last executing test programs: 3m15.463664546s ago: executing program 0 (id=274): socket$nl_netfilter(0x10, 0x3, 0xc) openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000140), 0x1, 0x0) r0 = socket$inet6(0xa, 0x3, 0x3c) setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000040)=ANY=[@ANYBLOB="0002020100000008ff", @ANYRES16=r0], 0x18) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x2, @dev={0xfe, 0x80, '\x00', 0x28}, 0x5}, 0x1c) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)="88", 0xfdef}], 0x1) 3m14.979098113s ago: executing program 0 (id=277): syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000020300f110107000000000109022400010000600509040000090300"], 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0) syz_open_dev$usbfs(&(0x7f0000000000), 0x76, 0x103381) mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x1) r0 = socket(0x10, 0x803, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000005b80)={'ip6_vti0\x00', &(0x7f0000000000)={'ip6_vti0\x00', 0x0, 0x2f, 0xa4, 0x0, 0x0, 0x36, @mcast2, @dev={0xfe, 0x80, '\x00', 0x2c}, 0x7800, 0x0, 0x63ed, 0xfffffffe}}) 3m13.378729551s ago: executing program 0 (id=284): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(camellia)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000980)="ad56c3c5820fae9d6dcd3292ea54c7ccef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmmsg$alg(r1, &(0x7f0000000b40)=[{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000002c0)="a8b063030cbcc1eed2ec738b59e75a6c45ad5a0b665727aa196617fee727e683073a14731c21c7b6072303822517c86e19bae7c003a833fcba1fa8c9fabd574424977098bc7fdc34052f52d96a6d4da8741a0db9dafe6610835cb5b2dd4715c22c5169bc18bdb4cdb202364bd05bcec1ba8c86d5f8091cb459eb0e1d9e7d591cae0dd17d182cbbb7b800faca057cee3aa9fc9915c122d62caf7324de00472156fe0dfc90097dd0c14a39f189436db9f82bb49568fbee06", 0xb7}, {&(0x7f0000000380)="2a830e110185cfaee25d007d63579d22a4f194cbd43e7cbedccbaa941b5c0a741e24ac9b81d173a2408e9aa7fe129d6966cb12aaacce622a321c7b4dd86bb7138e5d9b24b18e4fe090f6664844ae316f19e9d39c6660d2bd82b5335aa85d07e4c33bbabad48a7b101f04ffea524b9f0c14d086d6381eccd6f4469777098c3bc72d38ca54ae0d38f2801a44ec4dd429c1a9bd467f402673583ec7a1cac1dc35f12773c64a8c30ef96e711e0b6a912889ca7b4a26af7a4aa8d41b4d19ca7d5949313a5cf9ee89b002be00c9d056085d74e47866cd5bf79e6830e7dd31e64664fadf7c52d2a1cd57edc1e8b48d480dcd41316fd3903", 0xf4}, {&(0x7f0000000600)="ce8d07ef06fe51fe99ea3ef6da83b0d110d35c265f7ca6d3dd8e97bddcd37fee0c3becce27c6e3d15ce32684f1d6563e24ed81f03d71f82df44a407109df8fe4b57a2bbb3e4ecacd74fde6a5dc8ae0b9076856b72b", 0x55}], 0x3, &(0x7f0000000700)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x20004000}], 0x1, 0x8810) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) 3m12.846832694s ago: executing program 0 (id=288): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x2a05404, 0x0) chroot(&(0x7f0000001140)='./file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) chroot(&(0x7f0000000380)='./file0/../file0\x00') pivot_root(&(0x7f00000000c0)='./file0/../file0\x00', &(0x7f0000000100)='./file0\x00') 3m12.54683326s ago: executing program 0 (id=289): r0 = socket(0x10, 0x3, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a31000000000800054000000002090002007379"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800e80010000d0428bd7000fcdbff2500008000", @ANYRES32=r0, @ANYBLOB="1000000000000000280012800b000100627269646765000018000280050019"], 0x48}}, 0x4084) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840) sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0) syz_usb_connect$uac1(0x1, 0x0, 0x0, 0x0) 3m10.120423142s ago: executing program 0 (id=306): unshare(0x22020400) timer_create(0xfffffffc, 0x0, &(0x7f0000000040)=0x0) timer_settime(r0, 0x1, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_gettime(r0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="09000000fd3f1400e27f000001"], 0x50) bpf$MAP_GET_NEXT_KEY(0x3, &(0x7f00000000c0)={r1, &(0x7f0000000180), 0x0}, 0x20) 3m9.540974887s ago: executing program 32 (id=306): unshare(0x22020400) timer_create(0xfffffffc, 0x0, &(0x7f0000000040)=0x0) timer_settime(r0, 0x1, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_gettime(r0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="09000000fd3f1400e27f000001"], 0x50) bpf$MAP_GET_NEXT_KEY(0x3, &(0x7f00000000c0)={r1, &(0x7f0000000180), 0x0}, 0x20) 2m36.420453325s ago: executing program 1 (id=450): r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000c00), 0x2, 0x0) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000000)=0x200000000) write$vhost_msg(r0, &(0x7f0000000540)={0x1, {&(0x7f0000000200)=""/80, 0xfffffff1, 0x0, 0x1, 0x2}}, 0x48) write$vhost_msg_v2(r0, &(0x7f0000000400)={0x2, 0x0, {&(0x7f0000000080)=""/163, 0xa3, 0x0, 0x2, 0x2}}, 0x48) write$vhost_msg_v2(r0, &(0x7f0000000a40)={0x2, 0x0, {&(0x7f0000000940)=""/224, 0xe0, 0x0, 0x1, 0x2}}, 0x48) write$vhost_msg_v2(r0, &(0x7f0000000740)={0x2, 0x0, {&(0x7f0000000300)=""/225, 0xe1, 0x0, 0x3, 0x2}}, 0x48) write$vhost_msg_v2(r0, &(0x7f0000000180)={0x2, 0x0, {&(0x7f0000000480)=""/187, 0xbb, 0x0, 0x2, 0x3}}, 0x48) 2m35.25086368s ago: executing program 1 (id=454): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f00000022c0)=ANY=[], 0x1, 0x6d0, &(0x7f0000001340)="$eJzs3cFvHFcdB/DvrNeOt1TBaRMaoSKsRCpIEYkTK4VwwSCEcqhQVQ49W4nTWN0kVeKitEKQAoITEof+AQXJNw4IiXtQuHApt159rITEJeIQ9bJoZmfXu/Y6Xif2OoHPJxrPe/Nm3vzmN29mvOusNsD/rctn0ryfIpfPvHG3rG+sL7Y31heP1M3tJGW5kTS7sxQ3k+JBslS2FwNTBubbfLx66a3PHm583q0166laf6q/3exYIY/Yx716ynzd3/zILafH6r/bVxVeXkxypZ4Pmxm3r6EVy6Sdrudw6Drb3NvL5jte78Czr/d0KrrPzW3mkhfqJ3P1O0F9d2hMLsKDsae7HAAAADynPr112BEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA86f+/v+inhr1PPMpet//P9NbVpefQUtjr3n/QOMAAAAAAAAAgMn4+qM8yt0c7dU7RfU3/1NV5Xi+6CRfyvu5k5XcztnczXLWspbbOZ9kbqCjmbvLa2u3z/e3LI3e8sLILS9M6ogBAAAAAAAA4H/SL9Pa/Ps/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8C4pkqjurpuP1PHNpNLPZlnvJP5PMHHa8e1CMWnh/8nEAAADAU5l9gm2+/CiPcjdHe/VOUb3m/0r1enk27+dm1rKatbSzkqv1a+jyVX9jY32xvbG+eKOcyvpwv9//957CmKl7mKpqo/Z8slqjlWtZrZaczZUqmKtpdPd9OjnZi2cgrgEflTEV36uNGVmzTmu5s9/v9C7Cvhh+K6LxmDVbm8El/Yws1LGVWx7rZqCo3qhJtmZi17PTHKrNVb1O9/d0Po3+Oz/HDyDnL9Tz8nh+c6A536t+JhqpMnGhN/rKa+bxmUi+8dc/vX29ffPd69funHl2DmkXUzss3zomFgcy8cpznYnmHtdfqDJxol+/nB/lJzmT+byZ21nNT7OctaykU7cv1+O5/Dn3+EwtDdXe3C2Smfq8dM/ZODHN54dVaTmnqm2PZjVFbuVqVvJ69e9CzufbuZiLuTRwhk/sGHd1bNVV39h61ffO9N9GBn/6m3WhvLv9dvMut/S4I95pdO6X7r2/zOuxgbx2R/3D/lrHBq6DhYEsvdTLzvTIzp/k3tj8al0o9/GrXZ4TkzVXZ6K8gHpPiV50L3cz0ayeRdvH+R865XZp3+x0ri+/t0P/97bUX6vn5bBa/9pua/eMPhX7qxwvL2W2vpMMj46y7eX+XWagrbM5lrttw0/ccrsTVVtR9K7UH+dWNQC2X6kz9e9w23u6ULW9MrJtsWo7OdA29PtWbqWdqxPIHwBP4h9v94tzeWGm9a/Wp61PWr9uXW+9MfuDI9858upMpv8+/d3mwtRrjVeLv+ST/Hzz9T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDk7nzw4bvL7fbK7dGFxs5NQ4VWti7Zqecjo/sp6i/0GWNfz0VhNsnQkup7jiYeRmtrGNsKnV8kE89P70sER6/zu7LQ3DaiRhWWhpb8eXuHH+0xwmK86+IAC41MdqdTGT0ADvGmBEzEubUb752788GH31q9sfzOyjsrN6cvXry0cOni64vnrq22Vxa6Pw87SuAgbD70DzsSAAAAAAAAAAAAYFyjPhhw6sXdPjQy1mc8/M9CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYF9cPpPm/RQ5v3B2oaxvrC+2y6lX3lyzmaTRSIqfJcWDZCndKXMD3RX544N0Ruzn49VLb332cOPzzb6a3fWTRj3f2eNbk9yrp8wnmarnT2GovytP3V/xn94xlAn7otPpLD1dfLA//hsAAP//P3v0tA==") symlink(0x0, &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="08002600ad160000400033001000000008021100000008021100000008"], 0x68}}, 0x0) 2m34.563420931s ago: executing program 1 (id=457): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) ioctl$TCSETAF(r0, 0x5408, &(0x7f00000000c0)={0xcf47, 0x4cc, 0xffff, 0x9dff, 0x1, "8003e3ffff072000"}) write$binfmt_aout(r0, &(0x7f0000000300)=ANY=[], 0xff2e) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000100)={0x0, 0x0, 0x3, 0x7fff, 0x16, "b0bf2ebb48c849ac0000000003000018bfff40"}) r1 = syz_open_pts(r0, 0x0) r2 = dup3(r1, r0, 0x0) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0xff) 2m33.103629915s ago: executing program 1 (id=464): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x51) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x81899, 0x0) mount$bind(0x0, &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0/../file0\x00', 0x0, 0x80000, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x89901) move_mount(r0, 0x0, r0, &(0x7f0000000340)='./file0/../file0\x00', 0x114) 2m32.893577136s ago: executing program 1 (id=465): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000400)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000140)={0x28, 0x4, r1, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x5}) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000002c0)={0x28, 0x6, r1, 0x0, &(0x7f0000343000/0x3000)=nil, 0x3000, 0x8}) ioctl$IOMMU_IOAS_COPY(r0, 0x3b83, &(0x7f0000000040)={0x28, 0x5, r1, r1, 0x3, 0xfffffffffffffffa, 0x3fff}) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000280)={0x28, 0x4, r1, 0x0, &(0x7f00005de000/0x2000)=nil, 0x2000, 0xf3}) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000080)={0x28, 0x4, r1, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xfffffffffffffff8}) 2m29.481214164s ago: executing program 1 (id=478): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@bloom_filter={0x1e, 0x0, 0x1, 0x7, 0x0, 0x1}, 0x50) r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000740)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb010018000000000000001800000018000000050000000100000001000013040000000200000088060000ff0f000000"], 0x0, 0x35}, 0x28) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="180005000000ffff000077b9080000009500000000d3a07e"], &(0x7f0000000080)='GPL\x00', 0x7, 0x4fa, &(0x7f0000000cc0)=""/4096, 0x40f00, 0x5, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000002c0)={0x0, 0x2, 0x4, 0x9}, 0x1, 0x0, 0x0, 0xff3e, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94) sendmsg$DEVLINK_CMD_RATE_NEW(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000240)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x800) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x0, 0x0, 0x0, 0x8, 0xffffffba, 0x0, 0x40f00, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0xd4}, 0x94) 2m28.520607896s ago: executing program 33 (id=478): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@bloom_filter={0x1e, 0x0, 0x1, 0x7, 0x0, 0x1}, 0x50) r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000740)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb010018000000000000001800000018000000050000000100000001000013040000000200000088060000ff0f000000"], 0x0, 0x35}, 0x28) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="180005000000ffff000077b9080000009500000000d3a07e"], &(0x7f0000000080)='GPL\x00', 0x7, 0x4fa, &(0x7f0000000cc0)=""/4096, 0x40f00, 0x5, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000002c0)={0x0, 0x2, 0x4, 0x9}, 0x1, 0x0, 0x0, 0xff3e, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94) sendmsg$DEVLINK_CMD_RATE_NEW(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000240)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x800) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x0, 0x0, 0x0, 0x8, 0xffffffba, 0x0, 0x40f00, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0xd4}, 0x94) 23.912932432s ago: executing program 2 (id=883): r0 = syz_clone(0x0, 0x0, 0x9, 0x0, 0x0, 0x0) wait4(r0, 0x0, 0x80000000, 0x0) ptrace(0x10, r0) r1 = syz_pidfd_open(r0, 0x0) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r2, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000f, 0x204031, 0xffffffffffffffff, 0x42795000) waitid$P_PIDFD(0x3, r1, 0x0, 0xa000000c, 0x0) ptrace$cont(0x7, r0, 0x5, 0x0) close(0xffffffffffffffff) setsockopt$inet6_mtu(0xffffffffffffffff, 0x29, 0x17, &(0x7f0000000000)=0x5, 0x4) 22.984924912s ago: executing program 2 (id=885): openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000000)={0x1, &(0x7f0000000200)=[{0x6, 0x4, 0x40, 0x7fff0000}]}) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000240)) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c) setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000080)=0x4000, 0x4) setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000340)={'batadv_slave_0\x00', 0x0}) setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4) bind$xdp(r0, &(0x7f0000000180)={0x2c, 0x0, r2}, 0x10) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x1, 0x4, 0x8, 0x80}, 0x0, &(0x7f00000002c0)={0x3ff, 0x30e3, 0x0, 0x3, 0x8, 0x8000000000, 0x80000001, 0xfffffffffffffffc}, 0x0, 0x0) 18.749107447s ago: executing program 2 (id=896): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f}) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x1, 0x0, &(0x7f00000001c0)=""/43, 0x0}) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x14008010) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/237, &(0x7f0000000780)=""/88, &(0x7f0000000800)=""/90, 0x6000}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000001c00)={0x2, 0x0, [{0x0, 0x24, &(0x7f0000000000)=""/36}, {0x0, 0xffb, &(0x7f0000001d80)=""/4091}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000340)=0x1) ioctl$BTRFS_IOC_SCRUB_PROGRESS(r0, 0xc400941d, &(0x7f0000000380)={0x0, 0x3ff, 0x5}) 18.410296032s ago: executing program 2 (id=897): socket(0x1, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000200)={0x2, 0x3, 0x0, 0x3, 0x10, 0x0, 0x70bd2c, 0x25dfdbff, [@sadb_key={0x2, 0x9, 0x8, 0x0, "1c"}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x4e24, 0x8, @mcast1}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x7, 0xc, 0x1}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x4e24, 0x9, @empty, 0x6}}]}, 0x80}, 0x1, 0x7}, 0x0) 12.834584682s ago: executing program 4 (id=909): syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$kcm(0x2, 0x3, 0x2) ioctl$SIOCSIFHWADDR(r0, 0x8b0b, &(0x7f0000000200)={'wlan1\x00', @random="9ffff7070600"}) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) listen(r1, 0x2) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5", 0x4) r3 = accept4(r2, 0x0, 0x0, 0x800) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) syz_emit_ethernet(0x4e, &(0x7f0000000600)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "00fcff", 0x18, 0x6, 0x1, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0) 11.762498515s ago: executing program 2 (id=910): openat(0xffffffffffffff9c, 0x0, 0x42, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x10000005) prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1d00d000) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) request_key(&(0x7f0000000000)='id_legacy\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)='].\x00', 0xffffffffffffffff) 8.483571355s ago: executing program 2 (id=913): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000480)='./file2\x00', 0xc0ed4040, &(0x7f00000000c0)={[{@noblock_validity}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100000}}, {@journal_dev={'journal_dev', 0x3d, 0x714}}, {@grpid}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x3}}, {@nolazytime}, {@jqfmt_vfsv1}]}, 0xf5, 0x47a, &(0x7f0000000ac0)="$eJzs3M9vFFUcAPDvTLel5YdFxB8gaBWMxB8tLT/kYGI0mnjQaKIHjKd1WwhSwEBNhBBFDxjjwZB4Nx5N/As86cWoJxOveDckxHABPa2ZnRnaLrulpQu7uJ9PMux7M7O89903b/fNe7sNoG+NZf8kEesj4mJEjEZEpfmEsfzh2pWztX+unK0lUa+/9XeSPS2uXjlbK/6LxpZZl++o14v8mhblnn83ojo7O3OyyE/MHftg4tTpM88eOVY9PHN45vjUgQN792wf2j+1ryNxZnFd3frxiW1bXn3nwuu1gxfe+/X7rL7ri+NlHJ00lr+6LT3R6cK6bMOCdFLpYkVYkazdBovtYozGQIxcPzYar3zW1coBt1ul1edz4Vwd+B/LBupAPyo/6LP733K7Q+OOnnD5xXzCI4v7WrHlRyqRFucMNt3fdtJwRBw89+832Ra3aR4CAGChH7PxzzOtxn9pPLDgvHuKNZSNEXFvRGyKiPsiYnNE3B/ROPfBiHhoheU3r5DcOP5JLy3K1gdWWMLSsvHf88Xa1uLxXzn6i40DRW5DI/7B5NCR2ZndxWuyKwbXZPnJRU9Z7KeX//iqed+XxTT72ILxX7Zl5S+OML3UPEE3XZ2rrj7y3OVPI7ZWWsWfXF8HTCJiS0RsvcUyjjz13bZ2x1rFX46Fb6oD60z1byOezNv/XDTFX0rark9OPrd/at/EcMzO7J4or4ob/fb7+Tfblb+q+Dsga/+1La//PP7sHjEZjjh1+szRxnrtqVso5M/Pa0mbQ5tvGv+N139tZ8RQ8nYjPVSeVTwOJa9lDyPl/o+qc3Mnp+afW+Ybj5N5/Lt2zMdfjfn+vym/PWu8Eg9HRHYRb4+IRyLi0aLtHouIxyNixxLh//LSzvfbHWvf/kvMyndQFv/0Eu2fveVlqfn2X3li4OjPP7Qrv76s9t/bSO0q9izn/W+5FVzNawcAAAB3i7TxHfgkHb+eTtPx8fw7/JtjbVqJiKcPnfjw+HT+XfmNMZiWM12jC+ZDJ4u54TI/1ZTfU8wbfz0w0siP107MTnc7eOhz69r0/8xfnV1qAXqR32tB/9L/oX/p/9C/9H/oXy90uwJAdwy13v3Jna4H0BUrH/8P35Z6AHee+3/oX/o/9C/9H/pS29/Gp6v6yf/dmqj0RjVaJkZ6oxplItKeqEbnEm98kXeJXqlPmags+49Z3GJiTctD3X5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6Iz/AgAA///NIdoS") r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x4001, 0x3, 0x338, 0x208, 0x700001b, 0x148, 0x0, 0x148, 0x2a0, 0x206, 0x240, 0x2a0, 0x240, 0x7fffffe, 0x0, {[{{@ip={@broadcast, @remote, 0x0, 0x0, 'ip6gretap0\x00', 'sit0\x00'}, 0x1ea, 0x1a0, 0x208, 0x0, {0x390, 0x8f00}, [@common=@inet=@recent1={{0x108}, {0xf, 0x8001, 0x20, 0x0, 'syz1\x00', 0x3, [0xa7ea79785227b1dc, 0xffffffff, 0xff, 0xffffffff]}}, @common=@inet=@socket3={{0x28}, 0x6}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x1f, 0x8000, 0x0, 0x2, '\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x208}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x398) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x1400c, &(0x7f00000000c0)={[{@acl}, {@noblock_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x8}}]}, 0x3, 0x462, &(0x7f0000000340)="$eJzs282PE2UYAPBnZj9gXXBXxC/wYxWNxI9dFlA5eFCjiQdMTPSgBw+b3UKQAoZdEyEkgjF4MsbEu/Hov+BJL8Z4MvGqd0NCDBdBLzXTzuy2pS27pd0C/f2Sgfedj32fpzNv+868bQBDayb7J4nYFhF/RMRUrdq4w0ztv6tXzi1eu3JuMYlK5Z2/k+p+/1w5t1jsWhw3mVf2phHp50nsbtHu8pmzxxfK5dLpvD63cuKjueUzZ58/dmLhaOlo6eT+Q4cOHph/6cX9L/Qkz8lI89Kb73/91uEvG/JvyqNHZlqs21oUnqpUetzcYG2vKyejjdv+2+xgWLeRiMhO11i1/0/FSKydvKl447OBBgf0VaVSqUy233y+AtzBkmis6/IwLIoP+uz+t1iaBwGv9G/4MXCXX63dAGV5X82X2pbR1ScGY033t700ExHvnf/322yJ/jyHAABo8GM2/nkuG+00j//SuL9uv7vzuaHpiLgnInZExL1xMnZGxH0R1X0fiIgHN9h+8yTJ9eOf9FJXia1TNv57OZ/bahz/FaO/mB7Ja9ur+Y8lR46VS/tqr8kH+TC6NN+hjZ9e//2rdtvqx3/ZkrVfjAXzOC6Nbmk8ZmlhZeFmcq53+ULErtFW+SerMwFJRDwUEbu6bOPYM98/3G7bjfPvYLTLgOpUvot4unb+z0dT/oWk8/zk3NYol/bNFVfF9X797eLb7dq/qfx7IDv/d7W8/lfzn07q52uXN97GxT+/aHtP0+31P568Wy2P5+s+WVhZOT0fMZ4crgVdv37/2rFFvdg/y3/vntb9f0esvRK7IyK7iB+JiEcj4rE89scj4omI2NMh/19ee/LD5nUT686/v7L8lzZ0/vNCEmfGo2FN28LI8Z9/aGh0eq2Y53+t8/k/WC3tzdes5/1vPXF1dzUDAADA7SeNiG2RpLOr5TSdna19h39nRFo+tbzy7JFTH59cqv1GYDrG0uJJ11Td89D5/La+Vr8QEbWvFhTbD+TPjb8ZmajWZxdPlZcGnTwMuck2/T+r/DUy6OiAvuvBPBpwm9pQ/0/6Fwew+Xz+w/DaWP/f0rc4gM021qr/TwwiEmDztfr8/3QAcQCbr6n/m/aDIeL5Hwwv/R+GVmJOH4bS8kTc+EfyHQvFX+ry8Du2EGO3RBh9K0R6S4Sh0KfCYN+XAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuX/AAAA//+yTeNI") mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl(r3, 0x8b2c, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_STATS_FD_cpu(r4, 0xaece) 8.452143785s ago: executing program 4 (id=914): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x400000000008d}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x7) socketpair$unix(0x1, 0x2, 0x0, 0x0) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x22, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x2}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r1, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) splice(r4, 0x0, r3, 0x0, 0x100000000001, 0x0) read$watch_queue(r2, &(0x7f0000000540)=""/222, 0xe80) 7.503564672s ago: executing program 4 (id=917): sched_setscheduler(0x0, 0x1, 0x0) getpid() recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000080)={[{@auto_da_alloc}, {@mblk_io_submit}]}, 0xfe, 0x576, &(0x7f0000001780)="$eJzs3d1rm9UfAPDvkybd6++3DsZQESl44WQuXVtfJngxr3Uw0PsZ2qyMpsto0rHWgduFu5bhnQPxXrz2UvwHvPBvGOhgyCiCeBN50ifpW9Kmbfqi+XzgKef7vPSckyfn5JychAQwsEbTP7mIlyPiqyTiTEQk2bF8ZAdHV85bfnF/Kt2SaDQ++SNpnpfGrf/Vuu5UFrwUET9/GXExtznf2uLSbKlSKc9n8Vh97s5YbXHp0q250kx5pnx7YnLyyjuTE++/927f6vrm9bQgQ1l09nESV+N0Fq2txx48WBuMxmj2mBTi6oYTx/uQ2VGSdNz7w4GXg50Zytp5IdI+4EwMZa0e+O/7IiIawIBKdtz+fy3sT0mAg9UaB7Tm9n2aB/9rPP9wZQK0uf75lfdG4nhzbnRyOVk3M0rnuyN9yD/N48ffnzxOt+jf+xAA23rwMCIu5/Ob+78k6/9273IP52zMQ/8HB+endPzzVqfxT649/okO459THdrubmzf/nPP+pBNV+n474OO49/2otXIUBb9rznmKyQ3b1XKad/2/4i4EIVjabzVes6V5aeNbsfWjv/SLc2/NRbMyvEsf2z9NdOlemkvdV7r+cOIVzqOf5P2/U9W7v+6JZ708bjeYx7ny09e63Zs+/rvr8Z3EW90vP+r1U22Xp8caz4fxlrPis3+fHT+l275H3b90/t/cuv6jyRr12trO8/j2+N/l6O9nrzeuvpH78//4eTTZno423evVK/Pj0cMJx+39+da+ydWr23FrfPT+l94fev+L+nQ/52IiM96rP+jc9+/2u3YUbj/0x3vf3t2u+H+7zzx9KPPv+mWf2/939vN1IVsTy/9X68F3MtjBwAAAAAAAEdNLiJOR5IrttO5XLG48vmOc3EyV6nW6hdvVhduT0fzu7IjUci1VrrPrPk8xHi2YtiKJzbEkxFxNiK+HjrRjItT1cr0YVceAAAAAAAAAAAAAAAAAAAAjohTXb7/n/pt6LBLB+w7P/kNg2vb9t+PX3oCjiSv/zC4tH8YXD21/8L+lwM4eF7/YXBp/zC4tH8YXLtr/8N9Lwdw8Lz+AwAAAAAAAAAAAAAAAAAAAAAAAAAAQF9dv3Yt3RrLL+5PpfH03cWF2erdS9Pl2mxxbmGqOFWdv1OcqVZnKuXiVHVuu/9XqVbvjE/Ewr2xerlWH6stLt2Yqy7crt+4NVeaKd8o+xUxAAAAAAAAAAAAAAAAAAAA2Ky2uDRbqlTK8xK7TCT5iCNQjD0l/mo0Gru9PH/YhZfYl8Rh90wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsOqfAAAA//+E+zD1") openat(0xffffffffffffff9c, 0x0, 0x143042, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0) chroot(&(0x7f0000000100)='./file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x3a09007, 0x0) mount$overlay(0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)='./file0\x00') syz_open_dev$tty1(0xc, 0x4, 0x2) 7.308236033s ago: executing program 3 (id=918): syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000100)={0x0, &(0x7f0000000200)=[@enable_nested={0x12c, 0x18}, @nested_create_vm={0x12d, 0x18}, @nested_vmlaunch={0x12f, 0x18}, @nested_vmresume={0x130, 0x18}], 0x60}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x3, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x123900, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]}) r0 = openat$kvm(0xffffff9c, &(0x7f0000000300), 0x80800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x80203, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000000c0)={0x1, 0x0, [{0xce, 0x0, 0x7}]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0xfffffffffffffffb, 0x9, 0x0, 0x4, 0x10003, 0x0, 0x400200cc4, 0x5, 0x7d, 0x0, 0x0, 0x2, 0x5, 0x1, 0xb9, 0x8d], 0xeeee8000, 0x2011c0}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 6.549851243s ago: executing program 4 (id=919): sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x4004) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0x68}]}, &(0x7f0000000080)='syzkaller\x00'}, 0x80) 6.482317786s ago: executing program 5 (id=920): sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x4000810) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) socket$inet6(0xa, 0x5, 0x0) listen(0xffffffffffffffff, 0xb) timer_settime(0x0, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r1, &(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r1, &(0x7f0000000c80)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r1, &(0x7f0000000340)='\x00', 0x1, 0x4c001, 0x0, 0x0) sendto$inet(r1, &(0x7f0000000900)="2e552f5d9fd8b0d9627c4980f0d1ea2bf8f617a682acd2841acd878bd68344d4f50f83b0c51fa9025a01c95d4a068ec8b12d01010000a44c4505ba9a36f2cf4cc5e8308126d0a2c3b9d24e57c5011376b6263e2a1258eec1eb72bedea3eb5ccf73eb081b4c6d5faa998d7b795c057dd757d14200a8a6dbb3e59df96b77d16753ac4b32b94ffe6b5ee304d0428eb18056657c8c5c71c632be66cb26fe5c9abec7591ef3cb9b2a1133e9fa9bf0de6c378bed7b51cb8a07c343aabfda193349b91a5dc81a658cb61fbbfa51ef95abe03381ee2cb8d41da19ea8b96ec68ce17cf57da60f1d04acaf34a643db8d2d5ad2991f306b42744347a0c9e1fe2136b2b3da49032d3a57df1e236222cf6d6fe396aff8e5fe7fff5baa88789b783c12045e2c904a5d118369fdddc3e6e2f24bdbb26df92ac9bf4751c897a87c0223888e36ad14ba6e4d879ff464cac6f13a3a543e067d922e99c50f2fc6391e9c1c82b7195005eafdbb3374200c134cbd0f11739e8c19dd07140686242fea48caf3a1a93b86f35d77f258a2c9ce24cf321068551a584262d7a74a344e428c77c8af755e72904b0ca8a0bb359fb0", 0xffffff5d, 0x8012, 0x0, 0xfffffffffffffe2d) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000040)=0x40001, 0x4) recvfrom$inet(r1, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25) 6.255163504s ago: executing program 3 (id=921): ioctl$DRM_IOCTL_WAIT_VBLANK(0xffffffffffffffff, 0xc018643a, 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0) read$FUSE(0xffffffffffffffff, 0x0, 0x0) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0) write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0) rename(0x0, 0x0) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f000000ca40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_udp_int(r0, 0x11, 0x66, &(0x7f0000000100)=0xc6, 0x4) r1 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCETHTOOL(r1, 0x8946, 0x0) setsockopt$inet6_udp_encap(r0, 0x11, 0x64, 0x0, 0x0) bind$inet6(r0, &(0x7f0000000200)={0xa, 0xe22, 0x0, @empty, 0x1}, 0x1c) syz_emit_ethernet(0xd2, &(0x7f0000000080)=ANY=[@ANYBLOB="ffffffffbfff00000000000086dd600489f1009c1100fc010000000000000025030000000000ff02000000000000000000000000000100000e22"], 0x0) 6.023947849s ago: executing program 3 (id=922): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x2800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='freezer.self_freezing\x00', 0x275a, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000000)="8ee8c9b8ee088ed8660f3801b2d6352ed9ff660f3882040f01cf0fc72d2626652e0f01ca0fc7386635002000000f22e0", 0xffffffffffffff8b}], 0x1, 0x50, 0x0, 0x0) socket(0x10, 0x803, 0x0) write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0xa0011, r2, 0x0) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0) pipe(&(0x7f0000000100)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 4.952926843s ago: executing program 5 (id=923): socket$inet6_tcp(0xa, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r3, 0x107, 0x13, &(0x7f0000000280)=0x1, 0x4) 4.620897408s ago: executing program 4 (id=924): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x380000c, &(0x7f0000000340)={[{@max_batch_time={'max_batch_time', 0x3d, 0x4}}, {@max_batch_time={'max_batch_time', 0x3d, 0x2}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@debug}, {@data_journal}]}, 0x1, 0x437, &(0x7f0000000900)="$eJzs289PHFUcAPDv7EKR/hBs6o/Sqmg1En9AobX24EWjiQdNTPRQjwi0wW6LKZjYhigaU4+miXfj0cS/wJNejHoy8ap306QxXFo9rZndGdhddrdAF7a6n08y8N7MW9777szbfW8eE0DPGk1/JBH7I+L3iBiqZusLjFZ/3Vpdnvl7dXkmiXL5rb+SSrmbq8szedH8dfvyTF9E4bMkjjSpd/HylfPTpdLcpSw/sXTh/YnFy1eem78wfW7u3NzFqdOnT56YfOHU1PMdiTON6+bIRwtHD7/2zrU3Zs5ce/fnb5M8/oY4OmS03cEny+UOV9ddB2rSSV8XG8KWFKvdNPor/X8oirF+8obi1U+72jhgR5XL5fIDrQ+vlIH/sSS63QKgO/Iv+nT+m2+7NPS4K9x4qToBSuO+lW3VI31RyMr0N8xvO2k0Is6s/PNVusXO3IcAAKjzfTr+ebbZ+K8QtfeF7s3WUIYj4r6IOBgRpyLiUETcH1Ep+2BEPNSskqR1/Y2LJBvHP4Xr2w5uE9Lx34vZ2lb9+C8f/cVwMcsdqMTfn5ydL80dz96TsegfSPOTber44ZXfvmh1rHb8l25p/flYMGvH9b6B+tfMTi9N30nMtW58EjHS1yz+ZG0lID19hyNiZJt1zD/9zdFWx24ffxsdWGcqfx3xVPX8r0RD/Lmk/frkxD1Rmjs+kV8VG/3y69U3W9V/R/F3QHr+9za9/tfiH05q12sXt17H1T8+bzmn2e71vyd5u27fh9NLS5cmI/Ykr1cbXbt/qqHc1Hr5NP6xY837/8FYfyeORER6ET8cEY9ExKNZ2x+LiMcj4lib+H96+Yn3thf/QJu/2hlp/LNbOv/riT3RuKd5onj+x+/qKh3ebPyRnf+TldRYtmczn3+badf2rmYAAAD47ylExP5ICuNr6UJhfLz6P/yHYm+htLC49MzZhQ8uzlafERiO/kJ+p2uo5n7oZDatz/NTDfkT2X3jL4uDlfz4zEJpttvBQ4/b16L/p/4sdrt1wI7zvBb0Lv0fepf+D71L/4fe1aT/D3ajHcDua/b9/3EX2gHsvob+b9kPeoj5P/Qu/R96l/4PPWlxMG7/kLyExIZEFO6KZkjsUKLbn0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACd8W8AAAD//zpS5t0=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x5) pwrite64(r3, &(0x7f0000000140)='2', 0xff10, 0x8000c61) 3.420036041s ago: executing program 5 (id=925): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r1, 0x29, 0x2a, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x108) setsockopt$inet6_group_source_req(r1, 0x29, 0x2f, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108) setsockopt$inet6_group_source_req(r1, 0x29, 0x2b, &(0x7f0000000480)={0x0, {{0xa, 0x100, 0x8, @mcast1={0xff, 0x7}, 0xfffffffe}}, {{0xa, 0x0, 0x200, @private2, 0xffffffff}}}, 0x108) ioctl$KDSIGACCEPT(r0, 0x5607, 0x4) r2 = syz_open_dev$usbfs(0x0, 0x77, 0x101301) ioctl$USBDEVFS_CONTROL(r2, 0xc0105500, &(0x7f0000000200)={0x2, 0x3, 0x0, 0x1000, 0x0, 0xfffffffe, 0x0}) r3 = syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x200000, &(0x7f0000000040)={[{@grpquota}]}, 0x1, 0xbaf, &(0x7f0000002f00)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtKxk5mm6cwcE38/eHPe97wn8zxPTmfOe2BOA/jHms5+pBGHIuJsEjFZ359GxFC1NxKxWTvu/t3L81lLolJ5+7ckkoi4d/fyfOO1kvp2vD4YiYibryXx749a466ubyzPlcullfr46Nr5S0dX1zdeWTo/d650rnThxOyrJ2ZPzs52sdbbl9774pkf3nj+6vWPZ978/MB3SZyOifpccx3dMh3TW3+TZoWImOt2sJwM1OtprjMp5JgQAAAdpU1ruP/GZAzEw8XbZHz7Y67JAQAAAF1RGYioAAAAAPtc4v4fAAAA9rnG9wDu3b0832j5fiOhv+6ciYipWv2N55trM4XYrG5HYjAixn5Povmx1qT2a09tOov09felrEWPnkPuZPNKRPx/u/OfVOufqj7F3Vp/GhEzXYg//ch4L9V/ugvxn6z+4S5EBICIG2dqF7LW61+6tf6Jba5/hW2uXbuR9/W/sf6737L+e1j/QJv131s7jHH4wUs32801r//e/eTnhSx+tn2qop7AnSsRhwvb1Z9s1Z+0qf/sDmOMz9++1m4uqz+rt9H6XX/lesSR6mqutf6GpNP/T3R0calcmqn93Ob11092jt98/rOWxW/cC/RDdv7HYnfn/9IOY0z979dD7eYeX3/6y1DyTrU3VN/z4dza2sqxiKHk9db9xzvn0jim8RpZ/S8+1/n9v1392WfCZv3vkP3ruVLfZuOrj8QcP3L8q93X31tZ/Qu7PP+f7jDGl99ce7/dXN71AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALA3pBExEUla3OqnabEYMR4R/4mxtHxxde3lxYsfXFjI5iKmYjBdXCqXZiJisjZOsvGxav/h+Pgj49mIOBgRn02OVsfF+YvlhbyLBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYMt4RExEkhYjIo2IPybTtFjMOysAAACg66byTgAAAADoOff/AAAAsP+13P8X/jIa6WcuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7EsHn71xK4mIzVOj1ZYZqs8N5poZ0Gvpzg4b63UeQP8N5J0AkJtCU79SqVRyTAXoM/f4QPKY+ZG2M8NdzwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAv68XDt24lUTE5qnRassM1ecGc80M6LU07wSA3Ax0mkweuwPYwwp5JwDkxj0+UFvZP6jUtM6PtP3N4aeOCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDeMVFtSVqMiLTaT9NiMeJfETEVg8niUrk0ExEHIuKnycHhbHws76QBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoutX1jeW5crm0oqOj08XOaPQt1mj9zdzmmOH2Ux06OX8wAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQi9X1jeW5crm0spp3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDeVtc3lufK5dJKDzt51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+DAAA///6CAm5") ioctl$BTRFS_IOC_START_SYNC(r3, 0x80089418, &(0x7f0000000180)=0x0) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r2, 0xc0c89425, &(0x7f0000000500)={"081d65552d994b49bf55d2095840cc47", r4, 0x0, {0x6, 0x15f}, {0x3, 0x6}, 0x200, [0x2, 0x8000000000000000, 0x1, 0x6, 0x80, 0x5, 0x5, 0x5, 0x6, 0x2, 0x98, 0x0, 0x100000001, 0xfffffffffffffff7, 0x7, 0x3]}) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r0, 0x5000943f, 0x0) ioctl$VT_ACTIVATE(r0, 0x5606, 0x4) ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, 0x0) 2.986127658s ago: executing program 3 (id=926): r0 = gettid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58) r4 = accept4(r3, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f00000001c0)="00940a37", 0x4) sendto$unix(r4, &(0x7f0000000440)="36d9a32e92c131d730b1abaedb51eb66fd2d5b1f7eda4f0e859fdaf294bad70673813533d8bf1c6a77b65a7afdc01b29e73571071a68d5def5d7df839810da130b9348f4d9d407eb478d5bfb298c552a498271af70914e14ba9476fd2a0e47984c25ea20afab3064a748add27a7149e9c4705475bda2ecec9ec30214f28c5e16fd3f50f604f20232c534409e52bff64fc6ca0f5e254083aec2794b7216e002e87caf3d0fa7d04ff9e3b03e81595a04979594ff6ea888bf13de8e8f74c6178e31e47593732ae1a501ad3641d423195a788efdb643f50a8c8b9794a62f7b8dfa0fa7da9d391b92ce2a7f9fe0f9d584a3775f", 0x703d59595f6742a8, 0x800, 0x0, 0x0) recvfrom(r4, &(0x7f00000030c0)=""/4117, 0xffffffffffffffbf, 0x1, 0x0, 0xffffffffffffffb5) ioctl$int_in(r1, 0x5452, &(0x7f0000000180)=0x2) fcntl$setsig(r1, 0xa, 0x12) ppoll(&(0x7f0000000140)=[{r2, 0x8002}], 0x1, 0x0, 0x0, 0x0) r5 = dup2(r1, r2) fcntl$setown(r5, 0x8, r0) tkill(r0, 0x13) 1.977502901s ago: executing program 4 (id=927): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) r1 = epoll_create1(0x80000) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000100)={0x20000014}) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r1, &(0x7f0000000000)={0xa0000001}) epoll_pwait(r4, &(0x7f0000000040)=[{}], 0x1, 0xff, 0x0, 0x2000) 1.738799248s ago: executing program 5 (id=928): munmap(&(0x7f000045e000/0x1000)=nil, 0x1000) mremap(&(0x7f0000a11000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000ba6000/0x2000)=nil) munmap(&(0x7f0000a88000/0x1000)=nil, 0x1000) mremap(&(0x7f00005a7000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f00004fe000/0x4000)=nil) mremap(&(0x7f00006bd000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000721000/0x4000)=nil) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x20}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000c00000/0x400000)=nil, 0x400000}, 0x3}) ioctl$UFFDIO_UNREGISTER(r0, 0x8010aa01, &(0x7f0000000100)={&(0x7f0000d8a000/0x3000)=nil, 0x3000}) madvise(&(0x7f0000492000/0x2000)=nil, 0x2000, 0x12) munmap(&(0x7f0000446000/0x3000)=nil, 0x3000) mremap(&(0x7f00003d6000/0x8000)=nil, 0x8000, 0x3000, 0x3, &(0x7f0000968000/0x3000)=nil) munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000) 1.363315692s ago: executing program 3 (id=929): socket$inet6(0x2d, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000019240)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) madvise(&(0x7f0000519000/0x1000)=nil, 0x1000, 0x66) close(0x3) 1.36234061s ago: executing program 5 (id=938): msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/dev_snmp6\x00') ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0) rseq(&(0x7f0000000400), 0x20, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0x7, 0x7ffc0001}]}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) openat$hwrng(0xffffffffffffff9c, 0x0, 0x8000, 0x0) setreuid(0x0, 0x0) sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000000)={0xa, 0x4e20, 0x3, @remote, 0x9}, 0x1c, 0x0, 0x0, &(0x7f0000000040)=ANY=[], 0x28}, 0x4008842) syslog(0x2, &(0x7f0000000140)=""/27, 0x1b) syz_open_procfs(0x0, &(0x7f0000000480)='net/icmp6\x00') syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff) lseek(r0, 0x3, 0x0) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{}, &(0x7f00000002c0), 0x0}, 0x20) 407.690974ms ago: executing program 5 (id=930): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) socket$unix(0x1, 0x5, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x6) syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x140, 0x82) r3 = fanotify_init(0x81, 0x40000) fanotify_mark(r3, 0x105, 0x40001032, r2, 0x0) read$FUSE(r3, &(0x7f0000002300)={0x2020}, 0x2020) socket$inet6_tcp(0xa, 0x1, 0x0) 0s ago: executing program 3 (id=931): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000007c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f}) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0, 0xc000}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000800)=""/90}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000340)=0x1) ioctl$BTRFS_IOC_SCRUB_PROGRESS(0xffffffffffffffff, 0xc400941d, &(0x7f0000000380)={0x0, 0x3fb, 0x7fff}) syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) syz_emit_ethernet(0x82, &(0x7f0000001100)={@broadcast, @broadcast, @void, {@ipv4={0x800, @gre={{0xb, 0x4, 0x1, 0x5, 0x74, 0x67, 0x0, 0x6, 0x2f, 0x0, @multicast2, @local, {[@ra={0x94, 0x4}, @ssrr={0x89, 0x13, 0x8d, [@remote, @broadcast, @empty, @loopback]}]}}, {{0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x880b, 0x0, 0x0, [0x819]}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, [0xfffe]}, {0x1}, {0x8, 0x88be, 0x4, {{0x4, 0x1, 0x1, 0x3, 0x1, 0x0, 0x1, 0x2}, 0x1, {0x3}}}, {0x8, 0x22eb, 0x4, {{0x9, 0x2, 0xe, 0x1, 0x1, 0x3, 0x5, 0x7}, 0x2, {0x10000000, 0xcf, 0x0, 0x5, 0x1, 0x1, 0x0, 0x1, 0x1}}}, {0x8, 0x6558, 0x7}}}}}}, 0x0) kernel console output (not intermixed with test programs): atadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 95.137143][ T5613] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 95.190069][ T5627] Bluetooth: hci3: command tx timeout [ 95.270060][ T5627] Bluetooth: hci4: command tx timeout [ 95.270095][ T5627] Bluetooth: hci0: command tx timeout [ 95.694169][ T5613] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 95.694183][ T5613] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 95.694204][ T5613] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 95.705705][ T5614] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 95.705762][ T5614] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 95.705854][ T5614] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 95.832497][ T5614] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 95.832510][ T5614] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 95.832530][ T5614] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 95.872910][ T5615] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 95.872953][ T5615] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 95.873045][ T5615] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 95.886430][ T5612] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 95.886473][ T5612] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 95.886582][ T5612] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.000290][ T5615] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.000307][ T5615] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 96.000338][ T5615] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.002454][ T5612] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.002471][ T5612] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 96.002490][ T5612] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.027288][ T5616] hsr_slave_0: entered promiscuous mode [ 96.045000][ T5616] hsr_slave_1: entered promiscuous mode [ 96.218512][ T5613] hsr_slave_0: entered promiscuous mode [ 96.224608][ T5613] hsr_slave_1: entered promiscuous mode [ 96.235653][ T5613] debugfs: 'hsr0' already exists in 'hsr' [ 96.235738][ T5613] Cannot create hsr debugfs directory [ 96.398314][ T5614] hsr_slave_0: entered promiscuous mode [ 96.401500][ T5614] hsr_slave_1: entered promiscuous mode [ 96.406476][ T5614] debugfs: 'hsr0' already exists in 'hsr' [ 96.406502][ T5614] Cannot create hsr debugfs directory [ 96.485028][ T5615] hsr_slave_0: entered promiscuous mode [ 96.486546][ T5615] hsr_slave_1: entered promiscuous mode [ 96.487829][ T5615] debugfs: 'hsr0' already exists in 'hsr' [ 96.487855][ T5615] Cannot create hsr debugfs directory [ 96.514430][ T5612] hsr_slave_0: entered promiscuous mode [ 96.516496][ T5612] hsr_slave_1: entered promiscuous mode [ 96.518108][ T5612] debugfs: 'hsr0' already exists in 'hsr' [ 96.518135][ T5612] Cannot create hsr debugfs directory [ 97.110234][ T4931] Bluetooth: hci1: command tx timeout [ 97.190123][ T4931] Bluetooth: hci2: command tx timeout [ 97.270200][ T4931] Bluetooth: hci3: command tx timeout [ 97.350092][ T4931] Bluetooth: hci0: command tx timeout [ 97.350126][ T4931] Bluetooth: hci4: command tx timeout [ 97.569055][ T5616] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 97.624032][ T5616] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 97.635104][ T5616] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 97.682757][ T5616] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 97.686993][ T5616] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 97.717452][ T5616] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 97.750941][ T5616] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 97.785603][ T5616] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 97.935984][ T5614] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 97.976711][ T5614] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 97.984147][ T5614] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 98.034603][ T5614] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 98.039558][ T5614] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 98.086697][ T5614] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 98.117990][ T5614] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 98.146158][ T5614] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 98.292117][ T5613] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 98.349744][ T5613] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 98.368611][ T5613] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 98.407485][ T5613] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 98.422710][ T5613] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 98.458839][ T5613] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 98.504622][ T5613] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 98.544738][ T5613] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 98.798122][ T5615] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 98.836334][ T5615] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 98.852702][ T5615] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 98.888182][ T5615] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 98.904313][ T5615] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 98.934257][ T5615] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 98.975316][ T5615] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 99.007794][ T5615] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 99.077224][ T5616] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.190739][ T5627] Bluetooth: hci1: command tx timeout [ 99.253864][ T5612] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 99.270988][ T5627] Bluetooth: hci2: command tx timeout [ 99.291239][ T5612] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 99.296510][ T5612] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 99.328750][ T5612] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 99.350072][ T5627] Bluetooth: hci3: command tx timeout [ 99.352931][ T5616] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.354210][ T5612] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 99.404457][ T5612] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 99.430461][ T5627] Bluetooth: hci4: command tx timeout [ 99.430493][ T5627] Bluetooth: hci0: command tx timeout [ 99.446528][ T5612] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 99.478132][ T5612] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 99.536481][ T3352] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.536672][ T3352] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.610498][ T5614] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.627311][ T55] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.628608][ T55] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.768674][ T5614] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.833935][ T3352] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.834109][ T3352] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.895151][ T5613] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.943576][ T44] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.944165][ T44] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.099431][ T5613] 8021q: adding VLAN 0 to HW filter on device team0 [ 100.183169][ T5615] 8021q: adding VLAN 0 to HW filter on device bond0 [ 100.231067][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.232349][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 100.339660][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.353032][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.415773][ T5615] 8021q: adding VLAN 0 to HW filter on device team0 [ 100.484237][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.484487][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 100.537774][ T5612] 8021q: adding VLAN 0 to HW filter on device bond0 [ 100.608385][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.608547][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.823729][ T5612] 8021q: adding VLAN 0 to HW filter on device team0 [ 100.918279][ T44] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.918543][ T44] bridge0: port 1(bridge_slave_0) entered forwarding state [ 101.011490][ T1138] bridge0: port 2(bridge_slave_1) entered blocking state [ 101.016032][ T1138] bridge0: port 2(bridge_slave_1) entered forwarding state [ 101.173292][ T5616] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 101.888186][ T5614] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 101.953500][ T5616] veth0_vlan: entered promiscuous mode [ 102.152441][ T5616] veth1_vlan: entered promiscuous mode [ 102.485202][ T5613] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 102.647023][ T5616] veth0_macvtap: entered promiscuous mode [ 102.723131][ T5616] veth1_macvtap: entered promiscuous mode [ 102.824264][ T5615] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 102.922026][ T5616] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 102.938943][ T5612] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 102.977433][ T5613] veth0_vlan: entered promiscuous mode [ 102.989320][ T5616] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 103.070540][ T161] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.098748][ T161] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.109344][ T5613] veth1_vlan: entered promiscuous mode [ 103.140188][ T161] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.166627][ T161] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.269153][ T5614] veth0_vlan: entered promiscuous mode [ 103.540058][ T5614] veth1_vlan: entered promiscuous mode [ 103.593458][ T5615] veth0_vlan: entered promiscuous mode [ 103.793745][ T5612] veth0_vlan: entered promiscuous mode [ 103.810098][ T5613] veth0_macvtap: entered promiscuous mode [ 103.825031][ T5615] veth1_vlan: entered promiscuous mode [ 103.863445][ T1177] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.863467][ T1177] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.894193][ T5613] veth1_macvtap: entered promiscuous mode [ 103.938588][ T5612] veth1_vlan: entered promiscuous mode [ 104.065679][ T5614] veth0_macvtap: entered promiscuous mode [ 104.094219][ T44] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.094241][ T44] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.105663][ T5613] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 104.145006][ T5614] veth1_macvtap: entered promiscuous mode [ 104.225347][ T5613] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 104.264395][ T5615] veth0_macvtap: entered promiscuous mode [ 104.319519][ T161] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.335977][ T5615] veth1_macvtap: entered promiscuous mode [ 104.347502][ T161] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.366445][ T161] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.383530][ T161] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.387780][ T5612] veth0_macvtap: entered promiscuous mode [ 104.477765][ T5614] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 104.625907][ T5612] veth1_macvtap: entered promiscuous mode [ 104.659541][ T5614] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 104.761560][ T5615] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 104.845991][ T55] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.929113][ T55] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.968473][ T5615] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 105.044806][ T55] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.077887][ T55] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.115138][ T5612] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 105.357937][ T55] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.374770][ T55] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.400702][ T55] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.406017][ T5612] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 105.531147][ T55] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.587827][ T161] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.587848][ T161] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.685041][ T9] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 105.803564][ T161] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.831637][ T3352] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.856675][ T3352] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.936079][ T3352] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.015587][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 106.015618][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 106.015657][ T9] usb 2-1: New USB device found, idVendor=056a, idProduct=030c, bcdDevice= 0.00 [ 106.015682][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 106.216999][ T9] usb 2-1: config 0 descriptor?? [ 106.591071][ T3352] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 106.591091][ T3352] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.213890][ T55] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.213912][ T55] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.478453][ T3352] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.478476][ T3352] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.597204][ T161] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.597221][ T161] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.797778][ T3352] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.797800][ T3352] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.077744][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.077768][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.430213][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.430235][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.435718][ T9] usb 2-1: USB disconnect, device number 2 [ 108.486956][ T5823] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 108.697308][ T5825] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 109.388168][ T5828] loop3: detected capacity change from 0 to 2048 [ 109.814791][ T5837] loop4: detected capacity change from 0 to 8 [ 110.403378][ T5850] syz.1.14 uses obsolete (PF_INET,SOCK_PACKET) [ 110.507917][ T5837] SQUASHFS error: lzo decompression failed, data probably corrupt [ 110.507958][ T5837] SQUASHFS error: Failed to read block 0x91: -5 [ 110.507976][ T5837] SQUASHFS error: Unable to read metadata cache entry [8f] [ 110.508001][ T5837] SQUASHFS error: Unable to read inode 0x11f [ 110.637939][ T5828] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 110.784688][ T5857] loop0: detected capacity change from 0 to 512 [ 110.786130][ T5857] EXT4-fs: Ignoring removed i_version option [ 110.786153][ T5857] EXT4-fs: Ignoring removed nobh option [ 110.864441][ T5857] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 110.864460][ T5857] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 110.902952][ T5828] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 111.364288][ T5857] EXT4-fs (loop0): 1 truncate cleaned up [ 111.495518][ T5857] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 111.575990][ T5615] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.633145][ T5868] netlink: 16 bytes leftover after parsing attributes in process `syz.2.19'. [ 112.601912][ T5874] loop3: detected capacity change from 0 to 1024 [ 112.604270][ T5874] ======================================================= [ 112.604270][ T5874] WARNING: The mand mount option has been deprecated and [ 112.604270][ T5874] and is ignored by this kernel. Remove the mand [ 112.604270][ T5874] option from the mount to silence this warning. [ 112.604270][ T5874] ======================================================= [ 112.607410][ T5874] EXT4-fs (loop3): stripe (4) is not aligned with cluster size (4096), stripe is disabled [ 112.771158][ T5613] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 113.126799][ T5874] EXT4-fs error (device loop3): ext4_map_blocks:791: inode #3: block 2: comm syz.3.16: lblock 2 mapped to illegal pblock 2 (length 1) [ 113.136206][ T5874] loop3: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 113.143113][ C1] EXT4-fs (loop3): initial error at time 1779363713: ext4_map_blocks:791: inode 3: block 2 [ 113.143238][ C1] EXT4-fs (loop3): last error at time 1779363713: ext4_map_blocks:791: inode 3: block 2 [ 113.201262][ T5874] Quota error (device loop3): qtree_write_dquot: dquota write failed [ 113.201329][ T5874] EXT4-fs error (device loop3): ext4_map_blocks:791: inode #3: block 48: comm syz.3.16: lblock 0 mapped to illegal pblock 48 (length 1) [ 113.201354][ T5874] loop3: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 113.209938][ T5874] Quota error (device loop3): v2_write_file_info: Can't write info structure [ 113.209969][ T5874] EXT4-fs error (device loop3): ext4_acquire_dquot:7034: comm syz.3.16: Failed to acquire dquot type 0 [ 113.210553][ T5874] loop3: lost filesystem error report for type 5 error -117 [ 113.268252][ T5874] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6383: Corrupt filesystem [ 113.268280][ T5874] loop3: lost filesystem error report for type 5 error -117 [ 113.312715][ T5880] pim6reg: entered allmulticast mode [ 113.318109][ T5882] pim6reg: left allmulticast mode [ 113.387139][ T5874] EXT4-fs error (device loop3): ext4_evict_inode:267: inode #11: comm syz.3.16: mark_inode_dirty error [ 113.387173][ T5874] loop3: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 113.389056][ T5874] EXT4-fs warning (device loop3): ext4_evict_inode:270: couldn't mark inode dirty (err -117) [ 113.389204][ T5874] EXT4-fs (loop3): 1 orphan inode deleted [ 113.446501][ T5874] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 113.522493][ T44] EXT4-fs error (device loop3): ext4_map_blocks:791: inode #3: block 1: comm kworker/u8:2: lblock 1 mapped to illegal pblock 1 (length 1) [ 113.606476][ T5874] EXT4-fs error (device loop3): __ext4_get_inode_loc:4885: comm syz.3.16: Invalid inode table block 1 in block_group 0 [ 113.778077][ T44] Quota error (device loop3): remove_tree: Can't read quota data block 1 [ 113.778164][ T44] EXT4-fs error (device loop3): ext4_release_dquot:7070: comm kworker/u8:2: Failed to release dquot type 0 [ 113.814070][ T5874] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6383: Corrupt filesystem [ 114.245893][ T5615] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.321727][ T5615] EXT4-fs error (device loop3): __ext4_get_inode_loc:4885: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 114.321762][ T5615] loop3: lost filesystem error report for type 5 error -117 [ 114.470840][ T5615] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6383: Corrupt filesystem [ 114.470866][ T5615] loop3: lost filesystem error report for type 5 error -117 [ 114.525813][ T5615] EXT4-fs error (device loop3): ext4_quota_off:7318: inode #3: comm syz-executor: mark_inode_dirty error [ 114.525849][ T5615] loop3: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 115.999275][ T5925] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.38' sets config #0 [ 116.251418][ T5929] loop0: detected capacity change from 0 to 256 [ 120.058328][ T5995] syz.1.62 (5995) used greatest stack depth: 18784 bytes left [ 120.378129][ T5999] loop3: detected capacity change from 0 to 4096 [ 120.450002][ T5999] EXT4-fs (loop3): Test dummy encryption mode enabled [ 120.516434][ T5999] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0103] [ 120.516722][ T5999] System zones: 0-5 [ 120.627243][ T5999] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 120.895917][ T5999] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni" [ 121.548751][ T6015] loop2: detected capacity change from 0 to 32768 [ 121.627270][ T6015] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.70 (6015) [ 122.156495][ T6009] loop0: detected capacity change from 0 to 131072 [ 122.192800][ T6015] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 122.192850][ T6015] BTRFS info (device loop2): using sha256 checksum algorithm [ 122.215422][ T6009] F2FS-fs (loop0): invalid crc value [ 122.302828][ T5615] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.454564][ T6009] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 122.534606][ T6009] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 122.646234][ T6009] F2FS-fs (loop0): f2fs_lookup: inode (ino=4) has zero i_nlink [ 122.666175][ T6015] BTRFS info (device loop2): setting nodatasum [ 122.666211][ T6015] BTRFS info (device loop2): enabling ssd optimizations [ 122.666233][ T6015] BTRFS info (device loop2): turning on async discard [ 122.666249][ T6015] BTRFS info (device loop2): enabling free space tree [ 122.867191][ T38] audit: type=1800 audit(1779363723.255:2): pid=6015 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.70" name="file1" dev="loop2" ino=260 res=0 errno=0 [ 123.091124][ T6038] loop3: detected capacity change from 0 to 128 [ 123.275826][ T6038] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 123.305829][ T6038] ext4 filesystem being mounted at /10/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 123.591340][ T6038] EXT4-fs error (device loop3): dx_make_map:1296: inode #2: block 63: comm syz.3.68: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1 [ 123.664996][ T6038] EXT4-fs error (device loop3) in do_split:2027: Corrupt filesystem [ 123.927581][ T5615] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 124.427694][ T6054] loop3: detected capacity change from 0 to 256 [ 124.534297][ T5632] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 124.758805][ T5632] usb 2-1: Using ep0 maxpacket: 16 [ 124.785753][ T5632] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=10.00 [ 124.785785][ T5632] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 124.785806][ T5632] usb 2-1: Product: syz [ 124.785821][ T5632] usb 2-1: Manufacturer: syz [ 124.785836][ T5632] usb 2-1: SerialNumber: syz [ 124.857917][ T5612] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 124.904579][ T5632] usb 2-1: config 0 descriptor?? [ 124.977969][ T5632] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected [ 124.998402][ T5632] usb 2-1: Detected FT-X [ 125.125795][ T6054] FAT-fs (loop3): Directory bread(block 64) failed [ 125.125835][ T6054] FAT-fs (loop3): Directory bread(block 65) failed [ 125.125966][ T6054] FAT-fs (loop3): Directory bread(block 66) failed [ 125.125992][ T6054] FAT-fs (loop3): Directory bread(block 67) failed [ 125.126094][ T6054] FAT-fs (loop3): Directory bread(block 68) failed [ 125.126120][ T6054] FAT-fs (loop3): Directory bread(block 69) failed [ 125.126222][ T6054] FAT-fs (loop3): Directory bread(block 70) failed [ 125.126248][ T6054] FAT-fs (loop3): Directory bread(block 71) failed [ 125.126351][ T6054] FAT-fs (loop3): Directory bread(block 72) failed [ 125.126374][ T6054] FAT-fs (loop3): Directory bread(block 73) failed [ 125.217111][ T5632] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 125.933811][ T5632] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 126.009109][ T5632] usb 2-1: USB disconnect, device number 3 [ 126.540598][ T5632] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 126.685156][ T5632] ftdi_sio 2-1:0.0: device disconnected [ 127.911660][ T6096] loop0: detected capacity change from 0 to 512 [ 127.981230][ T6096] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 128.022975][ T6091] overlayfs: overlapping lowerdir path [ 128.206760][ T6096] EXT4-fs error (device loop0): xattr_find_entry:337: inode #15: comm syz.0.72: corrupted xattr entries [ 128.206794][ T6096] loop0: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 128.219874][ C1] EXT4-fs (loop0): error count since last fsck: 1 [ 128.219900][ C1] EXT4-fs (loop0): initial error at time 1779363728: xattr_find_entry:337: inode 15 [ 128.219931][ C1] EXT4-fs (loop0): last error at time 1779363728: xattr_find_entry:337: inode 15 [ 128.259055][ T6096] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2860: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 128.324769][ T6096] EXT4-fs (loop0): 1 truncate cleaned up [ 128.328802][ T6096] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 128.367924][ T6096] EXT4-fs (loop0): shut down requested (1) [ 128.515203][ T5613] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.718241][ T6124] loop3: detected capacity change from 0 to 256 [ 129.792552][ T6124] FAT-fs (loop3): Directory bread(block 1285) failed [ 129.792583][ T6124] FAT-fs (loop3): Directory bread(block 1286) failed [ 129.792604][ T6124] FAT-fs (loop3): Directory bread(block 1287) failed [ 129.792802][ T6124] FAT-fs (loop3): Directory bread(block 1288) failed [ 129.849082][ T6124] FAT-fs (loop3): Directory bread(block 1285) failed [ 129.849117][ T6124] FAT-fs (loop3): Directory bread(block 1286) failed [ 129.849142][ T6124] FAT-fs (loop3): Directory bread(block 1287) failed [ 129.849167][ T6124] FAT-fs (loop3): Directory bread(block 1288) failed [ 129.893907][ T6124] FAT-fs (loop3): Directory bread(block 1285) failed [ 129.893937][ T6124] FAT-fs (loop3): Directory bread(block 1286) failed [ 129.984544][ T6127] netlink: 4 bytes leftover after parsing attributes in process `syz.0.101'. [ 130.209178][ T6129] mmap: syz.3.102 (6129) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 130.587505][ T6127] Zero length message leads to an empty skb [ 130.976218][ T821] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 131.109581][ T6146] loop0: detected capacity change from 0 to 512 [ 131.210728][ T821] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 131.210758][ T821] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 131.235946][ T821] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 131.235978][ T821] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 131.235999][ T821] usb 2-1: SerialNumber: syz [ 131.773404][ T821] usb 2-1: cannot find UAC_HEADER [ 132.876495][ T1335] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.876648][ T1335] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.192108][ T821] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 133.265282][ T6181] netlink: 28 bytes leftover after parsing attributes in process `syz.4.123'. [ 133.308327][ T821] usb 2-1: USB disconnect, device number 4 [ 133.585635][ T5818] udevd[5818]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 135.018264][ T6207] process 'syz.4.136' launched './file0' with NULL argv: empty string added [ 136.007977][ T6236] IPv6: NLM_F_CREATE should be specified when creating new route [ 136.035921][ T6236] IPv6: Can't replace route, no match found [ 137.019934][ T6268] 9p: Bad value for 'rfdno' [ 138.000911][ T6286] loop2: detected capacity change from 0 to 256 [ 138.324093][ T32] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 138.354976][ T6292] TCP: TCP_TX_DELAY enabled [ 138.444629][ T6286] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x389acbd6, utbl_chksum : 0xe619d30d) [ 138.454025][ T38] audit: type=1326 audit(1779363738.835:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6295 comm="syz.3.170" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd517dce59 code=0x7ffc0000 [ 138.454081][ T38] audit: type=1326 audit(1779363738.835:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6295 comm="syz.3.170" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd517dce59 code=0x7ffc0000 [ 138.454122][ T38] audit: type=1326 audit(1779363738.835:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6295 comm="syz.3.170" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbd5179d68e code=0x7ffc0000 [ 138.550342][ T32] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 138.550373][ T32] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 138.626717][ T38] audit: type=1326 audit(1779363739.015:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6295 comm="syz.3.170" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd517dce59 code=0x7ffc0000 [ 138.626890][ T38] audit: type=1326 audit(1779363739.015:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6295 comm="syz.3.170" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7fbd517dce59 code=0x7ffc0000 [ 138.627075][ T38] audit: type=1326 audit(1779363739.015:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6295 comm="syz.3.170" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd517dce59 code=0x7ffc0000 [ 138.738831][ T38] audit: type=1326 audit(1779363739.045:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6295 comm="syz.3.170" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd517dce59 code=0x7ffc0000 [ 138.772181][ T6294] nbd0: detected capacity change from 0 to 63 [ 138.800670][ T4931] block nbd0: Receive control failed (result -32) [ 138.833997][ T32] usb 2-1: config 0 descriptor?? [ 138.904832][ T5830] block nbd0: Dead connection, failed to find a fallback [ 138.904861][ T5830] block nbd0: shutting down sockets [ 138.904996][ T5830] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 138.905098][ T5830] Buffer I/O error on dev nbd0, logical block 0, async page read [ 138.905439][ T5830] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 138.905467][ T5830] Buffer I/O error on dev nbd0, logical block 1, async page read [ 138.905631][ T5830] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 138.905657][ T5830] Buffer I/O error on dev nbd0, logical block 2, async page read [ 138.905805][ T5830] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 138.905831][ T5830] Buffer I/O error on dev nbd0, logical block 3, async page read [ 138.964740][ T5830] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 138.964834][ T5830] Buffer I/O error on dev nbd0, logical block 0, async page read [ 138.965254][ T5830] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 138.965295][ T5830] Buffer I/O error on dev nbd0, logical block 1, async page read [ 138.965727][ T5830] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 138.965790][ T5830] Buffer I/O error on dev nbd0, logical block 2, async page read [ 139.069937][ T32] cp210x 2-1:0.0: cp210x converter detected [ 139.089556][ T5830] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 139.089588][ T5830] Buffer I/O error on dev nbd0, logical block 3, async page read [ 139.089744][ T5830] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 139.089766][ T5830] Buffer I/O error on dev nbd0, logical block 0, async page read [ 139.142958][ T5830] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 139.142990][ T5830] Buffer I/O error on dev nbd0, logical block 1, async page read [ 139.245773][ T5830] ldm_validate_partition_table(): Disk read failed. [ 139.258203][ T5830] Dev nbd0: unable to read RDB block 0 [ 139.259427][ T6302] netlink: 32 bytes leftover after parsing attributes in process `syz.0.172'. [ 139.282755][ T6302] netlink: 32 bytes leftover after parsing attributes in process `syz.0.172'. [ 139.287069][ T5830] nbd0: unable to read partition table [ 139.363668][ T5830] ldm_validate_partition_table(): Disk read failed. [ 139.383173][ T5830] Dev nbd0: unable to read RDB block 0 [ 139.388848][ T5830] nbd0: unable to read partition table [ 139.500154][ T32] usb 2-1: cp210x converter now attached to ttyUSB0 [ 140.593854][ T6333] loop3: detected capacity change from 0 to 512 [ 140.598846][ T6333] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 140.782448][ T6333] EXT4-fs error (device loop3): xattr_find_entry:337: inode #15: comm syz.3.182: corrupted xattr entries [ 140.782483][ T6333] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 140.786652][ T6333] EXT4-fs (loop3): 1 truncate cleaned up [ 140.844972][ T37] usb 2-1: USB disconnect, device number 5 [ 140.993926][ T6333] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 141.127887][ T6333] EXT4-fs error (device loop3): ext4_lookup:1785: inode #14: comm syz.3.182: invalid fast symlink length 39 [ 141.381445][ T37] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 141.413975][ T37] cp210x 2-1:0.0: device disconnected [ 141.561598][ T5615] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.819977][ T32] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 141.980008][ T32] usb 5-1: Using ep0 maxpacket: 8 [ 142.277438][ T32] usb 5-1: config 179 has an invalid interface number: 65 but max is 0 [ 142.277469][ T32] usb 5-1: config 179 has no interface number 0 [ 142.277516][ T32] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 142.277544][ T32] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 142.277572][ T32] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 142.277598][ T32] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 142.277626][ T32] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 142.277670][ T32] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 142.277704][ T32] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 142.444004][ T6369] netlink: 24 bytes leftover after parsing attributes in process `syz.3.191'. [ 143.240946][ T6356] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 143.501514][ T6373] batadv_slave_1: entered promiscuous mode [ 143.503000][ T6372] batadv_slave_1: left promiscuous mode [ 143.709521][ T6356] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 143.759363][ T6356] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 143.970998][ T38] audit: type=1326 audit(1779363744.355:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.3.198" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd517dce59 code=0x7ffc0000 [ 143.971058][ T38] audit: type=1326 audit(1779363744.355:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.3.198" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd517dce59 code=0x7ffc0000 [ 144.062209][ T38] audit: type=1326 audit(1779363744.375:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.3.198" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7fbd517dce59 code=0x7ffc0000 [ 144.067777][ T38] audit: type=1326 audit(1779363744.455:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.3.198" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd517dce59 code=0x7ffc0000 [ 144.129689][ T38] audit: type=1326 audit(1779363744.515:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.3.198" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd517dce59 code=0x7ffc0000 [ 144.869965][ T5627] Bluetooth: hci4: command 0x0405 tx timeout [ 145.395588][ T6383] Driver unsupported XDP return value 0 on prog (id 18) dev N/A, expect packet loss! [ 145.522958][ C1] xpad 5-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 145.523034][ C1] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 145.525227][ T32] usb 5-1: USB disconnect, device number 2 [ 145.977878][ T5859] input: Generic X-Box pad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:179.65/input/input5 [ 146.708762][ T6409] netlink: 24 bytes leftover after parsing attributes in process `syz.2.207'. [ 147.534707][ T5751] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 147.803288][ T5751] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 9865, setting to 1024 [ 147.803341][ T5751] usb 1-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00 [ 147.803366][ T5751] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 147.928727][ T5751] usb 1-1: config 0 descriptor?? [ 147.947156][ T6407] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 148.297728][ T5632] usb 3-1: new full-speed USB device number 2 using dummy_hcd [ 148.380435][ T5751] hid (null): bogus close delimiter [ 148.440320][ T5751] uclogic 0003:28BD:0071.0002: interface is invalid, ignoring [ 148.475082][ T5632] usb 3-1: config 248 has an invalid interface number: 103 but max is 0 [ 148.475113][ T5632] usb 3-1: config 248 has no interface number 0 [ 148.475146][ T5632] usb 3-1: config 248 interface 103 has no altsetting 0 [ 148.521050][ T5632] usb 3-1: New USB device found, idVendor=19d2, idProduct=1170, bcdDevice=66.cd [ 148.521083][ T5632] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 148.521105][ T5632] usb 3-1: Product: syz [ 148.521120][ T5632] usb 3-1: Manufacturer: syz [ 148.521135][ T5632] usb 3-1: SerialNumber: syz [ 148.600460][ T5751] usb 1-1: USB disconnect, device number 2 [ 149.266836][ T5632] option 3-1:248.103: GSM modem (1-port) converter detected [ 149.324002][ T6433] loop0: detected capacity change from 0 to 2048 [ 149.346386][ T5632] usb 3-1: USB disconnect, device number 2 [ 149.352544][ T821] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 149.450116][ T6433] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 149.546663][ T5632] option 3-1:248.103: device disconnected [ 149.552658][ T821] usb 2-1: Using ep0 maxpacket: 32 [ 149.569931][ T821] usb 2-1: config 0 has an invalid interface number: 184 but max is 0 [ 149.569961][ T821] usb 2-1: config 0 has no interface number 0 [ 149.570002][ T821] usb 2-1: config 0 interface 184 has no altsetting 0 [ 149.606030][ T821] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 149.606058][ T821] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 149.606077][ T821] usb 2-1: Product: syz [ 149.606090][ T821] usb 2-1: Manufacturer: syz [ 149.606103][ T821] usb 2-1: SerialNumber: syz [ 149.743864][ T821] usb 2-1: config 0 descriptor?? [ 149.786297][ T6438] loop3: detected capacity change from 0 to 256 [ 149.934874][ T6438] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d) [ 150.689065][ T821] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32 [ 150.689100][ T821] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 150.895378][ T821] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 150.895409][ T821] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71 [ 150.895429][ T821] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset [ 150.895446][ T821] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 150.898827][ T821] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -71 [ 151.013777][ T821] usb 2-1: USB disconnect, device number 6 [ 152.619421][ T6502] loop4: detected capacity change from 0 to 32768 [ 152.712807][ T6502] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 153.004929][ T6502] XFS (loop4): Ending clean mount [ 153.465129][ T6520] loop0: detected capacity change from 0 to 32768 [ 153.580767][ T6520] JBD2: Ignoring recovery information on journal [ 153.661951][ T6520] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 154.026049][ T6527] loop2: detected capacity change from 0 to 128 [ 155.253925][ T5859] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 155.367430][ T5613] ocfs2: Unmounting device (7,0) on (node local) [ 155.468936][ T6543] trusted_key: syz.3.248 sent an empty control message without MSG_MORE. [ 155.524148][ T5859] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 155.524178][ T5859] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 155.528072][ T5859] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 155.528100][ T5859] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 155.528117][ T5859] usb 3-1: SerialNumber: syz [ 155.795552][ T32] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 155.993456][ T6548] loop0: detected capacity change from 0 to 128 [ 156.022756][ T5859] usb 3-1: 0:2 : does not exist [ 156.074241][ T32] usb 2-1: Using ep0 maxpacket: 8 [ 156.093268][ T32] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 156.093291][ T32] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 156.093309][ T32] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 156.093326][ T32] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 156.093356][ T32] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 156.093373][ T32] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 156.403419][ T6548] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 156.462632][ T6548] hpfs: filesystem error: improperly stopped [ 156.462661][ T6548] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 156.462750][ T6548] hpfs: You really don't want any checks? You are crazy... [ 156.597645][ T32] usb 2-1: GET_CAPABILITIES returned 0 [ 156.597687][ T32] usbtmc 2-1:16.0: can't read capabilities [ 156.711860][ T6548] hpfs: hpfs_map_sector(): read error [ 156.711881][ T6548] hpfs: code page support is disabled [ 156.896567][ T6548] hpfs: hpfs_map_4sectors(): unaligned read [ 156.954096][ T6548] hpfs: hpfs_map_4sectors(): unaligned read [ 156.961745][ T6548] hpfs: filesystem error: unable to find root dir [ 157.100873][ T32] usb 2-1: USB disconnect, device number 7 [ 157.107010][ T6557] hpfs: hpfs_map_4sectors(): unaligned read [ 157.461279][ T5859] usb 3-1: USB disconnect, device number 3 [ 157.537100][ T5614] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 158.116590][ T5818] udevd[5818]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 158.738965][ T6580] loop0: detected capacity change from 0 to 512 [ 158.991933][ T6589] loop4: detected capacity change from 0 to 4096 [ 159.028348][ T6580] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 159.028512][ T6580] ext4 filesystem being mounted at /56/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 159.462363][ T5613] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.009502][ T6606] loop3: detected capacity change from 0 to 128 [ 160.050977][ T6606] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 160.058247][ T6606] ext4 filesystem being mounted at /58/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 160.598024][ T5615] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 161.598843][ T6632] netlink: 12 bytes leftover after parsing attributes in process `syz.2.278'. [ 161.598872][ T6632] block nbd1: Unsupported socket: should be TCP or UNIX. [ 161.600249][ T5750] usb 1-1: new full-speed USB device number 3 using dummy_hcd [ 161.733773][ T5859] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 161.819964][ T5750] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 161.820026][ T5750] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 9 [ 161.820077][ T5750] usb 1-1: New USB device found, idVendor=0f30, idProduct=0111, bcdDevice= 0.07 [ 161.820104][ T5750] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 161.897404][ T5750] usb 1-1: config 0 descriptor?? [ 161.929965][ T5859] usb 5-1: Using ep0 maxpacket: 8 [ 161.943075][ T5859] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 161.943142][ T5859] usb 5-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 161.943169][ T5859] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 162.012548][ T5750] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 162.039703][ T6638] loop3: detected capacity change from 0 to 2048 [ 162.080539][ T5859] usb 5-1: config 0 descriptor?? [ 162.161122][ T6638] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 162.189759][ T5750] usb 1-1: USB disconnect, device number 3 [ 162.285783][ T5859] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 163.012679][ T5859] gspca_vc032x: reg_w err -71 [ 163.012808][ T5859] vc032x 5-1:0.0: probe with driver vc032x failed with error -71 [ 163.040078][ T5859] usb 5-1: USB disconnect, device number 3 [ 163.652436][ T6653] netlink: 'syz.3.285': attribute type 1 has an invalid length. [ 163.652462][ T6653] netlink: 'syz.3.285': attribute type 2 has an invalid length. [ 163.652476][ T6653] netlink: 12 bytes leftover after parsing attributes in process `syz.3.285'. [ 163.857412][ T6657] loop2: detected capacity change from 0 to 32768 [ 163.973751][ T6657] JBD2: Ignoring recovery information on journal [ 164.045378][ T6657] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 164.808033][ T5612] ocfs2: Unmounting device (7,2) on (node local) [ 166.097201][ T6695] loop3: detected capacity change from 0 to 256 [ 166.212362][ T6695] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 167.245686][ T4931] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 167.340421][ T4931] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 167.341938][ T4931] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 167.343262][ T4931] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 167.344430][ T4931] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 167.808847][ T6729] loop3: detected capacity change from 0 to 164 [ 169.149587][ T6750] syz.4.324 (6750) used greatest stack depth: 18040 bytes left [ 169.604837][ T5627] Bluetooth: hci1: command tx timeout [ 170.040002][ T9] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 170.280135][ T9] usb 3-1: Using ep0 maxpacket: 32 [ 170.284296][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 170.284329][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 170.284366][ T9] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00 [ 170.284391][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 170.339761][ T9] usb 3-1: config 0 descriptor?? [ 170.703305][ T6777] loop4: detected capacity change from 0 to 1024 [ 170.830500][ T9] koneplus 0003:1E7D:2D51.0003: unknown main item tag 0x0 [ 170.830545][ T9] koneplus 0003:1E7D:2D51.0003: unknown main item tag 0x0 [ 170.830572][ T9] koneplus 0003:1E7D:2D51.0003: unknown main item tag 0x0 [ 170.830597][ T9] koneplus 0003:1E7D:2D51.0003: unknown main item tag 0x0 [ 170.830621][ T9] koneplus 0003:1E7D:2D51.0003: unknown main item tag 0x0 [ 170.985911][ T6777] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 171.012290][ T9] koneplus 0003:1E7D:2D51.0003: hidraw0: USB HID v0.00 Device [HID 1e7d:2d51] on usb-dummy_hcd.2-1/input0 [ 171.354214][ T9] usb 3-1: USB disconnect, device number 4 [ 171.396843][ T6789] netlink: 'syz.1.338': attribute type 1 has an invalid length. [ 171.396866][ T6789] netlink: 'syz.1.338': attribute type 4 has an invalid length. [ 171.396880][ T6789] netlink: 9462 bytes leftover after parsing attributes in process `syz.1.338'. [ 171.670034][ T5627] Bluetooth: hci1: command tx timeout [ 171.885205][ T6786] fido_id[6786]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 171.926255][ T5614] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 172.259495][ T6798] loop3: detected capacity change from 0 to 2048 [ 172.513728][ T6798] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 172.513906][ T6798] ext4 filesystem being mounted at /79/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 172.820068][ T869] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 172.978783][ T869] usb 2-1: Using ep0 maxpacket: 16 [ 173.005135][ T869] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 173.005172][ T869] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 173.005217][ T869] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 173.005242][ T869] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 173.107841][ T869] usb 2-1: config 0 descriptor?? [ 173.455033][ T869] usbhid 2-1:0.0: can't add hid device: -71 [ 173.455147][ T869] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 173.500050][ T869] usb 2-1: USB disconnect, device number 8 [ 173.633369][ T6809] overlayfs: failed to create directory ./bus/index (errno: 28); mounting read-only [ 173.633395][ T6809] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 173.760920][ T5627] Bluetooth: hci1: command tx timeout [ 174.628849][ T5615] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 174.790884][ T6712] bridge0: port 1(bridge_slave_0) entered blocking state [ 174.792036][ T6712] bridge0: port 1(bridge_slave_0) entered disabled state [ 174.793513][ T6712] bridge_slave_0: entered allmulticast mode [ 174.865382][ T6712] bridge_slave_0: entered promiscuous mode [ 175.036305][ T6712] bridge0: port 2(bridge_slave_1) entered blocking state [ 175.036631][ T6712] bridge0: port 2(bridge_slave_1) entered disabled state [ 175.036969][ T6712] bridge_slave_1: entered allmulticast mode [ 175.253794][ T6840] netlink: 24 bytes leftover after parsing attributes in process `syz.4.352'. [ 175.255920][ T6712] bridge_slave_1: entered promiscuous mode [ 175.849514][ T5627] Bluetooth: hci1: command tx timeout [ 176.199296][ T6849] loop4: detected capacity change from 0 to 8 [ 176.215594][ T6849] squashfs: Unknown parameter '#' [ 176.287271][ T6712] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 176.351306][ T6712] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 176.876647][ T6854] loop2: detected capacity change from 0 to 40427 [ 176.880346][ T6854] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 176.880386][ T6854] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 176.889705][ T6854] F2FS-fs (loop2): invalid crc value [ 177.022069][ T6854] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 177.074007][ T6854] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 177.074032][ T6854] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 177.153817][ T6712] team0: Port device team_slave_0 added [ 177.216811][ T6712] team0: Port device team_slave_1 added [ 177.845552][ T6712] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 177.845570][ T6712] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 177.845602][ T6712] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 177.993627][ T6712] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 177.993647][ T6712] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 177.993675][ T6712] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 179.479319][ T6882] loop4: detected capacity change from 0 to 16 [ 179.611484][ T6712] hsr_slave_0: entered promiscuous mode [ 179.653927][ T6712] hsr_slave_1: entered promiscuous mode [ 179.681918][ T6712] debugfs: 'hsr0' already exists in 'hsr' [ 179.681948][ T6712] Cannot create hsr debugfs directory [ 180.194679][ T6882] erofs (device loop4): mounted with root inode @ nid 36. [ 180.318840][ T6888] loop2: detected capacity change from 0 to 136 [ 180.330853][ T6888] iso9660: Unknown parameter 'sessionI“Zו²PÙ8†ÀÖ·' [ 180.412382][ T6886] loop1: detected capacity change from 0 to 32768 [ 180.413571][ T6886] btrfs: Deprecated parameter 'usebackuproot' [ 180.413827][ T6886] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 180.499560][ T6886] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.370 (6886) [ 180.644324][ T6882] syz.4.368: attempt to access beyond end of device [ 180.644324][ T6882] loop4: rw=524288, sector=1342177272, nr_sectors = 32 limit=16 [ 180.656659][ T6886] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 180.656696][ T6886] BTRFS info (device loop1): using crc32c checksum algorithm [ 180.814185][ T6895] loop3: detected capacity change from 0 to 7 [ 180.895282][ T6895] Dev loop3: unable to read RDB block 7 [ 180.895341][ T6895] loop3: unable to read partition table [ 180.895613][ T6895] loop3: partition table beyond EOD, truncated [ 180.895663][ T6895] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5) [ 180.987406][ T38] audit: type=1800 audit(1779363781.345:15): pid=6882 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.368" name="file1" dev="loop4" ino=86 res=0 errno=0 [ 181.189688][ T44] BTRFS warning (device loop1): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0 [ 181.190039][ T6886] BTRFS error (device loop1): failed to load root extent [ 181.195683][ T6886] BTRFS warning (device loop1): try to load backup roots slot 1 [ 181.266648][ T55] BTRFS warning (device loop1): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0 [ 181.268620][ T6886] BTRFS warning (device loop1): couldn't read tree root [ 181.268646][ T6886] BTRFS warning (device loop1): try to load backup roots slot 2 [ 181.347293][ T6492] BTRFS error (device loop1): level verify failed on logical 5255168 mirror 1 wanted 0 found 1 [ 181.347470][ T6886] BTRFS warning (device loop1): couldn't read tree root [ 181.347492][ T6886] BTRFS warning (device loop1): try to load backup roots slot 3 [ 181.403434][ T6886] BTRFS info (device loop1): rebuilding free space tree [ 181.491421][ T821] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 181.622455][ T6909] loop4: detected capacity change from 0 to 512 [ 181.659926][ T821] usb 3-1: Using ep0 maxpacket: 8 [ 181.666553][ T821] usb 3-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 181.666606][ T821] usb 3-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid wMaxPacketSize 0 [ 181.666630][ T821] usb 3-1: config 0 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 181.666657][ T821] usb 3-1: config 0 interface 0 has no altsetting 0 [ 181.666690][ T821] usb 3-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00 [ 181.666714][ T821] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 181.881667][ T6886] BTRFS info (device loop1): checking UUID tree [ 181.887934][ T6886] BTRFS info (device loop1): enabling ssd optimizations [ 181.887960][ T6886] BTRFS info (device loop1): turning on async discard [ 181.887977][ T6886] BTRFS info (device loop1): enabling free space tree [ 181.887994][ T6886] BTRFS info (device loop1): force clearing of disk cache [ 181.888010][ T6886] BTRFS info (device loop1): enabling auto defrag [ 181.888027][ T6886] BTRFS info (device loop1): trying to use backup root at mount time [ 181.888062][ T6886] BTRFS info (device loop1): use zstd compression, level 3 [ 182.097304][ T821] usb 3-1: config 0 descriptor?? [ 182.111730][ T6909] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 182.292257][ T6916] overlayfs: upper fs does not support file handles, falling back to index=off. [ 182.475973][ T6909] EXT4-fs (loop4): 1 truncate cleaned up [ 182.518628][ T6909] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 182.913065][ T821] sony 0003:054C:024B.0004: unknown main item tag 0x3 [ 182.913101][ T821] sony 0003:054C:024B.0004: unknown main item tag 0x0 [ 182.913124][ T821] sony 0003:054C:024B.0004: unknown main item tag 0x0 [ 182.913146][ T821] sony 0003:054C:024B.0004: unknown main item tag 0x0 [ 182.913170][ T821] sony 0003:054C:024B.0004: unknown main item tag 0x0 [ 182.913195][ T821] sony 0003:054C:024B.0004: unknown main item tag 0x0 [ 182.913220][ T821] sony 0003:054C:024B.0004: unknown main item tag 0x0 [ 182.913261][ T821] sony 0003:054C:024B.0004: unknown global tag 0xd [ 182.913276][ T821] sony 0003:054C:024B.0004: item 0 4 1 13 parsing failed [ 182.913930][ T821] sony 0003:054C:024B.0004: parse failed [ 182.929585][ T821] sony 0003:054C:024B.0004: probe with driver sony failed with error -22 [ 183.271295][ T821] usb 3-1: USB disconnect, device number 5 [ 183.525101][ T6924] loop3: detected capacity change from 0 to 1024 [ 183.672822][ T6924] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 183.765199][ T5614] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 183.939436][ T6932] loop2: detected capacity change from 0 to 128 [ 184.006003][ T6928] overlayfs: failed to resolve './file0': -2 [ 184.145687][ T6932] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 184.146176][ T6932] ext4 filesystem being mounted at /68/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 184.419455][ T5616] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 184.655295][ T5615] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 186.156342][ T5612] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 186.350262][ T6953] loop4: detected capacity change from 0 to 2048 [ 186.468169][ T6953] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 186.480579][ T6712] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 186.846809][ T6712] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 187.580508][ T6712] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 187.659429][ T6712] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 187.770983][ T6712] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 188.145788][ T6712] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 188.159347][ T6712] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 188.231638][ T821] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 188.325728][ T38] audit: type=1326 audit(1779363788.705:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6982 comm="syz.4.397" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9713ace59 code=0x7ffc0000 [ 188.326053][ T38] audit: type=1326 audit(1779363788.715:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6982 comm="syz.4.397" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9713ace59 code=0x7ffc0000 [ 188.390116][ T821] usb 2-1: Using ep0 maxpacket: 8 [ 188.394226][ T821] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 188.394273][ T821] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 188.394296][ T821] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 188.467334][ T38] audit: type=1326 audit(1779363788.855:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6982 comm="syz.4.397" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9713ace59 code=0x7ffc0000 [ 188.467393][ T38] audit: type=1326 audit(1779363788.855:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6982 comm="syz.4.397" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9713ace59 code=0x7ffc0000 [ 188.467441][ T38] audit: type=1326 audit(1779363788.855:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6982 comm="syz.4.397" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9713ace59 code=0x7ffc0000 [ 188.491718][ T38] audit: type=1326 audit(1779363788.865:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6982 comm="syz.4.397" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7fc9713ace59 code=0x7ffc0000 [ 188.538379][ T38] audit: type=1326 audit(1779363788.925:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6982 comm="syz.4.397" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fc97136d68e code=0x7ffc0000 [ 188.603888][ T821] usb 2-1: config 0 descriptor?? [ 188.628664][ T6712] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 188.764291][ T38] audit: type=1326 audit(1779363788.935:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6982 comm="syz.4.397" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fc97136d68e code=0x7ffc0000 [ 188.766488][ T38] audit: type=1326 audit(1779363789.155:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6982 comm="syz.4.397" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fc97136d68e code=0x7ffc0000 [ 188.768188][ T38] audit: type=1326 audit(1779363789.155:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6982 comm="syz.4.397" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fc97136d68e code=0x7ffc0000 [ 188.890715][ T821] iowarrior 2-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 189.115861][ T821] usb 2-1: USB disconnect, device number 9 [ 189.939678][ T6712] 8021q: adding VLAN 0 to HW filter on device bond0 [ 190.207883][ T6983] loop3: detected capacity change from 0 to 40427 [ 190.353155][ T6712] 8021q: adding VLAN 0 to HW filter on device team0 [ 190.488983][ T3404] bridge0: port 1(bridge_slave_0) entered blocking state [ 190.534913][ T3404] bridge0: port 1(bridge_slave_0) entered forwarding state [ 190.636476][ T3404] bridge0: port 2(bridge_slave_1) entered blocking state [ 190.636639][ T3404] bridge0: port 2(bridge_slave_1) entered forwarding state [ 191.141648][ T7021] ªªªªªª: renamed from vlan0 (while UP) [ 191.342363][ T7024] fuse: Invalid rootmode [ 191.941159][ T7034] loop1: detected capacity change from 0 to 512 [ 192.116695][ T7034] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 192.116870][ T7034] ext4 filesystem being mounted at /84/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 192.275173][ T7034] EXT4-fs error (device loop1): ext4_xattr_block_list:766: inode #15: comm syz.1.409: corrupted xattr block 32: bad e_name length [ 192.729040][ T5616] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 193.039456][ T7059] loop3: detected capacity change from 0 to 256 [ 193.634072][ T38] kauditd_printk_skb: 93 callbacks suppressed [ 193.634092][ T38] audit: type=1800 audit(1779363794.025:119): pid=7070 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.414" name="file2" dev="loop3" ino=1048609 res=0 errno=0 [ 194.008844][ T6712] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 194.314411][ T1335] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.314527][ T1335] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.744585][ T7096] netlink: 24 bytes leftover after parsing attributes in process `syz.1.423'. [ 196.211043][ T6712] veth0_vlan: entered promiscuous mode [ 196.265835][ T6712] veth1_vlan: entered promiscuous mode [ 196.608083][ T6712] veth0_macvtap: entered promiscuous mode [ 196.740452][ T6712] veth1_macvtap: entered promiscuous mode [ 196.748592][ T9] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 196.770925][ T869] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 196.916296][ T9] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 196.916324][ T9] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 196.916352][ T7131] netlink: 8 bytes leftover after parsing attributes in process `syz.3.438'. [ 196.926155][ T869] usb 3-1: Using ep0 maxpacket: 32 [ 196.939975][ T9] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 196.940004][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 196.940023][ T9] usb 5-1: SerialNumber: syz [ 196.985099][ T869] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 196.985131][ T869] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 197.022536][ T869] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 197.022569][ T869] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 197.022591][ T869] usb 3-1: Product: syz [ 197.022606][ T869] usb 3-1: Manufacturer: syz [ 197.110188][ T5627] Bluetooth: hci1: command 0x0405 tx timeout [ 197.155811][ T869] hub 3-1:4.0: USB hub found [ 197.202870][ T6712] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 197.326546][ T869] hub 3-1:4.0: 2 ports detected [ 197.560167][ T6712] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 197.743068][ T9] usb 5-1: 0:2 : does not exist [ 197.802404][ T3404] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.813187][ T3404] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.824045][ T3404] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.824993][ T3404] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.323112][ T869] hub 3-1:4.0: set hub depth failed [ 198.562880][ T7149] netlink: 4 bytes leftover after parsing attributes in process `syz.1.445'. [ 198.593293][ T5750] hub 3-1:4.0: hub_ext_port_status failed (err = -71) [ 198.650083][ T7148] netlink: 4 bytes leftover after parsing attributes in process `syz.1.445'. [ 198.796730][ T869] usb 3-1: USB disconnect, device number 6 [ 198.917571][ T9] usb 5-1: USB disconnect, device number 4 [ 199.413074][ T7158] loop4: detected capacity change from 0 to 32768 [ 199.451575][ T7158] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.448 (7158) [ 199.477899][ T7158] BTRFS info (device loop4): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 199.477935][ T7158] BTRFS info (device loop4): using blake2b checksum algorithm [ 200.181974][ T7158] BTRFS info (device loop4): enabling ssd optimizations [ 200.182013][ T7158] BTRFS info (device loop4): turning on async discard [ 200.182030][ T7158] BTRFS info (device loop4): enabling free space tree [ 200.443668][ T5818] udevd[5818]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 200.728880][ T7158] loop4: detected capacity change from 32768 to 64 [ 200.752020][ T7158] Dev loop4: unable to read RDB block 8 [ 200.752205][ T7158] loop4: unable to read partition table [ 200.753833][ T7158] loop_reread_partitions: partition scan of loop4 (ï5ŸA;¹8R÷Ö¤®mÝûÑÎ])Âî^\©) failed (rc=-5) [ 201.268390][ T7183] loop1: detected capacity change from 0 to 1024 [ 201.281758][ T1493] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 201.281778][ T1493] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 201.419083][ T7183] hfsplus: failed to load extents file [ 201.449710][ T7183] netlink: 4 bytes leftover after parsing attributes in process `syz.1.454'. [ 202.089554][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 202.089574][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 203.389529][ T67] kworker/u8:4: attempt to access beyond end of device [ 203.389529][ T67] loop4: rw=67112961, sector=10440, nr_sectors = 8 limit=64 [ 203.415381][ T67] BTRFS error (device loop4): bdev /dev/loop4 errs: wr 1, rd 0, flush 0, corrupt 0, gen 0 [ 203.437964][ T67] kworker/u8:4: attempt to access beyond end of device [ 203.437964][ T67] loop4: rw=67112961, sector=10448, nr_sectors = 8 limit=64 [ 203.438007][ T67] BTRFS error (device loop4): bdev /dev/loop4 errs: wr 2, rd 0, flush 0, corrupt 0, gen 0 [ 203.438094][ T67] kworker/u8:4: attempt to access beyond end of device [ 203.438094][ T67] loop4: rw=67112961, sector=13448, nr_sectors = 8 limit=64 [ 203.438121][ T67] BTRFS error (device loop4): bdev /dev/loop4 errs: wr 3, rd 0, flush 0, corrupt 0, gen 0 [ 203.530937][ T5614] BTRFS error (device loop4 state A): Transaction aborted (error -5) [ 203.531109][ T5614] BTRFS: error (device loop4 state A) in __btrfs_free_extent:3425: errno=-5 IO failure [ 203.531133][ T5614] BTRFS info (device loop4 state EA): forced readonly [ 203.531183][ T5614] BTRFS error (device loop4 state EA): failed to run delayed ref for logical 5296128 num_bytes 12288 type 178 action 2 ref_mod 1: -5 [ 203.587272][ T5614] BTRFS: error (device loop4 state EA) in btrfs_run_delayed_refs:2247: errno=-5 IO failure [ 203.587591][ T5614] BTRFS info (device loop4 state EA): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 203.813244][ T7214] netlink: 51 bytes leftover after parsing attributes in process `syz.3.466'. [ 204.292797][ T7224] netlink: 24 bytes leftover after parsing attributes in process `syz.5.467'. [ 205.381484][ T5859] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 205.551632][ T5859] usb 4-1: Using ep0 maxpacket: 32 [ 205.557599][ T5859] usb 4-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config [ 205.557655][ T5859] usb 4-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82 [ 205.557687][ T5859] usb 4-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 205.557707][ T5859] usb 4-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11 [ 205.613503][ T5859] usb 4-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30 [ 205.613535][ T5859] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 205.613554][ T5859] usb 4-1: Product: syz [ 205.613568][ T5859] usb 4-1: Manufacturer: syz [ 205.613584][ T5859] usb 4-1: SerialNumber: syz [ 205.669978][ T869] usb 3-1: new full-speed USB device number 7 using dummy_hcd [ 205.868377][ T869] usb 3-1: config 127 has an invalid interface number: 192 but max is 0 [ 205.868405][ T869] usb 3-1: config 127 has no interface number 0 [ 205.879910][ T869] usb 3-1: New USB device found, idVendor=093a, idProduct=2600, bcdDevice=1a.06 [ 205.879940][ T869] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 205.879959][ T869] usb 3-1: Product: syz [ 205.879972][ T869] usb 3-1: Manufacturer: syz [ 205.879985][ T869] usb 3-1: SerialNumber: syz [ 205.919917][ C1] imon 4-1:155.0: imon usb_rx_callback_intf0: status(-71) [ 206.458939][ T5859] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:155.0/input/input6 [ 206.503565][ T869] gspca_main: pac7311-2.14.0 probing 093a:2600 [ 207.274411][ T869] gspca_pac7311: reg_w() failed index 0x78, value 0x40, error -110 [ 207.274502][ T869] pac7311 3-1:127.192: probe with driver pac7311 failed with error -110 [ 207.641327][ T869] usb 3-1: USB disconnect, device number 7 [ 208.899002][ T7260] loop2: detected capacity change from 0 to 32768 [ 208.917601][ T5859] imon:send_packet: packet tx failed (-71) [ 208.928143][ T4931] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 208.940734][ T5859] imon 4-1:155.0: panel buttons/knobs setup failed [ 208.940757][ T5859] imon 4-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR [ 208.940771][ T5859] (id 0x00) [ 209.002668][ T4931] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 209.024991][ T4931] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 209.063533][ T4931] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 209.068851][ T4931] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 209.149230][ T7260] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 209.349875][ T5859] rc_core: IR keymap rc-imon-pad not found [ 209.349899][ T5859] Registered IR keymap rc-empty [ 209.350031][ T5859] imon 4-1:155.0: Looks like you're trying to use an IR protocol this device does not support [ 209.350050][ T5859] imon 4-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol [ 209.351435][ T5859] imon:send_packet: packet tx failed (-71) [ 209.393031][ T5859] imon 4-1:155.0: remote input dev register failed [ 209.393241][ T5859] imon 4-1:155.0: imon_init_intf0: rc device setup failed [ 209.418845][ T7260] XFS (loop2): Ending clean mount [ 209.645272][ T5612] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 209.975538][ T5859] imon 4-1:155.0: unable to initialize intf0, err 0 [ 209.975564][ T5859] imon:imon_probe: failed to initialize context! [ 209.975578][ T5859] imon 4-1:155.0: unable to register, err -19 [ 210.042355][ T5859] usb 4-1: USB disconnect, device number 2 [ 210.200053][ T6492] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 210.271970][ T7276] netlink: 24 bytes leftover after parsing attributes in process `syz.3.484'. [ 211.186286][ T7283] netlink: 20 bytes leftover after parsing attributes in process `syz.4.487'. [ 211.270536][ T5627] Bluetooth: hci3: command tx timeout [ 212.374144][ T6492] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.350008][ T5627] Bluetooth: hci3: command tx timeout [ 213.490554][ T821] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 213.633936][ T6492] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.672348][ T821] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 213.672384][ T821] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 213.672425][ T821] usb 6-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af [ 213.672450][ T821] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 213.919467][ T821] usb 6-1: config 0 descriptor?? [ 214.477958][ T821] playstation 0003:054C:0DF2.0005: unknown main item tag 0x0 [ 214.477997][ T821] playstation 0003:054C:0DF2.0005: unknown main item tag 0x0 [ 214.478025][ T821] playstation 0003:054C:0DF2.0005: unknown main item tag 0x0 [ 214.478052][ T821] playstation 0003:054C:0DF2.0005: unknown main item tag 0x0 [ 214.478078][ T821] playstation 0003:054C:0DF2.0005: unknown main item tag 0x0 [ 214.735145][ T821] playstation 0003:054C:0DF2.0005: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.5-1/input0 [ 215.141677][ T821] playstation 0003:054C:0DF2.0005: Failed to retrieve feature with reportID 32: -71 [ 215.142275][ T821] playstation 0003:054C:0DF2.0005: Failed to retrieve DualSense firmware info: -71 [ 215.142333][ T821] playstation 0003:054C:0DF2.0005: Failed to get firmware info from DualSense [ 215.142354][ T821] playstation 0003:054C:0DF2.0005: Failed to create dualsense. [ 215.145840][ T6492] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 215.242701][ T821] playstation 0003:054C:0DF2.0005: probe with driver playstation failed with error -71 [ 215.285888][ T821] usb 6-1: USB disconnect, device number 2 [ 215.431168][ T60] Bluetooth: hci3: command tx timeout [ 216.883643][ T7362] loop5: detected capacity change from 0 to 32768 [ 216.901889][ T60] Bluetooth: hci0: command 0x0406 tx timeout [ 216.902034][ T60] Bluetooth: hci4: command 0x0405 tx timeout [ 216.902063][ T60] Bluetooth: hci2: command 0x0406 tx timeout [ 217.256996][ T7362] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 217.343954][ T7362] XFS (loop5): Ending clean mount [ 217.510760][ T5627] Bluetooth: hci3: command tx timeout [ 218.131816][ T6712] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 218.486980][ T7383] capability: warning: `syz.3.518' uses deprecated v2 capabilities in a way that may be insecure [ 219.644536][ T6492] bridge_slave_1: left allmulticast mode [ 219.644773][ T6492] bridge_slave_1: left promiscuous mode [ 219.758161][ T7413] loop4: detected capacity change from 0 to 128 [ 219.769041][ T6492] bridge0: port 2(bridge_slave_1) entered disabled state [ 220.227906][ T38] audit: type=1800 audit(1779363820.615:120): pid=7413 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.526" name="file1" dev="loop4" ino=1048615 res=0 errno=0 [ 220.691999][ T6492] bridge_slave_0: left allmulticast mode [ 220.692042][ T6492] bridge_slave_0: left promiscuous mode [ 220.692331][ T6492] bridge0: port 1(bridge_slave_0) entered disabled state [ 223.003717][ T7419] syz.2.528 (7419) used greatest stack depth: 17256 bytes left [ 224.070142][ C0] af_packet: tpacket_rcv: packet too big, clamped from 40 to 4294967272. macoff=96 [ 224.353236][ T7468] loop4: detected capacity change from 0 to 8192 [ 224.686836][ T7470] loop2: detected capacity change from 0 to 32768 [ 224.703823][ T7470] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.546 (7470) [ 224.725722][ T7470] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 224.725756][ T7470] BTRFS info (device loop2): using sha256 checksum algorithm [ 224.999444][ T7470] BTRFS info (device loop2): setting nodatasum [ 224.999471][ T7470] BTRFS info (device loop2): enabling ssd optimizations [ 224.999490][ T7470] BTRFS info (device loop2): turning on async discard [ 224.999508][ T7470] BTRFS info (device loop2): enabling free space tree [ 225.633731][ T6492] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 225.817414][ T7498] loop5: detected capacity change from 0 to 16 [ 225.985194][ T6492] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 226.085287][ T6492] bond0 (unregistering): Released all slaves [ 226.267999][ T7258] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.268307][ T7258] bridge0: port 1(bridge_slave_0) entered disabled state [ 226.268637][ T7258] bridge_slave_0: entered allmulticast mode [ 226.343505][ T7498] erofs (device loop5): mounted with root inode @ nid 36. [ 226.349623][ T7258] bridge_slave_0: entered promiscuous mode [ 226.568081][ T7258] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.568387][ T7258] bridge0: port 2(bridge_slave_1) entered disabled state [ 226.568831][ T7258] bridge_slave_1: entered allmulticast mode [ 226.615791][ T7258] bridge_slave_1: entered promiscuous mode [ 226.708420][ T38] audit: type=1800 audit(1779363827.095:121): pid=7498 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.550" name="file2" dev="loop5" ino=89 res=0 errno=0 [ 227.244210][ T7258] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 227.295269][ T5612] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 227.351725][ T7506] netlink: 'syz.4.555': attribute type 4 has an invalid length. [ 227.440006][ T7508] netlink: 'syz.4.555': attribute type 4 has an invalid length. [ 227.510401][ T7258] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 228.038592][ T7514] overlayfs: failed to set uuid (135/file0, err=-1); falling back to uuid=null. [ 228.038659][ T7514] overlayfs: failed to verify upper root origin [ 228.213101][ T7258] team0: Port device team_slave_0 added [ 228.269742][ T7258] team0: Port device team_slave_1 added [ 229.120931][ T7258] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 229.120965][ T7258] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 229.120995][ T7258] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 229.570379][ T5750] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 229.682651][ T7539] netlink: 'syz.5.563': attribute type 4 has an invalid length. [ 229.723071][ T7541] netlink: 'syz.5.563': attribute type 4 has an invalid length. [ 229.754038][ T5750] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 229.754073][ T5750] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 229.754097][ T5750] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 229.754141][ T5750] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 229.754165][ T5750] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 229.763004][ T5750] usb 4-1: config 0 descriptor?? [ 230.268632][ T7546] loop2: detected capacity change from 0 to 4096 [ 230.378157][ T7546] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 230.693569][ T5750] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 230.906154][ T5750] usb 4-1: USB disconnect, device number 3 [ 231.337593][ T7554] fido_id[7554]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 231.633922][ T7258] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 231.633941][ T7258] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 231.633970][ T7258] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 231.734758][ T7556] binder: 7555:7556 ioctl c0306201 200000000000 returned -14 [ 231.972425][ T5276] 8021q: adding VLAN 0 to HW filter on device eth1 [ 232.070952][ T5750] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 232.128863][ T7567] netlink: 28 bytes leftover after parsing attributes in process `syz.3.568'. [ 232.241229][ T5750] usb 3-1: Using ep0 maxpacket: 32 [ 232.254252][ T5750] usb 3-1: config 6 has an invalid interface number: 132 but max is 0 [ 232.254280][ T5750] usb 3-1: config 6 has no interface number 0 [ 232.254322][ T5750] usb 3-1: config 6 interface 132 altsetting 6 endpoint 0xA has an invalid bInterval 248, changing to 7 [ 232.254350][ T5750] usb 3-1: config 6 interface 132 has no altsetting 0 [ 232.323425][ T5750] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a4, bcdDevice=d3.7e [ 232.323456][ T5750] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 232.323477][ T5750] usb 3-1: Product: syz [ 232.323493][ T5750] usb 3-1: Manufacturer: syz [ 232.323506][ T5750] usb 3-1: SerialNumber: syz [ 232.785523][ T5750] usbtest 3-1:6.132: couldn't get endpoints, -22 [ 232.785638][ T5750] usbtest 3-1:6.132: probe with driver usbtest failed with error -22 [ 232.819376][ T5750] usb 3-1: USB disconnect, device number 8 [ 233.409660][ T7563] process 'memfd:-BÕN4¦EyÛѧ±Sñ:)' started with executable stack [ 235.120543][ T7605] vivid-004: disconnect [ 235.227553][ T7602] vivid-004: reconnect [ 235.431359][ T7258] hsr_slave_0: entered promiscuous mode [ 235.433432][ T7258] hsr_slave_1: entered promiscuous mode [ 235.438753][ T7258] debugfs: 'hsr0' already exists in 'hsr' [ 235.438777][ T7258] Cannot create hsr debugfs directory [ 235.785744][ T7617] loop3: detected capacity change from 0 to 512 [ 235.787021][ T7617] EXT4-fs: Ignoring removed nobh option [ 235.871605][ T7614] warning: `syz.3.585' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 235.923065][ T7617] EXT4-fs (loop3): orphan cleanup on readonly fs [ 235.984303][ T7617] EXT4-fs error (device loop3): ext4_xattr_inode_update_ref:1037: inode #11: comm syz.3.585: EA inode 11 ref wraparound: ref_count=0 ref_change=-1 [ 235.984347][ T7617] loop3: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 235.997256][ C0] EXT4-fs (loop3): initial error at time 1779363836: ext4_xattr_inode_update_ref:1037: inode 11 [ 235.997300][ C0] EXT4-fs (loop3): last error at time 1779363836: ext4_xattr_inode_update_ref:1037: inode 11 [ 236.097770][ T7617] EXT4-fs (loop3): Remounting filesystem read-only [ 236.097814][ T7617] EXT4-fs warning (device loop3): ext4_xattr_inode_dec_ref_all:1231: inode #11: comm syz.3.585: ea_inode dec ref err=-117 [ 236.098074][ T7617] EXT4-fs (loop3): 1 orphan inode deleted [ 236.126304][ T7617] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 236.155334][ T7617] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 236.658383][ T7628] overlayfs: statfs failed on './file0' [ 236.823195][ T7633] loop2: detected capacity change from 0 to 7 [ 237.183848][ T7633] Dev loop2: unable to read RDB block 7 [ 237.183885][ T7633] loop2: AHDI p1 p2 p3 [ 237.183911][ T7633] loop2: partition table partially beyond EOD, truncated [ 237.185631][ T7633] loop2: p1 start 1601398130 is beyond EOD, truncated [ 237.185657][ T7633] loop2: p2 start 1702059890 is beyond EOD, truncated [ 237.469659][ T7645] loop4: detected capacity change from 0 to 128 [ 237.775173][ T6492] hsr_slave_0: left promiscuous mode [ 238.080390][ T6492] hsr_slave_1: left promiscuous mode [ 238.083227][ T6492] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 238.135716][ T6492] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 238.278799][ T6492] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 238.278824][ T6492] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 239.158229][ T6492] veth1_macvtap: left promiscuous mode [ 239.178361][ T6492] veth0_macvtap: left promiscuous mode [ 239.178713][ T6492] veth1_vlan: left promiscuous mode [ 239.195386][ T6492] veth0_vlan: left promiscuous mode [ 239.910921][ T5749] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 240.060723][ T5749] usb 5-1: Using ep0 maxpacket: 32 [ 240.068203][ T5749] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 240.068253][ T5749] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 240.068282][ T5749] usb 5-1: New USB device found, idVendor=0eef, idProduct=0001, bcdDevice= 0.00 [ 240.068298][ T5749] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 240.111926][ T5749] usb 5-1: config 0 descriptor?? [ 241.250918][ T38] audit: type=1800 audit(1779363841.635:122): pid=7706 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.614" name="bus" dev="tmpfs" ino=829 res=0 errno=0 [ 241.407348][ T6492] team0 (unregistering): Port device team_slave_1 removed [ 241.602644][ T6492] team0 (unregistering): Port device team_slave_0 removed [ 242.919374][ T5276] 8021q: adding VLAN 0 to HW filter on device eth2 [ 243.447112][ T10] usb 5-1: USB disconnect, device number 5 [ 243.576921][ T38] audit: type=1800 audit(1779363843.965:123): pid=7742 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.630" name="file1" dev="overlay" ino=752 res=0 errno=0 [ 245.103131][ T38] audit: type=1326 audit(1779363845.485:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7763 comm="syz.3.638" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd517dce59 code=0x7ffc0000 [ 245.103182][ T38] audit: type=1326 audit(1779363845.485:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7763 comm="syz.3.638" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd517dce59 code=0x7ffc0000 [ 245.103221][ T38] audit: type=1326 audit(1779363845.485:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7763 comm="syz.3.638" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd517dce59 code=0x7ffc0000 [ 245.103262][ T38] audit: type=1326 audit(1779363845.485:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7763 comm="syz.3.638" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd517dce59 code=0x7ffc0000 [ 245.103302][ T38] audit: type=1326 audit(1779363845.485:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7763 comm="syz.3.638" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7fbd517dce59 code=0x7ffc0000 [ 245.103340][ T38] audit: type=1326 audit(1779363845.485:129): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=7763 comm="syz.3.638" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd517dce59 code=0x7ffc0000 [ 245.103380][ T38] audit: type=1326 audit(1779363845.485:130): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=7763 comm="syz.3.638" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd517dce59 code=0x7ffc0000 [ 245.103421][ T38] audit: type=1326 audit(1779363845.485:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7763 comm="syz.3.638" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd517dce59 code=0x7ffc0000 [ 245.343477][ T7769] loop2: detected capacity change from 0 to 512 [ 246.190183][ T7769] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 246.190300][ T7769] ext4 filesystem being mounted at /131/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 248.143390][ T5612] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 248.228273][ T7799] bridge0: port 3(vlan2) entered blocking state [ 248.228917][ T7799] bridge0: port 3(vlan2) entered disabled state [ 248.229278][ T7799] vlan2: entered allmulticast mode [ 248.257101][ T7799] vlan0: entered allmulticast mode [ 248.257121][ T7799] veth0_vlan: entered allmulticast mode [ 248.345404][ T7799] vlan2: entered promiscuous mode [ 248.345426][ T7799] vlan0: entered promiscuous mode [ 248.425945][ T5276] 8021q: adding VLAN 0 to HW filter on device eth3 [ 249.419827][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 249.439859][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 249.449841][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 249.459848][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 249.469832][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 249.479818][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 249.489829][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 249.499824][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 249.509819][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 249.519932][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 252.989472][ T7258] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 253.312279][ T7258] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 253.336616][ T7843] netlink: 4 bytes leftover after parsing attributes in process `syz.3.657'. [ 254.252547][ T7258] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 254.323996][ T7849] netlink: 12 bytes leftover after parsing attributes in process `syz.3.657'. [ 254.387725][ T7850] netlink: 8 bytes leftover after parsing attributes in process `syz.3.657'. [ 254.527058][ T7258] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 254.853264][ T7258] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 254.908460][ T7258] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 255.000257][ T7868] io-wq is not configured for unbound workers [ 255.081534][ T7258] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 255.488075][ T7258] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 255.573698][ T7884] netlink: 4 bytes leftover after parsing attributes in process `syz.3.667'. [ 255.663660][ T7881] veth0: entered promiscuous mode [ 255.779665][ T1335] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.781661][ T1335] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.986874][ T7884] veth0 (unregistering): left promiscuous mode [ 256.214820][ T7897] netlink: 4 bytes leftover after parsing attributes in process `syz.4.672'. [ 256.327574][ T5276] 8021q: adding VLAN 0 to HW filter on device eth4 [ 256.765305][ T7913] loop5: detected capacity change from 0 to 128 [ 256.767142][ T7913] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 256.817782][ T7913] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 259.085730][ T7953] loop4: detected capacity change from 0 to 128 [ 259.090081][ T7952] binder: 7951:7952 ioctl c0306201 200000000080 returned -14 [ 259.121974][ T7953] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 259.125662][ T7953] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 259.179495][ T7952] binder: 7951:7952 ioctl c0306201 2000000003c0 returned -14 [ 261.113296][ T7258] 8021q: adding VLAN 0 to HW filter on device bond0 [ 261.206974][ T7258] 8021q: adding VLAN 0 to HW filter on device team0 [ 261.354194][ T6492] bridge0: port 1(bridge_slave_0) entered blocking state [ 261.354376][ T6492] bridge0: port 1(bridge_slave_0) entered forwarding state [ 261.532708][ T164] bridge0: port 2(bridge_slave_1) entered blocking state [ 261.532990][ T164] bridge0: port 2(bridge_slave_1) entered forwarding state [ 262.638199][ T7989] loop4: detected capacity change from 0 to 32768 [ 262.667447][ T7989] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 262.766618][ T8000] netlink: 8 bytes leftover after parsing attributes in process `syz.3.695'. [ 262.864614][ T7989] XFS (loop4): Ending clean mount [ 265.381413][ T7258] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 266.402086][ T5614] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 267.034581][ T8062] binder: BINDER_SET_CONTEXT_MGR already set [ 267.034598][ T8062] binder: 8061:8062 ioctl 4018620d 200000004a80 returned -16 [ 267.074737][ T7258] veth0_vlan: entered promiscuous mode [ 267.215446][ T7258] veth1_vlan: entered promiscuous mode [ 267.802287][ T7258] veth0_macvtap: entered promiscuous mode [ 267.923548][ T7258] veth1_macvtap: entered promiscuous mode [ 268.324422][ T8083] loop5: detected capacity change from 0 to 512 [ 268.325753][ T8083] EXT4-fs: Ignoring removed nomblk_io_submit option [ 268.539967][ T8083] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 268.903913][ T8083] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 268.904054][ T8083] ext4 filesystem being mounted at /57/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 269.275533][ T6712] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 269.548408][ T5620] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 269.647321][ T5620] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 269.664737][ T5620] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 269.715080][ T5620] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 269.717760][ T5620] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 270.048295][ T8113] loop3: detected capacity change from 0 to 16 [ 270.205828][ T8113] erofs (device loop3): mounted with root inode @ nid 36. [ 271.049915][ T5944] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 271.237869][ T5944] usb 6-1: config 0 has an invalid interface number: 64 but max is 0 [ 271.237898][ T5944] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 271.237919][ T5944] usb 6-1: config 0 has no interface number 0 [ 271.240915][ T5944] usb 6-1: New USB device found, idVendor=056d, idProduct=0000, bcdDevice=39.00 [ 271.240948][ T5944] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 271.240969][ T5944] usb 6-1: Product: syz [ 271.240984][ T5944] usb 6-1: Manufacturer: syz [ 271.240999][ T5944] usb 6-1: SerialNumber: syz [ 271.320960][ T5944] usb 6-1: config 0 descriptor?? [ 271.777819][ T5944] uvcvideo 6-1:0.64: Found Unit with invalid ID 0 [ 271.777949][ T5944] uvcvideo 6-1:0.64: Found UVC 0.00 device syz (056d:0000) [ 271.777986][ T5944] uvcvideo 6-1:0.64: No valid video chain found. [ 271.850379][ T5944] usb 6-1: USB disconnect, device number 3 [ 271.918308][ T5627] Bluetooth: hci5: command tx timeout [ 273.836023][ T8141] loop4: detected capacity change from 0 to 32768 [ 274.040237][ T5627] Bluetooth: hci5: command tx timeout [ 274.870606][ T8141] read_mapping_page failed! [ 274.870664][ T8141] jfs_mount: diMount(ipaimap) failed w/rc = -5 [ 274.955529][ T8141] Mount JFS Failure: -5 [ 274.955548][ T8141] jfs_mount failed w/return code = -5 [ 275.748990][ T8197] faux_driver vkms: [drm] Unknown color mode 11; guessing buffer size. [ 276.074760][ T5627] Bluetooth: hci5: command tx timeout [ 276.365955][ T8203] loop2: detected capacity change from 0 to 128 [ 276.515995][ T8203] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 276.517072][ T8203] ext4 filesystem being mounted at /159/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 277.378707][ T8208] loop4: detected capacity change from 0 to 512 [ 277.393350][ T8208] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 277.508925][ T8208] EXT4-fs (loop4): 1 truncate cleaned up [ 277.553280][ T8208] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 277.949694][ T5612] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 278.149907][ T5627] Bluetooth: hci5: command tx timeout [ 278.222351][ T5614] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.487712][ T8235] Bluetooth: MGMT ver 1.23 [ 279.078169][ T38] kauditd_printk_skb: 21 callbacks suppressed [ 279.078190][ T38] audit: type=1326 audit(1779363879.455:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8242 comm="syz.3.748" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd517dce59 code=0x7ffc0000 [ 279.078551][ T38] audit: type=1326 audit(1779363879.465:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8242 comm="syz.3.748" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd517dce59 code=0x7ffc0000 [ 279.117028][ T38] audit: type=1326 audit(1779363879.505:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8242 comm="syz.3.748" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd517dce59 code=0x7ffc0000 [ 279.126423][ T38] audit: type=1326 audit(1779363879.515:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8242 comm="syz.3.748" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fbd517dce59 code=0x7ffc0000 [ 279.126548][ T38] audit: type=1326 audit(1779363879.515:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8242 comm="syz.3.748" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd517dce59 code=0x7ffc0000 [ 279.138457][ T38] audit: type=1326 audit(1779363879.525:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8242 comm="syz.3.748" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd517dce59 code=0x7ffc0000 [ 279.138817][ T38] audit: type=1326 audit(1779363879.525:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8242 comm="syz.3.748" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd517dce59 code=0x7ffc0000 [ 279.139423][ T38] audit: type=1326 audit(1779363879.525:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8242 comm="syz.3.748" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd517dce59 code=0x7ffc0000 [ 279.145292][ T38] audit: type=1326 audit(1779363879.525:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8242 comm="syz.3.748" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd517dce59 code=0x7ffc0000 [ 279.150012][ T38] audit: type=1326 audit(1779363879.535:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8242 comm="syz.3.748" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fbd517dce59 code=0x7ffc0000 [ 281.558975][ T8270] netlink: 4 bytes leftover after parsing attributes in process `syz.2.756'. [ 282.303229][ T8283] loop4: detected capacity change from 0 to 1024 [ 282.308751][ T8283] EXT4-fs: Ignoring removed bh option [ 282.663780][ T8283] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 283.100920][ T5614] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 283.780041][ T8311] loop4: detected capacity change from 0 to 256 [ 284.562701][ T8327] loop5: detected capacity change from 0 to 128 [ 284.590473][ T8327] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 285.593384][ T8327] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 287.237893][ T8098] bridge0: port 1(bridge_slave_0) entered blocking state [ 287.238272][ T8098] bridge0: port 1(bridge_slave_0) entered disabled state [ 287.238633][ T8098] bridge_slave_0: entered allmulticast mode [ 287.264051][ T8098] bridge_slave_0: entered promiscuous mode [ 287.291642][ T8098] bridge0: port 2(bridge_slave_1) entered blocking state [ 287.292062][ T8098] bridge0: port 2(bridge_slave_1) entered disabled state [ 287.292800][ T8098] bridge_slave_1: entered allmulticast mode [ 287.418707][ T8098] bridge_slave_1: entered promiscuous mode [ 287.894623][ T8340] bridge0: port 2(bridge_slave_1) entered disabled state [ 287.927343][ T8340] bridge0: port 1(bridge_slave_0) entered disabled state [ 288.568349][ T8098] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 288.821315][ T8355] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 288.821334][ T8355] IPv6: NLM_F_CREATE should be set when creating new route [ 288.895283][ T8098] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 289.053665][ T5750] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 289.483120][ T5832] bridge_slave_1: left allmulticast mode [ 289.483157][ T5832] bridge_slave_1: left promiscuous mode [ 289.483466][ T5832] bridge0: port 2(bridge_slave_1) entered disabled state [ 289.527734][ T5750] hid-generic 0000:0000:0000.0007: hidraw0: HID v0.00 Device [syz1] on syz0 [ 289.862650][ T5832] bridge_slave_0: left allmulticast mode [ 289.862689][ T5832] bridge_slave_0: left promiscuous mode [ 289.862981][ T5832] bridge0: port 1(bridge_slave_0) entered disabled state [ 291.712989][ T5832] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 291.790992][ T5832] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 291.834572][ T5832] bond0 (unregistering): Released all slaves [ 292.031180][ T8374] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 292.076238][ T5276] 8021q: adding VLAN 0 to HW filter on device eth5 [ 292.204344][ T8098] team0: Port device team_slave_0 added [ 292.674237][ T8098] team0: Port device team_slave_1 added [ 292.860386][ T8414] loop5: detected capacity change from 0 to 164 [ 292.878387][ T5832] hsr_slave_0: left promiscuous mode [ 292.919667][ T5832] hsr_slave_1: left promiscuous mode [ 292.921532][ T5832] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 293.026453][ T5832] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 293.298134][ T5832] veth1_macvtap: left promiscuous mode [ 293.298242][ T5832] veth0_macvtap: left promiscuous mode [ 293.329047][ T5832] veth1_vlan: left promiscuous mode [ 293.329276][ T5832] veth0_vlan: left promiscuous mode [ 293.682739][ T4931] Bluetooth: hci1: command 0x0405 tx timeout [ 296.116091][ T8456] loop3: detected capacity change from 0 to 1024 [ 296.198840][ T8456] hfsplus: failed to load extents file [ 296.422632][ T8459] netlink: 27 bytes leftover after parsing attributes in process `syz.4.800'. [ 298.540725][ T8465] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 299.190601][ T8485] loop5: detected capacity change from 0 to 256 [ 299.204872][ T8485] exfat: Deprecated parameter 'utf8' [ 300.321089][ T8485] exFAT-fs (loop5): failed to load upcase table (idx : 0x0001fe89, chksum : 0xbf24f927, utbl_chksum : 0xe619d30d) [ 301.604400][ T5832] team0 (unregistering): Port device team_slave_1 removed [ 302.338131][ T5832] team0 (unregistering): Port device team_slave_0 removed [ 304.488286][ T8098] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 304.488303][ T8098] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 304.488334][ T8098] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 304.748330][ T8098] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 304.748350][ T8098] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 304.748380][ T8098] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 305.873141][ T8098] hsr_slave_0: entered promiscuous mode [ 305.875584][ T8098] hsr_slave_1: entered promiscuous mode [ 309.419558][ T5276] 8021q: adding VLAN 0 to HW filter on device eth6 [ 309.430696][ T8579] syz_tun: entered allmulticast mode [ 309.608416][ T8580] dvmrp8: entered allmulticast mode [ 310.127524][ T8588] loop4: detected capacity change from 0 to 2048 [ 310.157666][ T8588] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 310.535296][ T5750] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 310.710634][ T5750] usb 3-1: Using ep0 maxpacket: 8 [ 310.725423][ T5750] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 310.725457][ T5750] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 310.725483][ T5750] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 310.725508][ T5750] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 310.725554][ T5750] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 310.725579][ T5750] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 311.331792][ T5750] usb 3-1: GET_CAPABILITIES returned 0 [ 311.331844][ T5750] usbtmc 3-1:16.0: can't read capabilities [ 311.869781][ C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 311.909454][ T5750] usb 3-1: USB disconnect, device number 9 [ 312.768386][ T8628] loop4: detected capacity change from 0 to 512 [ 312.803733][ T8628] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 312.937870][ T8628] EXT4-fs error (device loop4): ext4_orphan_get:1423: comm syz.4.846: bad orphan inode 16 [ 312.937904][ T8628] loop4: lost filesystem error report for type 5 error -117 [ 312.962538][ C0] EXT4-fs (loop4): initial error at time 1779363913: ext4_orphan_get:1423 [ 312.962573][ C0] EXT4-fs (loop4): last error at time 1779363913: ext4_orphan_get:1423 [ 312.998316][ T8628] ext4_test_bit(bit=15, block=4) = 0 [ 312.998363][ T8628] EXT4-fs (loop4): 1 orphan inode deleted [ 313.005296][ T8628] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 313.389635][ T8638] loop3: detected capacity change from 0 to 64 [ 315.554369][ T8632] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 315.703521][ T5614] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 317.291724][ T1335] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.291839][ T1335] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.861786][ T8668] ptrace attach of "ci-upstream-linux-next-kasan-gce-root/syz-executor exec"[5612] was attempted by ""[8668] [ 319.515949][ T8676] Bluetooth: MGMT ver 1.23 [ 320.102688][ T8688] loop3: detected capacity change from 0 to 32768 [ 320.124132][ T8688] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.859 (8688) [ 320.164284][ T8688] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 320.164322][ T8688] BTRFS info (device loop3): using sha256 checksum algorithm [ 320.522586][ T8688] BTRFS info (device loop3): rebuilding free space tree [ 320.972610][ T8688] BTRFS info (device loop3): allowing degraded mounts [ 320.972643][ T8688] BTRFS info (device loop3): enabling ssd optimizations [ 320.972662][ T8688] BTRFS info (device loop3): using spread ssd allocation scheme [ 320.972683][ T8688] BTRFS info (device loop3): turning on async discard [ 320.972700][ T8688] BTRFS info (device loop3): enabling free space tree [ 320.972718][ T8688] BTRFS info (device loop3): force clearing of disk cache [ 320.972744][ T8688] BTRFS info (device loop3): enabling auto defrag [ 322.082442][ T8724] smc: net device wlan0 applied user defined pnetid SYZ0 [ 322.093831][ T8098] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 322.664190][ T8098] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 322.678203][ T8098] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 322.911344][ T8735] netlink: 4 bytes leftover after parsing attributes in process `syz.4.867'. [ 323.265212][ T8098] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 323.297369][ T8098] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 323.409653][ T8098] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 323.573723][ T8098] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 323.843310][ T8098] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 323.892667][ T8747] loop2: detected capacity change from 0 to 1024 [ 324.046540][ T8747] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 324.086467][ T8747] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 324.086943][ T8747] EXT4-fs (loop2): orphan cleanup on readonly fs [ 324.091137][ T8747] __quota_error: 48 callbacks suppressed [ 324.091155][ T8747] Quota error (device loop2): v2_read_file_info: Can't read info structure [ 324.091302][ T8747] EXT4-fs warning (device loop2): ext4_enable_quotas:7269: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix. [ 324.091328][ T8747] EXT4-fs (loop2): Cannot turn on quotas: error -5 [ 324.774651][ T8747] EXT4-fs (loop2): 1 truncate cleaned up [ 324.896627][ T8747] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 325.082291][ T8098] 8021q: adding VLAN 0 to HW filter on device bond0 [ 325.172173][ T5633] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 325.416823][ T5633] usb 3-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00 [ 325.416858][ T5633] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 325.416881][ T5633] usb 3-1: Product: syz [ 325.416897][ T5633] usb 3-1: Manufacturer: syz [ 325.416912][ T5633] usb 3-1: SerialNumber: syz [ 326.885496][ T8098] 8021q: adding VLAN 0 to HW filter on device team0 [ 327.335475][ T8777] EXT4-fs error (device loop2): ext4_search_dir:1474: inode #2: block 16: comm syz.2.871: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 327.586991][ T8779] EXT4-fs error (device loop2): ext4_search_dir:1474: inode #2: block 16: comm syz.2.871: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 328.005820][ T5615] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 328.056649][ T6487] BTRFS info (device loop3): qgroup scan completed (inconsistency flag cleared) [ 328.285391][ T5633] rtl8150 3-1:1.0: eth5: rtl8150 is detected [ 328.288634][ T44] bridge0: port 1(bridge_slave_0) entered blocking state [ 328.288810][ T44] bridge0: port 1(bridge_slave_0) entered forwarding state [ 328.398110][ T5633] usb 3-1: USB disconnect, device number 10 [ 329.658064][ T5612] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 330.057923][ T4931] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 330.176760][ T4931] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 330.192378][ T4931] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 330.224477][ T4931] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 330.240581][ T4931] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 332.375534][ T8824] loop4: detected capacity change from 0 to 1764 [ 332.473020][ T4931] Bluetooth: hci3: command tx timeout [ 334.634040][ T4931] Bluetooth: hci3: command tx timeout [ 336.908141][ T4931] Bluetooth: hci3: command tx timeout [ 338.950068][ T4931] Bluetooth: hci3: command tx timeout [ 339.085519][ T8888] netlink: 'syz.3.898': attribute type 12 has an invalid length. [ 348.832904][ T8951] loop4: detected capacity change from 0 to 1024 [ 348.837489][ T8951] EXT4-fs: Ignoring removed mblk_io_submit option [ 348.864202][ T8951] EXT4-fs (loop4): bad geometry: bigalloc file system with non-zero first_data_block [ 348.864202][ T8951] [ 352.701344][ T8977] loop4: detected capacity change from 0 to 512 [ 352.706956][ T8977] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 352.710623][ T8977] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 352.710762][ T8977] System zones: 1-12 [ 352.808910][ T8977] EXT4-fs (loop4): 1 truncate cleaned up [ 352.855876][ T8977] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 353.104962][ T8982] loop2: detected capacity change from 0 to 512 [ 353.121520][ T8982] EXT4-fs (loop2): external journal device major/minor numbers have changed [ 353.121977][ T8982] EXT4-fs (loop2): couldn't read superblock of external journal [ 354.403753][ T5614] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 354.610343][ T8992] loop2: detected capacity change from 0 to 512 [ 354.628924][ T8992] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 354.716528][ T8992] EXT4-fs error (device loop2): ext4_orphan_get:1423: comm syz.2.913: bad orphan inode 131083 [ 354.716561][ T8992] loop2: lost filesystem error report for type 5 error -117 [ 354.723189][ C0] EXT4-fs (loop2): error count since last fsck: 1 [ 354.723212][ C0] EXT4-fs (loop2): initial error at time 1779363955: ext4_orphan_get:1423 [ 354.723232][ C0] EXT4-fs (loop2): last error at time 1779363955: ext4_orphan_get:1423 [ 354.823932][ T8992] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 354.987134][ T38] audit: type=1326 audit(1779363955.375:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9000 comm="syz.5.938" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07c12cce59 code=0x7ffc0000 [ 354.999808][ T38] audit: type=1326 audit(1779363955.375:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9000 comm="syz.5.938" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07c12cce59 code=0x7ffc0000 [ 354.999873][ T38] audit: type=1326 audit(1779363955.375:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9000 comm="syz.5.938" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f07c12cce59 code=0x7ffc0000 [ 355.000165][ T38] audit: type=1326 audit(1779363955.395:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9000 comm="syz.5.938" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07c12cce59 code=0x7ffc0000 [ 355.002431][ T38] audit: type=1326 audit(1779363955.395:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9000 comm="syz.5.938" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07c12cce59 code=0x7ffc0000 [ 355.002510][ T38] audit: type=1326 audit(1779363955.395:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9000 comm="syz.5.938" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07c12cce59 code=0x7ffc0000 [ 355.003348][ T38] audit: type=1326 audit(1779363955.395:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9000 comm="syz.5.938" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07c12cce59 code=0x7ffc0000 [ 355.003402][ T38] audit: type=1326 audit(1779363955.395:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9000 comm="syz.5.938" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07c12cce59 code=0x7ffc0000 [ 355.005637][ T38] audit: type=1326 audit(1779363955.395:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9000 comm="syz.5.938" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f07c12cce59 code=0x7ffc0000 [ 355.005693][ T38] audit: type=1326 audit(1779363955.395:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9000 comm="syz.5.938" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07c12cce59 code=0x7ffc0000 [ 356.608594][ T9008] ================================================================== [ 356.608615][ T9008] BUG: KASAN: slab-use-after-free in reverse_path_check_proc+0x5b/0x240 [ 356.608651][ T9008] Read of size 8 at addr ffff88803eec02c0 by task syz.4.927/9008 [ 356.608670][ T9008] [ 356.608696][ T9008] CPU: 0 UID: 0 PID: 9008 Comm: syz.4.927 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 356.608728][ T9008] Tainted: [L]=SOFTLOCKUP [ 356.608736][ T9008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 356.608760][ T9008] Call Trace: [ 356.608768][ T9008] [ 356.608782][ T9008] dump_stack_lvl+0xe8/0x150 [ 356.608814][ T9008] print_address_description+0x55/0x1e0 [ 356.608844][ T9008] ? reverse_path_check_proc+0x5b/0x240 [ 356.608868][ T9008] print_report+0x58/0x70 [ 356.608894][ T9008] kasan_report+0x117/0x150 [ 356.608917][ T9008] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 356.608944][ T9008] ? reverse_path_check_proc+0x5b/0x240 [ 356.608971][ T9008] ? ep_insert+0xbbb/0x1820 [ 356.608991][ T9008] reverse_path_check_proc+0x5b/0x240 [ 356.609019][ T9008] ? ep_insert+0xbbb/0x1820 [ 356.609039][ T9008] ep_insert+0xc6c/0x1820 [ 356.609067][ T9008] ? __pfx_ep_insert+0x10/0x10 [ 356.609092][ T9008] ? lockdep_hardirqs_on+0x7a/0x110 [ 356.609117][ T9008] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 356.609142][ T9008] ? mutex_lock_nested+0x152/0x1d0 [ 356.609172][ T9008] ? do_epoll_ctl_file+0xc69/0xed0 [ 356.609208][ T9008] do_epoll_ctl_file+0x8bb/0xed0 [ 356.609245][ T9008] ? do_epoll_ctl_file+0xac3/0xed0 [ 356.609281][ T9008] ? __pfx_do_epoll_ctl_file+0x10/0x10 [ 356.609331][ T9008] ? __fget_files+0x3a6/0x420 [ 356.609363][ T9008] ? __fget_files+0x2a/0x420 [ 356.609399][ T9008] __se_sys_epoll_ctl+0x14e/0x210 [ 356.609422][ T9008] ? __pfx___se_sys_epoll_ctl+0x10/0x10 [ 356.609449][ T9008] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.609473][ T9008] do_syscall_64+0x15f/0x560 [ 356.609499][ T9008] ? trace_irq_disable+0x3b/0x140 [ 356.609522][ T9008] ? clear_bhb_loop+0x40/0x90 [ 356.609547][ T9008] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.609571][ T9008] RIP: 0033:0x7fc9713ace59 [ 356.609600][ T9008] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 356.609620][ T9008] RSP: 002b:00007fc96f1a1028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 356.609645][ T9008] RAX: ffffffffffffffda RBX: 00007fc971626270 RCX: 00007fc9713ace59 [ 356.609663][ T9008] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000006 [ 356.609677][ T9008] RBP: 00007fc971442d6f R08: 0000000000000000 R09: 0000000000000000 [ 356.609692][ T9008] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 356.609711][ T9008] R13: 00007fc971626308 R14: 00007fc971626270 R15: 00007ffcaef00b58 [ 356.609736][ T9008] [ 356.609745][ T9008] [ 356.609750][ T9008] Allocated by task 9005: [ 356.609760][ T9008] kasan_save_track+0x3e/0x80 [ 356.609793][ T9008] __kasan_slab_alloc+0x6c/0x80 [ 356.609813][ T9008] kmem_cache_alloc_noprof+0x33b/0x680 [ 356.609832][ T9008] ep_insert+0x512/0x1820 [ 356.609848][ T9008] do_epoll_ctl_file+0x8bb/0xed0 [ 356.609881][ T9008] __se_sys_epoll_ctl+0x14e/0x210 [ 356.609900][ T9008] do_syscall_64+0x15f/0x560 [ 356.609924][ T9008] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.609945][ T9008] [ 356.609950][ T9008] Freed by task 9005: [ 356.609960][ T9008] kasan_save_track+0x3e/0x80 [ 356.609990][ T9008] kasan_save_free_info+0x46/0x50 [ 356.610017][ T9008] __kasan_slab_free+0x5c/0x80 [ 356.610035][ T9008] kmem_cache_free+0x187/0x6c0 [ 356.610056][ T9008] eventpoll_release_file+0xc2/0x240 [ 356.610088][ T9008] __fput+0x83c/0xa70 [ 356.610114][ T9008] task_work_run+0x1d9/0x270 [ 356.610141][ T9008] get_signal+0x11eb/0x1330 [ 356.610171][ T9008] arch_do_signal_or_restart+0xbc/0x840 [ 356.610195][ T9008] exit_to_user_mode_loop+0x8c/0x4d0 [ 356.610217][ T9008] do_syscall_64+0x33e/0x560 [ 356.610239][ T9008] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.610260][ T9008] [ 356.610265][ T9008] The buggy address belongs to the object at ffff88803eec02c0 [ 356.610265][ T9008] which belongs to the cache ep_head of size 16 [ 356.610284][ T9008] The buggy address is located 0 bytes inside of [ 356.610284][ T9008] freed 16-byte region [ffff88803eec02c0, ffff88803eec02d0) [ 356.610315][ T9008] [ 356.610321][ T9008] The buggy address belongs to the physical page: [ 356.610345][ T9008] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88803eec05a0 pfn:0x3eec0 [ 356.610371][ T9008] memcg:ffff888065e4a001 [ 356.610382][ T9008] flags: 0x80000000000200(workingset|node=0|zone=1) [ 356.610406][ T9008] page_type: f5(slab) [ 356.610426][ T9008] raw: 0080000000000200 ffff88801feb3dc0 ffffea0000ec5c10 ffff88801fea7f88 [ 356.610447][ T9008] raw: ffff88803eec05a0 0000000800800063 00000000f5000000 ffff888065e4a001 [ 356.610459][ T9008] page dumped because: kasan: bad access detected [ 356.610470][ T9008] page_owner tracks the page as allocated [ 356.610478][ T9008] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd2cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4988, tgid 4988 (udevd), ts 48152832887, free_ts 48091124600 [ 356.610518][ T9008] post_alloc_hook+0x1f9/0x250 [ 356.610550][ T9008] get_page_from_freelist+0x265c/0x26e0 [ 356.610575][ T9008] __alloc_frozen_pages_noprof+0x18d/0x380 [ 356.610598][ T9008] allocate_slab+0x74/0x5e0 [ 356.610625][ T9008] refill_objects+0x33c/0x3d0 [ 356.610650][ T9008] __pcs_replace_empty_main+0x373/0x720 [ 356.610679][ T9008] kmem_cache_alloc_noprof+0x433/0x680 [ 356.610698][ T9008] ep_insert+0x512/0x1820 [ 356.610715][ T9008] do_epoll_ctl_file+0x8bb/0xed0 [ 356.610746][ T9008] __se_sys_epoll_ctl+0x14e/0x210 [ 356.610764][ T9008] do_syscall_64+0x15f/0x560 [ 356.610787][ T9008] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.610808][ T9008] page last free pid 29 tgid 29 stack trace: [ 356.610820][ T9008] __free_frozen_pages+0x10af/0x1190 [ 356.610840][ T9008] tlb_remove_table_rcu+0x85/0x100 [ 356.610864][ T9008] rcu_cpu_kthread+0x99e/0x1470 [ 356.610888][ T9008] smpboot_thread_fn+0x541/0xa50 [ 356.610907][ T9008] kthread+0x389/0x470 [ 356.610928][ T9008] ret_from_fork+0x514/0xb70 [ 356.610953][ T9008] ret_from_fork_asm+0x1a/0x30 [ 356.610982][ T9008] [ 356.610987][ T9008] Memory state around the buggy address: [ 356.611000][ T9008] ffff88803eec0180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 356.611015][ T9008] ffff88803eec0200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 356.611030][ T9008] >ffff88803eec0280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 356.611042][ T9008] ^ [ 356.611054][ T9008] ffff88803eec0300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 356.611069][ T9008] ffff88803eec0380: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 356.611081][ T9008] ================================================================== [ 356.623900][ T9008] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 356.623950][ T9008] CPU: 0 UID: 0 PID: 9008 Comm: syz.4.927 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 356.623983][ T9008] Tainted: [L]=SOFTLOCKUP [ 356.623991][ T9008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 356.624006][ T9008] Call Trace: [ 356.624014][ T9008] [ 356.624024][ T9008] vpanic+0x56c/0xa60 [ 356.624061][ T9008] ? __pfx_vpanic+0x10/0x10 [ 356.624099][ T9008] panic+0xc5/0xd0 [ 356.624128][ T9008] ? __pfx_panic+0x10/0x10 [ 356.624159][ T9008] ? preempt_schedule_thunk+0x16/0x40 [ 356.624185][ T9008] ? preempt_schedule_thunk+0x16/0x40 [ 356.624210][ T9008] ? reverse_path_check_proc+0x5b/0x240 [ 356.624235][ T9008] check_panic_on_warn+0x89/0xb0 [ 356.624263][ T9008] ? reverse_path_check_proc+0x5b/0x240 [ 356.624287][ T9008] end_report+0x73/0x170 [ 356.624320][ T9008] ? reverse_path_check_proc+0x5b/0x240 [ 356.624344][ T9008] kasan_report+0x128/0x150 [ 356.624366][ T9008] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 356.624393][ T9008] ? reverse_path_check_proc+0x5b/0x240 [ 356.624420][ T9008] ? ep_insert+0xbbb/0x1820 [ 356.624440][ T9008] reverse_path_check_proc+0x5b/0x240 [ 356.624468][ T9008] ? ep_insert+0xbbb/0x1820 [ 356.624487][ T9008] ep_insert+0xc6c/0x1820 [ 356.624515][ T9008] ? __pfx_ep_insert+0x10/0x10 [ 356.624541][ T9008] ? lockdep_hardirqs_on+0x7a/0x110 [ 356.624565][ T9008] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 356.624590][ T9008] ? mutex_lock_nested+0x152/0x1d0 [ 356.624619][ T9008] ? do_epoll_ctl_file+0xc69/0xed0 [ 356.624655][ T9008] do_epoll_ctl_file+0x8bb/0xed0 [ 356.624690][ T9008] ? do_epoll_ctl_file+0xac3/0xed0 [ 356.624728][ T9008] ? __pfx_do_epoll_ctl_file+0x10/0x10 [ 356.624765][ T9008] ? __fget_files+0x3a6/0x420 [ 356.624795][ T9008] ? __fget_files+0x2a/0x420 [ 356.624832][ T9008] __se_sys_epoll_ctl+0x14e/0x210 [ 356.624855][ T9008] ? __pfx___se_sys_epoll_ctl+0x10/0x10 [ 356.624882][ T9008] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.624906][ T9008] do_syscall_64+0x15f/0x560 [ 356.624931][ T9008] ? trace_irq_disable+0x3b/0x140 [ 356.624954][ T9008] ? clear_bhb_loop+0x40/0x90 [ 356.624979][ T9008] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.625002][ T9008] RIP: 0033:0x7fc9713ace59 [ 356.625023][ T9008] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 356.625043][ T9008] RSP: 002b:00007fc96f1a1028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 356.625068][ T9008] RAX: ffffffffffffffda RBX: 00007fc971626270 RCX: 00007fc9713ace59 [ 356.625085][ T9008] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000006 [ 356.625098][ T9008] RBP: 00007fc971442d6f R08: 0000000000000000 R09: 0000000000000000 [ 356.625114][ T9008] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 356.625129][ T9008] R13: 00007fc971626308 R14: 00007fc971626270 R15: 00007ffcaef00b58 [ 356.625155][ T9008] [ 356.625776][ T9008] Kernel Offset: disabled