last executing test programs: 2m49.94071124s ago: executing program 4 (id=735): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) syz_mount_image$fuse(0x0, &(0x7f0000000000)='./bus\x00', 0x300f401, 0x0, 0x2, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') lchown(&(0x7f0000000180)='./cgroup\x00', 0x0, 0x0) 2m49.594001659s ago: executing program 4 (id=739): socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = socket$inet_smc(0x2b, 0x1, 0x0) connect$inet(r2, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x6, 0x8, 0x3, 0x0, 0x9, 0x1, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0) unshare(0x8040480) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r5, 0xc05064a7, &(0x7f0000000280)={&(0x7f00000059c0)=[0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, r6}) syz_genetlink_get_family_id$devlink(&(0x7f0000008280), r4) ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r5, 0xc00864bf, &(0x7f0000000140)) sendmsg$DEVLINK_CMD_SB_OCC_MAX_CLEAR(r3, 0x0, 0x4000004) fsetxattr$trusted_overlay_redirect(r3, &(0x7f0000000240), &(0x7f00000002c0)='./file0\x00', 0x8, 0x1) ioctl$BLKZEROOUT(0xffffffffffffffff, 0x127f, &(0x7f0000000100)={0xa00}) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000"], 0x48) r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r8 = dup(r7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000b, 0x12, r8, 0x2000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x17) 2m44.704749376s ago: executing program 4 (id=784): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x64, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x2000002, 0x3a, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 2m44.235795646s ago: executing program 4 (id=791): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200010, &(0x7f00000000c0)={[{@quota}, {@data_err_ignore}]}, 0xfe, 0x55b, &(0x7f0000000980)="$eJzs3c9vFFUcAPDvbFt+FaUkhKgH04SDGGRLW39g4gGPRokkesdNOzSkW5Z0t4RWEuEgFy+GmBgjifEP8O6R+A/4V5AoCTGk0YOXNbOdhaXdH6UsdGU/n2TgvXmzvHkz8328t283G8DQmsz+KES8GhHfJhGHWspGIy+c3Dhu/cG1uWxLol7/7K8kknxf8/gk/3s8z7wSEb99HXGisLXe6uraYqlcTpfz/FRt6fJUdXXt5MWl0kK6kF6amZ09/c7szPvvvbv1xXt31tY3z/3zw6d3Pjr9zbH173+5d/hWEmfiYF7W2o6ncL01MxmT+TUZizObDpzuQ2WDJNntE2BHRvI4H4usDzgUI3nUAy++ryKiDgypRPzDkGqOA5pz+67z4PqLN8u7/+HGBGhr+5ON90ZiX2NudGA9eWxmlF2JiT7Un9Xx65+3b2Vb9O99CICert+IiFOjo4/1fy9HS/+3c6e2cczmOvR/8PzcycY/b+1tM/4pPBz/RJvxz3ib2N2J3vFfuNeHajrKxn8ftB3/Ply0mhjJcy81xnxjyYWL5TTr27Ju8niM7c3y3dZzTq/frXcqax3/ZVtWf3MsmJ/HvdFN613zpVrpadrc6v6NiNd6jH+TNvc/ux7ntlnH0fT2653Kerf/2ar/HPFG2/v/aK6TdF+fnGo8D1PNp2Krv28e/b1T/bvd/uz+H+je/omkdb22+uR1/LTv37RT2WSSL5o+4fO/J/m8kd6T77taqtWWpyP2JJ9s3T/z6LXNfPP4rP3Hj7WP/27P//6I+GKb7b955GbHQwfh/s8/0f3vkKgnHYvufvzlj53q317/93YjdTzfs53+r8uZPpZ4mmsHAAAAAAAAg6YQEQcjKRQfpguFYnHj8x1H4kChXKnWTlyorFyaj8Z3ZSdirNBc6R5v+TzEdP552GZ+ZlN+NiIOR8R3I/sb+eJcpTy/240HAAAAAAAAAAAAAAAAAACAATHe4fv/mT9GdvvsgGfOT37D8OoZ//34pSdgIPn/H4aX+IfhJf5heIl/GF7iH4aX+IfhJf5heIl/AAAAAAAAAAAAAAAAAAAAAAAAAAAA6KtzZ89mW339wbW5LD9/ZXVlsXLl5HxaXSwurcwV5yrLl4sLlcpCOS3OVZZ6/XvlSuXy9EysXJ2qpUltqrq6dn6psnKpdv7iUmkhPZ+OPZdWAQAAAAAAAAAAAAAAAAAAwP9LdXVtsVQup8sSEjtKjA7GaUj0ObHbPRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPPJfAAAA//9j0zaD") fsopen(0x0, 0x1) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r0, 0x10, &(0x7f00000001c0)={0xe}) 2m43.612404147s ago: executing program 4 (id=799): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0xe, &(0x7f0000000100)={[{@init_itable}, {@noinit_itable}, {@journal_ioprio}]}, 0x3, 0x466, &(0x7f0000000800)="$eJzs27tvHMUfAPDvrl/xL/lhE8IjD8AQEBYPO054pKCACCSKICFBQWvZThRyiVFsJBJFkCAUKkRDjyj5F6igQYgKiRZ6FClCaZJQHdq7XfvecS5nn5P7fKT1zezOeuZ7u3M3u3MbwMCayv4kEbsi4s+ImKhm6wtMVV9uXr+4cOv6xYUkyuX3/0kq5W5cv7hQFC3225lnptOI9Msk9reod+X8hdPzpdLSuTw/u3rm49mV8xdeOnVm/uTSyaWzh48effnI3GuvHn6lJ3Fmbbqx77PlA3vfSYbfPf51ti4t4m+Io0emOm18tlzucXX99f+adDLcx4ZwR4YiIjtcI5X+PxFDsX7wJuLtL/raOGBTlcvl8s72my+VgftYEvV5XR4GRfFFn13/FkvjIOCNzRt+9N21N6sXQFncN/OlumU40hivpEYarm97aSoiPrz073fZEptzHwIAoM5P2fjnxVbjvzQeqSn3QD43NBkRD0bE7oh4KCL2RMTDEZWyj0bEY3n58Q3W3zhJ0jz+Sa92HdwGZOO/1/O5rfrxX1oUmRyq5MYqY8DJGElOnCotHcrfk+kYGcvycx3q+PmtP75pt612/JctWf3FWDBvx9Xhsfp9FudX5+8m5lrXLkfsG24Vf7I2E5BExN6I2NdlHaee/+FAu223j7+DHswzlb+PeK56/C9FQ/yFpPP85OyOKC0dmi3Oima//X7lvXb131X8PZAd//+1PP/X4p9MaudrV+68jit/fdX2mqbb8380+aCSHs3XfTq/unpuLmI0OV5tdO36w+v7FvmifBb/9MHW/X93rL8T+yMiO4kfj4gnIuLJvO1PRcTTEXGwQ/y/Hnvmo+7j31xZ/It3dPzXE6PRuKZ1Yuj0Lz/WVTrZFP+tDsd/LTWdvzZ//g01xbWRdnV3NgMAAMC9J7u63hVJOrOWTtOZmerv5fdEpKXlldUXTix/cnax+ozAZERa3OmaqLkfOpdf1lfzlyOi+tOCYvuR/L7xt0PjlfzMwnJpsd/Bw4Db2ab/Z/5uvq0G3G88rwWDS/+HwXW7/v/5FrUD2Hrdf/8f2+jvPIFtqkX/169hIIy1/P435ofB0ND/TfvBAGno/zv61Q5g63V//2+0p+0Atp75fxhIK+Nx+4fkOyaK/9Tl7vdtIka2RTM2LRHptmjGtk2M3OP9on+fSQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL30XwAAAP//cBbcWg==") r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6000) io_setup(0x202, &(0x7f0000000200)=0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0xa00, 0x0, 0x0, r0}]) 2m41.073157082s ago: executing program 4 (id=837): socket$nl_route(0x10, 0x3, 0x0) socket(0x200000000000011, 0x3, 0x0) pipe(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$packet(0x11, 0x3, 0x300) syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000140)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2405000005000000000000000c240000e9fffff5ffffffff092403f3", @ANYRES8=r0, @ANYRES64=r1], 0x0) 2m40.579132334s ago: executing program 32 (id=837): socket$nl_route(0x10, 0x3, 0x0) socket(0x200000000000011, 0x3, 0x0) pipe(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$packet(0x11, 0x3, 0x300) syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000140)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2405000005000000000000000c240000e9fffff5ffffffff092403f3", @ANYRES8=r0, @ANYRES64=r1], 0x0) 31.437529213s ago: executing program 2 (id=2363): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x3, 0x7fff0000}]}) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x80801) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x19}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x4}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) close_range(r0, 0xffffffffffffffff, 0x0) 29.57817952s ago: executing program 2 (id=2392): socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = socket$inet_smc(0x2b, 0x1, 0x0) connect$inet(r2, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x6, 0x8, 0x3, 0x0, 0x9, 0x1, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r5, 0xc05064a7, &(0x7f0000000280)={&(0x7f00000059c0)=[0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, r6}) syz_genetlink_get_family_id$devlink(&(0x7f0000008280), r4) ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r5, 0xc00864bf, &(0x7f0000000140)) sendmsg$DEVLINK_CMD_SB_OCC_MAX_CLEAR(r3, 0x0, 0x4000004) fsetxattr$trusted_overlay_redirect(r3, &(0x7f0000000240), &(0x7f00000002c0)='./file0\x00', 0x8, 0x1) ioctl$BLKZEROOUT(0xffffffffffffffff, 0x127f, &(0x7f0000000100)={0xa00}) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000"], 0x48) r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r9 = dup(r8) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000b, 0x12, r9, 0x2000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x17) 23.819564616s ago: executing program 2 (id=2452): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000200)='./file2\x00', 0x380000c, &(0x7f0000000340)={[{@max_batch_time={'max_batch_time', 0x3d, 0x4}}, {@max_batch_time={'max_batch_time', 0x3d, 0x2}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@debug}, {@data_journal}]}, 0x1, 0x437, &(0x7f0000000900)="$eJzs289PHFUcAPDv7EKR/hBs6o/Sqmg1En9AobX24EWjiQdNTPRQjwi0wW6LKZjYhigaU4+miXfj0cS/wJNejHoy8ap306QxXFo9rZndGdhddrdAF7a6n08y8N7MW9777szbfW8eE0DPGk1/JBH7I+L3iBiqZusLjFZ/3Vpdnvl7dXkmiXL5rb+SSrmbq8szedH8dfvyTF9E4bMkjjSpd/HylfPTpdLcpSw/sXTh/YnFy1eem78wfW7u3NzFqdOnT56YfOHU1PMdiTON6+bIRwtHD7/2zrU3Zs5ce/fnb5M8/oY4OmS03cEny+UOV9ddB2rSSV8XG8KWFKvdNPor/X8oirF+8obi1U+72jhgR5XL5fIDrQ+vlIH/sSS63QKgO/Iv+nT+m2+7NPS4K9x4qToBSuO+lW3VI31RyMr0N8xvO2k0Is6s/PNVusXO3IcAAKjzfTr+ebbZ+K8QtfeF7s3WUIYj4r6IOBgRpyLiUETcH1Ep+2BEPNSskqR1/Y2LJBvHP4Xr2w5uE9Lx34vZ2lb9+C8f/cVwMcsdqMTfn5ydL80dz96TsegfSPOTber44ZXfvmh1rHb8l25p/flYMGvH9b6B+tfMTi9N30nMtW58EjHS1yz+ZG0lID19hyNiZJt1zD/9zdFWx24ffxsdWGcqfx3xVPX8r0RD/Lmk/frkxD1Rmjs+kV8VG/3y69U3W9V/R/F3QHr+9za9/tfiH05q12sXt17H1T8+bzmn2e71vyd5u27fh9NLS5cmI/Ykr1cbXbt/qqHc1Hr5NP6xY837/8FYfyeORER6ET8cEY9ExKNZ2x+LiMcj4lib+H96+Yn3thf/QJu/2hlp/LNbOv/riT3RuKd5onj+x+/qKh3ebPyRnf+TldRYtmczn3+badf2rmYAAAD47ylExP5ICuNr6UJhfLz6P/yHYm+htLC49MzZhQ8uzlafERiO/kJ+p2uo5n7oZDatz/NTDfkT2X3jL4uDlfz4zEJpttvBQ4/b16L/p/4sdrt1wI7zvBb0Lv0fepf+D71L/4fe1aT/D3ajHcDua/b9/3EX2gHsvob+b9kPeoj5P/Qu/R96l/4PPWlxMG7/kLyExIZEFO6KZkjsUKLbn0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACd8W8AAAD//zpS5t0=") chdir(&(0x7f0000000240)='./file0\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) r0 = open(&(0x7f0000000140)='.\x00', 0x0, 0x112) getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8) getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8) 23.028465819s ago: executing program 2 (id=2459): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x51) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x81899, 0x0) mount$bind(0x0, &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x89901) move_mount(r0, 0x0, 0xffffffffffffff9c, &(0x7f0000000340)='./file0/../file0\x00', 0x14) mount_setattr(r0, &(0x7f00000001c0)='./file0\x00', 0x8000, &(0x7f00000002c0)={0x1, 0xa, 0x80000, {r0}}, 0x20) umount2(&(0x7f0000000180)='./file0\x00', 0xa) 22.282303812s ago: executing program 2 (id=2472): openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x41, 0x0) ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, &(0x7f0000000000)={0x400, 0x800, 0xff, 0x100, 0x1, 0x6}) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50) pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, &(0x7f0000000000), 0xd) 20.184457776s ago: executing program 2 (id=2507): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) close(0x3) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0x806000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x13, r0, 0x0) r2 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000100)={&(0x7f0000000000)=""/62, 0x1338000, 0x800}, 0x20) 19.969697523s ago: executing program 33 (id=2507): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) close(0x3) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0x806000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x13, r0, 0x0) r2 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000100)={&(0x7f0000000000)=""/62, 0x1338000, 0x800}, 0x20) 8.115104377s ago: executing program 1 (id=2670): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff}, 0x6) setsockopt$bt_hci_HCI_FILTER(r0, 0x0, 0x2, &(0x7f0000000040)={0xfffa, [0x0, 0x7], 0x2000}, 0x10) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x4}, 0x6) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r2, 0x400455c8, 0x0) 3.676046013s ago: executing program 1 (id=2715): socket(0x10, 0x803, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=@updpolicy={0xc4, 0x19, 0x1, 0x0, 0x0, {{@in=@loopback, @in6=@ipv4={'\x00', '\xff\xff', @broadcast}, 0x4e24, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20, 0x29}, {0x0, 0x0, 0x7, 0x0, 0x0, 0x2, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, [@mark={0xc, 0x15, {0x35075a, 0x74}}]}, 0xc4}, 0x1, 0x0, 0x0, 0x24000810}, 0x4004) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x87}, {0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffb}}}, 0xb8}}, 0x0) sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b800000015"], 0xb8}}, 0x0) 3.279534413s ago: executing program 1 (id=2720): r0 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902b901010000003f0904"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$lan78xx(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$sierra_net(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$uac2(r0, 0x0, &(0x7f00000003c0)={0x44, &(0x7f0000000180)={0x20, 0xc}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 3.144268801s ago: executing program 5 (id=2723): r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000a886d85b0000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1bd3}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000640)={r3, r1, 0x25, 0x0, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6fc}}, 0x40) syz_emit_ethernet(0xfdef, &(0x7f0000000040)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2c}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x4e23, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0x3ff, 0x0, 0xff6f}}}}}}}, 0x0) 2.647649437s ago: executing program 5 (id=2730): openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0) write$cgroup_devices(r0, &(0x7f0000000000)=ANY=[], 0x9) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x100000a, 0x4082172, 0xffffffffffffffff, 0x0) getdents(r1, &(0x7f00000005c0)=""/147, 0x93) getdents64(r1, 0x0, 0x0) 2.3555328s ago: executing program 5 (id=2733): r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) setns(r1, 0x24020000) r2 = syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0) r3 = syz_pidfd_open(r2, 0x0) setns(r3, 0x24020000) capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x0, 0x6, 0xa, 0x0, 0x9}) mount$bpf(0x0, &(0x7f0000000100)='.\x00', &(0x7f00000006c0), 0x400008, 0x0) 2.183827182s ago: executing program 6 (id=2508): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=@newtaction={0x70, 0x30, 0xffff, 0x70bd27, 0x25dfdbfe, {}, [{0x5c, 0x1, [@m_sample={0x58, 0x5, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x7}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x6}, @TCA_SAMPLE_RATE={0x8, 0x3, 0xf8}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x3}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x369}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x1}}}}]}]}, 0x70}}, 0x0) r0 = syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000640)='./file1\x00', 0x1008000, &(0x7f0000000180)=ANY=[], 0x0, 0x5f2, &(0x7f0000000680)="$eJzs3c9rHOcZB/DvrCV55YIjO3bilkBNCqFU1F5JUDu9tE3TIkoogR56FrVsC6+dIG2KkkOrlh5CT/kTUor+gdJLIQUfmhx6aE85C3Is9K7bhpmdXa3tjWz9iHaVfD4w+z4z78y7zzwzO57RYjbA19byfKYepsjy/Bub5fzO9lJ7Z3vpfj9OcjZJI2kmKcrFf0/yWbKV3pRv9juG2id8+lHzzicffPx+b64cq1lM9dYv9tvu2QxymevlWrXHNd7i0ccb3sOpIw8Fx6Xb1xjZfcTPJQAwyYrkzKjlc8m5+oa9fA7o3RX37rFPta1xJwAAAAAn4Lnd7GYz58edBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJwm9e//F/XU6MdXU/R//3+mXpY6PtUejjsBAAAAAAAAADgG397NbjZzvj/fLarv/F+uZi5Vr9/IO9nIatZzLZtZSSedrGchydzQQDObK53O+sIzbLk42HJraMvFk9tnAAAAAAAAAPgK+mOW977/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACASVAkZ3pNNV3qx3NpTCVpJpkp19tK/tuPT7OH404AAAAATsBzu9nNZs7357tF9cz/QvXc38w7eZBO1tJJO6u5leIfM/VTf2Nne6m9s710v5yeHPcn/z9QGtWI6f3tYfQ7X6nWmM3trFVLruU3eSvt3Eqj2rJ0pZ/P6Lz+UOZU/Kj2jJndqtsiyS/qdjLMVRWZHlSkVedWVuPC/pU44NF5/J0W0hj85efSl1Dzc3Vb7s/rE13zxaGz74X9K5Fc/PWfb9xtP7h39/bG/OTs0iE9XomloUq8+LWqRKuqxOXB/HJ+nl9lPlfzZtazlt9mJZ2s5mper6KV+nwuX+f2r9SPH5l782mZzNTHpXcVPVhOL1fbns9afpm3cqs6oq3cyI0s5gd5Na1HjvDlkXn/vlt373a73TQO9qn/znfrYDrJz+p2MpR1vTBU1+Fr7lzVN7xkr0oXn3JtPFsHB6jS1LfqoDx7Xpu4a+OFx/6V6Ffi+f0r8ZfqxNloP7i3fnfl7Wd8v1fqtqzATweVmKqXds8cy04dSnm+XBzk8ujZUfY9P7Jvoeq7NOhrPNF3edD3tE/qTH0P9+RIi1XfiyP7ettdGeobdb8FwMQ7971zM7P/m/3P7Iezf5q9O/tG87WzN8++NJPpf03/cKp15pXGS8Xf8mF+t/f8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHN7Gu+/dW2m3V9cPHfR/ieio4wgEgpMJpvP0dcZ9ZQK+bNc799++vvHue99fu79yZ/XO6oNXWzdvLiws3Ghdv73WXq1fx50lAHCc9m76x50JAAAAAAAAAAAAAADwRU7ivxyPex8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICvtuX5TD1MkYXWtVY5v7O91C6nfry3ZjNJUQb/TPJZspXelLmh4Yovep9PP2re+eSDj9/fG6tZrf/vxePYi0dyaTyW01HHWxwa76+HGq4YVOZqkot1C2P3eQAAAP//qSkEgg==") setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f00000001c0), &(0x7f0000000200)=ANY=[@ANYRESOCT=r0, @ANYRESDEC=0x0, @ANYRESDEC=r0, @ANYRESOCT=0x0, @ANYRESHEX=r0, @ANYRESHEX=r0, @ANYRES64=r0, @ANYRESOCT, @ANYRESHEX=r0], 0x835, 0x3) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="a800000000010104000000000000000002000001240001801400018008000100e000000108000200e00000010c0002800500010000000000080008400000950304001080080015400000000020"], 0xa8}, 0x1, 0x0, 0x0, 0x400d0}, 0x0) 1.596866218s ago: executing program 0 (id=2739): r0 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301) ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000380)=@urb_type_interrupt={0x1, {0x1, 0x1}, 0x4, 0xc0, 0x0, 0x0, 0x80000000, 0xa5, 0x0, 0x57, 0xffff5651, 0x0}) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="840000000206190300000000000000000300000105000400000000000900020073797a32000000003c000780060004404e22000008000a4000000047080013400000094a08000a4000000000060005404e2400000800094080000001050007005e000000050005000500000005000100070000000500050000000000050005000b000000"], 0x84}, 0x1, 0x0, 0x0, 0x1}, 0x850) r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0xc0042, 0x1) close(r1) mount$9p_fd(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000480), 0x84, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX]) ioctl$I2C_RDWR(0xffffffffffffffff, 0x707, &(0x7f0000000280)={&(0x7f00000007c0)=[{0x101, 0x9401, 0x0, 0x0}], 0x1}) ioctl$USBDEVFS_DISCSIGNAL(0xffffffffffffffff, 0x8010550e, &(0x7f0000000080)={0xf, &(0x7f0000000040)="65acd17f5fd4f4d3e8a418cdd9"}) 1.476239785s ago: executing program 5 (id=2741): socket$inet_mptcp(0x2, 0x1, 0x106) sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0xff, 0x7fff7ffc}]}) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2400000001040102000000c9fd0000000000000008000340000104000500010001"], 0x24}, 0x1, 0x0, 0x0, 0x20008000}, 0x0) sendmsg$NFULNL_MSG_CONFIG(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000010401010000009f9c02480000fff50005000100"], 0x1c}, 0x1, 0x0, 0x0, 0x60000081}, 0x800) fanotify_mark(0xffffffffffffffff, 0x80, 0x20, 0xffffffffffffffff, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 1.349555741s ago: executing program 1 (id=2742): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f00000002c0)=0x7, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4) bind$inet6(r2, &(0x7f0000000200)={0xa, 0x4e22, 0x2, @empty, 0x8}, 0x1c) dup2(r0, r2) 1.201436484s ago: executing program 3 (id=2743): mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x100) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mkdir(&(0x7f0000000000)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x1000000, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f0000000140)='./bus\x00') r0 = open(&(0x7f0000000040)='./file0\x00', 0x84242, 0x1df2a23c5997fad6) write$FUSE_CREATE_OPEN(r0, &(0x7f0000000180)={0xa0, 0x0, 0x0, {{0x4, 0x0, 0x5, 0x7, 0x3, 0xfffffffd, {0x400000080001, 0xfd, 0x20ff, 0x8, 0xe, 0xd615, 0x9, 0x3, 0xfffffffc, 0x6000, 0x0, 0x0, 0x0, 0x5, 0x7}}, {0x0, 0x13}}}, 0xa0) sendfile(r0, r0, &(0x7f0000000080), 0x7f03) 1.200976756s ago: executing program 5 (id=2744): openat(0xffffffffffffff9c, 0x0, 0x0, 0x8) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x482, 0x0) write$binfmt_aout(r0, &(0x7f00000003c0)=ANY=[], 0xff2e) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000040)={0x0, 0x40000000, 0x0, 0x0, 0x83, "00000000000000000000ffff00"}) r1 = syz_open_pts(r0, 0x0) poll(&(0x7f0000000000)=[{r1, 0x63be}], 0x1, 0xa1) r2 = dup3(r1, r0, 0x0) ioctl$TCSETSW2(r2, 0x402c542c, &(0x7f0000000bc0)={0x7, 0xdac0, 0x8, 0x7, 0x13, "4dd5d26bd8b1eb227705ecfba7158d29559dba", 0x5, 0xa4}) 1.153707768s ago: executing program 0 (id=2745): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000440)=[{0x20, 0x2, 0x81, 0xfffff034}, {0x20, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000003c00), 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) r1 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r1, &(0x7f0000000300)="ab", 0x34000, 0x0, &(0x7f0000000380)={0x2, 0x4e22, @local}, 0x10) 971.78198ms ago: executing program 1 (id=2746): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, 0x0) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0}) syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000002000)='./file1\x00', 0x180c8, &(0x7f0000000580)=ANY=[@ANYBLOB="6e66732c646f74732c636865636b3d7374726963742c646f74732c6572726f72733d72656d6f756e742d726f2c00fc403bb14281bbfb9b8213bd6284536d64789a24dd73b98b3e33cb47fed8a736464bb62e9e891aa832722dfc28bfa4489b3a127a503e72326b737d0f67c97be6f37ef46154dec39ef8718946ffc8cd4d735a0b101c1722477bbe2f923577ea51f7116f17c3ddf5c497fba2d0bb3272d123b31e9461d4e2d65a42e1174fa269de92e463fc1ca202650fe2628e15341e45dce6c0de2367bdb50cc5b2b462e1d45fc3265f1a88561ab6afb1b73a3b340b5c5fc6e601843a59f3cdeb36991cfa985453287d4c9d2d6e21adddc57a607369c682e821b20dc0efd51d12f386f3f8e53c05e696e50c7c3f79b1b0bd7e5cfaf3f63d8949c8dd2fd94aa0f259a4cb9412c30c45f9d4d63d267d2a43f03a47fa56b3"], 0x1, 0x25c, &(0x7f0000002500)="$eJzs3T9rU1EYB+DXNGlCFzuLwwUXp6JOrkEqiAEhkkEnA9UlFeF2iU75GH4CBz+SH6NTcTliT2zaGkWk8dh7nwfCfeGXP+/JhXsynJP76vbb2cG7ozfpy8cYDKroRixSitiNTmxFdmN57JzW23HeIgCA62Y8ng5L98Df+/QHz6nr4bQXEf2fksnnjTQFAAAAAAAAAADAxq1b/x8n1v8DQJNZ/998dT2c7ix/v11k/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQzklKN9NvHqX7AwCunvkfANrH/A8A7WP+B4D2ef7i5dPhaLQ/rqpBxPFiPplP8jHnj5+M9u9Vp3ZXrzqezydbZ/n9nFcX817sLPMHa/PtuHsn59+zR89Gl/J+HGx++AAAAAAAAAAAAAAAAAAAAPBf2KvOrN3fv9ePX+S5Ovf/AJf273fjVvefDQMAAAAAAAAAAAAAAAAAAACutaP3H2bTw8PXdania8oKtzHrR7lP7y1PxhW9YTws/WUWKaLgGWxg8eMK0Sl3cQIAAAAAAAAAAAAAAAAAgJZZbfot3QkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlLO6///miohYpKz0cAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAG+xYAAP//Wv2bkg==") mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)) 925.764641ms ago: executing program 0 (id=2747): socket$packet(0x11, 0x2, 0x300) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000240)='oom_adj\x00') fchdir(r0) r1 = inotify_init() inotify_add_watch(r1, &(0x7f0000000000)='./file0\x00', 0x219) chown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) 871.603773ms ago: executing program 3 (id=2748): r0 = socket(0xa, 0x2400000001, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000034000)={0x3, {{0xa, 0x4e23, 0x3, @mcast2, 0x10000000}}}, 0x88) r1 = fsopen(&(0x7f00000000c0)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) r2 = fsmount(r1, 0x0, 0x0) r3 = openat$cgroup(r2, &(0x7f0000000040)='syz0\x00', 0x200002, 0x0) syz_clone3(&(0x7f0000000340)={0x201800000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0, 0x0, {r3}}, 0x58) getsockopt$inet6_buf(r0, 0x29, 0x10000000000030, &(0x7f0000034000)=""/144, &(0x7f0000e5f000)=0x90) 704.041838ms ago: executing program 5 (id=2749): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) close(r0) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c0000000200000001"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x2000002, 0xe, 0xfffffffffffffda9, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 702.434073ms ago: executing program 3 (id=2750): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008200122010009058103"], 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, &(0x7f00000002c0)=ANY=[@ANYBLOB="00000c000000070001"], 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000180)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB=' '], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$rtl8150(r0, 0x0, &(0x7f0000000840)={0x2c, &(0x7f0000000680)={0x20, 0x0, 0x4, "0c8ac451"}, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="6c00000002060104db406e3e0004000200000000100003006269746d61703a706f72740005000400000000000900020073797a32000000000500050000006c0005000100060000002400078008000840000013"], 0x6c}}, 0x0) 673.131914ms ago: executing program 0 (id=2751): pipe(&(0x7f00000007c0)={0xffffffffffffffff, 0xffffffffffffffff}) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x20044185) r1 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1}) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="16"], 0x50) io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0) vmsplice(r0, &(0x7f00000000c0)=[{&(0x7f0000000140)='t', 0x1}], 0x1, 0x0) 505.418416ms ago: executing program 3 (id=2752): r0 = syz_usb_connect(0x5, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b510f210950b2a7773820102030109022400010000000009042200028953950009050a02ff0300fa000905820250"], 0x0) syz_usb_control_io$rtl8150(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f00000009c0)={0x1c, &(0x7f0000000500)=ANY=[@ANYBLOB="000f06"], 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000380)={0x1c, &(0x7f0000000240)=ANY=[@ANYBLOB='!\x00\x00\a'], 0x0, 0x0}) syz_usb_control_io$printer(r0, 0x0, &(0x7f00000003c0)={0x34, &(0x7f0000000840)=ANY=[@ANYBLOB="001506"], 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) 315.575201ms ago: executing program 0 (id=2753): r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x77c}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2, 0xc3072, 0xffffffffffffffff, 0x200000) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r1) ptrace$poke(0x5, r1, &(0x7f0000000200), 0x0) 244.101993ms ago: executing program 3 (id=2754): r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000080), 0x40100001, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) r3 = syz_open_dev$dri(&(0x7f00000008c0), 0x1, 0x400) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r3, 0xc06864a1, &(0x7f0000000d40)={0x0, 0x0, r4, 0x0}) ioctl$DRM_IOCTL_MODE_SETPLANE(r0, 0xc03064b7, &(0x7f0000000040)={r2, 0x0, r5, 0x9e, 0x1ffe0000, 0x1000, 0xf6c, 0x8c5b, 0x64, 0x70, 0x239, 0x4}) 48.595233ms ago: executing program 0 (id=2755): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) r1 = fcntl$dupfd(r0, 0x406, r0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfd, 0x0, 0x7}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200047fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendmsg$DEVLINK_CMD_SB_POOL_GET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x1) shutdown(r0, 0x0) shutdown(r0, 0x1) 48.375974ms ago: executing program 1 (id=2756): writev(0xffffffffffffffff, 0x0, 0x0) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, 0x0) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff}}, './file0\x00'}) setresuid(0x0, 0xee00, 0x0) io_submit(0x0, 0x0, 0x0) r1 = shmget$private(0x0, 0x400000, 0x8, &(0x7f000000e000/0x400000)=nil) shmctl$SHM_UNLOCK(r1, 0xc) shmctl$SHM_UNLOCK(r1, 0xc) 0s ago: executing program 3 (id=2757): prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_ublk_setup_io_uring(0x20, &(0x7f0000000340)={0x0, 0x0, 0x1000, 0x40002, 0x1e5}, &(0x7f0000000000)=0x0, &(0x7f0000000040)=0x0, &(0x7f0000000140)=0x0) syz_ublk_add_dev(0xffffffffffffffff, r1, r2, r3, &(0x7f0000000180)={0x2e, 0x0, 0x0, 0xffffffffffffffff, 0xc0207504, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, '\x00', {0xffffffff, 0xffff, 0x40, &(0x7f00000000c0)=@new_dev={0x3, 0xf14, 0x0, 0x0, 0x1000, 0xffffffff, 0x0, 0x0, 0x124}}}, &(0x7f0000000280)=0x0) sendto$packet(0xffffffffffffffff, &(0x7f00000000c0)='7', 0x1, 0x4000800, 0x0, 0x0) syz_ublk_setup_queues(r0, r5, &(0x7f0000000200)={0x0, 0x1463, 0x10700, 0x2, 0xb2, 0x0, r0}, &(0x7f0000000d40)=[{0x0, 0x0, 0xffffffffffffffff, {0x0, 0x4485, 0x10002, 0x401, 0x31c, 0x0, r0}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x7682, 0x8000, 0x1, 0x2000008, 0x0, r0}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x1, 0x10, 0x1, 0x902c4, 0x0, r0}}, {0x0, 0x0, 0xffffffffffffffff, {0x0, 0x3a0b, 0x20, 0x2, 0x40021a, 0x0, r0}}], 0x4, &(0x7f0000001540)={0x2e, 0x6, 0x0, 0xffffffffffffffff, 0xc0107520, 0x0, 0x0, 0x0, 0x72ccfb459c83c565, {0x6}, 0x0, r4, '\x00', {0x3, 0x48b, 0x0, 0x0}}, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): s: Mfr=1, Product=2, SerialNumber=3 [ 132.040719][ T9] usb 4-1: Product: syz [ 132.040736][ T9] usb 4-1: Manufacturer: syz [ 132.040752][ T9] usb 4-1: SerialNumber: syz [ 132.183219][ T9] usb 4-1: config 0 descriptor?? [ 132.228001][ T6077] loop4: detected capacity change from 0 to 512 [ 132.260672][ T6077] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 132.260694][ T6077] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 132.409865][ T9] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 132.511196][ T6082] mmap: syz.0.98 (6082) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 132.550515][ T6077] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2860: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 132.693641][ T6077] EXT4-fs (loop4): 1 truncate cleaned up [ 132.761781][ T6077] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 132.887118][ T1336] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.898640][ T1336] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.063342][ T9] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 133.105231][ T9] usb 4-1: USB disconnect, device number 2 [ 133.225330][ T5615] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 133.589390][ T6094] loop2: detected capacity change from 0 to 2048 [ 133.638142][ T6097] netlink: 8 bytes leftover after parsing attributes in process `syz.0.104'. [ 133.638172][ T6097] netlink: 8 bytes leftover after parsing attributes in process `syz.0.104'. [ 133.819225][ T5621] udevd[5621]: incorrect nilfs2 checksum on /dev/loop2 [ 133.821642][ T6094] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 134.035446][ T6105] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 134.560846][ T6116] warning: `syz.1.112' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 134.937832][ T6120] Driver unsupported XDP return value 0 on prog (id 7) dev N/A, expect packet loss! [ 135.213662][ T6101] loop3: detected capacity change from 0 to 32768 [ 135.495089][ T6101] (syz.3.106,6101,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 135.577049][ T6101] (syz.3.106,6101,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 136.236723][ T6101] (syz.3.106,6101,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xbec99099, computed 0x3881d996. Applying ECC. [ 136.237390][ T6101] (syz.3.106,6101,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x93f628a2, computed 0x2aee8be5. Applying ECC. [ 136.303070][ T6101] JBD2: Ignoring recovery information on journal [ 136.498212][ T6146] loop4: detected capacity change from 0 to 512 [ 136.499281][ T6146] EXT4-fs: Ignoring removed nobh option [ 136.510216][ T6146] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 136.644118][ T6146] EXT4-fs (loop4): 1 truncate cleaned up [ 136.680104][ T6101] (syz.3.106,6101,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xbec99099, computed 0x3881d996. Applying ECC. [ 136.755491][ T6150] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 136.783756][ T6101] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 136.842348][ T6154] iommufd_mock iommufd_mock1: Adding to iommu group 1 [ 136.847890][ T6101] (syz.3.106,6101,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x93f628a2, computed 0x2aee8be5. Applying ECC. [ 136.858289][ T6146] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 137.021216][ T6101] (syz.3.106,6101,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x98842a5e, computed 0xe74db1cd. Applying ECC. [ 137.319282][ T6164] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000. [ 137.368039][ T37] audit: type=1800 audit(1780310163.229:2): pid=6163 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.123" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 137.534317][ T5616] ocfs2: Unmounting device (7,3) on (node local) [ 137.588405][ T5615] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 138.333880][ T6176] IPVS: lblc: SCTP 172.20.20.187:0 - no destination available [ 138.886205][ T822] IPVS: starting estimator thread 0... [ 138.986251][ T37] audit: type=1326 audit(1780310164.869:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6186 comm="syz.2.134" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff83855ce59 code=0x0 [ 139.002515][ T6182] IPVS: using max 10 ests per chain, 24000 per kthread [ 140.152546][ T5734] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 140.332539][ T5734] usb 4-1: Using ep0 maxpacket: 16 [ 140.336595][ T5734] usb 4-1: config 0 has an invalid interface number: 251 but max is 0 [ 140.336624][ T5734] usb 4-1: config 0 has no interface number 0 [ 140.336672][ T5734] usb 4-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 140.336699][ T5734] usb 4-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 140.343094][ T5734] usb 4-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 140.343126][ T5734] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 140.343148][ T5734] usb 4-1: Product: syz [ 140.343164][ T5734] usb 4-1: Manufacturer: syz [ 140.343181][ T5734] usb 4-1: SerialNumber: syz [ 140.547955][ T5734] usb 4-1: config 0 descriptor?? [ 140.548813][ T6210] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 140.548973][ T6210] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 140.680282][ T6230] loop1: detected capacity change from 0 to 256 [ 140.716130][ T6230] exfat: Deprecated parameter 'utf8' [ 140.716192][ T6230] exfat: Deprecated parameter 'namecase' [ 140.716221][ T6230] exfat: Deprecated parameter 'utf8' [ 140.769350][ T6210] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 140.814497][ T6210] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 140.905306][ T6230] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 141.005304][ T6236] loop0: detected capacity change from 0 to 512 [ 141.260769][ T6234] netlink: 16 bytes leftover after parsing attributes in process `syz.2.153'. [ 141.299814][ T6236] EXT4-fs (loop0): 1 truncate cleaned up [ 141.375793][ T6236] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 141.469269][ T5734] asix 4-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 141.469300][ T5734] asix 4-1:0.251 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 141.496566][ T5734] asix 4-1:0.251: probe with driver asix failed with error -71 [ 141.543689][ T5734] usb 4-1: USB disconnect, device number 3 [ 141.575719][ T6241] netlink: 4 bytes leftover after parsing attributes in process `syz.4.157'. [ 141.681998][ T5617] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.110870][ T6251] batadv_slave_1: entered promiscuous mode [ 142.128408][ T6250] batadv_slave_1: left promiscuous mode [ 142.326181][ T6256] loop4: detected capacity change from 0 to 512 [ 142.354389][ T6256] EXT4-fs (loop4): Test dummy encryption mode enabled [ 142.394439][ T6256] EXT4-fs (loop4): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 142.445931][ T6256] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni" [ 142.592471][ T821] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 142.687020][ T6256] EXT4-fs error (device loop4): __ext4_add_entry:2412: inode #2: comm syz.4.164: Directory hole found for htree leaf block 0 [ 142.729913][ T6256] EXT4-fs (loop4): Remounting filesystem read-only [ 142.742723][ T821] usb 2-1: Using ep0 maxpacket: 16 [ 142.745664][ T821] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 142.745698][ T821] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 142.781961][ T821] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 142.781995][ T821] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 142.782017][ T821] usb 2-1: Product: syz [ 142.782033][ T821] usb 2-1: Manufacturer: syz [ 142.782048][ T821] usb 2-1: SerialNumber: syz [ 142.860009][ T821] usb 2-1: config 0 descriptor?? [ 142.942809][ T6271] loop3: detected capacity change from 0 to 1024 [ 142.961294][ T821] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 142.961331][ T821] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class) [ 143.039840][ T5615] EXT4-fs (loop4): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 143.363860][ T5734] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 143.500516][ T821] em28xx 2-1:0.0: chip ID is em2882/3 [ 143.574636][ T5734] usb 1-1: Using ep0 maxpacket: 8 [ 143.642730][ T5734] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 143.678267][ T5734] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 143.678302][ T5734] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 143.678330][ T5734] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 143.678420][ T5734] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 143.678473][ T5734] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 143.678499][ T5734] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 143.831110][ T821] em28xx 2-1:0.0: Config register raw data: 0xfffffffb [ 143.831582][ T821] em28xx 2-1:0.0: AC97 chip type couldn't be determined [ 143.831601][ T821] em28xx 2-1:0.0: No AC97 audio processor [ 143.926594][ T5633] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 143.971934][ T821] usb 2-1: USB disconnect, device number 2 [ 144.013851][ T821] em28xx 2-1:0.0: Disconnecting em28xx [ 144.112499][ T5633] usb 3-1: Using ep0 maxpacket: 32 [ 144.126991][ T5633] usb 3-1: unable to get BOS descriptor or descriptor too short [ 144.135749][ T5734] usb 1-1: GET_CAPABILITIES returned 0 [ 144.135799][ T5734] usbtmc 1-1:16.0: can't read capabilities [ 144.135971][ T5633] usb 3-1: config 7 has an invalid interface number: 187 but max is 0 [ 144.135995][ T5633] usb 3-1: config 7 has no interface number 0 [ 144.136043][ T5633] usb 3-1: config 7 interface 187 altsetting 6 endpoint 0xD has invalid wMaxPacketSize 0 [ 144.136068][ T5633] usb 3-1: config 7 interface 187 has no altsetting 0 [ 144.203736][ T5633] usb 3-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb [ 144.203770][ T5633] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 144.203792][ T5633] usb 3-1: Product: syz [ 144.203808][ T5633] usb 3-1: Manufacturer: syz [ 144.203823][ T5633] usb 3-1: SerialNumber: syz [ 144.392929][ T821] em28xx 2-1:0.0: Freeing device [ 144.603488][ T5633] usb 3-1: Limiting number of CPorts to U8_MAX [ 144.625787][ T5734] usb 1-1: USB disconnect, device number 3 [ 144.681185][ T5633] usb 3-1: Unknown endpoint type found, address 0x07 [ 144.681212][ T5633] usb 3-1: Unknown endpoint type found, address 0x0d [ 144.681231][ T5633] usb 3-1: Not enough endpoints found in device, aborting! [ 144.931684][ T6296] loop1: detected capacity change from 0 to 1024 [ 145.049300][ T5633] usb 3-1: USB disconnect, device number 2 [ 145.425058][ T6296] hfsplus: bad catalog entry type [ 146.182542][ T821] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 146.355140][ T821] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 146.355171][ T821] usb 2-1: config 0 interface 0 has no altsetting 0 [ 146.358247][ T821] usb 2-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce [ 146.358279][ T821] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 146.358301][ T821] usb 2-1: Product: syz [ 146.358316][ T821] usb 2-1: Manufacturer: syz [ 146.358332][ T821] usb 2-1: SerialNumber: syz [ 146.538109][ T821] usb 2-1: config 0 descriptor?? [ 146.557645][ T821] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state. [ 146.709312][ T821] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 146.711845][ T821] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0) [ 146.711931][ T821] usb 2-1: media controller created [ 146.799875][ T821] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 146.951862][ T821] DVB: Unable to find symbol tda10046_attach() [ 146.951880][ T821] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0' [ 146.951927][ T821] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected. [ 147.585456][ T821] dvb_usb_m920x 2-1:0.0: probe with driver dvb_usb_m920x failed with error -71 [ 147.645175][ T821] usb 2-1: USB disconnect, device number 3 [ 147.905468][ T6319] sctp: [Deprecated]: syz.2.186 (pid 6319) Use of int in max_burst socket option deprecated. [ 147.905468][ T6319] Use struct sctp_assoc_value instead [ 148.471477][ T6324] loop2: detected capacity change from 0 to 512 [ 148.484986][ T6324] EXT4-fs: Ignoring removed oldalloc option [ 148.626126][ T6324] EXT4-fs (loop2): filesystem is read-only [ 148.687211][ T6324] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 148.691157][ T6324] EXT4-fs (loop2): filesystem is read-only [ 148.691177][ T6324] EXT4-fs (loop2): orphan cleanup on readonly fs [ 148.968781][ T6328] loop4: detected capacity change from 0 to 4096 [ 149.056140][ T6324] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.188: bg 0: block 64: padding at end of block bitmap is not set [ 149.056181][ T6324] loop2: lost filesystem error report for type 5 error -117 [ 149.063021][ C1] EXT4-fs (loop2): initial error at time 1780310174: ext4_validate_block_bitmap:441 [ 149.063055][ C1] EXT4-fs (loop2): last error at time 1780310174: ext4_validate_block_bitmap:441 [ 149.177285][ T6328] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512). [ 149.309088][ T6324] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6679: Corrupt filesystem [ 149.309110][ T6324] loop2: lost filesystem error report for type 5 error -117 [ 149.333354][ T6324] EXT4-fs (loop2): 1 orphan inode deleted [ 149.377144][ T6324] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 149.640537][ T6328] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 149.745953][ T5614] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 149.746125][ T6336] loop0: detected capacity change from 0 to 512 [ 149.778940][ T6328] ntfs3(loop4): Failed to load $Extend (-22). [ 149.778967][ T6328] ntfs3(loop4): Failed to initialize $Extend. [ 149.960716][ T6338] bond0: entered promiscuous mode [ 149.960740][ T6338] bond_slave_0: entered promiscuous mode [ 149.961011][ T6338] bond_slave_1: entered promiscuous mode [ 150.008001][ T6338] batadv0: entered promiscuous mode [ 150.020801][ T6340] fuse: Bad value for 'fd' [ 150.096829][ T6338] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 150.999691][ T6328] ntfs3(loop4): ino=0, attr_set_size_ex [ 151.290901][ T6354] loop1: detected capacity change from 0 to 4096 [ 151.537523][ T6357] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 151.672755][ T6361] netlink: 'syz.2.205': attribute type 3 has an invalid length. [ 151.672794][ T6361] netlink: 'syz.2.205': attribute type 3 has an invalid length. [ 151.680245][ T6361] netlink: 16 bytes leftover after parsing attributes in process `syz.2.205'. [ 152.885079][ T5622] Bluetooth: hci4: command 0x0405 tx timeout [ 153.767986][ T6395] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.215'. [ 154.388889][ T6405] loop0: detected capacity change from 0 to 256 [ 155.263844][ T6414] loop0: detected capacity change from 0 to 512 [ 155.264922][ T6414] EXT4-fs: Ignoring removed bh option [ 155.315679][ T6414] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended [ 155.392142][ T6414] EXT4-fs (loop0): 1 truncate cleaned up [ 155.422505][ T6414] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 155.504140][ T6414] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.222: bg 0: block 465: padding at end of block bitmap is not set [ 155.579469][ T6414] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 131075 with max blocks 1 with error 28 [ 155.579505][ T6414] EXT4-fs (loop0): This should not happen!! Data will be lost [ 155.579505][ T6414] [ 155.579523][ T6414] EXT4-fs (loop0): Total free blocks count 0 [ 155.579538][ T6414] EXT4-fs (loop0): Free/Dirty block details [ 155.579581][ T6414] EXT4-fs (loop0): free_blocks=0 [ 155.579615][ T6414] EXT4-fs (loop0): dirty_blocks=2 [ 155.579630][ T6414] EXT4-fs (loop0): Block reservation details [ 155.579644][ T6414] EXT4-fs (loop0): i_reserved_data_blocks=2 [ 155.865135][ T5617] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 156.083382][ T6433] loop1: detected capacity change from 0 to 2048 [ 156.238243][ T6433] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found! [ 156.501052][ T6448] loop0: detected capacity change from 0 to 22 [ 156.509228][ T6448] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 156.662456][ T6450] netlink: 8 bytes leftover after parsing attributes in process `syz.4.238'. [ 156.815296][ T6448] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 156.855559][ T5747] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 156.999713][ T6452] loop3: detected capacity change from 0 to 4096 [ 157.013204][ T6454] syz.4.240 uses obsolete (PF_INET,SOCK_PACKET) [ 157.020249][ T5747] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 157.020280][ T5747] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 157.022465][ T5747] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 157.022561][ T5747] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 157.022691][ T5747] usb 2-1: SerialNumber: syz [ 157.090212][ T6452] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512). [ 157.608307][ T6452] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 157.667473][ T5747] usb 2-1: 0:2 : does not exist [ 158.898457][ T6471] loop3: detected capacity change from 0 to 2048 [ 159.205932][ T6471] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 159.510786][ T6476] loop1: detected capacity change from 0 to 512 [ 159.553228][ T6476] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 159.628687][ T5747] usb 2-1: USB disconnect, device number 4 [ 159.797113][ T6476] EXT4-fs (loop1): 1 truncate cleaned up [ 159.962058][ T6476] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 160.200408][ T6476] EXT4-fs (loop1): shut down requested (2) [ 160.451863][ T5613] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.460422][ T6487] loop2: detected capacity change from 0 to 4096 [ 160.994319][ T5602] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 161.155015][ T5602] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 242, changing to 11 [ 161.155053][ T5602] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 161.155098][ T5602] usb 5-1: New USB device found, idVendor=07b5, idProduct=0312, bcdDevice= 0.00 [ 161.155123][ T5602] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 161.295262][ T5602] usb 5-1: config 0 descriptor?? [ 161.526006][ T6294] udevd[6294]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 161.816417][ T5602] hid (null): bogus close delimiter [ 161.816548][ T5602] hid (null): report_id 0 is invalid [ 161.820568][ T6498] netlink: 24 bytes leftover after parsing attributes in process `syz.1.258'. [ 162.055701][ T6492] loop0: detected capacity change from 0 to 32768 [ 162.156052][ T6492] ocfs2: Slot 0 on device (7,0) was already allocated to this node! [ 162.210231][ T6492] JBD2: Ignoring recovery information on journal [ 162.308720][ T5602] megaworld 0003:07B5:0312.0001: unknown main item tag 0x0 [ 162.308765][ T5602] megaworld 0003:07B5:0312.0001: unknown main item tag 0x0 [ 162.308793][ T5602] megaworld 0003:07B5:0312.0001: unknown main item tag 0x0 [ 162.308821][ T5602] megaworld 0003:07B5:0312.0001: unknown main item tag 0x0 [ 162.308848][ T5602] megaworld 0003:07B5:0312.0001: unknown main item tag 0x0 [ 162.308890][ T5602] megaworld 0003:07B5:0312.0001: unknown main item tag 0x0 [ 162.308918][ T5602] megaworld 0003:07B5:0312.0001: unknown main item tag 0x3 [ 162.308946][ T5602] megaworld 0003:07B5:0312.0001: bogus close delimiter [ 162.308961][ T5602] megaworld 0003:07B5:0312.0001: item 0 0 2 10 parsing failed [ 162.426160][ T5602] megaworld 0003:07B5:0312.0001: parse failed [ 162.426220][ T5602] megaworld 0003:07B5:0312.0001: probe with driver megaworld failed with error -22 [ 162.546304][ T6492] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 162.595101][ T5602] usb 5-1: USB disconnect, device number 2 [ 163.242893][ T5602] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 163.277129][ T5622] Bluetooth: hci0: hcon ffff888040cb4000 sent 1 < count 743 [ 163.466222][ T5602] usb 5-1: Using ep0 maxpacket: 32 [ 163.505439][ T5602] usb 5-1: config index 0 descriptor too short (expected 35577, got 27) [ 163.505462][ T5602] usb 5-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 163.505478][ T5602] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 163.505493][ T5602] usb 5-1: config 1 has no interface number 0 [ 163.505594][ T5602] usb 5-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 163.505614][ T5602] usb 5-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 163.505647][ T5602] usb 5-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 163.505664][ T5602] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 163.685420][ T5602] snd_usb_pod 5-1:1.1: Line 6 Pocket POD found [ 164.049744][ T5602] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now attached [ 164.474225][ T821] usb 5-1: USB disconnect, device number 3 [ 164.511028][ T821] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now disconnected [ 164.624030][ T6537] trusted_key: encrypted_key: keylen parameter is missing [ 164.696544][ T6492] syz.0.256 (6492) used greatest stack depth: 18976 bytes left [ 165.147718][ T5617] ocfs2: Unmounting device (7,0) on (node local) [ 165.196665][ T6534] loop1: detected capacity change from 0 to 32768 [ 165.292624][ T6534] JBD2: Ignoring recovery information on journal [ 165.698097][ T6534] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 165.770912][ T6562] Failed to get privilege flags for destination (handle=0x2:0x4) [ 165.995896][ T6571] capability: warning: `syz.0.287' uses 32-bit capabilities (legacy support in use) [ 167.400077][ T6596] loop4: detected capacity change from 0 to 256 [ 167.654174][ T6596] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xdbae3f17, utbl_chksum : 0xe619d30d) [ 167.778918][ T5613] ocfs2: Unmounting device (7,1) on (node local) [ 167.982163][ T6601] loop3: detected capacity change from 0 to 512 [ 167.992001][ T6601] EXT4-fs: inline encryption not supported [ 167.992036][ T6601] EXT4-fs: Ignoring removed mblk_io_submit option [ 168.016781][ T6601] EXT4-fs (loop3): Test dummy encryption mode enabled [ 168.038517][ T6601] EXT4-fs (loop3): orphan cleanup on readonly fs [ 168.040681][ T6601] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.299: inode #13: comm syz.3.299: iget: illegal inode # [ 168.040714][ T6601] loop3: lost filesystem error report for type 5 error -117 [ 168.042609][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 168.042631][ C0] EXT4-fs (loop3): initial error at time 1780310193: ext4_orphan_get:1397 [ 168.042663][ C0] EXT4-fs (loop3): last error at time 1780310193: ext4_orphan_get:1397 [ 168.052115][ T6601] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.299: couldn't read orphan inode 13 (err -117) [ 168.052147][ T6601] loop3: lost filesystem error report for type 5 error -117 [ 168.245436][ T6601] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 168.452205][ T6565] Set syz1 is full, maxelem 6117 reached [ 168.496528][ T5616] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 168.895054][ T6605] input: syz1 as /devices/virtual/input/input5 [ 170.711518][ T6633] loop4: detected capacity change from 0 to 4096 [ 170.915360][ T6633] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 170.954863][ T6627] loop3: detected capacity change from 0 to 32768 [ 170.964949][ T5747] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 171.038613][ T6627] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.308 (6627) [ 171.195187][ T5747] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 171.195224][ T5747] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 171.195249][ T5747] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 171.195276][ T5747] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 171.199418][ T5747] usb 2-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13 [ 171.199449][ T5747] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 171.199470][ T5747] usb 2-1: Product: syz [ 171.199485][ T5747] usb 2-1: Manufacturer: syz [ 171.199500][ T5747] usb 2-1: SerialNumber: syz [ 171.324913][ T5747] usb 2-1: config 0 descriptor?? [ 171.380062][ T5615] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 171.746296][ T5747] adutux 2-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0 [ 171.976616][ T6637] loop2: detected capacity change from 0 to 32768 [ 171.980850][ T5747] usb 2-1: USB disconnect, device number 5 [ 172.156984][ T6627] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 172.157034][ T6627] BTRFS info (device loop3): using crc32c checksum algorithm [ 173.084675][ T5747] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 173.248468][ T5747] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 9865, setting to 1024 [ 173.248522][ T5747] usb 5-1: New USB device found, idVendor=0b05, idProduct=1abe, bcdDevice= 0.00 [ 173.248548][ T5747] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 173.264072][ T5747] usb 5-1: config 0 descriptor?? [ 173.367237][ T6669] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 173.549828][ T6687] loop1: detected capacity change from 0 to 16 [ 173.872197][ T5747] hid (null): unknown global tag 0xe [ 173.872256][ T5747] hid (null): unknown global tag 0x43 [ 173.916432][ T6687] erofs (device loop1): DAX unsupported by block device. Turning off DAX. [ 173.966326][ T6687] erofs (device loop1): EXPERIMENTAL EROFS subpage compressed block support in use. Use at your own risk! [ 174.046063][ T5747] asus 0003:0B05:1ABE.0002: unknown main item tag 0x0 [ 174.046109][ T5747] asus 0003:0B05:1ABE.0002: unknown main item tag 0x0 [ 174.046138][ T5747] asus 0003:0B05:1ABE.0002: unknown main item tag 0x0 [ 174.046166][ T5747] asus 0003:0B05:1ABE.0002: unknown main item tag 0x0 [ 174.046193][ T5747] asus 0003:0B05:1ABE.0002: unknown main item tag 0x0 [ 174.046221][ T5747] asus 0003:0B05:1ABE.0002: unknown main item tag 0x0 [ 174.046249][ T5747] asus 0003:0B05:1ABE.0002: unknown main item tag 0x0 [ 174.046276][ T5747] asus 0003:0B05:1ABE.0002: unknown main item tag 0x0 [ 174.046303][ T5747] asus 0003:0B05:1ABE.0002: unknown main item tag 0x0 [ 174.046330][ T5747] asus 0003:0B05:1ABE.0002: unknown main item tag 0x0 [ 174.048402][ T5747] asus 0003:0B05:1ABE.0002: reserved main item tag 0xe [ 174.048438][ T5747] asus 0003:0B05:1ABE.0002: unknown global tag 0xe [ 174.048455][ T5747] asus 0003:0B05:1ABE.0002: item 0 0 1 14 parsing failed [ 174.049224][ T5747] asus 0003:0B05:1ABE.0002: Asus hid parse failed: -22 [ 174.049352][ T5747] asus 0003:0B05:1ABE.0002: probe with driver asus failed with error -22 [ 174.251563][ T6687] erofs (device loop1): mounted with root inode @ nid 36. [ 174.349084][ T6627] BTRFS error (device loop3): open_ctree failed: -4 [ 174.506613][ T5747] usb 5-1: USB disconnect, device number 4 [ 175.704836][ T6696] loop1: detected capacity change from 0 to 32768 [ 176.246902][ T6696] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 176.645098][ T6696] XFS (loop1): Ending clean mount [ 176.808595][ T5633] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 177.014340][ T5633] usb 5-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 177.014374][ T5633] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 177.014396][ T5633] usb 5-1: Product: syz [ 177.014423][ T5633] usb 5-1: Manufacturer: syz [ 177.014440][ T5633] usb 5-1: SerialNumber: syz [ 177.559716][ T5633] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE [ 177.559783][ T5633] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE [ 177.776067][ T5633] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00000010. ret = -EPROTO [ 177.776128][ T5633] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 177.838173][ T5633] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 177.955608][ T5633] lan78xx 5-1:1.0: probe with driver lan78xx failed with error -71 [ 178.003961][ T5633] usb 5-1: USB disconnect, device number 5 [ 178.410167][ T5613] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 179.775215][ T43] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 179.962999][ T43] usb 5-1: Using ep0 maxpacket: 16 [ 179.965494][ T43] usb 5-1: config 0 has an invalid interface number: 34 but max is 0 [ 179.965522][ T43] usb 5-1: config 0 has no interface number 0 [ 179.965567][ T43] usb 5-1: config 0 interface 34 altsetting 0 bulk endpoint 0xA has invalid maxpacket 1023 [ 179.965593][ T43] usb 5-1: config 0 interface 34 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 80 [ 179.968558][ T43] usb 5-1: New USB device found, idVendor=0b95, idProduct=772a, bcdDevice=82.73 [ 179.968591][ T43] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 179.968612][ T43] usb 5-1: Product: syz [ 179.968628][ T43] usb 5-1: Manufacturer: syz [ 179.968644][ T43] usb 5-1: SerialNumber: syz [ 180.093125][ T43] usb 5-1: config 0 descriptor?? [ 180.097365][ T6815] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 180.118207][ T6815] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 180.358573][ T6815] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 180.358705][ T6815] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 180.834321][ T43] asix 5-1:0.34 (unnamed net_device) (uninitialized): invalid PHY address: 43 [ 181.043561][ T5734] usb 5-1: USB disconnect, device number 6 [ 182.026633][ T6857] Zero length message leads to an empty skb [ 182.652723][ T6868] netlink: 8 bytes leftover after parsing attributes in process `syz.1.412'. [ 182.665613][ T6868] netlink: 'syz.1.412': attribute type 1 has an invalid length. [ 182.665636][ T6868] netlink: 'syz.1.412': attribute type 2 has an invalid length. [ 182.909767][ T6875] loop9: detected capacity change from 0 to 7 [ 183.022624][ T6875] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 183.022789][ T6875] Buffer I/O error on dev loop9, logical block 0, async page read [ 183.023616][ T6875] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 183.023648][ T6875] Buffer I/O error on dev loop9, logical block 0, async page read [ 183.023796][ T6875] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 183.023842][ T6875] Buffer I/O error on dev loop9, logical block 0, async page read [ 183.027209][ T6875] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 183.027241][ T6875] Buffer I/O error on dev loop9, logical block 0, async page read [ 183.027395][ T6875] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 183.027423][ T6875] Buffer I/O error on dev loop9, logical block 0, async page read [ 183.027565][ T6875] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 183.027593][ T6875] Buffer I/O error on dev loop9, logical block 0, async page read [ 183.027732][ T6875] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 183.027759][ T6875] Buffer I/O error on dev loop9, logical block 0, async page read [ 183.027847][ T6875] ldm_validate_partition_table(): Disk read failed. [ 183.027906][ T6875] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 183.027932][ T6875] Buffer I/O error on dev loop9, logical block 0, async page read [ 183.028058][ T6875] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 183.028083][ T6875] Buffer I/O error on dev loop9, logical block 0, async page read [ 183.028208][ T6875] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 183.028232][ T6875] Buffer I/O error on dev loop9, logical block 0, async page read [ 183.028385][ T6875] Dev loop9: unable to read RDB block 0 [ 183.031077][ T6878] loop2: detected capacity change from 0 to 512 [ 183.086273][ T6875] loop9: unable to read partition table [ 183.087305][ T6875] loop9: partition table beyond EOD, truncated [ 183.127332][ T6875] loop_reread_partitions: partition scan of loop9 (úù) failed (rc=-5) [ 183.280436][ T6878] EXT4-fs: Mount option(s) incompatible with ext2 [ 184.718590][ T6934] netlink: 9275 bytes leftover after parsing attributes in process `syz.2.442'. [ 185.359989][ T6955] netlink: 56 bytes leftover after parsing attributes in process `syz.4.452'. [ 185.700011][ T6965] loop4: detected capacity change from 0 to 256 [ 186.507817][ T6989] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 186.507850][ T6989] CIFS mount error: No usable UNC path provided in device string! [ 186.507850][ T6989] [ 186.508079][ T6989] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 186.730841][ T5734] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 186.907650][ T5734] usb 3-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02 [ 186.907680][ T5734] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 186.907700][ T5734] usb 3-1: Product: syz [ 186.907715][ T5734] usb 3-1: Manufacturer: syz [ 186.907730][ T5734] usb 3-1: SerialNumber: syz [ 186.958471][ T5734] usb 3-1: config 0 descriptor?? [ 187.018417][ T5734] gspca_main: sunplus-2.14.0 probing 04fc:504a [ 187.798956][ T5734] gspca_sunplus: reg_w_riv err -71 [ 187.799056][ T5734] sunplus 3-1:0.0: probe with driver sunplus failed with error -71 [ 187.825743][ T5734] usb 3-1: USB disconnect, device number 3 [ 187.873803][ T5621] udevd[5621]: setting mode of /dev/bus/usb/003/003 to 020664 failed: No such file or directory [ 187.873958][ T5621] udevd[5621]: setting owner of /dev/bus/usb/003/003 to uid=0, gid=0 failed: No such file or directory [ 187.967263][ T7026] netlink: 16 bytes leftover after parsing attributes in process `syz.4.484'. [ 187.967411][ T7026] netlink: 16 bytes leftover after parsing attributes in process `syz.4.484'. [ 188.561700][ T7052] process 'syz.2.496' launched '/dev/fd/3' with NULL argv: empty string added [ 188.965374][ T7067] tipc: Enabling of bearer rejected, failed to enable media [ 190.387628][ T7105] fuse: Bad value for 'fd' [ 191.676232][ T7143] loop4: detected capacity change from 0 to 32768 [ 191.695013][ T7143] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.536 (7143) [ 191.749659][ T7143] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 191.749694][ T7143] BTRFS info (device loop4): using sha256 checksum algorithm [ 191.965162][ T7143] BTRFS info (device loop4): rebuilding free space tree [ 192.135069][ T7143] BTRFS info (device loop4): enabling ssd optimizations [ 192.135103][ T7143] BTRFS info (device loop4): using spread ssd allocation scheme [ 192.135123][ T7143] BTRFS info (device loop4): enabling free space tree [ 192.135146][ T7143] BTRFS info (device loop4): force clearing of disk cache [ 192.135164][ T7143] BTRFS info (device loop4): enabling auto defrag [ 192.135189][ T7143] BTRFS info (device loop4): max_inline set to 0 [ 192.881800][ T5615] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 194.353972][ T1336] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.354485][ T1336] ieee802154 phy1 wpan1: encryption failed: -22 [ 196.486299][ T7269] loop1: detected capacity change from 0 to 128 [ 196.506114][ T7269] EXT4-fs (loop1): Test dummy encryption mode enabled [ 196.538562][ T7269] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 196.599841][ T7269] ext4 filesystem being mounted at /85/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 197.061681][ T7269] fscrypt: AES-256-XTS using implementation "xts-aes-aesni-avx" [ 197.608352][ T5613] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 198.425353][ T5344] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 198.576261][ T5344] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 9865, setting to 1024 [ 198.576317][ T5344] usb 5-1: New USB device found, idVendor=5543, idProduct=0064, bcdDevice= 0.00 [ 198.576343][ T5344] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 198.688051][ T5344] usb 5-1: config 0 descriptor?? [ 198.689232][ T7299] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 199.222551][ T5344] hid_parser_main: 173 callbacks suppressed [ 199.222580][ T5344] uclogic 0003:5543:0064.0003: unknown main item tag 0x0 [ 199.222615][ T5344] uclogic 0003:5543:0064.0003: unknown main item tag 0x0 [ 199.222644][ T5344] uclogic 0003:5543:0064.0003: unknown main item tag 0x0 [ 199.222672][ T5344] uclogic 0003:5543:0064.0003: unknown main item tag 0x0 [ 199.222699][ T5344] uclogic 0003:5543:0064.0003: unknown main item tag 0x0 [ 199.222726][ T5344] uclogic 0003:5543:0064.0003: unknown main item tag 0x0 [ 199.222752][ T5344] uclogic 0003:5543:0064.0003: unknown main item tag 0x0 [ 199.222779][ T5344] uclogic 0003:5543:0064.0003: unknown main item tag 0x0 [ 199.222806][ T5344] uclogic 0003:5543:0064.0003: unknown main item tag 0x0 [ 199.222833][ T5344] uclogic 0003:5543:0064.0003: unknown main item tag 0x0 [ 199.223685][ T5344] uclogic 0003:5543:0064.0003: unexpected long global item [ 199.231855][ T5344] uclogic 0003:5543:0064.0003: parse failed [ 199.231952][ T5344] uclogic 0003:5543:0064.0003: probe with driver uclogic failed with error -22 [ 199.491178][ T5344] usb 5-1: USB disconnect, device number 7 [ 202.349010][ T7357] loop2: detected capacity change from 0 to 32768 [ 202.354904][ T7357] btrfs: Deprecated parameter 'usebackuproot' [ 202.355382][ T7357] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 202.424400][ T7357] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.625 (7357) [ 202.951429][ T7357] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 202.951462][ T7357] BTRFS info (device loop2): using crc32c checksum algorithm [ 203.229800][ T7376] loop4: detected capacity change from 0 to 32768 [ 203.243615][ T7376] btrfs: Deprecated parameter 'usebackuproot' [ 203.243639][ T7376] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 203.293867][ T7376] BTRFS info: device /dev/loop4 (7:4) using temp-fsid 537f0846-91d0-4793-b0f8-d4f1755b782b [ 203.293972][ T7376] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.636 (7376) [ 203.408854][ T3376] BTRFS warning (device loop2): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0 [ 203.414821][ T7357] BTRFS error (device loop2): failed to load root extent [ 203.468928][ T7357] BTRFS warning (device loop2): try to load backup roots slot 1 [ 203.470832][ T1069] BTRFS warning (device loop2): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0 [ 203.470968][ T7357] BTRFS warning (device loop2): couldn't read tree root [ 203.470991][ T7357] BTRFS warning (device loop2): try to load backup roots slot 2 [ 203.471841][ T1069] BTRFS error (device loop2): level verify failed on logical 5255168 mirror 1 wanted 0 found 1 [ 203.471953][ T7357] BTRFS warning (device loop2): couldn't read tree root [ 203.471974][ T7357] BTRFS warning (device loop2): try to load backup roots slot 3 [ 203.781047][ T7376] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 203.781085][ T7376] BTRFS info (device loop4): using crc32c checksum algorithm [ 204.114514][ T7357] BTRFS error (device loop2): open_ctree failed: -4 [ 204.346181][ T425] BTRFS warning (device loop4): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0 [ 204.346409][ T7376] BTRFS error (device loop4): failed to load root extent [ 204.346445][ T7376] BTRFS warning (device loop4): try to load backup roots slot 1 [ 204.350634][ T1420] BTRFS warning (device loop4): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0 [ 204.350792][ T7376] BTRFS warning (device loop4): couldn't read tree root [ 204.350815][ T7376] BTRFS warning (device loop4): try to load backup roots slot 2 [ 204.351151][ T3376] BTRFS error (device loop4): level verify failed on logical 5255168 mirror 1 wanted 0 found 1 [ 204.351287][ T7376] BTRFS warning (device loop4): couldn't read tree root [ 204.351309][ T7376] BTRFS warning (device loop4): try to load backup roots slot 3 [ 204.698166][ T7376] BTRFS info (device loop4): rebuilding free space tree [ 206.670040][ T7376] BTRFS info (device loop4): checking UUID tree [ 206.670178][ T7376] BTRFS error (device loop4): failed to check the UUID tree: -4 [ 206.963262][ T7376] BTRFS error (device loop4): open_ctree failed: -4 [ 207.602689][ T5747] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 207.801862][ T5747] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 207.801900][ T5747] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 207.801925][ T5747] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 207.801970][ T5747] usb 2-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00 [ 207.801995][ T5747] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 207.881489][ T5747] usb 2-1: config 0 descriptor?? [ 208.615819][ T5747] hid_parser_main: 70 callbacks suppressed [ 208.615845][ T5747] steelseries 0003:1038:1410.0004: unknown main item tag 0x0 [ 208.615878][ T5747] steelseries 0003:1038:1410.0004: unknown main item tag 0x0 [ 208.615906][ T5747] steelseries 0003:1038:1410.0004: unknown main item tag 0x0 [ 208.615935][ T5747] steelseries 0003:1038:1410.0004: unknown main item tag 0x0 [ 208.615962][ T5747] steelseries 0003:1038:1410.0004: unknown main item tag 0x0 [ 208.615990][ T5747] steelseries 0003:1038:1410.0004: unknown main item tag 0x0 [ 208.616017][ T5747] steelseries 0003:1038:1410.0004: item fetching failed at offset 6/7 [ 208.621272][ T5747] steelseries 0003:1038:1410.0004: parse failed [ 208.621437][ T5747] steelseries 0003:1038:1410.0004: probe with driver steelseries failed with error -22 [ 208.817164][ T5747] usb 2-1: USB disconnect, device number 6 [ 209.066139][ T5854] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 209.209851][ T7548] loop1: detected capacity change from 0 to 512 [ 209.298181][ T7548] EXT4-fs error (device loop1): ext4_iget_extra_inode:5128: inode #15: comm syz.1.703: corrupted in-inode xattr: e_value out of bounds [ 209.298210][ T7548] loop1: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 209.312322][ C1] EXT4-fs (loop1): error count since last fsck: 1 [ 209.312347][ C1] EXT4-fs (loop1): initial error at time 1780310235: ext4_iget_extra_inode:5128: inode 15 [ 209.312375][ C1] EXT4-fs (loop1): last error at time 1780310235: ext4_iget_extra_inode:5128: inode 15 [ 209.312603][ T5854] usb 5-1: Using ep0 maxpacket: 16 [ 209.319013][ T5854] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 209.319103][ T5854] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 209.319172][ T5854] usb 5-1: config 0 interface 0 has no altsetting 0 [ 209.319272][ T5854] usb 5-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 209.319338][ T5854] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 209.332539][ T7548] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz.1.703: couldn't read orphan inode 15 (err -117) [ 209.332565][ T7548] loop1: lost filesystem error report for type 5 error -117 [ 209.525764][ T7548] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 209.526317][ T5854] usb 5-1: config 0 descriptor?? [ 209.970040][ T5854] hid (null): bogus close delimiter [ 210.030747][ T5613] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 210.325557][ T5854] usb 5-1: USB disconnect, device number 8 [ 213.227744][ T7619] netlink: 8 bytes leftover after parsing attributes in process `syz.2.732'. [ 216.708682][ T7716] netlink: 348 bytes leftover after parsing attributes in process `syz.2.777'. [ 216.854423][ T7717] loop1: detected capacity change from 0 to 128 [ 216.869061][ T7717] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 216.969325][ T5632] Bluetooth: hci1: command 0x0406 tx timeout [ 216.969560][ T5632] Bluetooth: hci0: command 0x0406 tx timeout [ 216.969586][ T5632] Bluetooth: hci3: command 0x0406 tx timeout [ 216.969612][ T5632] Bluetooth: hci2: command 0x0406 tx timeout [ 217.139320][ T7723] netlink: 8 bytes leftover after parsing attributes in process `syz.2.780'. [ 218.230467][ T7745] loop4: detected capacity change from 0 to 1024 [ 218.473506][ T7745] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 219.062221][ T5615] EXT4-fs error (device loop4): ext4_lookup:1789: inode #2: comm syz-executor: deleted inode referenced: 11 [ 219.149381][ T5615] EXT4-fs error (device loop4): ext4_lookup:1789: inode #2: comm syz-executor: deleted inode referenced: 11 [ 220.071350][ T7805] loop1: detected capacity change from 0 to 512 [ 220.223984][ T7805] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 4294967295: comm syz.1.819: invalid block [ 220.224022][ T7805] loop1: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 220.232423][ C0] EXT4-fs (loop1): error count since last fsck: 1 [ 220.232457][ C0] EXT4-fs (loop1): initial error at time 1780310246: ext4_get_branch:178: inode 11: block 4294967295 [ 220.232508][ C0] EXT4-fs (loop1): last error at time 1780310246: ext4_get_branch:178: inode 11: block 4294967295 [ 220.372575][ T7805] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.819: invalid indirect mapped block 4294967295 (level 1) [ 220.372615][ T7805] loop1: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 220.594153][ T7805] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.819: invalid indirect mapped block 4294967295 (level 1) [ 220.594200][ T7805] loop1: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 220.595605][ T7805] EXT4-fs (loop1): 2 truncates cleaned up [ 220.638468][ T7805] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 220.711347][ T7805] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 220.731723][ T7805] EXT4-fs (loop1): shut down requested (0) [ 220.951069][ T7758] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 221.168630][ T5613] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 221.233657][ T7836] loop2: detected capacity change from 0 to 1024 [ 221.240529][ T7836] EXT4-fs: Ignoring removed bh option [ 221.341155][ T7836] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 221.518500][ T5614] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 221.667218][ T7845] SQUASHFS error: Failed to read block 0x0: -5 [ 222.585957][ T5625] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 222.643584][ T5625] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 222.649363][ T5625] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 222.671422][ T1069] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 222.673120][ T5625] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 222.703348][ T5625] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 223.094758][ T5619] Bluetooth: hci0: unexpected event 0x09 length: 7 > 3 [ 223.370107][ T7892] loop2: detected capacity change from 0 to 512 [ 223.371441][ T7892] EXT4-fs: Ignoring removed bh option [ 223.610345][ T7892] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 223.610381][ T7892] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it [ 223.610400][ T7892] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.856: Corrupt directory, running e2fsck is recommended [ 223.951231][ T7892] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117 [ 223.951370][ T7892] EXT4-fs error (device loop2): ext4_iget_extra_inode:5128: inode #15: comm syz.2.856: corrupted in-inode xattr: e_name out of bounds [ 223.951399][ T7892] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 223.962323][ C1] EXT4-fs (loop2): error count since last fsck: 1 [ 223.962348][ C1] EXT4-fs (loop2): initial error at time 1780310249: ext4_iget_extra_inode:5128: inode 15 [ 223.962378][ C1] EXT4-fs (loop2): last error at time 1780310249: ext4_iget_extra_inode:5128: inode 15 [ 224.039987][ T7892] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.856: couldn't read orphan inode 15 (err -117) [ 224.040027][ T7892] loop2: lost filesystem error report for type 5 error -117 [ 224.059757][ T7892] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 224.213130][ T1069] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 224.393960][ T5614] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 225.049366][ T5619] Bluetooth: hci3: command tx timeout [ 225.184609][ T1069] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 225.761780][ T7963] netlink: 12 bytes leftover after parsing attributes in process `syz.2.885'. [ 226.278888][ T1069] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 227.125871][ T5619] Bluetooth: hci3: command tx timeout [ 229.202425][ T5619] Bluetooth: hci3: command tx timeout [ 229.681957][ T37] audit: type=1326 audit(1780310255.509:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8049 comm="syz.2.927" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff83855ce59 code=0x0 [ 230.778643][ T1069] bridge_slave_1: left promiscuous mode [ 230.826203][ T1069] bridge0: port 2(bridge_slave_1) entered disabled state [ 231.155302][ T8057] loop1: detected capacity change from 0 to 40427 [ 231.282454][ T5619] Bluetooth: hci3: command tx timeout [ 231.353593][ T1069] bridge_slave_0: left allmulticast mode [ 231.353629][ T1069] bridge_slave_0: left promiscuous mode [ 231.353902][ T1069] bridge0: port 1(bridge_slave_0) entered disabled state [ 231.466325][ T8057] F2FS-fs (loop1): Invalid SB checksum offset: 0 [ 231.466349][ T8057] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 231.655487][ T8057] F2FS-fs (loop1): invalid crc value [ 232.849962][ T8057] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 235.212135][ T1069] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 235.394870][ T1069] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 235.439056][ T1069] bond0 (unregistering): Released all slaves [ 235.890614][ T5273] 8021q: adding VLAN 0 to HW filter on device eth1 [ 237.071876][ T8283] program syz.1.1030 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 238.469198][ T8293] loop1: detected capacity change from 0 to 32768 [ 238.612441][ T5854] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 238.621437][ T8293] XFS (loop1): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 238.698042][ T8293] XFS (loop1): Ending clean mount [ 238.893601][ T5854] usb 3-1: Using ep0 maxpacket: 32 [ 238.904882][ T5854] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 238.904918][ T5854] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 238.904960][ T5854] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 238.904986][ T5854] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 239.350778][ T5854] usb 3-1: config 0 descriptor?? [ 239.352524][ T5613] XFS (loop1): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 239.380931][ T5854] hub 3-1:0.0: USB hub found [ 239.402778][ T7868] bridge0: port 1(bridge_slave_0) entered blocking state [ 239.403156][ T7868] bridge0: port 1(bridge_slave_0) entered disabled state [ 239.403494][ T7868] bridge_slave_0: entered allmulticast mode [ 239.558424][ T5854] hub 3-1:0.0: 1 port detected [ 239.573381][ T7868] bridge_slave_0: entered promiscuous mode [ 239.660211][ T7868] bridge0: port 2(bridge_slave_1) entered blocking state [ 239.661607][ T7868] bridge0: port 2(bridge_slave_1) entered disabled state [ 239.661911][ T7868] bridge_slave_1: entered allmulticast mode [ 239.689149][ T7868] bridge_slave_1: entered promiscuous mode [ 240.074407][ T5854] usb 3-1: USB disconnect, device number 4 [ 241.670833][ T7868] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 241.891526][ T7868] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 242.157766][ T5273] 8021q: adding VLAN 0 to HW filter on device eth2 [ 242.506672][ T8379] loop2: detected capacity change from 0 to 40427 [ 242.536095][ T1069] hsr_slave_0: left promiscuous mode [ 242.540499][ T8379] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 242.540527][ T8379] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 242.562791][ T8379] F2FS-fs (loop2): invalid crc value [ 242.572201][ T1069] hsr_slave_1: left promiscuous mode [ 242.588571][ T1069] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 242.588675][ T1069] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 242.796706][ T1069] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 242.796735][ T1069] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 243.668827][ T8379] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 244.097720][ T1069] veth1_macvtap: left promiscuous mode [ 244.098042][ T1069] veth0_macvtap: left promiscuous mode [ 244.187648][ T1069] veth1_vlan: left promiscuous mode [ 244.268250][ T1069] veth0_vlan: left promiscuous mode [ 245.517495][ T8473] loop1: detected capacity change from 0 to 256 [ 245.591944][ T8473] exfat: Deprecated parameter 'utf8' [ 245.592054][ T8473] exfat: Deprecated parameter 'utf8' [ 245.750713][ T8473] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 248.295446][ T1069] team0 (unregistering): Port device team_slave_1 removed [ 248.394549][ T1069] team0 (unregistering): Port device team_slave_0 removed [ 249.799848][ T7868] team0: Port device team_slave_0 added [ 250.249143][ T7868] team0: Port device team_slave_1 added [ 250.472978][ T7868] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 250.472997][ T7868] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 250.473026][ T7868] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 250.585789][ T7868] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 250.585808][ T7868] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 250.585839][ T7868] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 251.062554][ T7868] hsr_slave_0: entered promiscuous mode [ 251.068362][ T7868] hsr_slave_1: entered promiscuous mode [ 251.095016][ T7868] debugfs: 'hsr0' already exists in 'hsr' [ 251.095047][ T7868] Cannot create hsr debugfs directory [ 251.800126][ T37] audit: type=1326 audit(1780310277.679:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8612 comm="syz.2.1171" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff83855ce59 code=0x7ffc0000 [ 251.800188][ T37] audit: type=1326 audit(1780310277.679:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8612 comm="syz.2.1171" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff83855ce59 code=0x7ffc0000 [ 251.800235][ T37] audit: type=1326 audit(1780310277.689:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8612 comm="syz.2.1171" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7ff83855ce59 code=0x7ffc0000 [ 251.800286][ T37] audit: type=1326 audit(1780310277.689:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8612 comm="syz.2.1171" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff83855ce59 code=0x7ffc0000 [ 251.800336][ T37] audit: type=1326 audit(1780310277.689:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8612 comm="syz.2.1171" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7ff83855ce59 code=0x7ffc0000 [ 251.800386][ T37] audit: type=1326 audit(1780310277.689:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8612 comm="syz.2.1171" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff83855ce59 code=0x7ffc0000 [ 251.800436][ T37] audit: type=1326 audit(1780310277.689:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8612 comm="syz.2.1171" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7ff83855ce59 code=0x7ffc0000 [ 251.800486][ T37] audit: type=1326 audit(1780310277.689:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8612 comm="syz.2.1171" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff83855ce59 code=0x7ffc0000 [ 251.806656][ T37] audit: type=1326 audit(1780310277.699:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8612 comm="syz.2.1171" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff83855ce59 code=0x7ffc0000 [ 251.806716][ T37] audit: type=1326 audit(1780310277.699:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8612 comm="syz.2.1171" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff83855ce59 code=0x7ffc0000 [ 252.161459][ T8578] loop1: detected capacity change from 0 to 32768 [ 252.879048][ T8632] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1178'. [ 253.726369][ T8643] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 254.392000][ T43] team_slave_0: entered promiscuous mode [ 254.392050][ T43] team_slave_1: entered promiscuous mode [ 254.577646][ T5273] 8021q: adding VLAN 0 to HW filter on device eth3 [ 255.783478][ T1336] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.783580][ T1336] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.931438][ T7868] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 256.399966][ T7868] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 256.563312][ T7868] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 256.645444][ T7868] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 256.651858][ T7868] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 256.760340][ T7868] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 256.772060][ T7868] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 257.159104][ T8714] loop1: detected capacity change from 0 to 32768 [ 257.198994][ T7868] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 257.220184][ T8714] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1210 (8714) [ 257.259478][ T8714] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 257.259514][ T8714] BTRFS info (device loop1): using sha256 checksum algorithm [ 257.536810][ T8714] BTRFS info (device loop1): setting nodatasum [ 257.536840][ T8714] BTRFS info (device loop1): enabling ssd optimizations [ 257.536860][ T8714] BTRFS info (device loop1): turning on async discard [ 257.536878][ T8714] BTRFS info (device loop1): enabling free space tree [ 258.782733][ T7868] 8021q: adding VLAN 0 to HW filter on device bond0 [ 259.034634][ T7868] 8021q: adding VLAN 0 to HW filter on device team0 [ 259.339470][ T56] bridge0: port 1(bridge_slave_0) entered blocking state [ 259.339655][ T56] bridge0: port 1(bridge_slave_0) entered forwarding state [ 259.496832][ T56] bridge0: port 2(bridge_slave_1) entered blocking state [ 259.497017][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state [ 259.794729][ T5613] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 259.811779][ T5273] 8021q: adding VLAN 0 to HW filter on device eth4 [ 260.560095][ T8811] netlink: 'syz.2.1242': attribute type 1 has an invalid length. [ 261.189797][ T8811] 8021q: adding VLAN 0 to HW filter on device bond1 [ 261.394357][ T8813] bond1: entered allmulticast mode [ 263.122881][ T7868] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 264.090810][ T8923] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1281'. [ 264.538085][ T7868] veth0_vlan: entered promiscuous mode [ 264.805954][ T7868] veth1_vlan: entered promiscuous mode [ 265.090775][ T7868] veth0_macvtap: entered promiscuous mode [ 265.164975][ T7868] veth1_macvtap: entered promiscuous mode [ 265.389121][ T7868] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 265.488462][ T7868] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 265.588757][ T3376] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.591409][ T3376] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.624545][ T3376] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.693187][ T3376] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 267.678803][ T1222] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 267.678825][ T1222] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 268.481732][ T1420] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 268.481754][ T1420] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 269.212542][ T5747] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 269.458363][ T5747] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 269.458418][ T5747] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 269.458444][ T5747] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 269.507626][ T5747] usb 3-1: config 0 descriptor?? [ 269.758792][ T5747] usbhid 3-1:0.0: can't add hid device: -71 [ 269.758933][ T5747] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 269.792443][ T5747] usb 3-1: USB disconnect, device number 5 [ 270.346060][ T9005] loop1: detected capacity change from 0 to 32768 [ 270.347285][ T9005] xfs: Deprecated parameter 'ikeep' [ 270.347304][ T9005] XFS: ikeep mount option is deprecated. [ 270.422687][ T822] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 270.556294][ T9005] XFS (loop1): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4 [ 270.582406][ T822] usb 3-1: Using ep0 maxpacket: 32 [ 270.590398][ T822] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 270.590453][ T822] usb 3-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40 [ 270.590480][ T822] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 270.626884][ T822] usb 3-1: config 0 descriptor?? [ 270.669020][ T822] ldusb 3-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 270.800596][ T9005] XFS (loop1): Ending clean mount [ 270.901975][ T822] ldusb 3-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 271.444904][ T5633] usb 3-1: USB disconnect, device number 6 [ 271.627595][ T5633] ldusb 3-1:0.0: LD USB Device #0 now disconnected [ 271.650894][ T5613] XFS (loop1): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4 [ 272.583313][ T5747] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 272.734290][ T5747] usb 3-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config [ 272.734349][ T5747] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 272.736783][ T5747] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 272.736813][ T5747] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 272.736833][ T5747] usb 3-1: Product: syz [ 272.736851][ T5747] usb 3-1: Manufacturer: syz [ 272.736861][ T5747] usb 3-1: SerialNumber: syz [ 274.692659][ T5344] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 274.844882][ T5344] usb 2-1: Using ep0 maxpacket: 32 [ 274.848313][ T5344] usb 2-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be [ 274.848345][ T5344] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 275.048148][ T5344] usb 2-1: config 0 descriptor?? [ 275.088279][ T5344] gspca_main: vc032x-2.14.0 probing 0ac8:0321 [ 276.007410][ T5344] gspca_vc032x: reg_w err -71 [ 276.007442][ T5344] gspca_vc032x: I2c Bus Busy Wait 00 [ 276.007455][ T5344] gspca_vc032x: I2c Bus Busy Wait 00 [ 276.007465][ T5344] gspca_vc032x: I2c Bus Busy Wait 00 [ 276.007474][ T5344] gspca_vc032x: I2c Bus Busy Wait 00 [ 276.007484][ T5344] gspca_vc032x: I2c Bus Busy Wait 00 [ 276.007494][ T5344] gspca_vc032x: I2c Bus Busy Wait 00 [ 276.007503][ T5344] gspca_vc032x: I2c Bus Busy Wait 00 [ 276.007513][ T5344] gspca_vc032x: I2c Bus Busy Wait 00 [ 276.007523][ T5344] gspca_vc032x: I2c Bus Busy Wait 00 [ 276.007533][ T5344] gspca_vc032x: I2c Bus Busy Wait 00 [ 276.007542][ T5344] gspca_vc032x: I2c Bus Busy Wait 00 [ 276.007552][ T5344] gspca_vc032x: I2c Bus Busy Wait 00 [ 276.007561][ T5344] gspca_vc032x: I2c Bus Busy Wait 00 [ 276.007571][ T5344] gspca_vc032x: I2c Bus Busy Wait 00 [ 276.007580][ T5344] gspca_vc032x: I2c Bus Busy Wait 00 [ 276.007590][ T5344] gspca_vc032x: I2c Bus Busy Wait 00 [ 276.007600][ T5344] gspca_vc032x: I2c Bus Busy Wait 00 [ 276.007609][ T5344] gspca_vc032x: I2c Bus Busy Wait 00 [ 276.007624][ T5344] gspca_vc032x: Unknown sensor... [ 276.007708][ T5344] vc032x 2-1:0.0: probe with driver vc032x failed with error -22 [ 276.178175][ T5344] usb 2-1: USB disconnect, device number 7 [ 277.604355][ T43] usb 2-1: new low-speed USB device number 8 using dummy_hcd [ 277.756705][ T43] usb 2-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 277.756744][ T43] usb 2-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid maxpacket 1024, setting to 8 [ 277.756772][ T43] usb 2-1: config 0 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 277.756801][ T43] usb 2-1: config 0 interface 0 has no altsetting 0 [ 277.756836][ T43] usb 2-1: New USB device found, idVendor=056e, idProduct=00fc, bcdDevice= 0.00 [ 277.756861][ T43] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 277.946228][ T43] usb 2-1: config 0 descriptor?? [ 277.971645][ T9193] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 278.322420][ T5619] Bluetooth: hci4: command 0x0405 tx timeout [ 278.544143][ T43] elecom 0003:056E:00FC.0006: unknown main item tag 0x0 [ 278.544182][ T43] elecom 0003:056E:00FC.0006: unknown main item tag 0x0 [ 278.544211][ T43] elecom 0003:056E:00FC.0006: unknown main item tag 0x0 [ 278.544238][ T43] elecom 0003:056E:00FC.0006: unknown main item tag 0x0 [ 278.544266][ T43] elecom 0003:056E:00FC.0006: unknown main item tag 0x0 [ 278.544294][ T43] elecom 0003:056E:00FC.0006: unknown main item tag 0x0 [ 278.544322][ T43] elecom 0003:056E:00FC.0006: unknown main item tag 0x0 [ 278.544349][ T43] elecom 0003:056E:00FC.0006: unknown main item tag 0x0 [ 278.818478][ T9231] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.1395'. [ 278.818530][ T9231] openvswitch: netlink: Message has 512 unknown bytes. [ 279.062440][ T43] elecom 0003:056E:00FC.0006: hidraw0: USB HID v2.01 Device [HID 056e:00fc] on usb-dummy_hcd.1-1/input0 [ 279.556631][ T43] usb 2-1: USB disconnect, device number 8 [ 279.594471][ T9240] fido_id[9240]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/2-1/report_descriptor': No such file or directory [ 279.708338][ T5344] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 279.798434][ T9250] loop1: detected capacity change from 0 to 2048 [ 280.071691][ T9250] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 280.487356][ T9267] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 280.612921][ T9250] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 31 with max blocks 33 with error 28 [ 280.612963][ T9250] EXT4-fs (loop1): This should not happen!! Data will be lost [ 280.612963][ T9250] [ 280.612980][ T9250] EXT4-fs (loop1): Total free blocks count 0 [ 280.612995][ T9250] EXT4-fs (loop1): Free/Dirty block details [ 280.613010][ T9250] EXT4-fs (loop1): free_blocks=2415919104 [ 280.613027][ T9250] EXT4-fs (loop1): dirty_blocks=64 [ 280.613041][ T9250] EXT4-fs (loop1): Block reservation details [ 280.613053][ T9250] EXT4-fs (loop1): i_reserved_data_blocks=4 [ 280.620150][ T5633] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 280.730276][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 280.783187][ T9284] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 280.783845][ T9284] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 280.878486][ T3328] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 280.962158][ T5613] EXT4-fs warning (device loop1): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost [ 281.196871][ T9292] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1426'. [ 281.363046][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 281.368269][ T821] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 281.368704][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 281.766583][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 282.099696][ T9325] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 282.100230][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 283.842984][ T43] net_ratelimit: 2 callbacks suppressed [ 283.843002][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 284.518427][ T9354] loop1: detected capacity change from 0 to 40427 [ 284.599629][ T9354] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 284.599660][ T9354] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 284.707672][ T9354] F2FS-fs (loop1): invalid crc value [ 284.812894][ T9399] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1463'. [ 284.882911][ T822] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 285.270878][ T9354] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 285.775263][ T9354] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 285.775695][ T9354] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 285.923157][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 286.653324][ T821] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 286.966624][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 287.808302][ T43] usb 3-1: USB disconnect, device number 7 [ 288.016780][ T5747] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 289.044354][ T5747] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 289.685269][ T821] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 290.055996][ T37] audit: type=1326 audit(1780310315.949:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9541 comm="syz.1.1531" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f361604ce59 code=0x7ffc0000 [ 290.056043][ T37] audit: type=1326 audit(1780310315.949:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9541 comm="syz.1.1531" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f361604ce59 code=0x7ffc0000 [ 290.056076][ T37] audit: type=1326 audit(1780310315.949:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9541 comm="syz.1.1531" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f361604ce59 code=0x7ffc0000 [ 290.058663][ T37] audit: type=1326 audit(1780310315.949:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9541 comm="syz.1.1531" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f361604ce59 code=0x7ffc0000 [ 290.059209][ T37] audit: type=1326 audit(1780310315.949:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9541 comm="syz.1.1531" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f361604ce59 code=0x7ffc0000 [ 290.059261][ T37] audit: type=1326 audit(1780310315.949:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9541 comm="syz.1.1531" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f361604ce59 code=0x7ffc0000 [ 290.083912][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 290.298847][ T37] audit: type=1326 audit(1780310316.189:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9541 comm="syz.1.1531" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f361600d68e code=0x7ffc0000 [ 290.381549][ T37] audit: type=1326 audit(1780310316.269:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9541 comm="syz.1.1531" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f361600d68e code=0x7ffc0000 [ 290.386906][ T37] audit: type=1326 audit(1780310316.269:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9541 comm="syz.1.1531" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f361600d68e code=0x7ffc0000 [ 290.392122][ T37] audit: type=1326 audit(1780310316.279:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9541 comm="syz.1.1531" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f361600d68e code=0x7ffc0000 [ 290.850157][ T9555] 9p: Bad value for 'rfdno' [ 290.974083][ T5633] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 291.122779][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 291.196835][ T9565] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1541'. [ 291.419500][ T9565] xfrm1: entered promiscuous mode [ 291.419523][ T9565] xfrm1: entered allmulticast mode [ 291.445024][ T9565] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1541'. [ 291.606256][ T821] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 292.162721][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 292.722753][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 292.810033][ T9602] netlink: 'syz.1.1559': attribute type 39 has an invalid length. [ 293.207614][ T822] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 293.524137][ T5633] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 294.262738][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 295.283651][ T822] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 296.322852][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 296.576398][ T821] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 296.723361][ T9720] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1612'. [ 297.255046][ T9734] netlink: 'syz.5.1620': attribute type 1 has an invalid length. [ 297.255070][ T9734] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1620'. [ 297.255202][ T9734] netlink: 'syz.5.1620': attribute type 1 has an invalid length. [ 297.255218][ T9734] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1620'. [ 297.371922][ T822] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 297.600849][ T9745] netlink: 9275 bytes leftover after parsing attributes in process `syz.5.1625'. [ 298.003251][ T821] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 298.402640][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 298.643420][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 299.443069][ T822] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 299.603143][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 299.970706][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 300.483067][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 300.980962][ T9823] loop1: detected capacity change from 0 to 1024 [ 301.522999][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 302.105015][ T9823] hfsplus: xattr search failed [ 302.563064][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 302.650634][ T5633] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 302.680034][ T9831] hfsplus: xattr search failed [ 303.603298][ T822] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 303.785346][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 304.643039][ T5747] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 304.682685][ T43] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 304.818067][ T821] libceph: connect (1)[c::]:6789 error -101 [ 304.827337][ T9] libceph: connect (1)[c::]:6789 error -101 [ 304.848231][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 304.855116][ T43] usb 2-1: Using ep0 maxpacket: 8 [ 304.862822][ T43] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 304.862898][ T43] usb 2-1: config 0 has no interfaces? [ 304.862983][ T43] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 304.863048][ T43] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 304.911310][ T821] libceph: mon0 (1)[c::]:6789 connect error [ 304.958121][ T9] libceph: connect (1)[c::]:6789 error -101 [ 304.958313][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 305.010996][ T43] usb 2-1: config 0 descriptor?? [ 305.058752][ T9927] ceph: No mds server is up or the cluster is laggy [ 305.060145][ T9923] ceph: No mds server is up or the cluster is laggy [ 305.184651][ T9] libceph: connect (1)[c::]:6789 error -101 [ 305.235831][ T821] libceph: connect (1)[c::]:6789 error -101 [ 305.284794][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 305.294665][ T821] libceph: mon0 (1)[c::]:6789 connect error [ 305.344975][ T821] usb 2-1: USB disconnect, device number 9 [ 305.683026][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 305.797468][ T5734] libceph: connect (1)[c::]:6789 error -101 [ 305.797681][ T5734] libceph: mon0 (1)[c::]:6789 connect error [ 305.803667][ T5734] libceph: connect (1)[c::]:6789 error -101 [ 305.818617][ T5734] libceph: mon0 (1)[c::]:6789 connect error [ 306.724760][ T5344] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 306.803029][ T5734] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 307.077973][T10003] kernel read not supported for file /cpuset.memory_pressure_enabled (pid: 10003 comm: syz.2.1743) [ 307.082133][ T5625] Bluetooth: hci1: unexpected event for opcode 0x1004 [ 307.119996][ T37] kauditd_printk_skb: 75 callbacks suppressed [ 307.120017][ T37] audit: type=1800 audit(1780310332.969:100): pid=10003 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1743" name="cpuset.memory_pressure_enabled" dev="mqueue" ino=22237 res=0 errno=0 [ 307.804394][ T5344] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 307.957911][T10033] could not allocate digest TFM handle sha256-generic [ 308.883098][ T5344] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 309.523916][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 309.843101][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 309.923832][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 310.176035][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 310.198738][ T5344] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 310.377681][ T5344] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 310.377713][ T5344] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 310.377733][ T5344] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 310.377797][ T5344] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 310.377824][ T5344] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 310.521850][ T5344] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 310.521884][ T5344] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 310.521906][ T5344] usb 3-1: Product: syz [ 310.521922][ T5344] usb 3-1: Manufacturer: syz [ 310.562894][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 310.564116][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 310.616960][ T5344] cdc_wdm 3-1:1.0: skipping garbage [ 310.616981][ T5344] cdc_wdm 3-1:1.0: skipping garbage [ 310.734747][ T5344] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device [ 310.734788][ T5344] cdc_wdm 3-1:1.0: Unknown control protocol [ 310.966188][ T822] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 311.018798][T10157] loop1: detected capacity change from 0 to 1024 [ 311.019754][T10157] EXT4-fs: Ignoring removed orlov option [ 311.126597][ T5625] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 311.126788][ T5625] Bluetooth: hci1: Injecting HCI hardware error event [ 311.130617][ T5619] Bluetooth: hci1: hardware error 0x00 [ 311.186194][ T5344] usb 3-1: USB disconnect, device number 8 [ 311.240796][T10157] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 311.952798][ T5613] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 312.010913][ T5344] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 312.367184][T10202] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 312.399685][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 312.884478][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 313.047362][T10247] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1855'. [ 313.321944][T10259] overlayfs: failed to clone upperpath [ 313.522436][ T5619] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 314.694132][T10312] loop2: detected capacity change from 0 to 256 [ 314.966431][T10312] exFAT-fs (loop2): failed to load upcase table (idx : 0x0001207b, chksum : 0x1e8dde4d, utbl_chksum : 0xe619d30d) [ 315.126101][ T5344] net_ratelimit: 2 callbacks suppressed [ 315.126116][ T5344] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 315.844591][ T5344] usb 3-1: new full-speed USB device number 9 using dummy_hcd [ 315.928871][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 316.004667][ T5344] usb 3-1: not running at top speed; connect to a high speed hub [ 316.006172][ T5344] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 316.006198][ T5344] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 316.006264][ T5344] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4 [ 316.066429][ T5344] usb 3-1: New USB device found, idVendor=041e, idProduct=3020, bcdDevice= 0.40 [ 316.066462][ T5344] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 316.066483][ T5344] usb 3-1: Product: syz [ 316.066499][ T5344] usb 3-1: Manufacturer: syz [ 316.066516][ T5344] usb 3-1: SerialNumber: syz [ 316.166932][ T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 316.375203][ T5344] usb 3-1: 1:1 : no or invalid class specific endpoint descriptor [ 316.375240][ T5344] usb 3-1: 1:1 : invalid UAC_FORMAT_TYPE desc [ 316.441802][ T5344] usb 3-1: 0:2 : does not exist [ 317.185913][ T37] audit: type=1326 audit(1780310343.079:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10358 comm="syz.2.1907" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff83855ce59 code=0x7ffc0000 [ 317.188967][ T37] audit: type=1326 audit(1780310343.079:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10358 comm="syz.2.1907" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff83855ce59 code=0x7ffc0000 [ 317.189025][ T37] audit: type=1326 audit(1780310343.079:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10358 comm="syz.2.1907" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff83855ce59 code=0x7ffc0000 [ 317.189075][ T37] audit: type=1326 audit(1780310343.079:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10358 comm="syz.2.1907" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff83855ce59 code=0x7ffc0000 [ 317.189133][ T37] audit: type=1326 audit(1780310343.079:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10358 comm="syz.2.1907" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff83855ce59 code=0x7ffc0000 [ 317.189499][ T37] audit: type=1326 audit(1780310343.079:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10358 comm="syz.2.1907" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7ff83855ce59 code=0x7ffc0000 [ 317.191463][ T37] audit: type=1326 audit(1780310343.079:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10358 comm="syz.2.1907" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff83855ce59 code=0x7ffc0000 [ 317.272268][ T1336] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.272676][ T1336] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.322455][ T822] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 317.417119][ T37] audit: type=1326 audit(1780310343.309:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10358 comm="syz.2.1907" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7ff83855ce59 code=0x7ffc0000 [ 317.443419][T10361] netlink: 'syz.5.1908': attribute type 10 has an invalid length. [ 317.446147][T10361] bridge0: port 2(bridge_slave_1) entered disabled state [ 317.622458][ T5344] usb 3-1: USB disconnect, device number 9 [ 317.680928][T10361] bridge0: port 1(bridge_slave_0) entered disabled state [ 317.955330][T10361] bridge0: port 2(bridge_slave_1) entered blocking state [ 317.955555][T10361] bridge0: port 2(bridge_slave_1) entered forwarding state [ 317.977144][T10361] bridge0: port 1(bridge_slave_0) entered blocking state [ 317.977695][T10361] bridge0: port 1(bridge_slave_0) entered forwarding state [ 318.192735][T10383] loop2: detected capacity change from 0 to 128 [ 318.206842][T10361] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 318.251371][T10383] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 318.323852][ T5747] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 318.479703][ T37] audit: type=1800 audit(1780310344.369:109): pid=10383 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1919" name="file1" dev="loop2" ino=94 res=0 errno=0 [ 318.963830][ T821] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 319.007995][T10402] trusted_key: syz.1.1927 sent an empty control message without MSG_MORE. [ 319.362862][ T5344] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 319.557093][T10420] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1929'. [ 319.764318][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 320.427064][T10445] loop2: detected capacity change from 0 to 2048 [ 320.429833][T10447] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1945'. [ 320.606190][T10457] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1945'. [ 320.606240][T10457] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1945'. [ 320.701947][T10445] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 320.747001][T10445] EXT4-fs error (device loop2): ext4_find_extent:939: inode #2: comm syz.2.1944: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 320.829353][T10466] EXT4-fs error (device loop2): ext4_find_extent:939: inode #2: comm syz.2.1944: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 320.861268][T10445] EXT4-fs (loop2): Remounting filesystem read-only [ 321.052417][ T5734] usb 2-1: new full-speed USB device number 10 using dummy_hcd [ 321.080839][ T5614] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 321.234149][ T5734] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 321.234229][ T5734] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 321.234253][ T5734] usb 2-1: Product: syz [ 321.234270][ T5734] usb 2-1: Manufacturer: syz [ 321.234286][ T5734] usb 2-1: SerialNumber: syz [ 321.273994][ T5734] usb 2-1: config 0 descriptor?? [ 321.496817][ T5734] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 321.871892][T10492] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 321.951916][T10492] iommufd_mock iommufd_mock1: Adding to iommu group 1 [ 322.314915][ T5734] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32 [ 322.357346][ T5734] usb 2-1: USB disconnect, device number 10 [ 322.692350][ T9] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 322.843391][ T9] usb 3-1: too many configurations: 25, using maximum allowed: 8 [ 322.907079][ T9] usb 3-1: New USB device found, idVendor=041e, idProduct=4011, bcdDevice=af.98 [ 322.907115][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 322.931395][ T9] usb 3-1: config 0 descriptor?? [ 322.945332][ T9] pwc: Creative Labs Webcam Pro Ex detected. [ 322.945349][ T9] pwc: Warning: more than 1 configuration available. [ 323.145311][ T9] pwc: Failed to set LED on/off time (-71) [ 323.146088][ T9] pwc: send_video_command error -71 [ 323.146105][ T9] pwc: Failed to set video mode VGA@30 fps; return code = -71 [ 323.146225][ T9] Philips webcam 3-1:0.0: probe with driver Philips webcam failed with error -71 [ 323.213676][ T9] usb 3-1: USB disconnect, device number 10 [ 324.666729][T10589] loop1: detected capacity change from 0 to 1024 [ 324.778828][T10589] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 324.928061][ T5613] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 325.662553][ T9] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 325.859897][ T9] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 325.859931][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 325.859955][ T9] usb 2-1: Product: syz [ 325.859972][ T9] usb 2-1: Manufacturer: syz [ 325.860000][ T9] usb 2-1: SerialNumber: syz [ 325.908515][ T9] usb 2-1: config 0 descriptor?? [ 326.257002][T10640] loop5: detected capacity change from 0 to 7 [ 326.337486][T10640] Dev loop5: unable to read RDB block 7 [ 326.337537][T10640] loop5: unable to read partition table [ 326.337944][T10640] loop5: partition table beyond EOD, truncated [ 326.337976][T10640] loop_reread_partitions: partition scan of loop5 (þ被xü—ŸÑà– ) failed (rc=-5) [ 326.387299][ T9] usb 2-1: Firmware: major: 0, minor: 0, hardware type: ATUSB (0) [ 326.387330][ T9] usb 2-1: Firmware version (0.0) predates our first public release. [ 326.387351][ T9] usb 2-1: Please update to version 0.2 or newer [ 327.014564][ T9] usb 2-1: USB disconnect, device number 11 [ 330.476359][ T43] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 330.644113][ T43] usb 2-1: Using ep0 maxpacket: 16 [ 330.651286][ T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 330.651322][ T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 330.651346][ T43] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 330.651390][ T43] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 330.651414][ T43] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 330.725986][ T43] usb 2-1: config 0 descriptor?? [ 331.179477][ T43] microsoft 0003:045E:07DA.0007: unknown main item tag 0x0 [ 331.179514][ T43] microsoft 0003:045E:07DA.0007: ignoring exceeding usage max [ 331.182040][ T43] microsoft 0003:045E:07DA.0007: unknown main item tag 0x0 [ 331.182070][ T43] microsoft 0003:045E:07DA.0007: unknown main item tag 0x0 [ 331.182096][ T43] microsoft 0003:045E:07DA.0007: unknown main item tag 0x0 [ 331.182122][ T43] microsoft 0003:045E:07DA.0007: unknown main item tag 0x0 [ 331.182147][ T43] microsoft 0003:045E:07DA.0007: unknown main item tag 0x0 [ 331.182174][ T43] microsoft 0003:045E:07DA.0007: unknown main item tag 0x0 [ 331.183490][ T43] microsoft 0003:045E:07DA.0007: unknown main item tag 0x0 [ 331.183526][ T43] microsoft 0003:045E:07DA.0007: unknown main item tag 0x0 [ 331.183557][ T43] microsoft 0003:045E:07DA.0007: unknown main item tag 0x0 [ 331.187717][ T43] microsoft 0003:045E:07DA.0007: implement() called with n (123) > 32! (kworker/1:1) [ 331.453101][ T43] microsoft 0003:045E:07DA.0007: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 331.453139][ T43] microsoft 0003:045E:07DA.0007: no inputs found [ 331.453154][ T43] microsoft 0003:045E:07DA.0007: could not initialize ff, continuing anyway [ 331.680992][ T43] usb 2-1: USB disconnect, device number 12 [ 331.788580][T10843] fido_id[10843]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/2-1/report_descriptor': No such file or directory [ 332.320532][T10864] loop1: detected capacity change from 0 to 128 [ 334.821919][T10934] loop1: detected capacity change from 0 to 32768 [ 334.875886][T10934] gfs2: fsid=loop1: Trying to join cluster "lock_nolock", "loop1" [ 334.875921][T10934] gfs2: fsid=loop1: Now mounting FS (format 1801)... [ 335.011947][T10934] gfs2: fsid=loop1.s: fatal: filesystem consistency error - inode = 2 2073, function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 449 [ 335.011994][T10934] gfs2: fsid=loop1.s: G: s:SH n:2/819 f:laqonN t:SH d:EX/0 a:0 v:0 r:3 m:20 p:1 [ 335.012029][T10934] gfs2: fsid=loop1.s: H: s:SH f:H e:0 p:10934 [syz.1.2156] gfs2_lookup_meta+0xaf/0x180 [ 335.012085][T10934] gfs2: fsid=loop1.s: I: n:2/2073 t:4 f:0x00 d:0x00000201 s:3864 p:0 [ 335.012130][T10934] CPU: 1 UID: 0 PID: 10934 Comm: syz.1.2156 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 335.012162][T10934] Tainted: [L]=SOFTLOCKUP [ 335.012170][T10934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 335.012195][T10934] Call Trace: [ 335.012208][T10934] [ 335.012218][T10934] dump_stack_lvl+0xe8/0x150 [ 335.012254][T10934] gfs2_withdraw+0xc3/0x1b0 [ 335.012289][T10934] inode_go_instantiate+0xe2d/0x12a0 [ 335.012330][T10934] ? __pfx_bit_wait+0x10/0x10 [ 335.012352][T10934] ? __pfx_inode_go_instantiate+0x10/0x10 [ 335.012382][T10934] ? rt_spin_unlock+0x160/0x200 [ 335.012422][T10934] ? __pfx_wake_bit_function+0x10/0x10 [ 335.012457][T10934] gfs2_instantiate+0x168/0x220 [ 335.012493][T10934] gfs2_glock_wait+0x1d7/0x2a0 [ 335.012531][T10934] gfs2_lookupi+0x3e0/0x640 [ 335.012572][T10934] ? __pfx_gfs2_lookupi+0x10/0x10 [ 335.012609][T10934] ? gfs2_lookup_meta+0xaf/0x180 [ 335.012641][T10934] ? __lock_acquire+0x6b5/0x2d10 [ 335.012674][T10934] ? crc32_le+0x250/0x2c0 [ 335.012709][T10934] gfs2_lookup_meta+0xaf/0x180 [ 335.012743][T10934] ? __pfx_gfs2_lookup_meta+0x10/0x10 [ 335.012789][T10934] init_journal+0x1ce/0x2280 [ 335.012822][T10934] ? rt_spin_lock+0x1e0/0x400 [ 335.012860][T10934] ? format_decode+0xd4/0xdb0 [ 335.012889][T10934] ? vsnprintf+0x3a0/0xef0 [ 335.012920][T10934] ? __asan_memcpy+0x40/0x70 [ 335.012946][T10934] ? __pfx_init_journal+0x10/0x10 [ 335.012978][T10934] ? vsnprintf+0xe42/0xef0 [ 335.013021][T10934] ? snprintf+0xe8/0x140 [ 335.013056][T10934] ? __pfx_snprintf+0x10/0x10 [ 335.013088][T10934] ? gfs2_glock_nq_num+0x13d/0x170 [ 335.013126][T10934] init_inodes+0xdb/0x320 [ 335.013172][T10934] gfs2_fill_super+0x1a92/0x2220 [ 335.013222][T10934] ? __pfx_gfs2_fill_super+0x10/0x10 [ 335.013262][T10934] ? rt_spin_unlock+0x14f/0x200 [ 335.013302][T10934] ? init_locking+0xb8/0x210 [ 335.013342][T10934] ? sb_set_blocksize+0x11b/0x210 [ 335.013369][T10934] ? setup_bdev_super+0x4c1/0x5b0 [ 335.013432][T10934] get_tree_bdev_flags+0x431/0x4f0 [ 335.013455][T10934] ? __pfx_gfs2_fill_super+0x10/0x10 [ 335.013486][T10934] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 335.013520][T10934] ? __pfx_vfs_parse_comma_sep+0x10/0x10 [ 335.013567][T10934] gfs2_get_tree+0x51/0x1e0 [ 335.013604][T10934] vfs_get_tree+0x92/0x2a0 [ 335.013628][T10934] do_new_mount+0x341/0xd30 [ 335.013656][T10934] ? apparmor_capable+0x126/0x170 [ 335.013698][T10934] ? __pfx_do_new_mount+0x10/0x10 [ 335.013727][T10934] ? ns_capable+0x89/0xe0 [ 335.013756][T10934] ? user_path_at+0xd4/0x160 [ 335.013794][T10934] ? user_path_at+0xd4/0x160 [ 335.013828][T10934] __se_sys_mount+0x31d/0x420 [ 335.013866][T10934] ? __pfx___se_sys_mount+0x10/0x10 [ 335.013904][T10934] ? __x64_sys_mount+0x20/0xc0 [ 335.013934][T10934] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 335.013960][T10934] do_syscall_64+0x174/0x580 [ 335.013983][T10934] ? trace_irq_disable+0x3b/0x140 [ 335.014013][T10934] ? clear_bhb_loop+0x40/0x90 [ 335.014042][T10934] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 335.014066][T10934] RIP: 0033:0x7f361604e0ca [ 335.014096][T10934] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 335.014117][T10934] RSP: 002b:00007f36142a5e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 335.014142][T10934] RAX: ffffffffffffffda RBX: 00007f36142a5ee0 RCX: 00007f361604e0ca [ 335.014160][T10934] RDX: 0000200000000400 RSI: 0000200000000000 RDI: 00007f36142a5ea0 [ 335.014178][T10934] RBP: 0000200000000400 R08: 00007f36142a5ee0 R09: 0000000000000011 [ 335.014194][T10934] R10: 0000000000000011 R11: 0000000000000246 R12: 0000200000000000 [ 335.014209][T10934] R13: 00007f36142a5ea0 R14: 00000000000125eb R15: 0000200000000200 [ 335.014247][T10934] [ 335.014442][T10934] gfs2: fsid=loop1.s: can't lookup journal index: 0 [ 338.189026][T11004] loop2: detected capacity change from 0 to 32768 [ 338.199964][T11004] btrfs: Deprecated parameter 'usebackuproot' [ 338.200051][T11004] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 338.364769][T11004] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.2187 (11004) [ 338.666563][T11045] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2207'. [ 338.721550][T11004] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 338.721583][T11004] BTRFS info (device loop2): using crc32c checksum algorithm [ 339.102350][ T425] BTRFS warning (device loop2): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0 [ 339.104113][T11004] BTRFS error (device loop2): failed to load root extent [ 339.104161][T11004] BTRFS warning (device loop2): try to load backup roots slot 1 [ 339.154150][ T425] BTRFS warning (device loop2): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0xc092cdc2 level 0 [ 339.170738][T11004] BTRFS warning (device loop2): couldn't read tree root [ 339.170823][T11004] BTRFS warning (device loop2): try to load backup roots slot 2 [ 339.195170][ T56] BTRFS error (device loop2): level verify failed on logical 5255168 mirror 1 wanted 0 found 1 [ 339.195395][T11004] BTRFS warning (device loop2): couldn't read tree root [ 339.195419][T11004] BTRFS warning (device loop2): try to load backup roots slot 3 [ 339.345748][T11004] BTRFS info (device loop2): rebuilding free space tree [ 339.677156][T11004] BTRFS info (device loop2): checking UUID tree [ 339.680196][T11004] BTRFS info (device loop2): enabling ssd optimizations [ 339.680232][T11004] BTRFS info (device loop2): turning on async discard [ 339.680251][T11004] BTRFS info (device loop2): enabling free space tree [ 339.680283][T11004] BTRFS info (device loop2): force clearing of disk cache [ 339.680302][T11004] BTRFS info (device loop2): enabling auto defrag [ 339.680320][T11004] BTRFS info (device loop2): trying to use backup root at mount time [ 339.680359][T11004] BTRFS info (device loop2): use zstd compression, level 3 [ 340.860268][ T5614] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 342.562414][ T5619] Bluetooth: hci0: command 0x0406 tx timeout [ 344.488184][T11237] loop1: detected capacity change from 0 to 512 [ 344.489766][T11237] EXT4-fs: Ignoring removed oldalloc option [ 344.510682][T11237] EXT4-fs: old and new quota format mixing [ 344.822705][T11246] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2288'. [ 346.046231][T11280] loop2: detected capacity change from 0 to 128 [ 346.258541][ T37] audit: type=1800 audit(1780310372.139:110): pid=11280 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2305" name="file2" dev="loop2" ino=1048622 res=0 errno=0 [ 346.259722][ T37] audit: type=1800 audit(1780310372.149:111): pid=11280 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2305" name="file2" dev="loop2" ino=1048622 res=0 errno=0 [ 346.416775][T11280] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 346.416803][T11280] FAT-fs (loop2): Filesystem has been set read-only [ 346.416946][T11280] syz.2.2305: attempt to access beyond end of device [ 346.416946][T11280] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 346.419662][T11279] syz.2.2305: attempt to access beyond end of device [ 346.419662][T11279] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 346.419844][T11279] syz.2.2305: attempt to access beyond end of device [ 346.419844][T11279] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 346.510789][T11280] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 346.510830][T11280] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 346.511436][T11279] syz.2.2305: attempt to access beyond end of device [ 346.511436][T11279] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 346.560129][T11288] syz.2.2305: attempt to access beyond end of device [ 346.560129][T11288] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 346.560438][T11288] syz.2.2305: attempt to access beyond end of device [ 346.560438][T11288] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 346.560572][T11288] syz.2.2305: attempt to access beyond end of device [ 346.560572][T11288] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 346.602697][T11280] syz.2.2305: attempt to access beyond end of device [ 346.602697][T11280] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 346.646095][T11289] loop6: detected capacity change from 0 to 524288000 [ 346.802015][T11289] loop6: detected capacity change from 524288000 to 0 [ 348.170908][ T37] audit: type=1326 audit(1780310374.059:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11341 comm="syz.5.2332" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f13403bce59 code=0x0 [ 348.605179][T11336] loop2: detected capacity change from 0 to 32768 [ 348.627621][T11336] btrfs: Deprecated parameter 'usebackuproot' [ 348.627647][T11336] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 348.658480][T11336] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.2329 (11336) [ 348.841427][T11336] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 348.841581][T11336] BTRFS info (device loop2): using crc32c checksum algorithm [ 349.149539][T11378] netlink: 'syz.5.2341': attribute type 4 has an invalid length. [ 349.218009][T10572] BTRFS warning (device loop2): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0 [ 349.235829][T11336] BTRFS error (device loop2): failed to load root extent [ 349.266741][T11336] BTRFS warning (device loop2): try to load backup roots slot 1 [ 349.315852][ T44] BTRFS warning (device loop2): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0 [ 349.343591][T11336] BTRFS warning (device loop2): couldn't read tree root [ 349.343620][T11336] BTRFS warning (device loop2): try to load backup roots slot 2 [ 349.345235][ T44] BTRFS error (device loop2): level verify failed on logical 5255168 mirror 1 wanted 0 found 1 [ 349.345345][T11336] BTRFS warning (device loop2): couldn't read tree root [ 349.345368][T11336] BTRFS warning (device loop2): try to load backup roots slot 3 [ 349.552859][T11336] BTRFS info (device loop2): rebuilding free space tree [ 350.673327][T11336] BTRFS info (device loop2): checking UUID tree [ 350.677015][T11336] BTRFS info (device loop2): enabling ssd optimizations [ 350.677062][T11336] BTRFS info (device loop2): turning on async discard [ 350.677081][T11336] BTRFS info (device loop2): enabling free space tree [ 350.677125][T11336] BTRFS info (device loop2): force clearing of disk cache [ 350.677145][T11336] BTRFS info (device loop2): trying to use backup root at mount time [ 350.677230][T11336] BTRFS info (device loop2): force zlib compression, level 3 [ 351.348631][T11441] netlink: 'syz.5.2371': attribute type 10 has an invalid length. [ 351.467877][ T5614] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 351.722610][T11441] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 351.760819][T11441] team0: Port device netdevsim1 added [ 353.100012][T11496] loop1: detected capacity change from 0 to 512 [ 353.150855][T11496] EXT4-fs: test_dummy_encryption requires encrypt feature [ 354.447105][T11531] loop1: detected capacity change from 0 to 32768 [ 354.474313][T11531] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2410 (11531) [ 354.522812][T11531] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 354.522857][T11531] BTRFS info (device loop1): using crc32c checksum algorithm [ 354.619001][T11531] BTRFS info (device loop1): enabling ssd optimizations [ 354.619023][T11531] BTRFS info (device loop1): turning on flush-on-commit [ 354.619036][T11531] BTRFS info (device loop1): enabling free space tree [ 354.619050][T11531] BTRFS info (device loop1): force zlib compression, level 3 [ 354.619065][T11531] BTRFS info (device loop1): max_inline set to 4096 [ 355.166960][ T5613] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 357.874797][T11616] loop1: detected capacity change from 0 to 512 [ 358.136584][T11616] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 358.136798][T11616] ext4 filesystem being mounted at /230/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 358.580767][T11640] loop2: detected capacity change from 0 to 512 [ 358.599865][T11640] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 358.692849][T11640] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 358.692976][T11640] System zones: 1-12 [ 358.733127][T11616] EXT4-fs error (device loop1): ext4_do_update_inode:5690: inode #2: comm syz.1.2442: corrupted inode contents [ 358.809711][ T37] audit: type=1326 audit(1780310384.699:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11645 comm="syz.5.2456" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13403bce59 code=0x7ffc0000 [ 358.809772][ T37] audit: type=1326 audit(1780310384.699:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11645 comm="syz.5.2456" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13403bce59 code=0x7ffc0000 [ 358.809823][ T37] audit: type=1326 audit(1780310384.699:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11645 comm="syz.5.2456" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13403bce59 code=0x7ffc0000 [ 358.811514][ T37] audit: type=1326 audit(1780310384.699:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11645 comm="syz.5.2456" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13403bce59 code=0x7ffc0000 [ 358.811573][ T37] audit: type=1326 audit(1780310384.699:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11645 comm="syz.5.2456" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13403bce59 code=0x7ffc0000 [ 358.811623][ T37] audit: type=1326 audit(1780310384.699:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11645 comm="syz.5.2456" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=131 compat=0 ip=0x7f13403bce59 code=0x7ffc0000 [ 358.811675][ T37] audit: type=1326 audit(1780310384.699:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11645 comm="syz.5.2456" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13403bce59 code=0x7ffc0000 [ 358.811724][ T37] audit: type=1326 audit(1780310384.699:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11645 comm="syz.5.2456" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13403bce59 code=0x7ffc0000 [ 358.811774][ T37] audit: type=1326 audit(1780310384.699:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11645 comm="syz.5.2456" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13403bce59 code=0x7ffc0000 [ 358.811829][ T37] audit: type=1326 audit(1780310384.699:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11645 comm="syz.5.2456" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f13403bce59 code=0x7ffc0000 [ 359.077308][T11616] EXT4-fs error (device loop1): ext4_dirty_inode:6587: inode #2: comm syz.1.2442: mark_inode_dirty error [ 359.137694][T11640] EXT4-fs (loop2): 1 truncate cleaned up [ 359.172917][T11640] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 359.257580][T11616] EXT4-fs error (device loop1): ext4_do_update_inode:5690: inode #2: comm syz.1.2442: corrupted inode contents [ 359.258044][T11616] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #2: comm syz.1.2442: mark_inode_dirty error [ 359.331107][ T5614] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 359.554813][T11616] EXT4-fs warning (device loop1): ext4_es_cache_extent:1082: inode #2: comm syz.1.2442: ES cache extent failed: add [0,1,21,0x1] conflict with existing [0,8,576460752303423487,0x18] [ 359.554813][T11616] [ 359.610302][T11616] EXT4-fs error (device loop1): ext4_do_update_inode:5690: inode #2: comm syz.1.2442: corrupted inode contents [ 359.628386][T11616] EXT4-fs error (device loop1): ext4_append:88: inode #2: comm syz.1.2442: mark_inode_dirty error [ 359.673836][T11616] EXT4-fs error (device loop1) in ext4_append:100: Corrupt filesystem [ 359.949609][ T5613] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 361.045091][T11713] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2489'. [ 361.681479][T11743] loop1: detected capacity change from 0 to 128 [ 361.741136][T11743] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2498'. [ 362.112777][T11755] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2506'. [ 362.714909][ T5625] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 362.789687][ T5625] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 362.791531][ T5625] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 362.793406][ T5625] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 362.795191][ T5625] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 364.885595][ T5625] Bluetooth: hci0: command tx timeout [ 365.678651][T11865] loop1: detected capacity change from 0 to 512 [ 365.943302][T11865] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.2553: invalid indirect mapped block 256 (level 2) [ 365.943347][T11865] loop1: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 365.953008][ C1] EXT4-fs (loop1): error count since last fsck: 1 [ 365.953035][ C1] EXT4-fs (loop1): initial error at time 1780310391: ext4_free_branches:1023: inode 11 [ 365.953067][ C1] EXT4-fs (loop1): last error at time 1780310391: ext4_free_branches:1023: inode 11 [ 366.081568][T11865] EXT4-fs (loop1): 2 truncates cleaned up [ 366.205090][T11865] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 366.294079][T11865] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.2553: bg 0: block 5: invalid block bitmap [ 366.496251][T11772] bridge0: port 1(bridge_slave_0) entered blocking state [ 366.496487][T11772] bridge0: port 1(bridge_slave_0) entered disabled state [ 366.496757][T11772] bridge_slave_0: entered allmulticast mode [ 366.525462][T11772] bridge_slave_0: entered promiscuous mode [ 366.566068][T11772] bridge0: port 2(bridge_slave_1) entered blocking state [ 366.570548][T11772] bridge0: port 2(bridge_slave_1) entered disabled state [ 366.570910][T11772] bridge_slave_1: entered allmulticast mode [ 366.620700][T11772] bridge_slave_1: entered promiscuous mode [ 366.756870][ T5613] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 366.933493][T11772] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 366.960115][T11772] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 366.964967][ T5625] Bluetooth: hci0: command tx timeout [ 367.371943][T11772] team0: Port device team_slave_0 added [ 367.395142][T11772] team0: Port device team_slave_1 added [ 367.891721][T11772] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 367.891739][T11772] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 367.891771][T11772] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 368.144433][T11772] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 368.144453][T11772] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 368.144484][T11772] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 369.045902][ T5625] Bluetooth: hci0: command tx timeout [ 369.289088][T11772] hsr_slave_0: entered promiscuous mode [ 369.292169][T11772] hsr_slave_1: entered promiscuous mode [ 369.297730][T11772] debugfs: 'hsr0' already exists in 'hsr' [ 369.297816][T11772] Cannot create hsr debugfs directory [ 371.123459][ T5625] Bluetooth: hci0: command tx timeout [ 371.486909][T11772] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 371.660446][T11772] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 371.666097][T11772] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 371.950524][T11772] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 371.952669][T11772] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 372.085588][T11772] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 372.088739][T11772] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 372.271783][T11772] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 372.976966][T11772] 8021q: adding VLAN 0 to HW filter on device bond0 [ 373.125526][T11772] 8021q: adding VLAN 0 to HW filter on device team0 [ 373.184689][ T70] bridge0: port 1(bridge_slave_0) entered blocking state [ 373.184810][ T70] bridge0: port 1(bridge_slave_0) entered forwarding state [ 373.228244][ T70] bridge0: port 2(bridge_slave_1) entered blocking state [ 373.228383][ T70] bridge0: port 2(bridge_slave_1) entered forwarding state [ 373.377249][T12089] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 375.093085][T11772] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 375.929864][T11772] veth0_vlan: entered promiscuous mode [ 375.960804][T11772] veth1_vlan: entered promiscuous mode [ 376.066079][T11772] veth0_macvtap: entered promiscuous mode [ 376.089107][T11772] veth1_macvtap: entered promiscuous mode [ 376.338630][T11772] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 376.416983][T11772] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 376.448164][ T56] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 376.451336][ T56] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 376.494034][ T56] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 376.494332][ T56] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 376.802424][ T5625] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 378.380988][ T56] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 378.381010][ T56] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 378.677715][ T1336] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.677834][ T1336] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.861161][T12233] netlink: 104 bytes leftover after parsing attributes in process `syz.1.2715'. [ 379.159755][T10570] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 379.159777][T10570] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 379.403006][ T5629] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 379.588253][ T5629] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 379.588369][ T5629] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 379.588396][ T5629] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 379.668666][ T5629] usb 2-1: config 0 descriptor?? [ 379.717833][ T5629] pwc: Askey VC010 type 2 USB webcam detected. [ 380.080579][ T5629] pwc: recv_control_msg error -32 req 02 val 2b00 [ 380.092437][ T5629] pwc: recv_control_msg error -32 req 02 val 2700 [ 380.093587][ T5629] pwc: recv_control_msg error -32 req 02 val 2c00 [ 380.094589][ T5629] pwc: recv_control_msg error -32 req 04 val 1000 [ 380.095352][ T5629] pwc: recv_control_msg error -32 req 04 val 1300 [ 380.307892][ T5629] pwc: recv_control_msg error -71 req 02 val 2000 [ 380.309204][ T5629] pwc: recv_control_msg error -71 req 02 val 2100 [ 380.309760][ T5629] pwc: recv_control_msg error -71 req 04 val 1500 [ 380.310289][ T5629] pwc: recv_control_msg error -71 req 02 val 2500 [ 380.311674][ T5629] pwc: recv_control_msg error -71 req 02 val 2400 [ 380.312169][ T5629] pwc: recv_control_msg error -71 req 02 val 2600 [ 380.353509][ T5629] pwc: recv_control_msg error -71 req 02 val 2900 [ 380.360876][ T5629] pwc: recv_control_msg error -71 req 02 val 2800 [ 380.361606][ T5629] pwc: recv_control_msg error -71 req 04 val 1100 [ 380.362093][ T5629] pwc: recv_control_msg error -71 req 04 val 1200 [ 380.398677][ T5629] pwc: Registered as video103. [ 380.420103][ T5629] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input6 [ 380.789680][T12283] loop6: detected capacity change from 0 to 1024 [ 381.080127][ T5629] usb 2-1: USB disconnect, device number 13 [ 381.526988][T12306] netlink: 60 bytes leftover after parsing attributes in process `syz.6.2508'. [ 381.625515][T12305] loop1: detected capacity change from 0 to 512 [ 381.754420][T12306] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2508'. [ 382.300782][T12283] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] SMP KASAN PTI [ 382.300810][T12283] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] [ 382.300841][T12283] CPU: 1 UID: 0 PID: 12283 Comm: syz.6.2508 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 382.300873][T12283] Tainted: [L]=SOFTLOCKUP [ 382.300881][T12283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 382.300895][T12283] RIP: 0010:__hfsplus_setxattr+0x1c86/0x2890 [ 382.300936][T12283] Code: 8b 36 49 83 c6 30 4c 89 f0 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 f7 e8 c8 bf 85 ff 4d 8b 36 49 83 c6 08 4c 89 f0 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 f7 e8 ab bf 85 ff 4d 8b 36 49 8d be 50 [ 382.300963][T12283] RSP: 0018:ffffc9000d8ff420 EFLAGS: 00010202 [ 382.300985][T12283] RAX: 0000000000000001 RBX: fffff52001b1fea4 RCX: 0000000000080000 [ 382.301001][T12283] RDX: ffffc90007162000 RSI: 0000000000001ce5 RDI: 0000000000001ce6 [ 382.301017][T12283] RBP: ffffc9000d8ff8f8 R08: 0000000000000000 R09: 0000000000000000 [ 382.301032][T12283] R10: dffffc0000000000 R11: fffff9400034445f R12: dffffc0000000000 [ 382.301051][T12283] R13: ffff8880355c7260 R14: 0000000000000008 R15: ffff88806171ae30 [ 382.301067][T12283] FS: 00007f52d4ad66c0(0000) GS:ffff888125fcd000(0000) knlGS:0000000000000000 [ 382.301088][T12283] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 382.301104][T12283] CR2: 00007f4a05836658 CR3: 00000000328a6000 CR4: 00000000003526f0 [ 382.301125][T12283] Call Trace: [ 382.301138][T12283] [ 382.301162][T12283] ? __pfx___hfsplus_setxattr+0x10/0x10 [ 382.301204][T12283] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 382.301245][T12283] ? stack_depot_save_flags+0x3f3/0x810 [ 382.301306][T12283] ? rcu_is_watching+0x15/0xb0 [ 382.301342][T12283] ? __kasan_kmalloc+0x93/0xb0 [ 382.301375][T12283] ? hfsplus_setxattr+0x10b/0x340 [ 382.301412][T12283] hfsplus_setxattr+0x124/0x340 [ 382.301449][T12283] hfsplus_trusted_setxattr+0x40/0x60 [ 382.301472][T12283] ? __pfx_hfsplus_trusted_setxattr+0x10/0x10 [ 382.301494][T12283] __vfs_setxattr+0x43c/0x480 [ 382.301531][T12283] __vfs_setxattr_noperm+0x12d/0x660 [ 382.301573][T12283] vfs_setxattr+0x163/0x370 [ 382.301606][T12283] ? __pfx_vfs_setxattr+0x10/0x10 [ 382.301643][T12283] filename_setxattr+0x296/0x630 [ 382.301679][T12283] ? __pfx_filename_setxattr+0x10/0x10 [ 382.301712][T12283] ? do_getname+0x151/0x250 [ 382.301739][T12283] path_setxattrat+0x3eb/0x440 [ 382.301767][T12283] ? __pfx_path_setxattrat+0x10/0x10 [ 382.301788][T12283] ? do_futex+0x333/0x420 [ 382.301835][T12283] ? rcu_is_watching+0x15/0xb0 [ 382.301869][T12283] __x64_sys_setxattr+0xbc/0xe0 [ 382.301897][T12283] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 382.301922][T12283] do_syscall_64+0x174/0x580 [ 382.301946][T12283] ? trace_irq_disable+0x3b/0x140 [ 382.301974][T12283] ? clear_bhb_loop+0x40/0x90 [ 382.302002][T12283] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 382.302025][T12283] RIP: 0033:0x7f52d687ce59 [ 382.302046][T12283] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 382.302066][T12283] RSP: 002b:00007f52d4ad6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 382.302090][T12283] RAX: ffffffffffffffda RBX: 00007f52d6af5fa0 RCX: 00007f52d687ce59 [ 382.302107][T12283] RDX: 0000200000000200 RSI: 00002000000001c0 RDI: 0000200000000380 [ 382.302122][T12283] RBP: 00007f52d6912d6f R08: 0000000000000003 R09: 0000000000000000 [ 382.302136][T12283] R10: 0000000000000835 R11: 0000000000000246 R12: 0000000000000000 [ 382.302149][T12283] R13: 00007f52d6af6038 R14: 00007f52d6af5fa0 R15: 00007ffcbf412ba8 [ 382.302174][T12283] [ 382.302189][T12283] Modules linked in: [ 382.302263][T12283] ---[ end trace 0000000000000000 ]--- [ 382.302814][T12283] RIP: 0010:__hfsplus_setxattr+0x1c86/0x2890 [ 382.302858][T12283] Code: 8b 36 49 83 c6 30 4c 89 f0 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 f7 e8 c8 bf 85 ff 4d 8b 36 49 83 c6 08 4c 89 f0 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 f7 e8 ab bf 85 ff 4d 8b 36 49 8d be 50 [ 382.302877][T12283] RSP: 0018:ffffc9000d8ff420 EFLAGS: 00010202 [ 382.302896][T12283] RAX: 0000000000000001 RBX: fffff52001b1fea4 RCX: 0000000000080000 [ 382.302912][T12283] RDX: ffffc90007162000 RSI: 0000000000001ce5 RDI: 0000000000001ce6 [ 382.302926][T12283] RBP: ffffc9000d8ff8f8 R08: 0000000000000000 R09: 0000000000000000 [ 382.302940][T12283] R10: dffffc0000000000 R11: fffff9400034445f R12: dffffc0000000000 [ 382.302956][T12283] R13: ffff8880355c7260 R14: 0000000000000008 R15: ffff88806171ae30 [ 382.302971][T12283] FS: 00007f52d4ad66c0(0000) GS:ffff888125fcd000(0000) knlGS:0000000000000000 [ 382.302989][T12283] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 382.303004][T12283] CR2: 00007f4a05836658 CR3: 00000000328a6000 CR4: 00000000003526f0 [ 382.303031][T12283] Kernel panic - not syncing: Fatal exception [ 382.303670][T12283] Kernel Offset: disabled