last executing test programs: 7.092213954s ago: executing program 3 (id=2027): syz_emit_vhci(&(0x7f0000001740)=ANY=[@ANYBLOB="040e040805200f"], 0x7) socket$inet6_tcp(0xa, 0x1, 0x0) 7.071348294s ago: executing program 3 (id=2029): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r0, &(0x7f0000000100)={0xa, 0xfffe, 0x3, @mcast2={0xff, 0x3}}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000)="846bb66f", 0x5ac, 0x0, 0x0, 0xfffffffffffffec8) 7.010517935s ago: executing program 3 (id=2030): mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000080)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@uuid_off}]}) lsetxattr$trusted_overlay_opaque(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140), 0x0, 0x0, 0x1) 6.912202796s ago: executing program 3 (id=2032): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000240)) 6.873993457s ago: executing program 3 (id=2034): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000"], 0x7c}}, 0x40000) sendmsg$NFT_BATCH(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWRULE={0x40, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @target={{0xb}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x20, 0x0, 0x0, {0x7}}}, 0x68}, 0x1, 0x0, 0x0, 0x8010}, 0x4000800) 6.794627738s ago: executing program 3 (id=2036): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f00000010c0)={0x44, &(0x7f0000000080)=ANY=[@ANYBLOB="00000100000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000200)={0x24, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000440)={0x2c, &(0x7f0000000240)={0x40, 0x14, 0x49, "086290c08df83dc472ceccd0a64ad37e4c2727f67199bb2b375506805bf6f580bd3532aeea7d6fef5939a10a7bdb3337449f780c45a62e562825b5f3c6de8d0021d3c5f89d63b1e53e"}, 0x0, 0x0, 0x0, 0x0}) 2.036889499s ago: executing program 0 (id=2103): r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) close(r0) openat$rtc(0xffffffffffffff9c, &(0x7f0000000240), 0xa400, 0x0) r1 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x1) mount$9p_fd(0x0, &(0x7f0000000680)='./file0\x00', 0x0, 0x14c98, &(0x7f0000002780)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) 2.01154941s ago: executing program 2 (id=2105): r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x2, 0x2, 0x0, 0x4002004c4, 0x1004, 0x8000000000000000, 0xc595, 0x0, 0x1, 0xffffffffffffffff, 0x2000000000000000, 0xb3, 0x8d], 0xeeee8000, 0x2010d3}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.725291254s ago: executing program 0 (id=2107): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x40000) sendmsg$NFT_BATCH(r0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8010}, 0x4000800) 1.607847516s ago: executing program 2 (id=2108): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_open_dev$radio(0x0, 0x0, 0x2) ioctl$VIDIOC_LOG_STATUS(r1, 0x5646, 0x0) socket$nl_audit(0x10, 0x3, 0x9) r2 = gettid() openat$cuse(0xffffffffffffff9c, 0x0, 0x2842, 0x0) r3 = getpid() r4 = epoll_create1(0x80000) kcmp$KCMP_EPOLL_TFD(r2, r3, 0x7, r0, &(0x7f0000000000)={r4, 0xffffffffffffffff, 0x49d}) 1.37996675s ago: executing program 2 (id=2110): kexec_load(0x3, 0x1, &(0x7f00000005c0)=[{&(0x7f0000000100)="047715ac7141c111fab2fcda5de4dc8b278029bcb1bd17524f177856cac105f463c77e2d2ab44d875217dc82baa911f236f959fb9227524d4fe6b621a19823457d04c399283edbac755852623c82f7206d26e918a2981c8f68476969bf8c4bcd37ba24e4ba1683339879a11b854a7478f898805f327af12eaab8", 0x7a, 0x5, 0xffffffff}], 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000003c00)={0x0, 0x0, &(0x7f0000000700)=[{0x0}, {0x0}, {&(0x7f0000000740)}], 0x3}, 0x41) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000280), 0x80, 0x0) sendmmsg$alg(r2, &(0x7f0000007640)=[{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000740)="bd9c629b909dddebc0508bf412865663aded7919352b141faa7dc00680ce5a44ff1ed1c813c6c1e58e28c509cd269d0e79fff4d2ea4c1da69fa672c4f5eb15788aa929e9f5c94e443cf68a1759ee805958a7c76c8c7f11a39ea32c019c2f2c8cce48d92d659f623081974c0135dc1fe2a057f725a843c083e0620ffa607d3b9570a5b4094fca255491844b3d5cb63bab3d76ad07f9503d1450f1fb860b18ac983285f983e51262c539312073482f1538d9588323b836e6e2b7704dff3cbf89c2b828c7613310eafd664c946b1a6728154b1877257a8abe3d983344da083b86aee35e6b", 0xe3}], 0x1, &(0x7f00000002c0)=ANY=[@ANYBLOB="680000000000000017010000020000004f000000bd19a432ebf20eb0a0ee39d005e869fe74b9842d9c92be0054aa20f9dbfeb8e59fa49c486a1a51c45c98c886185e506d1cf93255718fc79d6b6d1d434c678807c5ab4264c8ba94065d11d8ee27dd16000000000018000000000000001701000004000000060000000000000036b01a06bfa0450a95c85e192c3e04beaa663010259f815dcdb6cf3c57b707d8"], 0x80, 0x40800}, {0x0, 0x0, &(0x7f0000003900)=[{&(0x7f00000009c0)="c2debd9e2d4617d17e01e704d3576f8b26b757ffa164a105efcaa28e5d52d4383258c148e95e4ee927dab4ba9cdbf4dbf6b0e19f8b7e9a95211ec6aedfd78a09200b7076afabdae9c87c6837e202845b6cf3ac6b728856d66eef2860", 0x5c}, {&(0x7f0000000b40)="86545d2157646172b815818bfd0e14575562668985793802", 0x18}, {&(0x7f0000000b80)="0d4842ef613cd072196eae2d74d31c309df1c61a888039b1a23acbea852fb54afae1761845284c6e484aa5154a2b418ffe2ac1d6363010c9d8f2d75a71eb558492027148", 0x44}, {&(0x7f0000000c40)="176d6b3905505e2a41391bf6fd66d8ad4ebc86e07694005204b0151bfa8dc581a5be209d8850a950791f10f76de79651272a11f6d7267276ff1596a47826a90a0b74b425d8ff2bbea5c5732f69a908c45b4b348abc24d2cd2031a9508ef8e3594bd12ebc38c466f76d6ff3618471f4f6574e1043766375eb889750ca25429f976089462bf1b689280ebc67640f4534eef4b7ffd85963bc5d8b114670c00f76cbdd722662dce5fc58daf323bf987ef7d646a99794c02b62b30e189691c4be9094ea58e9df", 0xc4}], 0x4, 0x0, 0x0, 0xc0}], 0x2, 0x48040) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5) r4 = accept4(r3, 0x0, 0x0, 0x800) sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 1.379817059s ago: executing program 0 (id=2111): mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x8000, 0x10103) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f0000000000), 0x1000000, 0x0) read$FUSE(r0, &(0x7f00000020c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_LK(r0, &(0x7f0000004100)={0x28, 0x0, r1, {{0x6, 0x1, 0xd262d3d7e7d9af3}}}, 0x28) 1.248039121s ago: executing program 0 (id=2112): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x4, 0x7, 0x3, 0x180, 0x2, 0xc, 0xf1, 0xfab3, 0x3, 0x5, 0x0, 0xd, 0x0, 0x6, 0x0, 0xbd9], 0x1000, 0x43102}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000300)={[0x7, 0x1000000000, 0x0, 0x200000000000043, 0x7, 0x0, 0x2004cb, 0x0, 0xa7c, 0x68ff, 0x7, 0x8000000009, 0x803, 0x0, 0x9], 0x8003000, 0x202}) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x119000, 0x1, 0x8, 0x8, 0xb, 0xe6, 0x40, 0x0, 0x0, 0x81, 0x80}, {0x5000, 0x3000, 0x10, 0x0, 0x42, 0x5, 0x75, 0x3, 0x36, 0xfe, 0x2, 0x87}, {0xb000, 0xdddd0000, 0xe, 0x5, 0x3, 0x1, 0x0, 0x9, 0x1, 0xa4, 0x5, 0x8}, {0x1, 0xeeee0000, 0x19, 0x6, 0x2, 0x42, 0x0, 0xff, 0x3, 0x7, 0x6}, {0xf000, 0xd000, 0xf, 0x3, 0x12, 0x7, 0xa9, 0x8, 0x9, 0x9, 0xfa, 0x97}, {0xeeefa000, 0xdddd0000, 0xd, 0xa0, 0x1, 0x8, 0x1, 0xa0, 0x82, 0x2f, 0x1, 0x7}, {0x3000, 0xb000, 0xf, 0x5, 0x7, 0x5, 0x7, 0x3, 0x8, 0x81, 0x40, 0x70}, {0x60000, 0x4000, 0xa, 0x0, 0xcd, 0x7, 0xb, 0x9, 0x2, 0x5, 0xb0, 0x81}, {0xeeef0000, 0x30}, {0x9000, 0x9}, 0x80000031, 0x0, 0xc000, 0x2024, 0x800000a, 0xc001, 0x100000, [0xe5b5, 0x4, 0x3, 0x8]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.057805074s ago: executing program 2 (id=2113): r0 = semget(0x1, 0x5, 0x6b4) semtimedop(r0, &(0x7f0000000140)=[{0x0, 0x5}], 0x1, &(0x7f00000001c0)={0x0, 0x3938700}) 940.083946ms ago: executing program 2 (id=2114): r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) close(r0) openat$rtc(0xffffffffffffff9c, &(0x7f0000000240), 0xa400, 0x0) fsopen(&(0x7f0000000000)='ramfs\x00', 0x1) mount$9p_fd(0x0, &(0x7f0000000680)='./file0\x00', &(0x7f0000000380), 0x14c98, 0x0) 917.915477ms ago: executing program 0 (id=2115): r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x2, 0x2, 0x0, 0x4002004c4, 0x1004, 0x8000000000000000, 0xc595, 0x0, 0x1, 0xffffffffffffffff, 0x2000000000000000, 0xb3, 0x8d], 0xeeee8000, 0x2010d3}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 852.352217ms ago: executing program 2 (id=2117): futex(&(0x7f0000000000)=0x1, 0xd, 0xfffffffe, 0x0, 0x0, 0xffffffff) futex(&(0x7f000000cffc), 0x5, 0x4, 0x0, 0x0, 0x4ffffff) 694.66062ms ago: executing program 1 (id=2118): r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x2, 0x80800) ioctl$SNDRV_CTL_IOCTL_ELEM_LIST(r0, 0xc0505510, &(0x7f0000000340)={0x6, 0x1, 0x399, 0x3, &(0x7f0000000140)=[{}]}) 592.014211ms ago: executing program 1 (id=2119): mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x8000, 0x10103) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f0000000000), 0x1000000, &(0x7f0000000380)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}}) read$FUSE(r0, 0x0, 0x0) write$FUSE_LK(r0, &(0x7f0000004100)={0x28, 0x0, 0x0, {{0x6, 0x1, 0xd262d3d7e7d9af3}}}, 0x28) 582.194541ms ago: executing program 0 (id=2120): kexec_load(0x3, 0x1, &(0x7f00000005c0)=[{&(0x7f0000000100)="047715ac7141c111fab2fcda5de4dc8b278029bcb1bd17524f177856cac105f463c77e2d2ab44d875217dc82baa911f236f959fb9227524d4fe6b621a19823457d04c399283edbac755852623c82f7206d26e918a2981c8f68476969bf8c4bcd37ba24e4ba1683339879a11b854a7478f898805f327af12eaab8", 0x7a, 0x5, 0xffffffff}], 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000003c00)={0x0, 0x0, &(0x7f0000000700)=[{0x0}, {0x0}, {&(0x7f0000000740)}], 0x3}, 0x41) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000280), 0x80, 0x0) sendmmsg$alg(r2, &(0x7f0000007640)=[{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000740)="bd9c629b909dddebc0508bf412865663aded7919352b141faa7dc00680ce5a44ff1ed1c813c6c1e58e28c509cd269d0e79fff4d2ea4c1da69fa672c4f5eb15788aa929e9f5c94e443cf68a1759ee805958a7c76c8c7f11a39ea32c019c2f2c8cce48d92d659f623081974c0135dc1fe2a057f725a843c083e0620ffa607d3b9570a5b4094fca255491844b3d5cb63bab3d76ad07f9503d1450f1fb860b18ac983285f983e51262c539312073482f1538d9588323b836e6e2b7704dff3cbf89c2b828c7613310eafd664c946b1a6728154b1877257a8abe3d983344da083b86aee35e6b", 0xe3}], 0x1, &(0x7f00000002c0)=ANY=[@ANYBLOB="680000000000000017010000020000004f000000bd19a432ebf20eb0a0ee39d005e869fe74b9842d9c92be0054aa20f9dbfeb8e59fa49c486a1a51c45c98c886185e506d1cf93255718fc79d6b6d1d434c678807c5ab4264c8ba94065d11d8ee27dd16000000000018000000000000001701000004000000060000000000000036b01a06bfa0450a95c85e192c3e04beaa663010259f815dcdb6cf3c57b707d8"], 0x80, 0x40800}, {0x0, 0x0, &(0x7f0000003900)=[{&(0x7f00000009c0)="c2debd9e2d4617d17e01e704d3576f8b26b757ffa164a105efcaa28e5d52d4383258c148e95e4ee927dab4ba9cdbf4dbf6b0e19f8b7e9a95211ec6aedfd78a09200b7076afabdae9c87c6837e202845b6cf3ac6b728856d66eef2860", 0x5c}, {&(0x7f0000000b40)="86545d2157646172b815818bfd0e14575562668985793802", 0x18}, {&(0x7f0000000b80)="0d4842ef613cd072196eae2d74d31c309df1c61a888039b1a23acbea852fb54afae1761845284c6e484aa5154a2b418ffe2ac1d6363010c9d8f2d75a71eb558492027148", 0x44}, {&(0x7f0000000c40)="176d6b3905505e2a41391bf6fd66d8ad4ebc86e07694005204b0151bfa8dc581a5be209d8850a950791f10f76de79651272a11f6d7267276ff1596a47826a90a0b74b425d8ff2bbea5c5732f69a908c45b4b348abc24d2cd2031a9508ef8e3594bd12ebc38c466f76d6ff3618471f4f6574e1043766375eb889750ca25429f976089462bf1b689280ebc67640f4534eef4b7ffd85963bc5d8b114670c00f76cbdd722662dce5fc58daf323bf987ef7d646a99794c02b62b30e189691c4be9094ea58e9df", 0xc4}], 0x4, 0x0, 0x0, 0xc0}], 0x2, 0x48040) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5) r4 = accept4(r3, 0x0, 0x0, 0x800) sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 469.855533ms ago: executing program 1 (id=2121): r0 = semget(0x1, 0x5, 0x6b4) semtimedop(r0, &(0x7f0000000140)=[{0x0, 0x5}], 0x1, &(0x7f00000001c0)={0x0, 0x3938700}) 287.975246ms ago: executing program 1 (id=2122): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x4, 0x7, 0x3, 0x180, 0x2, 0xc, 0xf1, 0xfab3, 0x3, 0x5, 0x0, 0xd, 0x0, 0x6, 0x0, 0xbd9], 0x1000, 0x43102}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000300)={[0x7, 0x1000000000, 0x0, 0x200000000000043, 0x7, 0x0, 0x2004cb, 0x0, 0xa7c, 0x68ff, 0x7, 0x8000000009, 0x803, 0x0, 0x9], 0x8003000, 0x202}) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x119000, 0x1, 0x8, 0x8, 0xb, 0xe6, 0x40, 0x0, 0x0, 0x81, 0x80}, {0x5000, 0x3000, 0x10, 0x0, 0x42, 0x5, 0x75, 0x3, 0x36, 0xfe, 0x2, 0x87}, {0xb000, 0xdddd0000, 0xe, 0x5, 0x3, 0x1, 0x0, 0x9, 0x1, 0xa4, 0x5, 0x8}, {0x1, 0xeeee0000, 0x19, 0x6, 0x2, 0x42, 0x0, 0xff, 0x3, 0x7, 0x6}, {0xf000, 0xd000, 0xf, 0x3, 0x12, 0x7, 0xa9, 0x8, 0x9, 0x9, 0xfa, 0x97}, {0xeeefa000, 0xdddd0000, 0xd, 0xa0, 0x1, 0x8, 0x1, 0xa0, 0x82, 0x2f, 0x1, 0x7}, {0x3000, 0xb000, 0xf, 0x5, 0x7, 0x5, 0x7, 0x3, 0x8, 0x81, 0x40, 0x70}, {0x60000, 0x4000, 0xa, 0x0, 0xcd, 0x7, 0xb, 0x9, 0x2, 0x5, 0xb0, 0x81}, {0xeeef0000, 0x30}, {0x9000, 0x9}, 0x80000031, 0x0, 0xc000, 0x2024, 0x800000a, 0xc001, 0x100000, [0xe5b5, 0x4, 0x3, 0x8]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 149.855138ms ago: executing program 1 (id=2123): syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_features={{0xb, 0xb}, {0x77, 0xc9, "a7a8c89f51aa95ef"}}}, 0xe) r0 = dup(0xffffffffffffffff) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2) 0s ago: executing program 1 (id=2124): syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a000008048002000905", @ANYBLOB="f7"], 0x0) kernel console output (not intermixed with test programs): 948922][ T9046] bond0: Error: Cannot enslave bond to itself. [ 429.014021][ T9080] bond0: Error: Cannot enslave bond to itself. [ 429.235642][ T9073] bond0: Error: Cannot enslave bond to itself. [ 429.328791][ T9088] overlayfs: failed to clone upperpath [ 429.442946][ T9090] netlink: 48 bytes leftover after parsing attributes in process `syz.0.722'. [ 434.122288][ T9128] bond0: Error: Cannot enslave bond to itself. [ 435.450515][ T9140] netlink: 48 bytes leftover after parsing attributes in process `syz.0.736'. [ 437.381433][ T9159] bond0: Error: Cannot enslave bond to itself. [ 437.641377][ T9167] bond0: Error: Cannot enslave bond to itself. [ 437.981416][ T27] audit: type=1800 audit(1782283772.091:8): pid=9170 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.743" name="file0" dev="overlay" ino=1017 res=0 errno=0 [ 438.093060][ T9176] loop0: detected capacity change from 0 to 512 [ 438.136596][ T9176] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 438.164823][ T9176] ext4 filesystem being mounted at /162/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 439.462206][ T9176] Bluetooth: hci4: Frame reassembly failed (-84) [ 439.476290][ T9176] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 439.492176][ T1091] Bluetooth: hci4: Frame reassembly failed (-84) [ 439.600420][ T9191] loop2: detected capacity change from 0 to 512 [ 439.637743][ T9191] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 439.657007][ T9191] ext4 filesystem being mounted at /177/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 440.278544][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 441.465660][ T9205] loop2: detected capacity change from 0 to 512 [ 441.500189][ T9205] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 441.513132][ T9205] ext4 filesystem being mounted at /179/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 441.669124][ T5782] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 441.669815][ T5786] Bluetooth: hci4: command 0x1003 tx timeout [ 442.138659][ T2947] Bluetooth: hci4: Frame reassembly failed (-84) [ 442.149005][ T9205] Bluetooth: hci4: Frame reassembly failed (-84) [ 442.159209][ T9205] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 442.464230][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 442.646490][ T9221] bond0: Error: Cannot enslave bond to itself. [ 444.138190][ T9231] loop0: detected capacity change from 0 to 512 [ 444.178395][ T9231] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 444.236975][ T9231] ext4 filesystem being mounted at /165/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 444.365529][ T5782] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 444.381666][ T5776] Bluetooth: hci4: command 0x1003 tx timeout [ 444.825308][ T9239] Bluetooth: hci5: Frame reassembly failed (-84) [ 444.859502][ T2947] Bluetooth: hci5: Frame reassembly failed (-84) [ 444.956584][ T9231] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 444.979153][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 445.199298][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 445.446792][ T9247] loop2: detected capacity change from 0 to 512 [ 445.503340][ T9247] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 445.539355][ T9247] ext4 filesystem being mounted at /181/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 446.106452][ T2947] Bluetooth: hci4: Frame reassembly failed (-84) [ 446.142325][ T9247] Bluetooth: hci4: Frame reassembly failed (-84) [ 446.153510][ T9247] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 447.040926][ T5782] Bluetooth: hci5: command 0x1003 tx timeout [ 447.040936][ T9240] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 447.438817][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 447.525277][ T9263] loop0: detected capacity change from 0 to 512 [ 447.547005][ T9263] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 447.560883][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 447.580887][ T9263] ext4 filesystem being mounted at /166/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 448.165224][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 448.340796][ T5786] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 448.340829][ T9240] Bluetooth: hci4: command 0x1003 tx timeout [ 449.419077][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 450.661354][ T9273] loop0: detected capacity change from 0 to 512 [ 450.819454][ T9284] loop2: detected capacity change from 0 to 512 [ 450.838547][ T9273] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 450.962393][ T9273] ext4 filesystem being mounted at /168/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 451.029604][ T9284] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 451.114900][ T9284] ext4 filesystem being mounted at /183/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 452.223252][ T141] Bluetooth: hci4: Frame reassembly failed (-84) [ 452.238895][ T141] Bluetooth: hci5: Frame reassembly failed (-84) [ 452.251553][ T9273] Bluetooth: hci5: Frame reassembly failed (-84) [ 452.260843][ T9284] Bluetooth: hci4: Frame reassembly failed (-84) [ 452.281213][ T9284] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 452.297861][ T9273] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 454.406587][ T5782] Bluetooth: hci4: command 0x1003 tx timeout [ 454.406598][ T5786] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 454.419840][ T9240] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 454.476737][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 454.566975][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 454.627937][ T9301] loop2: detected capacity change from 0 to 512 [ 454.678298][ T9301] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 454.693112][ T9301] ext4 filesystem being mounted at /184/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 454.752503][ T9308] bond0: Error: Cannot enslave bond to itself. [ 455.276777][ T13] Bluetooth: hci4: Frame reassembly failed (-84) [ 455.358858][ T9301] Bluetooth: hci4: Frame reassembly failed (-84) [ 455.368847][ T9301] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 455.463799][ T9313] loop0: detected capacity change from 0 to 512 [ 455.493236][ T9313] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 455.506379][ T9313] ext4 filesystem being mounted at /170/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 456.098454][ T33] Bluetooth: hci5: Frame reassembly failed (-84) [ 456.122276][ T9313] Bluetooth: hci5: Frame reassembly failed (-84) [ 456.135010][ T9313] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 457.439848][ T5782] Bluetooth: hci4: command 0x1003 tx timeout [ 457.447250][ T5786] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 457.947680][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 458.036104][ T9327] loop2: detected capacity change from 0 to 512 [ 458.067796][ T9327] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 458.081371][ T9327] ext4 filesystem being mounted at /185/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 458.306100][ T9240] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 458.313601][ T5786] Bluetooth: hci5: command 0x1003 tx timeout [ 458.328257][ T9330] Bluetooth: hci4: Frame reassembly failed (-84) [ 458.649824][ T141] Bluetooth: hci4: Frame reassembly failed (-84) [ 458.685629][ T9330] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 458.700359][ T141] Bluetooth: hci4: Frame reassembly failed (-84) [ 458.824710][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 460.218128][ T9345] bond0: Error: Cannot enslave bond to itself. [ 460.335220][ T9347] netlink: 48 bytes leftover after parsing attributes in process `syz.0.791'. [ 460.423598][ T9349] loop0: detected capacity change from 0 to 512 [ 460.466620][ T9349] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 460.485319][ T9349] ext4 filesystem being mounted at /174/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 460.559883][ T9331] Bluetooth: hci4: command 0x1003 tx timeout [ 460.566434][ T5782] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 460.979996][ T33] Bluetooth: hci5: Frame reassembly failed (-84) [ 461.086331][ T9353] Bluetooth: hci5: Frame reassembly failed (-84) [ 461.148237][ T9349] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 461.357232][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 462.606730][ T9366] loop2: detected capacity change from 0 to 512 [ 462.634337][ T9366] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 462.660726][ T9366] ext4 filesystem being mounted at /187/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 463.115772][ T9372] Bluetooth: hci4: Frame reassembly failed (-84) [ 463.127341][ T33] Bluetooth: hci4: Frame reassembly failed (-84) [ 463.146485][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 463.153378][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 463.223927][ T5776] Bluetooth: hci5: command 0x1003 tx timeout [ 463.298728][ T5782] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 463.315331][ T9372] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 463.740736][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 465.325124][ T9331] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 466.097125][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 466.130793][ T9385] loop0: detected capacity change from 0 to 512 [ 466.189632][ T9385] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 466.227996][ T9385] ext4 filesystem being mounted at /177/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 467.438666][ T9385] Bluetooth: hci4: Frame reassembly failed (-84) [ 467.481181][ T9385] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 468.592076][ T9408] loop2: detected capacity change from 0 to 2048 [ 468.632270][ T9408] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 468.645804][ T9408] ext4 filesystem being mounted at /190/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 469.638802][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 469.658157][ T5782] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 469.958250][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 470.701645][ T9415] ALSA: mixer_oss: invalid OSS volume 'u' [ 470.840804][ T9422] loop0: detected capacity change from 0 to 512 [ 470.876644][ T9422] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 470.925304][ T9422] ext4 filesystem being mounted at /178/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 470.940457][ T9427] loop2: detected capacity change from 0 to 512 [ 470.987058][ T9427] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 471.014778][ T9427] ext4 filesystem being mounted at /192/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 471.952301][ T2947] Bluetooth: hci4: Frame reassembly failed (-84) [ 471.992029][ T9422] Bluetooth: hci4: Frame reassembly failed (-84) [ 472.003710][ T9422] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 472.050008][ T9427] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 472.640687][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 472.842527][ T9439] bond0: Error: Cannot enslave bond to itself. [ 473.803683][ T9445] loop2: detected capacity change from 0 to 512 [ 473.844475][ T9445] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 473.860086][ T9445] ext4 filesystem being mounted at /194/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 474.402218][ T5782] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 474.411582][ T9331] Bluetooth: hci4: command 0x1003 tx timeout [ 474.431256][ T78] Bluetooth: hci5: Frame reassembly failed (-84) [ 474.518734][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 474.530813][ T9445] Bluetooth: hci5: Frame reassembly failed (-84) [ 474.540815][ T9445] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 474.645381][ T9453] loop0: detected capacity change from 0 to 2048 [ 474.668179][ T9453] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 474.689403][ T9453] ext4 filesystem being mounted at /179/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 475.617423][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 475.758796][ T9460] loop0: detected capacity change from 0 to 512 [ 475.805624][ T9460] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 475.820334][ T9460] ext4 filesystem being mounted at /180/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 476.344324][ T13] Bluetooth: hci4: Frame reassembly failed (-84) [ 476.350756][ T13] Bluetooth: hci4: Frame reassembly failed (-84) [ 476.428911][ T9460] Bluetooth: hci4: Frame reassembly failed (-84) [ 476.590239][ T5776] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 477.082333][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 477.328486][ T9470] bond0: Error: Cannot enslave bond to itself. [ 478.265612][ T9477] loop2: detected capacity change from 0 to 512 [ 478.295104][ T9477] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 478.310779][ T9477] ext4 filesystem being mounted at /196/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 478.323394][ T9331] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 478.915689][ T9477] Bluetooth: hci5: Frame reassembly failed (-84) [ 478.926895][ T9477] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 479.088138][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 479.175429][ T9482] loop0: detected capacity change from 0 to 512 [ 479.213112][ T9482] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 479.228627][ T9482] ext4 filesystem being mounted at /181/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 479.789196][ T78] Bluetooth: hci4: Frame reassembly failed (-84) [ 479.943552][ T9482] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 480.425900][ T9490] overlayfs: failed to clone upperpath [ 481.096435][ T5782] Bluetooth: hci5: command 0x1003 tx timeout [ 481.096801][ T5776] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 481.159955][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 481.249701][ T9500] loop2: detected capacity change from 0 to 512 [ 481.290605][ T9500] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 481.308170][ T9500] ext4 filesystem being mounted at /197/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 481.700096][ T9503] Bluetooth: hci5: Frame reassembly failed (-84) [ 481.750115][ T78] Bluetooth: hci5: Frame reassembly failed (-84) [ 481.963470][ T5782] Bluetooth: hci4: command 0x1003 tx timeout [ 481.964357][ T9331] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 481.984782][ T9503] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 482.046465][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 482.168409][ T42] IPVS: starting estimator thread 0... [ 483.308066][ T9509] IPVS: using max 32 ests per chain, 76800 per kthread [ 483.400002][ T9515] netlink: 48 bytes leftover after parsing attributes in process `syz.1.831'. [ 483.873166][ T5776] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 484.548420][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 485.137035][ T176] IPVS: starting estimator thread 0... [ 485.173060][ T9525] loop0: detected capacity change from 0 to 8192 [ 485.235273][ T9525] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 485.263205][ T9530] IPVS: using max 21 ests per chain, 50400 per kthread [ 485.287991][ T9525] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 485.303246][ T9525] REISERFS (device loop0): using ordered data mode [ 485.311033][ T9525] reiserfs: using flush barriers [ 485.318102][ T9525] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 485.337706][ T9525] REISERFS (device loop0): checking transaction log (loop0) [ 485.364522][ T9525] REISERFS warning: reiserfs-5081 is_leaf: nr_item seems wrong: level=1, nr_items=1538, free_space=5 rdkey [ 485.430265][ T9525] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 531. Fsck? [ 485.454785][ T9525] REISERFS (device loop0): Remounting filesystem read-only [ 485.474751][ T9525] REISERFS error (device loop0): vs-13070 reiserfs_read_locked_inode: i/o failure occurred trying to find stat data of [1 2 0x0 SD] [ 485.474858][ T9533] netlink: 48 bytes leftover after parsing attributes in process `syz.3.837'. [ 486.888770][ T9543] loop2: detected capacity change from 0 to 512 [ 486.941610][ T9543] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 486.955158][ T9543] ext4 filesystem being mounted at /200/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 487.538550][ T9550] loop0: detected capacity change from 0 to 512 [ 487.658914][ T70] Bluetooth: hci4: Frame reassembly failed (-84) [ 487.674661][ T9550] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 487.705777][ T9543] Bluetooth: hci4: Frame reassembly failed (-84) [ 487.713017][ T9550] ext4 filesystem being mounted at /185/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 488.373450][ T9550] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 488.560272][ T9546] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 489.859568][ T9331] Bluetooth: hci4: command 0x1003 tx timeout [ 489.866574][ T5776] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 490.007032][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 491.357289][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 493.485116][ T9591] ALSA: mixer_oss: invalid OSS volume 'u' [ 493.686175][ T9600] bond0: Error: Cannot enslave bond to itself. [ 493.940246][ T9601] loop2: detected capacity change from 0 to 2048 [ 494.196336][ T9601] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 495.142448][ T9601] ext4 filesystem being mounted at /204/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 495.400638][ T9616] loop0: detected capacity change from 0 to 512 [ 495.450606][ T9616] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 495.509212][ T9616] ext4 filesystem being mounted at /188/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 495.709613][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 496.157920][ T7320] Bluetooth: hci4: Frame reassembly failed (-84) [ 496.250201][ T9626] loop2: detected capacity change from 0 to 512 [ 496.294534][ T9626] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 496.307986][ T9626] ext4 filesystem being mounted at /205/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 496.608211][ T9629] Bluetooth: hci5: Frame reassembly failed (-84) [ 496.652139][ T33] Bluetooth: hci5: Frame reassembly failed (-84) [ 496.867712][ T9629] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 497.387637][ T9613] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 498.340606][ T5782] Bluetooth: hci4: command 0x1003 tx timeout [ 498.347130][ T5776] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 498.542817][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 498.629820][ T9641] loop0: detected capacity change from 0 to 512 [ 498.674091][ T9641] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 498.704540][ T9641] ext4 filesystem being mounted at /189/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 498.860654][ T9331] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 498.868325][ T5776] Bluetooth: hci5: command 0x1003 tx timeout [ 499.257958][ T141] Bluetooth: hci4: Frame reassembly failed (-84) [ 499.471036][ T9641] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 499.496737][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 500.449740][ T9672] loop2: detected capacity change from 0 to 512 [ 500.573923][ T9672] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 500.598489][ T9672] ext4 filesystem being mounted at /210/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 501.091466][ T70] Bluetooth: hci5: Frame reassembly failed (-84) [ 501.125306][ T9677] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 501.373555][ T5776] Bluetooth: hci4: command 0x1003 tx timeout [ 501.373665][ T5782] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 501.943054][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 502.019501][ T9690] loop0: detected capacity change from 0 to 512 [ 502.076778][ T9690] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 502.094359][ T9690] ext4 filesystem being mounted at /190/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 502.252069][ T9613] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 502.614713][ T33] Bluetooth: hci4: Frame reassembly failed (-84) [ 502.656324][ T9690] Bluetooth: hci4: Frame reassembly failed (-84) [ 503.280025][ T9331] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 503.754950][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 503.901543][ T9698] loop2: detected capacity change from 0 to 512 [ 503.953549][ T9698] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 503.966892][ T9698] ext4 filesystem being mounted at /212/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 504.488627][ T2947] Bluetooth: hci5: Frame reassembly failed (-84) [ 504.554433][ T9698] Bluetooth: hci5: Frame reassembly failed (-84) [ 504.564884][ T9698] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 504.839925][ T9331] Bluetooth: hci4: command 0x1003 tx timeout [ 504.850713][ T5782] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 505.335265][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 506.659589][ T5782] Bluetooth: hci5: command 0x1003 tx timeout [ 506.666757][ T5776] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 506.681001][ T9720] loop0: detected capacity change from 0 to 512 [ 506.741182][ T9720] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 506.772493][ T9720] ext4 filesystem being mounted at /192/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 507.169418][ T9725] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 507.419451][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 508.455825][ T9726] ALSA: mixer_oss: invalid OSS volume 'u' [ 508.779426][ T9737] bond0: Error: Cannot enslave bond to itself. [ 509.748059][ T5833] IPVS: starting estimator thread 0... [ 509.844161][ T9740] IPVS: using max 29 ests per chain, 69600 per kthread [ 509.943494][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 510.049409][ T9747] loop2: detected capacity change from 0 to 512 [ 510.098955][ T9751] loop0: detected capacity change from 0 to 512 [ 510.105989][ T9747] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 510.120832][ T9747] ext4 filesystem being mounted at /216/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 510.629288][ T2947] Bluetooth: hci4: Frame reassembly failed (-84) [ 510.669003][ T9751] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 510.689179][ T9751] ext4 filesystem being mounted at /193/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 510.905537][ T9759] Bluetooth: hci5: Frame reassembly failed (-84) [ 511.179369][ T33] Bluetooth: hci5: Frame reassembly failed (-84) [ 511.203837][ T9747] Bluetooth: hci4: Frame reassembly failed (-84) [ 511.224653][ T9747] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 511.292607][ T9759] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 512.812114][ T9331] Bluetooth: hci4: command 0x1003 tx timeout [ 512.812263][ T5776] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 512.876717][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 513.418991][ T5776] Bluetooth: hci5: command 0x1003 tx timeout [ 513.428340][ T5782] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 513.459613][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 513.544346][ T9776] loop0: detected capacity change from 0 to 512 [ 513.578783][ T9776] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 513.592943][ T9776] ext4 filesystem being mounted at /194/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 514.126502][ T2947] Bluetooth: hci4: Frame reassembly failed (-84) [ 514.153792][ T9779] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 514.290977][ T9783] loop2: detected capacity change from 0 to 512 [ 514.376358][ T9783] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 514.393690][ T9783] ext4 filesystem being mounted at /218/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 514.679117][ T9788] Bluetooth: hci5: Frame reassembly failed (-84) [ 514.806336][ T9754] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 514.835366][ T70] Bluetooth: hci5: Frame reassembly failed (-84) [ 516.278373][ T9331] Bluetooth: hci4: command 0x1003 tx timeout [ 516.278406][ T5776] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 516.837395][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 516.968193][ T9803] loop0: detected capacity change from 0 to 2048 [ 516.974793][ T5782] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 517.026795][ T9803] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 517.076543][ T9803] ext4 filesystem being mounted at /195/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 517.386104][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 517.963186][ T5811] IPVS: starting estimator thread 0... [ 518.038765][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 518.069130][ T9817] IPVS: using max 32 ests per chain, 76800 per kthread [ 519.919327][ T9827] loop2: detected capacity change from 0 to 512 [ 519.960009][ T9827] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 520.013596][ T9827] ext4 filesystem being mounted at /220/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 521.333262][ T9827] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 521.509489][ T9846] loop0: detected capacity change from 0 to 512 [ 521.582047][ T9846] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 521.601604][ T9846] ext4 filesystem being mounted at /199/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 522.480620][ T9846] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 523.171033][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 523.261815][ T9861] loop2: detected capacity change from 0 to 512 [ 523.287497][ T9861] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 523.305016][ T9861] ext4 filesystem being mounted at /221/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 523.833026][ T49] Bluetooth: hci4: Frame reassembly failed (-84) [ 523.894413][ T9861] Bluetooth: hci4: Frame reassembly failed (-84) [ 524.754179][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 524.836516][ T9866] loop0: detected capacity change from 0 to 512 [ 524.865507][ T9866] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 524.883134][ T9866] ext4 filesystem being mounted at /200/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 525.380734][ T9869] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 525.897646][ T9830] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 526.070592][ T5776] Bluetooth: hci4: command 0x1003 tx timeout [ 526.077735][ T5782] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 526.585711][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 526.898995][ T9882] loop2: detected capacity change from 0 to 2048 [ 526.932848][ T9882] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 526.958670][ T9882] ext4 filesystem being mounted at /224/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 528.124462][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 529.628868][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 529.639337][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 529.683177][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 529.888850][ T9909] loop0: detected capacity change from 0 to 512 [ 529.950933][ T9909] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 530.018641][ T9909] ext4 filesystem being mounted at /202/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 530.656909][ T9918] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 530.690423][ T9920] loop2: detected capacity change from 0 to 512 [ 530.765249][ T9920] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 530.784361][ T9920] ext4 filesystem being mounted at /226/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 531.382413][ T9920] Bluetooth: hci4: Frame reassembly failed (-84) [ 531.394216][ T9920] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 531.421302][ T141] Bluetooth: hci4: Frame reassembly failed (-84) [ 533.142289][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 533.241301][ T9940] loop0: detected capacity change from 0 to 2048 [ 533.271042][ T9940] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 533.288997][ T9940] ext4 filesystem being mounted at /203/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 533.609364][ T5782] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 533.609440][ T5776] Bluetooth: hci4: command 0x1003 tx timeout [ 533.989863][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 534.794886][ T9954] loop2: detected capacity change from 0 to 512 [ 534.841218][ T9954] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 534.906215][ T9954] ext4 filesystem being mounted at /228/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 535.540214][ T9954] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 535.699616][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 535.808682][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 535.872689][ T9970] loop0: detected capacity change from 0 to 512 [ 535.905977][ T9970] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 535.949512][ T9970] ext4 filesystem being mounted at /204/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 535.975929][ T9974] loop2: detected capacity change from 0 to 512 [ 536.430194][ T9974] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 536.535308][ T9975] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 536.549772][ T9974] ext4 filesystem being mounted at /229/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 537.266278][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 537.284338][ T2930] Bluetooth: hci4: Frame reassembly failed (-84) [ 537.309869][ T9974] Bluetooth: hci4: Frame reassembly failed (-84) [ 537.342928][ T9974] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 539.512704][ T5782] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 539.706864][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 539.878522][T10009] loop2: detected capacity change from 0 to 512 [ 539.940469][T10009] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 539.953085][T10009] ext4 filesystem being mounted at /230/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 540.390736][T10014] Bluetooth: hci4: Frame reassembly failed (-84) [ 540.436383][ T2947] Bluetooth: hci4: Frame reassembly failed (-84) [ 540.551136][T10009] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 541.211443][T10025] loop0: detected capacity change from 0 to 512 [ 541.247739][T10025] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 541.269154][T10025] ext4 filesystem being mounted at /210/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 541.534407][ T33] Bluetooth: hci5: Frame reassembly failed (-84) [ 541.551182][T10025] Bluetooth: hci5: Frame reassembly failed (-84) [ 541.562450][T10025] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 542.621976][ T5776] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 542.625673][ T9331] Bluetooth: hci4: command 0x1003 tx timeout [ 543.180483][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 543.252184][T10045] loop2: detected capacity change from 0 to 512 [ 543.277175][T10045] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 543.298020][T10045] ext4 filesystem being mounted at /231/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 543.711772][T10049] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 543.768045][ T5776] Bluetooth: hci5: command 0x1003 tx timeout [ 543.769808][ T5782] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 543.886071][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 543.994028][T10051] loop0: detected capacity change from 0 to 512 [ 544.033427][T10051] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 544.048027][T10051] ext4 filesystem being mounted at /211/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 544.279502][T10054] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 544.916764][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 544.999226][T10056] loop0: detected capacity change from 0 to 512 [ 545.021333][T10056] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 545.046871][T10056] ext4 filesystem being mounted at /212/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 545.500858][T10059] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 546.732664][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 546.831307][T10069] loop2: detected capacity change from 0 to 512 [ 546.888895][T10069] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 546.921766][T10069] ext4 filesystem being mounted at /232/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 547.471521][T10074] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 548.264138][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 548.338697][T10086] loop0: detected capacity change from 0 to 512 [ 548.365313][T10086] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 548.378348][T10086] ext4 filesystem being mounted at /213/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 548.687460][T10089] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 549.560521][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 550.132945][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 550.447193][T10099] loop0: detected capacity change from 0 to 512 [ 551.162493][T10099] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 551.271074][T10099] ext4 filesystem being mounted at /215/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 551.300036][T10103] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 551.643648][T10104] Bluetooth: hci4: Frame reassembly failed (-84) [ 551.663145][ T2930] Bluetooth: hci4: Frame reassembly failed (-84) [ 551.860534][T10108] loop2: detected capacity change from 0 to 512 [ 552.013688][T10108] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 552.033704][T10108] ext4 filesystem being mounted at /234/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 553.443979][ T49] Bluetooth: hci5: Frame reassembly failed (-84) [ 553.451286][T10108] Bluetooth: hci5: Frame reassembly failed (-84) [ 553.469274][T10108] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 553.713304][ T5782] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 553.713457][ T5776] Bluetooth: hci4: command 0x1003 tx timeout [ 554.618588][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 554.804329][T10141] loop0: detected capacity change from 0 to 512 [ 554.859741][T10141] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 554.872790][T10141] ext4 filesystem being mounted at /216/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 555.620001][ T5782] Bluetooth: hci5: command 0x1003 tx timeout [ 555.620032][ T9331] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 555.659357][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 555.777845][T10148] loop2: detected capacity change from 0 to 512 [ 555.821222][T10148] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 555.848428][T10148] ext4 filesystem being mounted at /235/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 556.318324][T10151] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 557.480745][T10162] overlayfs: missing 'lowerdir' [ 558.457983][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 558.774304][T10175] bond0: Error: Cannot enslave bond to itself. [ 559.720173][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 560.972079][T10190] overlayfs: missing 'lowerdir' [ 561.012182][T10188] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1017'. [ 561.048092][T10194] loop0: detected capacity change from 0 to 512 [ 561.132827][T10194] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 561.177871][T10194] ext4 filesystem being mounted at /219/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 561.530115][T10203] Bluetooth: hci4: Frame reassembly failed (-84) [ 561.731967][ T141] Bluetooth: hci4: Frame reassembly failed (-84) [ 561.745470][T10198] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 563.601430][T10218] loop2: detected capacity change from 0 to 512 [ 563.670012][T10218] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 563.684833][ T5782] Bluetooth: hci4: command 0x1003 tx timeout [ 563.692073][ T9331] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 563.709012][T10218] ext4 filesystem being mounted at /240/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 563.983579][T10222] Bluetooth: hci4: Frame reassembly failed (-84) [ 564.151004][ T141] Bluetooth: hci4: Frame reassembly failed (-84) [ 564.247040][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 564.261267][T10222] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 564.411402][T10224] loop0: detected capacity change from 0 to 512 [ 564.438403][T10224] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 564.451069][T10224] ext4 filesystem being mounted at /220/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 564.945137][ T78] Bluetooth: hci5: Frame reassembly failed (-84) [ 564.977098][ T78] Bluetooth: hci5: Frame reassembly failed (-84) [ 565.028849][T10224] Bluetooth: hci5: Frame reassembly failed (-84) [ 565.040571][T10224] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 565.421957][T10229] overlayfs: missing 'lowerdir' [ 566.191533][ T5776] Bluetooth: hci4: command 0x1003 tx timeout [ 566.199029][ T9331] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 566.922751][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 566.992256][T10248] loop2: detected capacity change from 0 to 512 [ 567.020493][T10248] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 567.045002][T10248] ext4 filesystem being mounted at /241/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 567.058254][ T5782] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 567.694356][T10248] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 567.774419][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 567.854689][T10257] overlayfs: missing 'lowerdir' [ 569.400978][T10271] bond0: Error: Cannot enslave bond to itself. [ 570.452527][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 572.148435][T10291] loop0: detected capacity change from 0 to 512 [ 572.301473][T10291] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 572.302164][T10301] loop2: detected capacity change from 0 to 512 [ 572.365849][T10291] ext4 filesystem being mounted at /225/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 572.663965][T10301] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 572.893696][T10301] ext4 filesystem being mounted at /244/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 573.466398][T10291] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 573.489530][T10308] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 574.049387][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 574.128536][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 577.226310][T10332] loop2: detected capacity change from 0 to 512 [ 577.226880][ T27] audit: type=1800 audit(1782283900.638:9): pid=10335 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1062" name="file0" dev="overlay" ino=1311 res=0 errno=0 [ 577.305987][T10332] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 577.327442][T10332] ext4 filesystem being mounted at /246/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 577.726160][T10342] Bluetooth: hci4: Frame reassembly failed (-84) [ 577.795296][ T1091] Bluetooth: hci4: Frame reassembly failed (-84) [ 577.828724][T10342] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 578.038037][T10349] bond0: Error: Cannot enslave bond to itself. [ 580.016017][ T5782] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 581.327838][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 581.512256][ T27] audit: type=1800 audit(1782283904.598:10): pid=10371 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1072" name="file0" dev="overlay" ino=1437 res=0 errno=0 [ 581.716594][T10377] bond0: Error: Cannot enslave bond to itself. [ 583.173185][T10383] loop0: detected capacity change from 0 to 512 [ 583.215289][T10383] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 583.245070][T10383] ext4 filesystem being mounted at /235/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 583.784365][ T78] Bluetooth: hci4: Frame reassembly failed (-84) [ 583.862769][T10383] Bluetooth: hci4: Frame reassembly failed (-84) [ 583.877842][T10383] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 584.370124][T10399] loop2: detected capacity change from 0 to 512 [ 584.409062][T10399] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 584.425300][T10399] ext4 filesystem being mounted at /250/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 585.058902][T10405] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 585.076125][T10410] overlayfs: missing 'workdir' [ 586.046690][ T5782] Bluetooth: hci4: command 0x1003 tx timeout [ 586.055547][ T9331] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 586.476211][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 587.103560][T10425] loop0: detected capacity change from 0 to 512 [ 587.148890][T10425] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 587.167745][T10425] ext4 filesystem being mounted at /237/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 587.720946][T10428] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 587.756442][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 588.908070][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 589.032876][T10437] loop0: detected capacity change from 0 to 512 [ 589.045945][T10435] loop2: detected capacity change from 0 to 512 [ 589.114700][T10435] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 589.123020][T10437] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 589.152338][T10435] ext4 filesystem being mounted at /252/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 589.191329][T10443] overlayfs: missing 'workdir' [ 589.196366][T10437] ext4 filesystem being mounted at /238/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 589.373355][T10435] Bluetooth: hci4: Frame reassembly failed (-84) [ 589.399544][T10435] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 589.427304][ T1091] Bluetooth: hci4: Frame reassembly failed (-84) [ 589.583266][ T2947] Bluetooth: hci5: Frame reassembly failed (-84) [ 589.632244][ T1091] Bluetooth: hci4: Frame reassembly failed (-84) [ 589.960823][T10437] Bluetooth: hci5: Frame reassembly failed (-84) [ 589.973147][T10437] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 591.668769][ T5776] Bluetooth: hci4: command 0x1003 tx timeout [ 591.669898][ T9331] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 591.754899][ T5782] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 592.311403][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 592.378360][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 593.425872][T10463] loop0: detected capacity change from 0 to 512 [ 593.602569][T10463] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 593.635085][T10463] ext4 filesystem being mounted at /239/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 594.377678][T10474] overlayfs: failed to clone upperpath [ 594.541033][ T141] Bluetooth: hci4: Frame reassembly failed (-84) [ 594.564640][T10463] Bluetooth: hci4: Frame reassembly failed (-84) [ 594.675382][T10480] overlayfs: missing 'workdir' [ 594.954607][T10490] bond0: Error: Cannot enslave bond to itself. [ 596.041771][T10496] loop2: detected capacity change from 0 to 8192 [ 596.058823][T10496] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 596.074332][T10496] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 596.085978][T10496] REISERFS (device loop2): using ordered data mode [ 596.093903][T10496] reiserfs: using flush barriers [ 596.116978][T10496] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 596.134390][T10496] REISERFS (device loop2): checking transaction log (loop2) [ 596.149683][T10496] REISERFS warning: reiserfs-5081 is_leaf: nr_item seems wrong: level=1, nr_items=1538, free_space=5 rdkey [ 596.167044][T10496] REISERFS error (device loop2): vs-5150 search_by_key: invalid format found in block 531. Fsck? [ 596.181678][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 596.188153][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 596.192914][T10496] REISERFS (device loop2): Remounting filesystem read-only [ 596.206466][T10496] REISERFS error (device loop2): vs-13070 reiserfs_read_locked_inode: i/o failure occurred trying to find stat data of [1 2 0x0 SD] [ 596.780762][ T5782] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 596.780792][ T9331] Bluetooth: hci4: command 0x1003 tx timeout [ 596.812978][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 596.972821][ T27] audit: type=1800 audit(1782283918.871:11): pid=10502 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1108" name="file0" dev="overlay" ino=1384 res=0 errno=0 [ 598.110643][T10508] overlayfs: missing 'lowerdir' [ 599.462970][T10519] bond0: Error: Cannot enslave bond to itself. [ 600.405922][T10525] bond0: Error: Cannot enslave bond to itself. [ 601.216414][ T27] audit: type=1800 audit(1782283922.767:12): pid=10540 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1118" name="file0" dev="overlay" ino=1525 res=0 errno=0 [ 602.483175][T10549] loop2: detected capacity change from 0 to 2048 [ 602.521317][T10551] loop0: detected capacity change from 0 to 512 [ 602.540267][T10549] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 602.566161][T10549] ext4 filesystem being mounted at /261/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 602.591965][T10551] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 602.658967][T10551] ext4 filesystem being mounted at /245/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 603.570711][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 603.608949][T10562] overlayfs: missing 'lowerdir' [ 604.095750][T10551] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 605.978224][T10585] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1130'. [ 606.032345][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 606.187742][T10591] loop2: detected capacity change from 0 to 512 [ 606.224649][T10591] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 606.270009][T10598] overlayfs: missing 'lowerdir' [ 606.278263][T10591] ext4 filesystem being mounted at /265/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 606.508838][T10600] Bluetooth: hci4: Frame reassembly failed (-84) [ 606.556383][ T7320] Bluetooth: hci4: Frame reassembly failed (-84) [ 606.619519][T10600] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 606.813727][ T7320] Bluetooth: hci4: Frame reassembly failed (-84) [ 608.710982][T10617] loop0: detected capacity change from 0 to 512 [ 608.739284][ T5782] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 608.739631][ T9331] Bluetooth: hci4: command 0x1003 tx timeout [ 608.761251][T10617] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 608.777597][T10617] ext4 filesystem being mounted at /249/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 608.882249][T10620] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 608.926318][ T13] Bluetooth: hci5: Frame reassembly failed (-84) [ 608.938702][T10617] Bluetooth: hci5: Frame reassembly failed (-84) [ 609.480075][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 609.737011][T10630] bond0: Error: Cannot enslave bond to itself. [ 611.165559][ T5782] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 611.165589][ T5776] Bluetooth: hci5: command 0x1003 tx timeout [ 611.710719][T10636] loop2: detected capacity change from 0 to 512 [ 611.787309][T10636] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 611.801637][T10636] ext4 filesystem being mounted at /268/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 611.902541][T10640] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 612.036031][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 612.142673][T10643] loop0: detected capacity change from 0 to 512 [ 612.211553][T10643] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 612.225429][T10643] ext4 filesystem being mounted at /250/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 612.280641][T10643] Bluetooth: hci4: Frame reassembly failed (-84) [ 612.295087][T10643] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 612.317343][ T1091] Bluetooth: hci4: Frame reassembly failed (-84) [ 614.369314][T10658] netlink: 84 bytes leftover after parsing attributes in process `syz.3.1149'. [ 614.545127][ T5782] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 614.960519][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 615.596417][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 615.674712][T10669] loop2: detected capacity change from 0 to 512 [ 615.725024][T10669] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 615.728780][T10671] loop0: detected capacity change from 0 to 512 [ 615.776835][T10669] ext4 filesystem being mounted at /270/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 615.827472][T10671] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 615.857153][T10671] ext4 filesystem being mounted at /251/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 616.459823][T10671] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 616.525099][T10680] Bluetooth: hci4: Frame reassembly failed (-84) [ 616.541357][T10680] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 618.704604][ T5776] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 618.711086][ T5782] Bluetooth: hci4: command 0x1003 tx timeout [ 618.759274][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 619.321006][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 619.664847][T10690] loop0: detected capacity change from 0 to 8192 [ 620.066868][T10690] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 620.442434][T10690] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 620.459753][T10690] REISERFS (device loop0): using ordered data mode [ 620.466315][T10690] reiserfs: using flush barriers [ 620.550009][T10690] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 620.573301][T10690] REISERFS (device loop0): checking transaction log (loop0) [ 620.584481][T10690] REISERFS warning: reiserfs-5081 is_leaf: nr_item seems wrong: level=1, nr_items=1538, free_space=5 rdkey [ 620.607408][T10690] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 531. Fsck? [ 620.618674][T10690] REISERFS (device loop0): Remounting filesystem read-only [ 620.626330][T10690] REISERFS error (device loop0): vs-13070 reiserfs_read_locked_inode: i/o failure occurred trying to find stat data of [1 2 0x0 SD] [ 621.170461][T10706] loop0: detected capacity change from 0 to 512 [ 621.206315][T10706] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 621.223085][T10706] ext4 filesystem being mounted at /253/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 621.468614][ T1091] Bluetooth: hci4: Frame reassembly failed (-84) [ 621.543266][T10710] Bluetooth: hci4: Frame reassembly failed (-84) [ 621.705997][T10715] loop2: detected capacity change from 0 to 512 [ 621.738922][T10715] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 621.751919][T10715] ext4 filesystem being mounted at /274/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 621.927639][ T49] Bluetooth: hci5: Frame reassembly failed (-84) [ 621.946476][T10715] Bluetooth: hci5: Frame reassembly failed (-84) [ 621.958408][T10715] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 623.644077][ T9331] Bluetooth: hci4: command 0x1003 tx timeout [ 623.650852][ T5776] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 624.164041][ T5782] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 624.475482][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 624.544070][T10724] loop0: detected capacity change from 0 to 512 [ 624.578493][T10724] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 624.592574][T10724] ext4 filesystem being mounted at /254/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 624.724624][T10727] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 625.082138][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 628.646180][T10761] loop2: detected capacity change from 0 to 512 [ 628.699829][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 628.710880][T10761] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 628.732442][T10761] ext4 filesystem being mounted at /279/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 628.873476][T10766] loop0: detected capacity change from 0 to 512 [ 628.918523][T10766] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 628.938609][T10766] ext4 filesystem being mounted at /255/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 628.997988][T10767] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 629.303877][ T2947] Bluetooth: hci4: Frame reassembly failed (-84) [ 629.423017][T10770] Bluetooth: hci4: Frame reassembly failed (-84) [ 629.471599][T10770] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 631.529500][ T5776] Bluetooth: hci4: command 0x1003 tx timeout [ 631.536512][ T5782] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 631.925694][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 632.021589][T10793] loop2: detected capacity change from 0 to 512 [ 632.054268][T10793] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 632.069341][T10793] ext4 filesystem being mounted at /280/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 632.575964][ T2947] Bluetooth: hci5: Frame reassembly failed (-84) [ 632.651750][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 632.751211][T10793] Bluetooth: hci5: Frame reassembly failed (-84) [ 632.760165][T10793] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 632.812551][T10800] loop0: detected capacity change from 0 to 512 [ 632.850975][T10800] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 632.889784][T10800] ext4 filesystem being mounted at /256/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 633.129593][T10805] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 634.562508][ T5776] Bluetooth: hci5: command 0x1003 tx timeout [ 634.569688][ T5782] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 635.338860][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 636.486694][T10823] loop2: detected capacity change from 0 to 512 [ 636.543520][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 636.569347][T10823] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 636.621609][T10823] ext4 filesystem being mounted at /282/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 636.968173][T10826] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 637.644802][T10823] Bluetooth: hci4: Frame reassembly failed (-84) [ 637.662801][ T7320] Bluetooth: hci4: Frame reassembly failed (-84) [ 639.004041][T10846] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 639.013001][T10846] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 639.848398][ T5776] Bluetooth: hci4: command 0x1003 tx timeout [ 639.855395][ T5782] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 639.925081][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 640.172521][T10853] loop2: detected capacity change from 0 to 2048 [ 640.337050][T10853] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 640.454519][T10853] ext4 filesystem being mounted at /283/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 641.806496][ T70] Bluetooth: hci4: Frame reassembly failed (-84) [ 641.837441][T10863] Bluetooth: hci4: Frame reassembly failed (-84) [ 641.852891][T10858] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 345: padding at end of block bitmap is not set [ 641.883705][T10858] EXT4-fs (loop2): Remounting filesystem read-only [ 642.662088][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 642.739863][T10872] loop2: detected capacity change from 0 to 512 [ 642.770939][T10872] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 642.785042][T10872] ext4 filesystem being mounted at /284/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 643.419559][T10872] Bluetooth: hci5: Frame reassembly failed (-84) [ 643.429141][ T2930] Bluetooth: hci5: Frame reassembly failed (-84) [ 643.439261][T10872] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 644.007834][ T9331] Bluetooth: hci4: command 0x1003 tx timeout [ 644.007869][ T5782] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 644.112868][T10886] overlayfs: failed to clone upperpath [ 644.639672][T10895] loop0: detected capacity change from 0 to 2048 [ 644.666053][T10895] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 644.683714][T10895] ext4 filesystem being mounted at /262/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 645.613511][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 645.654577][ T5776] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 645.696392][T10906] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 646.162817][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 646.249495][T10909] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 648.437562][T10921] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 649.480851][T10931] loop2: detected capacity change from 0 to 512 [ 649.502745][T10929] loop0: detected capacity change from 0 to 2048 [ 649.558418][T10929] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 649.591436][T10931] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 649.604315][T10931] ext4 filesystem being mounted at /288/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 649.629608][T10929] ext4 filesystem being mounted at /266/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 649.849080][T10938] Bluetooth: hci4: Frame reassembly failed (-84) [ 649.892197][T10938] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 650.099951][ T11] Bluetooth: hci4: Frame reassembly failed (-84) [ 650.716349][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 650.796834][T10944] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 651.236021][ T27] audit: type=1800 audit(1782283968.973:13): pid=10947 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1225" name="file0" dev="overlay" ino=1558 res=0 errno=0 [ 651.317544][T10949] loop0: detected capacity change from 0 to 512 [ 651.346920][T10949] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 651.362914][T10949] ext4 filesystem being mounted at /269/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 651.942506][ T13] Bluetooth: hci5: Frame reassembly failed (-84) [ 651.955076][T10949] Bluetooth: hci5: Frame reassembly failed (-84) [ 651.965454][T10949] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 652.044742][T10956] overlayfs: failed to clone upperpath [ 652.066806][ T5782] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 652.119025][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 652.248626][T10960] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 653.482738][T10969] loop2: detected capacity change from 0 to 512 [ 653.531286][T10969] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 653.544591][T10969] ext4 filesystem being mounted at /290/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 653.984556][T10974] Bluetooth: hci4: Frame reassembly failed (-84) [ 654.047177][ T2930] Bluetooth: hci4: Frame reassembly failed (-84) [ 654.135409][T10969] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 654.151332][ T5776] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 654.157754][ T9331] Bluetooth: hci5: command 0x1003 tx timeout [ 654.502207][T10988] overlayfs: failed to clone upperpath [ 654.672898][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 654.767342][T10996] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 655.334339][T11005] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 656.226194][ T5776] Bluetooth: hci4: command 0x1003 tx timeout [ 656.653403][ T5782] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 656.760481][T11016] loop0: detected capacity change from 0 to 512 [ 656.796822][T11016] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 656.822065][T11016] ext4 filesystem being mounted at /273/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 657.244788][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 657.384092][T11019] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 657.489626][T11022] loop2: detected capacity change from 0 to 512 [ 657.566976][T11022] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 657.587039][T11022] ext4 filesystem being mounted at /291/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 658.055761][T11027] Bluetooth: hci4: Frame reassembly failed (-84) [ 658.088402][ T1091] Bluetooth: hci4: Frame reassembly failed (-84) [ 658.213488][T11022] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 660.027667][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 660.098268][T11051] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 660.299259][ T5776] Bluetooth: hci4: command 0x1003 tx timeout [ 660.306774][ T5782] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 660.468912][T11055] loop0: detected capacity change from 0 to 8192 [ 660.479182][T11055] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 660.493783][T11055] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 660.512593][T11055] REISERFS (device loop0): using ordered data mode [ 660.519706][T11055] reiserfs: using flush barriers [ 660.528776][T11055] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 660.550303][T11055] REISERFS (device loop0): checking transaction log (loop0) [ 660.560455][T11055] REISERFS warning: reiserfs-5081 is_leaf: nr_item seems wrong: level=1, nr_items=1538, free_space=5 rdkey [ 660.572195][T11055] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 531. Fsck? [ 660.583375][T11055] REISERFS (device loop0): Remounting filesystem read-only [ 660.590815][T11055] REISERFS error (device loop0): vs-13070 reiserfs_read_locked_inode: i/o failure occurred trying to find stat data of [1 2 0x0 SD] [ 660.874876][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 660.978818][T11062] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 661.528200][T11065] loop0: detected capacity change from 0 to 512 [ 661.628863][T11065] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 661.756488][T11065] ext4 filesystem being mounted at /276/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 662.351159][ T49] Bluetooth: hci4: Frame reassembly failed (-84) [ 662.359057][T11074] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 662.742559][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 662.749170][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 664.545028][ T5782] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 664.545436][ T5776] Bluetooth: hci4: command 0x1003 tx timeout [ 664.824334][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 665.009706][T11085] loop2: detected capacity change from 0 to 512 [ 665.045869][T11085] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 665.063064][T11084] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 665.083014][T11085] ext4 filesystem being mounted at /293/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 665.682556][T11088] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 665.954269][T11095] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 666.544819][T11103] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 666.910398][T11113] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 667.301598][T11119] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 668.180477][T11130] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 668.438314][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 668.589807][T11135] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 669.027232][T11141] bond0: Error: Cannot enslave bond to itself. [ 671.359240][T11149] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 671.557715][T11150] iommufd_mock iommufd_mock2: Adding to iommu group 1 [ 674.599343][T11178] sysfs: cannot create duplicate filename '/devices/iommufd_mock2' [ 674.662054][T11178] CPU: 0 PID: 11178 Comm: syz.0.1298 Not tainted syzkaller #0 [ 674.669588][T11178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 674.679684][T11178] Call Trace: [ 674.683053][T11178] [ 674.686070][T11178] dump_stack_lvl+0x18c/0x250 [ 674.691001][T11178] ? show_regs_print_info+0x20/0x20 [ 674.696271][T11178] ? load_image+0x420/0x420 [ 674.700810][T11178] sysfs_create_dir_ns+0x26e/0x2a0 [ 674.705970][T11178] ? __lock_acquire+0x7d80/0x7d80 [ 674.711033][T11178] ? sysfs_warn_dup+0xa0/0xa0 [ 674.715727][T11178] ? do_raw_spin_unlock+0x121/0x230 [ 674.720947][T11178] kobject_add_internal+0x617/0xc90 [ 674.726210][T11178] kobject_add+0x164/0x240 [ 674.730649][T11178] ? kobject_init+0x1d0/0x1d0 [ 674.735344][T11178] ? bus_get_dev_root+0x127/0x150 [ 674.740415][T11178] ? get_device_parent+0x387/0x390 [ 674.745557][T11178] ? dev_attr_store+0x90/0x90 [ 674.750252][T11178] device_add+0x3fa/0xc40 [ 674.754599][T11178] iommufd_test+0x121d/0x2a20 [ 674.759343][T11178] ? iommufd_selftest_destroy+0xf0/0xf0 [ 674.764919][T11178] ? __lock_acquire+0x7d80/0x7d80 [ 674.769957][T11178] ? __lock_acquire+0x7d80/0x7d80 [ 674.774997][T11178] ? __might_fault+0xaa/0x120 [ 674.779709][T11178] ? __might_fault+0xaa/0x120 [ 674.784401][T11178] iommufd_fops_ioctl+0x48b/0x540 [ 674.789443][T11178] ? iommufd_ctx_put+0x40/0x40 [ 674.794237][T11178] ? __fget_files+0x28/0x460 [ 674.798862][T11178] ? bpf_lsm_file_ioctl+0x9/0x10 [ 674.803827][T11178] ? security_file_ioctl+0x80/0xa0 [ 674.808964][T11178] ? iommufd_ctx_put+0x40/0x40 [ 674.813754][T11178] __se_sys_ioctl+0xfd/0x170 [ 674.818370][T11178] do_syscall_64+0x55/0xb0 [ 674.822811][T11178] ? clear_bhb_loop+0x40/0x90 [ 674.827553][T11178] ? clear_bhb_loop+0x40/0x90 [ 674.832242][T11178] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 674.838183][T11178] RIP: 0033:0x7f1e4119ce59 [ 674.842666][T11178] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 674.862323][T11178] RSP: 002b:00007f1e3f3f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 674.870771][T11178] RAX: ffffffffffffffda RBX: 00007f1e41415fa0 RCX: 00007f1e4119ce59 [ 674.878751][T11178] RDX: 0000200000000740 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 674.886729][T11178] RBP: 00007f1e41232e6f R08: 0000000000000000 R09: 0000000000000000 [ 674.894713][T11178] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 674.902712][T11178] R13: 00007f1e41416038 R14: 00007f1e41415fa0 R15: 00007ffe1063d998 [ 674.910720][T11178] [ 674.923329][T11178] kobject: kobject_add_internal failed for iommufd_mock2 with -EEXIST, don't try to register things with the same name in the same directory. [ 675.828252][T11187] bond0: Error: Cannot enslave bond to itself. [ 676.848039][T11193] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 677.475990][T11196] iommufd_mock iommufd_mock2: Adding to iommu group 1 [ 681.275423][T11216] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 681.987852][T11222] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 682.502606][T11227] iommufd_mock iommufd_mock2: Adding to iommu group 1 [ 683.190480][T11230] sysfs: cannot create duplicate filename '/devices/iommufd_mock2' [ 683.203476][T11230] CPU: 0 PID: 11230 Comm: syz.0.1313 Not tainted syzkaller #0 [ 683.210970][T11230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 683.221042][T11230] Call Trace: [ 683.224324][T11230] [ 683.227261][T11230] dump_stack_lvl+0x18c/0x250 [ 683.231963][T11230] ? show_regs_print_info+0x20/0x20 [ 683.237181][T11230] ? load_image+0x420/0x420 [ 683.241693][T11230] sysfs_create_dir_ns+0x26e/0x2a0 [ 683.246803][T11230] ? __lock_acquire+0x7d80/0x7d80 [ 683.251833][T11230] ? sysfs_warn_dup+0xa0/0xa0 [ 683.256527][T11230] ? do_raw_spin_unlock+0x121/0x230 [ 683.261732][T11230] kobject_add_internal+0x617/0xc90 [ 683.266958][T11230] kobject_add+0x164/0x240 [ 683.271381][T11230] ? kobject_init+0x1d0/0x1d0 [ 683.276057][T11230] ? bus_get_dev_root+0x127/0x150 [ 683.281103][T11230] ? get_device_parent+0x387/0x390 [ 683.286219][T11230] ? dev_attr_store+0x90/0x90 [ 683.290937][T11230] device_add+0x3fa/0xc40 [ 683.295277][T11230] iommufd_test+0x121d/0x2a20 [ 683.299969][T11230] ? iommufd_selftest_destroy+0xf0/0xf0 [ 683.305523][T11230] ? __lock_acquire+0x7d80/0x7d80 [ 683.310553][T11230] ? __lock_acquire+0x7d80/0x7d80 [ 683.315589][T11230] ? __might_fault+0xaa/0x120 [ 683.320275][T11230] ? __might_fault+0xaa/0x120 [ 683.324977][T11230] iommufd_fops_ioctl+0x48b/0x540 [ 683.330009][T11230] ? iommufd_ctx_put+0x40/0x40 [ 683.334781][T11230] ? __fget_files+0x28/0x460 [ 683.339383][T11230] ? bpf_lsm_file_ioctl+0x9/0x10 [ 683.344325][T11230] ? security_file_ioctl+0x80/0xa0 [ 683.349450][T11230] ? iommufd_ctx_put+0x40/0x40 [ 683.354214][T11230] __se_sys_ioctl+0xfd/0x170 [ 683.358808][T11230] do_syscall_64+0x55/0xb0 [ 683.363222][T11230] ? clear_bhb_loop+0x40/0x90 [ 683.367895][T11230] ? clear_bhb_loop+0x40/0x90 [ 683.372583][T11230] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 683.378481][T11230] RIP: 0033:0x7f1e4119ce59 [ 683.382895][T11230] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 683.402500][T11230] RSP: 002b:00007f1e3f3f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 683.410912][T11230] RAX: ffffffffffffffda RBX: 00007f1e41415fa0 RCX: 00007f1e4119ce59 [ 683.418885][T11230] RDX: 0000200000000740 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 683.426858][T11230] RBP: 00007f1e41232e6f R08: 0000000000000000 R09: 0000000000000000 [ 683.434828][T11230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 683.442810][T11230] R13: 00007f1e41416038 R14: 00007f1e41415fa0 R15: 00007ffe1063d998 [ 683.450803][T11230] [ 683.512955][T11230] kobject: kobject_add_internal failed for iommufd_mock2 with -EEXIST, don't try to register things with the same name in the same directory. [ 683.564791][T11233] iommufd_mock iommufd_mock2: Adding to iommu group 0 [ 684.493954][T11236] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 685.251550][T11240] loop2: detected capacity change from 0 to 512 [ 685.282919][T11240] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 685.328357][T11240] ext4 filesystem being mounted at /302/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 685.606107][ T49] Bluetooth: hci4: Frame reassembly failed (-84) [ 685.697149][T11240] Bluetooth: hci4: Frame reassembly failed (-84) [ 685.713640][T11240] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 687.855346][ T5782] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 687.862012][ T5776] Bluetooth: hci4: command 0x1003 tx timeout [ 688.352314][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 689.643123][T11269] loop0: detected capacity change from 0 to 8192 [ 689.690854][T11269] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 689.823095][T11280] loop5: detected capacity change from 0 to 7 [ 689.850142][T11269] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 689.861696][T11280] Dev loop5: unable to read RDB block 7 [ 689.867552][T11280] loop5: unable to read partition table [ 689.874044][T11280] loop5: partition table beyond EOD, truncated [ 689.894547][T11281] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.1328' sets config #1 [ 689.906419][T11280] loop_reread_partitions: partition scan of loop5 (Wý* %4FLQk݊5) failed (rc=-5) [ 689.984790][T11269] REISERFS (device loop0): using ordered data mode [ 690.077293][T11269] reiserfs: using flush barriers [ 690.205789][T11269] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 691.904271][T11269] REISERFS warning (device loop0): journal-2004 journal_init: Journal cnode memory allocation failed (73728 bytes). Journal is too large for available memory. Usually this is due to a journal that is too large. [ 694.263068][T11294] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 695.300878][T11303] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 695.471861][T11305] iommufd_mock iommufd_mock2: Adding to iommu group 1 [ 696.228844][T11313] loop5: detected capacity change from 0 to 7 [ 696.293818][T11314] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.1340' sets config #1 [ 696.931507][T11313] Dev loop5: unable to read RDB block 7 [ 696.937273][T11313] loop5: unable to read partition table [ 696.943793][T11313] loop5: partition table beyond EOD, truncated [ 696.950072][T11313] loop_reread_partitions: partition scan of loop5 (Wý* %4FLQk݊5) failed (rc=-5) [ 698.432444][T11318] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 700.145507][T11336] loop0: detected capacity change from 0 to 512 [ 700.413146][T11336] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 700.848006][T11336] ext4 filesystem being mounted at /298/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 701.529510][ T2947] Bluetooth: hci4: Frame reassembly failed (-84) [ 701.695487][T11336] Bluetooth: hci4: Frame reassembly failed (-84) [ 701.706224][T11336] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 702.351510][T11372] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 703.193002][T11379] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 703.713356][ T5782] Bluetooth: hci4: command 0x1003 tx timeout [ 703.720053][ T5776] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 703.810257][T11390] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 704.029986][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 706.194939][T11398] loop5: detected capacity change from 0 to 7 [ 706.231541][T11398] Dev loop5: unable to read RDB block 7 [ 706.237349][T11398] loop5: unable to read partition table [ 706.243142][T11398] loop5: partition table beyond EOD, truncated [ 706.276735][T11398] loop_reread_partitions: partition scan of loop5 (Wý* %4FLQk݊5) failed (rc=-5) [ 706.341466][T11401] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 706.668904][T11405] iommufd_mock iommufd_mock2: Adding to iommu group 1 [ 707.146202][T11412] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1374'. [ 707.754145][T11421] Bluetooth: hci4: Frame reassembly failed (-84) [ 707.842840][ T2930] Bluetooth: hci4: Frame reassembly failed (-84) [ 708.012440][T11428] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1380'. [ 709.429187][T11439] loop0: detected capacity change from 0 to 512 [ 709.490319][T11439] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 709.504651][T11439] ext4 filesystem being mounted at /302/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 709.588034][T11439] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 709.952365][ T5776] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 711.270709][T11467] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 711.942496][T11481] loop5: detected capacity change from 0 to 7 [ 712.679543][T11481] Dev loop5: unable to read RDB block 7 [ 712.685433][T11481] loop5: unable to read partition table [ 712.692038][T11481] loop5: partition table beyond EOD, truncated [ 712.698386][T11481] loop_reread_partitions: partition scan of loop5 (Wý* %4FLQk݊5) failed (rc=-5) [ 713.934797][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 714.157237][T11492] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 714.225881][T11493] loop5: detected capacity change from 0 to 7 [ 714.252293][T11493] Dev loop5: unable to read RDB block 7 [ 714.258097][T11493] loop5: unable to read partition table [ 714.264789][T11493] loop5: partition table beyond EOD, truncated [ 714.271026][T11493] loop_reread_partitions: partition scan of loop5 (Wý* %4FLQk݊5) failed (rc=-5) [ 714.308623][T11493] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.1402' sets config #1 [ 716.427865][T11508] bond0: Error: Cannot enslave bond to itself. [ 717.449740][T11515] loop0: detected capacity change from 0 to 512 [ 717.501107][T11515] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 717.529416][T11515] ext4 filesystem being mounted at /305/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 717.795369][T11521] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 718.250626][T11530] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 718.553818][T11534] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 719.153113][T11546] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 720.003601][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 720.701060][T11562] loop0: detected capacity change from 0 to 512 [ 720.799872][T11562] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 720.824316][T11562] ext4 filesystem being mounted at /306/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 721.418464][T11089] Bluetooth: hci4: Frame reassembly failed (-84) [ 721.428368][T11089] Bluetooth: hci4: Frame reassembly failed (-84) [ 721.520961][T11562] Bluetooth: hci4: Frame reassembly failed (-84) [ 721.533664][T11562] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 722.646269][T11576] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 722.836988][T11579] loop2: detected capacity change from 0 to 512 [ 722.863004][T11579] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 722.881679][T11579] ext4 filesystem being mounted at /322/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 723.351050][T11583] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 95 vs 96 free clusters [ 723.643828][ T5782] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 723.643859][ T5776] Bluetooth: hci4: command 0x1003 tx timeout [ 723.704247][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 723.798304][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 723.834131][T11587] netlink: 84 bytes leftover after parsing attributes in process `syz.0.1433'. [ 723.890226][T11589] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 724.411920][T11595] loop0: detected capacity change from 0 to 8192 [ 724.431222][T11595] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 725.689243][T11595] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 725.723690][T11595] REISERFS (device loop0): using ordered data mode [ 725.738518][T11595] reiserfs: using flush barriers [ 725.749840][T11595] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 725.773275][T11595] REISERFS (device loop0): checking transaction log (loop0) [ 725.784958][T11595] REISERFS warning: reiserfs-5081 is_leaf: nr_item seems wrong: level=1, nr_items=1538, free_space=5 rdkey [ 725.848532][T11595] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 531. Fsck? [ 725.886924][T11595] REISERFS (device loop0): Remounting filesystem read-only [ 725.905817][T11595] REISERFS error (device loop0): vs-13070 reiserfs_read_locked_inode: i/o failure occurred trying to find stat data of [1 2 0x0 SD] [ 726.768253][ T5782] Bluetooth: hci0: ACL packet for unknown connection handle 201 [ 727.396586][T11667] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1467'. [ 727.446980][T11669] nfs4: Unknown parameter 'd/3' [ 727.827149][T11689] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1478'. [ 728.702731][ T176] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 728.780630][ T5833] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 728.913248][ T176] usb 3-1: unable to get BOS descriptor or descriptor too short [ 728.923340][ T176] usb 3-1: config 1 interface 0 altsetting 156 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 728.937920][ T176] usb 3-1: config 1 interface 0 has no altsetting 0 [ 728.948157][ T176] usb 3-1: New USB device found, idVendor=05ac, idProduct=0247, bcdDevice= 0.40 [ 728.957382][ T176] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 728.967513][ T176] usb 3-1: Product: syz [ 728.971694][ T176] usb 3-1: Manufacturer: syz [ 728.976402][ T176] usb 3-1: SerialNumber: syz [ 728.982526][T11702] orangefs_mount: mount request failed with -4 [ 728.987493][ T5833] usb 1-1: Using ep0 maxpacket: 32 [ 729.004272][ T5833] usb 1-1: config 0 has an invalid interface number: 85 but max is 0 [ 729.021355][ T5833] usb 1-1: config 0 has no interface number 0 [ 729.032999][ T5833] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 729.050122][ T5833] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x82 has invalid wMaxPacketSize 0 [ 729.060592][ T5833] usb 1-1: config 0 interface 85 has no altsetting 0 [ 729.070237][ T5833] usb 1-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 729.079845][ T5833] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 729.088242][ T5833] usb 1-1: Product: syz [ 729.092975][ T5833] usb 1-1: Manufacturer: syz [ 729.097628][ T5833] usb 1-1: SerialNumber: syz [ 729.116518][ T5833] usb 1-1: config 0 descriptor?? [ 729.173776][T11728] process 'syz.3.1496' launched './file2' with NULL argv: empty string added [ 729.217215][T11731] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1497'. [ 729.255277][ T176] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input12 [ 729.280719][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 729.288063][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 729.301589][ T5125] bcm5974 3-1:1.0: could not read from device [ 729.311511][ T5125] bcm5974 3-1:1.0: could not read from device [ 729.329475][ T5125] bcm5974 3-1:1.0: could not read from device [ 729.341689][ T176] usb 3-1: USB disconnect, device number 2 [ 729.376451][ T5125] bcm5974 3-1:1.0: could not read from device [ 729.404923][ T5833] appletouch 1-1:0.85: Failed to read mode from device. [ 729.419512][ T5833] appletouch: probe of 1-1:0.85 failed with error -5 [ 729.480538][ T6312] udevd[6312]: Error opening device "/dev/input/event4": No such file or directory [ 729.491390][ T5833] usb 1-1: USB disconnect, device number 2 [ 729.503948][ T6312] udevd[6312]: Unable to EVIOCGABS device "/dev/input/event4" [ 729.520285][ T6312] udevd[6312]: Unable to EVIOCGABS device "/dev/input/event4" [ 729.528294][ T6312] udevd[6312]: Unable to EVIOCGABS device "/dev/input/event4" [ 729.543459][ T6312] udevd[6312]: Unable to EVIOCGABS device "/dev/input/event4" [ 729.657465][T11740] unsupported nla_type 40 [ 730.215350][T11769] mmap: syz.1.1514 (11769): VmData 37597184 exceed data ulimit 8. Update limits or use boot option ignore_rlimit_data. [ 730.674785][ T5833] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 730.890792][ T5833] usb 3-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 730.906278][ T5833] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 730.914582][ T5833] usb 3-1: Product: syz [ 730.918984][ T5833] usb 3-1: Manufacturer: syz [ 730.924549][ T5833] usb 3-1: SerialNumber: syz [ 730.937877][ T5833] usb 3-1: config 0 descriptor?? [ 731.180189][T10965] usb 3-1: USB disconnect, device number 3 [ 731.369559][ T5833] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 731.599831][ T5833] usb 1-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02 [ 731.609963][ T5833] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 731.624844][ T5833] usb 1-1: Product: syz [ 731.629124][ T5833] usb 1-1: Manufacturer: syz [ 731.633749][ T5833] usb 1-1: SerialNumber: syz [ 731.646302][ T5833] usb 1-1: config 0 descriptor?? [ 731.655691][ T5833] gspca_main: sunplus-2.14.0 probing 04fc:504a [ 731.878565][ T5833] gspca_sunplus: reg_r err -32 [ 731.893725][ T5833] usb 1-1: USB disconnect, device number 3 [ 732.309317][ T9331] Bluetooth: hci3: command 0x0c1a tx timeout [ 732.393266][T11864] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1556'. [ 733.361892][T11907] vxcan0: tx drop: invalid sa for name 0x0000000000000002 [ 733.503935][T11914] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 733.674346][ T5832] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 733.890978][ T5832] usb 1-1: Using ep0 maxpacket: 16 [ 733.898815][ T5832] usb 1-1: config 0 has an invalid interface number: 34 but max is 0 [ 733.907590][ T5832] usb 1-1: config 0 has no interface number 0 [ 733.914440][ T5832] usb 1-1: config 0 interface 34 altsetting 0 bulk endpoint 0xA has invalid maxpacket 1023 [ 733.930056][ T5832] usb 1-1: config 0 interface 34 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 80 [ 733.953976][ T5832] usb 1-1: New USB device found, idVendor=0b95, idProduct=772a, bcdDevice=82.73 [ 733.966582][ T5832] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 733.984679][ T5832] usb 1-1: Product: syz [ 733.999087][ T5832] usb 1-1: Manufacturer: syz [ 734.007420][ T5832] usb 1-1: SerialNumber: syz [ 734.026665][ T5832] usb 1-1: config 0 descriptor?? [ 734.041947][T11909] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 734.054822][T11909] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 734.321956][T11909] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 734.344716][T11909] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 734.582714][ T5832] asix 1-1:0.34 (unnamed net_device) (uninitialized): invalid hw address, using random [ 734.800753][ T5833] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 734.950006][T11983] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1611'. [ 735.006399][ T5833] usb 3-1: Using ep0 maxpacket: 16 [ 735.020641][ T5833] usb 3-1: config 0 interface 0 has no altsetting 0 [ 735.041805][ T5833] usb 3-1: New USB device found, idVendor=054c, idProduct=0374, bcdDevice= 0.00 [ 735.050971][ T5833] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 735.062311][ T5833] usb 3-1: config 0 descriptor?? [ 735.526683][ T5833] sony 0003:054C:0374.0001: unknown main item tag 0x1 [ 735.533788][ T5833] sony 0003:054C:0374.0001: item fetching failed at offset 37/40 [ 735.542616][ T5833] sony 0003:054C:0374.0001: parse failed [ 735.548663][ T5833] sony: probe of 0003:054C:0374.0001 failed with error -22 [ 735.682472][ T5832] asix 1-1:0.34 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 735.694767][ T5832] asix 1-1:0.34 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9 [ 735.716456][ T5832] asix: probe of 1-1:0.34 failed with error -71 [ 735.748646][ T5832] usb 1-1: USB disconnect, device number 4 [ 735.759552][ T5813] usb 3-1: USB disconnect, device number 4 [ 736.744325][T12029] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1634'. [ 737.536175][T12062] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 738.344903][ T5832] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 738.415138][ T27] audit: type=1326 audit(1782284049.448:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12098 comm="syz.3.1667" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f69ea59ce59 code=0x0 [ 738.438704][T12101] capability: warning: `syz.2.1668' uses 32-bit capabilities (legacy support in use) [ 738.439108][T12101] program syz.2.1668 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 738.504034][ T9331] Bluetooth: unknown link type 170 [ 738.509574][ T9331] Bluetooth: hci1: connection err: -111 [ 738.577053][ T5832] usb 1-1: unable to get BOS descriptor or descriptor too short [ 738.588326][ T5832] usb 1-1: config 5 has an invalid interface number: 21 but max is 0 [ 738.611427][ T5832] usb 1-1: config 5 has no interface number 0 [ 738.621521][ T5832] usb 1-1: config 5 interface 21 has no altsetting 0 [ 738.642160][ T5832] usb 1-1: New USB device found, idVendor=05ac, idProduct=021c, bcdDevice=cc.f3 [ 738.667888][ T5832] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 738.675952][ T5832] usb 1-1: Product: syz [ 738.698635][ T5832] usb 1-1: Manufacturer: syz [ 738.704385][ T5832] usb 1-1: SerialNumber: syz [ 738.789545][T12111] IPVS: lblc: FWM 3 0x00000003 - no destination available [ 738.979922][ T5832] appletouch 1-1:5.21: Could not find int-in endpoint [ 738.997954][ T5832] appletouch: probe of 1-1:5.21 failed with error -5 [ 739.009644][ T5832] usbhid 1-1:5.21: couldn't find an input interrupt endpoint [ 739.035432][ T5832] usb 1-1: USB disconnect, device number 5 [ 739.895725][T12171] fuse: blksize only supported for fuseblk [ 740.154308][ T5832] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 740.303328][T10965] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 740.381392][ T5832] usb 1-1: config 0 has an invalid interface number: 197 but max is 0 [ 740.389623][ T5832] usb 1-1: config 0 has no interface number 0 [ 740.401070][ T5832] usb 1-1: config 0 has an invalid interface number: 197 but max is 0 [ 740.410435][ T5832] usb 1-1: config 0 has no interface number 0 [ 740.425399][ T5832] usb 1-1: config 0 has an invalid interface number: 197 but max is 0 [ 740.437909][ T5832] usb 1-1: config 0 has no interface number 0 [ 740.445322][ T5832] usb 1-1: config 0 has an invalid interface number: 197 but max is 0 [ 740.454405][ T5832] usb 1-1: config 0 has no interface number 0 [ 740.471007][ T5832] usb 1-1: config 0 has an invalid interface number: 197 but max is 0 [ 740.481426][ T5832] usb 1-1: config 0 has no interface number 0 [ 740.492075][ T5832] usb 1-1: config 0 has an invalid interface number: 197 but max is 0 [ 740.502778][ T5832] usb 1-1: config 0 has no interface number 0 [ 740.511673][T10965] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 740.515179][ T5832] usb 1-1: config 0 has an invalid interface number: 197 but max is 0 [ 740.530753][T10965] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 740.540091][ T5832] usb 1-1: config 0 has no interface number 0 [ 740.551059][T10965] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80 [ 740.553907][ T5832] usb 1-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice=c6.98 [ 740.571391][T10965] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 740.577051][ T5832] usb 1-1: New USB device strings: Mfr=32, Product=187, SerialNumber=229 [ 740.591882][ T5832] usb 1-1: Product: syz [ 740.597257][ T5832] usb 1-1: Manufacturer: syz [ 740.602276][T10965] usb 3-1: config 0 descriptor?? [ 740.603645][ T5832] usb 1-1: SerialNumber: syz [ 740.630342][ T5832] usb 1-1: config 0 descriptor?? [ 740.638523][ T5832] ftdi_sio 1-1:0.197: FTDI USB Serial Device converter detected [ 740.671377][ T5832] ftdi_sio ttyUSB0: unknown device type: 0xc698 [ 740.880487][ T5833] usb 1-1: USB disconnect, device number 6 [ 740.896022][ T5833] ftdi_sio 1-1:0.197: device disconnected [ 741.065218][T10965] usb 3-1: string descriptor 0 read error: -71 [ 741.086746][T10965] usb 3-1: USB disconnect, device number 5 [ 741.964839][T12242] 9pnet_fd: Insufficient options for proto=fd [ 742.188312][T10965] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 742.397723][T10965] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 742.408008][T10965] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 742.417118][T10965] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 742.428751][T10965] usb 3-1: config 0 descriptor?? [ 742.443284][T10965] pwc: Askey VC010 type 2 USB webcam detected. [ 742.615486][T12263] 9pnet_fd: Insufficient options for proto=fd [ 742.658951][T10965] pwc: send_video_command error -71 [ 742.675801][T10965] pwc: Failed to set video mode CIF@30 fps; return code = -71 [ 742.700751][T10965] Philips webcam: probe of 3-1:0.0 failed with error -71 [ 742.711764][T10965] usb 3-1: USB disconnect, device number 6 [ 743.117879][T12282] 9pnet_fd: Insufficient options for proto=fd [ 743.120004][ T5832] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 743.271211][T10965] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 743.325351][ T5832] usb 1-1: Using ep0 maxpacket: 16 [ 743.332586][ T5832] usb 1-1: config 0 has an invalid interface number: 34 but max is 0 [ 743.341351][ T5832] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 743.352638][ T5832] usb 1-1: config 0 has no interface number 0 [ 743.361174][ T5832] usb 1-1: New USB device found, idVendor=0b95, idProduct=772a, bcdDevice=82.73 [ 743.370663][ T5832] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 743.378665][ T5832] usb 1-1: Product: syz [ 743.382927][ T5832] usb 1-1: Manufacturer: syz [ 743.387548][ T5832] usb 1-1: SerialNumber: syz [ 743.395795][ T5832] usb 1-1: config 0 descriptor?? [ 743.404014][ T5832] asix: probe of 1-1:0.34 failed with error -22 [ 743.468324][T10965] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 743.478763][T10965] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 743.488093][T10965] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 743.498889][T10965] usb 3-1: config 0 descriptor?? [ 743.508658][T10965] pwc: Askey VC010 type 2 USB webcam detected. [ 743.634522][ T5832] usb 1-1: USB disconnect, device number 7 [ 743.643564][T12287] capability: warning: `syz.1.1755' uses deprecated v2 capabilities in a way that may be insecure [ 743.941588][T10965] pwc: recv_control_msg error -32 req 02 val 2b00 [ 743.958967][T10965] pwc: recv_control_msg error -32 req 02 val 2700 [ 743.978757][T10965] pwc: recv_control_msg error -32 req 02 val 2c00 [ 743.988569][T10965] pwc: recv_control_msg error -32 req 04 val 1000 [ 744.005591][T10965] pwc: recv_control_msg error -32 req 04 val 1300 [ 744.023275][T10965] pwc: recv_control_msg error -32 req 04 val 1400 [ 744.031552][T10965] pwc: recv_control_msg error -32 req 02 val 2000 [ 744.044127][T10965] pwc: recv_control_msg error -32 req 02 val 2100 [ 744.062381][T10965] pwc: recv_control_msg error -32 req 04 val 1500 [ 744.069688][T10965] pwc: recv_control_msg error -32 req 02 val 2500 [ 744.080461][T10965] pwc: recv_control_msg error -32 req 02 val 2400 [ 744.091578][T10965] pwc: recv_control_msg error -32 req 02 val 2600 [ 744.319384][T10965] pwc: recv_control_msg error -71 req 02 val 2800 [ 744.339671][T10965] pwc: recv_control_msg error -71 req 04 val 1100 [ 744.364732][T10965] pwc: recv_control_msg error -71 req 04 val 1200 [ 744.395767][T10965] pwc: Registered as video103. [ 744.428167][T10965] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input13 [ 744.467096][T10965] usb 3-1: USB disconnect, device number 7 [ 745.054049][T12333] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1775'. [ 745.113141][ T55] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 745.331251][ T55] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 745.351420][ T55] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid maxpacket 42028, setting to 1024 [ 745.374348][ T55] usb 1-1: New USB device found, idVendor=0763, idProduct=1031, bcdDevice= 1.00 [ 745.390304][ T55] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 745.418083][T12353] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1785'. [ 745.419246][ T55] usb 1-1: Product: syz [ 745.457446][ T55] usb 1-1: Manufacturer: syz [ 745.470016][ T55] usb 1-1: SerialNumber: syz [ 745.674572][T12366] 9pnet_fd: Insufficient options for proto=fd [ 745.718372][ T55] usb 1-1: Quirk or no altest; falling back to MIDI 1.0 [ 745.735427][ T55] snd-usb-audio: probe of 1-1:1.0 failed with error -2 [ 745.746540][ T55] usb 1-1: Quirk or no altest; falling back to MIDI 1.0 [ 745.755336][ T55] snd-usb-audio: probe of 1-1:1.1 failed with error -2 [ 745.782868][ T55] usb 1-1: Quirk or no altest; falling back to MIDI 1.0 [ 745.969961][ T55] snd-usb-audio: probe of 1-1:1.2 failed with error -2 [ 745.994187][ T55] usb 1-1: USB disconnect, device number 8 [ 746.132606][T12378] udevd[12378]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.2/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 747.022200][T12409] random: crng reseeded on system resumption [ 747.573709][T12426] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1816'. [ 747.654775][T12430] netlink: 'syz.0.1818': attribute type 29 has an invalid length. [ 747.686541][T12430] netlink: 'syz.0.1818': attribute type 29 has an invalid length. [ 747.720595][T12430] netlink: 'syz.0.1818': attribute type 29 has an invalid length. [ 748.813672][T12477] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1839'. [ 749.190923][T12493] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1847'. [ 749.421844][T12503] fuse: Bad value for 'fd' [ 749.622709][T12513] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 749.835496][T12525] fuse: Bad value for 'fd' [ 750.097258][T12538] sg_write: data in/out 366944/136 bytes for SCSI command 0x0-- guessing data in; [ 750.097258][T12538] program syz.0.1869 not setting count and/or reply_len properly [ 751.769298][T12580] program syz.0.1887 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 752.981807][T12642] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1908'. [ 753.429573][T12662] syz.3.1918 uses obsolete (PF_INET,SOCK_PACKET) [ 753.492690][T12664] vcan0: tx drop: invalid da for name 0x0000000000000003 [ 753.529228][ T5812] usb 3-1: new full-speed USB device number 8 using dummy_hcd [ 753.737072][ T5812] usb 3-1: unable to get BOS descriptor or descriptor too short [ 753.759776][ T5812] usb 3-1: not running at top speed; connect to a high speed hub [ 753.786546][ T5812] usb 3-1: New USB device found, idVendor=0582, idProduct=0108, bcdDevice= 0.40 [ 753.805730][ T5812] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 753.818365][ T5812] usb 3-1: Product: syz [ 753.826803][ T5812] usb 3-1: Manufacturer: syz [ 753.831577][ T5812] usb 3-1: SerialNumber: syz [ 753.897237][ T5832] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 753.955573][T12683] (null): rxe_set_mtu: Set mtu to 4096 [ 753.964983][T12683] lo speed is unknown, defaulting to 1000 [ 753.976079][T12683] lo speed is unknown, defaulting to 1000 [ 753.984486][T12683] lo speed is unknown, defaulting to 1000 [ 754.077930][ T5812] usb 3-1: Quirk or no altest; falling back to MIDI 1.0 [ 754.092242][ T5812] usb 3-1: MIDIStreaming interface descriptor not found [ 754.103464][ T5832] usb 1-1: Using ep0 maxpacket: 32 [ 754.113143][ T5832] usb 1-1: config 0 has no interfaces? [ 754.128637][ T5832] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 754.151002][ T5832] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 754.176872][ T5832] usb 1-1: Product: syz [ 754.186405][ T5832] usb 1-1: Manufacturer: syz [ 754.193411][ T5812] usb 3-1: USB disconnect, device number 8 [ 754.206899][ T5832] usb 1-1: SerialNumber: syz [ 754.227031][ T5832] usb 1-1: config 0 descriptor?? [ 754.338410][ T6974] udevd[6974]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 754.405769][T12683] infiniband syz0: set active [ 754.413997][ T5832] lo speed is unknown, defaulting to 1000 [ 754.420788][T12683] infiniband syz0: added lo [ 754.468185][T12683] RDS/IB: syz0: added [ 754.479483][T12683] smc: adding ib device syz0 with port count 1 [ 754.490248][T12683] smc: ib device syz0 port 1 has pnetid [ 754.499181][ T55] lo speed is unknown, defaulting to 1000 [ 754.514027][T12683] lo speed is unknown, defaulting to 1000 [ 754.567009][ T5812] usb 1-1: USB disconnect, device number 9 [ 754.739879][T12683] lo speed is unknown, defaulting to 1000 [ 755.000852][T12683] lo speed is unknown, defaulting to 1000 [ 755.426503][T12683] lo speed is unknown, defaulting to 1000 [ 756.067185][ T5812] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 756.269417][ T5812] usb 1-1: Using ep0 maxpacket: 32 [ 756.279308][ T5812] usb 1-1: config 1 interface 0 has no altsetting 0 [ 756.290497][ T5812] usb 1-1: New USB device found, idVendor=056a, idProduct=010f, bcdDevice= 0.40 [ 756.301993][ T5812] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 756.310111][ T5812] usb 1-1: Product: syz [ 756.320239][ T5812] usb 1-1: Manufacturer: syz [ 756.327284][ T5812] usb 1-1: SerialNumber: syz [ 756.599814][ T5812] usbhid 1-1:1.0: can't add hid device: -71 [ 756.618823][ T5812] usbhid: probe of 1-1:1.0 failed with error -71 [ 756.653534][ T5812] usb 1-1: USB disconnect, device number 10 [ 757.656060][ T5832] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 757.822062][T12803] binder: 12802:12803 unknown command 1074553619 [ 757.828480][T12803] binder: 12802:12803 ioctl c0306201 200000000540 returned -22 [ 757.872564][ T5832] usb 1-1: Using ep0 maxpacket: 32 [ 757.882229][ T5832] usb 1-1: unable to get BOS descriptor or descriptor too short [ 757.899462][ T5832] usb 1-1: config 3 has an invalid interface number: 223 but max is 1 [ 757.909118][ T5832] usb 1-1: config 3 has an invalid interface number: 25 but max is 1 [ 757.921057][ T5832] usb 1-1: config 3 has an invalid interface number: 223 but max is 1 [ 757.930513][ T5832] usb 1-1: config 3 has no interface number 0 [ 757.936732][ T5832] usb 1-1: config 3 has no interface number 1 [ 757.949589][ T5832] usb 1-1: config 3 interface 25 altsetting 6 has an invalid endpoint with address 0x80, skipping [ 757.965337][ T5832] usb 1-1: config 3 interface 25 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 757.979655][ T5832] usb 1-1: too many endpoints for config 3 interface 223 altsetting 155: 82, using maximum allowed: 30 [ 757.992744][ T5832] usb 1-1: config 3 interface 223 altsetting 155 has 2 endpoint descriptors, different from the interface descriptor's value: 82 [ 758.006978][ T5832] usb 1-1: config 3 interface 223 has no altsetting 1 [ 758.014032][ T5832] usb 1-1: config 3 interface 25 has no altsetting 0 [ 758.023992][ T5832] usb 1-1: New USB device found, idVendor=1f71, idProduct=3306, bcdDevice=2a.c0 [ 758.033522][ T5832] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 758.041996][ T5832] usb 1-1: Product: syz [ 758.051869][ T5832] usb 1-1: Manufacturer: syz [ 758.056509][ T5832] usb 1-1: SerialNumber: syz [ 758.317813][ T5832] usb 1-1: USB disconnect, device number 11 [ 758.492554][T12819] 9pnet: p9_errstr2errno: server reported unknown error 0x000000000 [ 759.031899][ T5811] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 759.248310][ T5811] usb 3-1: Using ep0 maxpacket: 32 [ 759.264406][ T5811] usb 3-1: config index 0 descriptor too short (expected 29220, got 36) [ 759.281823][ T5811] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 759.290471][ T5811] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 759.302565][ T5811] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 759.323515][ T5811] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18 [ 759.354194][ T5811] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 759.388945][ T5811] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 759.422721][ T5811] usb 3-1: config 0 descriptor?? [ 759.654741][ T5811] usb 3-1: USB disconnect, device number 9 [ 759.904951][T12892] 9pnet_fd: Insufficient options for proto=fd [ 760.065521][ T9331] Bluetooth: hci3: unexpected event for opcode 0x2005 [ 760.185128][T12908] overlayfs: failed to clone upperpath [ 760.374902][T12916] 9pnet_fd: Insufficient options for proto=fd [ 760.864189][T12942] 9pnet_fd: Insufficient options for proto=fd [ 761.964759][ T5782] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 761.974240][ T5782] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 761.990032][ T5782] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 762.002787][ T5782] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 762.021533][ T5782] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 762.028943][ T5782] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 762.140049][T12614] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 762.267181][T12979] lo speed is unknown, defaulting to 1000 [ 762.327464][T12614] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 762.510707][T12614] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 762.686603][T12614] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 763.345295][T12979] chnl_net:caif_netlink_parms(): no params data found [ 763.699222][T13050] netlink: 'syz.0.2087': attribute type 1 has an invalid length. [ 763.728575][T12979] bridge0: port 1(bridge_slave_0) entered blocking state [ 763.735921][T12979] bridge0: port 1(bridge_slave_0) entered disabled state [ 763.743170][T12979] bridge_slave_0: entered allmulticast mode [ 763.750577][T12979] bridge_slave_0: entered promiscuous mode [ 763.821082][T12979] bridge0: port 2(bridge_slave_1) entered blocking state [ 763.836063][T12979] bridge0: port 2(bridge_slave_1) entered disabled state [ 763.850489][T12979] bridge_slave_1: entered allmulticast mode [ 763.862056][T13055] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2088'. [ 763.872231][T12979] bridge_slave_1: entered promiscuous mode [ 764.187651][T12979] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 764.260903][T12979] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 764.296221][ T9331] Bluetooth: hci3: command tx timeout [ 764.436219][T12979] team0: Port device team_slave_0 added [ 764.456380][T12979] team0: Port device team_slave_1 added [ 764.558507][T12979] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 764.576471][T12979] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 764.628649][T12979] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 764.846790][T12979] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 764.868410][T12979] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 764.926087][T12979] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 765.077946][T13098] netlink: 52 bytes leftover after parsing attributes in process `syz.2.2102'. [ 765.413697][T12979] hsr_slave_0: entered promiscuous mode [ 765.433988][T12979] hsr_slave_1: entered promiscuous mode [ 765.450313][T12979] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 765.458706][T12979] Cannot create hsr debugfs directory [ 765.847866][T12614] hsr_slave_0: left promiscuous mode [ 765.876952][T12614] hsr_slave_1: left promiscuous mode [ 765.895023][T12614] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 765.910001][T12614] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 765.954626][T12614] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 765.962179][T12614] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 765.979361][T12614] bridge_slave_1: left allmulticast mode [ 765.985046][T12614] bridge_slave_1: left promiscuous mode [ 765.997563][T12614] bridge0: port 2(bridge_slave_1) entered disabled state [ 766.009912][T12614] bridge_slave_0: left allmulticast mode [ 766.015586][T12614] bridge_slave_0: left promiscuous mode [ 766.028579][T12614] bridge0: port 1(bridge_slave_0) entered disabled state [ 766.065933][T12614] veth1_macvtap: left promiscuous mode [ 766.071865][T12614] veth0_macvtap: left promiscuous mode [ 766.077969][T12614] veth1_vlan: left promiscuous mode [ 766.085711][T12614] veth0_vlan: left promiscuous mode [ 766.538123][ T9331] Bluetooth: hci3: command tx timeout [ 767.198198][ T33] ------------[ cut here ]------------ [ 767.204504][ T33] WARNING: CPU: 0 PID: 33 at net/mac80211/chan.c:92 ieee80211_vif_use_reserved_switch+0x110e/0x2900 [ 767.215740][ T33] Modules linked in: [ 767.219676][ T33] CPU: 0 PID: 33 Comm: kworker/u4:2 Not tainted syzkaller #0 [ 767.227660][ T33] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 767.238356][ T33] Workqueue: phy3 ieee80211_csa_finalize_work [ 767.244661][ T33] RIP: 0010:ieee80211_vif_use_reserved_switch+0x110e/0x2900 [ 767.252128][ T33] Code: 48 89 df e8 a4 8d d8 f7 e9 d6 fc ff ff e8 4a 19 80 f7 eb 24 e8 43 19 80 f7 c7 04 24 f4 ff ff ff e9 cc f5 ff ff e8 32 19 80 f7 <0f> 0b 0f 0b e9 b7 f5 ff ff e8 24 19 80 f7 48 8b 7c 24 08 4c 8b 74 [ 767.271940][ T33] RSP: 0018:ffffc90000a9f9c0 EFLAGS: 00010293 [ 767.278147][ T33] RAX: ffffffff8a06c812 RBX: 0000000000000001 RCX: ffff888018ac8000 [ 767.286297][ T33] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 767.294304][ T33] RBP: dffffc0000000000 R08: ffff88805daa962f R09: 1ffff1100bb552c5 [ 767.302559][ T33] R10: dffffc0000000000 R11: ffffed100bb552c6 R12: 0000000000000001 [ 767.307859][ C1] ------------[ cut here ]------------ [ 767.313484][ T33] R13: ffff88805daaa659 R14: ffff88801c3e2d48 R15: ffff88802bbc8900 [ 767.316253][ C1] WARNING: CPU: 1 PID: 5762 at net/mac80211/tx.c:5033 __ieee80211_beacon_get+0x1141/0x1520 [ 767.324613][ T33] FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 767.334195][ C1] Modules linked in: [ 767.343144][ T33] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 767.343162][ T33] CR2: 0000000000000000 CR3: 00000000690e0000 CR4: 00000000003526f0 [ 767.347054][ C1] [ 767.347063][ C1] CPU: 1 PID: 5762 Comm: syz-executor Not tainted syzkaller #0 [ 767.353839][ T33] Call Trace: [ 767.361752][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 767.361765][ C1] RIP: 0010:__ieee80211_beacon_get+0x1141/0x1520 [ 767.364089][ T33] [ 767.371628][ C1] Code: f7 4c 89 ef e8 b0 a4 c2 f7 45 31 ed 4c 8b bc 24 a0 00 00 00 e9 7f fe ff ff e8 7b c6 84 f7 0f 0b e9 61 f8 ff ff e8 6f c6 84 f7 <0f> 0b e9 85 fb ff ff e8 63 c6 84 f7 48 c7 c7 40 50 64 8e 4c 89 e6 [ 767.374945][ T33] ieee80211_link_use_reserved_context+0x37b/0x5c0 [ 767.385037][ C1] RSP: 0000:ffffc9000441f958 EFLAGS: 00010246 [ 767.391349][ T33] ieee80211_csa_finalize+0x571/0xeb0 [ 767.394300][ C1] [ 767.394307][ C1] RAX: ffffffff8a021ee1 RBX: dffffc0000000000 RCX: ffff88802fb91e00 [ 767.394322][ C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 767.394335][ C1] RBP: 0000000000000000 R08: ffff88802fb91e00 R09: 0000000000000003 [ 767.413984][ T33] ? mutex_lock_nested+0x20/0x20 [ 767.420467][ C1] R10: 0000000000000007 R11: 0000000000000100 R12: ffff88805dabe440 [ 767.420482][ C1] R13: ffff88801fbc6024 R14: ffff88805dabe930 R15: ffff88801fbc6000 [ 767.420498][ C1] FS: 000055556f193500(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 767.420515][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 767.420529][ C1] CR2: 0000000000000000 CR3: 000000007db37000 CR4: 00000000003526e0 [ 767.420545][ C1] Call Trace: [ 767.420552][ C1] [ 767.420560][ C1] ? __ieee80211_beacon_get+0x36/0x1520 [ 767.420601][ C1] ieee80211_beacon_get_tim+0xbf/0x580 [ 767.420633][ C1] ? ieee80211_beacon_get_template_ema_list+0x90/0x90 [ 767.420673][ C1] mac80211_hwsim_beacon_tx+0x3bd/0x770 [ 767.420728][ C1] __iterate_interfaces+0x225/0x4c0 [ 767.420751][ C1] ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0 [ 767.420777][ C1] ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180 [ 767.420802][ C1] ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0 [ 767.420829][ C1] ieee80211_iterate_active_interfaces_atomic+0xdb/0x180 [ 767.420856][ C1] mac80211_hwsim_beacon+0xbb/0x1b0 [ 767.420880][ C1] ? hw_scan_work+0xf10/0xf10 [ 767.420904][ C1] __hrtimer_run_queues+0x525/0xc10 [ 767.420944][ C1] ? hrtimer_interrupt+0x980/0x980 [ 767.427322][ T33] ? lockdep_hardirqs_on_prepare+0x44c/0x7d0 [ 767.432460][ C1] ? read_tsc+0x9/0x20 [ 767.434797][ T33] ? ieee80211_csa_finalize_work+0x140/0x140 [ 767.442808][ C1] hrtimer_run_softirq+0x177/0x290 [ 767.442849][ C1] handle_softirqs+0x27d/0x820 [ 767.450851][ T33] ? read_lock_is_recursive+0x20/0x20 [ 767.458855][ C1] ? read_tsc+0x9/0x20 [ 767.463800][ T33] ieee80211_csa_finalize_work+0xf6/0x140 [ 767.471812][ C1] ? __irq_exit_rcu+0xd3/0x190 [ 767.471844][ C1] ? do_softirq+0x1a0/0x1a0 [ 767.471875][ C1] __irq_exit_rcu+0xd3/0x190 [ 767.471898][ C1] ? irq_exit_rcu+0x20/0x20 [ 767.471930][ C1] irq_exit_rcu+0x9/0x20 [ 767.479909][ T33] ? process_scheduled_works+0x975/0x1600 [ 767.488862][ C1] sysvec_apic_timer_interrupt+0x56/0xc0 [ 767.495498][ T33] process_scheduled_works+0xa60/0x1600 [ 767.503495][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 767.506848][ T33] ? worker_attach_to_pool+0x370/0x370 [ 767.509720][ C1] RIP: 0033:0x7f9d16d57fd7 [ 767.515296][ T33] ? assign_work+0x3cc/0x5d0 [ 767.520749][ C1] Code: 48 89 fa 4c 89 df e8 a8 56 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff [ 767.529170][ T33] worker_thread+0xa5e/0xfe0 [ 767.533077][ C1] RSP: 002b:00007fff5d4b6720 EFLAGS: 00000202 [ 767.538621][ T33] kthread+0x2fa/0x390 [ 767.544543][ C1] [ 767.544553][ C1] RAX: 0000000000000000 RBX: 000055556f193500 RCX: 00007f9d16d57fd7 [ 767.551768][ T33] ? pr_cont_work+0x550/0x550 [ 767.558029][ C1] RDX: 00007fff5d4b6760 RSI: 0000000000000000 RDI: 0000000000000000 [ 767.558047][ C1] RBP: 00007fff5d4b6c40 R08: 0000000000000000 R09: 0000000000000000 [ 767.565063][ T33] ? kthread_blkcg+0xd0/0xd0 [ 767.570277][ C1] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000004 [ 767.574958][ T33] ret_from_fork+0x48/0x80 [ 767.580185][ C1] R13: 00007fff5d4b679c R14: 00007fff5d4b6830 R15: 0000000000000000 [ 767.585304][ T33] ? kthread_blkcg+0xd0/0xd0 [ 767.591345][ C1] [ 767.595407][ T33] ret_from_fork_asm+0x11/0x20 [ 767.601405][ C1] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 767.601417][ C1] CPU: 1 PID: 5762 Comm: syz-executor Not tainted syzkaller #0 [ 767.601462][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 767.601493][ C1] Call Trace: [ 767.601529][ C1] [ 767.601556][ C1] dump_stack_lvl+0x18c/0x250 [ 767.601647][ C1] ? show_regs_print_info+0x20/0x20 [ 767.601719][ C1] ? load_image+0x420/0x420 [ 767.601798][ C1] panic+0x2ca/0x720 [ 767.601906][ C1] ? bpf_jit_dump+0xd0/0xd0 [ 767.602052][ C1] __warn+0x2e0/0x470 [ 767.602147][ C1] ? __ieee80211_beacon_get+0x1141/0x1520 [ 767.602239][ C1] ? __ieee80211_beacon_get+0x1141/0x1520 [ 767.602314][ C1] report_bug+0x2be/0x4f0 [ 767.602385][ C1] ? __ieee80211_beacon_get+0x1141/0x1520 [ 767.602470][ C1] ? __ieee80211_beacon_get+0x1141/0x1520 [ 767.602546][ C1] ? __ieee80211_beacon_get+0x1143/0x1520 [ 767.602629][ C1] handle_bug+0xcf/0x120 [ 767.602700][ C1] exc_invalid_op+0x1a/0x50 [ 767.602763][ C1] asm_exc_invalid_op+0x1a/0x20 [ 767.602843][ C1] RIP: 0010:__ieee80211_beacon_get+0x1141/0x1520 [ 767.602946][ C1] Code: f7 4c 89 ef e8 b0 a4 c2 f7 45 31 ed 4c 8b bc 24 a0 00 00 00 e9 7f fe ff ff e8 7b c6 84 f7 0f 0b e9 61 f8 ff ff e8 6f c6 84 f7 <0f> 0b e9 85 fb ff ff e8 63 c6 84 f7 48 c7 c7 40 50 64 8e 4c 89 e6 [ 767.603016][ C1] RSP: 0000:ffffc9000441f958 EFLAGS: 00010246 [ 767.603067][ C1] RAX: ffffffff8a021ee1 RBX: dffffc0000000000 RCX: ffff88802fb91e00 [ 767.603109][ C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 767.603141][ C1] RBP: 0000000000000000 R08: ffff88802fb91e00 R09: 0000000000000003 [ 767.603180][ C1] R10: 0000000000000007 R11: 0000000000000100 R12: ffff88805dabe440 [ 767.603212][ C1] R13: ffff88801fbc6024 R14: ffff88805dabe930 R15: ffff88801fbc6000 [ 767.603276][ C1] ? __ieee80211_beacon_get+0x1141/0x1520 [ 767.603387][ C1] ? __ieee80211_beacon_get+0x1141/0x1520 [ 767.603448][ C1] ? __ieee80211_beacon_get+0x36/0x1520 [ 767.603554][ C1] ieee80211_beacon_get_tim+0xbf/0x580 [ 767.603646][ C1] ? ieee80211_beacon_get_template_ema_list+0x90/0x90 [ 767.603748][ C1] mac80211_hwsim_beacon_tx+0x3bd/0x770 [ 767.603843][ C1] __iterate_interfaces+0x225/0x4c0 [ 767.603904][ C1] ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0 [ 767.603981][ C1] ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180 [ 767.604058][ C1] ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0 [ 767.604129][ C1] ieee80211_iterate_active_interfaces_atomic+0xdb/0x180 [ 767.604206][ C1] mac80211_hwsim_beacon+0xbb/0x1b0 [ 767.604273][ C1] ? hw_scan_work+0xf10/0xf10 [ 767.604359][ C1] __hrtimer_run_queues+0x525/0xc10 [ 767.604471][ C1] ? hrtimer_interrupt+0x980/0x980 [ 767.604516][ C1] ? read_tsc+0x9/0x20 [ 767.604606][ C1] hrtimer_run_softirq+0x177/0x290 [ 767.604676][ C1] handle_softirqs+0x27d/0x820 [ 767.604742][ C1] ? read_tsc+0x9/0x20 [ 767.604798][ C1] ? __irq_exit_rcu+0xd3/0x190 [ 767.604855][ C1] ? do_softirq+0x1a0/0x1a0 [ 767.604922][ C1] __irq_exit_rcu+0xd3/0x190 [ 767.604969][ C1] ? irq_exit_rcu+0x20/0x20 [ 767.605045][ C1] irq_exit_rcu+0x9/0x20 [ 767.605085][ C1] sysvec_apic_timer_interrupt+0x56/0xc0 [ 767.605156][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 767.605223][ C1] RIP: 0033:0x7f9d16d57fd7 [ 767.605261][ C1] Code: 48 89 fa 4c 89 df e8 a8 56 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff [ 767.605304][ C1] RSP: 002b:00007fff5d4b6720 EFLAGS: 00000202 [ 767.605342][ C1] RAX: 0000000000000000 RBX: 000055556f193500 RCX: 00007f9d16d57fd7 [ 767.605371][ C1] RDX: 00007fff5d4b6760 RSI: 0000000000000000 RDI: 0000000000000000 [ 767.605400][ C1] RBP: 00007fff5d4b6c40 R08: 0000000000000000 R09: 0000000000000000 [ 767.605429][ C1] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000004 [ 767.605478][ C1] R13: 00007fff5d4b679c R14: 00007fff5d4b6830 R15: 0000000000000000 [ 767.605553][ C1] [ 767.607112][ C1] Kernel Offset: disabled