last executing test programs: 40.62061354s ago: executing program 1: r0 = socket$inet6_udplite(0x11, 0x2, 0x88) getsockopt$bt_BT_SECURITY(r0, 0x107, 0x8, 0x0, 0x20000000) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1f, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000080000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1d, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x5}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$team(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@newqdisc={0x8c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x4, 0x2, {{}, [@TCA_NETEM_SLOT={0x2c}, @TCA_NETEM_RATE={0x14}]}}}]}, 0x8c}}, 0x0) 39.642818944s ago: executing program 1: syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x300001a, &(0x7f00000001c0)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c666d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75652c74696d655f6f66667365743d3078303030303030303030303030303465302c757466383d302c0077b5b28056fc4549d277ed7fab6b0be29df17f888ccab55cccc917ad315c8ea56f5a89c104f92d058b92f5881e69e06002f5914c03fef3eb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8ecce52ded99b82923228c37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e6760094145e542e426bceaab9b2cf261046247bce0565db3ac5888b74efd48bc9f455e60f49496ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d272628028b9786e1fbfb3d637c2561421488c9de8d3739a94bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4672e47fe5a25502919954242f8d779d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d4ada887dcc71e35f364baa1b93fd5ee36c02aa4628511442992ced893ab946472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b59d650d88642b10c7893fe9b664421a40f4822ffcc284dfe9aea76e4a04293c970f2dae776decf07b085e16511b0bd365b0f86c7fcd8df00a87f4dbbf8e623667e3b65e4c487055a2e5cd64402a4de537bf113fc7370099e4faebe6ea9d4f155f8f5f4c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcc22f83150503b2", @ANYRES16], 0xd, 0x2a0, &(0x7f0000000840)="$eJzs3c9qM1UUAPAzSZpGXSSIG0VwQBeuyle3bhrlE8SulAjqQoNtQZJQaCFgBWNXfQKXvoeP4MaNbyC4Fdy1i8rIZGaahKZ/qDGF+vutDnPnnHsyt6SrnPnq9dFg7zCJ0/Pfo9VKorYTO3GRRCdqUfkhGgEAPB0XWRZ/ZQ/JbNRW3w0AsA7F///CY/cCAKzHJ599/lF3d/f5x2nailfbZ+NeEhGjs3GvWO8exDcxjP14Fu24jMiuFPEHH+4+j0aa68Rbo8m4l2eOvvy1rN/9M2Kavx3t6CzP304Lc/mTcW8jXow0ugcbVavteGV5/jtL8qPXjLffnOt/K9rx29dxGMPYizx3lv/9dpq+n/14/t0X+TZ5flKL3ub0vpmsvs5zAQAAAAAAAAAAAAAAAAAAAADgadtK06QY3zOd35NfKufv1C+n61tppbM4n6fIT6pCxXygLMoRPZMsfqrm6zxL0zQrb5zlN+K1hhcLAAAAAAAAAAAAAAAAAAAAQO7425NBfzjcP1pJUE0DqH7W/9A6O3NX3oiTQb9+c8HN++81P20g7/XWm6PRiBU9lruCF/J+Vl55c3a4n0YRVAez0r1efq8oejLop+VS9ZAH/eSuvVrVwf08v9SMf9tYNv2TuMwWz7R11epiVnNFT6P50tKlv7Msu1+dd/8ozqi8kkxHbNxv940yWPoB86B1/Sx+ubngjV8Z9ZV88QAAAAAAAAAAAAAAAAAAANfMfvS7ZPH01tTaf9YUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKzZ7P3/VdCKiMUr14JJmXzbPWXQjKPjR/6IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/A/8EwAA//9s0FAH") r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) rt_sigaction(0x19, &(0x7f00000000c0)={&(0x7f0000000080)="366465f029144d00000081f30fc27f5e06ae0d0fd82e2e460f01d626f00994aff7000000c4c1796f960600000040cd00c4e2f1453c99f340a56544ca0c00", 0x0, 0x0}, 0x0, 0x8, &(0x7f0000000000)) pwritev2(r0, &(0x7f0000002a00)=[{&(0x7f0000002600)='#', 0x1}], 0x1, 0x80000001, 0x0, 0x0) 38.758698803s ago: executing program 1: syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10, &(0x7f0000000680), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==") creat(&(0x7f0000000000)='./bus\x00', 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0) quotactl$Q_SYNC(0xffffffff80000100, 0x20000000, 0x0, 0x0) 37.482851383s ago: executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x8000, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000240)={0x2a, 0x2, 0x0, "783e9db9a7937936dfd70000ecff00"}) 36.777421964s ago: executing program 4: r0 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r0, &(0x7f0000000180)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x24) r1 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r1, &(0x7f0000000180)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x24) 36.161941315s ago: executing program 4: r0 = io_uring_setup(0x6ca7, &(0x7f0000000c80)) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000640000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r1}, 0x10) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000b00)={0xfffffffe, 0x0, &(0x7f0000000a40)=[{0x0}, {0x0}], 0x0, 0x2}, 0x20) 35.541489965s ago: executing program 4: syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10, &(0x7f0000000680), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==") creat(&(0x7f0000000000)='./bus\x00', 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0) quotactl$Q_SYNC(0xffffffff80000100, 0x20000000, 0x0, 0x0) 34.485472511s ago: executing program 4: r0 = socket$inet(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="580000001000010400000000ffdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="0000000080100000280012800c0001006d6163766c616e001800028008000700010000800a000900aaaaaaaaaa23000008000500", @ANYRES32=r1], 0x58}}, 0x0) 31.619371948s ago: executing program 1: syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10, &(0x7f0000000680), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==") creat(&(0x7f0000000000)='./bus\x00', 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0) quotactl$Q_SYNC(0xffffffff80000100, 0x20000000, 0x0, 0x0) 28.798641185s ago: executing program 1: r0 = syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000020000020961b0a0000000000000109022d00010000000009040000050300000009210000000122050009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000001c0)={0x2c, &(0x7f0000000080)={0x0, 0x0, 0x5, {0x5, 0x0, "ed5d4a"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) 24.969985677s ago: executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=@dellink={0x34, 0x11, 0x1, 0x0, 0x0, {}, [@IFLA_IFNAME={0x14, 0x3, 'macsec0\x00'}]}, 0x34}}, 0x0) 22.233794371s ago: executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000100)={0x48, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME={0x2c, 0x33, @action={{{}, {}, @device_b}, @sp_mp_confirm={0xf, 0x2, {0x0, @random, {}, @val={0x72, 0x6}, @void}}}}]}, 0x48}}, 0x0) 8.73439271s ago: executing program 3: r0 = socket(0x28, 0x5, 0x0) setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r0, 0x28, 0x8, 0x0, 0x10) 8.22242389s ago: executing program 3: r0 = socket$inet6(0xa, 0x400000000001, 0x0) bind$inet6(r0, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x20000008, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000040)=0x1000, 0x4) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000300)=0x80000039bc, 0x4) sendto$inet6(r0, &(0x7f0000000000)="8d", 0x1, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000000c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=""/91, 0x10}}], 0x1, 0x12040, 0x0) 6.752681363s ago: executing program 3: r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x77, 0x101301) ioctl$USBDEVFS_DROP_PRIVILEGES(r0, 0x4004551e, &(0x7f0000000040)=0xffffffff) ioctl$USBDEVFS_CONNECTINFO(r0, 0x80085504, &(0x7f0000002a40)) 6.25167862s ago: executing program 0: r0 = socket$inet(0x2, 0x3, 0xda) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000000c0)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe, 0xf9ffff00}, {}, {}]}, 0xe0) 5.88399938s ago: executing program 3: r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r0, 0x114, 0x1d, &(0x7f0000000040)=ANY=[], 0x4) 5.581347558s ago: executing program 0: r0 = socket(0x28, 0x5, 0x0) setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r0, 0x28, 0x8, 0x0, 0x10) 5.035213097s ago: executing program 3: openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) syz_open_dev$evdev(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) open(0x0, 0x0, 0xada66a977c02d739) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) sched_setaffinity(r1, 0x8, &(0x7f00000003c0)=0xae) r4 = fsopen(&(0x7f0000000300)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(r4, 0x6, 0x0, 0x0, 0x0) fsmount(r4, 0x0, 0x0) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r5) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1}) close(r6) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r5, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) r8 = syz_open_procfs(0x0, &(0x7f0000000080)='net/mcfilter6\x00') preadv(r8, &(0x7f0000000040)=[{&(0x7f0000000140)=""/226, 0xe2}], 0x1, 0x5b, 0x0) 4.700339858s ago: executing program 0: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x2000804, &(0x7f00000008c0)=ANY=[@ANYBLOB="756e695f786c6174653d302c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c726f6469722c756e695f786c6174653d312c636f6465706167653d3737352c757466383d302c73686f72746e616d653d77696e6e742c696f636861727365743d63703933322c696f636861727365743d69736f383835392d352c726f6469722c73686f72746e616d653d77696e6e742c00d81654de6efd1cc66c931095d81181aac9addbef3449167684e594e44368581586bea778c8369e4bfbd167ad1713fd29f5d6df030a7d50ef431ac4ca2d3355ee4de2323b94819436a6752bca3bc934046317298936741964ec99fa9943b940205f1cb2333761691d1e9bd56168afbc6c8f37407c85484009369804b5d96b1481c4d55ddbcc46eb5976f562543e1b168ca7e6a897f15bf08cf59d26853a2b091cbfbda04c7b"], 0x1, 0x276, &(0x7f0000000640)="$eJzs3UFqG1cYB/BvLMmW2oW06KoUPNAuujJ2T2BTXCg1FFq0aLtoTS1DsYTBBkGTEMWrnCAnyHmyCblADpCQXbwwmSDPSFbCyEaJbJnk99vo8d77z/vezCCtZvTPN72DvcPj/ZN7z6NeT2JpMzbjNIlWLMXIgyj17GV5PwBwy51mWbzKciulM2pTktWlay0MALg2k7//i64FALgZv//x5y9bOzvbv6VpPaL3sN9OIv/Mx7f247/oRifWoxlnEdlY3v7p553tqKZDrfiuN+i3h8ne30+K42+9iDjPb0QzWuX5jTQ3kR/027X4olh/sxudXx9HM74qz/9Qko/2cnz/7UT9a9GMp//GYXRjr6htlL+/kaY/Zo9e3/1r2DvMJ4N+e2U8r5hdudELAwAAAAAAAAAAAAAAAAAAAADAJ20tHWu9+/6dytn5+Nq08Tw/7f1Ag4n386ynaZol+fyLfDW+rkZ1kXsHAAAAAAAAAAAAAAAAAACA2+L4/zsHu91u52iujdFj/SVD8Waea63OmopKUVo3iZhtrVqRvHpyZcZdNIb1dI6SaszvEiTjnsbk0Grkaw17GnljouejV6/HeWN0dx3sJnFFql52k8yhkZXcfpWpqeX3exrFDkomNy5ZffnLD6o5a04ZSiKiNj6Zlx+nNt9zeFPfQAAAAAAAAAAAAAAAAAAAwMjFQ78lgycLKAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFuDi//9naAyK8LQ5WWXYqEbRs+AtAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Bl4GwAA//95LWni") mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0) mount$bind(&(0x7f0000000180)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc51, 0x0) mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x88700a, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00') read$FUSE(r0, &(0x7f000000c1c0)={0x2020}, 0x2020) 4.114637079s ago: executing program 2: r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = open(&(0x7f0000000400)='./bus\x00', 0x16543e, 0x0) fcntl$setstatus(r0, 0x4, 0x46800) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x11, r1, 0x0) ftruncate(r0, 0x7fff) io_setup(0x7f, &(0x7f0000000100)=0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) io_submit(r2, 0x2, &(0x7f0000000380)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="90", 0x1}, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x3, 0x0, r3, 0x0}]) 3.5223272s ago: executing program 3: rt_sigprocmask(0x0, &(0x7f0000000200)={[0xfffff7feffff7ffd]}, 0x0, 0x8) gettid() bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x7, &(0x7f0000000080)=@raw=[@ldst, @btf_id={0x18, 0x7, 0x3, 0x0, 0x4}, @ringbuf_query], 0x0, 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0), 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000840)=[{0x1}, {0x0, 0x1}]}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = eventfd2(0x0, 0x0) sigaltstack(&(0x7f00000013c0)={0x0, 0x80000001, 0xfffffffffffffed4}, &(0x7f0000000000)={0x0}) sigaltstack(0x0, 0x0) ioctl$KVM_IOEVENTFD(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, r3}) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r2, 0x4010ae68, &(0x7f0000000140)) syz_open_dev$vcsn(0x0, 0x0, 0x0) ioctl$KVM_CAP_DISABLE_QUIRKS(0xffffffffffffffff, 0x4068aea3, 0x0) epoll_wait(0xffffffffffffffff, 0x0, 0x0, 0x0) tkill(0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(0xffffffffffffffff, 0x89fb, 0x0) 3.443999273s ago: executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000d00000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'veth0_virt_wifi\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="3800000055002f03020000000000000007000000", @ANYRES32=r3, @ANYBLOB="200001"], 0x38}}, 0x0) 3.113918324s ago: executing program 2: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058565d, &(0x7f00000002c0)=@multiplanar_mmap={0x0, 0x2, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "f78a34dd"}, 0x0, 0x1, {0x0}}) 2.876158532s ago: executing program 0: r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x77, 0x101301) ioctl$USBDEVFS_DROP_PRIVILEGES(r0, 0x4004551e, &(0x7f0000000040)=0xffffffff) ioctl$USBDEVFS_CONNECTINFO(r0, 0x80085504, &(0x7f0000002a40)) 2.190991638s ago: executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x2a0, 0x0, 0x2b8, 0x0, 0x0, 0x0, 0x1d8, 0x3a8, 0x3a8, 0x1d8, 0x3a8, 0x3, 0x0, {[{{@uncond, 0x0, 0xf4, 0x114, 0x0, {0xd2030000}, [@common=@inet=@l2tp={{0x2c}}, @inet=@rpfilter={{0x24}}]}, @unspec=@TRACE={0x20}}, {{@ipv6={@remote, @private2, [], [], 'macvtap0\x00', 'caif0\x00'}, 0x0, 0xa4, 0xc4}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x2fc) 1.477585035s ago: executing program 2: r0 = socket$inet(0x2, 0x3, 0xda) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000000c0)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe, 0xf9ffff00}, {}, {}]}, 0xe0) 756.139157ms ago: executing program 2: r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x0, 0x0) ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000001240)={0x0, 0x0, '\x00', @raw_data}) 181.658053ms ago: executing program 0: capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff}) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x19, 0xd, 0x0, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 0s ago: executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r1}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="1800000056000100000000000000000007000000b3"], 0x18}}, 0x0) kernel console output (not intermixed with test programs): 600.977063][ T8945] bridge_slave_1: entered allmulticast mode [ 600.999921][ T8945] bridge_slave_1: entered promiscuous mode [ 601.043687][ T3352] hsr_slave_0: left promiscuous mode [ 601.057769][ T3352] hsr_slave_1: left promiscuous mode [ 601.071303][ T3352] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 601.079447][ T3352] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 601.091950][ T3352] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 601.101144][ T3352] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 601.124963][ T3352] veth1_macvtap: left promiscuous mode [ 601.131309][ T3352] veth0_macvtap: left promiscuous mode [ 601.137406][ T3352] veth1_vlan: left promiscuous mode [ 601.143167][ T3352] veth0_vlan: left promiscuous mode [ 601.445241][ T8985] loop0: detected capacity change from 0 to 164 [ 601.495829][ T8985] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet. [ 601.509293][ T51] Bluetooth: hci2: command tx timeout [ 601.569355][ T51] Bluetooth: hci1: command tx timeout [ 602.099331][ T3352] team0 (unregistering): Port device team_slave_1 removed [ 602.257782][ T3352] team0 (unregistering): Port device team_slave_0 removed [ 602.535775][ T8907] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 602.893539][ T8945] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 602.915749][ T8907] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 603.030425][ T8907] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 603.117803][ T8945] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 603.281595][ T8907] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 603.476281][ T8945] team0: Port device team_slave_0 added [ 603.540506][ T8945] team0: Port device team_slave_1 added [ 603.590207][ T51] Bluetooth: hci2: command tx timeout [ 603.648908][ T51] Bluetooth: hci1: command tx timeout [ 603.887495][ T8945] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 603.896462][ T8945] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 603.923062][ T8945] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 604.006726][ T9006] loop0: detected capacity change from 0 to 1024 [ 604.059277][ T8968] chnl_net:caif_netlink_parms(): no params data found [ 604.100031][ T8945] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 604.107376][ T8945] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 604.141157][ T8945] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 604.253910][ T5127] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 604.272387][ T9006] hfsplus: bad catalog entry type [ 604.509137][ T3308] hfsplus: b-tree write err: -5, ino 4 [ 604.606941][ T8945] hsr_slave_0: entered promiscuous mode [ 604.655268][ T8945] hsr_slave_1: entered promiscuous mode [ 604.699335][ T5127] usb 5-1: config 17 has an invalid descriptor of length 0, skipping remainder of the config [ 604.710109][ T5127] usb 5-1: config 17 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 604.723634][ T5127] usb 5-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 604.733122][ T5127] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 604.752308][ T8945] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 604.760340][ T8945] Cannot create hsr debugfs directory [ 605.239001][ T5127] usb 5-1: string descriptor 0 read error: -71 [ 605.254990][ T5127] aiptek 5-1:17.0: interface has no int in endpoints, but must have minimum 1 [ 605.350830][ T5127] usb 5-1: USB disconnect, device number 10 [ 605.729303][ T51] Bluetooth: hci1: command tx timeout [ 605.747220][ T8907] 8021q: adding VLAN 0 to HW filter on device bond0 [ 606.037548][ T8968] bridge0: port 1(bridge_slave_0) entered blocking state [ 606.045652][ T8968] bridge0: port 1(bridge_slave_0) entered disabled state [ 606.053740][ T8968] bridge_slave_0: entered allmulticast mode [ 606.063494][ T8968] bridge_slave_0: entered promiscuous mode [ 606.144341][ T8968] bridge0: port 2(bridge_slave_1) entered blocking state [ 606.157026][ T8968] bridge0: port 2(bridge_slave_1) entered disabled state [ 606.167586][ T8968] bridge_slave_1: entered allmulticast mode [ 606.185760][ T8968] bridge_slave_1: entered promiscuous mode [ 606.457424][ T8907] 8021q: adding VLAN 0 to HW filter on device team0 [ 606.485175][ T8968] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 606.549255][ T8968] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 606.607267][ T9018] loop0: detected capacity change from 0 to 512 [ 606.636054][ T43] bridge0: port 1(bridge_slave_0) entered blocking state [ 606.644021][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state [ 606.841647][ T9018] EXT4-fs error (device loop0): ext4_orphan_get:1420: comm syz-executor.0: bad orphan inode 15 [ 606.864425][ T9018] ext4_test_bit(bit=14, block=5) = 0 [ 606.870208][ T9018] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 606.917642][ T5135] bridge0: port 2(bridge_slave_1) entered blocking state [ 606.925620][ T5135] bridge0: port 2(bridge_slave_1) entered forwarding state [ 606.938813][ T8945] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 607.099990][ T8945] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 607.176969][ T8968] team0: Port device team_slave_0 added [ 607.211902][ T8945] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 607.275958][ T8968] team0: Port device team_slave_1 added [ 607.286457][ T8945] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 607.631495][ T8968] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 607.639762][ T8968] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 607.666797][ T8968] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 607.813169][ T51] Bluetooth: hci1: command tx timeout [ 607.862955][ T8968] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 607.870448][ T8968] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 607.897059][ T8968] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 607.980297][ T43] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 608.388258][ T8968] hsr_slave_0: entered promiscuous mode [ 608.398231][ T43] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 608.408993][ T43] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 608.449242][ T8968] hsr_slave_1: entered promiscuous mode [ 608.489617][ T8968] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 608.497571][ T8968] Cannot create hsr debugfs directory [ 608.591961][ T43] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 608.601602][ T43] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 608.610329][ T43] usb 1-1: SerialNumber: syz [ 609.014379][ T43] usb 1-1: 0:2 : does not exist [ 609.019825][ T43] usb 1-1: unit 5: unexpected type 0x0b [ 609.186544][ T43] usb 1-1: USB disconnect, device number 16 [ 609.480886][ T8945] 8021q: adding VLAN 0 to HW filter on device bond0 [ 609.736107][ T8968] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 609.876851][ T7769] EXT4-fs error (device loop0): ext4_readdir:260: inode #11: block 20: comm syz-executor.0: path /root/syzkaller-testdir715432559/syzkaller.85lvZE/90/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=393216, rec_len=0, size=1024 fake=0 [ 609.937333][ T7769] EXT4-fs error (device loop0): ext4_empty_dir:3127: inode #11: block 20: comm syz-executor.0: bad entry in directory: rec_len is smaller than minimal - offset=6144, inode=393216, rec_len=0, size=1024 fake=0 [ 609.948059][ T8968] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 610.025828][ T7769] EXT4-fs error (device loop0): ext4_readdir:260: inode #11: block 20: comm syz-executor.0: path /root/syzkaller-testdir715432559/syzkaller.85lvZE/90/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=393216, rec_len=0, size=1024 fake=0 [ 610.123223][ T7769] EXT4-fs error (device loop0): ext4_empty_dir:3127: inode #11: block 20: comm syz-executor.0: bad entry in directory: rec_len is smaller than minimal - offset=6144, inode=393216, rec_len=0, size=1024 fake=0 [ 610.158002][ T8945] 8021q: adding VLAN 0 to HW filter on device team0 [ 610.196002][ T7769] EXT4-fs error (device loop0): ext4_readdir:260: inode #11: block 20: comm syz-executor.0: path /root/syzkaller-testdir715432559/syzkaller.85lvZE/90/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=393216, rec_len=0, size=1024 fake=0 [ 610.300357][ T7769] EXT4-fs error (device loop0): ext4_empty_dir:3127: inode #11: block 20: comm syz-executor.0: bad entry in directory: rec_len is smaller than minimal - offset=6144, inode=393216, rec_len=0, size=1024 fake=0 [ 610.313297][ T8968] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 610.341292][ T7769] EXT4-fs error (device loop0): ext4_readdir:260: inode #11: block 20: comm syz-executor.0: path /root/syzkaller-testdir715432559/syzkaller.85lvZE/90/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=393216, rec_len=0, size=1024 fake=0 [ 610.400561][ T7769] EXT4-fs error (device loop0): ext4_empty_dir:3127: inode #11: block 20: comm syz-executor.0: bad entry in directory: rec_len is smaller than minimal - offset=6144, inode=393216, rec_len=0, size=1024 fake=0 [ 610.461100][ T7769] EXT4-fs error (device loop0): ext4_readdir:260: inode #11: block 20: comm syz-executor.0: path /root/syzkaller-testdir715432559/syzkaller.85lvZE/90/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=393216, rec_len=0, size=1024 fake=0 [ 610.499851][ T5135] bridge0: port 1(bridge_slave_0) entered blocking state [ 610.507663][ T5135] bridge0: port 1(bridge_slave_0) entered forwarding state [ 610.527544][ T9042] loop4: detected capacity change from 0 to 1024 [ 610.566598][ T8968] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 610.605144][ T7769] EXT4-fs error (device loop0): ext4_empty_dir:3127: inode #11: block 20: comm syz-executor.0: bad entry in directory: rec_len is smaller than minimal - offset=6144, inode=393216, rec_len=0, size=1024 fake=0 [ 610.699398][ T8907] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 610.741705][ T5135] bridge0: port 2(bridge_slave_1) entered blocking state [ 610.749593][ T5135] bridge0: port 2(bridge_slave_1) entered forwarding state [ 610.775339][ T9042] hfsplus: bad catalog entry type [ 611.130203][ T9002] hfsplus: b-tree write err: -5, ino 4 [ 611.355161][ T8968] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 611.382841][ T8968] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 611.442345][ T8968] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 611.487781][ T8968] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 611.771659][ T8907] veth0_vlan: entered promiscuous mode [ 611.934998][ T8907] veth1_vlan: entered promiscuous mode [ 612.294862][ T8907] veth0_macvtap: entered promiscuous mode [ 612.365797][ T8907] veth1_macvtap: entered promiscuous mode [ 612.566863][ T8907] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 612.577834][ T8907] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 612.588121][ T8907] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 612.599148][ T8907] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 612.614632][ T8907] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 612.626192][ T8907] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 612.647298][ T8907] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 612.715295][ T8907] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 612.728071][ T8907] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 612.742382][ T8907] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 612.754254][ T8907] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 612.764575][ T8907] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 612.776272][ T8907] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 612.793900][ T8907] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 612.902721][ T8907] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 612.912086][ T8907] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 612.921254][ T8907] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 612.931458][ T8907] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 613.052601][ T8945] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 613.181348][ T8968] 8021q: adding VLAN 0 to HW filter on device bond0 [ 613.476127][ T8968] 8021q: adding VLAN 0 to HW filter on device team0 [ 613.814855][ T5129] bridge0: port 1(bridge_slave_0) entered blocking state [ 613.822761][ T5129] bridge0: port 1(bridge_slave_0) entered forwarding state [ 613.903099][ T7769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 613.931106][ T5129] bridge0: port 2(bridge_slave_1) entered blocking state [ 613.939037][ T5129] bridge0: port 2(bridge_slave_1) entered forwarding state [ 613.979812][ T25] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 614.050249][ T8945] veth0_vlan: entered promiscuous mode [ 614.194841][ T8945] veth1_vlan: entered promiscuous mode [ 614.459069][ T25] usb 5-1: config 17 has an invalid descriptor of length 0, skipping remainder of the config [ 614.469737][ T25] usb 5-1: config 17 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 614.486240][ T25] usb 5-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 614.496586][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 614.734209][ T8945] veth0_macvtap: entered promiscuous mode [ 614.831938][ T8945] veth1_macvtap: entered promiscuous mode [ 615.019188][ T25] usb 5-1: string descriptor 0 read error: -71 [ 615.032524][ T25] aiptek 5-1:17.0: interface has no int in endpoints, but must have minimum 1 [ 615.140967][ T8945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 615.151829][ T8945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.162033][ T8945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 615.172908][ T8945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.183754][ T8945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 615.198040][ T8945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.209595][ T8945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 615.220491][ T8945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.237040][ T8945] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 615.250041][ T25] usb 5-1: USB disconnect, device number 11 [ 615.319371][ T8945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 615.330505][ T8945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.340817][ T8945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 615.351613][ T8945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.361834][ T8945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 615.372701][ T8945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.382909][ T8945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 615.393782][ T8945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.415156][ T8945] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 615.572689][ T8945] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 615.584690][ T8945] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 615.593891][ T8945] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 615.606843][ T8945] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 616.955894][ T8968] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 617.712251][ T8968] veth0_vlan: entered promiscuous mode [ 617.881895][ T8968] veth1_vlan: entered promiscuous mode [ 618.291585][ T8968] veth0_macvtap: entered promiscuous mode [ 618.411774][ T8968] veth1_macvtap: entered promiscuous mode [ 618.545040][ T5078] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 618.559572][ T5078] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 618.580003][ T5078] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 618.605745][ T5078] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 618.666281][ T5078] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 618.696432][ T5078] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 618.770201][ T8968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 618.784956][ T8968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 618.796507][ T8968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 618.807382][ T8968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 618.817764][ T8968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 618.828774][ T8968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 618.839011][ T8968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 618.850766][ T8968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 618.861731][ T8968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 618.872555][ T8968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 618.895050][ T8968] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 619.045498][ T8968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 619.056426][ T8968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 619.066735][ T8968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 619.079866][ T8968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 619.101713][ T8968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 619.112637][ T8968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 619.122778][ T8968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 619.133692][ T8968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 619.143850][ T8968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 619.154732][ T8968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 619.174780][ T8968] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 619.355168][ T8968] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 619.364578][ T8968] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 619.375721][ T8968] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 619.385036][ T8968] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 620.424855][ T9106] loop4: detected capacity change from 0 to 512 [ 620.566311][ T9106] EXT4-fs error (device loop4): ext4_orphan_get:1420: comm syz-executor.4: bad orphan inode 15 [ 620.621682][ T9086] chnl_net:caif_netlink_parms(): no params data found [ 620.699259][ T9106] ext4_test_bit(bit=14, block=5) = 0 [ 620.705224][ T9106] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 620.771790][ T5078] Bluetooth: hci3: command tx timeout [ 621.475400][ T9002] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 621.484163][ T9002] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 621.659162][ T7728] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 621.686730][ T9002] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 621.695246][ T9002] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 622.050664][ T7728] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 622.066560][ T7728] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 622.201923][ T7728] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 622.212964][ T7728] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 622.222605][ T7728] usb 5-1: SerialNumber: syz [ 622.592613][ T7728] usb 5-1: 0:2 : does not exist [ 622.597826][ T7728] usb 5-1: unit 5: unexpected type 0x0b [ 622.644004][ T9086] bridge0: port 1(bridge_slave_0) entered blocking state [ 622.652078][ T9086] bridge0: port 1(bridge_slave_0) entered disabled state [ 622.660312][ T9086] bridge_slave_0: entered allmulticast mode [ 622.677869][ T9086] bridge_slave_0: entered promiscuous mode [ 622.712271][ T7728] usb 5-1: USB disconnect, device number 12 [ 622.735574][ T9086] bridge0: port 2(bridge_slave_1) entered blocking state [ 622.744174][ T9086] bridge0: port 2(bridge_slave_1) entered disabled state [ 622.752243][ T9086] bridge_slave_1: entered allmulticast mode [ 622.762198][ T9086] bridge_slave_1: entered promiscuous mode [ 622.890993][ T781] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 622.899361][ T781] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 622.907388][ T5078] Bluetooth: hci3: command tx timeout [ 623.111554][ T7728] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 623.119862][ T7728] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 623.161072][ T9086] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 623.229634][ T9086] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 623.474931][ T9086] team0: Port device team_slave_0 added [ 623.526203][ T9110] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1216: group 0, block bitmap and bg descriptor inconsistent: 7969 vs 220 free clusters [ 623.607425][ T9086] team0: Port device team_slave_1 added [ 623.671214][ T8564] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 20: comm syz-executor.4: path /root/syzkaller-testdir3094412873/syzkaller.gFEOxh/34/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=393216, rec_len=0, size=1024 fake=0 [ 623.771146][ T8564] EXT4-fs error (device loop4): ext4_empty_dir:3127: inode #11: block 20: comm syz-executor.4: bad entry in directory: rec_len is smaller than minimal - offset=6144, inode=393216, rec_len=0, size=1024 fake=0 [ 623.857019][ T9086] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 623.864059][ T8564] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 20: comm syz-executor.4: path /root/syzkaller-testdir3094412873/syzkaller.gFEOxh/34/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=393216, rec_len=0, size=1024 fake=0 [ 623.871693][ T8564] EXT4-fs error (device loop4): ext4_empty_dir:3127: inode #11: block 20: comm syz-executor.4: bad entry in directory: rec_len is smaller than minimal - offset=6144, inode=393216, rec_len=0, size=1024 fake=0 [ 623.891284][ T9086] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 623.891453][ T9086] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 623.979132][ T9137] loop3: detected capacity change from 0 to 1024 [ 624.012905][ T8564] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 20: comm syz-executor.4: path /root/syzkaller-testdir3094412873/syzkaller.gFEOxh/34/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=393216, rec_len=0, size=1024 fake=0 [ 624.057172][ T9086] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 624.064981][ T9086] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 624.089984][ T8564] EXT4-fs error (device loop4): ext4_empty_dir:3127: inode #11: block 20: comm syz-executor.4: bad entry in directory: rec_len is smaller than minimal - offset=6144, inode=393216, rec_len=0, size=1024 fake=0 [ 624.091343][ T9086] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 624.151955][ T9137] hfsplus: bad catalog entry type [ 624.176356][ T8564] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 20: comm syz-executor.4: path /root/syzkaller-testdir3094412873/syzkaller.gFEOxh/34/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=393216, rec_len=0, size=1024 fake=0 [ 624.294349][ T8564] EXT4-fs error (device loop4): ext4_empty_dir:3127: inode #11: block 20: comm syz-executor.4: bad entry in directory: rec_len is smaller than minimal - offset=6144, inode=393216, rec_len=0, size=1024 fake=0 [ 624.381931][ T8564] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 20: comm syz-executor.4: path /root/syzkaller-testdir3094412873/syzkaller.gFEOxh/34/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=393216, rec_len=0, size=1024 fake=0 [ 624.399253][ T2954] hfsplus: b-tree write err: -5, ino 4 [ 624.627502][ T9086] hsr_slave_0: entered promiscuous mode [ 624.654901][ T9086] hsr_slave_1: entered promiscuous mode [ 624.677539][ T9086] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 624.686447][ T9086] Cannot create hsr debugfs directory [ 624.936920][ T5078] Bluetooth: hci3: command tx timeout [ 625.827888][ T9086] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 626.021839][ T9086] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 626.222183][ T9086] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 626.430850][ T9155] loop2: detected capacity change from 0 to 1024 [ 626.430811][ T9086] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 626.550007][ T9155] EXT4-fs: Ignoring removed orlov option [ 626.656931][ T9155] EXT4-fs (loop2): Test dummy encryption mode enabled [ 626.713408][ T9155] EXT4-fs (loop2): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 626.876602][ T9155] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 627.013470][ T5078] Bluetooth: hci3: command tx timeout [ 627.067597][ T8564] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 627.185948][ T9086] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 627.323117][ T9086] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 627.464397][ T3449] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 627.546331][ T9086] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 627.675957][ T3449] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 627.750449][ T9086] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 627.923390][ T3449] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 627.934714][ T9155] fscrypt: AES-256-CBC-CTS using implementation "cts(cbc(ecb(aes-fixed-time)))" [ 628.165381][ T3449] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 628.249990][ T8945] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 628.285446][ T3308] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 628.293759][ T3308] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 628.594810][ T3449] bridge_slave_1: left allmulticast mode [ 628.601070][ T3449] bridge_slave_1: left promiscuous mode [ 628.616213][ T3449] bridge0: port 2(bridge_slave_1) entered disabled state [ 628.648323][ T3449] bridge_slave_0: left allmulticast mode [ 628.655346][ T3449] bridge_slave_0: left promiscuous mode [ 628.662263][ T3449] bridge0: port 1(bridge_slave_0) entered disabled state [ 628.821336][ T9171] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 629.205813][ T9175] loop2: detected capacity change from 0 to 512 [ 629.351619][ T9175] EXT4-fs error (device loop2): ext4_orphan_get:1420: comm syz-executor.2: bad orphan inode 15 [ 629.398981][ T9175] ext4_test_bit(bit=14, block=5) = 0 [ 629.404587][ T9175] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 629.432723][ T3449] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 629.515287][ T3449] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 629.553198][ T9179] loop3: detected capacity change from 0 to 1024 [ 629.580138][ T3449] bond0 (unregistering): Released all slaves [ 629.721151][ T2954] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 629.729625][ T2954] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 629.749640][ T9179] hfsplus: bad catalog entry type [ 630.084077][ T59] hfsplus: b-tree write err: -5, ino 4 [ 630.650327][ T43] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 630.693223][ T9177] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1216: group 0, block bitmap and bg descriptor inconsistent: 7969 vs 220 free clusters [ 630.980478][ T3449] hsr_slave_0: left promiscuous mode [ 631.011999][ T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 631.021111][ T3449] hsr_slave_1: left promiscuous mode [ 631.033219][ T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 631.043838][ T3449] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 631.045103][ T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 631.052004][ T3449] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 631.082239][ T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 631.105716][ T51] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 631.116223][ T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 631.119328][ T3449] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 631.131367][ T3449] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 631.194238][ T3449] veth1_macvtap: left promiscuous mode [ 631.200689][ T3449] veth0_macvtap: left promiscuous mode [ 631.206779][ T3449] veth1_vlan: left promiscuous mode [ 631.212688][ T3449] veth0_vlan: left promiscuous mode [ 631.231208][ T43] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 631.242391][ T43] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 631.359373][ T43] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 631.370321][ T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 631.383690][ T43] usb 3-1: SerialNumber: syz [ 631.830124][ T43] usb 3-1: 0:2 : does not exist [ 631.835472][ T43] usb 3-1: unit 5: unexpected type 0x0b [ 631.991253][ T43] usb 3-1: USB disconnect, device number 16 [ 632.391626][ T3449] team0 (unregistering): Port device team_slave_1 removed [ 632.525622][ T3449] team0 (unregistering): Port device team_slave_0 removed [ 632.865704][ T8945] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 20: comm syz-executor.2: path /root/syzkaller-testdir2638296750/syzkaller.64n04R/4/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=393216, rec_len=0, size=1024 fake=0 [ 632.982545][ T8945] EXT4-fs error (device loop2): ext4_empty_dir:3127: inode #11: block 20: comm syz-executor.2: bad entry in directory: rec_len is smaller than minimal - offset=6144, inode=393216, rec_len=0, size=1024 fake=0 [ 633.033331][ T8945] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 20: comm syz-executor.2: path /root/syzkaller-testdir2638296750/syzkaller.64n04R/4/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=393216, rec_len=0, size=1024 fake=0 [ 633.190357][ T8945] EXT4-fs error (device loop2): ext4_empty_dir:3127: inode #11: block 20: comm syz-executor.2: bad entry in directory: rec_len is smaller than minimal - offset=6144, inode=393216, rec_len=0, size=1024 fake=0 [ 633.248933][ T5078] Bluetooth: hci0: command tx timeout [ 633.266769][ T8945] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 20: comm syz-executor.2: path /root/syzkaller-testdir2638296750/syzkaller.64n04R/4/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=393216, rec_len=0, size=1024 fake=0 [ 633.343926][ T8945] EXT4-fs error (device loop2): ext4_empty_dir:3127: inode #11: block 20: comm syz-executor.2: bad entry in directory: rec_len is smaller than minimal - offset=6144, inode=393216, rec_len=0, size=1024 fake=0 [ 633.439823][ T8945] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 20: comm syz-executor.2: path /root/syzkaller-testdir2638296750/syzkaller.64n04R/4/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=393216, rec_len=0, size=1024 fake=0 [ 633.509711][ T8945] EXT4-fs error (device loop2): ext4_empty_dir:3127: inode #11: block 20: comm syz-executor.2: bad entry in directory: rec_len is smaller than minimal - offset=6144, inode=393216, rec_len=0, size=1024 fake=0 [ 633.607940][ T8945] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 20: comm syz-executor.2: path /root/syzkaller-testdir2638296750/syzkaller.64n04R/4/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=393216, rec_len=0, size=1024 fake=0 [ 633.774290][ T9086] 8021q: adding VLAN 0 to HW filter on device bond0 [ 634.012015][ T9207] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 634.154337][ T9086] 8021q: adding VLAN 0 to HW filter on device team0 [ 634.280719][ T7728] bridge0: port 1(bridge_slave_0) entered blocking state [ 634.288760][ T7728] bridge0: port 1(bridge_slave_0) entered forwarding state [ 634.455240][ T7728] bridge0: port 2(bridge_slave_1) entered blocking state [ 634.463088][ T7728] bridge0: port 2(bridge_slave_1) entered forwarding state [ 634.669549][ T9186] chnl_net:caif_netlink_parms(): no params data found [ 635.331333][ T5078] Bluetooth: hci0: command tx timeout [ 635.701059][ T8945] EXT4-fs error: 150 callbacks suppressed [ 635.701147][ T8945] EXT4-fs error (device loop2): ext4_empty_dir:3127: inode #11: block 20: comm syz-executor.2: bad entry in directory: rec_len is smaller than minimal - offset=6144, inode=393216, rec_len=0, size=1024 fake=0 [ 635.800721][ T8945] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 20: comm syz-executor.2: path /root/syzkaller-testdir2638296750/syzkaller.64n04R/4/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=393216, rec_len=0, size=1024 fake=0 [ 635.901798][ T8945] EXT4-fs error (device loop2): ext4_empty_dir:3127: inode #11: block 20: comm syz-executor.2: bad entry in directory: rec_len is smaller than minimal - offset=6144, inode=393216, rec_len=0, size=1024 fake=0 [ 635.971105][ T8945] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 20: comm syz-executor.2: path /root/syzkaller-testdir2638296750/syzkaller.64n04R/4/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=393216, rec_len=0, size=1024 fake=0 [ 636.069639][ T8945] EXT4-fs error (device loop2): ext4_empty_dir:3127: inode #11: block 20: comm syz-executor.2: bad entry in directory: rec_len is smaller than minimal - offset=6144, inode=393216, rec_len=0, size=1024 fake=0 [ 636.150785][ T8945] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 20: comm syz-executor.2: path /root/syzkaller-testdir2638296750/syzkaller.64n04R/4/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=393216, rec_len=0, size=1024 fake=0 [ 636.259806][ T8945] EXT4-fs error (device loop2): ext4_empty_dir:3127: inode #11: block 20: comm syz-executor.2: bad entry in directory: rec_len is smaller than minimal - offset=6144, inode=393216, rec_len=0, size=1024 fake=0 [ 636.351068][ T8945] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 20: comm syz-executor.2: path /root/syzkaller-testdir2638296750/syzkaller.64n04R/4/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=393216, rec_len=0, size=1024 fake=0 [ 636.440239][ T8945] EXT4-fs error (device loop2): ext4_empty_dir:3127: inode #11: block 20: comm syz-executor.2: bad entry in directory: rec_len is smaller than minimal - offset=6144, inode=393216, rec_len=0, size=1024 fake=0 [ 636.551524][ T8945] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 20: comm syz-executor.2: path /root/syzkaller-testdir2638296750/syzkaller.64n04R/4/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=393216, rec_len=0, size=1024 fake=0 [ 636.730629][ T9224] loop1: detected capacity change from 0 to 4096 [ 636.843392][ T9224] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 636.909045][ T9186] bridge0: port 1(bridge_slave_0) entered blocking state [ 636.916936][ T9186] bridge0: port 1(bridge_slave_0) entered disabled state [ 636.925133][ T9186] bridge_slave_0: entered allmulticast mode [ 636.934891][ T9186] bridge_slave_0: entered promiscuous mode [ 637.027935][ T9186] bridge0: port 2(bridge_slave_1) entered blocking state [ 637.036074][ T9186] bridge0: port 2(bridge_slave_1) entered disabled state [ 637.044173][ T9186] bridge_slave_1: entered allmulticast mode [ 637.053941][ T9186] bridge_slave_1: entered promiscuous mode [ 637.330021][ T9224] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 637.416671][ T5078] Bluetooth: hci0: command tx timeout [ 637.475725][ T9086] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 637.530437][ T9186] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 637.750346][ T9186] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 637.805300][ T8945] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 638.053097][ T9186] team0: Port device team_slave_0 added [ 638.119160][ T9186] team0: Port device team_slave_1 added [ 638.451727][ T9186] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 638.459501][ T9186] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 638.485968][ T9186] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 638.670697][ T9186] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 638.677922][ T9186] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 638.704388][ T9186] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 638.831203][ T9086] veth0_vlan: entered promiscuous mode [ 638.970232][ T9086] veth1_vlan: entered promiscuous mode [ 639.317350][ T9241] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 639.320794][ T9186] hsr_slave_0: entered promiscuous mode [ 639.352638][ T9186] hsr_slave_1: entered promiscuous mode [ 639.491669][ T5078] Bluetooth: hci0: command tx timeout [ 639.804971][ T9086] veth0_macvtap: entered promiscuous mode [ 639.955984][ T3449] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 640.006745][ T9243] binder: BINDER_SET_CONTEXT_MGR already set [ 640.014324][ T9243] binder: 9242:9243 ioctl 4018620d 20000040 returned -16 [ 640.043007][ T9086] veth1_macvtap: entered promiscuous mode [ 640.238772][ T3449] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 640.467732][ T3449] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 640.663417][ T9086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 640.674428][ T9086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 640.686552][ T9086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 640.703603][ T9086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 640.715503][ T9086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 640.726366][ T9086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 640.739398][ T9086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 640.750201][ T9086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 640.760306][ T9086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 640.771204][ T9086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 640.787484][ T9086] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 641.059184][ T3449] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 641.453057][ T9086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 641.464116][ T9086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 641.474405][ T9086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 641.485639][ T9086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 641.500299][ T9086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 641.517625][ T9086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 641.529531][ T9086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 641.540437][ T9086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 641.550725][ T9086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 641.561583][ T9086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 641.580711][ T9086] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 641.671247][ T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 641.682787][ T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 641.721198][ T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 641.827631][ T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 641.865683][ T51] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 641.875526][ T9086] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 641.885273][ T9086] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 641.894596][ T9086] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 641.903790][ T9086] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 641.932901][ T51] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 641.970836][ T3449] bridge_slave_1: left allmulticast mode [ 641.977111][ T3449] bridge_slave_1: left promiscuous mode [ 641.984221][ T3449] bridge0: port 2(bridge_slave_1) entered disabled state [ 642.041432][ T3449] bridge_slave_0: left allmulticast mode [ 642.047367][ T3449] bridge_slave_0: left promiscuous mode [ 642.054364][ T3449] bridge0: port 1(bridge_slave_0) entered disabled state [ 642.102397][ T9254] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 642.129375][ T3449] bridge_slave_1: left allmulticast mode [ 642.141728][ T3449] bridge_slave_1: left promiscuous mode [ 642.152862][ T3449] bridge0: port 2(bridge_slave_1) entered disabled state [ 642.206598][ T3449] bridge_slave_0: left allmulticast mode [ 642.213261][ T3449] bridge_slave_0: left promiscuous mode [ 642.220282][ T3449] bridge0: port 1(bridge_slave_0) entered disabled state [ 642.790179][ T9259] loop3: detected capacity change from 0 to 1024 [ 642.841632][ T9259] EXT4-fs: Ignoring removed orlov option [ 642.905540][ T9259] EXT4-fs (loop3): Test dummy encryption mode enabled [ 642.934800][ T9259] EXT4-fs (loop3): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 643.289336][ T9259] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 643.530705][ T3449] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 643.601152][ T3449] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 643.623413][ T8907] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 643.648104][ T3449] bond0 (unregistering): Released all slaves [ 643.708886][ T3449] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 643.818144][ T3449] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 643.845781][ T3449] bond0 (unregistering): Released all slaves [ 644.085473][ T5078] Bluetooth: hci2: command tx timeout [ 645.681816][ T9186] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 645.932061][ T9186] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 646.080115][ T3449] hsr_slave_0: left promiscuous mode [ 646.130970][ T5078] Bluetooth: hci2: command tx timeout [ 646.137247][ T3449] hsr_slave_1: left promiscuous mode [ 646.197544][ T3449] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 646.206067][ T3449] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 646.262745][ T3449] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 646.270794][ T3449] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 646.346370][ T3449] hsr_slave_0: left promiscuous mode [ 646.356221][ T3449] hsr_slave_1: left promiscuous mode [ 646.377141][ T3449] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 646.385471][ T3449] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 646.406991][ T3449] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 646.415141][ T3449] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 646.483075][ T3449] veth1_macvtap: left promiscuous mode [ 646.489109][ T3449] veth0_macvtap: left promiscuous mode [ 646.495192][ T3449] veth1_vlan: left promiscuous mode [ 646.501086][ T3449] veth0_vlan: left promiscuous mode [ 646.518245][ T3449] veth1_macvtap: left promiscuous mode [ 646.521980][ T9294] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 646.524747][ T3449] veth0_macvtap: left promiscuous mode [ 646.541963][ T3449] veth1_vlan: left promiscuous mode [ 646.547583][ T3449] veth0_vlan: left promiscuous mode [ 647.571257][ T9300] loop3: detected capacity change from 0 to 1024 [ 647.589089][ T9298] loop1: detected capacity change from 0 to 2048 [ 647.617824][ T9300] EXT4-fs: Ignoring removed orlov option [ 647.646692][ T9300] EXT4-fs (loop3): Test dummy encryption mode enabled [ 647.675356][ T9300] EXT4-fs (loop3): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 647.846664][ T9300] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 648.066021][ T3449] team0 (unregistering): Port device team_slave_1 removed [ 648.169011][ T3449] team0 (unregistering): Port device team_slave_0 removed [ 648.217490][ T5078] Bluetooth: hci2: command tx timeout [ 648.239422][ T29] audit: type=1326 audit(1718240438.141:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9303 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf748c579 code=0x0 [ 648.396923][ T8907] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 648.953932][ T9306] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 649.051876][ T3449] team0 (unregistering): Port device team_slave_1 removed [ 649.096825][ T3449] team0 (unregistering): Port device team_slave_0 removed [ 649.467892][ T9186] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 649.516497][ T9308] loop1: detected capacity change from 0 to 16 [ 649.528469][ T9249] chnl_net:caif_netlink_parms(): no params data found [ 649.591437][ T9186] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 649.662009][ T9308] erofs: (device loop1): mounted with root inode @ nid 36. [ 649.788941][ T9308] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 649.911563][ T9308] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -27 in[61, 4035] out[1851] [ 649.925033][ T9308] erofs: (device loop1): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 650.291734][ T5078] Bluetooth: hci2: command tx timeout [ 651.472489][ T9249] bridge0: port 1(bridge_slave_0) entered blocking state [ 651.480513][ T9249] bridge0: port 1(bridge_slave_0) entered disabled state [ 651.488673][ T9249] bridge_slave_0: entered allmulticast mode [ 651.498570][ T9249] bridge_slave_0: entered promiscuous mode [ 651.532769][ T9186] 8021q: adding VLAN 0 to HW filter on device bond0 [ 651.621853][ T9249] bridge0: port 2(bridge_slave_1) entered blocking state [ 651.630825][ T9249] bridge0: port 2(bridge_slave_1) entered disabled state [ 651.638974][ T9249] bridge_slave_1: entered allmulticast mode [ 651.652042][ T9249] bridge_slave_1: entered promiscuous mode [ 651.826895][ T9186] 8021q: adding VLAN 0 to HW filter on device team0 [ 652.022961][ T7728] bridge0: port 1(bridge_slave_0) entered blocking state [ 652.030880][ T7728] bridge0: port 1(bridge_slave_0) entered forwarding state [ 652.076646][ T9249] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 652.144179][ T7728] bridge0: port 2(bridge_slave_1) entered blocking state [ 652.152163][ T7728] bridge0: port 2(bridge_slave_1) entered forwarding state [ 652.224042][ T9249] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 652.598730][ T9249] team0: Port device team_slave_0 added [ 652.668968][ T9249] team0: Port device team_slave_1 added [ 652.749064][ T9335] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 652.986734][ T9249] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 652.994077][ T9249] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 653.028086][ T9249] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 653.292323][ T9249] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 653.299801][ T9249] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 653.327586][ T9249] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 653.812500][ T9249] hsr_slave_0: entered promiscuous mode [ 653.859102][ T9249] hsr_slave_1: entered promiscuous mode [ 653.875253][ T9344] loop3: detected capacity change from 0 to 1024 [ 653.882734][ T9249] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 653.891044][ T9249] Cannot create hsr debugfs directory [ 653.892240][ T9342] loop1: detected capacity change from 0 to 2048 [ 653.953282][ T9344] EXT4-fs: Ignoring removed orlov option [ 654.029847][ T9344] EXT4-fs (loop3): Test dummy encryption mode enabled [ 654.076733][ T9344] EXT4-fs (loop3): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 654.294070][ T9344] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 654.414083][ T1218] ieee802154 phy0 wpan0: encryption failed: -22 [ 654.421899][ T1218] ieee802154 phy1 wpan1: encryption failed: -22 [ 654.436924][ T8] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 654.445214][ T8] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 654.498114][ T132] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 654.506815][ T132] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 655.059610][ T8907] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 655.520532][ T9186] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 655.828194][ T9360] block device autoloading is deprecated and will be removed. [ 656.027910][ T9362] loop0: detected capacity change from 0 to 16 [ 656.104209][ T9249] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 656.134973][ T9362] erofs: (device loop0): mounted with root inode @ nid 36. [ 656.208053][ T9362] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 656.224330][ T9249] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 656.281438][ T9362] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -27 in[61, 4035] out[1851] [ 656.292918][ T9362] erofs: (device loop0): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 656.377997][ T9249] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 656.500444][ T9249] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 657.977973][ T9384] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 658.022562][ T9249] 8021q: adding VLAN 0 to HW filter on device bond0 [ 658.291815][ T9249] 8021q: adding VLAN 0 to HW filter on device team0 [ 658.410548][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 658.418489][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 658.524093][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 658.531999][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 659.049286][ T29] audit: type=1326 audit(1718240448.981:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9387 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x0 [ 659.066159][ T9186] veth0_vlan: entered promiscuous mode [ 659.196395][ T9393] netlink: 'syz-executor.1': attribute type 32 has an invalid length. [ 659.205442][ T9393] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 659.215586][ T9393] (unnamed net_device) (uninitialized): option coupled_control: invalid value (116) [ 659.272478][ T9186] veth1_vlan: entered promiscuous mode [ 659.732341][ T9186] veth0_macvtap: entered promiscuous mode [ 659.813392][ T9186] veth1_macvtap: entered promiscuous mode [ 660.082459][ T9186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 660.093580][ T9186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 660.103879][ T9186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 660.114747][ T9186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 660.125562][ T9186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 660.136795][ T9186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 660.153179][ T9186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 660.165832][ T9186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 660.182767][ T9186] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 660.442439][ T9186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 660.457425][ T9186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 660.468751][ T9186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 660.479671][ T9186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 660.489844][ T9186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 660.500634][ T9186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 660.510833][ T9186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 660.521622][ T9186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 660.537771][ T9186] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 660.631368][ T9406] loop0: detected capacity change from 0 to 16 [ 660.687618][ T9406] erofs: (device loop0): mounted with root inode @ nid 36. [ 660.815108][ T9406] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 660.895248][ T9186] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 660.904565][ T9186] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 660.913753][ T9186] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 660.922925][ T9186] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 660.950114][ T9406] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -27 in[61, 4035] out[1851] [ 660.961636][ T9406] erofs: (device loop0): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 661.265215][ T9249] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 661.826754][ T9249] veth0_vlan: entered promiscuous mode [ 661.963342][ T9249] veth1_vlan: entered promiscuous mode [ 662.277139][ T9415] loop1: detected capacity change from 0 to 2048 [ 662.333386][ T9415] udf: Bad value for 'umask' [ 662.364317][ T9426] input: syz1 as /devices/virtual/input/input22 [ 662.469826][ T9249] veth0_macvtap: entered promiscuous mode [ 662.571961][ T9422] ALSA: seq fatal error: cannot create timer (-22) [ 662.582334][ T9249] veth1_macvtap: entered promiscuous mode [ 662.613404][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 662.978935][ T9249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 662.990631][ T9249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 663.000885][ T9249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 663.015757][ T9249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 663.027289][ T9249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 663.038191][ T9249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 663.048573][ T9249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 663.059399][ T9249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 663.069526][ T9249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 663.080306][ T9249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 663.098474][ T9249] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 663.286617][ T9249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 663.298131][ T9249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 663.308603][ T9249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 663.330042][ T9249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 663.342723][ T9249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 663.353637][ T9249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 663.363939][ T9249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 663.375011][ T9249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 663.385237][ T9249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 663.396082][ T9249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 663.413897][ T9249] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 663.702884][ T9249] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 663.712270][ T9249] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 663.721652][ T9249] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 663.739482][ T9249] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 663.995113][ T9437] loop1: detected capacity change from 0 to 1024 [ 664.339666][ T9443] netlink: 'syz-executor.0': attribute type 32 has an invalid length. [ 664.353961][ T9443] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 664.365707][ T9443] (unnamed net_device) (uninitialized): option coupled_control: invalid value (116) [ 665.103675][ T29] audit: type=1326 audit(1718240455.041:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9446 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf748c579 code=0x0 [ 666.355887][ T9468] loop1: detected capacity change from 0 to 16 [ 666.424453][ T9468] erofs: (device loop1): mounted with root inode @ nid 36. [ 666.503668][ T9468] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 666.549621][ T9468] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -27 in[61, 4035] out[1851] [ 666.562268][ T9468] erofs: (device loop1): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 668.188131][ T9480] loop3: detected capacity change from 0 to 2048 [ 668.213592][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 668.284204][ T9480] udf: Bad value for 'umask' [ 668.387944][ T9493] loop0: detected capacity change from 0 to 256 [ 668.441247][ T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!! [ 668.482680][ T9493] exfat: Deprecated parameter 'namecase' [ 668.606354][ T9493] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 669.071487][ T3561] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 669.080715][ T3561] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 669.306348][ T3561] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 669.315735][ T3561] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 670.081595][ T0] NOHZ tick-stop error: local softirq work is pending, handler #c2!!! [ 670.210700][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 670.359999][ T29] audit: type=1326 audit(1718240460.271:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9505 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf748c579 code=0x0 [ 670.389866][ T0] NOHZ tick-stop error: local softirq work is pending, handler #2c0!!! [ 671.547964][ T132] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 671.556338][ T132] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 671.734055][ T3308] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 671.742757][ T3308] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 671.810076][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 671.941032][ T9519] netlink: 'syz-executor.1': attribute type 30 has an invalid length. [ 672.213081][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 672.214251][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 672.231608][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 673.305870][ T9532] loop0: detected capacity change from 0 to 1024 [ 673.705800][ T9539] loop4: detected capacity change from 0 to 512 [ 673.847352][ T9539] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 673.944564][ T9539] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended [ 674.039398][ T9539] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002] [ 674.048124][ T9539] System zones: 0-2, 18-18, 34-34 [ 674.119010][ T9539] EXT4-fs error (device loop4): ext4_orphan_get:1420: comm syz-executor.4: bad orphan inode 15 [ 674.202319][ T9539] ext4_test_bit(bit=14, block=18) = 1 [ 674.207994][ T9539] is_bad_inode(inode)=0 [ 674.212728][ T9539] NEXT_ORPHAN(inode)=2264924160 [ 674.217793][ T9539] max_ino=32 [ 674.221343][ T9539] i_nlink=0 [ 674.224807][ T9539] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1153: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 674.343247][ T9539] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz-executor.4: bg 0: block 80: padding at end of block bitmap is not set [ 674.434728][ T9539] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6537: Corrupt filesystem [ 674.494585][ T9539] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 675.008895][ T9551] netlink: 'syz-executor.2': attribute type 30 has an invalid length. [ 675.026351][ T9186] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 675.860835][ T9562] Bluetooth: MGMT ver 1.22 [ 676.421259][ T9566] loop4: detected capacity change from 0 to 1024 [ 677.540780][ T9581] loop1: detected capacity change from 0 to 1024 [ 677.801733][ T9581] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 677.991826][ T29] audit: type=1804 audit(1718240467.921:337): pid=9572 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir868262181/syzkaller.v82747/47/file1/file1" dev="loop1" ino=15 res=1 errno=0 [ 678.557010][ T8968] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 679.773248][ T9611] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 681.049498][ T9621] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 681.498691][ T5135] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 681.801122][ T5135] usb 1-1: Using ep0 maxpacket: 8 [ 682.110155][ T5135] usb 1-1: New USB device found, idVendor=04bb, idProduct=0901, bcdDevice=56.a0 [ 682.120097][ T5135] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 682.129173][ T5135] usb 1-1: Product: syz [ 682.133619][ T5135] usb 1-1: Manufacturer: syz [ 682.138720][ T5135] usb 1-1: SerialNumber: syz [ 682.212659][ T5135] usb 1-1: config 0 descriptor?? [ 682.475519][ T9636] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 682.517159][ T5135] kaweth 1-1:0.0: Firmware present in device. [ 682.743111][ T5135] kaweth 1-1:0.0: Statistics collection: 0 [ 682.750995][ T5135] kaweth 1-1:0.0: Multicast filter limit: 0 [ 682.757335][ T5135] kaweth 1-1:0.0: MTU: 0 [ 682.763216][ T5135] kaweth 1-1:0.0: Read MAC address 00:00:00:00:00:00 [ 683.377046][ T5135] kaweth 1-1:0.0: kaweth interface created at eth1 [ 683.627738][ T5135] usb 1-1: USB disconnect, device number 17 [ 684.164616][ T9651] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 684.975237][ T9655] loop4: detected capacity change from 0 to 1024 [ 685.085250][ T9655] EXT4-fs: Ignoring removed nobh option [ 685.146642][ T9655] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 685.366977][ T9655] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 685.839398][ T9670] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 686.081893][ T9186] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 686.956336][ T9682] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 687.324684][ T5129] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 687.618681][ T5129] usb 3-1: Using ep0 maxpacket: 8 [ 687.969978][ T5129] usb 3-1: New USB device found, idVendor=04bb, idProduct=0901, bcdDevice=56.a0 [ 687.979773][ T5129] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 687.988691][ T5129] usb 3-1: Product: syz [ 687.993174][ T5129] usb 3-1: Manufacturer: syz [ 688.008533][ T5129] usb 3-1: SerialNumber: syz [ 688.077314][ T5129] usb 3-1: config 0 descriptor?? [ 688.425246][ T5129] kaweth 3-1:0.0: Firmware present in device. [ 688.664618][ T5129] kaweth 3-1:0.0: Statistics collection: 0 [ 688.673738][ T5129] kaweth 3-1:0.0: Multicast filter limit: 0 [ 688.680032][ T5129] kaweth 3-1:0.0: MTU: 0 [ 688.684432][ T5129] kaweth 3-1:0.0: Read MAC address 00:00:00:00:00:00 [ 688.978738][ T9695] loop0: detected capacity change from 0 to 1024 [ 689.030153][ T9695] EXT4-fs: Ignoring removed nobh option [ 689.039020][ T9695] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 689.158583][ T9695] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 689.356075][ T5129] kaweth 3-1:0.0: kaweth interface created at eth1 [ 689.616097][ T5135] usb 3-1: USB disconnect, device number 17 [ 689.793463][ T9706] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 689.907702][ T9086] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 690.205177][ T9708] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 692.257062][ T9731] loop3: detected capacity change from 0 to 1024 [ 692.340810][ T9731] EXT4-fs: Ignoring removed nobh option [ 692.369599][ T9731] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 692.477205][ T9731] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 693.244008][ T8907] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 693.909852][ T9759] loop3: detected capacity change from 0 to 256 [ 694.004626][ T9759] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 694.569093][ T9764] loop0: detected capacity change from 0 to 1024 [ 695.295122][ T9774] loop2: detected capacity change from 0 to 1024 [ 695.336825][ T9774] EXT4-fs: Ignoring removed nobh option [ 695.356611][ T9774] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 695.382168][ T5135] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 695.450592][ T9774] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 695.786988][ T5135] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 695.801952][ T5135] usb 2-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=43.ff [ 695.811948][ T5135] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 695.890807][ T5135] usb 2-1: config 0 descriptor?? [ 696.031670][ T9249] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 696.185721][ T5131] usb 2-1: USB disconnect, device number 11 [ 696.434050][ T9790] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 697.548929][ T9802] loop4: detected capacity change from 0 to 1024 [ 698.292845][ T9811] loop2: detected capacity change from 0 to 1024 [ 698.312840][ T9816] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 698.347010][ T9811] EXT4-fs: Ignoring removed nobh option [ 698.369103][ T9811] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 698.550102][ T9811] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 699.083613][ T5129] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 699.350794][ T9249] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 699.489250][ T5129] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 699.500045][ T5129] usb 5-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=43.ff [ 699.509597][ T5129] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 699.603392][ T5129] usb 5-1: config 0 descriptor?? [ 699.928819][ T5131] usb 5-1: USB disconnect, device number 13 [ 700.473970][ T9848] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 700.632834][ T9845] loop0: detected capacity change from 0 to 1024 [ 702.989348][ T9002] Bluetooth: hci5: Frame reassembly failed (-84) [ 703.287306][ T29] audit: type=1326 audit(1718240493.141:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9879 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ea579 code=0x0 [ 703.611358][ T9884] loop0: detected capacity change from 0 to 1024 [ 705.016443][ T51] Bluetooth: hci5: command 0x1003 tx timeout [ 705.023189][ T5078] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 705.233298][ T5131] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 705.241558][ T5131] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 705.249412][ T5131] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 705.257145][ T5131] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 705.265144][ T5131] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 705.272966][ T5131] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 705.280801][ T5131] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 705.288669][ T5131] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 705.296395][ T5131] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 705.310336][ T5131] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 705.319798][ T5131] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 705.327529][ T5131] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 705.335516][ T5131] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 705.343340][ T5131] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 705.351160][ T5131] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 705.358993][ T5131] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 705.366689][ T5131] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 705.374474][ T5131] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 705.382311][ T5131] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 705.390643][ T5131] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 705.398521][ T5131] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 705.412032][ T5131] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 705.421893][ T5131] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 705.429767][ T5131] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 705.437476][ T5131] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 705.445326][ T5131] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 705.453237][ T5131] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 705.461094][ T5131] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 705.469113][ T5131] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 705.476824][ T5131] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 705.484636][ T5131] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 705.494503][ T5131] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 705.548021][ T9904] syzkaller0: entered promiscuous mode [ 705.556152][ T9904] syzkaller0: entered allmulticast mode [ 705.597657][ T5131] hid-generic 0000:0000:0000.0016: hidraw0: HID v0.00 Device [syz0] on syz0 [ 705.821888][ T43] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 706.219495][ T43] usb 4-1: config 0 has no interfaces? [ 706.230376][ T43] usb 4-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 706.241232][ T43] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 706.278895][ T43] usb 4-1: config 0 descriptor?? [ 706.656798][ T43] usb 4-1: USB disconnect, device number 15 [ 706.881660][ T9923] loop1: detected capacity change from 0 to 256 [ 707.232840][ T9923] FAT-fs (loop1): Directory bread(block 64) failed [ 707.240749][ T9923] FAT-fs (loop1): Directory bread(block 65) failed [ 707.247935][ T9923] FAT-fs (loop1): Directory bread(block 66) failed [ 707.263051][ T9923] FAT-fs (loop1): Directory bread(block 67) failed [ 707.272402][ T9923] FAT-fs (loop1): Directory bread(block 68) failed [ 707.279385][ T9923] FAT-fs (loop1): Directory bread(block 69) failed [ 707.286450][ T9923] FAT-fs (loop1): Directory bread(block 70) failed [ 707.293445][ T9923] FAT-fs (loop1): Directory bread(block 71) failed [ 707.300780][ T9923] FAT-fs (loop1): Directory bread(block 72) failed [ 707.307578][ T9923] FAT-fs (loop1): Directory bread(block 73) failed [ 708.562714][ T2954] Bluetooth: hci5: Frame reassembly failed (-84) [ 708.673377][ T29] audit: type=1326 audit(1718240498.631:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9935 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x0 [ 708.969983][ T9941] syzkaller0: entered promiscuous mode [ 708.975744][ T9941] syzkaller0: entered allmulticast mode [ 710.240084][ T5134] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 710.247944][ T5134] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 710.256001][ T5134] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 710.264155][ T5134] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 710.271997][ T5134] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 710.279846][ T5134] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 710.287647][ T5134] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 710.295837][ T5134] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 710.303733][ T5134] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 710.311620][ T5134] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 710.319529][ T5134] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 710.333453][ T5134] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 710.342890][ T5134] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 710.350772][ T5134] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 710.358626][ T5134] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 710.366350][ T5134] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 710.374226][ T5134] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 710.382307][ T5134] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 710.390132][ T5134] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 710.397860][ T5134] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 710.405667][ T5134] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 710.413584][ T5134] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 710.421406][ T5134] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 710.435251][ T5134] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 710.444696][ T5134] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 710.452536][ T5134] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 710.460334][ T5134] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 710.468033][ T5134] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 710.475920][ T5134] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 710.484091][ T5134] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 710.491965][ T5134] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 710.499830][ T5134] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 710.649408][ T51] Bluetooth: hci5: command 0x1003 tx timeout [ 710.657033][ T5078] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 710.719178][ T9957] loop1: detected capacity change from 0 to 256 [ 710.829253][ T5135] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 710.987146][ T5134] hid-generic 0000:0000:0000.0017: hidraw0: HID v0.00 Device [syz0] on syz0 [ 711.062236][ T9957] FAT-fs (loop1): Directory bread(block 64) failed [ 711.069473][ T9957] FAT-fs (loop1): Directory bread(block 65) failed [ 711.076788][ T9957] FAT-fs (loop1): Directory bread(block 66) failed [ 711.083803][ T9957] FAT-fs (loop1): Directory bread(block 67) failed [ 711.091066][ T9957] FAT-fs (loop1): Directory bread(block 68) failed [ 711.097880][ T9957] FAT-fs (loop1): Directory bread(block 69) failed [ 711.105009][ T9957] FAT-fs (loop1): Directory bread(block 70) failed [ 711.112133][ T9957] FAT-fs (loop1): Directory bread(block 71) failed [ 711.119500][ T9957] FAT-fs (loop1): Directory bread(block 72) failed [ 711.126332][ T9957] FAT-fs (loop1): Directory bread(block 73) failed [ 711.339855][ T5135] usb 4-1: config 0 has no interfaces? [ 711.352634][ T5135] usb 4-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 711.364230][ T5135] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 711.411215][ T5135] usb 4-1: config 0 descriptor?? [ 711.775527][ T5134] usb 4-1: USB disconnect, device number 16 [ 712.440358][ T9974] syzkaller0: entered promiscuous mode [ 712.446131][ T9974] syzkaller0: entered allmulticast mode [ 712.691501][ T9956] Bluetooth: hci4: command 0x0406 tx timeout [ 713.578524][ T3561] Bluetooth: hci5: Frame reassembly failed (-84) [ 713.649419][ T29] audit: type=1326 audit(1718240503.641:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9985 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf748c579 code=0x0 [ 714.653075][ T9997] loop2: detected capacity change from 0 to 256 [ 714.766472][ T9998] loop0: detected capacity change from 0 to 512 [ 714.879374][ T9998] EXT4-fs (loop0): orphan cleanup on readonly fs [ 714.888786][ T9998] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.0: corrupted in-inode xattr: bad e_name length [ 714.934479][ T9998] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 15 (err -117) [ 715.023106][ T9998] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 715.094298][ T9997] FAT-fs (loop2): Directory bread(block 64) failed [ 715.103780][ T9997] FAT-fs (loop2): Directory bread(block 65) failed [ 715.112436][ T9997] FAT-fs (loop2): Directory bread(block 66) failed [ 715.119551][ T9997] FAT-fs (loop2): Directory bread(block 67) failed [ 715.126573][ T9997] FAT-fs (loop2): Directory bread(block 68) failed [ 715.140060][ T9997] FAT-fs (loop2): Directory bread(block 69) failed [ 715.147137][ T9997] FAT-fs (loop2): Directory bread(block 70) failed [ 715.155580][ T9997] FAT-fs (loop2): Directory bread(block 71) failed [ 715.163078][ T9997] FAT-fs (loop2): Directory bread(block 72) failed [ 715.170028][ T9997] FAT-fs (loop2): Directory bread(block 73) failed [ 715.503836][ T9086] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 715.664053][ T9956] Bluetooth: hci5: command 0x1003 tx timeout [ 715.670617][ T51] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 715.773797][ T1218] ieee802154 phy0 wpan0: encryption failed: -22 [ 715.781805][ T1218] ieee802154 phy1 wpan1: encryption failed: -22 [ 716.411458][ T5131] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 716.419368][ T5131] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 716.427076][ T5131] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 716.436304][ T5131] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 716.444121][ T5131] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 716.454391][ T5131] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 716.462829][ T5131] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 716.476479][ T5131] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 716.485948][ T5131] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 716.493967][ T5131] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 716.501804][ T5131] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 716.509638][ T5131] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 716.517341][ T5131] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 716.525180][ T5131] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 716.533059][ T5131] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 716.540866][ T5131] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 716.548787][ T5131] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 716.556470][ T5131] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 716.564291][ T5131] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 716.577989][ T5131] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 716.587621][ T5131] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 716.595467][ T5131] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 716.603342][ T5131] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 716.611140][ T5131] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 716.618973][ T5131] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 716.626780][ T5131] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 716.634573][ T5131] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 716.642795][ T5131] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 716.650631][ T5131] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 716.658447][ T5131] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 716.666179][ T5131] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 716.680284][ T5131] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 716.741086][T10011] syzkaller0: entered promiscuous mode [ 716.746955][T10011] syzkaller0: entered allmulticast mode [ 716.787397][ T5131] hid-generic 0000:0000:0000.0018: hidraw0: HID v0.00 Device [syz0] on syz0 [ 716.881669][ T43] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 717.300835][ T43] usb 3-1: config 0 has no interfaces? [ 717.306827][ T43] usb 3-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 717.316605][ T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 717.371156][ T43] usb 3-1: config 0 descriptor?? [ 717.800139][ T43] usb 3-1: USB disconnect, device number 18 [ 717.844434][T10024] loop1: detected capacity change from 0 to 512 [ 717.969921][T10024] EXT4-fs (loop1): orphan cleanup on readonly fs [ 718.009091][T10024] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.1: corrupted in-inode xattr: bad e_name length [ 718.089216][T10024] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz-executor.1: couldn't read orphan inode 15 (err -117) [ 718.159314][T10024] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 718.457553][ T8968] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 719.085128][ T3308] Bluetooth: hci5: Frame reassembly failed (-84) [ 719.109611][ T29] audit: type=1326 audit(1718240509.101:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10033 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73c8579 code=0x0 [ 719.713254][T10047] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 719.722138][T10047] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.3'. [ 720.195527][T10048] loop2: detected capacity change from 0 to 4096 [ 720.236791][T10048] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 720.631105][T10048] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 721.088921][ T9956] Bluetooth: hci5: command 0x1003 tx timeout [ 721.095667][ T51] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 721.535035][T10060] syzkaller0: entered promiscuous mode [ 721.541802][T10060] syzkaller0: entered allmulticast mode [ 722.041901][T10069] loop3: detected capacity change from 0 to 512 [ 722.142270][T10069] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 722.246189][T10069] EXT4-fs (loop3): warning: maximal mount count reached, running e2fsck is recommended [ 722.387192][T10069] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz-executor.3: inode #15: comm syz-executor.3: iget: illegal inode # [ 722.460279][T10069] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz-executor.3: couldn't read orphan inode 15 (err -117) [ 722.529280][T10069] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 722.675238][T10078] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 722.683996][T10078] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.1'. [ 722.939089][ T51] Bluetooth: hci1: command 0x0406 tx timeout [ 723.509340][ T8907] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 723.685158][ T3561] Bluetooth: hci5: Frame reassembly failed (-84) [ 723.727877][ T29] audit: type=1326 audit(1718240513.701:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10091 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73c8579 code=0x0 [ 723.892249][T10089] loop1: detected capacity change from 0 to 4096 [ 723.964886][T10089] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 724.273143][T10089] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 725.239954][T10108] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 725.248742][T10108] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.3'. [ 725.729677][ T51] Bluetooth: hci5: command 0x1003 tx timeout [ 725.736131][ T5078] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 727.068544][T10127] loop3: detected capacity change from 0 to 4096 [ 727.093625][T10127] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 727.461311][T10127] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 727.772218][T10139] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 727.781221][T10139] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.1'. [ 728.485476][T10151] loop1: detected capacity change from 0 to 256 [ 728.509856][T10147] netlink: 88 bytes leftover after parsing attributes in process `syz-executor.4'. [ 728.520296][T10147] netem: invalid attributes len -24 [ 728.525750][T10147] netem: change failed [ 728.702693][T10152] loop0: detected capacity change from 0 to 512 [ 728.843219][T10152] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 728.933487][T10152] EXT4-fs (loop0): warning: maximal mount count reached, running e2fsck is recommended [ 729.026097][T10152] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz-executor.0: inode #15: comm syz-executor.0: iget: illegal inode # [ 729.056797][T10152] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 15 (err -117) [ 729.158936][T10152] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 730.231044][ T9086] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 730.282988][T10170] loop3: detected capacity change from 0 to 4096 [ 730.335810][T10170] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 730.754874][T10170] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 731.182562][T10189] netlink: 88 bytes leftover after parsing attributes in process `syz-executor.4'. [ 731.193469][T10189] netem: invalid attributes len -24 [ 731.199559][T10189] netem: change failed [ 731.852504][T10196] loop1: detected capacity change from 0 to 256 [ 733.860406][T10223] netlink: 88 bytes leftover after parsing attributes in process `syz-executor.3'. [ 733.870601][T10223] netem: invalid attributes len -24 [ 733.882407][T10223] netem: change failed [ 734.736502][T10237] loop3: detected capacity change from 0 to 256 [ 736.698762][T10262] netlink: 88 bytes leftover after parsing attributes in process `syz-executor.1'. [ 736.708984][T10262] netem: invalid attributes len -24 [ 736.714427][T10262] netem: change failed [ 737.554762][T10276] loop1: detected capacity change from 0 to 256 [ 738.523534][T10293] loop1: detected capacity change from 0 to 128 [ 738.620005][T10293] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 738.762521][T10293] ext4 filesystem being mounted at /root/syzkaller-testdir868262181/syzkaller.v82747/116/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 739.279050][ T8968] EXT4-fs error (device loop1): ext4_readdir:220: inode #11: comm syz-executor.1: path (unknown): directory fails checksum at offset 1024 [ 739.398960][ T8968] EXT4-fs error (device loop1): ext4_readdir:220: inode #11: comm syz-executor.1: path (unknown): directory fails checksum at offset 8192 [ 739.521908][ T8968] EXT4-fs error (device loop1): ext4_empty_dir:3116: inode #11: block 1: comm syz-executor.1: Directory block failed checksum [ 739.557635][T10305] loop3: detected capacity change from 0 to 1024 [ 739.590566][ T8968] EXT4-fs error (device loop1): ext4_readdir:220: inode #11: comm syz-executor.1: path (unknown): directory fails checksum at offset 1024 [ 739.673644][ T8968] EXT4-fs error (device loop1): ext4_readdir:220: inode #11: comm syz-executor.1: path (unknown): directory fails checksum at offset 8192 [ 739.703825][ T8968] EXT4-fs error (device loop1): ext4_empty_dir:3116: inode #11: block 1: comm syz-executor.1: Directory block failed checksum [ 739.736031][ T8968] EXT4-fs error (device loop1): ext4_readdir:220: inode #11: comm syz-executor.1: path (unknown): directory fails checksum at offset 1024 [ 739.835389][ T8968] EXT4-fs error (device loop1): ext4_readdir:220: inode #11: comm syz-executor.1: path (unknown): directory fails checksum at offset 8192 [ 739.860033][T10312] loop0: detected capacity change from 0 to 256 [ 739.943040][ T3308] hfsplus: b-tree write err: -5, ino 8 [ 740.005326][ T8968] EXT4-fs error (device loop1): ext4_empty_dir:3116: inode #11: block 1: comm syz-executor.1: Directory block failed checksum [ 740.083938][ T8968] EXT4-fs error (device loop1): ext4_readdir:220: inode #11: comm syz-executor.1: path (unknown): directory fails checksum at offset 1024 [ 740.994876][T10324] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.2'. [ 741.005002][T10324] netlink: 180 bytes leftover after parsing attributes in process `syz-executor.2'. [ 741.397986][T10330] loop0: detected capacity change from 0 to 256 [ 741.431179][T10331] loop4: detected capacity change from 0 to 128 [ 741.520043][T10330] FAT-fs (loop0): bogus number of FAT sectors [ 741.526685][T10330] FAT-fs (loop0): Can't find a valid FAT filesystem [ 741.548727][T10331] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 741.617373][T10331] ext4 filesystem being mounted at /root/syzkaller-testdir2251791057/syzkaller.wURbYH/67/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 742.210347][ T9186] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor.4: path (unknown): directory fails checksum at offset 1024 [ 742.292436][ T9186] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor.4: path (unknown): directory fails checksum at offset 8192 [ 742.408725][ T9186] EXT4-fs error (device loop4): ext4_empty_dir:3116: inode #11: block 1: comm syz-executor.4: Directory block failed checksum [ 742.443888][ T9186] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor.4: path (unknown): directory fails checksum at offset 1024 [ 742.499286][ T9186] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor.4: path (unknown): directory fails checksum at offset 8192 [ 742.534559][ T9186] EXT4-fs error (device loop4): ext4_empty_dir:3116: inode #11: block 1: comm syz-executor.4: Directory block failed checksum [ 742.606353][ T9186] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor.4: path (unknown): directory fails checksum at offset 1024 [ 742.656149][ T9186] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor.4: path (unknown): directory fails checksum at offset 8192 [ 742.704717][ T9186] EXT4-fs error (device loop4): ext4_empty_dir:3116: inode #11: block 1: comm syz-executor.4: Directory block failed checksum [ 742.768708][ T5134] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 742.798074][ T9186] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor.4: path (unknown): directory fails checksum at offset 1024 [ 743.031540][ T5134] usb 4-1: Using ep0 maxpacket: 32 [ 743.186096][T10349] loop0: detected capacity change from 0 to 2048 [ 743.209819][ T5134] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 743.216589][T10349] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found! [ 743.220490][ T5134] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 743.241998][ T5134] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 743.252280][ T5134] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 743.265582][ T5134] usb 4-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00 [ 743.275426][ T5134] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 743.278118][T10349] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 743.300171][ T5134] usb 4-1: config 0 descriptor?? [ 743.408794][ T51] Bluetooth: hci3: command 0x0406 tx timeout [ 743.474950][T10349] UDF-fs: warning (device loop0): udf_rmdir: empty directory has nlink != 2 (0) [ 743.835994][ T5134] ntrig 0003:1B96:000A.0019: item fetching failed at offset 4/5 [ 743.855582][ T5134] ntrig 0003:1B96:000A.0019: parse failed [ 743.862192][ T5134] ntrig 0003:1B96:000A.0019: probe with driver ntrig failed with error -22 [ 744.076009][ T5134] usb 4-1: USB disconnect, device number 17 [ 744.302108][ T8968] EXT4-fs error: 290 callbacks suppressed [ 744.302271][ T8968] EXT4-fs error (device loop1): ext4_readdir:220: inode #11: comm syz-executor.1: path (unknown): directory fails checksum at offset 1024 [ 744.352175][ T8968] EXT4-fs error (device loop1): ext4_readdir:220: inode #11: comm syz-executor.1: path (unknown): directory fails checksum at offset 8192 [ 744.397597][ T8968] EXT4-fs error (device loop1): ext4_empty_dir:3116: inode #11: block 1: comm syz-executor.1: Directory block failed checksum [ 744.881780][T10358] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.0'. [ 744.916928][ T8968] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 744.957953][ T9002] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 745.123928][ T9002] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 745.192319][T10358] netlink: 180 bytes leftover after parsing attributes in process `syz-executor.0'. [ 745.306002][ T9002] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 745.524309][ T9002] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 745.720766][T10367] veth1_macvtap: left promiscuous mode [ 746.064297][ T9002] bridge_slave_1: left allmulticast mode [ 746.071905][ T9002] bridge_slave_1: left promiscuous mode [ 746.079239][ T9002] bridge0: port 2(bridge_slave_1) entered disabled state [ 746.210891][ T9002] bridge_slave_0: left allmulticast mode [ 746.216936][ T9002] bridge_slave_0: left promiscuous mode [ 746.223872][ T9002] bridge0: port 1(bridge_slave_0) entered disabled state [ 747.140951][ T9002] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 747.221849][ T9186] EXT4-fs error: 264 callbacks suppressed [ 747.222021][ T9186] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor.4: path (unknown): directory fails checksum at offset 8192 [ 747.269010][ T9002] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 747.280413][ T9186] EXT4-fs error (device loop4): ext4_empty_dir:3116: inode #11: block 1: comm syz-executor.4: Directory block failed checksum [ 747.345484][ T9002] bond0 (unregistering): Released all slaves [ 747.358725][ T9186] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor.4: path (unknown): directory fails checksum at offset 1024 [ 747.410176][ T9186] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor.4: path (unknown): directory fails checksum at offset 8192 [ 747.467345][ T9186] EXT4-fs error (device loop4): ext4_empty_dir:3116: inode #11: block 1: comm syz-executor.4: Directory block failed checksum [ 747.538200][T10380] netlink: 'syz-executor.2': attribute type 30 has an invalid length. [ 747.547497][T10380] (unnamed net_device) (uninitialized): option arp_missed_max: mode dependency failed, not supported in mode balance-alb(6) [ 747.572677][ T9186] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor.4: path (unknown): directory fails checksum at offset 1024 [ 747.681313][ T9186] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor.4: path (unknown): directory fails checksum at offset 8192 [ 747.781447][ T9186] EXT4-fs error (device loop4): ext4_empty_dir:3116: inode #11: block 1: comm syz-executor.4: Directory block failed checksum [ 747.998619][ T9186] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor.4: path (unknown): directory fails checksum at offset 1024 [ 748.098712][ T9186] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor.4: path (unknown): directory fails checksum at offset 8192 [ 748.609469][ T9002] hsr_slave_0: left promiscuous mode [ 748.684560][ T9002] hsr_slave_1: left promiscuous mode [ 748.719425][ T9002] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 748.735856][ T9002] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 748.815095][ T9002] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 748.827076][ T9002] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 749.011867][ T9002] veth1_macvtap: left promiscuous mode [ 749.017806][ T9002] veth0_macvtap: left promiscuous mode [ 749.023916][ T9002] veth1_vlan: left promiscuous mode [ 749.033433][ T9002] veth0_vlan: left promiscuous mode [ 749.468595][ T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 749.482436][ T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 749.510885][ T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 749.665623][ T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 749.678799][ T51] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 749.689215][ T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 749.810011][T10400] loop3: detected capacity change from 0 to 512 [ 749.824570][T10400] EXT4-fs: Ignoring removed nomblk_io_submit option [ 749.861231][T10400] EXT4-fs: old and new quota format mixing [ 750.332620][ T9002] team0 (unregistering): Port device team_slave_1 removed [ 750.341644][T10400] loop3: detected capacity change from 0 to 1764 [ 750.436404][ T9002] team0 (unregistering): Port device team_slave_0 removed [ 751.218248][T10406] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 751.225844][T10406] IPv6: NLM_F_CREATE should be set when creating new route [ 751.233425][T10406] IPv6: NLM_F_CREATE should be set when creating new route [ 751.253589][ T9186] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 751.803603][ T29] audit: type=1326 audit(1718240541.671:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10407 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743b579 code=0x7ffc0000 [ 751.828901][ T29] audit: type=1326 audit(1718240541.671:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10407 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743b579 code=0x7ffc0000 [ 751.844994][ T51] Bluetooth: hci0: command tx timeout [ 751.852420][ T29] audit: type=1326 audit(1718240541.741:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10407 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=152 compat=1 ip=0xf743b579 code=0x7ffc0000 [ 752.449735][T10396] chnl_net:caif_netlink_parms(): no params data found [ 753.903763][ T51] Bluetooth: hci0: command tx timeout [ 754.286914][T10396] bridge0: port 1(bridge_slave_0) entered blocking state [ 754.294947][T10396] bridge0: port 1(bridge_slave_0) entered disabled state [ 754.303319][T10396] bridge_slave_0: entered allmulticast mode [ 754.313182][T10396] bridge_slave_0: entered promiscuous mode [ 754.479571][T10396] bridge0: port 2(bridge_slave_1) entered blocking state [ 754.487542][T10396] bridge0: port 2(bridge_slave_1) entered disabled state [ 754.498494][T10396] bridge_slave_1: entered allmulticast mode [ 754.508199][T10396] bridge_slave_1: entered promiscuous mode [ 754.601609][T10436] loop0: detected capacity change from 0 to 512 [ 754.650405][T10436] EXT4-fs: Ignoring removed nomblk_io_submit option [ 754.743812][T10436] EXT4-fs: old and new quota format mixing [ 754.901891][T10396] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 754.917256][T10441] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 755.015727][T10396] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 755.491328][T10396] team0: Port device team_slave_0 added [ 755.502318][T10436] loop0: detected capacity change from 0 to 1764 [ 755.580648][T10396] team0: Port device team_slave_1 added [ 755.974116][ T51] Bluetooth: hci0: command tx timeout [ 755.980385][T10396] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 755.987588][T10396] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 756.023597][T10396] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 756.144545][T10396] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 756.152033][T10396] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 756.178802][T10396] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 756.291013][ T5078] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 756.314997][ T5078] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 756.364049][ T5078] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 756.391555][ T5078] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 756.469685][ T5078] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 756.479644][ T5078] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 756.603815][ T9002] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 756.616933][ T29] audit: type=1326 audit(1718240546.551:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10444 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743b579 code=0x7ffc0000 [ 756.617229][ T29] audit: type=1326 audit(1718240546.581:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10444 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743b579 code=0x7ffc0000 [ 756.772041][T10396] hsr_slave_0: entered promiscuous mode [ 756.803921][T10396] hsr_slave_1: entered promiscuous mode [ 756.853921][T10396] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 756.862204][T10396] Cannot create hsr debugfs directory [ 757.008930][ T9002] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 757.204448][ T9002] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 757.604568][ T9002] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 758.051247][ T51] Bluetooth: hci0: command tx timeout [ 758.224314][ T9002] bridge_slave_1: left allmulticast mode [ 758.230483][ T9002] bridge_slave_1: left promiscuous mode [ 758.237238][ T9002] bridge0: port 2(bridge_slave_1) entered disabled state [ 758.316253][ T9002] bridge_slave_0: left allmulticast mode [ 758.323441][ T9002] bridge_slave_0: left promiscuous mode [ 758.330278][ T9002] bridge0: port 1(bridge_slave_0) entered disabled state [ 758.561876][ T51] Bluetooth: hci1: command tx timeout [ 759.117000][ T9002] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 759.183659][ T9002] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 759.208172][ T9002] bond0 (unregistering): Released all slaves [ 759.419269][T10472] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 759.426927][T10472] IPv6: NLM_F_CREATE should be set when creating new route [ 759.434584][T10472] IPv6: NLM_F_CREATE should be set when creating new route [ 759.666462][T10478] loop0: detected capacity change from 0 to 512 [ 759.746222][T10478] EXT4-fs: Ignoring removed nomblk_io_submit option [ 759.773447][T10478] EXT4-fs: old and new quota format mixing [ 759.924490][ T29] audit: type=1326 audit(1718240549.921:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10480 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ea579 code=0x7ffc0000 [ 759.999939][ T29] audit: type=1326 audit(1718240549.951:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10480 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf73ea579 code=0x7ffc0000 [ 760.023334][ T29] audit: type=1326 audit(1718240549.951:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10480 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf73ea579 code=0x7ffc0000 [ 760.046641][ T29] audit: type=1326 audit(1718240549.961:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10480 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf73ea579 code=0x7ffc0000 [ 760.099586][T10481] loop2: detected capacity change from 0 to 1024 [ 760.106812][ T29] audit: type=1326 audit(1718240550.071:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10480 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=91 compat=1 ip=0xf73ea579 code=0x7ffc0000 [ 760.132393][ T29] audit: type=1326 audit(1718240550.091:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10480 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf73ea579 code=0x7ffc0000 [ 760.155821][ T29] audit: type=1326 audit(1718240550.091:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10480 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf73ea579 code=0x7ffc0000 [ 760.179063][ T29] audit: type=1326 audit(1718240550.161:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10480 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf73ea579 code=0x7ffc0000 [ 760.204826][ T29] audit: type=1326 audit(1718240550.161:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10480 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf73ea579 code=0x7ffc0000 [ 760.228819][ T29] audit: type=1326 audit(1718240550.161:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10480 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf73ea579 code=0x7ffc0000 [ 760.377969][T10478] loop0: detected capacity change from 0 to 1764 [ 760.447764][ T9002] hsr_slave_0: left promiscuous mode [ 760.504706][ T9002] hsr_slave_1: left promiscuous mode [ 760.520176][ T9002] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 760.528034][ T9002] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 760.571610][ T9002] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 760.579764][ T9002] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 760.608976][ T51] Bluetooth: hci1: command tx timeout [ 760.631534][ T9002] veth1_macvtap: left promiscuous mode [ 760.637357][ T9002] veth0_macvtap: left promiscuous mode [ 760.643595][ T9002] veth1_vlan: left promiscuous mode [ 760.649734][ T9002] veth0_vlan: left promiscuous mode [ 761.513948][ T9002] team0 (unregistering): Port device team_slave_1 removed [ 761.571097][ T9002] team0 (unregistering): Port device team_slave_0 removed [ 762.076784][T10494] usb usb9: usbfs: process 10494 (syz-executor.0) did not claim interface 0 before use [ 762.495580][T10446] chnl_net:caif_netlink_parms(): no params data found [ 762.708851][ T51] Bluetooth: hci1: command tx timeout [ 763.129538][T10507] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 763.216573][T10396] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 763.343127][T10396] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 763.460190][T10396] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 763.528194][T10396] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 764.052042][T10446] bridge0: port 1(bridge_slave_0) entered blocking state [ 764.060181][T10446] bridge0: port 1(bridge_slave_0) entered disabled state [ 764.068144][T10446] bridge_slave_0: entered allmulticast mode [ 764.077776][T10446] bridge_slave_0: entered promiscuous mode [ 764.109324][T10518] loop3: detected capacity change from 0 to 1024 [ 764.165247][T10446] bridge0: port 2(bridge_slave_1) entered blocking state [ 764.175841][T10446] bridge0: port 2(bridge_slave_1) entered disabled state [ 764.191272][T10446] bridge_slave_1: entered allmulticast mode [ 764.201028][T10446] bridge_slave_1: entered promiscuous mode [ 764.611492][T10446] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 764.723526][T10446] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 764.769921][ T51] Bluetooth: hci1: command tx timeout [ 765.022625][T10446] team0: Port device team_slave_0 added [ 765.060424][T10446] team0: Port device team_slave_1 added [ 765.089376][T10524] usb usb9: usbfs: process 10524 (syz-executor.2) did not claim interface 0 before use [ 765.397100][T10446] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 765.404559][T10446] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 765.435669][T10446] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 765.680374][T10446] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 765.687591][T10446] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 765.714221][T10446] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 765.848110][T10396] 8021q: adding VLAN 0 to HW filter on device bond0 [ 766.297100][T10396] 8021q: adding VLAN 0 to HW filter on device team0 [ 766.325838][T10446] hsr_slave_0: entered promiscuous mode [ 766.389475][T10446] hsr_slave_1: entered promiscuous mode [ 766.629045][ T5135] bridge0: port 1(bridge_slave_0) entered blocking state [ 766.636888][ T5135] bridge0: port 1(bridge_slave_0) entered forwarding state [ 766.875046][ T781] bridge0: port 2(bridge_slave_1) entered blocking state [ 766.882974][ T781] bridge0: port 2(bridge_slave_1) entered forwarding state [ 767.103073][ T29] kauditd_printk_skb: 27 callbacks suppressed [ 767.103157][ T29] audit: type=1800 audit(1718240557.101:385): pid=10546 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1935 res=0 errno=0 [ 767.249849][ T29] audit: type=1800 audit(1718240557.161:386): pid=10543 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1935 res=0 errno=0 [ 767.698251][T10548] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 767.706655][T10548] IPv6: NLM_F_CREATE should be set when creating new route [ 767.714463][T10548] IPv6: NLM_F_CREATE should be set when creating new route [ 768.912171][T10446] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 768.925870][T10564] loop2: detected capacity change from 0 to 164 [ 769.009872][ T5078] Bluetooth: hci2: command 0x0405 tx timeout [ 769.019217][T10446] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 769.110537][T10446] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 769.136798][T10564] Unsupported NM flag settings (8) [ 769.173304][T10446] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 769.438870][T10396] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 769.993499][T10396] veth0_vlan: entered promiscuous mode [ 770.167674][T10396] veth1_vlan: entered promiscuous mode [ 770.519241][T10577] usb usb9: usbfs: process 10577 (syz-executor.3) did not claim interface 0 before use [ 770.681547][T10396] veth0_macvtap: entered promiscuous mode [ 770.771620][T10446] 8021q: adding VLAN 0 to HW filter on device bond0 [ 770.872746][T10396] veth1_macvtap: entered promiscuous mode [ 770.981163][T10446] 8021q: adding VLAN 0 to HW filter on device team0 [ 771.104376][ T5135] bridge0: port 1(bridge_slave_0) entered blocking state [ 771.112370][ T5135] bridge0: port 1(bridge_slave_0) entered forwarding state [ 771.229232][ T5135] bridge0: port 2(bridge_slave_1) entered blocking state [ 771.237029][ T5135] bridge0: port 2(bridge_slave_1) entered forwarding state [ 771.285617][T10396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 771.296496][T10396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 771.306748][T10396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 771.317740][T10396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 771.327905][T10396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 771.340134][T10396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 771.350354][T10396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 771.366098][T10396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 771.383406][T10396] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 771.643323][T10396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 771.654482][T10396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 771.668198][T10396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 771.681348][T10396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 771.691530][T10396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 771.702436][T10396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 771.712578][T10396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 771.723342][T10396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 771.740823][T10396] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 772.147423][T10396] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 772.157065][T10396] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 772.166453][T10396] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 772.183059][T10396] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 772.436053][T10596] loop0: detected capacity change from 0 to 256 [ 773.175676][ T9086] FAT-fs (loop0): error, corrupted directory (invalid entries) [ 773.184008][ T9086] FAT-fs (loop0): Filesystem has been set read-only [ 773.223256][ T29] audit: type=1800 audit(1718240563.121:387): pid=10602 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1954 res=0 errno=0 [ 773.264564][ T9086] FAT-fs (loop0): error, corrupted directory (invalid entries) [ 773.909650][T10446] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 774.092672][ T59] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 774.225846][ T59] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 774.414936][ T59] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 774.615669][ T59] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 775.000738][ T59] bridge_slave_1: left allmulticast mode [ 775.006671][ T59] bridge_slave_1: left promiscuous mode [ 775.016121][ T59] bridge0: port 2(bridge_slave_1) entered disabled state [ 775.093792][ T59] bridge_slave_0: left allmulticast mode [ 775.099930][ T59] bridge_slave_0: left promiscuous mode [ 775.106805][ T59] bridge0: port 1(bridge_slave_0) entered disabled state [ 775.850858][ T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 775.929467][ T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 775.977534][ T59] bond0 (unregistering): Released all slaves [ 776.681829][ T55] ===================================================== [ 776.689169][ T55] BUG: KMSAN: uninit-value in virtqueue_add+0x1e86/0x65c0 [ 776.696519][ T55] virtqueue_add+0x1e86/0x65c0 [ 776.701487][ T55] virtqueue_add_sgs+0x186/0x1b0 [ 776.706632][ T55] virtscsi_add_cmd+0x838/0xad0 [ 776.711672][ T55] virtscsi_queuecommand+0x898/0xa60 [ 776.717195][ T55] scsi_queue_rq+0x4cc7/0x5a80 [ 776.722168][ T55] blk_mq_dispatch_rq_list+0x79b/0x3440 [ 776.727959][ T55] __blk_mq_sched_dispatch_requests+0x11b7/0x26e0 [ 776.734629][ T55] blk_mq_sched_dispatch_requests+0x12f/0x270 [ 776.740938][ T55] blk_mq_run_work_fn+0xd0/0x280 [ 776.746105][ T55] process_scheduled_works+0xa81/0x1bd0 [ 776.751859][ T55] worker_thread+0xea5/0x1560 [ 776.756725][ T55] kthread+0x3e2/0x540 [ 776.760987][ T55] ret_from_fork+0x6d/0x90 [ 776.765688][ T55] ret_from_fork_asm+0x1a/0x30 [ 776.770778][ T55] [ 776.773199][ T55] Uninit was stored to memory at: [ 776.778583][ T55] copy_page_from_iter_atomic+0x12b7/0x2ae0 [ 776.784726][ T55] generic_perform_write+0x4c1/0xc60 [ 776.790241][ T55] ext4_buffered_write_iter+0x564/0xaa0 [ 776.795969][ T55] ext4_file_write_iter+0x208/0x3450 [ 776.801430][ T55] __kernel_write_iter+0x64d/0xc80 [ 776.806763][ T55] dump_user_range+0x8dc/0xee0 [ 776.811726][ T55] elf_core_dump+0x59f5/0x5d50 [ 776.816702][ T55] do_coredump+0x32d5/0x4920 [ 776.821479][ T55] get_signal+0x267e/0x2d00 [ 776.826164][ T55] arch_do_signal_or_restart+0x53/0xcb0 [ 776.831953][ T55] irqentry_exit_to_user_mode+0xa6/0x160 [ 776.837873][ T55] irqentry_exit+0x16/0x60 [ 776.842474][ T55] exc_page_fault+0x515/0x6f0 [ 776.847342][ T55] asm_exc_page_fault+0x2b/0x30 [ 776.852422][ T55] [ 776.854838][ T55] Uninit was created at: [ 776.859305][ T55] __alloc_pages+0x9d6/0xe70 [ 776.864089][ T55] alloc_pages_mpol+0x299/0x990 [ 776.869174][ T55] alloc_pages+0x1bf/0x1e0 [ 776.873780][ T55] dump_user_range+0x4a/0xee0 [ 776.878684][ T55] elf_core_dump+0x59f5/0x5d50 [ 776.883671][ T55] do_coredump+0x32d5/0x4920 [ 776.888454][ T55] get_signal+0x267e/0x2d00 [ 776.893147][ T55] arch_do_signal_or_restart+0x53/0xcb0 [ 776.898928][ T55] irqentry_exit_to_user_mode+0xa6/0x160 [ 776.904770][ T55] irqentry_exit+0x16/0x60 [ 776.909418][ T55] exc_page_fault+0x515/0x6f0 [ 776.914308][ T55] asm_exc_page_fault+0x2b/0x30 [ 776.919378][ T55] [ 776.921798][ T55] Bytes 0-1023 of 1024 are uninitialized [ 776.927564][ T55] Memory access of size 1024 starts at ffff8880260dec00 [ 776.934676][ T55] [ 776.937139][ T55] CPU: 1 PID: 55 Comm: kworker/1:1H Not tainted 6.9.0-syzkaller-02339-g101b7a97143a #0 [ 776.946948][ T55] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 776.957170][ T55] Workqueue: kblockd blk_mq_run_work_fn [ 776.963183][ T55] ===================================================== [ 776.970232][ T55] Disabling lock debugging due to kernel taint [ 776.976497][ T55] Kernel panic - not syncing: kmsan.panic set ... [ 776.983030][ T55] CPU: 1 PID: 55 Comm: kworker/1:1H Tainted: G B 6.9.0-syzkaller-02339-g101b7a97143a #0 [ 776.994333][ T55] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 777.004545][ T55] Workqueue: kblockd blk_mq_run_work_fn [ 777.010297][ T55] Call Trace: [ 777.013695][ T55] [ 777.016733][ T55] dump_stack_lvl+0x216/0x2d0 [ 777.021734][ T55] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 777.027750][ T55] dump_stack+0x1e/0x30 [ 777.032110][ T55] panic+0x4e2/0xcd0 [ 777.036246][ T55] ? kmsan_get_metadata+0xf1/0x1d0 [ 777.041646][ T55] kmsan_report+0x2d5/0x2e0 [ 777.046383][ T55] ? kmsan_get_metadata+0x146/0x1d0 [ 777.051794][ T55] ? kmsan_internal_set_shadow_origin+0x66/0xe0 [ 777.058390][ T55] ? kmsan_internal_check_memory+0x48c/0x560 [ 777.064634][ T55] ? kmsan_handle_dma+0xac/0xc0 [ 777.069668][ T55] ? virtqueue_add+0x1e86/0x65c0 [ 777.074830][ T55] ? virtqueue_add_sgs+0x186/0x1b0 [ 777.080146][ T55] ? virtscsi_add_cmd+0x838/0xad0 [ 777.085386][ T55] ? virtscsi_queuecommand+0x898/0xa60 [ 777.091129][ T55] ? scsi_queue_rq+0x4cc7/0x5a80 [ 777.096265][ T55] ? blk_mq_dispatch_rq_list+0x79b/0x3440 [ 777.102217][ T55] ? __blk_mq_sched_dispatch_requests+0x11b7/0x26e0 [ 777.109084][ T55] ? blk_mq_sched_dispatch_requests+0x12f/0x270 [ 777.115572][ T55] ? blk_mq_run_work_fn+0xd0/0x280 [ 777.120891][ T55] ? process_scheduled_works+0xa81/0x1bd0 [ 777.126850][ T55] ? worker_thread+0xea5/0x1560 [ 777.131916][ T55] ? kthread+0x3e2/0x540 [ 777.136370][ T55] ? ret_from_fork+0x6d/0x90 [ 777.141151][ T55] ? ret_from_fork_asm+0x1a/0x30 [ 777.146306][ T55] ? scsi_queue_rq+0x4335/0x5a80 [ 777.151451][ T55] ? blk_mq_dispatch_rq_list+0x79b/0x3440 [ 777.157504][ T55] ? __blk_mq_sched_dispatch_requests+0x11b7/0x26e0 [ 777.164334][ T55] ? blk_mq_sched_dispatch_requests+0x12f/0x270 [ 777.170811][ T55] ? blk_mq_run_work_fn+0xd0/0x280 [ 777.176110][ T55] ? process_scheduled_works+0xa81/0x1bd0 [ 777.182045][ T55] ? worker_thread+0xea5/0x1560 [ 777.187091][ T55] ? kthread+0x3e2/0x540 [ 777.191624][ T55] ? ret_from_fork+0x6d/0x90 [ 777.196421][ T55] ? ret_from_fork_asm+0x1a/0x30 [ 777.201582][ T55] ? kmsan_get_metadata+0x146/0x1d0 [ 777.206979][ T55] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 777.213073][ T55] ? kmsan_get_metadata+0x146/0x1d0 [ 777.218465][ T55] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 777.224490][ T55] ? should_fail_ex+0x4a/0x800 [ 777.229545][ T55] ? kmsan_get_metadata+0x146/0x1d0 [ 777.234934][ T55] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 777.240943][ T55] ? kmsan_get_metadata+0x146/0x1d0 [ 777.246336][ T55] kmsan_internal_check_memory+0x48c/0x560 [ 777.252411][ T55] kmsan_handle_dma+0xac/0xc0 [ 777.257275][ T55] virtqueue_add+0x1e86/0x65c0 [ 777.262249][ T55] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 777.268258][ T55] ? kmsan_get_metadata+0x146/0x1d0 [ 777.273740][ T55] ? kmsan_get_metadata+0x146/0x1d0 [ 777.279137][ T55] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 777.285170][ T55] virtqueue_add_sgs+0x186/0x1b0 [ 777.290324][ T55] virtscsi_add_cmd+0x838/0xad0 [ 777.295422][ T55] virtscsi_queuecommand+0x898/0xa60 [ 777.300940][ T55] ? __pfx_virtscsi_queuecommand+0x10/0x10 [ 777.307040][ T55] scsi_queue_rq+0x4cc7/0x5a80 [ 777.312039][ T55] ? __pfx_scsi_queue_rq+0x10/0x10 [ 777.317346][ T55] blk_mq_dispatch_rq_list+0x79b/0x3440 [ 777.323132][ T55] ? sbitmap_get+0x431/0x670 [ 777.327913][ T55] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 777.333951][ T55] ? dd_dispatch_request+0x9a1/0xa20 [ 777.339461][ T55] __blk_mq_sched_dispatch_requests+0x11b7/0x26e0 [ 777.346146][ T55] ? finish_task_switch+0x7bb/0x8f0 [ 777.351592][ T55] ? __blk_mq_sched_dispatch_requests+0x1031/0x26e0 [ 777.358444][ T55] blk_mq_sched_dispatch_requests+0x12f/0x270 [ 777.364788][ T55] blk_mq_run_work_fn+0xd0/0x280 [ 777.370023][ T55] ? __pfx_blk_mq_run_work_fn+0x10/0x10 [ 777.375767][ T55] process_scheduled_works+0xa81/0x1bd0 [ 777.381567][ T55] worker_thread+0xea5/0x1560 [ 777.386447][ T55] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 777.392483][ T55] kthread+0x3e2/0x540 [ 777.396801][ T55] ? __pfx_worker_thread+0x10/0x10 [ 777.402320][ T55] ? __pfx_kthread+0x10/0x10 [ 777.407120][ T55] ret_from_fork+0x6d/0x90 [ 777.411745][ T55] ? __pfx_kthread+0x10/0x10 [ 777.416550][ T55] ret_from_fork_asm+0x1a/0x30 [ 777.421554][ T55] [ 778.957609][ T55] Shutting down cpus with NMI [ 778.962782][ T55] Kernel Offset: disabled [ 778.967203][ T55] Rebooting in 86400 seconds..