last executing test programs: 1m6.871837968s ago: executing program 3 (id=326): ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x82, 0x4, 0x0, 0x717e387b, 0x40, "1ae34e06a6ffffff7f0000000040794233a5bd", 0x4, 0x2}) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15) ioctl$TCSETS(r0, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3eccd8000000000000000010000000040100"}) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140)=0xff) 1m4.656158616s ago: executing program 3 (id=338): syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x4}, &(0x7f0000000140)=0x0, &(0x7f0000000280)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000080)=0x200, 0x0, 0x4) r1 = syz_io_uring_setup(0x234, &(0x7f0000000580)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r2, r3, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0}) io_uring_enter(r1, 0x207a98, 0x0, 0x0, 0x0, 0x0) 1m4.270031903s ago: executing program 3 (id=342): r0 = socket$kcm(0x10, 0x400000002, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r1}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0x3b, &(0x7f0000000080)=ANY=[@ANYBLOB="180200000000000000000000000000008500000011"], 0x0, 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x206d}, 0x94) write$cgroup_subtree(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="33fe0000240013"], 0xfe33) 1m4.217011716s ago: executing program 0 (id=343): r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000780), 0x2, 0x0) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000000)=0x200000000) write$vhost_msg_v2(r0, &(0x7f0000000400)={0x2, 0x0, {&(0x7f0000000100)=""/28, 0x1c, 0x0, 0x2, 0x2}}, 0x48) write$vhost_msg_v2(r0, &(0x7f00000004c0)={0x2, 0x0, {&(0x7f00000007c0)=""/185, 0xb9, 0x0, 0x3, 0x2}}, 0x48) write$vhost_msg_v2(r0, &(0x7f0000000180)={0x2, 0x0, {&(0x7f0000000280)=""/184, 0x2562bac182d8b35a, 0x0, 0x2, 0x3}}, 0x48) 1m3.855341367s ago: executing program 0 (id=346): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x1}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='contention_end\x00', r1}, 0x18) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000003c0)={0x0, 0x0, 0x0, 'queue0\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r0, 0xc08c5336, &(0x7f00000000c0)={0x0, 0x0, 0x0, 'queue0\x00'}) 1m3.76897328s ago: executing program 3 (id=347): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4006, &(0x7f0000000140)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@quota}, {@resuid}, {@acl}, {@norecovery}, {@dioread_nolock}, {@nodioread_nolock}, {@stripe={'stripe', 0x3d, 0x1000}}]}, 0x1, 0x450, &(0x7f0000000440)="$eJzs28tvG0UYAPBv13FKX8RU5dEHECiIikfSpKX0wAUEEgeQkOBQjiFJq1K3QU2QaFVBQagcUSXuiCMSfwEnuCDghMQVOKNKFeqlhZPR2ruN49puktp1iX8/aduZ3bFnPs+OPbuTDWBojWf/JBHbIuL3iBhrZFcWGG/8d/3q+dl/rp6fTaJWe+vvpF7u2tXzs0XR4nVbi8xIRPpZEnva1Lt49tzJmWp1/kyen1w69f7k4tlzz504NXN8/vj86ekjRw4dnHrh8PTzPYkzi+va7o8W9u567Z1Lb8wevfTuz98mRfwtcfTIeLeDT9ZqPa5usLY3pZORATaENSk1hmmU6+N/LEqx3Hlj8eqnA20c0Fe1Wq32QOfDF2rABpbEoFsADEbxQ59d/xbbHZp63BWuvNS4AMrivp5vjSMjkeZlyi3Xt700HhFHL/z7VbZF632IzX2qFAAYat9n859n283/0mi+L3RvvoZSiYj7ImJHRByOiJ0RcX9EveyDEfHQGutvXSS5ef6ZXl5XYKuUzf9ezNe2Vs7/itlfVEp5bns9/nJy7ER1/kD+meyP8qYsP9Wljh9e+e2LTsea53/ZltVfzAXzdlwe2bTyNXMzSzO3E3OzK59E7B5pF39yYyUgiYhdEbF7nXWcePqbvZ2OdYh/dFVv3IN1ptrXEU81+v9CtMRfSLqvT07eE9X5A5PFWXGzX369+Gan+m/d//2V9f+Wtud/Ef+flaR5vXZx7XVc/OPzjteU6z3/R5O3V+z7cGZp6cxUxGjyej1fad4/3VJuerl8Fv/+fe3H/45Y/iT2RER2Ej8cEY9ExKN52x+LiMcjYl+X+H96+Yn31h9/f2Xxz3Xt/2jp/+XEaLTuaZ8onfzxuxWVVtYSf9b/h+qp/fme1Xz/raZd6zubAQAA4P8njYhtkaQTN9JpOjHR+Bv+nbElrS4sLj1zbOGD03ONZwQqUU6LO11jTfdDp/LL+iI/3ZI/mN83/rK0uZ6fmF2ozg06eBhyWzuM/8xfpUG3Dug7z2vB8DL+YXgZ/zC8jH8YXm3Gv0fPYEi0+/3/eADtAO68lvHfddnPxAA2Ftf/MLyMfxhexj8MpcXNceuH5G8nkX239Oed15pII+IuaMZGSUR6VzTjRqKsc2+/T5v2DPqbCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDf+CwAA//+rk+J+") syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xa000, 0x0) getdents64(r0, &(0x7f00000009c0)=""/4096, 0x1000) 1m3.386495912s ago: executing program 0 (id=348): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f00000010c0)={0x100000011, @multicast2, 0x0, 0x0, 'wlc\x00', 0x0, 0x2, 0x29}, 0x2c) 1m2.736023549s ago: executing program 0 (id=351): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000140), 0x1, 0x4fa, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000100)='./file1\x00', 0x0, 0x5000, 0x0) r0 = open(&(0x7f0000000140)='./file1\x00', 0x100, 0x110) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cb19976d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc10700", "64885973ff030000000000000000d01cd3160000ffffff7f0000000000002000", [0x200]}) openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x478103, 0x60) 1m2.645076073s ago: executing program 3 (id=352): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100009c323f08a5040330b244010203010902120001000200000904"], 0x0) syz_usb_control_io(r0, &(0x7f0000002000)={0x2c, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0003160000000403"], 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) 1m1.439730374s ago: executing program 0 (id=357): r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="4c000000100039042abd70000000000000000000", @ANYRES32=r2, @ANYBLOB="01180200031100002c0012800e00010069703665727370616e0000001800028008001500a8bc0d00040012"], 0x4c}}, 0x0) sendto$packet(r0, &(0x7f0000000480)="7eeb99b6f78c67515ea2f0d01d76", 0xac, 0x94, &(0x7f0000000140)={0x11, 0x86dd, r2, 0x1, 0x6, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14) 1m0.616834872s ago: executing program 0 (id=359): syz_mount_image$squashfs(&(0x7f00000006c0), &(0x7f0000000000)='./file1\x00', 0x2, &(0x7f0000000200)=ANY=[@ANYRES16=0x0, @ANYRESDEC, @ANYRES32=0x0, @ANYRESDEC, @ANYRES32, @ANYBLOB="dcc8ad280f69885adcb46c670434316bc87742658717314ddbc69462dec7461fce60a3226e7018975412fe14095fe40c6146bf83577d4d6cdf6d7fa327dfdedd12f1b4beffefe0c7ba9f7d2bedc99c0f8f5c3d237ded60", @ANYRES32, @ANYRESDEC, @ANYRES32], 0x1, 0x1ef, &(0x7f0000000b80)="$eJzslU1rE0EYx3+zO0kazaFnTwWL7UXbbEE8erMfwA9gSNda3PjSDWhCweilFw/ilyj4KTwIevcgInipBwU9VDxVJDI7z4wTEoiVRCjsH8LzPP95XrPzciu/n9eAX0d7bRYpoGjwQSk0sKIsd1y18rvIoeCztnZT+BciP4nMe/23T63av93KsnQ3701RlIJpPtkQq0h5Rp30hGLOc2rqN09GGcVE5wj4q3lmophqY0vd2I40HvVshKlN8pFY/kPz/64snWDf2Emt8qMxuiW+zLqxCvOeHTzzszH9M71/bj/nRJ9YwutjJ2XOSm/WCaMTReXI9ZVfexzxrTDeHe21jXJDbjHDbdmfOxKFjzFeBT7nNAxAxQx9Hg1XjbECrHU799byXv/iTqe1nW6nd5Jk4/L667NyRIePYCdL11XQhjnUuHsJMOe0HqxXgI9/1gcEUEFrBmdAVbG9uRB3Oa+eDwLrEAWxYQ6b96WvXxMupsN1LrAAPBioJUiw/9YyJpvmphltE0UsRlMHfcIxEQvFwqX23WxrH4VyYQdon6N5SMUbCdYwhdKNK378fZHLIjdFHog8FOneLvcm6SLDV7FWB1DlYavb3S0eL6t5LvFcsugrR1LVvYbKdVKjRIkSJUqUKFHilOB3AAAA//9pS0H2") r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000001, 0x10012, r0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(0xffffffffffffffff, 0x4008af23, 0x0) mount_setattr(0xffffffffffffff9c, 0x0, 0x8000, &(0x7f0000000200)={0x7, 0x0, 0x80000}, 0x20) 58.762584596s ago: executing program 32 (id=359): syz_mount_image$squashfs(&(0x7f00000006c0), &(0x7f0000000000)='./file1\x00', 0x2, &(0x7f0000000200)=ANY=[@ANYRES16=0x0, @ANYRESDEC, @ANYRES32=0x0, @ANYRESDEC, @ANYRES32, @ANYBLOB="dcc8ad280f69885adcb46c670434316bc87742658717314ddbc69462dec7461fce60a3226e7018975412fe14095fe40c6146bf83577d4d6cdf6d7fa327dfdedd12f1b4beffefe0c7ba9f7d2bedc99c0f8f5c3d237ded60", @ANYRES32, @ANYRESDEC, @ANYRES32], 0x1, 0x1ef, &(0x7f0000000b80)="$eJzslU1rE0EYx3+zO0kazaFnTwWL7UXbbEE8erMfwA9gSNda3PjSDWhCweilFw/ilyj4KTwIevcgInipBwU9VDxVJDI7z4wTEoiVRCjsH8LzPP95XrPzciu/n9eAX0d7bRYpoGjwQSk0sKIsd1y18rvIoeCztnZT+BciP4nMe/23T63av93KsnQ3701RlIJpPtkQq0h5Rp30hGLOc2rqN09GGcVE5wj4q3lmophqY0vd2I40HvVshKlN8pFY/kPz/64snWDf2Emt8qMxuiW+zLqxCvOeHTzzszH9M71/bj/nRJ9YwutjJ2XOSm/WCaMTReXI9ZVfexzxrTDeHe21jXJDbjHDbdmfOxKFjzFeBT7nNAxAxQx9Hg1XjbECrHU799byXv/iTqe1nW6nd5Jk4/L667NyRIePYCdL11XQhjnUuHsJMOe0HqxXgI9/1gcEUEFrBmdAVbG9uRB3Oa+eDwLrEAWxYQ6b96WvXxMupsN1LrAAPBioJUiw/9YyJpvmphltE0UsRlMHfcIxEQvFwqX23WxrH4VyYQdon6N5SMUbCdYwhdKNK378fZHLIjdFHog8FOneLvcm6SLDV7FWB1DlYavb3S0eL6t5LvFcsugrR1LVvYbKdVKjRIkSJUqUKFHilOB3AAAA//9pS0H2") r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000001, 0x10012, r0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(0xffffffffffffffff, 0x4008af23, 0x0) mount_setattr(0xffffffffffffff9c, 0x0, 0x8000, &(0x7f0000000200)={0x7, 0x0, 0x80000}, 0x20) 58.553344218s ago: executing program 3 (id=365): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) r1 = syz_open_dev$vbi(&(0x7f00000001c0), 0x1, 0x2) r2 = fcntl$dupfd(r1, 0x0, r1) write$binfmt_script(r2, &(0x7f0000000100), 0xfffffd9d) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') close_range(r0, 0xffffffffffffffff, 0x200000000000000) 56.642363364s ago: executing program 33 (id=365): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) r1 = syz_open_dev$vbi(&(0x7f00000001c0), 0x1, 0x2) r2 = fcntl$dupfd(r1, 0x0, r1) write$binfmt_script(r2, &(0x7f0000000100), 0xfffffd9d) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') close_range(r0, 0xffffffffffffffff, 0x200000000000000) 53.03753923s ago: executing program 2 (id=378): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x8, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=0x0]) mount(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000280)='autofs\x00', 0x201000c, &(0x7f0000000040)) r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r0, 0x9362, 0x0) ioctl$AUTOFS_IOC_FAIL(r0, 0x9361, 0x8) 52.252312961s ago: executing program 2 (id=382): r0 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x8000) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040)) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0) r2 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65) r3 = dup2(r2, r1) write$FUSE_INIT(r3, &(0x7f0000000080)={0x50, 0x0, 0x0, {0x7, 0x2b, 0x3, 0x10002000, 0x707, 0x1, 0x2, 0x6, 0x0, 0x0, 0x4, 0x3ff}}, 0x50) 51.474853776s ago: executing program 2 (id=384): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), r0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000400)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000580)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002cbd7000fbdbdf252100000008000300", @ANYRES32=r3, @ANYBLOB="1c002d800500040001000000060002"], 0x38}, 0x1, 0x0, 0x0, 0x480c4}, 0x10) 50.913893434s ago: executing program 2 (id=387): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4006, &(0x7f0000000140)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@block_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@quota}, {@resuid}, {@acl}, {@norecovery}, {@dioread_nolock}, {@nodioread_nolock}, {@stripe={'stripe', 0x3d, 0x1000}}]}, 0x1, 0x450, &(0x7f0000000440)="$eJzs28tvG0UYAPBv13FKX8RU5dEHECiIikfSpKX0wAUEEgeQkOBQjiFJq1K3QU2QaFVBQagcUSXuiCMSfwEnuCDghMQVOKNKFeqlhZPR2ruN49puktp1iX8/aduZ3bFnPs+OPbuTDWBojWf/JBHbIuL3iBhrZFcWGG/8d/3q+dl/rp6fTaJWe+vvpF7u2tXzs0XR4nVbi8xIRPpZEnva1Lt49tzJmWp1/kyen1w69f7k4tlzz504NXN8/vj86ekjRw4dnHrh8PTzPYkzi+va7o8W9u567Z1Lb8wevfTuz98mRfwtcfTIeLeDT9ZqPa5usLY3pZORATaENSk1hmmU6+N/LEqx3Hlj8eqnA20c0Fe1Wq32QOfDF2rABpbEoFsADEbxQ59d/xbbHZp63BWuvNS4AMrivp5vjSMjkeZlyi3Xt700HhFHL/z7VbZF632IzX2qFAAYat9n859n283/0mi+L3RvvoZSiYj7ImJHRByOiJ0RcX9EveyDEfHQGutvXSS5ef6ZXl5XYKuUzf9ezNe2Vs7/itlfVEp5bns9/nJy7ER1/kD+meyP8qYsP9Wljh9e+e2LTsea53/ZltVfzAXzdlwe2bTyNXMzSzO3E3OzK59E7B5pF39yYyUgiYhdEbF7nXWcePqbvZ2OdYh/dFVv3IN1ptrXEU81+v9CtMRfSLqvT07eE9X5A5PFWXGzX369+Gan+m/d//2V9f+Wtud/Ef+flaR5vXZx7XVc/OPzjteU6z3/R5O3V+z7cGZp6cxUxGjyej1fad4/3VJuerl8Fv/+fe3H/45Y/iT2RER2Ej8cEY9ExKN52x+LiMcjYl+X+H96+Yn31h9/f2Xxz3Xt/2jp/+XEaLTuaZ8onfzxuxWVVtYSf9b/h+qp/fme1Xz/raZd6zubAQAA4P8njYhtkaQTN9JpOjHR+Bv+nbElrS4sLj1zbOGD03ONZwQqUU6LO11jTfdDp/LL+iI/3ZI/mN83/rK0uZ6fmF2ozg06eBhyWzuM/8xfpUG3Dug7z2vB8DL+YXgZ/zC8jH8YXm3Gv0fPYEi0+/3/eADtAO68lvHfddnPxAA2Ftf/MLyMfxhexj8MpcXNceuH5G8nkX239Oed15pII+IuaMZGSUR6VzTjRqKsc2+/T5v2DPqbCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDf+CwAA//+rk+J+") syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xa000, 0x0) getdents64(r0, &(0x7f00000009c0)=""/4096, 0x1000) 49.828165124s ago: executing program 2 (id=390): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = eventfd2(0x3, 0x1) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000240)={r2, 0x7ff, 0x2, r2}) close_range(r1, r1, 0x0) 45.892956066s ago: executing program 2 (id=397): syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0006, &(0x7f0000000600)={[{@usrjquota}, {@minixdf}, {@init_itable}, {@noload}, {@data_err_ignore}, {@usrjquota}]}, 0xfe, 0x444, &(0x7f0000000980)="$eJzs3MtvG8UfAPDv2nHS5y/5lfJoaCFQEBGPpEkf9MAFBBIHkJC4FHEKSVqFpg1qgkSrCAKHcESVuCOOSPwFnOCCgBMSV7ijShXKpYWT0dq7qZvYaZw4del+PtLGM96xZr67O/bsjJ0ACmso/ZNE7IuI3yOiv569vcBQ/eHmyuLk3yuLk0lUq2//ldTK3VhZnMyL5q/bW89Uq1m+r0m9y+9GTMzOTl/K8qMLFz4Ynb985YWZCxPnps9NXxw/ffrE8SO9p8ZPdiTONK4bgx/PHT70+jtX35w8c/W9n79N27sv298YR6cM1Y9uU09XOl1bd+1vSCc9XWwIbSlHRHq6KrX+3x/l2L26rz9e+6yrjQN2VLVarTb7fM4sVYH7WBLdbgHQHfkHfXr/m293aehxT7j+cv0GKI37ZrbV9/REKStTWXN/20lDEXFm6Z+v0i12aB4CAKDR9+n45/lm479SPNRQ7n/ZGspARPw/Ig5ExAMRcTAiHoyolX04Ih5ps/61KyTrxz+la1sKbJPS8d9L2drW7eO/fPQXA+Ust78WfyU5OzM7fSw7JsNR6UvzYxvU8cOrv33Ral/j+C/d0vrzsWDWjms9aybopiYWJrYTc6Prn0YM9jSLP4l8GSeJiEMRMbjFOmae/eZwq313jn8DHVhnqn4d8Uz9/C/FmvhzScv1ybEXT42fHN0Vs9PHRvOrYr1ffl1+q1X924q/A9Lzv6fp9b8a/0CyK2L+8pXztfXa+fbrWP7j85b3NFu7/mdWG9ebPX40sbBwaSyiN3lj/fPjt16b5/PyafzDR5v3/wNx60g8GhHpRXwkIh6LiMeztj8REU9GxNEN4v/plafebz/+DWblOyiNf+pO5z8az3/7ifL5H79rP/5cev5P1FLD2TObef/bbAO3c+wAAADgv6JU+w58UhpZTZdKIyP17/AfjD1LMTe/8NzZuQ8vTtW/Kz8QlVI+09XfMB86ls0N5/nxNfnj2bzxl+XdtfzI5NzsVLeDh4Lb26L/p/4sd7t1wI7zey0oLv0fikv/h+LS/6G49H8ormb9/5MutAO4+3z+Q3Hp/1Bc+j8Ul/4PhdTyt/Glbf3kf7uJpBuVSrSTiNI90Yz7P9Gz6X9mscVEX9Nd3X5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6Ix/AwAA//+UFuN0") chdir(&(0x7f0000000240)='./file0\x00') syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='./bus\x00', 0x1a404ac, &(0x7f0000000d80)=ANY=[@ANYBLOB="ba618c14e6c7e698de3fb8b765b993fa49575985fb77bf8cbe11f3e10fe145c3161212e5b9a65501d007df1337c25665e8404c1dc11c53041207bea7fd891761869c2d7d6a7a06c71bfcfe33d41cab42b82ecd0a1fd7f713b1fc70fee63b712bbefbb0a96138503f0163651b0512fa7aa1c1df2df969aa400e0f1901ad03d5cb2eaa2e2fd9500641a214a4ff49e005d1eeb61c2893e933bb23f2568bb02382c787f0c6642de45d21683e0bcf71115878d6e9a489bf815b4133e3d156bdd935a75e", @ANYBLOB="5e0584d98ab9a07cae177cb398fee2c48255da63f1ae64afe765132ed12cbc9bfb022226e28fb35070dc87ba1b2a3a6c20825430fcacee5452969171f4cdf23c85b7bffa4df736ccac00310973de025b31f0382cd0add86117309479fb585673aceae9ba360bada48478ccccfe4a6f24eef38a77e18f1527fe8efaaf56820321cc1f0c607438ef99fde6fc57ec4c27b82affbb7bfd4dd5e00136eecafa7e90973740aa78aa201350d4a0460c40bf274cfc068799c6d7f82a5cc82652ea98ea29f7b1538a78f7a47390d04591b868c9d40b515a43a90b87ee8d0ca9a5eefbfb6f79ea17a81fc573", @ANYRESHEX, @ANYRESHEX, @ANYRESDEC=0x0, @ANYRES16, @ANYRESDEC, @ANYRESHEX], 0xfe, 0x0, &(0x7f0000000000)) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f00000004c0)='./bus/file0\x00', 0x2) renameat2(r0, &(0x7f0000000240)='./bus/file0\x00', r0, &(0x7f00000001c0)='./file0\x00', 0x2) 43.194088733s ago: executing program 34 (id=397): syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0006, &(0x7f0000000600)={[{@usrjquota}, {@minixdf}, {@init_itable}, {@noload}, {@data_err_ignore}, {@usrjquota}]}, 0xfe, 0x444, &(0x7f0000000980)="$eJzs3MtvG8UfAPDv2nHS5y/5lfJoaCFQEBGPpEkf9MAFBBIHkJC4FHEKSVqFpg1qgkSrCAKHcESVuCOOSPwFnOCCgBMSV7ijShXKpYWT0dq7qZvYaZw4del+PtLGM96xZr67O/bsjJ0ACmso/ZNE7IuI3yOiv569vcBQ/eHmyuLk3yuLk0lUq2//ldTK3VhZnMyL5q/bW89Uq1m+r0m9y+9GTMzOTl/K8qMLFz4Ynb985YWZCxPnps9NXxw/ffrE8SO9p8ZPdiTONK4bgx/PHT70+jtX35w8c/W9n79N27sv298YR6cM1Y9uU09XOl1bd+1vSCc9XWwIbSlHRHq6KrX+3x/l2L26rz9e+6yrjQN2VLVarTb7fM4sVYH7WBLdbgHQHfkHfXr/m293aehxT7j+cv0GKI37ZrbV9/REKStTWXN/20lDEXFm6Z+v0i12aB4CAKDR9+n45/lm479SPNRQ7n/ZGspARPw/Ig5ExAMRcTAiHoyolX04Ih5ps/61KyTrxz+la1sKbJPS8d9L2drW7eO/fPQXA+Ust78WfyU5OzM7fSw7JsNR6UvzYxvU8cOrv33Ral/j+C/d0vrzsWDWjms9aybopiYWJrYTc6Prn0YM9jSLP4l8GSeJiEMRMbjFOmae/eZwq313jn8DHVhnqn4d8Uz9/C/FmvhzScv1ybEXT42fHN0Vs9PHRvOrYr1ffl1+q1X924q/A9Lzv6fp9b8a/0CyK2L+8pXztfXa+fbrWP7j85b3NFu7/mdWG9ebPX40sbBwaSyiN3lj/fPjt16b5/PyafzDR5v3/wNx60g8GhHpRXwkIh6LiMeztj8REU9GxNEN4v/plafebz/+DWblOyiNf+pO5z8az3/7ifL5H79rP/5cev5P1FLD2TObef/bbAO3c+wAAADgv6JU+w58UhpZTZdKIyP17/AfjD1LMTe/8NzZuQ8vTtW/Kz8QlVI+09XfMB86ls0N5/nxNfnj2bzxl+XdtfzI5NzsVLeDh4Lb26L/p/4sd7t1wI7zey0oLv0fikv/h+LS/6G49H8ormb9/5MutAO4+3z+Q3Hp/1Bc+j8Ul/4PhdTyt/Glbf3kf7uJpBuVSrSTiNI90Yz7P9Gz6X9mscVEX9Nd3X5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6Ix/AwAA//+UFuN0") chdir(&(0x7f0000000240)='./file0\x00') syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='./bus\x00', 0x1a404ac, &(0x7f0000000d80)=ANY=[@ANYBLOB="ba618c14e6c7e698de3fb8b765b993fa49575985fb77bf8cbe11f3e10fe145c3161212e5b9a65501d007df1337c25665e8404c1dc11c53041207bea7fd891761869c2d7d6a7a06c71bfcfe33d41cab42b82ecd0a1fd7f713b1fc70fee63b712bbefbb0a96138503f0163651b0512fa7aa1c1df2df969aa400e0f1901ad03d5cb2eaa2e2fd9500641a214a4ff49e005d1eeb61c2893e933bb23f2568bb02382c787f0c6642de45d21683e0bcf71115878d6e9a489bf815b4133e3d156bdd935a75e", @ANYBLOB="5e0584d98ab9a07cae177cb398fee2c48255da63f1ae64afe765132ed12cbc9bfb022226e28fb35070dc87ba1b2a3a6c20825430fcacee5452969171f4cdf23c85b7bffa4df736ccac00310973de025b31f0382cd0add86117309479fb585673aceae9ba360bada48478ccccfe4a6f24eef38a77e18f1527fe8efaaf56820321cc1f0c607438ef99fde6fc57ec4c27b82affbb7bfd4dd5e00136eecafa7e90973740aa78aa201350d4a0460c40bf274cfc068799c6d7f82a5cc82652ea98ea29f7b1538a78f7a47390d04591b868c9d40b515a43a90b87ee8d0ca9a5eefbfb6f79ea17a81fc573", @ANYRESHEX, @ANYRESHEX, @ANYRESDEC=0x0, @ANYRES16, @ANYRESDEC, @ANYRESHEX], 0xfe, 0x0, &(0x7f0000000000)) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f00000004c0)='./bus/file0\x00', 0x2) renameat2(r0, &(0x7f0000000240)='./bus/file0\x00', r0, &(0x7f00000001c0)='./file0\x00', 0x2) 14.637725045s ago: executing program 1 (id=481): r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000480)) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040301, 0x0) r2 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc) ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r2, 0xc0684113, &(0x7f0000000040)={0x1, 0xfffff800, 0x0, 0x4000a, 0x8, 0x3, 0x7, 0x40000011, 0x1, 0x40, 0xffffffff, 0x1}) 13.261502409s ago: executing program 1 (id=486): syz_usb_connect(0x5, 0x36, 0x0, 0x0) r0 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000280)={'vcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f0000000100)={0x1d, r1, 0x0, {}, 0xfd}, 0x18) connect$can_j1939(r0, &(0x7f0000000080)={0x1d, r1, 0x0, {0x0, 0xf0, 0x2}, 0xfe}, 0x18) sendmsg$can_j1939(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)='.', 0x1a000}}, 0x0) 11.030956732s ago: executing program 1 (id=493): r0 = syz_usb_connect(0x0, 0x36, &(0x7f00000005c0)={{0x12, 0x1, 0x0, 0x3a, 0x37, 0x5, 0x20, 0x781, 0x5, 0x5, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xe6, 0x2, 0x2, 0x5b, 0xbd, 0x97, 0x0, [], [{{0x9, 0x5, 0x2, 0x2, 0x200, 0x2}}, {{0x9, 0x5, 0x82, 0x2, 0x200}}]}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, &(0x7f00000006c0)={0x44, &(0x7f0000000580)={0x0, 0x16}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0) 10.749689081s ago: executing program 6 (id=494): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xe, 0x7fff0000}]}) close_range(r0, 0xffffffffffffffff, 0x0) syz_open_procfs(0x0, &(0x7f0000000140)='net/ip6_flowlabel\x00') close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x161642, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000300)={&(0x7f0000000000/0x3000)=nil, &(0x7f0000001000/0x2000)=nil, &(0x7f0000001000/0x3000)=nil, &(0x7f0000003000/0x2000)=nil, &(0x7f0000003000/0x3000)=nil, &(0x7f0000003000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000000/0x1000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000200), 0x0, r1}, 0x68) 10.515909376s ago: executing program 6 (id=496): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x800810, &(0x7f0000000180)={[{@nobh}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}]}, 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=") mknod$loop(&(0x7f00000009c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000, 0x1) creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1d3) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x0) link(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 9.916230721s ago: executing program 5 (id=497): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000580)=[@in={0x2, 0x4e21, @local}], 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x1) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000000)={0x0, 0x4}, 0x8) r1 = dup(r0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x2}}, 0x3e) 9.789461574s ago: executing program 6 (id=500): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x256c, 0x6d, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="002205"], 0x0}, 0x0) syz_usb_control_io(r0, &(0x7f0000000480)={0x2c, 0x0, &(0x7f0000000240)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x3445}}, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000200)={0x24, 0x0, &(0x7f00000004c0)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000000c0)={0x24, 0x0, &(0x7f0000000180)={0x0, 0x3, 0xb4, @lang_id={0x0, 0x3, 0xc2b}}, 0x0, 0x0}, 0x0) 9.297151156s ago: executing program 5 (id=501): timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) r1 = mq_open(0x0, 0x42, 0x0, 0x0) mq_timedreceive(r1, 0x0, 0x0, 0x0, 0x0) 8.775061531s ago: executing program 7 (id=503): syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000040)='./file0\x00', 0xcc04, &(0x7f0000000880)=ANY=[], 0x1, 0x209, &(0x7f0000000200)="$eJzs3c9uEmEQAPChpfwxHnozMTFZ40FPjfoENaYmRhKTGg56a2JP5QQX4NI+hq/ge/kApicu5jO4bEGgiERA9Pe7dLrzze4OG5a9MKTIfbn3KWq1Uuwdx3EMSnEYe1G4imnlmS0AwO4YpBRfU+73qz0HAMAuWuLz/9uGTwkAWLN37z+8edFonJxmWS3i+qrb7Dbzv3n+1evGydPsh8Nx1XW329y/yT/Lpp8dhvmDuDPKP8/rs5t0JSKalXjyKM8Pcy/fNrKf66vxcc29AwAAAAAAAAAAAAAAAAAAAADAtjyIrDB3vs/R0XS+Psrn/03MB5qa31OO+8V44PF4oHS5iaYAAAAAAAAAAAAAAAAAAABgx3R6/YuzVuu8PQ6qETG5pTxnze1BabTjpRZvP9iL1crrozZXOGhp9BKtt8H6/Iu7TBDlv+XqrBpkf2qH1eIyz6bqUVpQntIwmP8uKMZi3FpeiYjFJ/b4dNW+Biml1ueH7U4v0sLF43tEdWN3IwAAAAAAAAAAAAAAAAAA+L9NfOt7Rm1/G2cEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJvX6fWLX/nvX5y1WuftTm/p4DIi7sYvFxfHOoja9hoFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgn/Y9AAD//ybtHK4=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0) write$UHID_INPUT(r0, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd4829bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bccdf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x11, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x442, 0x0) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sys/net/ipv4/vs/lblc_expiration\x00', 0x2, 0x0) 8.163676273s ago: executing program 7 (id=505): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x12, &(0x7f00000000c0)=0x2, 0x4) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x12, 0x0, 0x12) recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25) 6.58890583s ago: executing program 6 (id=506): syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000980)='./file0\x00', 0x3000010, &(0x7f0000000100)={[{@resuid}, {@nobh}]}, 0x1, 0x519, &(0x7f00000009c0)="$eJzs3cFvI1cZAPBvJvE2u5tiFxAqlSgVLcpWsHbS0DZCCMoFTpWA5b6ExImi2HEUO2UTVZCK/wAhgcSJExck/gCkqgfEGVWqBBfEAQECIdjCAQnoII/HJevYSaBJnI1/P+mt35sZz/e9ifw8M56dCWBiPRURL0XEVEQ8GxHlYnpalDjole5yb99/daVbksiyO39JIimm9dfVbU9HxM3ibTMR8ZUvRnw9ORq3vbe/udxo1HeKdq3T3K619/ZvbzSX1+vr9a3FxYUXll5cen5pPiu8p35W+pUffeGzr3/yG7+9+6db3+ym9ZkPRSkG+nGWel0v5duir7uNds4j2BhMFf0pjTsRAABOpbuP//6I+Fi+/1+OqXxvbsDUODIDAAAAzkr2udn4VxKRAQAAAFdWGhGzkaTV4lqA2UjTa8W5gQ/GjbTRanc+sdba3VrtzouoRCld22jU54trhStRSrrtheIa2377uYH2YkQ8FhHfLV/P29WVVmN1zOc+AAAAYFLcHDj+/3s5zesnG/L/BAAAAIDLqzKyAQAAAFwVDvkBAADg6hs8/n99THkAAAAA5+JLL7/cLVn/+derr+ztbrZeub1ab29Wm7sr1ZXWznZ1vdVaz+/Z1zxpfY1Wa/tTsbV7r9aptzu19t7+3WZrd6tzd+OBR2ADAAAAF+ixj77xqyQiDj59PS9R3AcQ4AG/H3cCwFmaGncCwNi4izdMrlK/cm28eQDjk5ww38U7AADw8Jv78NHf//unAkpjzQw4b671AYDJ4/d/mFwlVwDCREsj4n296iOjlhn5+/8vThslyyLeLB+e4vwiAABcrNm8JGm1OA6YjTStViMejUgrUUrWNhr1+eL44Jfl0iPd9kL+zuTEa4YBAAAAAAAAAAAAAAAAAAAAAAAAgJ4sSyIDAAAArrSI9I9Jfjf/iLnyM7OD5weuJf8oxx+Kxg/ufO/ecqezs9Cd/tf8WV7XIqLz/TulfPpzIx8fBgAAAJy15GDkrN5xevG6cKFZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAB3r7/6kq/XGTcP38+IirD4k/HTP46E6WIuPG3JKYPvS+JiKkziH/wWkQ8Pix+Eu9kWVYpshgW//o5x6/km2Z4/DQibp5BfJhkb3THn5eGff7SeCp/Hf75my7KezV6/EuLyI/n49yw8efRI2trDo3xxFs/qY2M/1rEE9PDx5/++JuMiP/0kbX9M8uyozG+9tX9/VHxsx9GzA39/kkeiFXrNLdr7b392xvN5fX6en1rcXHhhaUXl55fmq+tbTTqxb9DY3znIz9957j+3xgS/ze/7o2/x/X/mVErHfDvt+7d/0CvWhoW/9bTQ79/Z2JE/LT47vt4Ue/On+vXD3r1w5788ZtPHtf/1RHb/6S//61T9v/ZL3/7d6dcFAC4AO29/c3lRqO+c0xl5hTLPIyVn81cijT+x0r2rd5f7rLk8/9Wunur/53S79UlSOxQJbuwWFNxSbr8bmWswxIAAHAOfv7uTv+4MwEAAAAAAAAAAAAAAAAAAIDJdRG3ExuMeTCergIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHOs/AQAA//9GB9/T") mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0) chroot(&(0x7f0000000a40)='./file0\x00') mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x80) getdents64(r0, &(0x7f0000000000)=""/39, 0x27) 6.518606095s ago: executing program 7 (id=507): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22}, 0x1c) connect$inet6(r0, &(0x7f0000000600)={0x2, 0x4e23, 0x0, @mcast1, 0x4}, 0x1c) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e21, 0x4000000, @remote, 0x2}, 0x1c) r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f0000001200)=[{&(0x7f0000000080)="580000001400add427323b472545b45602117fffffff81004e230e227f000001925aa80020007b00090080007f000001e809000000ff0000f03ac71002000000ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1) 6.437228936s ago: executing program 4 (id=508): r0 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f0000000340)={0x1d, r1, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18) setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4) sendmsg$inet(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4008000) sendmsg$can_j1939(r0, &(0x7f0000001240)={&(0x7f0000001000)={0x1d, r1, 0x2, {0x1, 0xff, 0x3}}, 0x18, &(0x7f0000000180)={0x0, 0xf}, 0x1, 0x0, 0x0, 0x42000}, 0x90) 6.111976095s ago: executing program 5 (id=509): syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./bus\x00', 0x2000010, &(0x7f00000013c0)=ANY=[], 0xf, 0x6a2, &(0x7f0000000100)="$eJzs3c1vHGcdB/DvrNeuHargtEkboSKiRCpIFolf5IK5EBBCPlSoKgfOVuI0VjZOZbvIrRC4FMEJiUP/gILkGyck7kHhXG69+lgJiUvEIeJiNLOz9tq7ju3Eb4HPJxo/z8zzzDO//e0zM951Vhvg/9bsWJoPU2R27O3Vcn1jfaq1sT71Ut3cSlLWG0mzXaRYTIpHyc2yveha0lX2+HRh5t0vHm982V5r1kvVv/G0/fro03etXnIlyUBd9ho86CF2jHcrycs9XYYOOtaOjmXSrtUlnLrNHmuH2f0w5y1wxnTuTkX7vtljNDmXZLj+PSD11aFxchEej0Nd5QAAAOAF9fmD044AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXjz19/8X9dKoy1xJ0fn+/6HOtrr+Qnt42gEAAAAAAAAAwBH4xpM8yWrOd9Y3i+pv/lerlYv5z2bylXyQ5cxnKdezmrmsZCVLmUgy2jXQ0OrcysrSxNaepf57Tvbdc/KkHjEAAAAAAAAA/E/6dWa3//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABnQZEMtItqudipj6bRbFczVP5YS/7Rqb8gin4bH558HAAAAPBchp9hn68+yZOs5nxnfbOoXvO/Vr1eHs4HWcxKFrKSVuZzu34NXb7qb2ysT7U21qful0vvuD/416HCqEZM+72H/ke+XPUYyZ0sVFuu51YVzO00qj1Llzvx9I/r4zKm4vu1A0bWrNNaHuwPe72LcCQO+1bEaBlcspWR8Tq2MhsX2hkoqjdqkt2Z2PfZae4+UhoZ3DrSRBpb7/xcPIacn6vL8vH89lhzflhbmWikysRk1+x77emZSL751z//7G5r8d7dO8tjZ+ch7WNgj+2758RUVyZe75eJ7oHOdCaah+w/XmXi0tb6bH6cn2YsV/JOlrKQn2cuK5nPZt0+V8/n8ufo0+fMzR1r7+wXyVD9vLRTfZCYruRHVW0uV6t9z2chRR7kdubzVvVvMhP5TqYznZmuZ/jSnnFXj6066xu7z/rOM/23vsFf+1ZdGUnyu7rsycEue83Oo9K+9pd5vdCV1/asf7zV60LXeTDelaVXOtkZ7Dv4s1wbm1+rK+UxPqnLs2G0zkR5AnXuEp3oXm1nolndi3rn+R+rc2O5tXhv6e7c+3uMv7Zr/c26LKfV+tcPGmX/p+JolfPllQzXV5Kds6Nse3XrKnNhx111qP6LS7ut0dN2qWoris6Z+pOeM7Wcr+WZOlT/Dtc70mTV9nrftqmq7XJX247ft/Igrdw+gfwB8JxGc25o5J8jn498NvKbkbsjbw//8KXvvvTGUAb/Pvi95vjAm403ir/ks/xy+/U/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw7JY//OjeXKs1v9S/0ti7aZ/KfiPvqhT1F/o807HOYGU4yY4tg+WGIzvEJwfsPLI7jJ7K5q+SE89P50sE+/f5fVlp5iAD3tyvz8enPhPOemUg/SfAKV+YgGN3Y+X++zeWP/zo2wv3596bf29+cXB6emZ8ZvqtqRt3Flrz4+2fpx0lcBy2b/qnHQkAAAAAAAAAAABwUP0+GHD15f0+NHKgz3j4n4UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAkZgdS/NhikyMXx8v1zfWp1rl0qlv92wmaTSS4hdJ8Si5mfaS0a7hivzpUTb7HOfThZl3v3i88eX2WM12/6RRl89hrV5yJclAXR7VeLeee7zi351HWCbsWidxcNr+GwAA///UmvRo") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='pids.current\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000400)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0) 6.07230708s ago: executing program 1 (id=510): syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000d40)={[{@test_dummy_encryption}]}, 0x1, 0x246, &(0x7f0000000ac0)="$eJzs3DFoJFUcBvBvZnc9c7fIqY0gqCAiGghnJ9icjcKJHIeIoMKJiI1yEWKCXWJlY6G1SiqbIHZGS0kTbBTBKmqK2AgaLAwWiqzMTiJJXGNgkx3J/H4wuzM78+b/htnv7TbzArTWxSSXk3SSTCfpJSn2H3BPvVzc3VyeWr+eDAZP/VIMj6u3a3vtLiRZSvJwkrWyyCvdZGH1ua3fNh6//+353n0frj47NdGL3LW9tfnkzgdX3/rkykMLX33z09Uil9M/cF0nrxjxWbdIbjuNYv8TRbfpHnAc1974+Nsq97cnuXeY/17K1Dfvnbmb1np58P1/a/vuz1/fOcm+AidvMOhVv4FLA6B1yiT9FOVMknq9LGdm6v/w33XOl6/Ozr0+/fLs/I2Xmh6pgJPSTzYf++zcpxcO5f/HTp1/4Cx54sBWlf+nr618X63vdJrqE9CEKv/TLyw+EPmH1pF/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aC/5h7PtxSP2HSP/5Wn1C2jW/vwDAO0yONf0E8hAU5oefwAAAAAAAAAAAAAAAAAAgH9anlq/vrdMquYX7yXbjybpjqrf2Z2A7Obh6/lfi+qwvxV1s7E8f/eYJxjTRw0/fX3LD83W//KuZusv3kiW3kxyqds99P37c5Bi7Anwbv2P/b2jJuibgEeeabb+HyvN1r+ykXxejT+XRo0/Ze4Yvo8ef/rV/Ruz/mu/j3kCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJuavAAAA///41m/U") mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000180)='./bus\x00', 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000200)='./bus/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) renameat2(r0, &(0x7f0000000000)='./file0\x00', r0, &(0x7f0000000100)='./bus/file0\x00', 0x2) 5.926169092s ago: executing program 7 (id=511): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x8000002, 0x2000}, 0x1c) syz_usb_control_io$uac1(r0, 0x0, &(0x7f00000004c0)={0x44, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, 0x0) syz_mount_image$iso9660(&(0x7f0000000500), &(0x7f0000000040)='./file0\x00', 0x800000, &(0x7f00000003c0)=ANY=[], 0x1, 0x53c, &(0x7f00000005c0)="$eJzs3MFuG8cZAOBZm6oFtTEKBI0dxUA3Tg8u0ChLupYh5MQul9ImJJfYXQX2qQhqKRAqpUWTAo1vvrgt0D5Ern2CnvoifYagj+BiuaSjyLLkKIIUBN8HSDPk/jPzz4KYESkMAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQonSQJN0ojPLJ9oP45dJBWYxPuL7o79/fKE4YN4So+QnLy+Fm+9TN17++/LPm1+1wo310Iyw3xXJ4/OM3fvr+650ri/YnJHQhPvvi8e8/3t/f+dNpgc+ii0no3P33tdDc5a3jb/VmNsmrIh/3N7M4r4p4Y309eW9rWMXDfJRVD6s6G8dpJ/TroozvpL+Muxsbd+Ns7WGxPdkc9EfZ4sn77/aSZD3+YG2a9cuqmLz3wVqVbuWjUT7ZnMU0l5uY+80L8cO8juusP47j3b39nbunTaEJ6r5KUO+0oF7S63W7vV53/d7GvftJ0jn0xLUQQtJJjggvNLn8Fy2X65xXcDi7Z/P9HwAAAPjhimafsTfv/5dmn8NHYZiPsuSy0wIAAADO0ew//zeaYqmp3QyR9/8AAADwQ/O3U8/YVdNr0X/+F8pyKXoyffCL6KDfxPUPrrbtrh7tsR6uRtfnncyK9c78UZrdit5sg95cRH81L3ZPyyM6hwTCP8JqG7P6qC0fLa60o6wM81G2lhaj97uh379+pc4e1H/+dO8vYTb9v0/G16Owu7e/s/a7P+w/muXypOnlycH8AMUL5yhOyOXz5+cej5/x0uyDmPm4K+24yeH5X2mbX/kWYz4Nb7Uxb6205co357/cjNlde9nsV6LXZofpvuPMn4ZbbcytO+80xTt3jsmid1wWP5p3PjutdziLM92LV8ji7vMsroWj9yLs7l0LIXy3LAAuy+4pu1D0wsbfObLKPVtswCeschezuz8Nb7cxb6/OFtbO6jErenLC7nZojz377vavcLuNub0Iftke24z7z+fjtrvql02DL186bjXqRc0tvPr5wR/DG5998fjdvYOPP9n5ZOfTXu/uevLrJLnXC0uzacwLew8Ax8jKr6KV+q9RWebT33Y3FhtOkX4Yl/lgM4vzSZ2V6VZ/spnF07Koi7QYNZWP8kFWxdX2dFqUdTwsynhaVPmD2Te/xPOvfqmy8KtJnafVdJT1qyxOi0ndT+t4kFdpPN3+zSivtrJy1riaZmk+zNN+nReTuFNsl2m2FsdVlh0KzAfZpM6HeVOdxNMyH/fLh/FHxWh7nMWDrErLfFoXbYeLsfLJsCjHs27XLvleA8D3xfNvsPtWlcWfCa/W6pKnCAAcYZcGAAAAAAAAAAAAAIDvv7Od/1NRUXmVSue8OvzJRSd/0qrx84tboAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgkP8HAAD//wNLm3U=") syz_usb_control_io(r0, 0x0, &(0x7f00000001c0)={0x84, &(0x7f0000000640)=ANY=[@ANYBLOB="201104060000000101"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 5.320457614s ago: executing program 1 (id=512): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000340)={0x14, 0x1, 0x1, 0x101, 0x0, 0x0, {0x2}}, 0x14}}, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 5.231860112s ago: executing program 4 (id=513): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000000), 0xfc, 0x582, &(0x7f0000000b40)="$eJzs3d9rW+UbAPDnpO3W/fh+28EY6oUUduFkLl1bf0zwYl6J6HCg9zO0WRlNl9GkY60Dtwt3440MQcSB6L33Xg7/Af+KgQ6GjKIX3lROctKFNunSLF2z5vOBs73vOSd9z5P3PG/ek5OQAAbWRPpPLuLliPgmiRhr2jYc2caJ+n5rj2/OpksS6+uf/pVEkq1r7J9k/x/JKi9FxG9fRZzObW23srK6UCiViktZfbK6eG2ysrJ65spiYb44X7w6PTNz7q2Z6Xffebtnsb5+8Z/vP7n/4bmvT65998vDY3eTOB9Hs23NcTyDW82ViZjInpOROL9px6keNNZPkr0+ALoylOX5SKRjwFgMZVnf0vrY8zw0YJd9maY1MKAS+Q8DqjEPaFzb9+g6+IXx6P36BdDW+Ifr743EaO3a6PBaUr8yOljfml7vjveg/bSNX/+8dzddot37EAd70BDAJrduR8TZ4eGt41+SjX/dO9vBPpvbGLTXH9hL99P5zxut5j+5jflPNM9/Mkda5G43np7/uYc9aKatdP73Xsv578ZNq/GhrPa/2pxvJLl8pVRMx7b/R8SpGDmY1qci4oPWN0E+z609WG/XfvP8L13S9htzwew4Hg5vmv/NFaqFZ4+87tHtiFdazn+Tjf5PWvR/+nxc7LCNE8V7r7bb9vT4d9f6TxGvtez/J52ZbH9/crJ2Pkw2zoqt/r5z4vd27W8b/2jPw90i7f/D28c/njTfr63svI0fR/8tttvW7fl/IPmsVj6QrbtRqFaXpiIOJB9vXT/95LGNemP/NP5TJ7cf/1qd/4fSxO4w/jvH7zTvOrqz+HdXGv/cjvp/54UHH33xQ7v2O+v/N2ulU9maTsa/Tg/wWZ47AAAAAAAA6De5iDgaSS6/Uc7l8vn65zuOx+FcqVypnr5cXr46F7Xvyo7HSK5xp3us6fMQU9nnYRv16U31mYg4FhHfDh2q1fOz5dLcXgcPAAAAAAAAAAAAAAAAAAAAfeJIxGir7/+n/hhq/Zg2q4EX0TY/+Q3sc+3zP9vSi196AvqS138YXF3kv/cAYJ/w+g+DS/7D4JL/MLjkPwwu+Q+Dayf5//OFXTwQAAAAAAAAAAAAAAAAAAAAAAAAAAAA2B8uXriQLutrj2/OpvW56yvLC+XrZ+aKlYX84vJsfra8dC0/Xy7Pl4r52fLi0/5eqVy+NjUdyzcmq8VKdbKysnppsbx8tXrpymJhvnipOPJcogIAAAAAAAAAAAAAAAAAAIAXS2VldaFQKhWXFBS6Kgz3x2H0YSHXH4fRZWGvRyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOK/AAAA//92vTrs") r0 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x2000, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r2, &(0x7f0000000140)='Q', 0x1, 0x200980) sendfile(r0, r1, 0x0, 0x20fffe82) 5.1358014s ago: executing program 5 (id=514): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000700)=ANY=[@ANYBLOB="12010000000000408c0d220000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000740)={0x2c, &(0x7f0000000980)=ANY=[@ANYBLOB="00000001000000090090"], 0x0, 0x0, 0x0, 0x0}, 0x0) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x403, 0x6030, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x2}}}}]}}]}}, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x0) ioctl$EVIOCGKEYCODE_V2(r1, 0x80284504, &(0x7f0000000040)=""/185) 5.010589312s ago: executing program 6 (id=515): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r2, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000340)={'bond_slave_0\x00', &(0x7f00000004c0)=@ethtool_channels={0x3d, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2}}) close_range(r0, 0xffffffffffffffff, 0x0) 3.798836022s ago: executing program 6 (id=516): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x15) ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000002c0)=0x7e) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000540)=0x9) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)=0x3) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x7e) 3.79851798s ago: executing program 4 (id=517): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000280)={0xa, 0x2, 0x0, @empty}, 0x1c) listen(r0, 0x2) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x2000000000000022, &(0x7f0000000240)=0x1, 0x4) sendto$inet6(r1, &(0x7f0000001180)="2cd277", 0x3, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0xffff, @loopback, 0x2}, 0x1c) 3.734197648s ago: executing program 1 (id=518): r0 = socket$inet6(0xa, 0x3, 0x5) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000280)={{{@in=@private=0xa010101, @in=@multicast2, 0x0, 0x966, 0x0, 0xfffc, 0xa}, {0x1, 0x4, 0x0, 0x80000000, 0x6, 0x9, 0x0, 0x40000000000000}, {0x0, 0x9, 0x53e5, 0x23}, 0x0, 0x1, 0x1, 0x0, 0x3, 0x1}, {{@in6=@mcast1, 0x0, 0x32}, 0x2, @in=@multicast1, 0x1502, 0x4, 0x0, 0x0, 0x4, 0xfffffffd, 0x1}}, 0xe8) r1 = socket$netlink(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000180), 0xffffffffffffffff) r3 = syz_open_procfs$namespace(0x0, &(0x7f00000001c0)='ns/net\x00') sendmsg$DEVLINK_CMD_RELOAD(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x3c, r2, 0x1, 0x70bd26, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8, 0x8a, r3}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x80) 1.451526029s ago: executing program 35 (id=516): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x15) ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000002c0)=0x7e) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000540)=0x9) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)=0x3) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x7e) 1.400518679s ago: executing program 5 (id=520): r0 = syz_open_dev$loop(&(0x7f0000000100), 0xdf6, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_user\x00', 0x275a, 0x0) write$FUSE_BMAP(r1, &(0x7f00000000c0)={0x18, 0xfffffffffffffff5, 0x0, {0x8000000000000001}}, 0x18) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffffb}, 0x18) write$binfmt_misc(r1, &(0x7f0000000040), 0xe09) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1d, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d00009520a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bc0007008019000000000000000000000000af1e4ccfb7b3cad80004010400", [0x1, 0x2000000000001]}}) 1.365224246s ago: executing program 7 (id=521): r0 = syz_open_dev$sndctrl(&(0x7f0000000240), 0x2, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000800)={{0x4, 0x0, 0x9, 0x8001, 'syz0\x00', 0xc22}, 0x2, 0x200, 0x9, 0x0, 0x0, 0x7fff, 'syz1\x00', 0x0}) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000900)={0x1, &(0x7f00000008c0)=[{0x6, 0x0, 0x0, 0x6}]}) ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) mlockall(0x4) 1.351638405s ago: executing program 4 (id=522): r0 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000500)={0xa, 0x4e20, 0xffffffff, @empty, 0x4}, 0x1c) connect$inet6(r0, &(0x7f0000000300)={0xa, 0x4e1d, 0x9, @ipv4={'\x00', '\xff\xff', @loopback}, 0x2}, 0x1c) r1 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r1, &(0x7f0000000500)={0xa, 0x5e20, 0xffffffff, @empty, 0x4}, 0x1c) syz_emit_ethernet(0x2a, &(0x7f00000000c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x4c22, 0x4e20, 0x8}}}}}, 0x0) 701.572617ms ago: executing program 4 (id=523): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r1, &(0x7f0000000100)={0xa, 0xffff, 0x0, @loopback, 0x9}, 0x1c) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000300)=0x62, 0x4) sendto$inet6(r1, &(0x7f0000000300), 0x5aa, 0x0, 0x0, 0xfffffffffffffdfd) recvmmsg(r0, &(0x7f00000012c0)=[{{0x0, 0x0, 0x0}, 0x3}], 0x1, 0x182, 0x0) 456.964039ms ago: executing program 5 (id=524): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x20000023896) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x1) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) 5.578148ms ago: executing program 4 (id=525): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000003c0)={0x0, 0x2000001, 0x0, 'queue0\x00'}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x100) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r2, 0x404c534a, &(0x7f00000001c0)={0x0, 0x0, 0x9}) close_range(r0, 0xffffffffffffffff, 0x0) 0s ago: executing program 7 (id=526): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22}, 0x1c) connect$inet6(r0, &(0x7f0000000600)={0x2, 0x4e23, 0x0, @dev}, 0x1c) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4a21, 0x5, @initdev={0xfe, 0x88, '\x00', 0x3, 0x0}, 0x5}, 0x1c) r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f0000000280)=[{&(0x7f0000000080)="580000001400add4050000000000000002117fffffff81004e230e227f000001925aa80020007b00090080007f000001e809000000ffff0100f5c71002000000ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1) kernel console output (not intermixed with test programs): 517][ T3659] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 224.489479][ T3572] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 224.499295][ T3572] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 224.663919][ T5823] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 225.189504][ T4430] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 225.197881][ T4430] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 225.486803][ T4083] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 225.496249][ T4083] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 225.662053][ T3572] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 225.670858][ T3572] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 226.074926][ T4083] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 226.083158][ T4083] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 226.653944][ T5904] usb 2-1: new full-speed USB device number 2 using dummy_hcd [ 226.876653][ T5904] usb 2-1: config index 0 descriptor too short (expected 69, got 36) [ 226.885258][ T5904] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 226.980866][ T5904] usb 2-1: New USB device found, idVendor=093a, idProduct=2622, bcdDevice=b7.89 [ 226.990527][ T5904] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 226.998951][ T5904] usb 2-1: Product: syz [ 227.003495][ T5904] usb 2-1: Manufacturer: syz [ 227.008331][ T5904] usb 2-1: SerialNumber: syz [ 227.057241][ T3572] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 227.066500][ T3572] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 227.173769][ T5904] usb 2-1: config 0 descriptor?? [ 227.208731][ T5904] gspca_main: gspca_pac7302-2.14.0 probing 093a:2622 [ 227.344835][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 227.353751][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 228.155923][ T5904] input: gspca_pac7302 as /devices/platform/dummy_hcd.1/usb2/2-1/input/input5 [ 228.261999][ T6029] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 228.369178][ T5904] usb 2-1: USB disconnect, device number 2 [ 228.474090][ T5870] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 228.703059][ T5870] usb 1-1: config 0 has no interfaces? [ 228.761911][ T5870] usb 1-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 228.771404][ T5870] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 228.780094][ T5870] usb 1-1: Product: syz [ 228.784622][ T5870] usb 1-1: Manufacturer: syz [ 228.789636][ T5870] usb 1-1: SerialNumber: syz [ 228.917562][ T5870] usb 1-1: config 0 descriptor?? [ 229.478364][ T5878] usb 1-1: USB disconnect, device number 2 [ 229.974060][ T5870] usb 2-1: new full-speed USB device number 3 using dummy_hcd [ 230.369235][ T5870] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 230.380057][ T5870] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 230.466337][ T5870] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 230.475801][ T5870] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 230.484816][ T5870] usb 2-1: Product: syz [ 230.489189][ T5870] usb 2-1: Manufacturer: syz [ 230.494137][ T5870] usb 2-1: SerialNumber: syz [ 230.849822][ T5870] usb 2-1: 0:2 : does not exist [ 230.949672][ T5870] usb 2-1: 5:0: failed to get current value for ch 0 (-22) [ 231.185157][ T5870] usb 2-1: USB disconnect, device number 3 [ 232.574642][ T5870] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 232.590445][ T6067] syz.3.25 uses obsolete (PF_INET,SOCK_PACKET) [ 233.128186][ T6074] loop4: detected capacity change from 0 to 64 [ 233.611980][ T5870] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 233.621513][ T5870] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 233.695814][ T5870] usb 2-1: config 0 descriptor?? [ 233.737125][ T5870] cp210x 2-1:0.0: cp210x converter detected [ 233.870015][ T5822] hfs: node 4:3 still has 1 user(s)! [ 234.150336][ T5870] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 234.321917][ T5878] IPVS: starting estimator thread 0... [ 234.372053][ T5870] usb 2-1: cp210x converter now attached to ttyUSB0 [ 234.373790][ T6079] loop2: detected capacity change from 0 to 1024 [ 234.425973][ T6084] IPVS: using max 192 ests per chain, 9600 per kthread [ 234.427505][ T6081] syzkaller1: entered promiscuous mode [ 234.439024][ T6081] syzkaller1: entered allmulticast mode [ 234.581570][ T5878] usb 2-1: USB disconnect, device number 4 [ 234.631265][ T5878] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 234.685861][ T5878] cp210x 2-1:0.0: device disconnected [ 234.945066][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 234.951746][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 235.035958][ T6089] netlink: 'syz.0.33': attribute type 1 has an invalid length. [ 238.088659][ T5870] usb 3-1: new full-speed USB device number 2 using dummy_hcd [ 238.266168][ T5870] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 238.276589][ T5870] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 238.294311][ T5870] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 238.307138][ T5870] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 238.370621][ T6125] syzkaller1: entered promiscuous mode [ 238.376615][ T6125] syzkaller1: entered allmulticast mode [ 238.707814][ T5870] usb 3-1: usb_control_msg returned -32 [ 238.715498][ T5870] usbtmc 3-1:16.0: can't read capabilities [ 239.382450][ T6135] loop3: detected capacity change from 0 to 64 [ 239.480371][ T6132] loop1: detected capacity change from 0 to 2048 [ 239.595266][ T6132] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 239.608120][ T6132] ext4 filesystem being mounted at /7/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 240.064925][ T5817] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 240.163608][ T6145] syzkaller1: entered promiscuous mode [ 240.169626][ T6145] syzkaller1: entered allmulticast mode [ 240.650412][ T6149] loop1: detected capacity change from 0 to 512 [ 240.681772][ T6149] EXT4-fs: Ignoring removed nobh option [ 240.757254][ T6152] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 240.797228][ T6149] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 240.813791][ T6149] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.55: invalid indirect mapped block 256 (level 1) [ 240.927358][ T5878] usb 3-1: USB disconnect, device number 2 [ 241.005416][ T6149] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.55: invalid indirect mapped block 2683928664 (level 1) [ 241.052388][ T6149] EXT4-fs (loop1): 1 truncate cleaned up [ 241.060984][ T6149] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 241.189637][ T6157] netlink: 'syz.3.60': attribute type 2 has an invalid length. [ 241.576920][ T5817] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 241.670814][ T6160] loop0: detected capacity change from 0 to 512 [ 241.735254][ T6160] EXT4-fs (loop0): orphan cleanup on readonly fs [ 241.742058][ T6160] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -13 [ 241.815752][ T6160] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 241.874329][ T6160] EXT4-fs error (device loop0): ext4_clear_blocks:876: inode #13: comm syz.0.58: attempt to clear invalid blocks 2 len 1 [ 241.944458][ T6160] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.58: invalid indirect mapped block 1819239214 (level 0) [ 241.996749][ T6160] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.58: invalid indirect mapped block 1819239214 (level 1) [ 242.126007][ T6160] EXT4-fs (loop0): 1 truncate cleaned up [ 242.134484][ T6160] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 242.163699][ T5870] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 242.221984][ T6169] loop8: detected capacity change from 0 to 8 [ 242.236583][ T6169] Dev loop8: unable to read RDB block 8 [ 242.242682][ T6169] loop8: unable to read partition table [ 242.301578][ T6169] loop8: partition table beyond EOD, truncated [ 242.308271][ T6169] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5) [ 242.351037][ T5870] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 242.362577][ T5870] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 242.378238][ T5870] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 242.389766][ T5870] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 242.527788][ T5870] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 242.537682][ T5870] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 242.546192][ T5870] usb 4-1: Manufacturer: syz [ 242.585125][ T5814] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 242.647162][ T5870] usb 4-1: config 0 descriptor?? [ 243.072893][ T5878] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 243.200682][ T5870] appleir 0003:05AC:8243.0001: unknown main item tag 0x0 [ 243.253205][ T5870] appleir 0003:05AC:8243.0001: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0 [ 243.280985][ T5878] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 243.290616][ T5878] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 243.341079][ T5878] usb 5-1: config 0 descriptor?? [ 243.382296][ T5878] cp210x 5-1:0.0: cp210x converter detected [ 243.497432][ T42] usb 4-1: USB disconnect, device number 2 [ 243.863480][ T5878] cp210x 5-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 244.114030][ T5878] usb 5-1: cp210x converter now attached to ttyUSB0 [ 244.293463][ T9] usb 5-1: USB disconnect, device number 2 [ 244.336689][ T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 244.381627][ T9] cp210x 5-1:0.0: device disconnected [ 244.463516][ T5870] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 244.590658][ T6191] loop2: detected capacity change from 0 to 764 [ 244.641943][ T5870] usb 1-1: Using ep0 maxpacket: 32 [ 244.668638][ T6191] rock: directory entry would overflow storage [ 244.675450][ T6191] rock: sig=0x5245, size=8, remaining=5 [ 244.699257][ T5870] usb 1-1: config 0 has an invalid interface number: 67 but max is 0 [ 244.707961][ T5870] usb 1-1: config 0 has no interface number 0 [ 244.749611][ T5870] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 244.759152][ T5870] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 244.767990][ T5870] usb 1-1: Product: syz [ 244.772351][ T5870] usb 1-1: Manufacturer: syz [ 244.777274][ T5870] usb 1-1: SerialNumber: syz [ 244.884890][ T5870] usb 1-1: config 0 descriptor?? [ 244.926011][ T5870] smsc95xx v2.0.0 [ 245.062288][ T6193] loop3: detected capacity change from 0 to 2048 [ 245.125868][ T6193] ======================================================= [ 245.125868][ T6193] WARNING: The mand mount option has been deprecated and [ 245.125868][ T6193] and is ignored by this kernel. Remove the mand [ 245.125868][ T6193] option from the mount to silence this warning. [ 245.125868][ T6193] ======================================================= [ 245.168076][ T6193] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=18576, location=18576 [ 245.417468][ T6193] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 245.777092][ T5870] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): EEPROM read operation timeout [ 245.993728][ T5870] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 246.006033][ T5870] smsc95xx 1-1:0.67: probe with driver smsc95xx failed with error -71 [ 246.117186][ T5870] usb 1-1: USB disconnect, device number 3 [ 246.306018][ T6205] input: syz1 as /devices/virtual/input/input6 [ 246.312475][ T6205] input: failed to attach handler leds to device input6, error: -6 [ 246.464644][ T5878] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 246.693410][ T5878] usb 3-1: Using ep0 maxpacket: 16 [ 246.745927][ T5878] usb 3-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3 [ 246.756023][ T5878] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 246.764523][ T5878] usb 3-1: Product: syz [ 246.768906][ T5878] usb 3-1: Manufacturer: syz [ 246.773882][ T5878] usb 3-1: SerialNumber: syz [ 246.824393][ T5878] usb 3-1: config 0 descriptor?? [ 247.010714][ T6211] loop4: detected capacity change from 0 to 4096 [ 247.076280][ T6215] loop0: detected capacity change from 0 to 64 [ 247.111100][ T6211] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512). [ 247.306593][ T5878] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state. [ 247.333825][ T5878] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 247.357072][ T5878] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T) [ 247.364005][ T6211] ntfs3(loop4): ino=1a, mi_enum_attr [ 247.365541][ T5878] usb 3-1: media controller created [ 247.370812][ T6211] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 247.527401][ T5878] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 247.587376][ T30] audit: type=1800 audit(1755751782.562:2): pid=6211 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.83" name="file2" dev="loop4" ino=31 res=0 errno=0 [ 247.845380][ T5878] zl10353_read_register: readreg error (reg=127, ret==0) [ 247.853261][ T5878] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T' [ 247.861497][ T5878] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected. [ 247.989340][ T5878] usb 3-1: USB disconnect, device number 3 [ 248.407953][ T5878] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected. [ 248.693240][ T6233] loop4: detected capacity change from 0 to 128 [ 248.855692][ T6231] loop0: detected capacity change from 0 to 4096 [ 248.917770][ T6231] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 248.971983][ T6231] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #15: comm syz.0.93: corrupted inode contents [ 248.990251][ T6231] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #15: comm syz.0.93: mark_inode_dirty error [ 249.007872][ T5878] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 249.027141][ T6231] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #15: comm syz.0.93: corrupted inode contents [ 249.065388][ T6231] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #15: comm syz.0.93: mark_inode_dirty error [ 249.079200][ T6231] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #15: comm syz.0.93: corrupted inode contents [ 249.113298][ T6231] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #15: comm syz.0.93: mark_inode_dirty error [ 249.146057][ T6241] af_packet: tpacket_rcv: packet too big, clamped from 3394 to 4294967272. macoff=96 [ 249.171504][ T6231] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #15: comm syz.0.93: corrupted inode contents [ 249.184525][ T5878] usb 3-1: Using ep0 maxpacket: 32 [ 249.212176][ T5878] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 249.221952][ T5878] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 249.241232][ T6231] EXT4-fs error (device loop0): ext4_truncate:4666: inode #15: comm syz.0.93: mark_inode_dirty error [ 249.256399][ T5878] usb 3-1: config 0 descriptor?? [ 249.275977][ T6231] EXT4-fs error (device loop0) in ext4_setattr:6071: Corrupt filesystem [ 249.370984][ T6242] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #15: comm syz.0.93: corrupted inode contents [ 249.559653][ T5878] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 249.596249][ T5878] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 249.635963][ T5878] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 249.647840][ T5878] usb 3-1: media controller created [ 249.772374][ T5878] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 249.865305][ T6250] loop3: detected capacity change from 0 to 8 [ 249.871835][ T5814] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 250.173268][ T5878] az6027: usb out operation failed. (-71) [ 250.192144][ T5878] az6027: usb out operation failed. (-71) [ 250.199035][ T5878] stb0899_attach: Driver disabled by Kconfig [ 250.205565][ T5878] az6027: no front-end attached [ 250.205565][ T5878] [ 250.308303][ T5878] az6027: usb out operation failed. (-71) [ 250.316153][ T5878] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 250.326143][ T5878] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input7 [ 250.352484][ T6255] loop8: detected capacity change from 0 to 79 [ 250.441056][ T5878] dvb-usb: schedule remote query interval to 400 msecs. [ 250.448958][ T5878] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 250.510351][ T5878] usb 3-1: USB disconnect, device number 4 [ 250.871899][ T5878] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 251.106515][ T6262] netlink: 36 bytes leftover after parsing attributes in process `syz.1.104'. [ 251.116060][ T6262] netlink: 36 bytes leftover after parsing attributes in process `syz.1.104'. [ 251.422213][ T6268] syzkaller1: entered promiscuous mode [ 251.428381][ T6268] syzkaller1: entered allmulticast mode [ 251.643318][ T5877] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 251.853372][ T5877] usb 4-1: Using ep0 maxpacket: 8 [ 251.944431][ T5877] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 251.954165][ T5877] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 251.962400][ T5877] usb 4-1: Product: syz [ 251.972959][ T5877] usb 4-1: Manufacturer: syz [ 251.977780][ T5877] usb 4-1: SerialNumber: syz [ 252.043586][ T5877] usb 4-1: config 0 descriptor?? [ 252.300656][ T5877] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 252.431953][ T6284] syzkaller1: entered promiscuous mode [ 252.438743][ T6284] syzkaller1: entered allmulticast mode [ 252.748952][ T5877] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32 [ 252.796156][ T5877] usb 4-1: USB disconnect, device number 3 [ 252.909757][ T6290] loop4: detected capacity change from 0 to 256 [ 253.014723][ T6292] netlink: 4 bytes leftover after parsing attributes in process `syz.1.118'. [ 253.131458][ T6294] loop0: detected capacity change from 0 to 64 [ 253.515850][ T6299] Bluetooth: MGMT ver 1.23 [ 254.121822][ T6307] loop4: detected capacity change from 0 to 256 [ 254.211237][ T6307] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 254.224199][ T6307] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 254.440762][ T6307] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 254.554139][ T6313] tap0: tun_chr_ioctl cmd 1074025675 [ 254.564440][ T6313] tap0: persist enabled [ 254.608752][ T6316] tap0: tun_chr_ioctl cmd 1074025675 [ 254.614632][ T6316] tap0: persist disabled [ 254.630844][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.637331][ T6307] exFAT-fs (loop4): Filesystem has been set read-only [ 254.646140][ T6307] exFAT-fs (loop4): error, failed to bmap (inode : ffff8880141643f0 iblock : 8, err : -5) [ 254.656697][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.668970][ T6307] exFAT-fs (loop4): error, failed to bmap (inode : ffff8880141643f0 iblock : 8, err : -5) [ 254.683039][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.689232][ T6307] exFAT-fs (loop4): error, failed to bmap (inode : ffff8880141643f0 iblock : 9, err : -5) [ 254.699922][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.706263][ T6307] exFAT-fs (loop4): error, failed to bmap (inode : ffff8880141643f0 iblock : 10, err : -5) [ 254.716927][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.723222][ T6307] exFAT-fs (loop4): error, failed to bmap (inode : ffff8880141643f0 iblock : 11, err : -5) [ 254.733696][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.739856][ T6307] exFAT-fs (loop4): error, failed to bmap (inode : ffff8880141643f0 iblock : 12, err : -5) [ 254.753031][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.759218][ T6307] exFAT-fs (loop4): error, failed to bmap (inode : ffff8880141643f0 iblock : 13, err : -5) [ 254.775954][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.782150][ T6307] exFAT-fs (loop4): error, failed to bmap (inode : ffff8880141643f0 iblock : 14, err : -5) [ 254.794631][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.800818][ T6307] exFAT-fs (loop4): error, failed to bmap (inode : ffff8880141643f0 iblock : 15, err : -5) [ 254.811331][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.817689][ T6307] exFAT-fs (loop4): error, failed to bmap (inode : ffff8880141643f0 iblock : 16, err : -5) [ 254.828219][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.834645][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.840845][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.847546][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.858915][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.874653][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.880888][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.889112][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.895541][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.901811][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.908284][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.914638][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.920845][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.927247][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.933629][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.939957][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.947054][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.953432][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.959713][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.966123][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.978595][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.986744][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.993092][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 254.999293][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 255.005735][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 255.012027][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 255.019027][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 255.025447][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 255.031720][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 255.038091][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 255.044918][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 255.051097][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 255.057455][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 255.063826][ T6307] exFAT-fs (loop4): error, broken FAT chain. [ 255.088756][ T30] audit: type=1800 audit(1755751790.072:3): pid=6307 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.124" name="file1" dev="loop4" ino=1048601 res=0 errno=0 [ 255.503418][ T6325] loop0: detected capacity change from 0 to 256 [ 255.515172][ T6325] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 255.759911][ T6325] FAT-fs (loop0): Directory bread(block 64) failed [ 255.767031][ T6325] FAT-fs (loop0): Directory bread(block 65) failed [ 255.776051][ T6325] FAT-fs (loop0): Directory bread(block 66) failed [ 255.782955][ T6325] FAT-fs (loop0): Directory bread(block 67) failed [ 255.795146][ T6325] FAT-fs (loop0): Directory bread(block 68) failed [ 255.803860][ T6325] FAT-fs (loop0): Directory bread(block 69) failed [ 255.810813][ T6325] FAT-fs (loop0): Directory bread(block 70) failed [ 255.817935][ T6325] FAT-fs (loop0): Directory bread(block 71) failed [ 255.825419][ T6325] FAT-fs (loop0): Directory bread(block 72) failed [ 255.832182][ T6325] FAT-fs (loop0): Directory bread(block 73) failed [ 256.390697][ T6335] loop1: detected capacity change from 0 to 256 [ 256.661873][ T6341] loop0: detected capacity change from 0 to 512 [ 256.688773][ T6341] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 256.884520][ T30] audit: type=1800 audit(1755751791.862:4): pid=6341 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.139" name="file1" dev="loop0" ino=1048606 res=0 errno=0 [ 256.976629][ T30] audit: type=1804 audit(1755751791.922:5): pid=6341 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.139" name="/newroot/25/file0/file1" dev="loop0" ino=1048606 res=1 errno=0 [ 257.000038][ T30] audit: type=1800 audit(1755751791.922:6): pid=6341 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.139" name="file1" dev="loop0" ino=1048606 res=0 errno=0 [ 257.090228][ T6346] input: syz0 as /devices/virtual/input/input8 [ 257.125471][ T5870] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 257.234238][ T6348] loop2: detected capacity change from 0 to 512 [ 257.285255][ T6348] EXT4-fs: Ignoring removed orlov option [ 257.295708][ T5870] usb 5-1: Using ep0 maxpacket: 16 [ 257.310822][ T5870] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 78, changing to 10 [ 257.322898][ T5870] usb 5-1: New USB device found, idVendor=04d8, idProduct=00df, bcdDevice= 0.00 [ 257.336491][ T5870] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 257.368569][ T5870] usb 5-1: config 0 descriptor?? [ 257.374757][ T6348] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 257.481759][ T6348] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002] [ 257.534844][ T5877] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 257.603935][ T6348] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.144: corrupted in-inode xattr: e_value size too large [ 257.657241][ T6348] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.144: couldn't read orphan inode 15 (err -117) [ 257.698008][ T6348] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 257.757459][ T5877] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 257.769140][ T5877] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 257.779715][ T5877] usb 4-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 257.789398][ T5877] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 257.821447][ T5870] mcp2200 0003:04D8:00DF.0002: USB HID v0.04 Device [HID 04d8:00df] on usb-dummy_hcd.4-1/input0 [ 257.857820][ T5877] usb 4-1: config 0 descriptor?? [ 257.999392][ T6348] EXT4-fs (loop2): shut down requested (1) [ 258.021146][ T5870] usb 5-1: USB disconnect, device number 3 [ 258.302651][ T5877] arvo 0003:1E7D:30D4.0003: unknown main item tag 0x2 [ 258.385964][ T5877] arvo 0003:1E7D:30D4.0003: hidraw0: USB HID v0.00 Device [HID 1e7d:30d4] on usb-dummy_hcd.3-1/input0 [ 258.473760][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 258.513633][ T5877] arvo 0003:1E7D:30D4.0003: couldn't init struct arvo_device [ 258.521530][ T5877] arvo 0003:1E7D:30D4.0003: couldn't install keyboard [ 258.581594][ T5877] arvo 0003:1E7D:30D4.0003: probe with driver arvo failed with error -71 [ 258.626108][ T5877] usb 4-1: USB disconnect, device number 4 [ 259.203150][ T5870] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 259.253448][ T50] Bluetooth: hci0: command 0x0c1a tx timeout [ 259.260452][ T9] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 259.267020][ T9] Bluetooth: hci0: Error when powering off device on rfkill (-110) [ 259.390960][ T5870] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 259.399542][ T5870] usb 3-1: config 0 has no interface number 0 [ 259.409055][ T5870] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 259.421157][ T5870] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 259.431561][ T5870] usb 3-1: config 0 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 259.445193][ T5870] usb 3-1: New USB device found, idVendor=28bd, idProduct=0042, bcdDevice= 0.00 [ 259.454651][ T5870] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 259.698236][ T5870] usb 3-1: config 0 descriptor?? [ 260.299385][ T1678] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 260.341084][ T6385] loop3: detected capacity change from 0 to 4096 [ 260.488061][ T6393] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 260.490189][ T5870] uclogic 0003:28BD:0042.0004: failed retrieving string descriptor #100: -71 [ 260.518227][ T5870] uclogic 0003:28BD:0042.0004: failed retrieving pen parameters: -71 [ 260.526815][ T5870] uclogic 0003:28BD:0042.0004: pen probing failed: -71 [ 260.534032][ T5870] uclogic 0003:28BD:0042.0004: failed probing parameters: -71 [ 260.542186][ T5870] uclogic 0003:28BD:0042.0004: probe with driver uclogic failed with error -71 [ 260.557422][ T1678] usb 1-1: Using ep0 maxpacket: 16 [ 260.618450][ T1678] usb 1-1: config 0 has an invalid interface number: 105 but max is 0 [ 260.627561][ T1678] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 260.638228][ T1678] usb 1-1: config 0 has no interface number 0 [ 260.724097][ T6385] NILFS (loop3): DAT doesn't have a block to manage vblocknr = 524288 [ 260.732735][ T6385] NILFS error (device loop3): nilfs_bmap_truncate: broken bmap (inode number=15) [ 260.740724][ T1678] usb 1-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 260.752145][ T1678] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 260.761271][ T1678] usb 1-1: Product: syz [ 260.765742][ T1678] usb 1-1: Manufacturer: syz [ 260.770712][ T1678] usb 1-1: SerialNumber: syz [ 260.782113][ T6385] Remounting filesystem read-only [ 260.787757][ T6385] NILFS (loop3): error -5 truncating bmap (ino=15) [ 260.854454][ T5870] usb 3-1: USB disconnect, device number 5 [ 260.878450][ T1678] usb 1-1: config 0 descriptor?? [ 260.934446][ T1678] usb 1-1: Found UVC 0.00 device syz (046d:08f3) [ 260.941101][ T1678] usb 1-1: No valid video chain found. [ 261.098728][ T5823] NILFS (loop3): disposed unprocessed dirty file(s) when detaching log writer [ 261.164146][ T5870] usb 1-1: USB disconnect, device number 4 [ 261.403144][ T50] Bluetooth: hci1: command 0x0c1a tx timeout [ 261.410747][ T9] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 261.417292][ T9] Bluetooth: hci1: Error when powering off device on rfkill (-110) [ 261.638782][ T6406] loop1: detected capacity change from 0 to 128 [ 261.647212][ T6405] input: syz1 as /devices/virtual/input/input9 [ 261.701391][ T6406] FAT-fs (loop1): Directory bread(block 414) failed [ 261.708839][ T6406] FAT-fs (loop1): Directory bread(block 415) failed [ 261.716051][ T6406] FAT-fs (loop1): Directory bread(block 416) failed [ 261.723150][ T6406] FAT-fs (loop1): Directory bread(block 417) failed [ 261.736896][ T6406] FAT-fs (loop1): Directory bread(block 418) failed [ 261.744161][ T6406] FAT-fs (loop1): Directory bread(block 419) failed [ 261.750978][ T6406] FAT-fs (loop1): Directory bread(block 420) failed [ 261.760365][ T6406] FAT-fs (loop1): Directory bread(block 421) failed [ 261.821597][ T6406] FAT-fs (loop1): Directory bread(block 414) failed [ 261.828981][ T6406] FAT-fs (loop1): Directory bread(block 415) failed [ 261.908692][ T6406] syz.1.161: attempt to access beyond end of device [ 261.908692][ T6406] loop1: rw=3, sector=478, nr_sectors = 2 limit=128 [ 261.922630][ T6406] syz.1.161: attempt to access beyond end of device [ 261.922630][ T6406] loop1: rw=2051, sector=480, nr_sectors = 6 limit=128 [ 262.075914][ T6406] syz.1.161: attempt to access beyond end of device [ 262.075914][ T6406] loop1: rw=3, sector=486, nr_sectors = 2 limit=128 [ 262.090271][ T6406] syz.1.161: attempt to access beyond end of device [ 262.090271][ T6406] loop1: rw=2051, sector=488, nr_sectors = 6 limit=128 [ 262.390953][ T6414] loop0: detected capacity change from 0 to 512 [ 262.509293][ T6414] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 262.544166][ T6414] EXT4-fs (loop0): invalid journal inode [ 262.555450][ T6414] EXT4-fs (loop0): can't get journal size [ 262.618898][ T6414] EXT4-fs (loop0): 1 truncate cleaned up [ 262.627078][ T6414] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 262.726873][ T5870] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 262.825419][ T6425] loop6: detected capacity change from 0 to 2098 [ 262.888924][ T6414] EXT4-fs (loop0): shut down requested (1) [ 262.989825][ T5870] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 263.001615][ T5870] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 263.011109][ T5870] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 263.086886][ T5870] usb 3-1: config 0 descriptor?? [ 263.199324][ T5814] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 263.524428][ T5870] keytouch 0003:0926:3333.0005: fixing up Keytouch IEC report descriptor [ 263.565918][ T50] Bluetooth: hci3: command 0x0c1a tx timeout [ 263.579387][ T9] Bluetooth: hci3: Opcode 0x0c1a failed: -110 [ 263.586118][ T9] Bluetooth: hci3: Error when powering off device on rfkill (-110) [ 263.631199][ T5870] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.0005/input/input10 [ 263.805194][ T5870] keytouch 0003:0926:3333.0005: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0 [ 263.872367][ T6439] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 263.879166][ T6439] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 263.894409][ T6439] vhci_hcd vhci_hcd.0: Device attached [ 263.989764][ T6440] vhci_hcd: connection closed [ 264.001563][ T4430] vhci_hcd: stop threads [ 264.011223][ T4430] vhci_hcd: release socket [ 264.016497][ T4430] vhci_hcd: disconnect device [ 265.331056][ T6454] loop0: detected capacity change from 0 to 128 [ 265.403155][ T6454] EXT4-fs (loop0): Test dummy encryption mode enabled [ 265.543869][ T6454] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 265.558232][ T6454] ext4 filesystem being mounted at /31/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 265.727198][ T9] Bluetooth: hci2: Opcode 0x0c1a failed: -110 [ 265.733808][ T9] Bluetooth: hci2: Error when powering off device on rfkill (-110) [ 265.733865][ T50] Bluetooth: hci2: command 0x0c1a tx timeout [ 265.734246][ T5870] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 265.834922][ T1678] usb 3-1: USB disconnect, device number 6 [ 266.078915][ T6460] loop3: detected capacity change from 0 to 2048 [ 266.094045][ T5870] usb 5-1: Using ep0 maxpacket: 8 [ 266.146532][ T5870] usb 5-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00 [ 266.156309][ T5870] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 266.164682][ T5870] usb 5-1: Product: syz [ 266.169108][ T5870] usb 5-1: Manufacturer: syz [ 266.173997][ T5870] usb 5-1: SerialNumber: syz [ 266.281531][ T6460] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 266.292104][ T5870] usb 5-1: config 0 descriptor?? [ 266.323425][ T5870] radio-usb-si4713 5-1:0.0: Si4713 development board discovered: (10C4:8244) [ 266.659502][ T6460] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 266.736046][ T6454] fscrypt: AES-256-CBC-CTS using implementation "cts(cbc(ecb(aes-fixed-time)))" [ 266.754508][ T6460] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 266.768932][ T6460] EXT4-fs (loop3): This should not happen!! Data will be lost [ 266.768932][ T6460] [ 266.779214][ T6460] EXT4-fs (loop3): Total free blocks count 0 [ 266.785686][ T6460] EXT4-fs (loop3): Free/Dirty block details [ 266.791775][ T6460] EXT4-fs (loop3): free_blocks=2415919504 [ 266.798091][ T6460] EXT4-fs (loop3): dirty_blocks=64 [ 266.803584][ T6460] EXT4-fs (loop3): Block reservation details [ 266.809745][ T6460] EXT4-fs (loop3): i_reserved_data_blocks=4 [ 267.126174][ T5870] radio-usb-si4713 5-1:0.0: probe with driver radio-usb-si4713 failed with error -71 [ 267.137076][ T5870] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 267.223448][ T5870] usb 5-1: USB disconnect, device number 4 [ 267.290770][ T5814] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 267.320658][ T3572] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 33 with error 28 [ 267.803967][ T50] Bluetooth: hci4: command 0x0c1a tx timeout [ 267.806194][ T9] Bluetooth: hci4: Opcode 0x0c1a failed: -110 [ 267.816604][ T9] Bluetooth: hci4: Error when powering off device on rfkill (-110) [ 267.965648][ T5870] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 268.208281][ T5870] usb 1-1: Using ep0 maxpacket: 8 [ 268.258088][ T5870] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 268.266889][ T5870] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 268.277072][ T5870] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 268.288836][ T5870] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 268.299668][ T5870] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 268.313312][ T5870] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 268.322614][ T5870] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 268.624881][ T5870] usb 1-1: usb_control_msg returned -32 [ 268.631003][ T5870] usbtmc 1-1:16.0: can't read capabilities [ 268.963900][ T42] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 269.100996][ T6492] loop4: detected capacity change from 0 to 4096 [ 269.194276][ T42] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 269.204824][ T42] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 269.312012][ T42] usb 2-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 269.321956][ T42] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 269.330461][ T42] usb 2-1: Product: syz [ 269.334991][ T42] usb 2-1: Manufacturer: syz [ 269.339786][ T42] usb 2-1: SerialNumber: syz [ 269.399438][ T42] usb 2-1: config 0 descriptor?? [ 269.409014][ T6498] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 269.434436][ T6498] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 269.518448][ T6506] team0: Port device vlan2 added [ 269.631380][ T6492] ntfs3(loop4): ino=5, "/" mi_enum_attr [ 269.783561][ T6503] loop3: detected capacity change from 0 to 4096 [ 269.785222][ T6498] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 269.801425][ T6503] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512). [ 269.865616][ T6498] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 270.234147][ T6503] ntfs3(loop3): ino=1d, mi_enum_attr [ 270.239919][ T6503] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 270.294897][ T6503] ntfs3(loop3): ino=1d, mi_enum_attr [ 270.301729][ T6503] ntfs3(loop3): ino=1d, mi_enum_attr [ 270.332912][ T6511] ntfs3(loop3): ino=1b, "file0" ntfs_readdir [ 270.802383][ T42] dm9601 2-1:0.0 (unnamed net_device) (uninitialized): Error reading MODE_CTRL [ 270.863987][ T42] usb 2-1: USB disconnect, device number 5 [ 270.983753][ T9] usb 1-1: USB disconnect, device number 5 [ 271.348498][ T6523] loop0: detected capacity change from 0 to 1024 [ 271.408790][ T6523] EXT4-fs: Ignoring removed bh option [ 271.575445][ T6523] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 271.693625][ T9] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 271.775461][ T6523] overlayfs: overlay with incompat feature 'volatile' cannot be mounted [ 271.917277][ T9] usb 5-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 271.927423][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 271.938620][ T6527] loop3: detected capacity change from 0 to 4096 [ 271.981211][ T6538] loop1: detected capacity change from 0 to 2048 [ 271.996618][ T9] usb 5-1: config 0 descriptor?? [ 272.018694][ T6538] EXT4-fs: Ignoring removed bh option [ 272.033486][ T9] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 272.176768][ T5814] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 272.227780][ T6538] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 272.507302][ T9] cpia1 5-1:0.0: unexpected state after lo power cmd: 00 [ 272.534518][ T6546] loop2: detected capacity change from 0 to 256 [ 272.574892][ T6546] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 272.586533][ T6546] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 272.804384][ T6550] netlink: 4 bytes leftover after parsing attributes in process `syz.0.196'. [ 272.830130][ T6546] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 272.843629][ T5817] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 272.913546][ T9] gspca_cpia1: usb_control_msg 02, error -32 [ 272.959027][ T9] gspca_cpia1: usb_control_msg 02, error -71 [ 272.984229][ T9] gspca_cpia1: usb_control_msg 05, error -71 [ 272.990442][ T9] cpia1 5-1:0.0: unexpected systemstate: 00 [ 273.034995][ T9] usb 5-1: USB disconnect, device number 5 [ 273.067690][ T30] audit: type=1800 audit(1755751808.062:7): pid=6546 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.197" name="file1" dev="loop2" ino=1048620 res=0 errno=0 [ 274.557826][ T6576] loop4: detected capacity change from 0 to 1024 [ 274.611440][ T6582] input: syz0 as /devices/virtual/input/input11 [ 274.716468][ T6576] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 275.288439][ T5822] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 276.905700][ T6625] @: renamed from vlan0 (while UP) [ 278.056499][ T6642] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 278.331193][ T6650] syz_tun: entered promiscuous mode [ 278.343935][ T6650] batadv_slave_0: entered promiscuous mode [ 278.471050][ T6633] loop2: detected capacity change from 0 to 8192 [ 279.159998][ T6662] input: syz0 as /devices/virtual/input/input12 [ 279.173170][ T5877] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 279.387685][ T5877] usb 4-1: Using ep0 maxpacket: 16 [ 279.428786][ T5877] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 279.446531][ T5877] usb 4-1: New USB device found, idVendor=0458, idProduct=5016, bcdDevice= 0.00 [ 279.456070][ T5877] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 279.525349][ T5877] usb 4-1: config 0 descriptor?? [ 279.800276][ T6671] netlink: 24 bytes leftover after parsing attributes in process `syz.4.240'. [ 280.014989][ T6672] loop1: detected capacity change from 0 to 2048 [ 280.042383][ T5877] kye 0003:0458:5016.0006: control desc unexpectedly large [ 280.117657][ T5877] input: HID 0458:5016 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0458:5016.0006/input/input13 [ 280.219428][ T6672] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 280.232979][ T6672] ext4 filesystem being mounted at /49/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 280.266879][ T5877] input: HID 0458:5016 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0458:5016.0006/input/input14 [ 280.357040][ T5878] kernel read not supported for file /bus/input/devices (pid: 5878 comm: kworker/1:5) [ 280.385329][ T5877] kye 0003:0458:5016.0006: input,hiddev0,hidraw0: USB HID v0.09 Device [HID 0458:5016] on usb-dummy_hcd.3-1/input0 [ 280.408060][ T42] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 280.595551][ T42] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 280.607088][ T42] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 280.617437][ T42] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 280.627461][ T42] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 280.690481][ T5877] usb 4-1: USB disconnect, device number 5 [ 280.784625][ T6676] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 280.827650][ T42] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 281.019224][ T5817] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 281.092356][ T5877] usb 1-1: USB disconnect, device number 6 [ 281.953126][ T5877] usb 4-1: new full-speed USB device number 6 using dummy_hcd [ 282.171397][ T5877] usb 4-1: config 0 has an invalid interface number: 128 but max is 0 [ 282.180257][ T5877] usb 4-1: config 0 has no interface number 0 [ 282.228745][ T5877] usb 4-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 282.238678][ T5877] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 282.247147][ T5877] usb 4-1: Product: syz [ 282.251541][ T5877] usb 4-1: Manufacturer: syz [ 282.256505][ T5877] usb 4-1: SerialNumber: syz [ 282.361716][ T5877] usb 4-1: config 0 descriptor?? [ 282.849547][ T5877] usb 4-1: Firmware version (0.0) predates our first public release. [ 282.858706][ T5877] usb 4-1: Please update to version 0.2 or newer [ 282.907623][ T5877] usb 4-1: Firmware: build [ 283.104194][ T5877] usb 4-1: USB disconnect, device number 6 [ 283.493810][ T6730] loop1: detected capacity change from 0 to 128 [ 283.800749][ T6733] loop2: detected capacity change from 0 to 512 [ 283.879233][ T6734] loop4: detected capacity change from 0 to 128 [ 283.933771][ T6734] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 283.961775][ T6733] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 284.008584][ T6728] loop0: detected capacity change from 0 to 8192 [ 284.028115][ T6734] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 284.044128][ T6733] netlink: 'syz.2.260': attribute type 1 has an invalid length. [ 284.082069][ T6728] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 284.193185][ T9] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 284.407823][ T3473] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 284.420284][ T6728] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1052) [ 284.430009][ T6728] FAT-fs (loop0): Filesystem has been set read-only [ 284.438691][ T9] usb 4-1: Using ep0 maxpacket: 32 [ 284.475637][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 284.487134][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 284.497364][ T9] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 284.506842][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 284.521635][ T6728] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1052) [ 284.604083][ T6728] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1052) [ 284.620450][ T9] usb 4-1: config 0 descriptor?? [ 284.628430][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 284.744030][ T6746] loop4: detected capacity change from 0 to 256 [ 285.157836][ T9] savu 0003:1E7D:2D5A.0007: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.3-1/input0 [ 285.429001][ T5877] usb 4-1: USB disconnect, device number 7 [ 285.603742][ T6752] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 285.607458][ T9] IPVS: starting estimator thread 0... [ 285.696694][ T6755] loop0: detected capacity change from 0 to 1024 [ 285.713340][ T6756] IPVS: using max 192 ests per chain, 9600 per kthread [ 285.729289][ T6755] EXT4-fs: Ignoring removed nobh option [ 285.735657][ T6755] EXT4-fs: Ignoring removed bh option [ 285.907689][ T6755] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 286.778262][ T5814] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 286.858573][ T6766] loop3: detected capacity change from 0 to 4096 [ 286.899668][ T6772] loop2: detected capacity change from 0 to 1024 [ 286.913380][ T6766] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512). [ 286.976327][ T6772] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 287.361513][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 287.401790][ T6782] loop0: detected capacity change from 0 to 2048 [ 287.488413][ T6782] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 287.498664][ T6782] NILFS (loop0): mounting unchecked fs [ 287.562005][ T6782] NILFS (loop0): recovery complete [ 287.593903][ T6787] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 287.946967][ T6786] loop4: detected capacity change from 0 to 2048 [ 288.059895][ T6786] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 288.121772][ T30] audit: type=1800 audit(1755751823.112:8): pid=6786 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.279" name="bus" dev="loop4" ino=18 res=0 errno=0 [ 288.284353][ T5877] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 288.463490][ T9] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 288.483406][ T5877] usb 4-1: Using ep0 maxpacket: 16 [ 288.523910][ T5877] usb 4-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3 [ 288.533638][ T5877] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 288.541865][ T5877] usb 4-1: Product: syz [ 288.546488][ T5877] usb 4-1: Manufacturer: syz [ 288.551311][ T5877] usb 4-1: SerialNumber: syz [ 288.619837][ T5877] usb 4-1: config 0 descriptor?? [ 288.663283][ T9] usb 3-1: Using ep0 maxpacket: 8 [ 288.774689][ T5822] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 288.785718][ T9] usb 3-1: unable to get BOS descriptor or descriptor too short [ 288.807733][ T9] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 288.817261][ T9] usb 3-1: can't read configurations, error -71 [ 289.109799][ T5877] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state. [ 289.123737][ T5877] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 289.137452][ T5877] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T) [ 289.146336][ T5877] usb 4-1: media controller created [ 289.201525][ T5877] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 289.604354][ T6808] loop4: detected capacity change from 0 to 512 [ 289.686785][ T6808] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 289.700486][ T6808] ext4 filesystem being mounted at /64/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 289.797139][ T5877] zl10353_read_register: readreg error (reg=127, ret==0) [ 289.804843][ T5877] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T' [ 289.809020][ T6795] dtv5100: wlen = 0, aborting. [ 289.813218][ T5877] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected. [ 289.829453][ T6814] loop2: detected capacity change from 0 to 47 [ 289.885798][ T5877] usb 4-1: USB disconnect, device number 8 [ 290.112059][ T5877] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected. [ 290.117291][ T5822] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 290.436022][ T30] audit: type=1326 audit(1755751825.422:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6819 comm="syz.2.293" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7ff5539 code=0x0 [ 291.313618][ T6837] loop4: detected capacity change from 0 to 256 [ 291.543157][ T6837] FAT-fs (loop4): Directory bread(block 64) failed [ 291.550291][ T6837] FAT-fs (loop4): Directory bread(block 65) failed [ 291.557481][ T6837] FAT-fs (loop4): Directory bread(block 66) failed [ 291.565129][ T6837] FAT-fs (loop4): Directory bread(block 67) failed [ 291.572107][ T6837] FAT-fs (loop4): Directory bread(block 68) failed [ 291.579082][ T6837] FAT-fs (loop4): Directory bread(block 69) failed [ 291.586229][ T6837] FAT-fs (loop4): Directory bread(block 70) failed [ 291.593761][ T6837] FAT-fs (loop4): Directory bread(block 71) failed [ 291.600662][ T6837] FAT-fs (loop4): Directory bread(block 72) failed [ 291.607594][ T6837] FAT-fs (loop4): Directory bread(block 73) failed [ 292.242277][ T6850] loop1: detected capacity change from 0 to 512 [ 292.263726][ T42] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 292.279969][ T6850] EXT4-fs: Ignoring removed mblk_io_submit option [ 292.343902][ T6850] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 292.385881][ T6850] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002] [ 292.428777][ T6850] System zones: 1-12 [ 292.443663][ T42] usb 1-1: Using ep0 maxpacket: 32 [ 292.457888][ T6850] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.306: corrupted in-inode xattr: e_value size too large [ 292.475826][ T6850] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.306: couldn't read orphan inode 15 (err -117) [ 292.494948][ T42] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 292.506672][ T42] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 292.516968][ T42] usb 1-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 292.526791][ T42] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 292.545396][ T6850] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 292.648421][ T42] usb 1-1: config 0 descriptor?? [ 293.016827][ T5817] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 293.181283][ T42] ft260 0003:0403:6030.0008: unknown main item tag 0x7 [ 293.253609][ T6864] netlink: 48 bytes leftover after parsing attributes in process `syz.2.311'. [ 293.355553][ T42] ft260 0003:0403:6030.0008: chip code: 6424 8183 [ 293.792651][ T42] usb 1-1: USB disconnect, device number 7 [ 294.503301][ T42] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 294.708298][ T42] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 64, changing to 10 [ 294.720194][ T42] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 294.730625][ T42] usb 3-1: New USB device found, idVendor=046a, idProduct=0023, bcdDevice= 0.00 [ 294.740095][ T42] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 294.757647][ T42] usb 3-1: config 0 descriptor?? [ 295.220935][ T42] cherry 0003:046A:0023.0009: item fetching failed at offset 5/7 [ 295.244920][ T6892] netlink: 40 bytes leftover after parsing attributes in process `syz.4.324'. [ 295.277602][ T42] cherry 0003:046A:0023.0009: probe with driver cherry failed with error -22 [ 295.446190][ T5904] usb 3-1: USB disconnect, device number 9 [ 295.743868][ T6901] loop1: detected capacity change from 0 to 512 [ 295.841798][ T6901] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.329: casefold flag without casefold feature [ 295.913763][ T6901] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.329: couldn't read orphan inode 15 (err -117) [ 295.935112][ T6901] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 296.016405][ T6901] syz.1.329 (pid 6901) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 296.230917][ T6904] loop0: detected capacity change from 0 to 4096 [ 296.289254][ T6904] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 296.342584][ T5817] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 296.385391][ T6904] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 296.420675][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 296.427506][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 296.486829][ T6904] capability: warning: `syz.0.330' uses deprecated v2 capabilities in a way that may be insecure [ 296.619071][ T6913] loop1: detected capacity change from 0 to 256 [ 296.659292][ T6913] exfat: Deprecated parameter 'utf8' [ 296.788621][ T6913] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011ded, chksum : 0x9858084d, utbl_chksum : 0xe619d30d) [ 296.835968][ T5814] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 297.238532][ T6920] loop0: detected capacity change from 0 to 8 [ 297.949553][ T6936] netlink: 65039 bytes leftover after parsing attributes in process `syz.3.342'. [ 298.087330][ T42] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 298.254274][ T42] usb 5-1: Using ep0 maxpacket: 32 [ 298.273335][ T5877] usb 2-1: new full-speed USB device number 6 using dummy_hcd [ 298.322213][ T6944] loop3: detected capacity change from 0 to 512 [ 298.334756][ T42] usb 5-1: config 0 has an invalid interface number: 132 but max is 0 [ 298.343306][ T42] usb 5-1: config 0 has no interface number 0 [ 298.349621][ T42] usb 5-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 298.389640][ T6944] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 298.403793][ T6944] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 298.428249][ T42] usb 5-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5 [ 298.437843][ T42] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 298.446466][ T42] usb 5-1: Product: syz [ 298.450830][ T42] usb 5-1: Manufacturer: syz [ 298.455868][ T42] usb 5-1: SerialNumber: syz [ 298.466604][ T42] usb 5-1: config 0 descriptor?? [ 298.489241][ T42] em28xx 5-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132) [ 298.499671][ T42] em28xx 5-1:0.132: Video interface 132 found: [ 298.604055][ T5877] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 298.614842][ T5877] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 298.653148][ T6944] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 298.676053][ T6944] EXT4-fs (loop3): 1 truncate cleaned up [ 298.678430][ T5877] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 298.685349][ T6944] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 298.691931][ T5877] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 298.712246][ T5877] usb 2-1: Product: syz [ 298.716857][ T5877] usb 2-1: Manufacturer: syz [ 298.721805][ T5877] usb 2-1: SerialNumber: syz [ 298.935231][ T6950] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 298.954420][ T5878] IPVS: starting estimator thread 0... [ 298.996352][ T42] em28xx 5-1:0.132: unknown em28xx chip ID (0) [ 299.016906][ T5877] usb 2-1: 0:2 : does not exist [ 299.050512][ T5877] usb 2-1: 5:0: failed to get current value for ch 0 (-22) [ 299.063716][ T6953] IPVS: using max 192 ests per chain, 9600 per kthread [ 299.077763][ T42] em28xx 5-1:0.132: failed to trigger read from i2c address 0xa0 (error=-5) [ 299.087209][ T42] em28xx 5-1:0.132: board has no eeprom [ 299.165475][ T5877] usb 2-1: USB disconnect, device number 6 [ 299.231508][ T42] em28xx 5-1:0.132: Identified as Leadtek Winfast USB II (card=7) [ 299.239876][ T42] em28xx 5-1:0.132: analog set to bulk mode. [ 299.248533][ T5868] em28xx 5-1:0.132: Registering V4L2 extension [ 299.307694][ T42] usb 5-1: USB disconnect, device number 6 [ 299.318202][ T42] em28xx 5-1:0.132: Disconnecting em28xx [ 299.333817][ T5823] EXT4-fs error (device loop3): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /65/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 299.404593][ T5823] EXT4-fs error (device loop3): ext4_empty_dir:3120: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 299.455100][ T5823] EXT4-fs error (device loop3): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /65/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 299.507524][ T6958] loop0: detected capacity change from 0 to 512 [ 299.529013][ T5823] EXT4-fs error (device loop3): ext4_empty_dir:3120: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 299.599578][ T5823] EXT4-fs error (device loop3): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /65/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 299.637606][ T5823] EXT4-fs error (device loop3): ext4_empty_dir:3120: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 299.662122][ T5823] EXT4-fs error (device loop3): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /65/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 299.710741][ T5823] EXT4-fs error (device loop3): ext4_empty_dir:3120: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 299.771065][ T6958] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 299.773888][ T5823] EXT4-fs error (device loop3): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /65/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 299.785617][ T6958] ext4 filesystem being mounted at /63/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 299.866946][ T5823] EXT4-fs error (device loop3): ext4_empty_dir:3120: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 300.074329][ T6958] loop0: detected capacity change from 512 to 64 [ 300.120289][ T6958] Quota error (device loop0): find_tree_dqentry: Can't read quota tree block 1 [ 300.130279][ T6958] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0 [ 300.140165][ T6958] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.351: Failed to acquire dquot type 1 [ 300.213724][ T5868] em28xx 5-1:0.132: Config register raw data: 0xffffffed [ 300.221223][ T5868] em28xx 5-1:0.132: AC97 chip type couldn't be determined [ 300.228850][ T5868] em28xx 5-1:0.132: No AC97 audio processor [ 300.299191][ T5868] usb 5-1: Decoder not found [ 300.304424][ T5868] em28xx 5-1:0.132: failed to create media graph [ 300.310998][ T5868] em28xx 5-1:0.132: V4L2 device video103 deregistered [ 300.318710][ T5877] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 300.341615][ T5868] em28xx 5-1:0.132: Remote control support is not available for this card. [ 300.359926][ T42] em28xx 5-1:0.132: Closing input extension [ 300.379089][ T42] em28xx 5-1:0.132: Freeing device [ 300.483574][ T5877] usb 3-1: Using ep0 maxpacket: 16 [ 300.507116][ T5877] usb 3-1: config 0 has an invalid interface number: 126 but max is 0 [ 300.516005][ T5877] usb 3-1: config 0 has an invalid descriptor of length 98, skipping remainder of the config [ 300.526962][ T5877] usb 3-1: config 0 has no interface number 0 [ 300.534809][ T5877] usb 3-1: config 0 interface 126 altsetting 0 has an endpoint descriptor with address 0xB7, changing to 0x87 [ 300.547535][ T5877] usb 3-1: config 0 interface 126 altsetting 0 endpoint 0x87 has invalid maxpacket 34328, setting to 1024 [ 300.559313][ T5877] usb 3-1: config 0 interface 126 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64 [ 300.570655][ T5877] usb 3-1: config 0 interface 126 altsetting 0 endpoint 0x4 has invalid maxpacket 27500, setting to 1024 [ 300.582867][ T5877] usb 3-1: config 0 interface 126 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 1024 [ 300.593544][ T5877] usb 3-1: config 0 interface 126 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 4 [ 300.607194][ T5877] usb 3-1: New USB device found, idVendor=0763, idProduct=1015, bcdDevice=56.88 [ 300.616833][ T5877] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 300.681573][ T5877] usb 3-1: config 0 descriptor?? [ 300.689228][ T6963] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 300.709325][ T6963] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 300.729321][ T5877] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 300.990579][ T5904] usb 3-1: USB disconnect, device number 10 [ 301.122131][ T3710] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 301.171988][ T5814] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 301.276047][ T3710] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 301.401982][ T3710] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 301.521170][ T6974] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 301.577004][ T3710] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 301.924984][ T3710] bridge_slave_1: left allmulticast mode [ 301.930880][ T3710] bridge_slave_1: left promiscuous mode [ 301.937679][ T3710] bridge0: port 2(bridge_slave_1) entered disabled state [ 302.023862][ T3710] bridge_slave_0: left allmulticast mode [ 302.029734][ T3710] bridge_slave_0: left promiscuous mode [ 302.036616][ T3710] bridge0: port 1(bridge_slave_0) entered disabled state [ 302.567786][ T3710] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 302.604278][ T3710] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 302.628417][ T3710] bond0 (unregistering): Released all slaves [ 302.941495][ T5823] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 303.111382][ T3710] hsr_slave_0: left promiscuous mode [ 303.142296][ T3710] hsr_slave_1: left promiscuous mode [ 303.150739][ T3710] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 303.158656][ T3710] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 303.196649][ T3710] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 303.204551][ T3710] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 303.315236][ T3710] veth1_macvtap: left promiscuous mode [ 303.320991][ T3710] veth0_macvtap: left promiscuous mode [ 303.327342][ T3710] veth1_vlan: left promiscuous mode [ 303.333066][ T3710] veth0_vlan: left promiscuous mode [ 304.174562][ T5112] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 304.185991][ T5112] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 304.200573][ T5112] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 304.269248][ T5112] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 304.288786][ T6980] loop2: detected capacity change from 0 to 8192 [ 304.305115][ T5112] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 304.333418][ T3710] team0 (unregistering): Port device team_slave_1 removed [ 304.370832][ T50] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 304.373676][ T6980] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 304.392293][ T50] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 304.408740][ T50] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 304.423249][ T50] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 304.438405][ T50] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 304.566205][ T3710] team0 (unregistering): Port device team_slave_0 removed [ 305.024770][ T6980] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1052) [ 305.034020][ T6980] FAT-fs (loop2): Filesystem has been set read-only [ 305.066067][ T6980] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1052) [ 305.076993][ T6980] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1052) [ 305.220419][ T3710] IPVS: stop unused estimator thread 0... [ 305.990559][ T5829] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1052) [ 306.047430][ T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 306.208961][ T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 306.267323][ T6982] chnl_net:caif_netlink_parms(): no params data found [ 306.308474][ T5877] usb 5-1: new full-speed USB device number 7 using dummy_hcd [ 306.373734][ T50] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 306.398525][ T50] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 306.408754][ T50] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 306.435287][ T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 306.451696][ T50] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 306.499302][ T50] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 306.513749][ T5877] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 306.524556][ T5877] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 306.535211][ T50] Bluetooth: hci0: command tx timeout [ 306.548702][ T5877] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00 [ 306.558835][ T5877] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 306.567295][ T5877] usb 5-1: SerialNumber: syz [ 306.601686][ T5877] usb 5-1: 0:2 : does not exist [ 306.701874][ T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 307.093814][ T5904] usb 5-1: USB disconnect, device number 7 [ 307.111429][ T7006] loop1: detected capacity change from 0 to 128 [ 307.151115][ T7006] EXT4-fs: Ignoring removed nobh option [ 307.342273][ T7006] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 307.354031][ T12] bridge_slave_1: left allmulticast mode [ 307.360480][ T12] bridge_slave_1: left promiscuous mode [ 307.367760][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 307.389826][ T7006] ext4 filesystem being mounted at /78/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 307.431698][ T12] bridge_slave_0: left allmulticast mode [ 307.441146][ T12] bridge_slave_0: left promiscuous mode [ 307.448092][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 307.909238][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 307.913832][ T5817] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 307.961323][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 307.996573][ T12] bond0 (unregistering): Released all slaves [ 308.044504][ T7016] loop2: detected capacity change from 0 to 1024 [ 308.226776][ T7016] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 308.376049][ T7016] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.374: bg 0: block 494: padding at end of block bitmap is not set [ 308.415890][ T6982] bridge0: port 1(bridge_slave_0) entered blocking state [ 308.423642][ T6982] bridge0: port 1(bridge_slave_0) entered disabled state [ 308.431613][ T6982] bridge_slave_0: entered allmulticast mode [ 308.441613][ T6982] bridge_slave_0: entered promiscuous mode [ 308.444346][ T7016] EXT4-fs (loop2): Remounting filesystem read-only [ 308.494148][ T7016] EXT4-fs (loop2): error restoring inline_data for inode -- potential data loss! (inode 12, error -30) [ 308.604049][ T5112] Bluetooth: hci0: command tx timeout [ 308.609953][ T50] Bluetooth: hci2: command tx timeout [ 308.643721][ T7023] loop4: detected capacity change from 0 to 8192 [ 308.668157][ T6982] bridge0: port 2(bridge_slave_1) entered blocking state [ 308.676980][ T6982] bridge0: port 2(bridge_slave_1) entered disabled state [ 308.685249][ T6982] bridge_slave_1: entered allmulticast mode [ 308.695459][ T6982] bridge_slave_1: entered promiscuous mode [ 308.835802][ T12] hsr_slave_0: left promiscuous mode [ 308.849454][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 308.859547][ T12] hsr_slave_1: left promiscuous mode [ 308.867965][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 308.875913][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 308.896246][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 308.905531][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 308.938139][ T12] veth1_macvtap: left promiscuous mode [ 308.944079][ T12] veth0_macvtap: left promiscuous mode [ 308.949989][ T12] veth1_vlan: left promiscuous mode [ 308.955724][ T12] veth0_vlan: left promiscuous mode [ 309.052501][ T7023] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 2074) [ 309.062144][ T7023] FAT-fs (loop4): Filesystem has been set read-only [ 309.409948][ T7032] loop1: detected capacity change from 0 to 64 [ 309.897699][ T12] team0 (unregistering): Port device team_slave_1 removed [ 309.931930][ T12] team0 (unregistering): Port device team_slave_0 removed [ 310.630626][ T6982] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 310.661230][ T7046] netlink: 'syz.2.384': attribute type 2 has an invalid length. [ 310.703784][ T5112] Bluetooth: hci0: command tx timeout [ 310.709421][ T5112] Bluetooth: hci2: command tx timeout [ 310.727306][ T6982] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 310.766538][ T12] IPVS: stop unused estimator thread 0... [ 310.870147][ T6997] chnl_net:caif_netlink_parms(): no params data found [ 311.137203][ T6982] team0: Port device team_slave_0 added [ 311.203511][ T6982] team0: Port device team_slave_1 added [ 311.227983][ T7054] loop2: detected capacity change from 0 to 512 [ 311.285894][ T7054] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 311.387034][ T7054] EXT4-fs (loop2): 1 truncate cleaned up [ 311.395416][ T7054] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 311.467419][ T6982] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 311.475457][ T6982] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 311.501945][ T6982] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 311.526852][ T7060] loop1: detected capacity change from 0 to 8 [ 311.568721][ T7060] cramfs: wrong magic [ 311.675098][ T6982] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 311.682433][ T6982] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 311.709057][ T6982] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 312.118506][ T5829] EXT4-fs error (device loop2): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /77/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 312.241211][ T5829] EXT4-fs error (device loop2): ext4_empty_dir:3120: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 312.294697][ T5829] EXT4-fs error (device loop2): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /77/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 312.363128][ T6982] hsr_slave_0: entered promiscuous mode [ 312.373665][ T6982] hsr_slave_1: entered promiscuous mode [ 312.414088][ T5829] EXT4-fs error (device loop2): ext4_empty_dir:3120: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 312.508155][ T5829] EXT4-fs error (device loop2): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /77/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 312.536662][ T5829] EXT4-fs error (device loop2): ext4_empty_dir:3120: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 312.572623][ T6997] bridge0: port 1(bridge_slave_0) entered blocking state [ 312.580621][ T6997] bridge0: port 1(bridge_slave_0) entered disabled state [ 312.589795][ T6997] bridge_slave_0: entered allmulticast mode [ 312.599498][ T6997] bridge_slave_0: entered promiscuous mode [ 312.618977][ T6997] bridge0: port 2(bridge_slave_1) entered blocking state [ 312.627400][ T6997] bridge0: port 2(bridge_slave_1) entered disabled state [ 312.635406][ T6997] bridge_slave_1: entered allmulticast mode [ 312.644979][ T5829] EXT4-fs error (device loop2): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /77/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 312.645488][ T6997] bridge_slave_1: entered promiscuous mode [ 312.714049][ T5829] EXT4-fs error (device loop2): ext4_empty_dir:3120: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 312.770710][ T5829] EXT4-fs error (device loop2): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /77/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 312.775743][ T5112] Bluetooth: hci2: command tx timeout [ 312.794465][ T50] Bluetooth: hci0: command tx timeout [ 312.884204][ T5829] EXT4-fs error (device loop2): ext4_empty_dir:3120: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 313.186194][ T6997] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 313.241269][ T6997] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 313.377670][ T6997] team0: Port device team_slave_0 added [ 313.423615][ T6997] team0: Port device team_slave_1 added [ 313.689374][ T6997] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 313.696935][ T6997] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 313.724879][ T6997] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 313.788267][ T6997] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 313.795678][ T6997] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 313.822366][ T6997] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 313.834146][ T5877] usb 2-1: new full-speed USB device number 7 using dummy_hcd [ 313.883309][ T42] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 314.037165][ T5877] usb 2-1: config 0 has an invalid interface number: 128 but max is 0 [ 314.045996][ T5877] usb 2-1: config 0 has no interface number 0 [ 314.053986][ T42] usb 5-1: Using ep0 maxpacket: 16 [ 314.074598][ T42] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 314.083213][ T42] usb 5-1: config 0 has no interface number 0 [ 314.089520][ T42] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 314.100930][ T42] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 314.111153][ T42] usb 5-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00 [ 314.120664][ T42] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 314.154192][ T5877] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 314.163706][ T5877] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 314.171728][ T6997] hsr_slave_0: entered promiscuous mode [ 314.171898][ T5877] usb 2-1: Product: syz [ 314.182121][ T5877] usb 2-1: Manufacturer: syz [ 314.183940][ T6997] hsr_slave_1: entered promiscuous mode [ 314.187099][ T5877] usb 2-1: SerialNumber: syz [ 314.196426][ T6997] debugfs: 'hsr0' already exists in 'hsr' [ 314.201981][ T42] usb 5-1: config 0 descriptor?? [ 314.203395][ T6997] Cannot create hsr debugfs directory [ 314.228931][ T6982] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 314.229105][ T5877] usb 2-1: config 0 descriptor?? [ 314.275747][ T6982] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 314.366989][ T6982] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 314.432062][ T6982] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 314.727010][ T5877] usb 2-1: Firmware: major: 18, minor: 128, hardware type: UNKNOWN (75) [ 314.843296][ T50] Bluetooth: hci2: command tx timeout [ 314.904152][ T42] uclogic 0003:28BD:0071.000A: failed retrieving string descriptor #100: -71 [ 314.913881][ T42] uclogic 0003:28BD:0071.000A: failed retrieving pen parameters: -71 [ 314.922243][ T42] uclogic 0003:28BD:0071.000A: pen probing failed: -71 [ 314.931684][ T42] uclogic 0003:28BD:0071.000A: failed probing parameters: -71 [ 314.940300][ T42] uclogic 0003:28BD:0071.000A: probe with driver uclogic failed with error -71 [ 314.986332][ T5877] usb 2-1: no permanent extended address found, random address set [ 314.995294][ T5877] usb 2-1: atusb_probe: initialization failed, error = -524 [ 315.004075][ T5877] atusb 2-1:0.128: probe with driver atusb failed with error -524 [ 315.034751][ T42] usb 5-1: USB disconnect, device number 8 [ 315.207085][ T5868] usb 2-1: USB disconnect, device number 7 [ 315.416233][ T6997] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 315.506406][ T6997] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 315.598333][ T5829] team0: Port device vlan2 removed [ 315.633557][ T6997] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 315.678288][ T6997] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 315.729816][ T6982] 8021q: adding VLAN 0 to HW filter on device bond0 [ 315.819250][ T6982] 8021q: adding VLAN 0 to HW filter on device team0 [ 315.899517][ T3623] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 315.957013][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 316.038143][ T3710] bridge0: port 1(bridge_slave_0) entered blocking state [ 316.045799][ T3710] bridge0: port 1(bridge_slave_0) entered forwarding state [ 316.170002][ T3623] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 316.251926][ T3710] bridge0: port 2(bridge_slave_1) entered blocking state [ 316.259797][ T3710] bridge0: port 2(bridge_slave_1) entered forwarding state [ 316.511546][ T3623] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 316.678729][ T3623] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 317.229022][ T6997] 8021q: adding VLAN 0 to HW filter on device bond0 [ 317.246327][ T3623] bridge_slave_1: left allmulticast mode [ 317.252188][ T3623] bridge_slave_1: left promiscuous mode [ 317.259206][ T3623] bridge0: port 2(bridge_slave_1) entered disabled state [ 317.293347][ T3623] bridge_slave_0: left allmulticast mode [ 317.299225][ T3623] bridge_slave_0: left promiscuous mode [ 317.306070][ T3623] bridge0: port 1(bridge_slave_0) entered disabled state [ 317.779016][ T3623] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 317.801838][ T3623] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 317.840081][ T3623] bond0 (unregistering): Released all slaves [ 317.983936][ T6997] 8021q: adding VLAN 0 to HW filter on device team0 [ 318.080437][ T3473] bridge0: port 1(bridge_slave_0) entered blocking state [ 318.088158][ T3473] bridge0: port 1(bridge_slave_0) entered forwarding state [ 318.152329][ T3473] bridge0: port 2(bridge_slave_1) entered blocking state [ 318.160069][ T3473] bridge0: port 2(bridge_slave_1) entered forwarding state [ 318.520436][ T3623] hsr_slave_0: left promiscuous mode [ 318.571023][ T3623] hsr_slave_1: left promiscuous mode [ 318.579465][ T3623] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 318.587772][ T3623] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 318.602038][ T3623] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 318.610124][ T3623] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 318.642206][ T3623] veth1_macvtap: left promiscuous mode [ 318.648210][ T3623] veth0_macvtap: left promiscuous mode [ 318.654476][ T3623] veth1_vlan: left promiscuous mode [ 318.660046][ T3623] veth0_vlan: left promiscuous mode [ 319.128975][ T7093] loop1: detected capacity change from 0 to 512 [ 319.205493][ T7093] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 319.305344][ T7093] EXT4-fs (loop1): 1 truncate cleaned up [ 319.313893][ T7093] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 319.340163][ T5877] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 319.511134][ T3623] team0 (unregistering): Port device team_slave_1 removed [ 319.524466][ T5877] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 319.535153][ T5877] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 319.617584][ T3623] team0 (unregistering): Port device team_slave_0 removed [ 319.631294][ T5877] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 319.640900][ T5877] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=67 [ 319.650209][ T5877] usb 5-1: SerialNumber: syz [ 319.833180][ T5112] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 319.847051][ T5112] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 319.857972][ T5112] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 319.876883][ T5112] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 319.891052][ T5112] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 319.956843][ T5817] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 320.062005][ T6997] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 320.145342][ T5877] usb 5-1: 0:2 : does not exist [ 320.178404][ T5877] usb 5-1: USB disconnect, device number 9 [ 320.363244][ T3623] IPVS: stop unused estimator thread 0... [ 320.401674][ T6982] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 321.164758][ T7101] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 321.171440][ T7101] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 321.187627][ T7101] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 321.251260][ T7101] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 321.257915][ T7101] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 321.366935][ T7101] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 321.371901][ T7097] chnl_net:caif_netlink_parms(): no params data found [ 321.443935][ T7101] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 321.450431][ T7101] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 321.519759][ T7101] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 321.833501][ T9] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 321.838424][ T6997] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 322.037355][ T9] usb 5-1: Using ep0 maxpacket: 32 [ 322.078792][ T9] usb 5-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 322.091040][ T9] usb 5-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0 [ 322.101315][ T9] usb 5-1: config 0 interface 0 has no altsetting 0 [ 322.167294][ T9] usb 5-1: New USB device found, idVendor=1044, idProduct=7a4d, bcdDevice= 0.00 [ 322.178470][ T9] usb 5-1: New USB device strings: Mfr=0, Product=1, SerialNumber=0 [ 322.187723][ T9] usb 5-1: Product: syz [ 322.221313][ T9] usb 5-1: config 0 descriptor?? [ 322.452193][ T7097] bridge0: port 1(bridge_slave_0) entered blocking state [ 322.460375][ T7097] bridge0: port 1(bridge_slave_0) entered disabled state [ 322.470593][ T7097] bridge_slave_0: entered allmulticast mode [ 322.483363][ T7097] bridge_slave_0: entered promiscuous mode [ 322.573888][ T7097] bridge0: port 2(bridge_slave_1) entered blocking state [ 322.582255][ T7097] bridge0: port 2(bridge_slave_1) entered disabled state [ 322.590678][ T7097] bridge_slave_1: entered allmulticast mode [ 322.604047][ T7097] bridge_slave_1: entered promiscuous mode [ 322.701280][ T9] waterforce 0003:1044:7A4D.000B: unknown main item tag 0x0 [ 322.709306][ T9] waterforce 0003:1044:7A4D.000B: unknown main item tag 0x0 [ 322.719481][ T9] waterforce 0003:1044:7A4D.000B: item fetching failed at offset 2/5 [ 322.818915][ T9] waterforce 0003:1044:7A4D.000B: hid parse failed with -22 [ 322.829558][ T9] waterforce 0003:1044:7A4D.000B: probe with driver waterforce failed with error -22 [ 322.849279][ T5112] Bluetooth: hci0: command 0x0c1a tx timeout [ 322.877226][ T7097] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 322.901359][ T7097] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 322.958111][ T9] usb 5-1: USB disconnect, device number 10 [ 323.082385][ T7097] team0: Port device team_slave_0 added [ 323.135692][ T7097] team0: Port device team_slave_1 added [ 323.334016][ T5112] Bluetooth: hci2: command 0x0c1a tx timeout [ 323.419216][ T6982] veth0_vlan: entered promiscuous mode [ 323.451689][ T7097] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 323.459509][ T7097] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 323.487654][ T7097] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 323.493262][ T5112] Bluetooth: hci4: command 0x041b tx timeout [ 323.548739][ T7097] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 323.556510][ T7097] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 323.583089][ T7097] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 323.762641][ T6982] veth1_vlan: entered promiscuous mode [ 323.898715][ T7097] hsr_slave_0: entered promiscuous mode [ 323.909501][ T7097] hsr_slave_1: entered promiscuous mode [ 323.918638][ T7097] debugfs: 'hsr0' already exists in 'hsr' [ 323.924723][ T7097] Cannot create hsr debugfs directory [ 324.239122][ T7132] loop1: detected capacity change from 0 to 8192 [ 324.306607][ T6982] veth0_macvtap: entered promiscuous mode [ 324.389040][ T6982] veth1_macvtap: entered promiscuous mode [ 324.409762][ T6997] veth0_vlan: entered promiscuous mode [ 324.550125][ T6997] veth1_vlan: entered promiscuous mode [ 324.694575][ T6982] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 324.876594][ T6982] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 324.924454][ T5112] Bluetooth: hci0: command 0x0c1a tx timeout [ 325.030624][ T12] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 325.075335][ T6997] veth0_macvtap: entered promiscuous mode [ 325.124770][ T3659] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 325.161682][ T3659] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 325.173805][ T6997] veth1_macvtap: entered promiscuous mode [ 325.239877][ T3659] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 325.349574][ T6997] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 325.423736][ T5112] Bluetooth: hci2: command 0x0c1a tx timeout [ 325.479902][ T6997] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 325.620348][ T3710] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 325.630925][ T5112] Bluetooth: hci4: command 0x041b tx timeout [ 325.649829][ T3710] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 325.698593][ T7097] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 325.744763][ T3710] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 325.753943][ T7097] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 325.807001][ T12] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 325.836965][ T7097] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 325.928643][ T7097] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 326.228068][ T7146] loop4: detected capacity change from 0 to 2048 [ 326.298708][ T7146] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 326.307043][ T7146] UDF-fs: Scanning with blocksize 512 failed [ 326.415074][ T7146] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 326.643153][ T30] audit: type=1326 audit(1755751861.622:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7144 comm="syz.4.411" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f52539 code=0x0 [ 327.004865][ T5112] Bluetooth: hci0: command 0x0c1a tx timeout [ 327.104416][ T7097] 8021q: adding VLAN 0 to HW filter on device bond0 [ 327.224322][ T7097] 8021q: adding VLAN 0 to HW filter on device team0 [ 327.291217][ T3473] bridge0: port 1(bridge_slave_0) entered blocking state [ 327.298885][ T3473] bridge0: port 1(bridge_slave_0) entered forwarding state [ 327.421497][ T3473] bridge0: port 2(bridge_slave_1) entered blocking state [ 327.429216][ T3473] bridge0: port 2(bridge_slave_1) entered forwarding state [ 327.487367][ T5112] Bluetooth: hci2: command 0x0c1a tx timeout [ 327.643478][ T5112] Bluetooth: hci4: command 0x041b tx timeout [ 328.547133][ T7174] tipc: Started in network mode [ 328.552256][ T7174] tipc: Node identity 48, cluster identity 117 [ 328.559309][ T7174] tipc: Node number set to 72 [ 329.411332][ T7097] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 329.724640][ T5112] Bluetooth: hci4: command 0x041b tx timeout [ 331.134502][ T7213] netlink: 'syz.4.423': attribute type 10 has an invalid length. [ 331.164669][ T7213] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 331.189814][ T7213] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 331.272346][ T7215] bond0: entered promiscuous mode [ 331.277783][ T7215] bond_slave_0: entered promiscuous mode [ 331.284902][ T7215] bond_slave_1: entered promiscuous mode [ 331.291998][ T7215] batadv0: entered promiscuous mode [ 331.803784][ T5112] Bluetooth: hci4: command 0x041b tx timeout [ 331.820656][ T3659] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 331.828980][ T3659] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 331.983438][ T7222] ------------[ cut here ]------------ [ 331.989135][ T7222] WARNING: CPU: 1 PID: 7222 at fs/exec.c:119 path_noexec+0x2ac/0x310 [ 331.998119][ T7222] Modules linked in: [ 332.002289][ T7222] CPU: 1 UID: 0 PID: 7222 Comm: syz.4.425 Not tainted syzkaller #0 PREEMPT(none) [ 332.011912][ T7222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 332.022506][ T7222] RIP: 0010:path_noexec+0x2ac/0x310 [ 332.028288][ T7222] Code: 49 89 ff 8b 7d d4 e8 23 6b e1 ff 4c 89 ff e9 c8 fe ff ff 44 89 e7 e8 13 6b e1 ff 4d 85 ed 0f 85 a3 fe ff ff e8 b5 a2 3e ff 90 <0f> 0b 90 48 8b 7d c0 4c 8b 37 e8 d5 5f e1 ff 48 8b 00 48 89 45 c8 [ 332.050810][ T7222] RSP: 0018:ffff888050d93b90 EFLAGS: 00010283 [ 332.057421][ T7222] RAX: ffffffff82b64edb RBX: ffff88804eaecce0 RCX: 0000000000080000 [ 332.065837][ T7222] RDX: ffffc90009806000 RSI: 000000000000005c RDI: 000000000000005d [ 332.074493][ T7222] RBP: ffff888050d93bd0 R08: ffffea000000000f R09: 0000000000000003 [ 332.083238][ T7222] R10: 0000000000000003 R11: 0000000000000002 R12: 0000000000000000 [ 332.091444][ T7222] R13: 0000000000000000 R14: ffff8881005e4920 R15: 0000000000000000 [ 332.099899][ T7222] FS: 0000000000000000(0000) GS:ffff8881aa797000(0063) knlGS:00000000f5476b40 [ 332.109313][ T7222] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 332.116299][ T7222] CR2: 0000000030721ffc CR3: 000000004f424000 CR4: 00000000003526f0 [ 332.125733][ T7222] Call Trace: [ 332.129201][ T7222] [ 332.132306][ T7222] do_mmap+0x1570/0x1d70 [ 332.137130][ T7222] vm_mmap_pgoff+0x40d/0x770 [ 332.142044][ T7222] ksys_mmap_pgoff+0x51b/0x7c0 [ 332.147697][ T7222] __ia32_sys_mmap_pgoff+0x11a/0x1d0 [ 332.153445][ T7222] ia32_sys_call+0x1e23/0x4310 [ 332.158471][ T7222] __do_fast_syscall_32+0xb0/0x150 [ 332.164068][ T7222] do_fast_syscall_32+0x38/0x80 [ 332.169204][ T7222] do_SYSENTER_32+0x1f/0x30 [ 332.174225][ T7222] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 332.180847][ T7222] RIP: 0023:0xf7f52539 [ 332.185337][ T7222] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 332.214478][ T7222] RSP: 002b:00000000f547655c EFLAGS: 00000206 ORIG_RAX: 00000000000000c0 [ 332.225072][ T7222] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000000004000 [ 332.233541][ T7222] RDX: 000000000300000d RSI: 0000000000000011 RDI: 0000000000000005 [ 332.236919][ T7097] veth0_vlan: entered promiscuous mode [ 332.241869][ T7222] RBP: 0000000031b27000 R08: 0000000000000000 R09: 0000000000000000 [ 332.255931][ T7222] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 332.264264][ T7222] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 332.272474][ T7222] [ 332.275907][ T7222] ---[ end trace 0000000000000000 ]--- [ 332.345195][ T4083] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 332.354041][ T4083] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 332.375817][ T7097] veth1_vlan: entered promiscuous mode [ 332.470373][ T4083] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 332.479279][ T4083] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 332.725374][ T7097] veth0_macvtap: entered promiscuous mode [ 332.780946][ T7097] veth1_macvtap: entered promiscuous mode [ 332.789802][ T4083] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 332.800096][ T4083] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 333.067383][ T7097] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 333.127676][ T7097] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 333.188480][ T3623] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 333.214537][ T4083] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 333.266801][ T9] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 333.278163][ T4083] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 333.323303][ T4083] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 333.453441][ T9] usb 5-1: Using ep0 maxpacket: 16 [ 333.466618][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 333.478400][ T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 333.493719][ T9] usb 5-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice= 0.00 [ 333.503889][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 333.607093][ T9] usb 5-1: config 0 descriptor?? [ 333.896270][ T5112] Bluetooth: hci4: command 0x041b tx timeout [ 334.104101][ T9] playstation 0003:054C:0DF2.000C: hidraw0: USB HID v0.09 Device [HID 054c:0df2] on usb-dummy_hcd.4-1/input0 [ 334.254432][ T9] playstation 0003:054C:0DF2.000C: Invalid reportID received, expected 9 got 17 [ 334.264121][ T9] playstation 0003:054C:0DF2.000C: Failed to retrieve DualSense pairing info: -22 [ 334.274065][ T9] playstation 0003:054C:0DF2.000C: Failed to get MAC address from DualSense [ 334.284448][ T9] playstation 0003:054C:0DF2.000C: Failed to create dualsense. [ 334.362366][ T9] playstation 0003:054C:0DF2.000C: probe with driver playstation failed with error -22 [ 334.446587][ T7244] loop1: detected capacity change from 0 to 512 [ 334.490536][ T7244] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 334.494248][ T5868] usb 5-1: USB disconnect, device number 11 [ 334.584630][ T7244] EXT4-fs (loop1): 1 truncate cleaned up [ 334.593028][ T7244] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 334.986851][ T5817] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 335.963504][ T5112] Bluetooth: hci4: command 0x041b tx timeout [ 336.772072][ T7281] loop5: detected capacity change from 0 to 64 [ 336.913536][ T2994] Bluetooth: hci5: Frame reassembly failed (-84) [ 338.947113][ T50] Bluetooth: hci5: command 0x1003 tx timeout [ 339.033312][ T5112] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 339.062823][ C0] hrtimer: interrupt took 257223 ns [ 339.521150][ C0] vcan0: j1939_tp_rxtimer: 0xffff88804f4ed400: rx timeout, send abort [ 339.531221][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88804f4ed400: 0x1f000: (3) A timeout occurred and this is the connection abort to close the session. [ 340.241107][ T7300] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 342.771459][ T4430] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 342.777135][ T3473] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 342.779693][ T4430] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 342.787532][ T3473] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 342.900808][ T7266] Set syz1 is full, maxelem 65536 reached [ 346.815233][ T7377] loop6: detected capacity change from 0 to 128 [ 347.256199][ T7382] loop5: detected capacity change from 0 to 512 [ 347.339462][ T7382] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #15: comm syz.5.478: casefold flag without casefold feature [ 347.367794][ T7382] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.478: couldn't read orphan inode 15 (err -117) [ 347.394173][ T7382] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 347.742345][ T2994] kworker/u8:10: attempt to access beyond end of device [ 347.742345][ T2994] loop6: rw=1, sector=145, nr_sectors = 896 limit=128 [ 348.236523][ T6982] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 348.753116][ T5904] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 348.856243][ T9] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 348.939970][ T5904] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 348.949819][ T5904] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 348.958325][ T5904] usb 7-1: Product: syz [ 348.963036][ T5904] usb 7-1: Manufacturer: syz [ 348.967859][ T5904] usb 7-1: SerialNumber: syz [ 349.108143][ T9] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 349.119656][ T9] usb 6-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 349.129809][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 349.158667][ T9] usb 6-1: config 0 descriptor?? [ 349.206006][ T9] pwc: Askey VC010 type 2 USB webcam detected. [ 349.632562][ T9] pwc: recv_control_msg error -32 req 02 val 2b00 [ 349.654442][ T9] pwc: recv_control_msg error -32 req 02 val 2700 [ 349.674009][ T9] pwc: recv_control_msg error -32 req 02 val 2c00 [ 349.893285][ T9] pwc: recv_control_msg error -71 req 04 val 1300 [ 349.916002][ T9] pwc: recv_control_msg error -71 req 04 val 1400 [ 349.933458][ T9] pwc: recv_control_msg error -71 req 02 val 2000 [ 349.958131][ T9] pwc: recv_control_msg error -71 req 02 val 2100 [ 349.984100][ T9] pwc: recv_control_msg error -71 req 04 val 1500 [ 350.005365][ T9] pwc: recv_control_msg error -71 req 02 val 2500 [ 350.023999][ T9] pwc: recv_control_msg error -71 req 02 val 2400 [ 350.032641][ T9] pwc: recv_control_msg error -71 req 02 val 2600 [ 350.043224][ T9] pwc: recv_control_msg error -71 req 02 val 2900 [ 350.070109][ T9] pwc: recv_control_msg error -71 req 02 val 2800 [ 350.087433][ T9] pwc: recv_control_msg error -71 req 04 val 1100 [ 350.118321][ T9] pwc: recv_control_msg error -71 req 04 val 1200 [ 350.133484][ T7410] loop7: detected capacity change from 0 to 512 [ 350.141868][ C0] vcan0: j1939_tp_rxtimer: 0xffff88804f499e00: rx timeout, send abort [ 350.151950][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88804f499e00: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session. [ 350.184970][ T9] pwc: Registered as video103. [ 350.193336][ T9] input: PWC snapshot button as /devices/platform/dummy_hcd.5/usb6/6-1/input/input16 [ 350.220256][ T5904] cdc_ncm 7-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 350.227495][ T5904] cdc_ncm 7-1:1.0: setting tx_max = 184 [ 350.266246][ T7410] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 350.280760][ T7410] ext4 filesystem being mounted at /7/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 350.323665][ T9] usb 6-1: USB disconnect, device number 2 [ 350.425507][ T5904] cdc_ncm 7-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.6-1, CDC NCM (NO ZLP), 42:42:42:42:42:42 [ 350.517458][ T7410] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 350.544343][ T5904] usb 7-1: USB disconnect, device number 2 [ 350.552118][ T5904] cdc_ncm 7-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.6-1, CDC NCM (NO ZLP) [ 350.757338][ T7097] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 351.313375][ T5904] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 351.339631][ T7427] loop4: detected capacity change from 0 to 128 [ 351.356918][ T7427] EXT4-fs (loop4): Test dummy encryption mode enabled [ 351.366050][ T5868] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 351.424904][ T7427] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 351.475632][ T7427] ext4 filesystem being mounted at /122/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 351.484556][ T7430] loop6: detected capacity change from 0 to 128 [ 351.497679][ T7430] EXT4-fs: Ignoring removed nobh option [ 351.513209][ T5904] usb 2-1: Using ep0 maxpacket: 32 [ 351.530830][ T5904] usb 2-1: config 0 has an invalid interface number: 230 but max is 0 [ 351.542325][ T5904] usb 2-1: config 0 has no interface number 0 [ 351.545047][ T5868] usb 8-1: Using ep0 maxpacket: 32 [ 351.549613][ T5904] usb 2-1: config 0 interface 230 has no altsetting 0 [ 351.583221][ T7430] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 351.604121][ T5868] usb 8-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0 [ 351.614595][ T5868] usb 8-1: config 0 interface 0 altsetting 16 endpoint 0x3 has invalid wMaxPacketSize 0 [ 351.625574][ T5868] usb 8-1: config 0 interface 0 altsetting 16 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 351.631646][ T7430] ext4 filesystem being mounted at /11/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 351.642888][ T5868] usb 8-1: config 0 interface 0 has no altsetting 0 [ 351.660573][ T5868] usb 8-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00 [ 351.670130][ T5868] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 351.684919][ T5868] usb 8-1: config 0 descriptor?? [ 351.717719][ T5904] usb 2-1: New USB device found, idVendor=0781, idProduct=0005, bcdDevice= 0.05 [ 351.728058][ T5904] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 351.736448][ T5904] usb 2-1: Product: syz [ 351.742546][ T5904] usb 2-1: Manufacturer: syz [ 351.748101][ T5904] usb 2-1: SerialNumber: syz [ 351.811597][ T5904] usb 2-1: config 0 descriptor?? [ 351.845309][ T5904] ums-usbat 2-1:0.230: USB Mass Storage device detected [ 351.872340][ T5904] ums-usbat 2-1:0.230: Quirks match for vid 0781 pid 0005: 1 [ 352.091066][ T5822] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 352.172410][ T6997] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 352.209108][ T5868] hid-thrustmaster 0003:044F:B65D.000D: unknown main item tag 0x0 [ 352.218802][ T5868] hid-thrustmaster 0003:044F:B65D.000D: unknown main item tag 0x0 [ 352.229143][ T5868] hid-thrustmaster 0003:044F:B65D.000D: unknown main item tag 0x0 [ 352.239266][ T5868] hid-thrustmaster 0003:044F:B65D.000D: unknown main item tag 0x0 [ 352.249241][ T5868] hid-thrustmaster 0003:044F:B65D.000D: unknown main item tag 0x0 [ 352.383957][ T5868] hid-thrustmaster 0003:044F:B65D.000D: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.7-1/input0 [ 352.400813][ T5868] hid-thrustmaster 0003:044F:B65D.000D: Unexpected non-int endpoint [ 352.416585][ C1] hid-thrustmaster 0003:044F:B65D.000D: URB to get model id failed with error -71 [ 352.462536][ T5868] usb 8-1: USB disconnect, device number 2 [ 352.784746][ T42] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 352.993000][ T42] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 353.004439][ T42] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 353.014733][ T42] usb 7-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 353.024241][ T42] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 353.076092][ T42] usb 7-1: config 0 descriptor?? [ 353.429085][ T7449] loop7: detected capacity change from 0 to 256 [ 353.913373][ T5877] usb 5-1: new full-speed USB device number 12 using dummy_hcd [ 354.103413][ T5877] usb 5-1: config 0 has an invalid interface number: 151 but max is 0 [ 354.112516][ T5877] usb 5-1: config 0 has no interface number 0 [ 354.119449][ T5877] usb 5-1: config 0 interface 151 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 10 [ 354.165930][ T5904] ums-usbat 2-1:0.230: probe with driver ums-usbat failed with error -5 [ 354.223736][ T5877] usb 5-1: New USB device found, idVendor=0499, idProduct=63b7, bcdDevice=68.2f [ 354.233564][ T5877] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 354.241865][ T5877] usb 5-1: Product: syz [ 354.246583][ T5877] usb 5-1: Manufacturer: syz [ 354.251395][ T5877] usb 5-1: SerialNumber: syz [ 354.269086][ T42] input: HID 256c:006d as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:256C:006D.000E/input/input17 [ 354.290397][ T5877] usb 5-1: config 0 descriptor?? [ 354.424951][ T42] input: HID 256c:006d as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:256C:006D.000E/input/input18 [ 354.470419][ T42] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:256C:006D.000E/input/input19 [ 354.546611][ T5877] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 354.557192][ T5877] usb 5-1: invalid MIDI in EP 0 [ 354.596132][ T42] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:256C:006D.000E/input/input20 [ 354.794462][ T42] uclogic 0003:256C:006D.000E: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.6-1/input0 [ 354.865604][ T5877] snd-usb-audio 5-1:0.151: probe with driver snd-usb-audio failed with error -22 [ 354.892105][ T42] usb 7-1: USB disconnect, device number 3 [ 354.938593][ T5877] usb 5-1: USB disconnect, device number 12 [ 355.650503][ T7458] loop6: detected capacity change from 0 to 512 [ 355.663692][ T7458] EXT4-fs: Ignoring removed nobh option [ 355.780808][ T7458] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #3: comm syz.6.506: corrupted inode contents [ 355.826556][ T5904] usb 2-1: USB disconnect, device number 8 [ 355.844867][ T7458] EXT4-fs error (device loop6): ext4_dirty_inode:6538: inode #3: comm syz.6.506: mark_inode_dirty error [ 355.867296][ T7458] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #3: comm syz.6.506: corrupted inode contents [ 355.888910][ T7458] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #3: comm syz.6.506: mark_inode_dirty error [ 355.943284][ C1] vcan0: j1939_tp_rxtimer: 0xffff888021957200: rx timeout, send abort [ 355.963557][ T7458] Quota error (device loop6): write_blk: dquota write failed [ 355.971842][ T7458] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 355.982486][ T7458] EXT4-fs error (device loop6): ext4_acquire_dquot:6937: comm syz.6.506: Failed to acquire dquot type 0 [ 356.054545][ T7458] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.506: corrupted inode contents [ 356.083635][ T7458] EXT4-fs error (device loop6): ext4_dirty_inode:6538: inode #16: comm syz.6.506: mark_inode_dirty error [ 356.090087][ T7466] loop1: detected capacity change from 0 to 128 [ 356.116548][ T7458] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.506: corrupted inode contents [ 356.131323][ T7458] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #16: comm syz.6.506: mark_inode_dirty error [ 356.158813][ T7458] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.506: corrupted inode contents [ 356.175734][ T7466] EXT4-fs (loop1): Test dummy encryption mode enabled [ 356.179178][ T7458] EXT4-fs error (device loop6) in ext4_orphan_del:305: Corrupt filesystem [ 356.194965][ T7466] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 356.211868][ T7466] ext4 filesystem being mounted at /121/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 356.213295][ T7468] loop5: detected capacity change from 0 to 1024 [ 356.234828][ T7458] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.506: corrupted inode contents [ 356.257856][ T7458] EXT4-fs error (device loop6): ext4_truncate:4666: inode #16: comm syz.6.506: mark_inode_dirty error [ 356.281241][ T7458] EXT4-fs error (device loop6) in ext4_process_orphan:347: Corrupt filesystem [ 356.296107][ T7458] EXT4-fs (loop6): 1 truncate cleaned up [ 356.304570][ T7458] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 356.318024][ T7458] ext4 filesystem being mounted at /13/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 356.363276][ T5904] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 356.444284][ C1] vcan0: j1939_tp_rxtimer: 0xffff88804f42ee00: rx timeout, send abort [ 356.455894][ C1] vcan0: j1939_tp_rxtimer: 0xffff888021957200: abort rx timeout. Force session deactivation [ 356.557907][ T5904] usb 8-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 356.567744][ T5904] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 356.589456][ T5904] usb 8-1: config 0 descriptor?? [ 356.607272][ T5817] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 356.636183][ T5904] cp210x 8-1:0.0: cp210x converter detected [ 356.758204][ T3659] hfsplus: b-tree write err: -5, ino 3 [ 356.961609][ C1] vcan0: j1939_tp_rxtimer: 0xffff88804f42ee00: abort rx timeout. Force session deactivation [ 357.040582][ T7473] loop4: detected capacity change from 0 to 1024 [ 357.262622][ T7470] loop7: detected capacity change from 0 to 736 [ 357.350225][ T7473] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 357.382286][ T42] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 357.513092][ T5904] cp210x 8-1:0.0: failed to get vendor val 0x0010 size 3: -32 [ 357.534548][ T30] audit: type=1800 audit(1755751892.442:11): pid=7473 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.513" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 357.564061][ T42] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 357.579941][ T42] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 357.584922][ T5904] usb 8-1: cp210x converter now attached to ttyUSB0 [ 357.592472][ T42] usb 6-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 357.606949][ T42] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 357.624575][ T42] usb 6-1: config 0 descriptor?? [ 357.746506][ T5904] usb 8-1: USB disconnect, device number 3 [ 357.799784][ T5904] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 357.858299][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 357.865111][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 357.916084][ T5904] cp210x 8-1:0.0: device disconnected [ 357.976907][ T4083] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 358.037016][ T6997] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 358.156612][ T4083] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 358.167775][ T42] cm6533_jd 0003:0D8C:0022.000F: unknown main item tag 0x0 [ 358.168078][ T42] cm6533_jd 0003:0D8C:0022.000F: unknown main item tag 0x0 [ 358.228896][ T4430] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 358.245112][ T42] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0D8C:0022.000F/input/input21 [ 358.279385][ T4430] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1024 with error 28 [ 358.296978][ T4430] EXT4-fs (loop4): This should not happen!! Data will be lost [ 358.296978][ T4430] [ 358.308116][ T4430] EXT4-fs (loop4): Total free blocks count 0 [ 358.314471][ T4430] EXT4-fs (loop4): Free/Dirty block details [ 358.320554][ T4430] EXT4-fs (loop4): free_blocks=68451041280 [ 358.326718][ T4430] EXT4-fs (loop4): dirty_blocks=1040 [ 358.332189][ T4430] EXT4-fs (loop4): Block reservation details [ 358.338585][ T4430] EXT4-fs (loop4): i_reserved_data_blocks=65 [ 358.372292][ T42] cm6533_jd 0003:0D8C:0022.000F: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.5-1/input0 [ 358.446918][ T7477] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 358.456753][ T7477] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 358.490247][ T4430] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 28 [ 358.503507][ T4083] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 358.634074][ T9] usb 6-1: USB disconnect, device number 3 [ 358.672217][ T7482] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 358.781862][ T4083] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 358.970252][ T7482] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 359.196371][ T7482] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 359.397595][ T4083] bridge_slave_1: left allmulticast mode [ 359.404398][ T4083] bridge_slave_1: left promiscuous mode [ 359.411010][ T4083] bridge0: port 2(bridge_slave_1) entered disabled state [ 359.433804][ T4083] bridge_slave_0: left allmulticast mode [ 359.439693][ T4083] bridge_slave_0: left promiscuous mode [ 359.446555][ T4083] bridge0: port 1(bridge_slave_0) entered disabled state [ 359.974375][ T4083] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 359.992498][ T4083] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 360.014140][ T4083] bond0 (unregistering): Released all slaves [ 360.150008][ T7482] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 360.440144][ T2994] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 360.558095][ T4083] hsr_slave_0: left promiscuous mode [ 360.585352][ T4083] hsr_slave_1: left promiscuous mode [ 360.593673][ T4083] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 360.601298][ T4083] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 360.635915][ T4083] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 360.643777][ T4083] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 360.754786][ T4083] veth1_macvtap: left promiscuous mode [ 360.760582][ T4083] veth0_macvtap: left promiscuous mode [ 360.768785][ T4083] veth1_vlan: left promiscuous mode [ 360.774719][ T4083] veth0_vlan: left promiscuous mode [ 360.788418][ T7490] loop4: detected capacity change from 0 to 7 [ 360.810771][ T7490] Dev loop4: unable to read RDB block 7 [ 360.816998][ T7490] loop4: AHDI p3 p4 [ 360.821259][ T7490] loop4: partition table partially beyond EOD, truncated [ 360.829097][ T7490] loop4: p3 size 4227858431 extends beyond EOD, truncated [ 360.958735][ T30] audit: type=1326 audit(1755751895.942:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7489 comm="syz.7.521" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70ee539 code=0x0 [ 361.681210][ T50] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 361.707523][ T50] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 361.718118][ T50] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 361.732113][ T50] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 361.744118][ T50] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 361.790202][ T4083] team0 (unregistering): Port device team_slave_1 removed [ 361.821845][ T4083] team0 (unregistering): Port device team_slave_0 removed [ 362.053400][ T12] ===================================================== [ 362.061351][ T12] BUG: KMSAN: uninit-value in n_tty_receive_buf_standard+0xad2/0x98a0 [ 362.070901][ T12] n_tty_receive_buf_standard+0xad2/0x98a0 [ 362.077895][ T12] n_tty_receive_buf_common+0x1a68/0x2540 [ 362.088016][ T12] n_tty_receive_buf2+0x4c/0x60 [ 362.094994][ T12] tty_ldisc_receive_buf+0xc6/0x2c0 [ 362.101154][ T12] tty_port_default_receive_buf+0xd7/0x1a0 [ 362.108510][ T12] flush_to_ldisc+0x43e/0xe30 [ 362.114376][ T12] process_scheduled_works+0xb8e/0x1d80 [ 362.120833][ T12] worker_thread+0xedf/0x1590 [ 362.126635][ T12] kthread+0xd59/0xf00 [ 362.131508][ T12] ret_from_fork+0x1e3/0x310 [ 362.137132][ T12] ret_from_fork_asm+0x1a/0x30 [ 362.142926][ T12] [ 362.146023][ T12] Uninit was created at: [ 362.151166][ T12] __kmalloc_noprof+0x95f/0x1310 [ 362.157213][ T12] __tty_buffer_request_room+0x3d4/0x7a0 [ 362.163821][ T12] __tty_insert_flip_string_flags+0x157/0x6f0 [ 362.170848][ T12] uart_insert_char+0x368/0x930 [ 362.176672][ T12] serial8250_read_char+0x1ba/0x670 [ 362.186032][ T12] serial8250_handle_irq+0x930/0x1110 [ 362.193530][ T12] serial8250_default_handle_irq+0x116/0x330 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 362.200471][ T12] serial8250_interrupt+0xcb/0x400 [ 362.206669][ T12] __handle_irq_event_percpu+0x11c/0xbf0 [ 362.213405][ T12] handle_irq_event+0xe0/0x2a0 [ 362.219176][ T12] handle_edge_irq+0x2a9/0xb50 [ 362.224971][ T12] __common_interrupt+0x9d/0x180 [ 362.232375][ T12] common_interrupt+0x94/0xb0 [ 362.238626][ T12] asm_common_interrupt+0x2b/0x40 [ 362.244662][ T12] [ 362.247861][ T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Tainted: G W syzkaller #0 PREEMPT(none) [ 362.259938][ T12] Tainted: [W]=WARN [ 362.264649][ T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 362.275773][ T12] Workqueue: events_unbound flush_to_ldisc [ 362.282561][ T12] ===================================================== [ 362.294575][ T12] Disabling lock debugging due to kernel taint [ 362.303607][ T12] Kernel panic - not syncing: kmsan.panic set ... [ 362.310192][ T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Tainted: G B W syzkaller #0 PREEMPT(none) [ 362.321261][ T12] Tainted: [B]=BAD_PAGE, [W]=WARN [ 362.326398][ T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 362.336605][ T12] Workqueue: events_unbound flush_to_ldisc [ 362.342746][ T12] Call Trace: [ 362.346133][ T12] [ 362.349163][ T12] __dump_stack+0x26/0x30 [ 362.353709][ T12] dump_stack_lvl+0x53/0x270 [ 362.358530][ T12] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 362.364551][ T12] dump_stack+0x1e/0x25 [ 362.368915][ T12] vpanic+0x361/0xc50 [ 362.373125][ T12] panic+0x15d/0x160 [ 362.377292][ T12] kmsan_report+0x31c/0x320 [ 362.381978][ T12] ? common_interrupt+0x5e/0xb0 [ 362.387052][ T12] ? __msan_warning+0x1b/0x30 [ 362.391900][ T12] ? n_tty_receive_buf_standard+0xad2/0x98a0 [ 362.398144][ T12] ? n_tty_receive_buf_common+0x1a68/0x2540 [ 362.404265][ T12] ? n_tty_receive_buf2+0x4c/0x60 [ 362.409515][ T12] ? tty_ldisc_receive_buf+0xc6/0x2c0 [ 362.415077][ T12] ? tty_port_default_receive_buf+0xd7/0x1a0 [ 362.421274][ T12] ? flush_to_ldisc+0x43e/0xe30 [ 362.426313][ T12] ? process_scheduled_works+0xb8e/0x1d80 [ 362.432262][ T12] ? worker_thread+0xedf/0x1590 [ 362.437325][ T12] ? kthread+0xd59/0xf00 [ 362.441725][ T12] ? ret_from_fork+0x1e3/0x310 [ 362.446651][ T12] ? ret_from_fork_asm+0x1a/0x30 [ 362.451834][ T12] ? kmsan_get_metadata+0xfb/0x160 [ 362.457148][ T12] ? kmsan_get_metadata+0x150/0x160 [ 362.462546][ T12] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 362.469072][ T12] ? kmsan_get_metadata+0x150/0x160 [ 362.474468][ T12] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 362.480488][ T12] ? n_tty_receive_char+0xfae/0x1440 [ 362.486054][ T12] ? kmsan_get_metadata+0xfb/0x160 [ 362.491366][ T12] __msan_warning+0x1b/0x30 [ 362.496034][ T12] n_tty_receive_buf_standard+0xad2/0x98a0 [ 362.502119][ T12] ? kmsan_get_metadata+0xfb/0x160 [ 362.507441][ T12] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 362.513469][ T12] ? __update_load_avg_se+0xd02/0x11c0 [ 362.519207][ T12] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 362.525792][ T12] n_tty_receive_buf_common+0x1a68/0x2540 [ 362.531795][ T12] ? _raw_spin_trylock_bh+0x91/0xc0 [ 362.537203][ T12] ? stack_depot_save_flags+0x35/0x7b0 [ 362.542926][ T12] n_tty_receive_buf2+0x4c/0x60 [ 362.548006][ T12] ? __pfx_n_tty_receive_buf2+0x10/0x10 [ 362.553749][ T12] tty_ldisc_receive_buf+0xc6/0x2c0 [ 362.559147][ T12] tty_port_default_receive_buf+0xd7/0x1a0 [ 362.565146][ T12] flush_to_ldisc+0x43e/0xe30 [ 362.570009][ T12] ? __pfx_tty_port_default_receive_buf+0x10/0x10 [ 362.576609][ T12] ? __pfx_flush_to_ldisc+0x10/0x10 [ 362.582004][ T12] process_scheduled_works+0xb8e/0x1d80 [ 362.587814][ T12] worker_thread+0xedf/0x1590 [ 362.592747][ T12] kthread+0xd59/0xf00 [ 362.596993][ T12] ? __pfx_worker_thread+0x10/0x10 [ 362.602322][ T12] ? __pfx_kthread+0x10/0x10 [ 362.607070][ T12] ret_from_fork+0x1e3/0x310 [ 362.611844][ T12] ? __pfx_kthread+0x10/0x10 [ 362.616599][ T12] ret_from_fork_asm+0x1a/0x30 [ 362.621585][ T12] [ 362.625063][ T12] Kernel Offset: disabled [ 362.629460][ T12] Rebooting in 86400 seconds..