5)
[ 1232.360962][T16833] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008)
[ 1232.380123][T16833] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008)
[ 1232.522584][  T786] usb 4-1: new high-speed USB device number 121 using dummy_hcd
[ 1232.712543][  T786] usb 4-1: Using ep0 maxpacket: 16
[ 1232.720271][  T786] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xC has an invalid bInterval 0, changing to 7
[ 1232.732712][  T786] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0
[ 1232.754242][  T786] usb 4-1: New USB device found, idVendor=0d46, idProduct=0081, bcdDevice=19.82
[ 1232.772473][  T786] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1232.790893][  T786] usb 4-1: Product: syz
[ 1232.806031][  T786] usb 4-1: Manufacturer: syz
[ 1232.810711][  T786] usb 4-1: SerialNumber: syz
[ 1232.837314][  T786] usb 4-1: config 0 descriptor??
[ 1232.866075][  T786] kobil_sct 4-1:0.0: KOBIL USB smart card terminal converter detected
[ 1232.905619][  T786] usb 4-1: KOBIL USB smart card terminal converter now attached to ttyUSB0
[ 1233.108041][T16869] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.12464'.
[ 1233.115899][  T786] usb 4-1: USB disconnect, device number 121
[ 1233.142043][  T786] kobil ttyUSB0: KOBIL USB smart card terminal converter now disconnected from ttyUSB0
[ 1233.145142][T16869] openvswitch: netlink: IP tunnel attribute has 3064 unknown bytes.
[ 1233.180529][  T786] kobil_sct 4-1:0.0: device disconnected
[ 1233.271774][T16846] loop2: detected capacity change from 0 to 32768
[ 1233.349790][T16846] jfs_lookup: iget failed on inum 32
[ 1233.360006][T16846] jfs_lookup: iget failed on inum 32
[ 1233.433458][T16853] loop4: detected capacity change from 0 to 32768
[ 1233.542814][T16853] ocfs2: Slot 0 on device (7,4) was already allocated to this node!
[ 1233.670735][T16853] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[ 1233.897433][ T8892] ocfs2: Unmounting device (7,4) on (node local)
[ 1234.997332][T16946] loop2: detected capacity change from 0 to 4096
[ 1235.039580][T16946] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[ 1235.110692][T16962] loop4: detected capacity change from 0 to 64
[ 1235.847256][T16994] netlink: 8 bytes leftover after parsing attributes in process `syz.4.12498'.
[ 1235.857910][T16994] netlink: 12 bytes leftover after parsing attributes in process `syz.4.12498'.
[ 1235.911232][T16994] netlink: 8 bytes leftover after parsing attributes in process `syz.4.12498'.
[ 1236.190790][T17003] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null.
[ 1236.221450][T17003] overlayfs: missing 'lowerdir'
[ 1236.287867][T16974] loop3: detected capacity change from 0 to 32768
[ 1236.305520][T17001] loop4: detected capacity change from 0 to 4096
[ 1236.329834][T16974] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.12491 (16974)
[ 1236.354912][T17001] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512).
[ 1236.374888][T16974] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1236.413369][T16974] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[ 1236.432570][T16974] BTRFS info (device loop3): using free space tree
[ 1236.694489][T16974] BTRFS info (device loop3): enabling ssd optimizations
[ 1236.701521][T16974] BTRFS info (device loop3): auto enabling async discard
[ 1236.882733][ T5796] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1236.954749][T17035] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[ 1236.979413][T16991] loop2: detected capacity change from 0 to 32768
[ 1237.372687][T17048] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.12506'.
[ 1238.239565][T17082] netdevsim netdevsim4 netdevsim0: entered allmulticast mode
[ 1238.274243][T17082] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[ 1238.318668][T17081] netlink: 28 bytes leftover after parsing attributes in process `syz.1.12516'.
[ 1238.336968][T17081] netlink: 28 bytes leftover after parsing attributes in process `syz.1.12516'.
[ 1238.379805][T17081] netlink: 'syz.1.12516': attribute type 6 has an invalid length.
[ 1238.773446][T17105] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.12522'.
[ 1239.098500][ T1285] ieee802154 phy0 wpan0: encryption failed: -22
[ 1239.105276][ T1285] ieee802154 phy1 wpan1: encryption failed: -22
[ 1239.353188][T17132] RDS: rds_bind could not find a transport for fe88::105, load rds_tcp or rds_rdma?
[ 1239.493090][T17135] netlink: 24 bytes leftover after parsing attributes in process `syz.3.12532'.
[ 1239.539304][T17097] loop2: detected capacity change from 0 to 32768
[ 1239.542374][T17139] netlink: 8 bytes leftover after parsing attributes in process `syz.4.12533'.
[ 1239.595319][T17097] ocfs2: Slot 0 on device (7,2) was already allocated to this node!
[ 1239.638024][T17097] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[ 1239.903010][ T5797] ocfs2: Unmounting device (7,2) on (node local)
[ 1240.152261][T20932] Bluetooth: hci1: unexpected event for opcode 0x2041
[ 1240.539231][T17179] loop3: detected capacity change from 0 to 2048
[ 1240.631498][T17179]  loop3: p1 < > p4 < >
[ 1240.695608][ T5160]  loop3: p1 < > p4 < >
[ 1240.833820][ T5796] __loop_clr_fd: partition scan of loop3 failed (rc=-16)
[ 1240.836206][ T5787] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1240.841110][ T5802] I/O error, dev loop3, sector 768 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1240.893006][ T5787] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1240.923356][ T5787] Buffer I/O error on dev loop3p4, logical block 0, async page read
[ 1240.928297][T17206] netlink: 'syz.4.12550': attribute type 10 has an invalid length.
[ 1240.931755][ T5802] I/O error, dev loop3, sector 768 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1240.972634][T17206] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[ 1240.983099][ T5787] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1241.008763][T17206] team0: Port device virt_wifi0 added
[ 1241.012418][ T5802] Buffer I/O error on dev loop3p1, logical block 0, async page read
[ 1241.023586][ T5802] I/O error, dev loop3, sector 768 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1241.042734][ T5787] Buffer I/O error on dev loop3p4, logical block 0, async page read
[ 1241.072550][ T5802] Buffer I/O error on dev loop3p1, logical block 0, async page read
[ 1241.086442][ T5787] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1241.112846][ T5802] I/O error, dev loop3, sector 768 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1241.142536][ T5787] Buffer I/O error on dev loop3p4, logical block 0, async page read
[ 1241.151262][ T5787] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1241.161522][ T5802] Buffer I/O error on dev loop3p1, logical block 0, async page read
[ 1241.181175][ T5802] I/O error, dev loop3, sector 768 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1241.200934][ T5787] Buffer I/O error on dev loop3p4, logical block 0, async page read
[ 1241.209295][ T5802] Buffer I/O error on dev loop3p1, logical block 0, async page read
[ 1241.223162][ T5787] Buffer I/O error on dev loop3p4, logical block 0, async page read
[ 1241.242183][ T5802] Buffer I/O error on dev loop3p1, logical block 0, async page read
[ 1241.334903][ T5787] udevd[5787]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[ 1241.345650][ T5802] udevd[5802]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[ 1241.497681][ T5923] udevd[5923]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[ 1241.518909][ T5802] udevd[5802]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[ 1242.002708][T17233] vivid-007: disconnect
[ 1242.019587][T17232] vivid-007: reconnect
[ 1242.069725][T17200] loop2: detected capacity change from 0 to 40427
[ 1242.096449][T17200] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[ 1242.118113][T17200] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 1242.183955][T17200] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1242.218781][T17240] usb usb8: usbfs: process 17240 (syz.1.12558) did not claim interface 0 before use
[ 1242.338691][T17249] netlink: 9 bytes leftover after parsing attributes in process `syz.4.12560'.
[ 1242.392607][T17249] 0·: renamed from hsr0 (while UP)
[ 1242.433869][T17200] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 1242.440978][T17200] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1242.451661][T17249] 0·: entered allmulticast mode
[ 1242.483042][T17249] hsr_slave_0: entered allmulticast mode
[ 1242.497601][T17249] hsr_slave_1: entered allmulticast mode
[ 1242.507134][T17249] A link change request failed with some changes committed already. Interface 
70· may have been left with an inconsistent configuration, please check.
[ 1242.603639][T17200] fscrypt (loop2, inode 3): Error -61 getting encryption context
[ 1243.014333][T17275] netlink: 8 bytes leftover after parsing attributes in process `syz.4.12569'.
[ 1243.049175][T17275] netlink: 7 bytes leftover after parsing attributes in process `syz.4.12569'.
[ 1243.411741][T17289] comedi comedi3: pcl812: I/O port conflict (0x4f26,16)
[ 1243.853578][T17317] netlink: 'syz.3.12580': attribute type 2 has an invalid length.
[ 1244.109683][T17334] loop2: detected capacity change from 0 to 1024
[ 1244.210335][T12616] hfsplus: b-tree write err: -5, ino 4
[ 1244.222576][T10946] usb 2-1: new full-speed USB device number 126 using dummy_hcd
[ 1244.367683][T17344] netlink: 176 bytes leftover after parsing attributes in process `syz.2.12587'.
[ 1244.425964][T10946] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1244.446192][T10946] usb 2-1: not running at top speed; connect to a high speed hub
[ 1244.472128][T17350] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12589'.
[ 1244.491284][T10946] usb 2-1: config 56 has an invalid interface number: 129 but max is 0
[ 1244.519165][T10946] usb 2-1: config 56 has no interface number 0
[ 1244.552064][T10946] usb 2-1: config 56 interface 129 altsetting 224 endpoint 0x86 has invalid maxpacket 512, setting to 64
[ 1244.574982][T10946] usb 2-1: config 56 interface 129 has no altsetting 0
[ 1244.587940][T10946] usb 2-1: New USB device found, idVendor=1410, idProduct=9011, bcdDevice=e5.d2
[ 1244.602430][T10946] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1244.642135][T10946] usb 2-1: Product: syz
[ 1244.652134][T10946] usb 2-1: Manufacturer: syz
[ 1244.661999][T10946] usb 2-1: SerialNumber: syz
[ 1244.680658][T17322] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1244.805936][T17364] loop3: detected capacity change from 0 to 8
[ 1244.925840][T10946] option 2-1:56.129: GSM modem (1-port) converter detected
[ 1244.961759][T10946] usb 2-1: USB disconnect, device number 126
[ 1245.014380][T10946] option 2-1:56.129: device disconnected
[ 1245.042265][T17385] netlink: 96 bytes leftover after parsing attributes in process `syz.4.12596'.
[ 1245.134715][T17391] usb usb8: usbfs: interface 0 claimed by hub while 'syz.2.12597' sets config #0
[ 1245.275267][T17396] loop4: detected capacity change from 0 to 128
[ 1245.417066][T17407] loop3: detected capacity change from 0 to 164
[ 1245.505529][T17407] iso9660: Corrupted directory entry in block 2 of inode 1920
[ 1245.843034][   T28] audit: type=1326 audit(1761495021.318:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17420 comm="syz.3.12605" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9c72d8efc9 code=0x0
[ 1245.931306][T17433] netlink: 'syz.4.12609': attribute type 1 has an invalid length.
[ 1245.939408][T17433] netlink: 232 bytes leftover after parsing attributes in process `syz.4.12609'.
[ 1247.209007][T17491] gretap1: entered promiscuous mode
[ 1247.625049][T17511] netlink: 'syz.4.12633': attribute type 7 has an invalid length.
[ 1248.232565][T10946] usb 2-1: new high-speed USB device number 127 using dummy_hcd
[ 1248.237482][T17544] netlink: 132 bytes leftover after parsing attributes in process `syz.2.12645'.
[ 1248.412722][T17552] netlink: 12 bytes leftover after parsing attributes in process `syz.3.12647'.
[ 1248.452633][T10946] usb 2-1: Using ep0 maxpacket: 8
[ 1248.468645][T10946] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1248.478701][T10946] usb 2-1: config 8 has an invalid interface number: 61 but max is 2
[ 1248.492399][T10946] usb 2-1: config 8 has 1 interface, different from the descriptor's value: 3
[ 1248.522486][T10946] usb 2-1: config 8 has no interface number 0
[ 1248.542604][T10946] usb 2-1: config 8 interface 61 altsetting 8 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1248.592635][T10946] usb 2-1: config 8 interface 61 altsetting 8 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1248.610679][T10946] usb 2-1: config 8 interface 61 has no altsetting 0
[ 1248.625475][T10946] usb 2-1: New USB device found, idVendor=057c, idProduct=2200, bcdDevice=e9.1f
[ 1248.642602][T10946] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1248.671743][T10946] usb 2-1: Product: syz
[ 1248.690719][T10946] usb 2-1: Manufacturer: syz
[ 1248.709928][T10946] usb 2-1: SerialNumber: syz
[ 1248.722670][T17564] netlink: 800 bytes leftover after parsing attributes in process `syz.2.12650'.
[ 1248.752647][T17564] netlink: 1301 bytes leftover after parsing attributes in process `syz.2.12650'.
[ 1248.985003][T10946] bfusb: probe of 2-1:8.61 failed with error -5
[ 1249.026736][T10946] usb 2-1: USB disconnect, device number 127
[ 1249.124972][T17585] netlink: 132 bytes leftover after parsing attributes in process `syz.2.12655'.
[ 1249.690159][T17563] loop4: detected capacity change from 0 to 40427
[ 1249.702867][T17598] netlink: 'syz.2.12660': attribute type 2 has an invalid length.
[ 1249.718088][T17563] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1249.745072][T17563] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1249.782293][T17563] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1249.790388][T17578] loop3: detected capacity change from 0 to 32768
[ 1250.022492][T17563] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1250.029626][T17563] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1250.039154][T17611] netlink: 28 bytes leftover after parsing attributes in process `syz.2.12661'.
[ 1250.177313][T17563] fscrypt (loop4, inode 3): Error -61 getting encryption context
[ 1251.541674][T17665] netlink: 'syz.2.12677': attribute type 1 has an invalid length.
[ 1251.569792][T17665] netlink: 244 bytes leftover after parsing attributes in process `syz.2.12677'.
[ 1252.285235][T17706] xt_hashlimit: max too large, truncated to 1048576
[ 1252.700290][T17724] netlink: 36 bytes leftover after parsing attributes in process `syz.4.12694'.
[ 1252.982725][T17736] netlink: 52 bytes leftover after parsing attributes in process `syz.4.12699'.
[ 1253.245490][T17747] openvswitch: netlink: Actions may not be safe on all matching packets
[ 1253.881579][T17783] netlink: 'syz.4.12713': attribute type 13 has an invalid length.
[ 1254.286473][T17801] program syz.1.12719 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1254.337078][T17783] gretap0: refused to change device tx_queue_len
[ 1254.365901][T17783] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[ 1254.612630][T17813] netlink: 'syz.1.12723': attribute type 5 has an invalid length.
[ 1254.814746][T17820] netlink: 56 bytes leftover after parsing attributes in process `syz.2.12726'.
[ 1254.872653][T17820] netlink: 12 bytes leftover after parsing attributes in process `syz.2.12726'.
[ 1254.911404][T17820] netlink: 31 bytes leftover after parsing attributes in process `syz.2.12726'.
[ 1254.941908][T17820] netlink: 'syz.2.12726': attribute type 3 has an invalid length.
[ 1254.973535][T17820] netlink: 'syz.2.12726': attribute type 2 has an invalid length.
[ 1254.981436][T17820] netlink: 31 bytes leftover after parsing attributes in process `syz.2.12726'.
[ 1255.112486][T10946] usb 4-1: new high-speed USB device number 122 using dummy_hcd
[ 1255.342558][T10946] usb 4-1: Using ep0 maxpacket: 8
[ 1255.360241][T10946] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x1 has invalid maxpacket 512, setting to 64
[ 1255.391577][T10946] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1255.441265][T10946] usb 4-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=bc.76
[ 1255.487189][T10946] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1255.507126][T10946] usb 4-1: Product: syz
[ 1255.511367][T10946] usb 4-1: Manufacturer: syz
[ 1255.533956][T10946] usb 4-1: SerialNumber: syz
[ 1255.554118][T10946] usb 4-1: config 0 descriptor??
[ 1255.586717][T10946] snd_usb_toneport 4-1:0.0: Line 6 TonePort UX2 found
[ 1255.805427][T10946] snd_usb_toneport 4-1:0.0: cannot get proper max packet size
[ 1255.852724][T10946] snd_usb_toneport 4-1:0.0: Line 6 TonePort UX2 now disconnected
[ 1255.875895][T10946] snd_usb_toneport: probe of 4-1:0.0 failed with error -22
[ 1256.103032][T14897] usb 4-1: USB disconnect, device number 122
[ 1256.162782][ T5876] usb 3-1: new high-speed USB device number 109 using dummy_hcd
[ 1256.362438][ T5876] usb 3-1: Using ep0 maxpacket: 32
[ 1256.371120][ T5876] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1256.394677][ T5876] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1256.422911][ T5876] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1256.441573][ T5876] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1256.465967][ T5876] usb 3-1: string descriptor 0 read error: -22
[ 1256.473037][ T5876] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1256.493626][ T5876] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1256.530230][ T5876] usb 3-1: 0:2 : does not exist
[ 1256.829580][T14897] usb 3-1: USB disconnect, device number 109
[ 1256.852666][T17920] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1257.507204][T17949] loop4: detected capacity change from 0 to 8192
[ 1258.023063][T17975] netlink: 8 bytes leftover after parsing attributes in process `syz.4.12765'.
[ 1258.768264][T18009] CIFS: VFS: Malformed UNC in devname
[ 1258.897422][T17951] loop3: detected capacity change from 0 to 32768
[ 1258.974774][T17951] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 1258.993774][T17951] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 1259.013216][T20932] Bluetooth: hci1: command 0x0406 tx timeout
[ 1259.070454][T17951] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[ 1259.070454][T17951]   inode = 1 34
[ 1259.070454][T17951]   function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 472
[ 1259.124426][T17951] gfs2: fsid=syz:syz.0: G:  s:SH n:2/22 f:qobnN t:SH d:EX/0 a:0 v:0 r:3 m:20 p:1
[ 1259.142391][T17951] gfs2: fsid=syz:syz.0:  H: s:SH f:eEcH e:0 p:0 [(none)] init_inodes+0xdb/0x320
[ 1259.151529][T17951] gfs2: fsid=syz:syz.0:  I: n:1/34 t:8 f:0x00 d:0x00000200 s:8388608 p:0
[ 1259.172589][T17951] gfs2: fsid=syz:syz.0: about to withdraw this file system
[ 1259.198583][T17951] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[ 1259.218638][   T28] audit: type=1326 audit(1761495034.688:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18029 comm="syz.2.12782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6d1b8efc9 code=0x7ffc0000
[ 1259.303126][T17951] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[ 1259.315041][T17951] gfs2: fsid=syz:syz.0: File system withdrawn
[ 1259.323486][   T28] audit: type=1326 audit(1761495034.688:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18029 comm="syz.2.12782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6d1b8efc9 code=0x7ffc0000
[ 1259.372578][T17951] CPU: 0 PID: 17951 Comm: syz.3.12757 Not tainted syzkaller #0
[ 1259.380386][T17951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1259.390582][T17951] Call Trace:
[ 1259.393913][T17951]  <TASK>
[ 1259.396883][T17951]  dump_stack_lvl+0x16c/0x230
[ 1259.401617][T17951]  ? kobject_uevent_env+0x359/0x8c0
[ 1259.406888][T17951]  ? show_regs_print_info+0x20/0x20
[ 1259.412158][T17951]  ? load_image+0x3b0/0x3b0
[ 1259.416713][T17951]  ? kobject_uevent_env+0x363/0x8c0
[ 1259.421977][T17951]  gfs2_withdraw+0xe50/0x13b0
[ 1259.426739][T17951]  ? gfs2_lm+0x220/0x220
[ 1259.431057][T17951]  ? make_kgid+0x1ae/0x640
[ 1259.435546][T17951]  ? preempt_schedule+0xab/0xc0
[ 1259.440457][T17951]  ? gfs2_consist_inode_i+0xf5/0x110
[ 1259.445805][T17951]  gfs2_inode_refresh+0xb83/0xff0
[ 1259.450879][T17951]  ? gfs2_inode_metasync+0xf0/0xf0
[ 1259.456060][T17951]  ? gfs2_glock_nq+0xd4f/0x1420
[ 1259.460987][T17951]  gfs2_instantiate+0x162/0x220
[ 1259.465912][T17951]  gfs2_glock_wait+0x1d4/0x2a0
[ 1259.470744][T17951]  init_journal+0xc6e/0x2260
[ 1259.475413][T17951]  ? init_inodes+0xdb/0x320
[ 1259.479970][T17951]  ? _compound_head+0x120/0x120
[ 1259.484856][T17951]  ? vsnprintf+0x1957/0x1a40
[ 1259.489483][T17951]  ? snprintf+0xdb/0x120
[ 1259.493867][T17951]  ? init_inodes+0xdb/0x320
[ 1259.498428][T17951]  ? vscnprintf+0x80/0x80
[ 1259.502864][T17951]  ? gfs2_glock_nq_num+0x183/0x1c0
[ 1259.508003][T17951]  init_inodes+0xdb/0x320
[ 1259.512451][T17951]  gfs2_fill_super+0x1815/0x1f80
[ 1259.517425][T17951]  ? gfs2_reconfigure+0xb10/0xb10
[ 1259.522479][T17951]  ? init_locking+0xb8/0x200
[ 1259.527100][T17951]  ? setup_bdev_super+0x56b/0x660
[ 1259.532150][T17951]  get_tree_bdev+0x3e4/0x510
[ 1259.536763][T17951]  ? end_current_label_crit_section+0x170/0x170
[ 1259.543113][T17951]  ? gfs2_reconfigure+0xb10/0xb10
[ 1259.548206][T17951]  ? setup_bdev_super+0x660/0x660
[ 1259.553259][T17951]  gfs2_get_tree+0x51/0x1e0
[ 1259.557798][T17951]  vfs_get_tree+0x8c/0x280
[ 1259.562238][T17951]  do_new_mount+0x24b/0xa40
[ 1259.566791][T17951]  __se_sys_mount+0x2da/0x3c0
[ 1259.571523][T17951]  ? __x64_sys_mount+0xc0/0xc0
[ 1259.576324][T17951]  ? lockdep_hardirqs_on+0x98/0x150
[ 1259.581567][T17951]  ? __x64_sys_mount+0x20/0xc0
[ 1259.586353][T17951]  do_syscall_64+0x55/0xb0
[ 1259.590789][T17951]  ? clear_bhb_loop+0x40/0x90
[ 1259.595486][T17951]  ? clear_bhb_loop+0x40/0x90
[ 1259.600187][T17951]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1259.606143][T17951] RIP: 0033:0x7f9c72d9076a
[ 1259.610596][T17951] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1259.630402][T17951] RSP: 002b:00007f9c73b9ae68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1259.638840][T17951] RAX: ffffffffffffffda RBX: 00007f9c73b9aef0 RCX: 00007f9c72d9076a
[ 1259.646827][T17951] RDX: 000020000001f680 RSI: 0000200000000040 RDI: 00007f9c73b9aeb0
[ 1259.654853][T17951] RBP: 000020000001f680 R08: 00007f9c73b9aef0 R09: 0000000000800894
[ 1259.662869][T17951] R10: 0000000000800894 R11: 0000000000000246 R12: 0000200000000040
[ 1259.670856][T17951] R13: 00007f9c73b9aeb0 R14: 000000000001f7c8 R15: 00002000000001c0
[ 1259.678858][T17951]  </TASK>
[ 1259.682755][   T28] audit: type=1326 audit(1761495034.738:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18029 comm="syz.2.12782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=453 compat=0 ip=0x7fa6d1b8efc9 code=0x7ffc0000
[ 1259.714606][T17951] gfs2: fsid=syz:syz.0: can't acquire journal inode glock: -5
[ 1259.727641][T18039] netlink: 28 bytes leftover after parsing attributes in process `syz.1.12785'.
[ 1259.834176][   T28] audit: type=1326 audit(1761495034.738:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18029 comm="syz.2.12782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6d1b8efc9 code=0x7ffc0000
[ 1259.907782][   T28] audit: type=1326 audit(1761495034.738:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18029 comm="syz.2.12782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6d1b8efc9 code=0x7ffc0000
[ 1260.062620][T18055] netlink: 3 bytes leftover after parsing attributes in process `syz.1.12788'.
[ 1260.086110][T18055] 0ªX¹¦À: renamed from caif0
[ 1260.110240][T18055] 0ªX¹¦À: entered allmulticast mode
[ 1260.136276][T18055] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[ 1260.245665][T18061] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1260.731622][T18082] loop4: detected capacity change from 0 to 2048
[ 1260.785298][T18082] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1260.882686][T18095] netlink: 28 bytes leftover after parsing attributes in process `syz.2.12801'.
[ 1260.912611][T18095] netlink: 28 bytes leftover after parsing attributes in process `syz.2.12801'.
[ 1261.497921][T18123] netlink: 228 bytes leftover after parsing attributes in process `syz.4.12810'.
[ 1261.559821][T18127] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 1262.460507][T18175] loop3: detected capacity change from 0 to 256
[ 1262.505498][T18175] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1262.542625][T14897] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[ 1262.781566][T14897] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1262.818712][T14897] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1262.853982][T14897] usb 5-1: config 0 descriptor??
[ 1263.111639][T14897] [drm] vendor descriptor length:6 data:06 5f 01 ff 00 00 00 00 00 00 00
[ 1263.122749][T14897] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[ 1263.326164][T14897] [drm:udl_init] *ERROR* Selecting channel failed
[ 1263.382092][T14897] [drm] Initialized udl 0.0.1 20120220 for 5-1:0.0 on minor 2
[ 1263.436661][T14897] [drm] Initialized udl on minor 2
[ 1263.451070][T18226] netlink: 76 bytes leftover after parsing attributes in process `syz.2.12841'.
[ 1263.470546][T14897] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1263.495952][T18226] netlink: 8 bytes leftover after parsing attributes in process `syz.2.12841'.
[ 1263.497287][T14897] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[ 1263.529229][    T9] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1263.577962][T14897] usb 5-1: USB disconnect, device number 9
[ 1263.584091][    T9] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1263.650001][    T9] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[ 1264.762824][T18297] delete_channel: no stack
[ 1264.844257][T18255] loop3: detected capacity change from 0 to 32768
[ 1264.930935][T18255] ERROR: (device loop3): dbAlloc: unable to allocate blocks
[ 1264.930935][T18255] 
[ 1264.979504][T18255] jfs_create: dtInsert returned -EIO
[ 1265.011838][T18255] ERROR: (device loop3): jfs_create: 
[ 1265.011838][T18255] 
[ 1265.233937][T18315] netlink: 16 bytes leftover after parsing attributes in process `syz.2.12857'.
[ 1265.498830][T18329] netlink: 'syz.2.12860': attribute type 3 has an invalid length.
[ 1266.235462][T18364] Cannot find del_set index 6 as target
[ 1266.248864][T18365] ipip0: entered allmulticast mode
[ 1266.588504][T18388] netlink: 16 bytes leftover after parsing attributes in process `syz.4.12880'.
[ 1266.732578][T14897] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[ 1266.912720][T14897] usb 2-1: Using ep0 maxpacket: 16
[ 1266.920263][T14897] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 97, changing to 7
[ 1266.939050][T14897] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 24929, setting to 1024
[ 1266.955141][T14897] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1266.982616][T14897] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1267.023764][T14897] usb 2-1: Product: syz
[ 1267.031680][T14897] usb 2-1: Manufacturer: syz
[ 1267.044471][T14897] usb 2-1: SerialNumber: syz
[ 1267.060179][T14897] usb 2-1: config 0 descriptor??
[ 1267.088130][T14897] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1267.122794][T14897] em28xx 2-1:0.0: DVB interface 0 found: isoc
[ 1267.200856][T18413] cgroup: Bad value for 'name'
[ 1267.365045][T14897] em28xx 2-1:0.0: unknown em28xx chip ID (0)
[ 1267.455963][T14897] em28xx 2-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[ 1267.489952][T14897] em28xx 2-1:0.0: board has no eeprom
[ 1267.504672][T18393] loop3: detected capacity change from 0 to 32768
[ 1267.592421][T14897] em28xx 2-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[ 1267.619536][T14897] em28xx 2-1:0.0: dvb set to isoc mode.
[ 1267.639030][T10946] em28xx 2-1:0.0: Binding DVB extension
[ 1267.669898][T14897] usb 2-1: USB disconnect, device number 2
[ 1267.694818][T14897] em28xx 2-1:0.0: Disconnecting em28xx
[ 1267.922642][T10946] em28xx 2-1:0.0: Registering input extension
[ 1267.941347][T14897] em28xx 2-1:0.0: Closing input extension
[ 1268.074270][T14897] em28xx 2-1:0.0: Freeing device
[ 1269.100972][T18523] loop4: detected capacity change from 0 to 128
[ 1269.121359][T18523] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[ 1269.145273][T18523] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1269.292487][T14897] usb 4-1: new high-speed USB device number 123 using dummy_hcd
[ 1269.512619][T14897] usb 4-1: Using ep0 maxpacket: 16
[ 1269.526755][T14897] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[ 1269.539476][T14897] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1269.561613][T14897] usb 4-1: Product: syz
[ 1269.571628][T14897] usb 4-1: Manufacturer: syz
[ 1269.582230][T14897] usb 4-1: SerialNumber: syz
[ 1269.591127][T14897] r8152-cfgselector 4-1: config 0 descriptor??
[ 1270.045269][T14897] r8152-cfgselector 4-1: Unknown version 0x0000
[ 1270.072796][T14897] r8152-cfgselector 4-1: USB disconnect, device number 123
[ 1270.622633][    T9] usb 3-1: new full-speed USB device number 110 using dummy_hcd
[ 1270.815194][    T9] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1270.837768][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1270.878382][    T9] usb 3-1: config 0 descriptor??
[ 1270.909671][    T9] cp210x 3-1:0.0: cp210x converter detected
[ 1271.332640][    T9] cp210x 3-1:0.0: failed to get vendor val 0x370c size 13: -71
[ 1271.342612][    T9] cp210x 3-1:0.0: GPIO initialisation failed: -71
[ 1271.381508][    T9] usb 3-1: cp210x converter now attached to ttyUSB0
[ 1271.422744][    T9] usb 3-1: USB disconnect, device number 110
[ 1271.449947][T18651] vim2m vim2m.0: Fourcc format (0x42474752) invalid.
[ 1271.459213][    T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1271.493909][    T9] cp210x 3-1:0.0: device disconnected
[ 1271.524787][T18658] binfmt_misc: register: failed to install interpreter file ./file0
[ 1272.052684][T18684] loop3: detected capacity change from 0 to 1024
[ 1272.071581][T18684] EXT4-fs: Ignoring removed bh option
[ 1272.087546][T18684] EXT4-fs: inline encryption not supported
[ 1272.109075][T18684] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1272.129821][T18684] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1272.198021][T18684] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 2: comm syz.3.12957: lblock 2 mapped to illegal pblock 2 (length 1)
[ 1272.263433][T18684] EXT4-fs (loop3): Remounting filesystem read-only
[ 1272.270045][T18684] Quota error (device loop3): qtree_write_dquot: dquota write failed
[ 1272.298260][T18684] Quota error (device loop3): v2_write_file_info: Can't write info structure
[ 1272.320433][T18684] EXT4-fs (loop3): 1 orphan inode deleted
[ 1272.329750][T18684] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1272.350439][T18684] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1273.174448][T18743] loop3: detected capacity change from 0 to 16
[ 1273.187937][T18743] erofs: (device loop3): mounted with root inode @ nid 36.
[ 1273.826910][T18781] loop3: detected capacity change from 0 to 256
[ 1274.133237][T18799] comedi comedi0: aio_iiro_16: a I/O base address must be specified
[ 1274.257471][T18804] netlink: 'syz.1.12993': attribute type 28 has an invalid length.
[ 1274.291128][T18804] netlink: 'syz.1.12993': attribute type 29 has an invalid length.
[ 1274.329975][T18804] netlink: 132 bytes leftover after parsing attributes in process `syz.1.12993'.
[ 1274.362557][   T28] audit: type=1326 audit(1761495049.838:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18809 comm="syz.3.12996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c72d8efc9 code=0x7ffc0000
[ 1274.398529][   T28] audit: type=1326 audit(1761495049.838:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18809 comm="syz.3.12996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c72d8efc9 code=0x7ffc0000
[ 1274.512517][   T28] audit: type=1326 audit(1761495049.848:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18809 comm="syz.3.12996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7f9c72d8efc9 code=0x7ffc0000
[ 1274.597877][   T28] audit: type=1326 audit(1761495049.848:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18809 comm="syz.3.12996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c72d8efc9 code=0x7ffc0000
[ 1274.613763][T18822] netlink: 12 bytes leftover after parsing attributes in process `syz.3.12998'.
[ 1274.682494][T18822] netlink: 'syz.3.12998': attribute type 1 has an invalid length.
[ 1274.712464][T18822] netlink: 'syz.3.12998': attribute type 2 has an invalid length.
[ 1274.720917][T18822] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12998'.
[ 1275.416426][T18865] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[ 1275.433652][T18865] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[ 1276.735858][T18889] loop4: detected capacity change from 0 to 32768
[ 1276.773650][T18889] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.13021 (18889)
[ 1276.855962][T18889] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1276.871788][   T28] audit: type=1800 audit(1761495052.338:490): pid=18912 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.1.13030" name="/" dev="sockfs" ino=95064 res=0 errno=0
[ 1276.902514][T18889] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[ 1276.934254][T18889] BTRFS info (device loop4): turning on sync discard
[ 1276.941024][T18889] BTRFS info (device loop4): using free space tree
[ 1277.232166][T18958] netlink: 28 bytes leftover after parsing attributes in process `syz.1.13037'.
[ 1277.263750][T18889] BTRFS info (device loop4): enabling ssd optimizations
[ 1277.298370][T18889] BTRFS info (device loop4): checking UUID tree
[ 1277.333490][T18958] netlink: 'syz.1.13037': attribute type 8 has an invalid length.
[ 1277.384047][T18958] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[ 1277.402158][T18967] netlink: 'syz.2.13041': attribute type 1 has an invalid length.
[ 1277.452582][T18967] netlink: 12 bytes leftover after parsing attributes in process `syz.2.13041'.
[ 1277.691989][ T8892] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1278.204590][ T8555] usb 3-1: new full-speed USB device number 111 using dummy_hcd
[ 1278.408809][ T8555] usb 3-1: config 0 has an invalid interface number: 52 but max is 0
[ 1278.421057][T19006] bridge_slave_0: entered promiscuous mode
[ 1278.428731][ T8555] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1278.452762][T19006] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[ 1278.480328][ T8555] usb 3-1: config 0 has no interface number 0
[ 1278.497850][ T8555] usb 3-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 10
[ 1278.509913][ T8555] usb 3-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0
[ 1278.552496][ T8555] usb 3-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1278.604070][ T8555] usb 3-1: config 0 interface 52 has no altsetting 0
[ 1278.632090][ T8555] usb 3-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[ 1278.644740][ T8555] usb 3-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0
[ 1278.671634][ T8555] usb 3-1: Manufacturer: syz
[ 1278.676581][T19012] loop4: detected capacity change from 0 to 4096
[ 1278.689030][T19012] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512).
[ 1278.713889][ T8555] usb 3-1: config 0 descriptor??
[ 1278.748763][ T8555] hub 3-1:0.52: bad descriptor, ignoring hub
[ 1278.750359][T19017] netlink: 'syz.1.13055': attribute type 21 has an invalid length.
[ 1278.764770][ T8555] hub: probe of 3-1:0.52 failed with error -5
[ 1278.810256][T19017] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13055'.
[ 1278.918765][T19012] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[ 1278.983723][ T8555] synaptics_usb 3-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1279.012138][ T8555] synaptics_usb: probe of 3-1:0.52 failed with error -5
[ 1279.353058][T14897] usb 3-1: USB disconnect, device number 111
[ 1279.626852][T19063] netlink: 'syz.3.13065': attribute type 1 has an invalid length.
[ 1279.975219][   T28] audit: type=1326 audit(1761495055.458:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19077 comm="syz.3.13070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c72d8efc9 code=0x7ffc0000
[ 1280.041136][   T28] audit: type=1326 audit(1761495055.478:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19077 comm="syz.3.13070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c72d8efc9 code=0x7ffc0000
[ 1280.101063][   T28] audit: type=1326 audit(1761495055.508:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19077 comm="syz.3.13070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=84 compat=0 ip=0x7f9c72d8efc9 code=0x7ffc0000
[ 1280.182513][   T28] audit: type=1326 audit(1761495055.508:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19077 comm="syz.3.13070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c72d8efc9 code=0x7ffc0000
[ 1280.227703][   T28] audit: type=1326 audit(1761495055.508:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19077 comm="syz.3.13070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c72d8efc9 code=0x7ffc0000
[ 1280.678079][T19109] overlayfs: conflicting options: verity=require,redirect_dir=nofollow
[ 1280.769550][T19112] loop2: detected capacity change from 0 to 512
[ 1280.832161][T19112] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 1280.876541][T19112] EXT4-fs (loop2): 1 truncate cleaned up
[ 1280.898605][T19117] loop3: detected capacity change from 0 to 256
[ 1280.924784][T19117] FAT-fs (loop3): Directory bread(block 1285) failed
[ 1280.935963][T19112] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1280.979175][T19065] loop4: detected capacity change from 0 to 32768
[ 1281.019095][T19065] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 1281.040261][T19065] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 1281.085034][T19117] FAT-fs (loop3): Directory bread(block 1285) failed
[ 1281.127035][T19112] EXT4-fs error (device loop2): ext4_find_extent:900: inode #15: comm syz.2.13081: inode has invalid extent depth: 25964
[ 1281.151363][T19065] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms
[ 1281.160158][T19117] FAT-fs (loop3): Directory bread(block 1285) failed
[ 1281.203970][T19117] FAT-fs (loop3): Directory bread(block 1285) failed
[ 1281.223921][T19112] EXT4-fs (loop2): Remounting filesystem read-only
[ 1281.230548][T19112] fs-verity (loop2, inode 15): Error -117 getting verity descriptor size
[ 1281.404033][ T5797] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1281.496434][T19065] gfs2: fsid=syz:syz.s: first mount done, others may mount
[ 1281.866228][   T28] audit: type=1326 audit(1761495057.338:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19154 comm="syz.1.13093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd26458efc9 code=0x7ffc0000
[ 1281.962581][   T28] audit: type=1326 audit(1761495057.338:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19154 comm="syz.1.13093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd26458efc9 code=0x7ffc0000
[ 1282.048461][   T28] audit: type=1326 audit(1761495057.348:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19154 comm="syz.1.13093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7fd26458efc9 code=0x7ffc0000
[ 1282.119551][   T28] audit: type=1326 audit(1761495057.348:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19154 comm="syz.1.13093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd26458efc9 code=0x7ffc0000
[ 1282.193943][T19169] loop2: detected capacity change from 0 to 64
[ 1282.320074][T19175] 9pnet_fd: Insufficient options for proto=fd
[ 1283.224943][T19224] netlink: 8 bytes leftover after parsing attributes in process `syz.1.13111'.
[ 1283.730661][T19258] loop4: detected capacity change from 0 to 512
[ 1283.768814][T19258] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2802e028, mo2=0002]
[ 1283.769761][T19258] System zones: 1-12
[ 1283.783355][T19258] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.13119: invalid indirect mapped block 8 (level 2)
[ 1283.786597][T19258] EXT4-fs (loop4): Remounting filesystem read-only
[ 1283.819908][T19258] EXT4-fs (loop4): 1 truncate cleaned up
[ 1283.827446][T19258] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1284.011122][ T8892] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1284.382585][T19283] netlink: 'syz.4.13127': attribute type 10 has an invalid length.
[ 1284.393404][T19283] veth0_macvtap: left allmulticast mode
[ 1284.393453][T19283] veth0_macvtap: left promiscuous mode
[ 1284.413185][T19283] 0ªX¹¦D: left allmulticast mode
[ 1284.504612][T19283] batman_adv: batadv0: Adding interface: 
30ªX¹¦D
[ 1284.504632][T19283] batman_adv: batadv0: The MTU of interface 
30ªX¹¦D is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1284.504660][T19283] batman_adv: batadv0: Not using interface 
30ªX¹¦D (retrying later): interface not active
[ 1284.725397][T19297] netlink: 'syz.1.13130': attribute type 4 has an invalid length.
[ 1284.880369][T19304] netlink: 8 bytes leftover after parsing attributes in process `syz.2.13133'.
[ 1285.320358][T19332] netlink: 'syz.1.13142': attribute type 5 has an invalid length.
[ 1285.512454][ T8555] usb 4-1: new high-speed USB device number 124 using dummy_hcd
[ 1285.702655][ T8555] usb 4-1: Using ep0 maxpacket: 8
[ 1285.753865][ T8555] usb 4-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00
[ 1285.772499][ T8555] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1285.801572][ T8555] usb 4-1: Product: syz
[ 1285.806807][ T8555] usb 4-1: Manufacturer: syz
[ 1285.816228][ T8555] usb 4-1: SerialNumber: syz
[ 1285.834042][ T8555] usb 4-1: config 0 descriptor??
[ 1285.860475][ T8555] radio-usb-si4713 4-1:0.0: Si4713 development board discovered: (10C4:8244)
[ 1286.303008][ T8555] radio-usb-si4713: probe of 4-1:0.0 failed with error -71
[ 1286.319241][ T8555] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[ 1286.353753][ T8555] usb 4-1: USB disconnect, device number 124
[ 1287.353092][ T8555] usb 4-1: new full-speed USB device number 125 using dummy_hcd
[ 1287.369845][T19431] loop2: detected capacity change from 0 to 512
[ 1287.434737][T19431] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a84ec018, mo2=0002]
[ 1287.443193][T19431] System zones: 0-2, 18-18, 34-34
[ 1287.448674][T19431] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1287.473047][T19431] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.13170: bg 0: block 248: padding at end of block bitmap is not set
[ 1287.531666][T19431] Quota error (device loop2): write_blk: dquota write failed
[ 1287.540739][T19431] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[ 1287.549881][ T8555] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1287.552935][T19431] EXT4-fs error (device loop2): ext4_acquire_dquot:6940: comm syz.2.13170: Failed to acquire dquot type 1
[ 1287.576123][T19431] EXT4-fs (loop2): 1 orphan inode deleted
[ 1287.594843][   T12] Quota error (device loop2): do_check_range: Getting block 0 out of range 1-5
[ 1287.599553][ T8555] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 154, setting to 64
[ 1287.604266][   T12] EXT4-fs error (device loop2): ext4_release_dquot:6976: comm kworker/u4:1: Failed to release dquot type 1
[ 1287.643204][T19397] loop4: detected capacity change from 0 to 40427
[ 1287.649696][ T8555] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 1287.649727][ T8555] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1287.660409][ T8555] usb 4-1: config 0 descriptor??
[ 1287.673696][T19416] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1287.673825][T19431] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1287.708680][ T8555] usb 4-1: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 1287.734172][T19397] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1287.746256][ T8555] usb 4-1: No valid video chain found.
[ 1287.787598][T19397] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1287.838562][T19397] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1287.860648][T19431] EXT4-fs error (device loop2): ext4_lookup:1862: inode #2: comm syz.2.13170: deleted inode referenced: 12
[ 1287.978412][ T8555] usb 4-1: USB disconnect, device number 125
[ 1288.034374][ T5797] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1288.049642][T19397] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1288.084654][T19397] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1288.097576][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1289.522733][T19525] netlink: 8 bytes leftover after parsing attributes in process `syz.2.13191'.
[ 1289.573337][T19526] netlink: 8 bytes leftover after parsing attributes in process `syz.4.13190'.
[ 1289.593475][T19526] netlink: 4 bytes leftover after parsing attributes in process `syz.4.13190'.
[ 1289.628179][T19530] ip6t_REJECT: ECHOREPLY is not supported
[ 1290.270495][T19560] loop4: detected capacity change from 0 to 1764
[ 1291.368856][T19625] overlayfs: disabling nfs_export due to verity=require
[ 1291.384813][T19625] overlayfs: conflicting options: userxattr,verity=require
[ 1291.852580][ T8555] usb 3-1: new high-speed USB device number 112 using dummy_hcd
[ 1292.067095][ T8555] usb 3-1: config 0 has an invalid interface number: 199 but max is 1
[ 1292.070269][T19620] loop4: detected capacity change from 0 to 32768
[ 1292.082412][ T8555] usb 3-1: config 0 has no interface number 1
[ 1292.095118][ T8555] usb 3-1: config 0 interface 199 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[ 1292.112007][ T8555] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[ 1292.133787][T19620] ERROR: (device loop4): diNewExt: no free extents
[ 1292.133787][T19620] 
[ 1292.152766][ T8555] usb 3-1: New USB device found, idVendor=0002, idProduct=0000, bcdDevice= 0.00
[ 1292.175969][T19620] ERROR: (device loop4): remounting filesystem as read-only
[ 1292.183798][ T8555] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1292.191855][ T8555] usb 3-1: SerialNumber: syz
[ 1292.218266][T19620] ialloc: diAlloc returned -5!
[ 1292.230245][ T8555] usb 3-1: config 0 descriptor??
[ 1292.255025][ T8555] usb 3-1: Found UVC 0.00 device <unnamed> (0002:0000)
[ 1292.292619][ T8555] usb 3-1: No valid video chain found.
[ 1292.581618][  T786] usb 3-1: USB disconnect, device number 112
[ 1292.847707][T19691] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13238'.
[ 1292.879025][T19691] openvswitch: netlink: Missing key (keys=40, expected=2000)
[ 1293.509366][T19719] libceph: resolve 'c' (ret=-3): failed
[ 1293.533113][T19724] netlink: 20 bytes leftover after parsing attributes in process `syz.4.13250'.
[ 1294.256651][T19761] loop3: detected capacity change from 0 to 256
[ 1294.262485][T19763] netlink: 'syz.2.13262': attribute type 21 has an invalid length.
[ 1294.273925][T19763] netlink: 132 bytes leftover after parsing attributes in process `syz.2.13262'.
[ 1294.285607][T19761] exfat: Deprecated parameter 'utf8'
[ 1294.324961][T19761] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[ 1294.489535][T19768] loop4: detected capacity change from 0 to 4096
[ 1294.581404][T19777] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1294.667647][T19768] NILFS error (device loop4): nilfs_check_page: size of directory #2 is not a multiple of chunk size
[ 1294.680232][T19768] Remounting filesystem read-only
[ 1294.784081][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1294.862090][ T5796] bond0: (slave syz_tun): Releasing backup interface
[ 1294.925609][T19792] IPVS: set_ctl: invalid protocol: 59 0.0.0.0:20000
[ 1294.942950][T14897] usb 2-1: new full-speed USB device number 3 using dummy_hcd
[ 1295.183190][T14897] usb 2-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[ 1295.207749][T14897] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1295.246806][T14897] usb 2-1: Product: syz
[ 1295.250513][T12618] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1295.251025][T14897] usb 2-1: Manufacturer: syz
[ 1295.251046][T14897] usb 2-1: SerialNumber: syz
[ 1295.306708][T14897] usb 2-1: config 0 descriptor??
[ 1295.339528][T14897] gspca_main: stk1135-2.14.0 probing 174f:6a31
[ 1295.400282][T12618] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1295.494940][T12618] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1295.627786][T12618] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1295.735678][T14897] gspca_stk1135: reg_w 0x0 err -71
[ 1295.774349][T14897] gspca_stk1135: serial bus timeout: status=0x00
[ 1295.780872][T14897] gspca_stk1135: Sensor write failed
[ 1295.812593][T14897] gspca_stk1135: serial bus timeout: status=0x00
[ 1295.819015][T14897] gspca_stk1135: Sensor write failed
[ 1295.843131][T14897] gspca_stk1135: serial bus timeout: status=0x00
[ 1295.849602][T14897] gspca_stk1135: Sensor read failed
[ 1295.889851][T14897] gspca_stk1135: serial bus timeout: status=0x00
[ 1295.912688][T14897] gspca_stk1135: Sensor read failed
[ 1295.929126][T14897] gspca_stk1135: Detected sensor type unknown (0x0)
[ 1295.955671][T14897] gspca_stk1135: serial bus timeout: status=0x00
[ 1295.989960][T14897] gspca_stk1135: Sensor read failed
[ 1296.022367][T14897] gspca_stk1135: serial bus timeout: status=0x00
[ 1296.028876][T14897] gspca_stk1135: Sensor read failed
[ 1296.048694][T14897] gspca_stk1135: serial bus timeout: status=0x00
[ 1296.073098][T14897] gspca_stk1135: Sensor write failed
[ 1296.078491][T14897] gspca_stk1135: serial bus timeout: status=0x00
[ 1296.115252][T14897] gspca_stk1135: Sensor write failed
[ 1296.130949][T14897] stk1135: probe of 2-1:0.0 failed with error -71
[ 1296.174623][T14897] usb 2-1: USB disconnect, device number 3
[ 1296.180817][T12618] : left promiscuous mode
[ 1296.771579][ T5793] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1296.789634][ T5793] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1296.811692][ T5793] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1296.835086][ T5793] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1296.871735][ T5793] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1296.895343][ T5793] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1296.965395][T20932] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1296.986230][T20932] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1296.997539][T20932] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1297.027784][T20932] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1297.039753][T20932] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1297.066800][T20932] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1297.648567][T19858] wg1 speed is unknown, defaulting to 1000
[ 1297.862403][   T23] usb 3-1: new high-speed USB device number 113 using dummy_hcd
[ 1298.046493][   T23] usb 3-1: Using ep0 maxpacket: 8
[ 1298.094812][   T23] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 7
[ 1298.115218][   T23] usb 3-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[ 1298.144154][   T23] usb 3-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[ 1298.170643][   T23] usb 3-1: Product: syz
[ 1298.183030][   T23] usb 3-1: Manufacturer: syz
[ 1298.203502][   T23] usb 3-1: SerialNumber: syz
[ 1298.452547][   T23] usb 3-1: Handspring Visor / Palm OS: No valid connect info available
[ 1298.494921][   T23] usb 3-1: Handspring Visor / Palm OS: port 82, is for unknown use
[ 1298.535506][   T23] usb 3-1: Handspring Visor / Palm OS: port 223, is for HotSync use
[ 1298.552486][   T23] usb 3-1: Handspring Visor / Palm OS: Number of ports: 2
[ 1298.564301][T19944] loop4: detected capacity change from 0 to 32768
[ 1298.659952][T19944] jfs_strtoUCS: char2uni returned -22.
[ 1298.661035][   T23] usb 3-1: palm_os_3_probe - error -71 getting bytes available request
[ 1298.681898][   T23] visor 3-1:1.0: Handspring Visor / Palm OS converter detected
[ 1298.695611][   T23] usb 3-1: Handspring Visor / Palm OS converter now attached to ttyUSB0
[ 1298.702486][T19944] charset = iso8859-3, char = 0xc3
[ 1298.753433][   T23] usb 3-1: Handspring Visor / Palm OS converter now attached to ttyUSB1
[ 1298.798046][   T23] usb 3-1: USB disconnect, device number 113
[ 1298.840094][   T23] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0
[ 1298.931431][   T23] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1
[ 1298.976703][   T23] visor 3-1:1.0: device disconnected
[ 1299.195361][ T5793] Bluetooth: hci2: command tx timeout
[ 1299.399957][T20051] netlink: 'syz.4.13298': attribute type 30 has an invalid length.
[ 1299.786854][T19858] chnl_net:caif_netlink_parms(): no params data found
[ 1299.953523][    T9] usb 3-1: new high-speed USB device number 114 using dummy_hcd
[ 1300.164956][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[ 1300.187585][    T9] usb 3-1: New USB device found, idVendor=2040, idProduct=5530, bcdDevice=a8.82
[ 1300.198555][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1300.283265][    T9] usb 3-1: config 0 descriptor??
[ 1300.291996][    T9] smsusb:smsusb_probe: board id=8, interface number 0
[ 1300.312992][    T9] smsusb:smsusb_probe: Device initialized with return code -19
[ 1300.553777][ T1285] ieee802154 phy0 wpan0: encryption failed: -22
[ 1300.562818][ T1285] ieee802154 phy1 wpan1: encryption failed: -22
[ 1300.594213][    T9] usb 3-1: USB disconnect, device number 114
[ 1300.628482][T19858] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1300.648922][T19858] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1300.658127][T19858] bridge_slave_0: entered allmulticast mode
[ 1300.666512][T19858] bridge_slave_0: entered promiscuous mode
[ 1300.719267][T19858] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1300.742884][T19858] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1300.765880][T19858] bridge_slave_1: entered allmulticast mode
[ 1300.780047][T19858] bridge_slave_1: entered promiscuous mode
[ 1301.050753][T19858] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1301.125773][T19858] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1301.255874][ T5793] Bluetooth: hci2: command tx timeout
[ 1301.579800][T20274] loop4: detected capacity change from 0 to 512
[ 1301.591821][T19858] team0: Port device team_slave_0 added
[ 1301.638068][T20274] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1301.741299][T20274] EXT4-fs error (device loop4): ext4_expand_extra_isize_ea:2822: inode #11: comm syz.4.13312: corrupted xattr block 95: invalid header
[ 1301.789353][T12618] hsr_slave_0: left promiscuous mode
[ 1301.807222][T20274] EXT4-fs (loop4): Remounting filesystem read-only
[ 1301.815914][T20274] EXT4-fs warning (device loop4): ext4_evict_inode:255: couldn't mark inode dirty (err -5)
[ 1301.826557][T20274] EXT4-fs (loop4): 1 orphan inode deleted
[ 1301.833922][T20274] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1301.862437][T12618] hsr_slave_1: left promiscuous mode
[ 1301.904806][T12618] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1301.936515][T12618] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1301.971468][ T8892] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1302.004794][T12618] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1302.025446][T12618] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1302.103763][T12618] bridge_slave_1: left allmulticast mode
[ 1302.109489][T12618] bridge_slave_1: left promiscuous mode
[ 1302.195844][T12618] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1302.253422][T12618] bridge_slave_0: left allmulticast mode
[ 1302.259169][T12618] bridge_slave_0: left promiscuous mode
[ 1302.278438][T12618] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1302.422252][T12618] veth1_macvtap: left promiscuous mode
[ 1302.429098][T12618] veth0_macvtap: left allmulticast mode
[ 1302.443309][T12618] veth0_macvtap: left promiscuous mode
[ 1303.124631][T12618] bond5 (unregistering): Released all slaves
[ 1303.215484][T12618] bond4 (unregistering): Released all slaves
[ 1303.341699][ T5793] Bluetooth: hci2: command tx timeout
[ 1303.948957][T12618] bond3 (unregistering): Released all slaves
[ 1304.169623][T12618] bond2 (unregistering): Released all slaves
[ 1304.222771][T12618] bond1 (unregistering): Released all slaves
[ 1304.460551][T12618] bond0 (unregistering): (slave macvlan0): Releasing backup interface
[ 1305.038525][T12618] team0 (unregistering): Port device team_slave_1 removed
[ 1305.123607][T12618] team0 (unregistering): Port device team_slave_0 removed
[ 1305.204708][T12618] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1305.287570][T12618] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1305.412638][ T5793] Bluetooth: hci2: command tx timeout
[ 1305.697022][T12618] bond0 (unregistering): (slave batadv0): Releasing backup interface
[ 1306.293556][T12618] bond0 (unregistering): Released all slaves
[ 1306.418107][T19858] team0: Port device team_slave_1 added
[ 1306.534617][T20370] netlink: 'syz.1.13338': attribute type 46 has an invalid length.
[ 1306.619401][T20392] netlink: 224 bytes leftover after parsing attributes in process `syz.4.13339'.
[ 1306.670300][T19858] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1306.681219][T19858] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1306.792373][T19858] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1306.820872][T19858] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1306.831209][T19858] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1306.858863][T20410] netlink: 44 bytes leftover after parsing attributes in process `syz.2.13341'.
[ 1306.867788][T19858] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1307.211930][T19858] hsr_slave_0: entered promiscuous mode
[ 1307.302954][T19858] hsr_slave_1: entered promiscuous mode
[ 1307.338152][T19858] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1307.382146][T19858] Cannot create hsr debugfs directory
[ 1307.787064][T20502] netlink: 'syz.4.13351': attribute type 9 has an invalid length.
[ 1307.808337][T20488] netlink: 12 bytes leftover after parsing attributes in process `syz.2.13350'.
[ 1308.143588][T12618] IPVS: stop unused estimator thread 0...
[ 1308.636135][T19858] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1308.690597][T19858] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1308.753460][T19858] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1308.769886][T20566] loop2: detected capacity change from 0 to 4096
[ 1308.812521][T19858] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1308.927938][T20588] netlink: 32 bytes leftover after parsing attributes in process `syz.4.13361'.
[ 1308.998045][T20592] netlink: 'syz.1.13362': attribute type 2 has an invalid length.
[ 1309.279307][T19858] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1309.358507][T19858] 8021q: adding VLAN 0 to HW filter on device team0
[ 1309.415934][T12612] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1309.423239][T12612] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1309.545458][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1309.552732][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1310.109317][T20644] loop2: detected capacity change from 0 to 256
[ 1310.617942][T19858] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1310.743437][T20671] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.13379'.
[ 1311.013938][T20683] trusted_key: encrypted_key: master key parameter '' is invalid
[ 1311.336281][T20697] netlink: 156 bytes leftover after parsing attributes in process `syz.2.13385'.
[ 1311.702210][T19858] veth0_vlan: entered promiscuous mode
[ 1311.761482][T19858] veth1_vlan: entered promiscuous mode
[ 1311.936719][T19858] veth0_macvtap: entered promiscuous mode
[ 1311.975474][T19858] veth1_macvtap: entered promiscuous mode
[ 1312.079027][T19858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1312.096767][T19858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1312.111056][T19858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1312.136054][T19858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1312.154095][T19858] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1312.170470][T20736] netlink: 8 bytes leftover after parsing attributes in process `syz.1.13395'.
[ 1312.247999][T19858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1312.272485][ T5876] usb 5-1: new full-speed USB device number 10 using dummy_hcd
[ 1312.281527][T19858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1312.312088][T19858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1312.332768][T19858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1312.379424][T19858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1312.407250][T19858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1312.409145][T19858] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1312.419171][T19858] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1312.419211][T19858] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1312.419241][T19858] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1312.419269][T19858] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1312.513803][ T5876] usb 5-1: config index 0 descriptor too short (expected 69, got 36)
[ 1312.513836][ T5876] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1312.532866][ T5876] usb 5-1: New USB device found, idVendor=093a, idProduct=2622, bcdDevice=b7.89
[ 1312.532901][ T5876] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1312.532923][ T5876] usb 5-1: Product: syz
[ 1312.532940][ T5876] usb 5-1: Manufacturer: syz
[ 1312.532965][ T5876] usb 5-1: SerialNumber: syz
[ 1312.535560][ T5876] usb 5-1: config 0 descriptor??
[ 1312.545088][ T5876] gspca_main: gspca_pac7302-2.14.0 probing 093a:2622
[ 1312.726849][T12616] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1312.726914][T12616] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1312.980033][ T5876] gspca_pac7302: reg_w() failed i: 78 v: 00 error -71
[ 1313.007624][ T5876] gspca_pac7302: probe of 5-1:0.0 failed with error -71
[ 1313.009847][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1313.060316][ T5876] usb 5-1: USB disconnect, device number 10
[ 1313.064420][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1313.692715][T20799] usb usb9: usbfs: process 20799 (syz.1.13406) did not claim interface 6 before use
[ 1314.170153][T20820] loop5: detected capacity change from 0 to 1024
[ 1314.370791][T20820] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1314.667406][T19858] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1315.057760][T20859] loop2: detected capacity change from 0 to 4096
[ 1315.067606][T20860] loop4: detected capacity change from 0 to 4096
[ 1315.126753][T20859] ntfs: volume version 3.1.
[ 1315.305597][T20860] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[ 1315.366628][T20860] ntfs3: loop4: Failed to load $Extend (-22).
[ 1315.405853][T20860] ntfs3: loop4: Failed to initialize $Extend.
[ 1315.914000][T20896] trusted_key: encrypted_key: keyword 'ne' not recognized
[ 1315.951857][T20899] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13429'.
[ 1316.852746][T20940] netlink: 20 bytes leftover after parsing attributes in process `syz.1.13440'.
[ 1317.038450][T20948] i2c i2c-0: Invalid block read size 255
[ 1317.168812][T20957] loop2: detected capacity change from 0 to 8
[ 1317.355118][T20957] SQUASHFS error: xz decompression failed, data probably corrupt
[ 1317.381229][T20957] SQUASHFS error: Failed to read block 0x108: -5
[ 1317.424895][T20957] SQUASHFS error: Unable to read metadata cache entry [106]
[ 1317.454715][T20957] SQUASHFS error: Unable to read inode 0x11f
[ 1318.032763][    T9] usb 3-1: new high-speed USB device number 115 using dummy_hcd
[ 1318.234737][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[ 1318.274207][    T9] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[ 1318.302995][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 33119, setting to 1024
[ 1318.342551][    T9] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024
[ 1318.361864][    T9] usb 3-1: New USB device found, idVendor=2040, idProduct=2000, bcdDevice=65.72
[ 1318.378958][T21010] loop4: detected capacity change from 0 to 512
[ 1318.389603][    T9] usb 3-1: New USB device strings: Mfr=151, Product=0, SerialNumber=0
[ 1318.422656][    T9] usb 3-1: Manufacturer: syz
[ 1318.443842][T21010] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1318.443862][    T9] usb 3-1: config 0 descriptor??
[ 1318.471105][T21010] EXT4-fs: Ignoring removed i_version option
[ 1318.508223][T21016] netlink: 32 bytes leftover after parsing attributes in process `syz.1.13460'.
[ 1318.529941][T21010] EXT4-fs (loop4): 1 orphan inode deleted
[ 1318.538474][T21010] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1318.539112][T20957] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1318.671190][    T9] smsusb:smsusb_probe: board id=9, interface number 0
[ 1318.738016][    T9] smsusb:siano_media_device_register: media controller created
[ 1318.782956][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1318.790555][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1318.797937][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1318.805349][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1318.812725][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1318.822417][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1318.830092][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1318.838050][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1318.845568][ T5876] usb 5-1: new full-speed USB device number 11 using dummy_hcd
[ 1318.855653][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1318.863245][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1318.871542][    T9] smsmdtv:smscore_sendrequest_and_wait: sendrequest returned error -22
[ 1318.896887][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1318.904843][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1318.912317][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1318.919655][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1318.926997][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1318.934878][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1318.942335][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1318.949762][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1318.957103][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1318.964443][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1318.971791][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1318.983425][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1318.990893][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1318.998258][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.005598][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.012926][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.020423][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.028409][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.035761][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.043080][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.050346][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.057622][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.064932][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.072277][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.080190][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.087553][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.094901][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.103002][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.110346][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.117695][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.125382][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.132720][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.140407][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.147999][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.155801][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.163130][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.170527][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.178488][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.185835][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.193152][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.200482][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.207800][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.215127][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.222543][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.229879][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.237302][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.241278][ T5876] usb 5-1: config 0 has an invalid interface number: 120 but max is 0
[ 1319.244723][    T9] smsmdtv:smscore_set_device_mode: mode detect failed -22
[ 1319.260934][    T9] smsmdtv:smscore_start_device: set device mode failed , rc -22
[ 1319.268824][    T9] smsusb:smsusb_init_device: smscore_start_device(...) failed
[ 1319.277022][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.280958][ T5876] usb 5-1: config 0 has no interface number 0
[ 1319.284382][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.285556][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.305367][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.313183][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.320703][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.328724][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.336132][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.343516][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.350531][ T5876] usb 5-1: config 0 interface 120 altsetting 0 endpoint 0x8A has invalid maxpacket 12349, setting to 64
[ 1319.350877][    C0] smsusb:smsusb_onresponse: error, urb status -71, 0 bytes
[ 1319.370133][    T9] ------------[ cut here ]------------
[ 1319.376010][    T9] WARNING: CPU: 0 PID: 9 at kernel/workqueue.c:668 __cancel_work_timer+0x4e2/0x520
[ 1319.385460][    T9] Modules linked in:
[ 1319.389423][    T9] CPU: 0 PID: 9 Comm: kworker/0:1 Not tainted syzkaller #0
[ 1319.397191][    T9] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1319.407564][    T9] Workqueue: usb_hub_wq hub_event
[ 1319.412763][    T9] RIP: 0010:__cancel_work_timer+0x4e2/0x520
[ 1319.418734][    T9] Code: 41 5c 41 5d 41 5e 41 5f 5d c3 e8 89 d9 2e 00 0f 0b e9 ed fd ff ff e8 7d d9 2e 00 e8 08 f3 17 09 e9 8e fe ff ff e8 6e d9 2e 00 <0f> 0b 43 80 3c 2e 00 0f 85 04 ff ff ff e9 07 ff ff ff e8 e7 f1 17
[ 1319.438723][    T9] RSP: 0000:ffffc900000e6b40 EFLAGS: 00010283
[ 1319.445028][    T9] RAX: ffffffff8156b5f2 RBX: ffff88802a4f27a8 RCX: 0000000000100000
[ 1319.453191][    T9] RDX: ffffc900180bc000 RSI: 0000000000085b1e RDI: 0000000000085b1f
[ 1319.455285][ T5876] usb 5-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58
[ 1319.461196][    T9] RBP: ffffc900000e6c58 R08: ffff88802a4f27af R09: 1ffff1100549e4f5
[ 1319.461220][    T9] R10: dffffc0000000000 R11: ffffed100549e4f6 R12: 0000000000000000
[ 1319.461238][    T9] R13: dffffc0000000000 R14: 1ffff1100549e4f5 R15: 0000000000000000
[ 1319.461255][    T9] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[ 1319.461276][    T9] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1319.510989][    T9] CR2: 000000110c3c9243 CR3: 000000000cb30000 CR4: 00000000003506f0
[ 1319.519202][    T9] Call Trace:
[ 1319.522620][    T9]  <TASK>
[ 1319.525624][    T9]  ? cancel_work_sync+0x20/0x20
[ 1319.530549][    T9]  ? usb_unlink_urb+0xa0/0xa0
[ 1319.535370][    T9]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[ 1319.541410][    T9]  ? _raw_spin_unlock+0x40/0x40
[ 1319.546503][    T9]  ? smscore_putbuffer+0x81/0x120
[ 1319.551608][    T9]  smsusb_term_device+0xcb/0x220
[ 1319.556815][    T9]  smsusb_probe+0x1708/0x1da0
[ 1319.559155][ T5876] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1319.561562][    T9]  ? s2255_print_cfg+0x1b0/0x1b0
[ 1319.574743][    T9]  ? smsusb1_detectmode+0x260/0x260
[ 1319.580029][    T9]  ? _raw_spin_unlock_irqrestore+0x86/0x110
[ 1319.586123][    T9]  ? pm_runtime_enable+0x192/0x2a0
[ 1319.591311][    T9]  ? __pm_runtime_set_status+0x8ab/0xb80
[ 1319.597135][    T9]  usb_probe_interface+0x5a4/0xb00
[ 1319.602760][    T9]  ? usb_register_driver+0x3d0/0x3d0
[ 1319.608131][    T9]  really_probe+0x25b/0xb40
[ 1319.612921][    T9]  ? pm_runtime_barrier+0x14b/0x1c0
[ 1319.618307][    T9]  __driver_probe_device+0x18c/0x330
[ 1319.623855][    T9]  driver_probe_device+0x4f/0x420
[ 1319.628966][    T9]  __device_attach_driver+0x2ca/0x520
[ 1319.634490][    T9]  bus_for_each_drv+0x24b/0x2d0
[ 1319.639417][    T9]  ? coredump_store+0x90/0x90
[ 1319.644299][    T9]  ? bus_find_device+0x320/0x320
[ 1319.649336][    T9]  __device_attach+0x2b5/0x400
[ 1319.654632][    T9]  ? device_attach+0x20/0x20
[ 1319.659399][    T9]  ? kobject_uevent_env+0x363/0x8c0
[ 1319.664782][    T9]  ? do_raw_spin_unlock+0x121/0x230
[ 1319.670062][    T9]  bus_probe_device+0x180/0x260
[ 1319.674925][ T5876] usb 5-1: config 0 descriptor??
[ 1319.675976][T21010] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[ 1319.679987][    T9]  device_add+0x85b/0xc20
[ 1319.691623][    T9]  usb_set_configuration+0x1a79/0x20c0
[ 1319.697609][    T9]  usb_generic_driver_probe+0x8d/0x150
[ 1319.703672][    T9]  usb_probe_device+0x13d/0x280
[ 1319.708618][    T9]  ? usb_register_device_driver+0x230/0x230
[ 1319.714757][    T9]  really_probe+0x25b/0xb40
[ 1319.719339][    T9]  ? pm_runtime_barrier+0x14b/0x1c0
[ 1319.724695][    T9]  __driver_probe_device+0x18c/0x330
[ 1319.730409][    T9]  driver_probe_device+0x4f/0x420
[ 1319.735956][    T9]  __device_attach_driver+0x2ca/0x520
[ 1319.741594][    T9]  bus_for_each_drv+0x24b/0x2d0
[ 1319.746625][    T9]  ? coredump_store+0x90/0x90
[ 1319.751473][    T9]  ? bus_find_device+0x320/0x320
[ 1319.756752][    T9]  __device_attach+0x2b5/0x400
[ 1319.761592][    T9]  ? device_attach+0x20/0x20
[ 1319.766325][    T9]  ? kobject_uevent_env+0x363/0x8c0
[ 1319.771608][    T9]  ? do_raw_spin_unlock+0x121/0x230
[ 1319.776948][    T9]  bus_probe_device+0x180/0x260
[ 1319.781867][    T9]  device_add+0x85b/0xc20
[ 1319.786800][    T9]  usb_new_device+0xa31/0x1630
[ 1319.791646][    T9]  ? usb_disconnect+0x8a0/0x8a0
[ 1319.796711][    T9]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1319.801976][    T9]  ? lockdep_hardirqs_on+0x98/0x150
[ 1319.807795][    T9]  hub_event+0x2962/0x49c0
[ 1319.812927][    T9]  ? hub_post_resume+0x120/0x120
[ 1319.817935][    T9]  ? read_lock_is_recursive+0x20/0x20
[ 1319.823484][    T9]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1319.828751][    T9]  ? process_scheduled_works+0x957/0x15b0
[ 1319.834633][    T9]  ? process_scheduled_works+0x957/0x15b0
[ 1319.840518][    T9]  process_scheduled_works+0xa45/0x15b0
[ 1319.846288][    T9]  ? assign_work+0x400/0x400
[ 1319.850955][    T9]  ? assign_work+0x39e/0x400
[ 1319.855703][    T9]  worker_thread+0xa55/0xfc0
[ 1319.860424][    T9]  kthread+0x2fa/0x390
[ 1319.864748][    T9]  ? pr_cont_work+0x560/0x560
[ 1319.869500][    T9]  ? kthread_blkcg+0xd0/0xd0
[ 1319.874221][    T9]  ret_from_fork+0x48/0x80
[ 1319.878708][    T9]  ? kthread_blkcg+0xd0/0xd0
[ 1319.883472][    T9]  ret_from_fork_asm+0x11/0x20
[ 1319.888336][    T9]  </TASK>
[ 1319.891409][    T9] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1319.898740][    T9] CPU: 0 PID: 9 Comm: kworker/0:1 Not tainted syzkaller #0
[ 1319.905992][    T9] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1319.916198][    T9] Workqueue: usb_hub_wq hub_event
[ 1319.921298][    T9] Call Trace:
[ 1319.924635][    T9]  <TASK>
[ 1319.927617][    T9]  dump_stack_lvl+0x16c/0x230
[ 1319.932368][    T9]  ? show_regs_print_info+0x20/0x20
[ 1319.937676][    T9]  ? load_image+0x3b0/0x3b0
[ 1319.942338][    T9]  panic+0x2c0/0x710
[ 1319.946293][    T9]  ? bpf_jit_dump+0xd0/0xd0
[ 1319.950868][    T9]  ? ret_from_fork_asm+0x11/0x20
[ 1319.955886][    T9]  __warn+0x2e0/0x470
[ 1319.959918][    T9]  ? __cancel_work_timer+0x4e2/0x520
[ 1319.965414][    T9]  ? __cancel_work_timer+0x4e2/0x520
[ 1319.970753][    T9]  report_bug+0x2be/0x4f0
[ 1319.975225][    T9]  ? __cancel_work_timer+0x4e2/0x520
[ 1319.980542][    T9]  ? __cancel_work_timer+0x4e2/0x520
[ 1319.985952][    T9]  ? __cancel_work_timer+0x4e4/0x520
[ 1319.991290][    T9]  handle_bug+0xcf/0x120
[ 1319.995605][    T9]  exc_invalid_op+0x1a/0x50
[ 1320.000238][    T9]  asm_exc_invalid_op+0x1a/0x20
[ 1320.005132][    T9] RIP: 0010:__cancel_work_timer+0x4e2/0x520
[ 1320.011060][    T9] Code: 41 5c 41 5d 41 5e 41 5f 5d c3 e8 89 d9 2e 00 0f 0b e9 ed fd ff ff e8 7d d9 2e 00 e8 08 f3 17 09 e9 8e fe ff ff e8 6e d9 2e 00 <0f> 0b 43 80 3c 2e 00 0f 85 04 ff ff ff e9 07 ff ff ff e8 e7 f1 17
[ 1320.030788][    T9] RSP: 0000:ffffc900000e6b40 EFLAGS: 00010283
[ 1320.036888][    T9] RAX: ffffffff8156b5f2 RBX: ffff88802a4f27a8 RCX: 0000000000100000
[ 1320.044913][    T9] RDX: ffffc900180bc000 RSI: 0000000000085b1e RDI: 0000000000085b1f
[ 1320.053177][    T9] RBP: ffffc900000e6c58 R08: ffff88802a4f27af R09: 1ffff1100549e4f5
[ 1320.061274][    T9] R10: dffffc0000000000 R11: ffffed100549e4f6 R12: 0000000000000000
[ 1320.069369][    T9] R13: dffffc0000000000 R14: 1ffff1100549e4f5 R15: 0000000000000000
[ 1320.077392][    T9]  ? __cancel_work_timer+0x4e2/0x520
[ 1320.082727][    T9]  ? cancel_work_sync+0x20/0x20
[ 1320.087605][    T9]  ? usb_unlink_urb+0xa0/0xa0
[ 1320.092312][    T9]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[ 1320.098228][    T9]  ? _raw_spin_unlock+0x40/0x40
[ 1320.103109][    T9]  ? smscore_putbuffer+0x81/0x120
[ 1320.108206][    T9]  smsusb_term_device+0xcb/0x220
[ 1320.113209][    T9]  smsusb_probe+0x1708/0x1da0
[ 1320.118033][    T9]  ? s2255_print_cfg+0x1b0/0x1b0
[ 1320.123118][    T9]  ? smsusb1_detectmode+0x260/0x260
[ 1320.128411][    T9]  ? _raw_spin_unlock_irqrestore+0x86/0x110
[ 1320.134406][    T9]  ? pm_runtime_enable+0x192/0x2a0
[ 1320.139577][    T9]  ? __pm_runtime_set_status+0x8ab/0xb80
[ 1320.145291][    T9]  usb_probe_interface+0x5a4/0xb00
[ 1320.150449][    T9]  ? usb_register_driver+0x3d0/0x3d0
[ 1320.155791][    T9]  really_probe+0x25b/0xb40
[ 1320.160357][    T9]  ? pm_runtime_barrier+0x14b/0x1c0
[ 1320.165614][    T9]  __driver_probe_device+0x18c/0x330
[ 1320.170932][    T9]  driver_probe_device+0x4f/0x420
[ 1320.175989][    T9]  __device_attach_driver+0x2ca/0x520
[ 1320.181387][    T9]  bus_for_each_drv+0x24b/0x2d0
[ 1320.186272][    T9]  ? coredump_store+0x90/0x90
[ 1320.190972][    T9]  ? bus_find_device+0x320/0x320
[ 1320.195961][    T9]  __device_attach+0x2b5/0x400
[ 1320.201190][    T9]  ? device_attach+0x20/0x20
[ 1320.205801][    T9]  ? kobject_uevent_env+0x363/0x8c0
[ 1320.211041][    T9]  ? do_raw_spin_unlock+0x121/0x230
[ 1320.216276][    T9]  bus_probe_device+0x180/0x260
[ 1320.221153][    T9]  device_add+0x85b/0xc20
[ 1320.225613][    T9]  usb_set_configuration+0x1a79/0x20c0
[ 1320.231130][    T9]  usb_generic_driver_probe+0x8d/0x150
[ 1320.236625][    T9]  usb_probe_device+0x13d/0x280
[ 1320.241507][    T9]  ? usb_register_device_driver+0x230/0x230
[ 1320.247429][    T9]  really_probe+0x25b/0xb40
[ 1320.251974][    T9]  ? pm_runtime_barrier+0x14b/0x1c0
[ 1320.257199][    T9]  __driver_probe_device+0x18c/0x330
[ 1320.262510][    T9]  driver_probe_device+0x4f/0x420
[ 1320.267567][    T9]  __device_attach_driver+0x2ca/0x520
[ 1320.272968][    T9]  bus_for_each_drv+0x24b/0x2d0
[ 1320.277926][    T9]  ? coredump_store+0x90/0x90
[ 1320.282642][    T9]  ? bus_find_device+0x320/0x320
[ 1320.287634][    T9]  __device_attach+0x2b5/0x400
[ 1320.292603][    T9]  ? device_attach+0x20/0x20
[ 1320.297264][    T9]  ? kobject_uevent_env+0x363/0x8c0
[ 1320.302501][    T9]  ? do_raw_spin_unlock+0x121/0x230
[ 1320.307832][    T9]  bus_probe_device+0x180/0x260
[ 1320.312717][    T9]  device_add+0x85b/0xc20
[ 1320.317085][    T9]  usb_new_device+0xa31/0x1630
[ 1320.321893][    T9]  ? usb_disconnect+0x8a0/0x8a0
[ 1320.326767][    T9]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1320.331993][    T9]  ? lockdep_hardirqs_on+0x98/0x150
[ 1320.337229][    T9]  hub_event+0x2962/0x49c0
[ 1320.341725][    T9]  ? hub_post_resume+0x120/0x120
[ 1320.346687][    T9]  ? read_lock_is_recursive+0x20/0x20
[ 1320.352180][    T9]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1320.357485][    T9]  ? process_scheduled_works+0x957/0x15b0
[ 1320.363224][    T9]  ? process_scheduled_works+0x957/0x15b0
[ 1320.368995][    T9]  process_scheduled_works+0xa45/0x15b0
[ 1320.374626][    T9]  ? assign_work+0x400/0x400
[ 1320.379251][    T9]  ? assign_work+0x39e/0x400
[ 1320.383871][    T9]  worker_thread+0xa55/0xfc0
[ 1320.388513][    T9]  kthread+0x2fa/0x390
[ 1320.392602][    T9]  ? pr_cont_work+0x560/0x560
[ 1320.397306][    T9]  ? kthread_blkcg+0xd0/0xd0
[ 1320.401920][    T9]  ret_from_fork+0x48/0x80
[ 1320.406396][    T9]  ? kthread_blkcg+0xd0/0xd0
[ 1320.411009][    T9]  ret_from_fork_asm+0x11/0x20
[ 1320.415817][    T9]  </TASK>
[ 1320.419117][    T9] Kernel Offset: disabled
[ 1320.423539][    T9] Rebooting in 86400 seconds..