last executing test programs: 7.774584703s ago: executing program 1 (id=767): mlockall(0x1) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDPRL(r0, 0x5452, &(0x7f0000006d00)={'sit0\x00', 0x0}) 5.835192872s ago: executing program 4 (id=786): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_HARDIF(r0, &(0x7f0000000fc0)={&(0x7f0000000f00)={0x10, 0x0, 0x340, 0x10000}, 0xc, &(0x7f0000000f80)={&(0x7f0000000f40)={0x14}, 0x14}}, 0x0) 5.655354826s ago: executing program 4 (id=789): r0 = socket(0x2, 0x80805, 0x0) setsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000580), 0x8) 5.478647881s ago: executing program 4 (id=791): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) sendto$inet6(r0, &(0x7f00000010c0)="a7", 0x1, 0x0, &(0x7f0000000040)={0xa, 0x0, 0x0, @private2}, 0x1c) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r2 = socket$inet_smc(0x2b, 0x1, 0x0) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0xb, 0x4, &(0x7f0000000500)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r1}, 0x90) bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="280000001e0001000000", @ANYRES32, @ANYBLOB="00000200"], 0x28}}, 0x0) r4 = socket(0x10, 0x80803, 0x0) sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c0000005e00010200"/20, @ANYRES32=0x0, @ANYBLOB="bf"], 0x1c}}, 0x0) recvmmsg(r4, &(0x7f0000001bc0)=[{{0x0, 0x0, 0x0}}], 0x7, 0x0, 0x0) futex_waitv(&(0x7f0000000180)=[{0x0, &(0x7f0000000200), 0x2}], 0x1, 0x0, 0x0, 0x0) futex(&(0x7f0000000040), 0x1, 0x0, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x3, 0x4, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r1}, 0x48) r5 = socket(0x10, 0x3, 0x0) r6 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newqdisc={0x3c, 0x24, 0xf0b, 0xffffffff, 0x40, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_plug={{0x9}, {0xc, 0x2, {0x1, 0x3}}}]}, 0x3c}}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x10000, 0x0, 0x1, 0x0, '\x00', r7}, 0x48) bind$inet(r2, &(0x7f0000000140)={0x2, 0x4e22, @multicast2}, 0x10) set_mempolicy(0x3, &(0x7f0000000140)=0x3, 0x8) ppoll(&(0x7f0000000300)=[{}], 0x20000000000000d0, 0x0, 0x0, 0x0) connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) 4.898490868s ago: executing program 0 (id=794): syz_emit_ethernet(0x57c327577bc1430e, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0xb989) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000001880), 0x0, 0x0, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000001280), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f00000101c0)={0x0, 0x49dc1e16, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "a0055a4501800000f778ddcf29c94337"}) r2 = syz_open_dev$sndpcmc(&(0x7f0000004c40), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r2, 0xc25c4110, &(0x7f0000000000)={0x0, [[0xfffffffe], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25]], '\x00', [{}, {}, {}, {}, {}, {0x2}]}) fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000000080)=0xb0000) syz_usb_connect(0x6, 0x49, &(0x7f000001bac0)=ANY=[], 0x0) ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000000)={@my=0x0}) ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r3, 0x7ab, &(0x7f00000000c0)={{@host}, 0x0, 0x1}) r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f0000000480)={0x0, 0x9, 0x0, 'queue0\x00'}) write$sndseq(0xffffffffffffffff, &(0x7f0000000140)=[{0x1f, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}], 0x1c) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') close_range(r5, 0xffffffffffffffff, 0x0) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000440)={'gretap0\x00', &(0x7f0000000540)={'syztnl0\x00', 0x0, 0x8, 0x0, 0x100, 0x3, {{0xd, 0x4, 0x0, 0x0, 0x34, 0x3, 0x0, 0x0, 0x0, 0x0, @rand_addr, @rand_addr, {[@ssrr={0x89, 0xb, 0x1b, [@multicast1, @multicast1]}, @rr={0x7, 0xb, 0x6b, [@remote, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @generic={0x44, 0x8, "d8f635c784f6"}]}}}}}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x40605346, &(0x7f0000000180)={0x0, 0x2, {0x0, 0x3, 0x0, 0x0, 0xfffffffd}}) r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000280)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) syz_emit_ethernet(0x56, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd6019f14d00203c0020010000000000000000000000000000ff02000000000000000000000000000100010000000000009b"], 0x0) syz_open_dev$sndctrl(&(0x7f0000000300), 0x0, 0x0) close_range(r6, 0xffffffffffffffff, 0x0) r7 = fsmount(r0, 0x0, 0x9) openat$cgroup(r7, &(0x7f00000000c0)='syz0\x00', 0x200002, 0x0) preadv(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f0000002380)=""/169, 0xa9}], 0x1, 0x0, 0x0) 4.497230701s ago: executing program 4 (id=796): r0 = syz_open_dev$dri(0x0, 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_CURSOR(0xffffffffffffffff, 0xc01c64a3, 0x0) ioctl$sock_TIOCINQ(0xffffffffffffffff, 0x541b, 0x0) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000280), 0x2141, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r2, 0x40a45323, 0x0) 4.248383502s ago: executing program 4 (id=798): r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000e09d7040460a2196324f01020301090224000100000000090400000206d345000905010210000000"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000540)={0x34, &(0x7f0000000100)={0x0, 0x0, 0x6, "ff0700000091"}, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000280)={0x1c, &(0x7f0000000180)={0x40, 0x19, 0x2, "ee10"}, 0x0, 0x0}) 4.100416394s ago: executing program 0 (id=799): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000080)='syzkaller\x00'}, 0x90) openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0) write$binfmt_script(r5, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0) preadv(r5, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0x1c, &(0x7f0000000040)=ANY=[@ANYBLOB="0000000000000000b702000014000000b7030000030000008500000005000000bf0900000000000055090100000000009500000000000000b7020000000000007b2af0ff000000003609080000000000c39af0ffa0"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$KVM_RUN(r6, 0xae80, 0x0) 3.480501105s ago: executing program 0 (id=804): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000380)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_io_uring_setup(0x10e, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1}, &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x13, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}) io_uring_enter(r3, 0x47f9, 0x0, 0x0, 0x0, 0x0) io_submit(0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) r6 = openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) mknodat(r6, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0) chdir(&(0x7f0000000140)='./bus\x00') open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) linkat(r6, &(0x7f0000000100)='./file1\x00', r6, 0x0, 0x0) creat(&(0x7f0000000040)='./file0\x00', 0x0) add_key(&(0x7f0000000000)='asymmetric\x00', 0x0, &(0x7f0000000140)="00e1ffffffffffffff0000000000778846c1bdecd7229f9a043de7be19ead8edb57f1e3da442b8fe472194b792595457b84a33e4e72836557ac7a8fb6d59756b2976f7d7fd0e1e4558838100000000000080dbf1d2a537cffb39f3b88e9ed025a1a20100d5e2ea4f845cd2eebee0e7f52e8eed174e8a7d1a799be6b646176df3", 0x80, 0xfffffffffffffffe) 2.464674768s ago: executing program 2 (id=805): ioctl$FS_IOC_SETFSLABEL(0xffffffffffffffff, 0x41009432, &(0x7f0000000000)="a807ec8f20232d3f27860233685f671bcab0eb562d808d73a73544ac8f5bec07074079fd3d0d37a0c113c9a5aa0fb0739ec2c57367764c9cb3b67108e9277d1ae03678027c95c85746561583473e6388c3965d62419dc12816edf9cdce06ef5afdc9868218f567f1bf6d5dbb3a4242b7ef0dad1ff8fd08088923261ad56730eae567e4c7eb9c4b2c24139f441fab09c273d5ac66ad040ff900be39892a0daa907325534ef5ffb754b487cad6deddff596623898f4de123aaf47b7412eaef45701fcfdf82b8f0f39cc4766cf44bd01c44deff21bdca15de7bb67fabd13982e7460a8ce7c917e52525d79c567c8a70f3fb892e1af030fabeef8b704c37d64170a9") r0 = syz_open_dev$mouse(&(0x7f0000000100), 0x0, 0x101) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000140)={r0, 0x9, 0x7fffffff, 0x10000}) fcntl$setflags(r0, 0x2, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0x7, &(0x7f0000000180)={0x5, 0x15, 0x3, 0x5}, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000200), r1) sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000240)={0xcc, r3, 0x100, 0x70bd27, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x4}, @IPVS_CMD_ATTR_DEST={0x34, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0xa592}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}, @IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x1}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e23}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x2}, @IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x1}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x40}, @IPVS_CMD_ATTR_SERVICE={0x14, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x8}]}, @IPVS_CMD_ATTR_DAEMON={0x58, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x100}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x8}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x2}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x5}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'wg2\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x4}]}, 0xcc}, 0x1, 0x0, 0x0, 0x40000}, 0x20000000) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_SERVICE(r4, &(0x7f0000000580)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000400)={0x12c, r3, 0x4, 0x70bd25, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_SERVICE={0x24, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'wrr\x00'}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x6}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x30}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x2634c7a0}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x4}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0xfffffff9}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xa}]}, @IPVS_CMD_ATTR_DAEMON={0x6c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0xb132e85d2e608092}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @private0}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x8}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @empty}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0xf4}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x2}, @IPVS_CMD_ATTR_DEST={0x24, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0xffff7fff}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x8}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x7fffffff}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0xf3da}]}]}, 0x12c}, 0x1, 0x0, 0x0, 0x840}, 0x4) ioctl$BTRFS_IOC_SYNC(r1, 0x9408, 0x0) r5 = socket$inet_udp(0x2, 0x2, 0x0) fcntl$F_SET_FILE_RW_HINT(r5, 0x40e, &(0x7f00000005c0)=0x5) fsetxattr$trusted_overlay_origin(r0, &(0x7f0000000600), &(0x7f0000000640), 0x2, 0x1) sendmsg$NFQNL_MSG_VERDICT(r2, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000740)={&(0x7f00000006c0)={0x40, 0x1, 0x3, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFQA_VLAN={0x2c, 0x13, 0x0, 0x1, [@NFQA_VLAN_TCI={0x6, 0x2, 0x1, 0x0, 0xa}, @NFQA_VLAN_TCI={0x6, 0x2, 0x1, 0x0, 0x2}, @NFQA_VLAN_PROTO={0x6, 0x1, 0x1, 0x0, 0x8100}, @NFQA_VLAN_PROTO={0x6, 0x1, 0x1, 0x0, 0x97956731185d34a}, @NFQA_VLAN_TCI={0x6, 0x2, 0x1, 0x0, 0x6}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x400}, 0x40041) getsockopt$inet_mreqn(r0, 0x0, 0x20, &(0x7f00000007c0)={@local, @multicast2}, 0x0) read$usbfs(r0, &(0x7f0000000840)=""/167, 0xa7) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r5, 0x400c6615, &(0x7f0000000900)={0x0, @adiantum, 0x0, @desc3}) read$watch_queue(r0, &(0x7f0000000940)=""/154, 0x9a) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000a00)={'vcan0\x00'}) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000a40)={0x0, 0x0, 0x0}, &(0x7f0000000a80)=0xc) ioctl$TUNSETGROUP(r0, 0x400454ce, r6) r7 = syz_open_dev$vcsn(&(0x7f0000000ac0), 0x0, 0x240) fsetxattr$security_ima(r7, 0x0, &(0x7f0000000b40)=@ng={0x4, 0x10, "1788bc7011d02a454b"}, 0xb, 0x4) r8 = openat$fuse(0xffffff9c, &(0x7f0000000b80), 0x2, 0x0) io_setup(0x3, &(0x7f0000000bc0)=0x0) io_cancel(r9, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x6, 0xfff8, r0, &(0x7f0000000c00)="868c337402d64074b09d3c5b2afa0b177a7bf7247a8ba6d0d641b1281374f1f3f9b592606cd60a7b994b71d695f39d65c74593f407f2d5be1b7481b49a4d11c05beff710fd708180b807a3146130b7c0b80737087d2ef6d5cdc832e1361f7b699dd75891b24e1310205e1ec9e0cd23af1efa", 0x72, 0x61, 0x0, 0x1}, &(0x7f0000000cc0)) ioctl$sock_inet_SIOCGIFPFLAGS(r1, 0x8935, &(0x7f0000000d00)={'nicvf0\x00'}) syz_init_net_socket$llc(0x1a, 0x0, 0x0) splice(r8, &(0x7f0000000d40)=0x923, r7, &(0x7f0000000d80)=0x9, 0xd82, 0xc) 2.174514781s ago: executing program 1 (id=807): keyctl$reject(0x13, 0x0, 0x0, 0x9, 0x0) 2.173787292s ago: executing program 0 (id=808): socket$kcm(0xa, 0x0, 0x3a) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) sendmsg$DEVLINK_CMD_RELOAD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="00d2", @ANYRES16], 0x84}, 0x1, 0x0, 0x0, 0x24004000}, 0x0) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0) r2 = eventfd(0x0) ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2) ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x0, r2}) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f00000002c0)={0x1, r2}) ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1) ioctl$BTRFS_IOC_SCRUB_PROGRESS(0xffffffffffffffff, 0xc400941d, &(0x7f0000000380)={0x0, 0x1fffe000000}) 2.060000971s ago: executing program 1 (id=809): syz_emit_ethernet(0x57c327577bc1430e, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0xb989) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000001880)=[{0x0}], 0x1, 0x0, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000001280), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f00000101c0)={0x0, 0x49dc1e16, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "a0055a4501800000f778ddcf29c94337"}) r2 = syz_open_dev$sndpcmc(&(0x7f0000004c40), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r2, 0xc25c4110, &(0x7f0000000000)={0x0, [[0xfffffffe], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25]], '\x00', [{}, {}, {}, {}, {}, {0x2}]}) fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000000080)=0xb0000) syz_usb_connect(0x6, 0x49, &(0x7f000001bac0)=ANY=[], 0x0) ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000000)={@my=0x0}) ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r3, 0x7ab, &(0x7f00000000c0)={{@host}, 0x0, 0x1}) r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f0000000480)={0x0, 0x9, 0x0, 'queue0\x00'}) write$sndseq(0xffffffffffffffff, &(0x7f0000000140)=[{0x1f, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}], 0x1c) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') close_range(r5, 0xffffffffffffffff, 0x0) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000440)={'gretap0\x00', &(0x7f0000000540)={'syztnl0\x00', 0x0, 0x8, 0x0, 0x100, 0x3, {{0xd, 0x4, 0x0, 0x0, 0x34, 0x3, 0x0, 0x0, 0x0, 0x0, @rand_addr, @rand_addr, {[@ssrr={0x89, 0xb, 0x1b, [@multicast1, @multicast1]}, @rr={0x7, 0xb, 0x6b, [@remote, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @generic={0x44, 0x8, "d8f635c784f6"}]}}}}}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x40605346, &(0x7f0000000180)={0x0, 0x2, {0x0, 0x3, 0x0, 0x0, 0xfffffffd}}) r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000280)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) syz_emit_ethernet(0x56, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd6019f14d00203c0020010000000000000000000000000000ff02000000000000000000000000000100010000000000009b"], 0x0) syz_open_dev$sndctrl(&(0x7f0000000300), 0x0, 0x0) close_range(r6, 0xffffffffffffffff, 0x0) r7 = fsmount(r0, 0x0, 0x9) openat$cgroup(r7, &(0x7f00000000c0)='syz0\x00', 0x200002, 0x0) preadv(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f0000002380)=""/169, 0xa9}], 0x1, 0x0, 0x0) 1.683800762s ago: executing program 2 (id=810): bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xb, 0x4, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153}, 0x90) socket$inet6_tcp(0xa, 0x1, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="38ce00004fffffffffccfbf46c59839b985d9cd1b3c870e68cf0f385aab4748ae66cd990b76196cc6646e658", @ANYRES16, @ANYBLOB="010100000000000000002b00000008000300", @ANYRES32, @ANYBLOB="0a0034000202020202020000080026006c09000008009f0006000000"], 0x38}}, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, &(0x7f0000000000)=0x2, 0x4) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0xe3edd16a85a399c5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x14) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000100), 0x0) r1 = socket$nl_crypto(0x10, 0x3, 0x15) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000680)=ANY=[@ANYBLOB='+\x00\x00\x00', @ANYRES16=r3], 0x44}}, 0x0) sendmsg$IPVS_CMD_DEL_DAEMON(0xffffffffffffffff, 0x0, 0x0) sendmsg$netlink(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000180)=ANY=[@ANYBLOB="e000000010000905000000000000000008004300ff030000a90000002b0e13e735a3184f123d6da2f1acfac0ee2dd2b184b27db1f302de337c0004000000000000bf852c8986626691b0"], 0xe0}], 0x1}, 0x0) socket$inet_smc(0x2b, 0x1, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r5 = openat$cgroup_ro(r4, &(0x7f0000000080)='cpuset.effective_mems\x00', 0x275a, 0x0) pread64(r4, &(0x7f00000003c0)=""/142, 0x8e, 0xfffffffffffffffd) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000280)='fsi_master_read\x00', r5}, 0x10) epoll_create(0x3) 1.320451902s ago: executing program 2 (id=812): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000240), 0x0, &(0x7f0000000540)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@uuid_off}]}) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x0, 0x0) chdir(&(0x7f0000000140)='./bus\x00') link(0x0, &(0x7f0000000300)='./bus\x00') 1.201782381s ago: executing program 2 (id=814): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000080)='syzkaller\x00'}, 0x90) openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0) write$binfmt_script(r3, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0x1c, &(0x7f0000000040)=ANY=[@ANYBLOB="0000000000000000b702000014000000b7030000030000008500000005000000bf0900000000000055090100000000009500000000000000b7020000000000007b2af0ff000000003609080000000000c39af0ffa0"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$KVM_RUN(r4, 0xae80, 0x0) 1.150064156s ago: executing program 3 (id=815): r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) close(r0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={0x14, 0x4, 0x1, 0x5, 0x0, 0x0, {0x7, 0x0, 0xf}}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x20000010) 1.074253902s ago: executing program 1 (id=816): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = fcntl$dupfd(r0, 0x0, r0) listen(r0, 0x8001) ioctl$FS_IOC_GETVERSION(r1, 0x80047601, 0x0) 910.614645ms ago: executing program 3 (id=817): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) fstat(r0, &(0x7f00000003c0)) 882.629078ms ago: executing program 1 (id=818): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$netlink(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000040)={0x10}, 0x10}], 0x1}, 0x4c044) 781.172406ms ago: executing program 0 (id=819): r0 = socket$kcm(0x29, 0x2, 0x0) sendmsg$TIPC_NL_NAME_TABLE_GET(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={0x0}}, 0x0) 730.72074ms ago: executing program 3 (id=820): r0 = socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$NL80211_CMD_DISASSOCIATE(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x20, 0x0, 0x0, 0x0, 0x0, {{}, {@void, @val={0xc}}}}, 0x20}}, 0x0) 730.5732ms ago: executing program 1 (id=821): syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103) r4 = memfd_create(&(0x7f0000002bc0)='\xfb\"a&\x8fe\x11\x8c\xd64\xf9 \x00\x00\x00\x00\x00\x12\x1a\'<\xf5\xbeV\x12\xaal\xfa\xf0o\xd8\xb1,\xbd>M\xe3\x98?\xd9\x96\xab\xc7\x06\xfd\x9b\xab\xc8\x1e\x89]\x13bZ\x8d /#k\x95\x9eLV(\x8a\x0e\x93\x93Vc]mP\xbativ\xce\xa4K\xfb\xf2\xe0\xbf\x9d\xa1\xa2\xcd\xb39\xb4\x17a9\x1c\x82\x1aLT\xd0\xb9\x1a\xafB\x95\xb4\xcf\x91X\x8c\x87\xc2\xa1\x1b\xfe\xe7\xbc\xf7\xeb\xdeL\x1d\x98Zq\xcc%\x98\xb0Yc\xec\xb7\xb5m(9\xde\xd3\xefB\xd4\xee\xb5\xee\xe0\xaa\xdd\x00\xb1jOB\xdas\xe3\xb47}\xf3\xf8\xab\xbd\xf03L\xb0\xec\xdf\xbcW\xe0I\x0e\xa4\x1e}\x06\vK\xed\x11\x880\x0e\x9c\xae\x8dVU\x88\xb0\x842kgA]\x1e\x88\xecif\xee]\x8b\xc6\"\xcej\x84\x06\x8a\x99\x80\xd7\xcf\x1f\xed\x89\x1e6\x93+\xec#\x1d2\xb8\x80Z\xf7\x06\xbe\xc9[L\xc5\xc9\xb5\xd6{\xee\xce\x17\x89\xa6r\xc5j\xec\x1b\xaa\x996\x14e\xcf\x8axQ\x8fXeT\'0.\x85\xa2\xc8\xb3c\t\xe8\x1a\x89\xecL\xcf\xd8\xb5\xfb\xbc\tX\x88\xbe\xf49\xd2\xfb\x9e\xef\xabR\x88\x13\x9et\xcb\x82\x01\x91\xacH\xdb\xf9\xcb\x7fh\x83>\x8e\xe1=\xedR\xc9\xe68h\x19\xafLY\x94\x93\xebT\x15\x817\x9d#\xea\xd2\xa8\xfb^\x8c\x87#\x10\x00'/355, 0x5) fallocate(r4, 0x0, 0x0, 0x10001) finit_module(r4, 0x0, 0x0) 627.726098ms ago: executing program 0 (id=822): bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xb, 0x4, 0x0, 0x0, 0x0, 0x99, &(0x7f0000000180)=""/153}, 0x90) socket$inet6_tcp(0xa, 0x1, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="38ce00004fffffffffccfbf46c59839b985d9cd1b3c870e68cf0f385aab4748ae66cd990b76196cc6646e658", @ANYRES16, @ANYBLOB="010100000000000000002b00000008000300", @ANYRES32, @ANYBLOB="0a0034000202020202020000080026006c09000008009f0006000000"], 0x38}}, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, &(0x7f0000000000)=0x2, 0x4) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0xe3edd16a85a399c5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x14) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000100), 0x0) r1 = socket$nl_crypto(0x10, 0x3, 0x15) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000680)=ANY=[@ANYBLOB='+\x00\x00\x00', @ANYRES16=r3], 0x44}}, 0x0) sendmsg$IPVS_CMD_DEL_DAEMON(0xffffffffffffffff, 0x0, 0x0) sendmsg$netlink(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000180)=ANY=[@ANYBLOB="e000000010000905000000000000000008004300ff030000a90000002b0e13e735a3184f123d6da2f1acfac0ee2dd2b184b27db1f302de337c0004000000000000bf852c8986626691b0"], 0xe0}], 0x1}, 0x0) socket$inet_smc(0x2b, 0x1, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r5 = openat$cgroup_ro(r4, &(0x7f0000000080)='cpuset.effective_mems\x00', 0x275a, 0x0) pread64(r4, &(0x7f00000003c0)=""/142, 0x8e, 0xfffffffffffffffd) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000280)='fsi_master_read\x00', r5}, 0x10) epoll_create(0x3) 600.539981ms ago: executing program 3 (id=823): r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x18, &(0x7f0000000900), &(0x7f0000000080)=0x8) 495.844929ms ago: executing program 2 (id=824): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000240), 0x0, &(0x7f0000000540)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@uuid_off}]}) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x0, 0x0) chdir(&(0x7f0000000140)='./bus\x00') link(0x0, &(0x7f0000000300)='./bus\x00') 366.44629ms ago: executing program 3 (id=825): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000240), 0x0, &(0x7f0000000540)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@uuid_off}]}) r0 = open(0x0, 0x0, 0x0) mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x0, 0x0) chdir(&(0x7f0000000140)='./bus\x00') link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) 142.547638ms ago: executing program 2 (id=826): syz_emit_ethernet(0x57c327577bc1430e, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0xb989) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000001880)=[{0x0}], 0x1, 0x0, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000001280), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f00000101c0)={0x0, 0x49dc1e16, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "a0055a4501800000f778ddcf29c94337"}) r2 = syz_open_dev$sndpcmc(&(0x7f0000004c40), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r2, 0xc25c4110, &(0x7f0000000000)={0x0, [[0xfffffffe], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25]], '\x00', [{}, {}, {}, {}, {}, {0x2}]}) fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000000080)=0xb0000) syz_usb_connect(0x6, 0x49, &(0x7f000001bac0)=ANY=[], 0x0) ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000000)={@my=0x0}) ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r3, 0x7ab, &(0x7f00000000c0)={{@host}, 0x0, 0x1}) r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f0000000480)={0x0, 0x9, 0x0, 'queue0\x00'}) write$sndseq(0xffffffffffffffff, &(0x7f0000000140)=[{0x1f, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}], 0x1c) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/snmp\x00') close_range(r5, 0xffffffffffffffff, 0x0) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000440)={'gretap0\x00', &(0x7f0000000540)={'syztnl0\x00', 0x0, 0x8, 0x0, 0x100, 0x3, {{0xd, 0x4, 0x0, 0x0, 0x34, 0x3, 0x0, 0x0, 0x0, 0x0, @rand_addr, @rand_addr, {[@ssrr={0x89, 0xb, 0x1b, [@multicast1, @multicast1]}, @rr={0x7, 0xb, 0x6b, [@remote, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @generic={0x44, 0x8, "d8f635c784f6"}]}}}}}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x40605346, &(0x7f0000000180)={0x0, 0x2, {0x0, 0x3, 0x0, 0x0, 0xfffffffd}}) r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000280)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) syz_emit_ethernet(0x56, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd6019f14d00203c0020010000000000000000000000000000ff02000000000000000000000000000100010000000000009b"], 0x0) syz_open_dev$sndctrl(&(0x7f0000000300), 0x0, 0x0) close_range(r6, 0xffffffffffffffff, 0x0) r7 = fsmount(r0, 0x0, 0x9) openat$cgroup(r7, &(0x7f00000000c0)='syz0\x00', 0x200002, 0x0) preadv(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f0000002380)=""/169, 0xa9}], 0x1, 0x0, 0x0) 56.298665ms ago: executing program 4 (id=827): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000040)=[@in={0x2, 0x0, @private=0xa010100}], 0x10) timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100)) clock_gettime(0x0, &(0x7f0000000200)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+10000000}}, 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) 0s ago: executing program 3 (id=828): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, 0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10) writev(r1, 0x0, 0x0) kernel console output (not intermixed with test programs): nk becomes ready [ 76.405343][ T2548] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 76.413302][ T2548] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 76.422539][ T2548] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 76.444240][ T3638] device veth0_macvtap entered promiscuous mode [ 76.469389][ T2548] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 76.525839][ T102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.543528][ T3638] device veth1_macvtap entered promiscuous mode [ 76.564460][ T102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.573682][ T2548] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 76.585366][ T2548] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 76.646551][ T3699] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.654854][ T3638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.665443][ T3699] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.685717][ T3724] loop0: detected capacity change from 0 to 128 [ 76.701971][ T3726] loop1: detected capacity change from 0 to 512 [ 76.709711][ T3727] loop3: detected capacity change from 0 to 512 [ 76.710605][ T3638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.737145][ T3726] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 76.751187][ T3727] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 76.772598][ T3638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.782271][ T3726] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 76.805267][ T3638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.814720][ T26] audit: type=1800 audit(1723747122.754:2): pid=3724 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1" name="bus" dev="loop0" ino=1048589 res=0 errno=0 [ 76.815598][ T3638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.846677][ T3638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.857850][ T3727] EXT4-fs (loop3): 1 truncate cleaned up [ 76.859662][ T3638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.884289][ T3638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.896025][ T3638] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 76.903651][ T3699] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 76.911654][ T3727] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 76.935298][ T3699] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 76.953384][ T3726] EXT4-fs (loop1): 1 truncate cleaned up [ 76.959630][ T3726] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 76.990640][ T3699] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 77.047827][ T3638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.078119][ T3638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.089735][ T3638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.110458][ T3638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.330672][ T3650] Bluetooth: hci0: command tx timeout [ 77.336205][ T3650] Bluetooth: hci2: command tx timeout [ 77.341620][ T3650] Bluetooth: hci1: command tx timeout [ 77.349195][ T48] Bluetooth: hci3: command tx timeout [ 77.354690][ T48] Bluetooth: hci4: command tx timeout [ 77.379179][ T3638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.394308][ T3638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.404287][ T3638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.415881][ T3638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.114452][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 78.122901][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 78.138477][ T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!! [ 78.148098][ T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!! [ 78.156620][ T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!! [ 78.165283][ T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!! [ 78.173596][ T0] NOHZ tick-stop error: local softirq work is pending, handler #382!!! [ 78.182274][ T0] NOHZ tick-stop error: local softirq work is pending, handler #382!!! [ 78.190584][ T0] NOHZ tick-stop error: local softirq work is pending, handler #382!!! [ 78.199243][ T0] NOHZ tick-stop error: local softirq work is pending, handler #382!!! [ 78.535328][ T3638] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 78.587504][ T3638] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.608727][ T3638] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.648646][ T3638] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.665224][ T3638] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.714995][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 78.737077][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 78.792231][ T3741] loop0: detected capacity change from 0 to 512 [ 78.872314][ T3741] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 78.891082][ T3641] EXT4-fs (loop1): unmounting filesystem. [ 78.954668][ T3741] EXT4-fs (loop0): 1 truncate cleaned up [ 78.960385][ T3741] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 78.990593][ T3647] EXT4-fs (loop3): unmounting filesystem. [ 79.006657][ T3746] loop1: detected capacity change from 0 to 512 [ 79.014978][ T3746] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 79.092510][ T3699] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.238084][ T3699] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.259418][ T3746] EXT4-fs (loop1): 1 truncate cleaned up [ 79.270354][ T3744] loop2: detected capacity change from 0 to 2048 [ 79.273145][ T3749] loop3: detected capacity change from 0 to 512 [ 79.294209][ T3746] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 79.553839][ T3749] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 79.645193][ T3699] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 79.667044][ T3744] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 79.948493][ T3749] EXT4-fs (loop3): 1 truncate cleaned up [ 79.976698][ T3645] EXT4-fs (loop0): unmounting filesystem. [ 80.142445][ T3749] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 80.170694][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.375806][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.645916][ T3729] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 2: invalid block bitmap [ 80.881684][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 81.030325][ T3729] EXT4-fs (loop2): Remounting filesystem read-only [ 82.615685][ T3641] EXT4-fs (loop1): unmounting filesystem. [ 82.616337][ T14] cfg80211: failed to load regulatory.db [ 82.709383][ T3647] EXT4-fs (loop3): unmounting filesystem. [ 82.795617][ T3648] EXT4-fs (loop2): unmounting filesystem. [ 82.912203][ T3772] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 82.928614][ T26] audit: type=1326 audit(1723747128.854:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3770 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5811799b9 code=0x7ffc0000 [ 82.989566][ T3771] dlm: no local IP address has been set [ 83.028350][ T3771] dlm: cannot start dlm midcomms -107 [ 83.033869][ T26] audit: type=1326 audit(1723747128.904:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3770 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7fc5811799b9 code=0x7ffc0000 [ 83.092044][ T26] audit: type=1326 audit(1723747128.904:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3770 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5811799b9 code=0x7ffc0000 [ 83.162744][ T26] audit: type=1326 audit(1723747128.904:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3770 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5811799b9 code=0x7ffc0000 [ 83.203491][ T26] audit: type=1326 audit(1723747128.904:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3770 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fc5811799b9 code=0x7ffc0000 [ 83.233089][ T26] audit: type=1326 audit(1723747128.904:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3770 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5811799b9 code=0x7ffc0000 [ 83.444645][ T26] audit: type=1326 audit(1723747128.904:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3770 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5811799b9 code=0x7ffc0000 [ 83.534232][ T26] audit: type=1326 audit(1723747128.904:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3770 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7fc5811799b9 code=0x7ffc0000 [ 83.709806][ T26] audit: type=1326 audit(1723747128.904:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3770 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5811799b9 code=0x7ffc0000 [ 84.734269][ T26] audit: type=1326 audit(1723747128.904:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3770 comm="syz.3.11" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5811799b9 code=0x7ffc0000 [ 84.769754][ T3793] loop0: detected capacity change from 0 to 256 [ 84.899216][ T3795] loop3: detected capacity change from 0 to 512 [ 84.919486][ T3793] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 85.010599][ T3795] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 85.042615][ T3790] syz.0.16: attempt to access beyond end of device [ 85.042615][ T3790] loop0: rw=524288, sector=524408, nr_sectors = 1 limit=256 [ 85.057177][ T3795] ext4 filesystem being mounted at /3/bus supports timestamps until 2038 (0x7fffffff) [ 85.062188][ T3804] netlink: 308 bytes leftover after parsing attributes in process `syz.2.18'. [ 85.128616][ T3790] syz.0.16: attempt to access beyond end of device [ 85.128616][ T3790] loop0: rw=0, sector=524408, nr_sectors = 1 limit=256 [ 85.285654][ T3647] EXT4-fs (loop3): unmounting filesystem. [ 86.103522][ T3825] netlink: 8 bytes leftover after parsing attributes in process `syz.0.25'. [ 86.136315][ T3785] loop1: detected capacity change from 0 to 32768 [ 86.198775][ T3825] netlink: 8 bytes leftover after parsing attributes in process `syz.0.25'. [ 86.386396][ T3825] netlink: 8 bytes leftover after parsing attributes in process `syz.0.25'. [ 87.357700][ T3642] Bluetooth: hci0: unexpected event 0x06 length: 23 > 3 [ 87.497307][ T3847] nvme_fabrics: unknown parameter or missing value 'Y' in ctrl creation request [ 87.649879][ T3853] syz.0.32 sent an empty control message without MSG_MORE. [ 87.855209][ T3858] loop2: detected capacity change from 0 to 512 [ 88.003731][ T3858] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 88.029480][ T3858] ext4 filesystem being mounted at /7/file0 supports timestamps until 2038 (0x7fffffff) [ 88.078620][ T3858] EXT4-fs error (device loop2): ext4_do_update_inode:5221: inode #2: comm syz.2.33: corrupted inode contents [ 88.119650][ T3858] EXT4-fs error (device loop2): ext4_dirty_inode:6083: inode #2: comm syz.2.33: mark_inode_dirty error [ 88.176344][ T3867] Driver unsupported XDP return value 0 on prog (id 9) dev N/A, expect packet loss! [ 88.191184][ T3858] EXT4-fs error (device loop2): ext4_do_update_inode:5221: inode #2: comm syz.2.33: corrupted inode contents [ 88.249815][ T3858] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #2: comm syz.2.33: mark_inode_dirty error [ 88.261862][ T3870] netlink: 52 bytes leftover after parsing attributes in process `syz.0.36'. [ 88.446949][ T3648] EXT4-fs (loop2): unmounting filesystem. [ 88.906360][ T3887] x_tables: ip_tables: CONNMARK.1 target: invalid size 16 (kernel) != (user) 0 [ 89.346051][ T26] kauditd_printk_skb: 49 callbacks suppressed [ 89.346068][ T26] audit: type=1326 audit(1723747135.294:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3894 comm="syz.3.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5811799b9 code=0x7ffc0000 [ 89.528930][ T26] audit: type=1326 audit(1723747135.294:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3894 comm="syz.3.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7fc5811799b9 code=0x7ffc0000 [ 89.552193][ C0] vkms_vblank_simulate: vblank timer overrun [ 89.628715][ T26] audit: type=1326 audit(1723747135.304:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3894 comm="syz.3.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5811799b9 code=0x7ffc0000 [ 89.650862][ C0] vkms_vblank_simulate: vblank timer overrun [ 89.659058][ T26] audit: type=1326 audit(1723747135.354:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3894 comm="syz.3.45" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5811799b9 code=0x7ffc0000 [ 89.681202][ C0] vkms_vblank_simulate: vblank timer overrun [ 90.624597][ T3642] Bluetooth: hci0: command tx timeout [ 90.720189][ T3926] netlink: 4 bytes leftover after parsing attributes in process `syz.3.56'. [ 90.723904][ T3927] netlink: 20 bytes leftover after parsing attributes in process `syz.4.55'. [ 90.744609][ T3927] Zero length message leads to an empty skb [ 92.189591][ T34] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 93.454499][ T34] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 93.522373][ T34] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 94.104272][ T34] usb 1-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 94.127367][ T34] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 94.154368][ T34] usb 1-1: Product: syz [ 94.158837][ T34] usb 1-1: Manufacturer: syz [ 94.193006][ T34] usb 1-1: config 0 descriptor?? [ 94.310695][ T34] usb 1-1: can't set config #0, error -71 [ 101.274423][ T34] usb 1-1: USB disconnect, device number 2 [ 101.784698][ T3687] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 101.854472][ T3996] syz.2.76 uses obsolete (PF_INET,SOCK_PACKET) [ 102.104272][ T3687] usb 2-1: Using ep0 maxpacket: 32 [ 102.245337][ T3687] usb 2-1: config 0 has no interfaces? [ 102.694305][ T3687] usb 2-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=17.22 [ 102.740277][ T3687] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 102.763618][ T3687] usb 2-1: Product: syz [ 103.709754][ T4003] loop4: detected capacity change from 0 to 32768 [ 103.720008][ T4003] XFS: noikeep mount option is deprecated. [ 103.735965][ T3687] usb 2-1: Manufacturer: syz [ 103.741007][ T3687] usb 2-1: SerialNumber: syz [ 103.755282][ T3687] usb 2-1: config 0 descriptor?? [ 103.850760][ T4003] XFS (loop4): Mounting V5 Filesystem [ 104.028953][ T3984] netlink: 28 bytes leftover after parsing attributes in process `syz.1.73'. [ 104.059652][ T3647] syz-executor (3647) used greatest stack depth: 19800 bytes left [ 104.068139][ T3984] device team_slave_0 entered promiscuous mode [ 104.102125][ T4003] XFS (loop4): Ending clean mount [ 104.117855][ T4003] XFS (loop4): Quotacheck needed: Please wait. [ 104.209456][ T3721] usb 2-1: USB disconnect, device number 2 [ 104.314030][ T4003] XFS (loop4): Quotacheck: Done. [ 104.385878][ T3642] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 104.398696][ T3642] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 104.410218][ T3642] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 104.420096][ T34] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 104.436332][ T3642] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 104.447390][ T3642] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 104.457000][ T3642] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 104.509925][ T3699] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 104.648106][ T3699] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 104.795850][ T34] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 104.814397][ T34] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 104.856656][ T3699] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 104.983942][ T3699] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.000884][ T34] usb 1-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 105.016744][ T34] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 105.034315][ T34] usb 1-1: Product: syz [ 105.046608][ T34] usb 1-1: Manufacturer: syz [ 105.059917][ T34] usb 1-1: SerialNumber: syz [ 105.077393][ T34] usb 1-1: config 0 descriptor?? [ 105.115463][ T4024] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 105.133390][ T4024] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 105.452444][ T4024] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 105.677274][ T4024] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 105.746983][ T3638] XFS (loop4): Unmounting Filesystem [ 105.838327][ T4026] chnl_net:caif_netlink_parms(): no params data found [ 106.127001][ T34] Error reading MAC address [ 106.544214][ T3642] Bluetooth: hci3: command tx timeout [ 106.950999][ T4026] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.993013][ T4026] bridge0: port 1(bridge_slave_0) entered disabled state [ 107.033637][ T4026] device bridge_slave_0 entered promiscuous mode [ 107.098067][ T4026] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.129501][ T4026] bridge0: port 2(bridge_slave_1) entered disabled state [ 107.199451][ T4026] device bridge_slave_1 entered promiscuous mode [ 107.253982][ T22] usb 1-1: USB disconnect, device number 3 [ 107.387226][ T4026] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 107.854874][ T4026] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 108.243565][ T4074] loop2: detected capacity change from 0 to 4096 [ 108.264513][ T4026] team0: Port device team_slave_0 added [ 108.288937][ T4026] team0: Port device team_slave_1 added [ 108.363906][ T4074] NILFS (loop2): invalid segment: Checksum error in segment payload [ 108.371727][ T4046] loop1: detected capacity change from 0 to 32768 [ 108.399520][ T4074] NILFS (loop2): trying rollback from an earlier position [ 108.449561][ T4046] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.87 (4046) [ 108.503938][ T4074] NILFS (loop2): recovery complete [ 108.532186][ T4046] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 108.574287][ T4081] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 108.625496][ T3642] Bluetooth: hci3: command tx timeout [ 108.645991][ T4046] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 108.704531][ T4046] BTRFS info (device loop1): using free space tree [ 108.752710][ T4074] overlayfs: upper fs does not support tmpfile. [ 108.789437][ T4074] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 108.842576][ T4074] overlayfs: failed to set xattr on upper [ 108.924352][ T4074] overlayfs: ...falling back to index=off,metacopy=off. [ 108.944447][ T4026] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 108.983003][ T4026] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 109.046579][ T4026] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 109.193771][ T4046] BTRFS error (device loop1): open_ctree failed [ 111.141259][ T3650] Bluetooth: hci3: command tx timeout [ 111.192999][ T4116] loop1: detected capacity change from 0 to 32768 [ 111.200684][ T4116] XFS: noikeep mount option is deprecated. [ 111.286748][ T4116] XFS (loop1): Mounting V5 Filesystem [ 111.452750][ T4116] XFS (loop1): Ending clean mount [ 111.461277][ T4116] XFS (loop1): Quotacheck needed: Please wait. [ 111.523369][ T4116] XFS (loop1): Quotacheck: Done. [ 111.678096][ T4131] loop0: detected capacity change from 0 to 16 [ 111.787143][ T4131] erofs: (device loop0): mounted with root inode @ nid 36. [ 111.804555][ T4131] erofs: (device loop0): z_erofs_readahead: readahead error at page 24 @ nid 36 [ 111.815171][ T4131] erofs: (device loop0): z_erofs_readahead: readahead error at page 19 @ nid 36 [ 111.825321][ T4131] erofs: (device loop0): z_erofs_readahead: readahead error at page 13 @ nid 36 [ 111.835588][ T4131] erofs: (device loop0): z_erofs_readahead: readahead error at page 8 @ nid 36 [ 111.845061][ T4131] syz.0.97: attempt to access beyond end of device [ 111.845061][ T4131] loop0: rw=524288, sector=736, nr_sectors = 112 limit=16 [ 111.860198][ T4131] syz.0.97: attempt to access beyond end of device [ 111.860198][ T4131] loop0: rw=524288, sector=13478624032, nr_sectors = 24 limit=16 [ 111.897440][ T26] audit: type=1326 audit(1723747157.824:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4123 comm="syz.0.97" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5ce95799b9 code=0x0 [ 112.265687][ T3641] XFS (loop1): Unmounting Filesystem [ 112.914473][ T1848] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 113.184153][ T3650] Bluetooth: hci3: command tx timeout [ 113.317909][ T1848] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 113.333583][ T1848] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 113.529554][ T1848] usb 1-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 113.550096][ T1848] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 113.559837][ T1848] usb 1-1: Product: syz [ 113.566998][ T1848] usb 1-1: Manufacturer: syz [ 113.573155][ T1848] usb 1-1: SerialNumber: syz [ 113.583124][ T1848] usb 1-1: config 0 descriptor?? [ 113.614494][ T4133] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 113.624346][ T4133] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 113.864633][ T4133] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 113.874835][ T4133] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 114.019498][ T4150] loop1: detected capacity change from 0 to 64 [ 114.033117][ T4150] hfs: unable to parse mount options [ 114.081019][ T4036] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 114.399144][ T1848] Error reading MAC address [ 115.491594][ T4154] loop2: detected capacity change from 0 to 32768 [ 115.500354][ T4154] XFS: noikeep mount option is deprecated. [ 115.600366][ T4154] XFS (loop2): Mounting V5 Filesystem [ 115.663543][ T3690] usb 1-1: USB disconnect, device number 4 [ 115.701858][ T4154] XFS (loop2): Ending clean mount [ 115.717416][ T4154] XFS (loop2): Quotacheck needed: Please wait. [ 115.862766][ T4154] XFS (loop2): Quotacheck: Done. [ 115.960367][ T4150] loop1: detected capacity change from 0 to 32768 [ 115.995811][ T4167] loop0: detected capacity change from 0 to 1024 [ 116.003533][ T4167] EXT4-fs: Ignoring removed orlov option [ 116.010284][ T4167] EXT4-fs: Ignoring removed nomblk_io_submit option [ 116.096046][ T3648] XFS (loop2): Unmounting Filesystem [ 116.126868][ T4150] XFS (loop1): Mounting V5 Filesystem [ 116.168208][ T4167] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 116.260184][ T4150] XFS (loop1): Ending clean mount [ 116.355929][ T3641] XFS (loop1): Unmounting Filesystem [ 116.367398][ T4026] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 116.478644][ T3645] EXT4-fs (loop0): unmounting filesystem. [ 116.486951][ T4026] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 116.554404][ T4026] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 117.010658][ T3699] device hsr_slave_0 left promiscuous mode [ 117.034900][ T3699] device hsr_slave_1 left promiscuous mode [ 117.090344][ T3699] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 117.165468][ T3699] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 117.184726][ T4192] loop1: detected capacity change from 0 to 256 [ 117.192011][ T4192] exfat: Deprecated parameter 'utf8' [ 117.226220][ T3699] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 117.244509][ T3699] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 117.246991][ T4192] exfat: Deprecated parameter 'utf8' [ 117.265427][ T3699] device bridge_slave_1 left promiscuous mode [ 117.305786][ T3699] bridge0: port 2(bridge_slave_1) entered disabled state [ 117.333361][ T3699] device bridge_slave_0 left promiscuous mode [ 117.359246][ T4192] exfat: Deprecated parameter 'utf8' [ 117.359416][ T3699] bridge0: port 1(bridge_slave_0) entered disabled state [ 117.422472][ T4192] exfat: Deprecated parameter 'utf8' [ 117.435760][ T3699] device veth1_macvtap left promiscuous mode [ 117.449903][ T4192] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xac5c0b1f, utbl_chksum : 0xe619d30d) [ 117.454769][ T3699] device veth0_macvtap left promiscuous mode [ 117.523936][ T3699] device veth1_vlan left promiscuous mode [ 117.541102][ T3699] device veth0_vlan left promiscuous mode [ 117.674784][ T3690] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 118.094424][ T3690] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 118.120771][ T3690] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 118.182267][ T4209] nbd4: detected capacity change from 0 to 8388607 [ 118.304497][ T3690] usb 1-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 118.339738][ T3690] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 118.371108][ T3690] usb 1-1: Product: syz [ 118.400528][ T3690] usb 1-1: Manufacturer: syz [ 118.406555][ T3690] usb 1-1: SerialNumber: syz [ 118.442269][ T3690] usb 1-1: config 0 descriptor?? [ 118.475486][ T4196] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 118.489948][ T4196] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 118.719963][ T4196] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 118.741065][ T4196] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 118.782182][ T4206] loop1: detected capacity change from 0 to 32768 [ 118.809997][ T4206] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.120 (4206) [ 118.864005][ T4206] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 118.893264][ T4206] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 118.917187][ T4206] BTRFS info (device loop1): enabling auto defrag [ 118.940194][ T3699] team0 (unregistering): Port device team_slave_1 removed [ 118.951341][ T3650] block nbd4: Receive control failed (result -104) [ 118.959893][ T4206] BTRFS info (device loop1): max_inline at 0 [ 118.989248][ T4206] BTRFS info (device loop1): enabling ssd optimizations [ 119.007070][ T4206] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_LZO (0x8) [ 119.044902][ T4206] BTRFS info (device loop1): use lzo compression, level 0 [ 119.076181][ T4206] BTRFS info (device loop1): not using ssd optimizations [ 119.086956][ T3699] team0 (unregistering): Port device team_slave_0 removed [ 119.114674][ T4206] BTRFS info (device loop1): using free space tree [ 119.210754][ T3690] Error reading MAC address [ 119.254463][ T3699] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 119.428834][ T3699] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 119.496567][ T26] audit: type=1800 audit(1723747165.444:67): pid=4206 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.120" name="file0" dev="loop1" ino=258 res=0 errno=0 [ 119.547129][ T4206] fs-verity: sha512 using implementation "sha512-avx2" [ 119.612067][ T4206] BTRFS info (device loop1): setting compat-ro feature flag for VERITY (0x4) [ 119.929959][ T3641] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 120.442455][ T7] usb 1-1: USB disconnect, device number 5 [ 120.586815][ T4242] loop1: detected capacity change from 0 to 512 [ 120.771994][ T4240] loop2: detected capacity change from 0 to 32768 [ 120.805839][ T4242] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 120.823511][ T4240] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.127 (4240) [ 120.844384][ T4242] ext4 filesystem being mounted at /26/file0 supports timestamps until 2038 (0x7fffffff) [ 120.869860][ T4242] EXT4-fs error (device loop1): ext4_do_update_inode:5221: inode #2: comm syz.1.126: corrupted inode contents [ 120.888080][ T4242] EXT4-fs error (device loop1): ext4_dirty_inode:6083: inode #2: comm syz.1.126: mark_inode_dirty error [ 120.918023][ T4242] EXT4-fs error (device loop1): ext4_do_update_inode:5221: inode #2: comm syz.1.126: corrupted inode contents [ 120.925885][ T4240] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 120.964341][ T4240] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 120.973725][ T4242] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #2: comm syz.1.126: mark_inode_dirty error [ 120.994618][ T4240] BTRFS info (device loop2): setting nodatacow, compression disabled [ 121.023821][ T4240] BTRFS info (device loop2): enabling auto defrag [ 121.050308][ T4240] BTRFS info (device loop2): max_inline at 0 [ 121.073372][ T4240] BTRFS info (device loop2): using free space tree [ 121.180515][ T3641] EXT4-fs (loop1): unmounting filesystem. [ 121.360616][ T3699] bond0 (unregistering): Released all slaves [ 121.524807][ T4026] device hsr_slave_0 entered promiscuous mode [ 121.559822][ T4026] device hsr_slave_1 entered promiscuous mode [ 121.581250][ T4026] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 121.601418][ T4026] Cannot create hsr debugfs directory [ 121.614570][ T3648] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 122.494169][ T22] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 122.884538][ T22] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 123.024622][ T22] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 123.066028][ T22] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 123.125515][ T22] usb 3-1: SerialNumber: syz [ 123.161198][ T4026] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 123.195573][ T22] usb 3-1: bad CDC descriptors [ 123.251197][ T4026] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 123.292880][ T4026] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 123.332028][ T4026] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 123.448995][ T7] usb 3-1: USB disconnect, device number 2 [ 123.868409][ T4026] 8021q: adding VLAN 0 to HW filter on device bond0 [ 123.916822][ T2548] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 123.931599][ T2548] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 123.959373][ T4026] 8021q: adding VLAN 0 to HW filter on device team0 [ 123.989354][ T2548] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 124.010590][ T2548] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 124.028895][ T2548] bridge0: port 1(bridge_slave_0) entered blocking state [ 124.038959][ T2548] bridge0: port 1(bridge_slave_0) entered forwarding state [ 124.091077][ T2548] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 124.148576][ T2548] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 124.228145][ T2548] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 124.259609][ T2548] bridge0: port 2(bridge_slave_1) entered blocking state [ 124.268965][ T2548] bridge0: port 2(bridge_slave_1) entered forwarding state [ 124.312253][ T2548] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 124.351355][ T2548] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 124.423292][ T2548] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 124.456531][ T2548] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 124.490917][ T2548] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 124.536172][ T2548] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 124.592087][ T2548] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 124.638726][ T3691] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 124.659648][ T2548] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 124.706599][ T2548] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 124.745724][ T2548] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 124.805303][ T2548] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 124.865399][ T4026] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 125.084452][ T3691] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 125.192185][ T3691] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 125.376066][ T3691] usb 3-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 125.401995][ T3691] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 125.514193][ T3691] usb 3-1: Product: syz [ 125.524247][ T3691] usb 3-1: Manufacturer: syz [ 125.532164][ T3691] usb 3-1: SerialNumber: syz [ 125.652189][ T3691] usb 3-1: config 0 descriptor?? [ 125.695899][ T4326] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 125.711583][ T4326] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 126.001579][ T4326] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 126.066259][ T4326] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 126.206200][ T4348] loop0: detected capacity change from 0 to 512 [ 126.379513][ T4348] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.141: bg 0: block 393: padding at end of block bitmap is not set [ 126.400178][ T4026] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 126.422943][ T3951] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 126.453965][ T3951] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 126.517789][ T4348] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6172: Corrupt filesystem [ 126.525204][ T2548] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 126.562811][ T4348] EXT4-fs (loop0): 2 truncates cleaned up [ 126.574665][ T3691] Error reading MAC address [ 126.575677][ T2548] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 126.627600][ T4348] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 126.745532][ T3953] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 126.787348][ T3953] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 126.830436][ T3953] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 127.092203][ T3953] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 127.145574][ T4026] device veth0_vlan entered promiscuous mode [ 127.346089][ T4026] device veth1_vlan entered promiscuous mode [ 127.429361][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 127.531627][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 127.589447][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 127.630836][ T4026] device veth0_macvtap entered promiscuous mode [ 127.678435][ T4026] device veth1_macvtap entered promiscuous mode [ 127.708101][ T3691] usb 3-1: USB disconnect, device number 3 [ 127.862988][ T4026] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 127.886696][ T4373] loop2: detected capacity change from 0 to 128 [ 127.952048][ T4026] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 127.971398][ T4026] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 128.010193][ T4026] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 128.061734][ T4026] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 128.156957][ T4026] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 128.226740][ T4026] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 128.294246][ T4026] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 128.321368][ T4026] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 128.362779][ T4380] tipc: Started in network mode [ 128.414229][ T4380] tipc: Node identity f7, cluster identity 4711 [ 128.436880][ T4380] tipc: Node number set to 247 [ 128.632126][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 128.665282][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 128.700919][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 128.725172][ T4373] loop2: detected capacity change from 0 to 32768 [ 128.736305][ T4373] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.145 (4373) [ 128.801502][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 128.932336][ T4373] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 128.945194][ T4373] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 128.955281][ T4373] BTRFS info (device loop2): doing ref verification [ 128.962485][ T4373] BTRFS info (device loop2): doing ref verification [ 128.972367][ T4373] BTRFS info (device loop2): max_inline at 4096 [ 128.979055][ T4373] BTRFS info (device loop2): max_inline at 4096 [ 128.988114][ T4373] BTRFS info (device loop2): turning off barriers [ 128.995391][ T4373] BTRFS info (device loop2): using free space tree [ 129.897264][ T4026] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 130.041267][ T4026] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 130.104007][ T4026] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 130.222701][ T4026] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 130.274522][ T3639] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 130.284625][ T4026] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 130.297079][ T3642] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 130.317149][ T3642] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 130.327772][ T3642] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 130.339210][ T4026] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 130.354318][ T4026] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 130.371640][ T4026] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 130.385025][ T3642] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 130.395915][ T3642] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 130.405472][ T3642] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 130.436787][ T4026] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 130.448361][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 130.524371][ T3639] usb 2-1: Using ep0 maxpacket: 32 [ 130.531233][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 130.644362][ T3639] usb 2-1: config 0 has no interfaces? [ 130.655633][ T4026] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 130.842229][ T3639] usb 2-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=17.22 [ 130.878671][ T4026] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.058152][ T3639] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 131.079245][ T3639] usb 2-1: Product: syz [ 131.172482][ T3639] usb 2-1: Manufacturer: syz [ 131.190224][ T3639] usb 2-1: SerialNumber: syz [ 131.360033][ T3639] usb 2-1: config 0 descriptor?? [ 131.740539][ T26] audit: type=1800 audit(1723747177.684:68): pid=4418 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.145" name="file0" dev="loop2" ino=258 res=0 errno=0 [ 131.758702][ T4418] BTRFS info (device loop2): setting compat-ro feature flag for VERITY (0x4) [ 132.556120][ T3642] Bluetooth: hci5: command tx timeout [ 132.711687][ T1270] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.748974][ T1270] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.593621][ T4026] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 133.856487][ T4026] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 133.945419][ T3645] EXT4-fs (loop0): unmounting filesystem. [ 133.967929][ T4393] netlink: 8 bytes leftover after parsing attributes in process `syz.1.149'. [ 133.987636][ T4393] netlink: 4 bytes leftover after parsing attributes in process `syz.1.149'. [ 134.225606][ T22] usb 2-1: USB disconnect, device number 3 [ 134.431111][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 134.514265][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 134.612804][ T32] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 134.621142][ T4072] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 134.632804][ T3642] Bluetooth: hci5: command tx timeout [ 134.643734][ T32] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 134.655467][ T3648] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 134.830117][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 135.078934][ T4410] chnl_net:caif_netlink_parms(): no params data found [ 135.164159][ T152] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 135.390067][ T4410] bridge0: port 1(bridge_slave_0) entered blocking state [ 135.403190][ T4410] bridge0: port 1(bridge_slave_0) entered disabled state [ 135.441336][ T4410] device bridge_slave_0 entered promiscuous mode [ 135.486925][ T4410] bridge0: port 2(bridge_slave_1) entered blocking state [ 135.499658][ T4410] bridge0: port 2(bridge_slave_1) entered disabled state [ 135.524481][ T152] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 135.562027][ T152] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 135.568672][ T4410] device bridge_slave_1 entered promiscuous mode [ 135.737548][ T4410] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 135.754449][ T152] usb 2-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 135.760928][ T4410] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 135.766081][ T4106] usb 4-1: new full-speed USB device number 2 using dummy_hcd [ 135.853510][ T4410] team0: Port device team_slave_0 added [ 135.891283][ T4410] team0: Port device team_slave_1 added [ 135.972575][ T152] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 136.004198][ T152] usb 2-1: Product: syz [ 136.014799][ T152] usb 2-1: Manufacturer: syz [ 136.045233][ T152] usb 2-1: SerialNumber: syz [ 136.056255][ T152] usb 2-1: config 0 descriptor?? [ 136.074419][ T4435] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 136.092834][ T4410] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 136.108962][ T4435] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 136.154704][ T4410] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 136.220649][ T4410] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 136.252214][ T4410] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 136.261978][ T4410] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 136.321906][ T4410] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 136.368791][ T4106] usb 4-1: config 0 has an invalid interface number: 22 but max is 0 [ 136.408902][ T4435] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 136.432598][ T4106] usb 4-1: config 0 has no interface number 0 [ 136.437635][ T4410] device hsr_slave_0 entered promiscuous mode [ 136.463207][ T4435] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 136.474230][ T4106] usb 4-1: too many endpoints for config 0 interface 22 altsetting 128: 202, using maximum allowed: 30 [ 136.491835][ T4410] device hsr_slave_1 entered promiscuous mode [ 136.504236][ T4410] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 136.508766][ T4106] usb 4-1: config 0 interface 22 altsetting 128 has 0 endpoint descriptors, different from the interface descriptor's value: 202 [ 136.515989][ T4410] Cannot create hsr debugfs directory [ 136.541316][ T4106] usb 4-1: config 0 interface 22 has no altsetting 0 [ 136.550373][ T4106] usb 4-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c [ 136.560324][ T4106] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 136.585268][ T4106] usb 4-1: config 0 descriptor?? [ 136.694240][ T1848] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 136.706537][ T3650] Bluetooth: hci5: command tx timeout [ 136.924591][ T152] Error reading MAC address [ 136.994551][ T1848] usb 1-1: Using ep0 maxpacket: 32 [ 137.022339][ T4410] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 137.038457][ T4106] usb 4-1: string descriptor 0 read error: -71 [ 137.125876][ T1848] usb 1-1: config 0 has no interfaces? [ 137.125968][ T4106] pegasus: probe of 4-1:0.22 failed with error -71 [ 137.145955][ T4410] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 137.172987][ T4106] usb 4-1: USB disconnect, device number 2 [ 137.266598][ T4410] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 137.314393][ T1848] usb 1-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=17.22 [ 137.325386][ T1848] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 137.334249][ T1848] usb 1-1: Product: syz [ 137.339413][ T1848] usb 1-1: Manufacturer: syz [ 137.344933][ T1848] usb 1-1: SerialNumber: syz [ 137.366103][ T1848] usb 1-1: config 0 descriptor?? [ 137.450830][ T4410] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 137.629886][ T4477] netlink: 8 bytes leftover after parsing attributes in process `syz.0.159'. [ 137.699694][ T4477] netlink: 4 bytes leftover after parsing attributes in process `syz.0.159'. [ 137.940967][ T3687] usb 1-1: USB disconnect, device number 6 [ 137.973000][ T4410] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 137.999646][ T4410] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 138.038074][ T4410] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 138.046472][ T1848] usb 2-1: USB disconnect, device number 4 [ 138.082695][ T4410] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 138.343986][ T4410] 8021q: adding VLAN 0 to HW filter on device bond0 [ 138.434864][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 138.464141][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 138.487372][ T4410] 8021q: adding VLAN 0 to HW filter on device team0 [ 139.475759][ T3642] Bluetooth: hci5: command tx timeout [ 139.562669][ T26] audit: type=1326 audit(1723747185.504:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4496 comm="syz.1.165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a903799b9 code=0x7fc00000 [ 139.644610][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 139.678710][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 139.716795][ T26] audit: type=1326 audit(1723747185.664:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4496 comm="syz.1.165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f8a903799b9 code=0x7fc00000 [ 139.802350][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 139.812088][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 139.868049][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 140.064783][ T26] audit: type=1326 audit(1723747185.664:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4496 comm="syz.1.165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a903799b9 code=0x7fc00000 [ 140.239993][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 140.253507][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 140.267320][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 140.277942][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 140.292515][ T26] audit: type=1326 audit(1723747185.664:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4496 comm="syz.1.165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a903799b9 code=0x7fc00000 [ 140.963164][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 141.035363][ T26] audit: type=1326 audit(1723747185.664:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4496 comm="syz.1.165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a903799b9 code=0x7fc00000 [ 141.099149][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 141.161989][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 141.222985][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 141.238376][ T26] audit: type=1326 audit(1723747185.664:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4496 comm="syz.1.165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a903799b9 code=0x7fc00000 [ 141.273408][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 141.297442][ T26] audit: type=1326 audit(1723747185.664:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4496 comm="syz.1.165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a903799b9 code=0x7fc00000 [ 141.307972][ T4520] netlink: 'syz.0.170': attribute type 10 has an invalid length. [ 141.350898][ T26] audit: type=1326 audit(1723747185.664:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4496 comm="syz.1.165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a903799b9 code=0x7fc00000 [ 141.417915][ T26] audit: type=1326 audit(1723747185.664:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4496 comm="syz.1.165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a903799b9 code=0x7fc00000 [ 141.479610][ T4520] team0: Port device netdevsim0 added [ 141.503763][ T26] audit: type=1326 audit(1723747185.664:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4496 comm="syz.1.165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a903799b9 code=0x7fc00000 [ 141.541504][ T4523] netlink: 'syz.0.170': attribute type 10 has an invalid length. [ 141.583976][ T4523] team0: Failed to send port change of device netdevsim0 via netlink (err -105) [ 141.650402][ T4523] team0: Failed to send options change via netlink (err -105) [ 141.662705][ T4523] team0: Failed to send port change of device netdevsim0 via netlink (err -105) [ 141.682303][ T4523] team0: Port device netdevsim0 removed [ 141.704686][ T4523] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 141.735021][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 141.750459][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 141.803179][ T4072] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 141.821761][ T4072] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 141.850770][ T4506] loop2: detected capacity change from 0 to 32768 [ 141.880661][ T4072] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 141.892883][ T4072] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 141.906967][ T4410] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 142.027942][ T4506] XFS (loop2): Mounting V5 Filesystem [ 142.134113][ T4506] XFS (loop2): Ending clean mount [ 142.424470][ T3690] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 142.924766][ T3690] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 143.011216][ T3690] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 143.152856][ T3648] XFS (loop2): Unmounting Filesystem [ 143.284373][ T3690] usb 4-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 143.296886][ T3690] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 143.330050][ T3690] usb 4-1: Product: syz [ 143.336533][ T3690] usb 4-1: Manufacturer: syz [ 143.342511][ T3690] usb 4-1: SerialNumber: syz [ 143.378086][ T3690] usb 4-1: config 0 descriptor?? [ 143.425367][ T4539] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 143.446611][ T4539] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 143.590400][ T4072] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 143.618163][ T4072] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 143.652582][ T4410] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 143.710721][ T4539] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 143.723806][ T4539] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 143.982582][ T4562] loop1: detected capacity change from 0 to 128 [ 144.030314][ T4562] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 144.214383][ T3690] Error reading MAC address [ 144.274554][ T4562] loop1: detected capacity change from 128 to 0 [ 144.479886][ T4569] fuse: Bad value for 'fd' [ 144.495741][ T4569] Invalid ELF header magic: != ELF [ 144.531876][ T3641] FAT-fs (loop1): error, invalid access to FAT (entry 0x0affffff) [ 144.559972][ T3641] FAT-fs (loop1): Filesystem has been set read-only [ 144.899579][ T4072] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 144.937702][ T4072] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 144.996247][ T4572] netlink: 16 bytes leftover after parsing attributes in process `syz.1.182'. [ 145.145903][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 145.215291][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 145.285993][ T3690] usb 4-1: USB disconnect, device number 3 [ 145.305945][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 145.365647][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 145.457865][ T4410] device veth0_vlan entered promiscuous mode [ 145.597186][ T4410] device veth1_vlan entered promiscuous mode [ 145.785035][ T4072] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 145.809203][ T4072] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 145.824299][ T22] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 145.853636][ T4072] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 145.895404][ T4072] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 145.936180][ T4410] device veth0_macvtap entered promiscuous mode [ 146.004655][ T4410] device veth1_macvtap entered promiscuous mode [ 146.124153][ T22] usb 3-1: Using ep0 maxpacket: 32 [ 146.151837][ T4410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 146.167532][ T4410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 146.191077][ T4410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 146.223299][ T4410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 146.294361][ T22] usb 3-1: config 0 has no interfaces? [ 146.331290][ T4410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 146.448182][ T4410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 146.475314][ T22] usb 3-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=17.22 [ 146.509742][ T4410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 146.528487][ T22] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 146.562717][ T22] usb 3-1: Product: syz [ 146.570595][ T4410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 146.593712][ T22] usb 3-1: Manufacturer: syz [ 146.614387][ T22] usb 3-1: SerialNumber: syz [ 146.634368][ T4410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 146.671799][ T22] usb 3-1: config 0 descriptor?? [ 146.684111][ T4410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 146.764794][ T4410] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 146.835811][ T4072] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 146.870208][ T4072] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 146.964255][ T4410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 146.995617][ T4410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 147.039922][ T4410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 147.087543][ T4410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 147.102061][ T4410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 147.118319][ T4410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 147.137385][ T4410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 147.158429][ T4410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 147.171889][ T4410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 147.189112][ T4410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 147.206080][ T4410] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 148.191859][ T4577] netlink: 8 bytes leftover after parsing attributes in process `syz.2.177'. [ 148.234860][ T4577] netlink: 4 bytes leftover after parsing attributes in process `syz.2.177'. [ 148.292300][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 148.334298][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 148.399233][ T4410] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.434624][ T4410] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.456187][ T4410] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.466590][ T4410] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.541007][ T22] usb 3-1: USB disconnect, device number 4 [ 148.707881][ T52] block nbd4: Possible stuck request ffff888020360000: control (read@0,4096B). Runtime 30 seconds [ 148.751964][ T32] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 148.770705][ T32] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 148.795696][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 148.889822][ T32] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 148.920161][ T32] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 148.951720][ T4072] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 152.830496][ T4646] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 152.964118][ T22] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 153.264579][ T22] usb 3-1: Using ep0 maxpacket: 32 [ 153.395451][ T22] usb 3-1: config 0 has no interfaces? [ 153.563958][ T4656] loop1: detected capacity change from 0 to 4096 [ 153.584901][ T22] usb 3-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=17.22 [ 153.643553][ T22] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 153.701336][ T22] usb 3-1: Product: syz [ 153.726557][ T22] usb 3-1: Manufacturer: syz [ 153.748638][ T22] usb 3-1: SerialNumber: syz [ 153.780907][ T4660] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 153.799471][ T22] usb 3-1: config 0 descriptor?? [ 153.829934][ T4659] loop4: detected capacity change from 0 to 1024 [ 153.866884][ T4659] EXT4-fs (loop4): INFO: recovery required on readonly filesystem [ 153.877109][ T4659] EXT4-fs (loop4): write access will be enabled during recovery [ 153.892762][ T4659] JBD2: no valid journal superblock found [ 153.903230][ T4659] EXT4-fs (loop4): error loading journal [ 154.051598][ T3982] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 154.069406][ T4648] netlink: 8 bytes leftover after parsing attributes in process `syz.2.203'. [ 154.094215][ T4648] netlink: 4 bytes leftover after parsing attributes in process `syz.2.203'. [ 154.142102][ T26] kauditd_printk_skb: 59 callbacks suppressed [ 154.142129][ T26] audit: type=1804 audit(1723747200.084:138): pid=4656 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.205" name="/newroot/52/file0/bus" dev="loop1" ino=18 res=1 errno=0 [ 154.230980][ T22] usb 3-1: USB disconnect, device number 5 [ 154.372911][ T26] audit: type=1804 audit(1723747200.174:139): pid=4661 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.205" name="/newroot/52/file0/bus" dev="loop1" ino=18 res=1 errno=0 [ 154.594399][ T7] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 154.866479][ T7] usb 2-1: Using ep0 maxpacket: 16 [ 155.024652][ T7] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 155.114233][ T7] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 155.134286][ T7] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 155.208981][ T7] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 155.302248][ T7] usb 2-1: config 0 descriptor?? [ 161.331249][ T7] usbhid 2-1:0.0: can't add hid device: -32 [ 161.350445][ T7] usbhid: probe of 2-1:0.0 failed with error -32 [ 161.677785][ T3687] usb 2-1: USB disconnect, device number 5 [ 162.630053][ T4689] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 162.894706][ T7] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 163.081819][ T4707] loop3: detected capacity change from 0 to 16 [ 163.090213][ T3650] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 163.105398][ T4707] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 163.115067][ T3650] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 163.130679][ T3650] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 163.141242][ T3650] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 163.153858][ T3650] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 163.154140][ T7] usb 2-1: Using ep0 maxpacket: 32 [ 163.170237][ T48] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 163.414496][ T7] usb 2-1: config 0 has no interfaces? [ 163.575737][ T7] usb 2-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=17.22 [ 163.611936][ T7] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 163.634114][ T7] usb 2-1: Product: syz [ 163.649618][ T7] usb 2-1: Manufacturer: syz [ 163.660169][ T7] usb 2-1: SerialNumber: syz [ 163.672817][ T7] usb 2-1: config 0 descriptor?? [ 163.918040][ T4697] netlink: 8 bytes leftover after parsing attributes in process `syz.1.218'. [ 163.948507][ T4697] netlink: 4 bytes leftover after parsing attributes in process `syz.1.218'. [ 164.036378][ T3690] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 164.155600][ T4704] chnl_net:caif_netlink_parms(): no params data found [ 167.797659][ T3687] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 167.798331][ T3650] Bluetooth: hci6: command tx timeout [ 168.001211][ T3639] usb 2-1: USB disconnect, device number 6 [ 168.346788][ T4704] bridge0: port 1(bridge_slave_0) entered blocking state [ 168.404706][ T4704] bridge0: port 1(bridge_slave_0) entered disabled state [ 168.485291][ T4704] device bridge_slave_0 entered promiscuous mode [ 168.511917][ T4738] loop1: detected capacity change from 0 to 512 [ 168.558300][ T4704] bridge0: port 2(bridge_slave_1) entered blocking state [ 168.640207][ T4738] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz.1.229: casefold flag without casefold feature [ 168.657621][ T4704] bridge0: port 2(bridge_slave_1) entered disabled state [ 168.747159][ T4738] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #2: comm syz.1.229: missing EA_INODE flag [ 168.772947][ T4704] device bridge_slave_1 entered promiscuous mode [ 168.808377][ T4738] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.229: error while reading EA inode 2 err=-117 [ 168.910070][ T4738] EXT4-fs (loop1): 1 orphan inode deleted [ 168.964231][ T4738] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 168.983875][ T4750] loop3: detected capacity change from 0 to 64 [ 169.015031][ T4704] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 169.059952][ T4750] hfs: unable to parse mount options [ 169.081338][ T4704] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 169.136710][ T4036] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 169.294225][ T3721] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 169.357208][ T4704] team0: Port device team_slave_0 added [ 169.432916][ T4704] team0: Port device team_slave_1 added [ 169.570067][ T4704] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 169.595840][ T3721] usb 2-1: Using ep0 maxpacket: 32 [ 169.614344][ T4704] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 169.784487][ T3721] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 169.811976][ T3721] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 169.832314][ T4704] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 169.897525][ T3721] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 169.908117][ T3650] Bluetooth: hci6: command tx timeout [ 169.944322][ T3721] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 169.966416][ T3721] usb 2-1: config 0 descriptor?? [ 169.974434][ T4704] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 170.016655][ T3721] hub 2-1:0.0: USB hub found [ 170.046817][ T4704] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 170.228371][ T3721] hub 2-1:0.0: 1 port detected [ 170.241555][ T4704] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 170.464825][ T3721] hub 2-1:0.0: hub_hub_status failed (err = -71) [ 170.514246][ T3721] hub 2-1:0.0: config failed, can't get hub status (err -71) [ 170.565458][ T4704] device hsr_slave_0 entered promiscuous mode [ 170.614444][ T4704] device hsr_slave_1 entered promiscuous mode [ 170.677244][ T4704] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 170.695713][ T3721] usbhid 2-1:0.0: can't add hid device: -71 [ 170.703323][ T3721] usbhid: probe of 2-1:0.0 failed with error -71 [ 170.714103][ T4704] Cannot create hsr debugfs directory [ 170.795844][ T3687] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 170.826623][ T3721] usb 2-1: USB disconnect, device number 7 [ 170.873810][ T4754] loop4: detected capacity change from 0 to 32768 [ 170.942736][ T4754] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.234 (4754) [ 171.010662][ T4750] loop3: detected capacity change from 0 to 32768 [ 171.070927][ T4754] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 171.108313][ T3641] EXT4-fs (loop1): unmounting filesystem. [ 171.135059][ T4754] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 171.204657][ T3687] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 171.284299][ T3687] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 171.314562][ T4754] BTRFS info (device loop4): using free space tree [ 171.376112][ T3687] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 171.474670][ T3687] usb 3-1: New USB device found, idVendor=046d, idProduct=c293, bcdDevice= 0.00 [ 171.514314][ T3687] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 171.560980][ T4750] XFS (loop3): Mounting V5 Filesystem [ 171.624968][ T3687] usb 3-1: config 0 descriptor?? [ 171.658836][ T4754] BTRFS info (device loop4): enabling ssd optimizations [ 171.824951][ T4750] XFS (loop3): Ending clean mount [ 171.844248][ T7] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 171.985316][ T3650] Bluetooth: hci6: command tx timeout [ 172.164419][ T7] usb 2-1: Using ep0 maxpacket: 32 [ 172.242985][ T3687] logitech 0003:046D:C293.0001: item fetching failed at offset 5/7 [ 172.264913][ T4026] XFS (loop3): Unmounting Filesystem [ 172.275255][ T3687] logitech 0003:046D:C293.0001: parse failed [ 172.294547][ T7] usb 2-1: config 0 has no interfaces? [ 172.310059][ T4704] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.312846][ T3687] logitech: probe of 0003:046D:C293.0001 failed with error -22 [ 172.474544][ T7] usb 2-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=17.22 [ 172.505418][ T7] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 172.533293][ T7] usb 2-1: Product: syz [ 172.534642][ T3951] BTRFS info (device loop4): qgroup scan completed (inconsistency flag cleared) [ 172.543883][ T7] usb 2-1: Manufacturer: syz [ 172.603936][ T7] usb 2-1: SerialNumber: syz [ 172.691811][ T7] usb 2-1: config 0 descriptor?? [ 172.908701][ T4410] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 172.950474][ T4704] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 173.008917][ T4768] netlink: 8 bytes leftover after parsing attributes in process `syz.1.238'. [ 173.026948][ T4768] netlink: 4 bytes leftover after parsing attributes in process `syz.1.238'. [ 173.890804][ T4704] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 173.892316][ T4797] usb 3-1: USB disconnect, device number 7 [ 174.064361][ T3650] Bluetooth: hci6: command tx timeout [ 174.160423][ T4799] usb 2-1: USB disconnect, device number 8 [ 174.329564][ T4704] bond0: (slave netdevsim0): Releasing backup interface [ 174.440904][ T4704] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 175.045507][ T4815] loop1: detected capacity change from 0 to 16 [ 175.160360][ T4815] erofs: (device loop1): mounted with root inode @ nid 36. [ 175.327958][ T4818] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 175.409018][ T4818] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -18 in[46, 4050] out[1851] [ 175.443409][ T4818] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117] [ 175.510142][ T4817] loop2: detected capacity change from 0 to 164 [ 175.513163][ T4818] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 175.541362][ T4818] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -18 in[46, 4050] out[1851] [ 175.616509][ T4818] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117] [ 176.038742][ T4704] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 176.347530][ T4704] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 176.409064][ T4704] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 176.504288][ T4704] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 176.653687][ T4829] loop1: detected capacity change from 0 to 512 [ 176.709970][ T4829] ======================================================= [ 176.709970][ T4829] WARNING: The mand mount option has been deprecated and [ 176.709970][ T4829] and is ignored by this kernel. Remove the mand [ 176.709970][ T4829] option from the mount to silence this warning. [ 176.709970][ T4829] ======================================================= [ 176.798052][ T4810] loop3: detected capacity change from 0 to 2048 [ 176.866478][ T4829] EXT4-fs: Ignoring removed nomblk_io_submit option [ 176.884630][ T4810] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 176.926800][ T4810] ext4 filesystem being mounted at /22/file0 supports timestamps until 2038 (0x7fffffff) [ 176.992760][ T4829] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 177.080645][ T4829] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c802e02c, mo2=0003] [ 177.108966][ T4810] EXT4-fs error (device loop3): ext4_find_dest_de:2113: inode #2: block 16: comm syz.3.242: bad entry in directory: rec_len is smaller than minimal - offset=108, inode=646161, rec_len=0, size=4096 fake=0 [ 177.159809][ T4829] EXT4-fs (loop1): orphan cleanup on readonly fs [ 177.204815][ T4829] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #11: comm syz.1.249: attempt to clear invalid blocks 1024 len 1 [ 177.269965][ T4829] EXT4-fs (loop1): Remounting filesystem read-only [ 177.287233][ T4828] EXT4-fs error (device loop3): ext4_find_dest_de:2113: inode #2: block 16: comm syz.3.242: bad entry in directory: rec_len is smaller than minimal - offset=108, inode=646161, rec_len=0, size=4096 fake=0 [ 177.313968][ T4829] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.249: bg 0: block 361: padding at end of block bitmap is not set [ 177.345513][ C0] vkms_vblank_simulate: vblank timer overrun [ 177.373413][ T4829] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6172: Corrupt filesystem [ 177.391042][ T4829] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.249: invalid indirect mapped block 1811939328 (level 0) [ 177.415370][ C0] vkms_vblank_simulate: vblank timer overrun [ 177.443330][ T4829] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.249: invalid indirect mapped block 2185560079 (level 1) [ 177.493012][ T4829] EXT4-fs (loop1): 1 truncate cleaned up [ 177.532445][ T4829] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 177.584406][ T3639] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 177.723761][ T4704] 8021q: adding VLAN 0 to HW filter on device bond0 [ 177.771987][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 177.808035][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 177.871973][ T4704] 8021q: adding VLAN 0 to HW filter on device team0 [ 177.883794][ T3639] usb 3-1: Using ep0 maxpacket: 32 [ 177.969132][ T3950] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 178.109669][ T3950] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 178.188093][ T4851] EXT4-fs warning (device loop1): dx_probe:893: inode #2: comm syz.1.249: dx entry: limit 0 != root limit 125 [ 178.204716][ T4851] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.249: Corrupt directory, running e2fsck is recommended [ 178.254441][ T4851] EXT4-fs warning (device loop1): dx_probe:893: inode #2: comm syz.1.249: dx entry: limit 0 != root limit 125 [ 178.274081][ T4851] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.249: Corrupt directory, running e2fsck is recommended [ 178.531539][ T4026] EXT4-fs (loop3): unmounting filesystem. [ 178.629142][ T3950] bridge0: port 1(bridge_slave_0) entered blocking state [ 178.641157][ T3950] bridge0: port 1(bridge_slave_0) entered forwarding state [ 178.760496][ T3639] usb 3-1: config 0 has no interfaces? [ 178.793653][ T52] block nbd4: Possible stuck request ffff888020360000: control (read@0,4096B). Runtime 60 seconds [ 178.910785][ T4850] device vlan3 entered promiscuous mode [ 178.917583][ T4850] device macvtap0 entered promiscuous mode [ 178.935377][ T4850] device macvtap0 left promiscuous mode [ 178.944863][ T3639] usb 3-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=17.22 [ 178.983123][ T3639] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 179.008377][ T3639] usb 3-1: Product: syz [ 179.028243][ T3639] usb 3-1: Manufacturer: syz [ 179.039842][ T3950] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 179.056135][ T3639] usb 3-1: SerialNumber: syz [ 179.130436][ T3639] usb 3-1: config 0 descriptor?? [ 179.166926][ T3699] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 179.212036][ T3699] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 179.225895][ T3699] bridge0: port 2(bridge_slave_1) entered blocking state [ 179.234702][ T3699] bridge0: port 2(bridge_slave_1) entered forwarding state [ 179.333932][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 179.411832][ T4841] netlink: 8 bytes leftover after parsing attributes in process `syz.2.255'. [ 179.424898][ T4841] netlink: 4 bytes leftover after parsing attributes in process `syz.2.255'. [ 179.443655][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 179.468462][ T3950] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 179.486612][ T3950] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 179.490301][ T4280] usb 3-1: USB disconnect, device number 8 [ 179.503135][ T3950] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 179.696083][ T3950] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 179.719462][ T3950] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 179.757905][ T3950] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 179.773621][ T3950] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 179.786955][ T3950] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 179.802055][ T3950] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 179.897044][ T4704] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 180.261050][ T3641] EXT4-fs (loop1): unmounting filesystem. [ 180.363757][ T102] device hsr_slave_0 left promiscuous mode [ 180.424418][ T102] device hsr_slave_1 left promiscuous mode [ 180.507130][ T102] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 180.554313][ T102] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 180.604410][ T102] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 180.683366][ T102] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 180.739482][ T102] device bridge_slave_1 left promiscuous mode [ 180.799901][ T102] bridge0: port 2(bridge_slave_1) entered disabled state [ 180.882298][ T102] device bridge_slave_0 left promiscuous mode [ 180.893891][ T102] bridge0: port 1(bridge_slave_0) entered disabled state [ 181.013388][ T102] device veth1_macvtap left promiscuous mode [ 181.059263][ T102] device veth0_macvtap left promiscuous mode [ 181.136246][ T102] device veth1_vlan left promiscuous mode [ 181.210856][ T102] device veth0_vlan left promiscuous mode [ 181.979188][ T4914] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 183.463947][ C0] vkms_vblank_simulate: vblank timer overrun [ 183.606378][ T4924] loop1: detected capacity change from 0 to 32768 [ 183.619981][ T4924] XFS: noikeep mount option is deprecated. [ 183.716262][ T4924] XFS (loop1): Mounting V5 Filesystem [ 183.861328][ T4924] XFS (loop1): Ending clean mount [ 183.875585][ T4924] XFS (loop1): Quotacheck needed: Please wait. [ 184.013110][ T4924] XFS (loop1): Quotacheck: Done. [ 184.340916][ T3641] XFS (loop1): Unmounting Filesystem [ 184.858636][ T102] team0 (unregistering): Port device team_slave_1 removed [ 185.047116][ T102] team0 (unregistering): Port device team_slave_0 removed [ 185.166630][ T102] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 185.298462][ T102] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 186.385972][ T102] bond0 (unregistering): Released all slaves [ 186.716904][ T4795] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 187.798315][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 187.848613][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 187.910964][ T4704] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 187.944545][ T4795] usb 3-1: config 0 has no interfaces? [ 188.193878][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 188.344513][ T4795] usb 3-1: New USB device found, idVendor=049f, idProduct=0033, bcdDevice=67.bf [ 188.458115][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 188.511080][ T4795] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 188.652554][ T4795] usb 3-1: Product: syz [ 188.785367][ T4795] usb 3-1: Manufacturer: syz [ 188.908502][ T4795] usb 3-1: SerialNumber: syz [ 188.936379][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 188.969560][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 189.022815][ T4795] usb 3-1: config 0 descriptor?? [ 189.059499][ T4704] device veth0_vlan entered promiscuous mode [ 189.120632][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 189.189870][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 189.319513][ T4704] device veth1_vlan entered promiscuous mode [ 189.359148][ T4799] usb 3-1: USB disconnect, device number 9 [ 189.525727][ T3950] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 189.546990][ T3950] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 189.593153][ T4704] device veth0_macvtap entered promiscuous mode [ 189.642016][ T4704] device veth1_macvtap entered promiscuous mode [ 189.769553][ T4704] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 189.818931][ T4704] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 189.854188][ T4704] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 189.912731][ T4704] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 189.943367][ T4704] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 189.964086][ T4704] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 190.000908][ T4704] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 190.024109][ T4704] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 190.041086][ T4704] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 190.064110][ T4704] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 190.117697][ T5001] fuse: Bad value for 'fd' [ 191.451488][ T3651] Bluetooth: hci1: command 0x0406 tx timeout [ 191.460938][ T3660] Bluetooth: hci0: command 0x0406 tx timeout [ 191.461071][ T3660] Bluetooth: hci4: command 0x0406 tx timeout [ 191.502712][ T4704] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 191.637477][ T3948] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 191.699682][ T3948] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 191.769907][ T3948] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 191.847731][ T3948] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 192.896691][ T4704] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 192.935700][ T4704] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.952598][ T4704] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 192.971865][ T4704] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.998926][ T4704] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 193.030666][ T4704] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.043319][ T4704] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 193.061302][ T4704] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.096209][ T4704] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 193.114991][ T4704] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.144992][ T4704] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 193.183125][ T5006] netlink: 36 bytes leftover after parsing attributes in process `syz.4.306'. [ 193.244140][ T4280] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 193.260775][ T3699] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 193.296940][ T3699] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 193.303104][ T5012] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 193.366929][ T4704] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 193.410533][ T4704] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 193.502255][ T4704] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 193.744509][ T4704] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 193.754129][ T4280] usb 2-1: Using ep0 maxpacket: 32 [ 194.094981][ T4280] usb 2-1: config 0 has no interfaces? [ 194.348132][ T4280] usb 2-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=17.22 [ 194.405480][ T4280] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 194.484199][ T4280] usb 2-1: Product: syz [ 194.489160][ T4280] usb 2-1: Manufacturer: syz [ 194.551928][ T4280] usb 2-1: SerialNumber: syz [ 194.575032][ T4280] usb 2-1: config 0 descriptor?? [ 194.826429][ T1270] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.833139][ T1270] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.860663][ T5010] netlink: 4 bytes leftover after parsing attributes in process `syz.1.307'. [ 194.947199][ T4280] usb 2-1: USB disconnect, device number 9 [ 195.128433][ T3948] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 195.172856][ T3948] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 195.232627][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 195.259908][ T3948] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 195.304259][ T3948] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 195.385339][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 195.687194][ T5041] fuse: Bad value for 'fd' [ 197.175482][ T5053] netlink: 36 bytes leftover after parsing attributes in process `syz.2.319'. [ 197.911568][ T5061] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 197.965801][ T4797] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 198.141633][ T5079] fuse: Bad value for 'fd' [ 198.274448][ T4797] usb 4-1: Using ep0 maxpacket: 32 [ 198.504413][ T4797] usb 4-1: config 0 has no interfaces? [ 198.697367][ T4797] usb 4-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=17.22 [ 198.735273][ T4797] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 198.776617][ T4797] usb 4-1: Product: syz [ 198.802601][ T4797] usb 4-1: Manufacturer: syz [ 198.819504][ T4797] usb 4-1: SerialNumber: syz [ 198.887099][ T4797] usb 4-1: config 0 descriptor?? [ 199.159351][ T5068] netlink: 4 bytes leftover after parsing attributes in process `syz.3.326'. [ 199.313079][ T4797] usb 4-1: USB disconnect, device number 4 [ 199.426187][ T5086] netlink: 36 bytes leftover after parsing attributes in process `syz.4.333'. [ 200.439310][ T5117] fuse: Bad value for 'fd' [ 203.318862][ T5128] netlink: 36 bytes leftover after parsing attributes in process `syz.4.347'. [ 203.541832][ T5119] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 203.999990][ T26] audit: type=1326 audit(1723747249.944:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5137 comm="syz.4.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 204.298893][ T5156] fuse: Bad value for 'fd' [ 204.319732][ T5156] Invalid ELF header magic: != ELF [ 207.490897][ T26] audit: type=1326 audit(1723747253.434:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5137 comm="syz.4.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 207.701351][ T26] audit: type=1326 audit(1723747253.434:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5137 comm="syz.4.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 207.736836][ C1] vkms_vblank_simulate: vblank timer overrun [ 207.778143][ T26] audit: type=1326 audit(1723747253.434:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5137 comm="syz.4.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 207.807344][ C1] vkms_vblank_simulate: vblank timer overrun [ 207.833767][ T5165] netlink: 36 bytes leftover after parsing attributes in process `syz.2.363'. [ 207.844689][ T26] audit: type=1326 audit(1723747253.434:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5137 comm="syz.4.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 207.872797][ C1] vkms_vblank_simulate: vblank timer overrun [ 207.909069][ T26] audit: type=1326 audit(1723747253.434:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5137 comm="syz.4.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 207.984382][ T26] audit: type=1326 audit(1723747253.434:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5137 comm="syz.4.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 208.009039][ C1] vkms_vblank_simulate: vblank timer overrun [ 208.080555][ T26] audit: type=1326 audit(1723747253.434:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5137 comm="syz.4.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 208.111094][ C1] vkms_vblank_simulate: vblank timer overrun [ 208.267545][ T26] audit: type=1326 audit(1723747253.434:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5137 comm="syz.4.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 208.293883][ C1] vkms_vblank_simulate: vblank timer overrun [ 209.095911][ T26] audit: type=1326 audit(1723747253.484:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5137 comm="syz.4.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 209.120572][ T26] audit: type=1326 audit(1723747253.484:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5137 comm="syz.4.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 209.164883][ T52] block nbd4: Possible stuck request ffff888020360000: control (read@0,4096B). Runtime 90 seconds [ 209.174314][ T26] audit: type=1326 audit(1723747253.484:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5137 comm="syz.4.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 209.263541][ T26] audit: type=1326 audit(1723747253.484:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5137 comm="syz.4.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 209.289518][ T26] audit: type=1326 audit(1723747253.484:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5137 comm="syz.4.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 209.329099][ T26] audit: type=1326 audit(1723747253.484:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5137 comm="syz.4.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 209.388523][ T26] audit: type=1326 audit(1723747253.484:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5137 comm="syz.4.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 209.441492][ T26] audit: type=1326 audit(1723747253.534:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5137 comm="syz.4.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 209.496189][ T26] audit: type=1326 audit(1723747253.534:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5137 comm="syz.4.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 209.631235][ T5192] fuse: Bad value for 'fd' [ 209.648068][ T5192] Invalid ELF header magic: != ELF [ 210.354260][ T26] audit: type=1326 audit(1723747253.534:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5137 comm="syz.4.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 210.400453][ T5195] netlink: 36 bytes leftover after parsing attributes in process `syz.0.376'. [ 211.319085][ C1] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 211.506626][ T5228] netlink: 36 bytes leftover after parsing attributes in process `syz.3.389'. [ 212.776131][ T5262] netlink: 36 bytes leftover after parsing attributes in process `syz.0.402'. [ 214.078776][ T5298] netlink: 36 bytes leftover after parsing attributes in process `syz.1.418'. [ 214.130485][ T26] kauditd_printk_skb: 50 callbacks suppressed [ 214.130504][ T26] audit: type=1326 audit(1723747260.074:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5282 comm="syz.0.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15535799b9 code=0x7fc00000 [ 215.594339][ T4281] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 215.612708][ T5346] capability: warning: `syz.4.438' uses deprecated v2 capabilities in a way that may be insecure [ 215.915188][ T4281] usb 3-1: Using ep0 maxpacket: 32 [ 216.044673][ T26] audit: type=1326 audit(1723747261.984:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5333 comm="syz.1.433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a903799b9 code=0x7fc00000 [ 216.084549][ T4281] usb 3-1: config 0 has no interfaces? [ 216.264347][ T4281] usb 3-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=17.22 [ 216.320375][ T4281] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 216.374942][ T4281] usb 3-1: Product: syz [ 216.402215][ T4281] usb 3-1: Manufacturer: syz [ 216.433381][ T4281] usb 3-1: SerialNumber: syz [ 216.462389][ T4281] usb 3-1: config 0 descriptor?? [ 216.579351][ T5364] loop3: detected capacity change from 0 to 512 [ 216.602333][ T5364] EXT4-fs: Ignoring removed nomblk_io_submit option [ 216.642771][ T5364] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 216.671486][ T5364] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c802e02c, mo2=0003] [ 216.701682][ T5364] EXT4-fs (loop3): orphan cleanup on readonly fs [ 216.720037][ T5339] netlink: 4 bytes leftover after parsing attributes in process `syz.2.436'. [ 216.773169][ T5364] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #11: comm syz.3.445: attempt to clear invalid blocks 1024 len 1 [ 216.803044][ T4107] usb 3-1: USB disconnect, device number 10 [ 216.818343][ T5364] EXT4-fs (loop3): Remounting filesystem read-only [ 216.869024][ T5364] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.445: bg 0: block 361: padding at end of block bitmap is not set [ 216.914711][ T5364] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6172: Corrupt filesystem [ 216.946569][ T5364] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.445: invalid indirect mapped block 1811939328 (level 0) [ 216.995161][ T5364] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.445: invalid indirect mapped block 2185560079 (level 1) [ 217.063295][ T5364] EXT4-fs (loop3): 1 truncate cleaned up [ 217.094299][ T5364] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 217.377769][ T5376] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 217.508944][ T5381] device vlan2 entered promiscuous mode [ 217.517594][ T5381] device macvtap0 entered promiscuous mode [ 217.567340][ T5382] EXT4-fs warning (device loop3): dx_probe:893: inode #2: comm syz.3.445: dx entry: limit 0 != root limit 125 [ 217.581351][ T5382] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.445: Corrupt directory, running e2fsck is recommended [ 217.599103][ T5382] EXT4-fs warning (device loop3): dx_probe:893: inode #2: comm syz.3.445: dx entry: limit 0 != root limit 125 [ 217.611892][ T5382] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.445: Corrupt directory, running e2fsck is recommended [ 217.818534][ T5381] device macvtap0 left promiscuous mode [ 218.564518][ T26] audit: type=1326 audit(1723747264.514:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5388 comm="syz.4.453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 218.567991][ T5398] loop1: detected capacity change from 0 to 2048 [ 218.626290][ T5402] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 219.053203][ T5408] overlayfs: failed to resolve './file0': -2 [ 219.155662][ T26] audit: type=1326 audit(1723747265.104:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5388 comm="syz.4.453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 219.164145][ T4795] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 219.178816][ C0] vkms_vblank_simulate: vblank timer overrun [ 219.251067][ T26] audit: type=1326 audit(1723747265.104:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5388 comm="syz.4.453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 219.279655][ T26] audit: type=1326 audit(1723747265.104:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5388 comm="syz.4.453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 219.303721][ T26] audit: type=1326 audit(1723747265.104:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5388 comm="syz.4.453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 219.350991][ T26] audit: type=1326 audit(1723747265.144:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5388 comm="syz.4.453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 219.381476][ T4281] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 219.391164][ T26] audit: type=1326 audit(1723747265.144:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5388 comm="syz.4.453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 219.417391][ T26] audit: type=1326 audit(1723747265.154:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5388 comm="syz.4.453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 219.454559][ T4795] usb 1-1: device descriptor read/64, error -71 [ 219.494490][ T26] audit: type=1326 audit(1723747265.154:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5388 comm="syz.4.453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 219.520873][ C0] vkms_vblank_simulate: vblank timer overrun [ 219.531187][ T26] audit: type=1326 audit(1723747265.154:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5388 comm="syz.4.453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 219.565381][ T26] audit: type=1326 audit(1723747265.154:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5388 comm="syz.4.453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 219.676779][ T4026] EXT4-fs (loop3): unmounting filesystem. [ 219.714558][ T4281] usb 2-1: Using ep0 maxpacket: 32 [ 219.814333][ T4795] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 219.970472][ T4281] usb 2-1: config 0 has no interfaces? [ 219.995866][ T5424] loop2: detected capacity change from 0 to 2048 [ 220.274621][ T4795] usb 1-1: device descriptor read/64, error -71 [ 220.315045][ T4281] usb 2-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=17.22 [ 220.336353][ T4281] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 220.393560][ T5429] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 220.420340][ T4795] usb usb1-port1: attempt power cycle [ 220.479946][ T4281] usb 2-1: Product: syz [ 220.540220][ T4281] usb 2-1: Manufacturer: syz [ 220.597322][ T4281] usb 2-1: SerialNumber: syz [ 220.682482][ T4281] usb 2-1: config 0 descriptor?? [ 220.854316][ T4795] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 220.969398][ T4795] usb 1-1: device descriptor read/8, error -71 [ 220.982022][ T5410] netlink: 16 bytes leftover after parsing attributes in process `syz.1.461'. [ 221.039357][ T3639] usb 2-1: USB disconnect, device number 10 [ 221.112834][ T5438] overlayfs: failed to resolve './file0': -2 [ 221.284288][ T4795] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 221.414356][ T4795] usb 1-1: device descriptor read/8, error -71 [ 221.544425][ T4795] usb usb1-port1: unable to enumerate USB device [ 221.738225][ T5455] loop1: detected capacity change from 0 to 512 [ 221.776915][ T5455] EXT4-fs: Ignoring removed nomblk_io_submit option [ 221.806981][ T5455] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 221.823941][ T5455] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c802e02c, mo2=0003] [ 221.836169][ T5455] EXT4-fs (loop1): orphan cleanup on readonly fs [ 221.852432][ T5455] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #11: comm syz.1.478: attempt to clear invalid blocks 1024 len 1 [ 221.914733][ T5455] EXT4-fs (loop1): Remounting filesystem read-only [ 221.977945][ T5460] loop0: detected capacity change from 0 to 2048 [ 221.989278][ T5455] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.478: bg 0: block 361: padding at end of block bitmap is not set [ 222.053364][ T5461] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 222.105090][ T5455] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6172: Corrupt filesystem [ 222.190298][ T5455] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.478: invalid indirect mapped block 1811939328 (level 0) [ 222.281528][ T5455] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.478: invalid indirect mapped block 2185560079 (level 1) [ 222.481732][ T5455] EXT4-fs (loop1): 1 truncate cleaned up [ 222.507738][ T5455] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 224.024338][ T4106] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 224.294183][ T4106] usb 1-1: Using ep0 maxpacket: 32 [ 224.311934][ T5497] loop4: detected capacity change from 0 to 2048 [ 224.418300][ T5501] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 224.465966][ T5475] EXT4-fs warning (device loop1): dx_probe:893: inode #2: comm syz.1.478: dx entry: limit 0 != root limit 125 [ 224.558147][ T5474] device vlan3 entered promiscuous mode [ 224.573616][ T5474] device macvtap0 entered promiscuous mode [ 224.575164][ T5475] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.478: Corrupt directory, running e2fsck is recommended [ 225.652293][ T5474] device macvtap0 left promiscuous mode [ 225.665499][ T4106] usb 1-1: config 0 has no interfaces? [ 225.815520][ T5503] loop2: detected capacity change from 0 to 32768 [ 225.823870][ T5503] XFS: noikeep mount option is deprecated. [ 225.854704][ T4106] usb 1-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=17.22 [ 225.914524][ T4106] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 225.958065][ T5503] XFS (loop2): Mounting V5 Filesystem [ 225.968915][ T4106] usb 1-1: Product: syz [ 225.973629][ T4106] usb 1-1: Manufacturer: syz [ 225.979909][ T4106] usb 1-1: SerialNumber: syz [ 225.998986][ T4106] usb 1-1: config 0 descriptor?? [ 226.158774][ T5503] XFS (loop2): Ending clean mount [ 226.167374][ T5503] XFS (loop2): Quotacheck needed: Please wait. [ 226.249203][ T5487] netlink: 16 bytes leftover after parsing attributes in process `syz.0.488'. [ 226.297973][ T5503] XFS (loop2): Quotacheck: Done. [ 226.319573][ T4795] usb 1-1: USB disconnect, device number 11 [ 226.477364][ T3648] XFS (loop2): Unmounting Filesystem [ 226.840296][ T26] kauditd_printk_skb: 51 callbacks suppressed [ 226.840313][ T26] audit: type=1326 audit(1723747272.784:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5510 comm="syz.4.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 227.870452][ T26] audit: type=1326 audit(1723747272.824:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5510 comm="syz.4.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 227.904600][ T3650] Bluetooth: hci3: command 0x0406 tx timeout [ 228.044204][ T26] audit: type=1326 audit(1723747272.824:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5510 comm="syz.4.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 228.135224][ T26] audit: type=1326 audit(1723747272.824:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5510 comm="syz.4.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 228.232934][ T26] audit: type=1326 audit(1723747272.824:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5510 comm="syz.4.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 228.280370][ T26] audit: type=1326 audit(1723747272.824:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5510 comm="syz.4.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 228.504342][ T26] audit: type=1326 audit(1723747272.824:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5510 comm="syz.4.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 228.548742][ T3641] EXT4-fs (loop1): unmounting filesystem. [ 228.575462][ T26] audit: type=1326 audit(1723747272.824:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5510 comm="syz.4.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 228.626437][ T5541] netlink: 80 bytes leftover after parsing attributes in process `syz.2.505'. [ 228.698982][ T26] audit: type=1326 audit(1723747272.824:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5510 comm="syz.4.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 228.718430][ T5543] loop3: detected capacity change from 0 to 2048 [ 228.844350][ T26] audit: type=1326 audit(1723747272.824:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5510 comm="syz.4.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe505f799b9 code=0x7fc00000 [ 228.869156][ C0] vkms_vblank_simulate: vblank timer overrun [ 229.014188][ T5549] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 230.119573][ T5566] Invalid ELF header magic: != ELF [ 231.214092][ T4106] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 231.464197][ T4106] usb 4-1: Using ep0 maxpacket: 32 [ 231.491007][ T5584] loop0: detected capacity change from 0 to 2048 [ 231.582287][ T5585] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 231.614538][ T4106] usb 4-1: config 0 has no interfaces? [ 231.794296][ T4106] usb 4-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=17.22 [ 231.829696][ T4106] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 231.846371][ T4106] usb 4-1: Product: syz [ 231.866522][ T4106] usb 4-1: Manufacturer: syz [ 231.874360][ T4106] usb 4-1: SerialNumber: syz [ 231.924544][ T4106] usb 4-1: config 0 descriptor?? [ 232.131842][ T5602] overlayfs: failed to resolve './file1': -2 [ 232.236202][ T5604] Invalid ELF header magic: != ELF [ 233.045955][ T5556] netlink: 16 bytes leftover after parsing attributes in process `syz.3.510'. [ 233.106123][ T7] usb 4-1: USB disconnect, device number 5 [ 233.496838][ T5619] loop1: detected capacity change from 0 to 2048 [ 233.568090][ T5620] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 234.099665][ T5637] overlayfs: failed to resolve './file1': -2 [ 235.502539][ T5648] loop0: detected capacity change from 0 to 32768 [ 235.511863][ T5648] XFS: noikeep mount option is deprecated. [ 235.600986][ T5657] loop1: detected capacity change from 0 to 2048 [ 235.605442][ T5648] XFS (loop0): Mounting V5 Filesystem [ 235.655730][ T5662] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 235.764945][ T5647] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 235.871107][ T5648] XFS (loop0): Ending clean mount [ 235.874205][ T4281] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 235.880419][ T5648] XFS (loop0): Quotacheck needed: Please wait. [ 236.016771][ T5648] XFS (loop0): Quotacheck: Done. [ 236.168258][ T4704] XFS (loop0): Unmounting Filesystem [ 236.214548][ T4281] usb 5-1: Using ep0 maxpacket: 32 [ 236.336388][ T4281] usb 5-1: config 0 has no interfaces? [ 236.534503][ T4281] usb 5-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=17.22 [ 236.576930][ T4281] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 236.610606][ T4281] usb 5-1: Product: syz [ 236.623817][ T4281] usb 5-1: Manufacturer: syz [ 236.643246][ T4281] usb 5-1: SerialNumber: syz [ 236.667951][ T4281] usb 5-1: config 0 descriptor?? [ 236.938200][ T4281] usb 5-1: USB disconnect, device number 3 [ 237.624844][ T5693] loop0: detected capacity change from 0 to 2048 [ 237.653341][ T5701] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 238.696503][ T5702] loop1: detected capacity change from 0 to 32768 [ 238.703840][ T5702] XFS: noikeep mount option is deprecated. [ 238.815562][ T5702] XFS (loop1): Mounting V5 Filesystem [ 238.941209][ T5702] XFS (loop1): Ending clean mount [ 238.953419][ T5702] XFS (loop1): Quotacheck needed: Please wait. [ 239.064403][ T5702] XFS (loop1): Quotacheck: Done. [ 239.306394][ T3641] XFS (loop1): Unmounting Filesystem [ 239.605277][ T52] block nbd4: Possible stuck request ffff888020360000: control (read@0,4096B). Runtime 120 seconds [ 240.604232][ T4799] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 240.648320][ T5744] loop2: detected capacity change from 0 to 2048 [ 240.731080][ T5747] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 240.881428][ T4799] usb 4-1: Using ep0 maxpacket: 32 [ 241.014266][ T4799] usb 4-1: config 0 has no interfaces? [ 241.048978][ T5749] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 241.221494][ T4799] usb 4-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=17.22 [ 241.232363][ T4799] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 241.301391][ T4799] usb 4-1: Product: syz [ 241.311510][ T4799] usb 4-1: Manufacturer: syz [ 241.327495][ T4799] usb 4-1: SerialNumber: syz [ 241.374870][ T4799] usb 4-1: config 0 descriptor?? [ 242.374007][ C1] sched: RT throttling activated [ 242.394169][ T4799] usb 4-1: USB disconnect, device number 6 [ 242.445509][ T5770] loop4: detected capacity change from 0 to 32768 [ 242.452720][ T5770] XFS: noikeep mount option is deprecated. [ 242.508074][ T5770] XFS (loop4): Mounting V5 Filesystem [ 242.552011][ T5770] XFS (loop4): Ending clean mount [ 242.591686][ T5770] XFS (loop4): Quotacheck needed: Please wait. [ 242.664712][ T5770] XFS (loop4): Quotacheck: Done. [ 242.786455][ T4410] XFS (loop4): Unmounting Filesystem [ 242.973817][ T5790] serio: Serial port pts0 [ 243.002429][ T5791] loop0: detected capacity change from 0 to 2048 [ 243.102196][ T5798] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 243.532004][ C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies. Check SNMP counters. [ 244.478149][ T5824] loop4: detected capacity change from 0 to 32768 [ 244.485718][ T5824] XFS: noikeep mount option is deprecated. [ 244.590662][ T5824] XFS (loop4): Mounting V5 Filesystem [ 244.702597][ T5824] XFS (loop4): Ending clean mount [ 244.711426][ T5824] XFS (loop4): Quotacheck needed: Please wait. [ 244.764776][ T4107] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 244.802122][ T5824] XFS (loop4): Quotacheck: Done. [ 245.012926][ T5847] Invalid ELF header magic: != ELF [ 245.030277][ T4410] XFS (loop4): Unmounting Filesystem [ 245.044228][ T4107] usb 4-1: Using ep0 maxpacket: 32 [ 245.174370][ T4107] usb 4-1: config 0 has no interfaces? [ 245.334263][ T4107] usb 4-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=17.22 [ 245.346538][ T4107] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 245.355073][ T4107] usb 4-1: Product: syz [ 245.360378][ T4107] usb 4-1: Manufacturer: syz [ 245.367100][ T4107] usb 4-1: SerialNumber: syz [ 245.376126][ T4107] usb 4-1: config 0 descriptor?? [ 245.620295][ T4797] usb 4-1: USB disconnect, device number 7 [ 246.127381][ T5879] serio: Serial port pts0 [ 246.594501][ T5894] overlayfs: failed to resolve './file0': -2 [ 247.057511][ T5892] loop3: detected capacity change from 0 to 2048 [ 247.354354][ T5900] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 247.455635][ T5897] Invalid ELF header magic: != ELF [ 248.794959][ T3639] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 248.846595][ T5932] overlayfs: failed to resolve './file0': -2 [ 248.972789][ T5930] loop1: detected capacity change from 0 to 2048 [ 249.440778][ T5934] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 249.957808][ T3639] usb 5-1: Using ep0 maxpacket: 32 [ 250.074748][ T3639] usb 5-1: config 0 has no interfaces? [ 250.235153][ T3639] usb 5-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=17.22 [ 250.256428][ T3639] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 250.280626][ T3639] usb 5-1: Product: syz [ 250.306593][ T3639] usb 5-1: Manufacturer: syz [ 250.319624][ T3639] usb 5-1: SerialNumber: syz [ 250.352561][ T3639] usb 5-1: config 0 descriptor?? [ 250.606672][ T4107] usb 5-1: USB disconnect, device number 4 [ 250.809055][ T5972] loop3: detected capacity change from 0 to 64 [ 250.868758][ T5972] hfs: unable to parse mount options [ 251.032287][ T5976] loop0: detected capacity change from 0 to 2048 [ 251.187793][ T5984] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 252.306753][ T6021] loop3: detected capacity change from 0 to 2048 [ 252.392744][ T6024] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 252.405448][ T4107] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 252.644263][ T4107] usb 3-1: Using ep0 maxpacket: 32 [ 252.766615][ T4107] usb 3-1: config 0 has no interfaces? [ 252.946826][ T4107] usb 3-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=17.22 [ 252.974102][ T4107] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 252.982836][ T4107] usb 3-1: Product: syz [ 252.997378][ T4107] usb 3-1: Manufacturer: syz [ 253.002183][ T4107] usb 3-1: SerialNumber: syz [ 253.020117][ T4107] usb 3-1: config 0 descriptor?? [ 253.280947][ T4107] usb 3-1: USB disconnect, device number 11 [ 253.657765][ T6054] loop3: detected capacity change from 0 to 2048 [ 253.703248][ T6059] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 254.840610][ T6089] loop3: detected capacity change from 0 to 2048 [ 254.919547][ T6093] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 255.474177][ T3687] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 255.592491][ T1270] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.598985][ T1270] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.734208][ T3687] usb 3-1: Using ep0 maxpacket: 32 [ 255.854562][ T3687] usb 3-1: config 0 has no interfaces? [ 255.995161][ T6126] Invalid ELF header magic: != ELF [ 256.014664][ T3687] usb 3-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=17.22 [ 256.033184][ T3687] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 256.052803][ T3687] usb 3-1: Product: syz [ 256.061747][ T3687] usb 3-1: Manufacturer: syz [ 256.122468][ T3687] usb 3-1: SerialNumber: syz [ 256.150779][ T3687] usb 3-1: config 0 descriptor?? [ 256.253359][ T6131] loop1: detected capacity change from 0 to 2048 [ 256.355958][ T6135] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 256.451903][ T3687] usb 3-1: USB disconnect, device number 12 [ 257.628305][ T6172] loop2: detected capacity change from 0 to 2048 [ 257.664270][ T3660] Bluetooth: hci5: command 0x0406 tx timeout [ 257.724401][ T6178] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 257.849530][ T6180] Invalid ELF header magic: != ELF [ 259.049555][ T6216] loop3: detected capacity change from 0 to 2048 [ 259.122891][ T6223] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 260.638360][ T6240] loop0: detected capacity change from 0 to 512 [ 260.692496][ T6240] EXT4-fs: Ignoring removed nomblk_io_submit option [ 260.755472][ T6240] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 260.870526][ T6240] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c802e02c, mo2=0003] [ 260.915265][ T6240] EXT4-fs (loop0): orphan cleanup on readonly fs [ 260.936504][ T6240] EXT4-fs error (device loop0): ext4_clear_blocks:883: inode #11: comm syz.0.745: attempt to clear invalid blocks 1024 len 1 [ 260.956685][ T6240] EXT4-fs (loop0): Remounting filesystem read-only [ 260.966744][ T6245] can: request_module (can-proto-0) failed. [ 260.991893][ T6240] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.745: bg 0: block 361: padding at end of block bitmap is not set [ 261.007684][ T6240] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6172: Corrupt filesystem [ 261.026945][ T6240] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.745: invalid indirect mapped block 1811939328 (level 0) [ 261.062204][ T6240] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.745: invalid indirect mapped block 2185560079 (level 1) [ 261.119483][ T6240] EXT4-fs (loop0): 1 truncate cleaned up [ 261.125632][ T6240] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 261.325735][ T6262] loop2: detected capacity change from 0 to 2048 [ 261.484187][ T6266] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 261.588413][ T6267] device vlan2 entered promiscuous mode [ 261.595084][ T6267] device macvtap0 entered promiscuous mode [ 261.773319][ T6267] device macvtap0 left promiscuous mode [ 262.970526][ T6295] loop3: detected capacity change from 0 to 2048 [ 263.077935][ T6296] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 263.739949][ T4704] EXT4-fs (loop0): unmounting filesystem. [ 264.176147][ T6325] serio: Serial port pts0 [ 264.437443][ T6334] loop3: detected capacity change from 0 to 2048 [ 264.497418][ T6338] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 264.942013][ T6342] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 267.124273][ T4797] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 267.199413][ T6389] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 267.535726][ T4797] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 267.559796][ T4797] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 267.583878][ T4797] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 268.844305][ T4797] usb 5-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 268.853506][ T4797] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 268.874556][ T4797] usb 5-1: Product: syz [ 268.885314][ T6414] Invalid ELF header magic: != ELF [ 268.905581][ T4797] usb 5-1: Manufacturer: syz [ 268.922334][ T4797] usb 5-1: SerialNumber: syz [ 269.194429][ T4797] usb 5-1: config 0 descriptor?? [ 269.227270][ T6387] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 269.287356][ T4797] dm9601: probe of 5-1:0.0 failed with error -22 [ 269.666351][ T52] block nbd4: Possible stuck request ffff888020360000: control (read@0,4096B). Runtime 150 seconds [ 270.436313][ T6459] Invalid ELF header magic: != ELF [ 270.845370][ T4799] usb 5-1: USB disconnect, device number 5 [ 270.945457][ T27] INFO: task syz.4.121:4208 blocked for more than 144 seconds. [ 270.974505][ T27] Not tainted 6.1.105-syzkaller #0 [ 271.011182][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 271.020589][ T27] task:syz.4.121 state:D stack:27560 pid:4208 ppid:3638 flags:0x00004004 [ 271.030521][ T27] Call Trace: [ 271.034758][ T27] [ 271.038301][ T27] __schedule+0x143f/0x4570 [ 271.045735][ T27] ? __mutex_lock+0x6b4/0xd80 [ 271.051044][ T27] ? release_firmware_map_entry+0x186/0x186 [ 271.057747][ T27] ? __mutex_trylock_common+0x8d/0x2e0 [ 271.065459][ T27] ? do_raw_spin_unlock+0x137/0x8a0 [ 271.071485][ T27] schedule+0xbf/0x180 [ 271.076173][ T27] schedule_preempt_disabled+0xf/0x20 [ 271.081947][ T27] __mutex_lock+0x6b9/0xd80 [ 271.090738][ T27] ? __mutex_lock+0x53c/0xd80 [ 271.097372][ T27] ? blkdev_get_by_dev+0x148/0xa10 [ 271.103695][ T27] ? mutex_lock_nested+0x10/0x10 [ 271.109044][ T27] ? _atomic_dec_and_lock+0x96/0x130 [ 271.116179][ T27] ? iput+0x401/0x980 [ 271.120670][ T27] ? ilookup+0x1c8/0x200 [ 271.170267][ T27] ? disk_block_events+0xa1/0x110 [ 271.176017][ T27] ? blkdev_get_by_dev+0xe7/0xa10 [ 271.181925][ T27] blkdev_get_by_dev+0x148/0xa10 [ 271.188948][ T27] blkdev_open+0x12e/0x2e0 [ 271.195577][ T27] ? blkdev_mmap+0x1b0/0x1b0 [ 271.200328][ T27] do_dentry_open+0x7f9/0x10f0 [ 271.206130][ T27] path_openat+0x2644/0x2e60 [ 271.211194][ T27] ? mark_lock+0x9a/0x340 [ 271.215769][ T27] ? do_filp_open+0x480/0x480 [ 271.220621][ T27] do_filp_open+0x230/0x480 [ 271.230990][ T27] ? vfs_tmpfile+0x4a0/0x4a0 [ 271.246484][ T27] ? _raw_spin_unlock+0x24/0x40 [ 271.260261][ T27] ? alloc_fd+0x5a0/0x640 [ 271.280366][ T27] do_sys_openat2+0x13b/0x4f0 [ 271.297019][ T27] ? do_sys_open+0x220/0x220 [ 271.312895][ T27] __x64_sys_openat+0x243/0x290 [ 271.333145][ T27] ? __ia32_sys_open+0x270/0x270 [ 271.358916][ T27] ? syscall_enter_from_user_mode+0x2e/0x230 [ 271.379198][ T27] ? lockdep_hardirqs_on+0x94/0x130 [ 271.406945][ T27] ? syscall_enter_from_user_mode+0x2e/0x230 [ 271.448190][ T27] do_syscall_64+0x3b/0xb0 [ 271.453253][ T27] ? clear_bhb_loop+0x45/0xa0 [ 271.472774][ T27] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 271.483286][ T27] RIP: 0033:0x7f8a28978350 [ 271.493537][ T27] RSP: 002b:00007f8a29727b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 271.512004][ T27] RAX: ffffffffffffffda RBX: 000000000008c001 RCX: 00007f8a28978350 [ 271.533032][ T27] RDX: 000000000008c001 RSI: 00007f8a29727c10 RDI: 00000000ffffff9c [ 271.541442][ T27] RBP: 00007f8a29727c10 R08: 0000000000000000 R09: 002364626e2f7665 [ 271.559790][ T27] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 271.571105][ T27] R13: 0000000000000000 R14: 00007f8a28b15f80 R15: 00007ffcc6297408 [ 271.588067][ T27] [ 271.591198][ T27] INFO: task syz.4.121:4209 blocked for more than 145 seconds. [ 271.607373][ T27] Not tainted 6.1.105-syzkaller #0 [ 271.620147][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 271.632113][ T27] task:syz.4.121 state:D stack:27680 pid:4209 ppid:3638 flags:0x00004006 [ 271.649748][ T27] Call Trace: [ 271.659407][ T27] [ 271.669849][ T27] __schedule+0x143f/0x4570 [ 271.676979][ T27] ? __mutex_lock+0x6b4/0xd80 [ 271.681880][ T27] ? release_firmware_map_entry+0x186/0x186 [ 271.692796][ T27] ? __mutex_trylock_common+0x8d/0x2e0 [ 271.709761][ T27] ? do_raw_spin_unlock+0x137/0x8a0 [ 271.717768][ T27] schedule+0xbf/0x180 [ 271.722240][ T27] schedule_preempt_disabled+0xf/0x20 [ 271.739044][ T27] __mutex_lock+0x6b9/0xd80 [ 271.749324][ T27] ? __mutex_lock+0x53c/0xd80 [ 271.762094][ T27] ? blkdev_put+0x100/0x750 [ 271.769199][ T27] ? mutex_lock_nested+0x10/0x10 [ 271.779283][ T27] ? __fsnotify_parent+0x50b/0x730 [ 271.790629][ T27] blkdev_put+0x100/0x750 [ 271.799976][ T27] blkdev_close+0x56/0x80 [ 271.809609][ T27] ? blkdev_open+0x2e0/0x2e0 [ 271.819709][ T27] __fput+0x3f6/0x8d0 [ 271.828347][ T27] task_work_run+0x246/0x300 [ 271.833284][ T27] ? task_work_cancel+0x2e0/0x2e0 [ 271.843587][ T27] ? stack_trace_snprint+0xe0/0xe0 [ 271.860327][ T27] get_signal+0x15fc/0x17d0 [ 271.867810][ T27] ? kasan_save_stack+0x4d/0x60 [ 271.873485][ T27] ? kasan_save_stack+0x3b/0x60 [ 271.886105][ T27] ? __kasan_record_aux_stack+0xb0/0xc0 [ 271.892159][ T27] ? task_work_add+0x87/0x3a0 [ 271.903099][ T27] ? fput+0xe2/0x1b0 [ 271.924449][ T27] ? do_syscall_64+0x3b/0xb0 [ 271.929133][ T27] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 271.936231][ T27] ? ptrace_notify+0x370/0x370 [ 271.941419][ T27] arch_do_signal_or_restart+0xb0/0x1a10 [ 271.948872][ T27] ? get_sigframe_size+0x10/0x10 [ 271.956024][ T27] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 271.963434][ T27] ? blkdev_ioctl+0x3a9/0x760 [ 271.968513][ T27] ? exit_to_user_mode_loop+0x39/0x100 [ 271.976257][ T27] exit_to_user_mode_loop+0x6a/0x100 [ 271.982094][ T27] exit_to_user_mode_prepare+0xb1/0x140 [ 271.988906][ T27] syscall_exit_to_user_mode+0x60/0x270 [ 271.994795][ T27] do_syscall_64+0x47/0xb0 [ 272.000695][ T27] ? clear_bhb_loop+0x45/0xa0 [ 272.012679][ T27] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 272.019437][ T27] RIP: 0033:0x7f8a289799b9 [ 272.032819][ T27] RSP: 002b:00007f8a29707038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 272.041848][ T27] RAX: 0000000000000000 RBX: 00007f8a28b16058 RCX: 00007f8a289799b9 [ 272.059151][ T27] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 272.071302][ T27] RBP: 00007f8a289e78d8 R08: 0000000000000000 R09: 0000000000000000 [ 272.087755][ T27] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 272.101371][ T27] R13: 0000000000000001 R14: 00007f8a28b16058 R15: 00007ffcc6297408 [ 272.122980][ T27] [ 272.128705][ T27] [ 272.128705][ T27] Showing all locks held in the system: [ 272.149502][ T27] 1 lock held by rcu_tasks_kthre/12: [ 272.165292][ T27] #0: ffffffff8d32b190 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30 [ 272.188946][ T27] 1 lock held by rcu_tasks_trace/13: [ 272.202085][ T27] #0: ffffffff8d32b990 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30 [ 272.224372][ T27] 1 lock held by khungtaskd/27: [ 272.230262][ T27] #0: ffffffff8d32afc0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x51/0x290 [ 272.248413][ T27] 2 locks held by getty/3397: [ 272.261041][ T27] #0: ffff88802938a098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70 [ 272.279014][ T27] #1: ffffc900031262f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a7/0x1db0 [ 272.295529][ T27] 1 lock held by udevd/4094: [ 272.300836][ T27] #0: ffff88802029a4c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev+0x148/0xa10 [ 272.319408][ T27] 1 lock held by syz.4.121/4208: [ 272.330496][ T27] #0: ffff88802029a4c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev+0x148/0xa10 [ 272.352414][ T27] 1 lock held by syz.4.121/4209: [ 272.362944][ T27] #0: ffff88802029a4c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_put+0x100/0x750 [ 272.377660][ T27] 2 locks held by kworker/u4:14/4723: [ 272.383753][ T27] #0: ffff8880b983a9d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xa8/0x140 [ 272.394824][ T27] #1: ffff8880b9827788 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x43d/0x770 [ 272.408071][ T27] [ 272.410541][ T27] ============================================= [ 272.410541][ T27] [ 272.423588][ T27] NMI backtrace for cpu 1 [ 272.428907][ T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 6.1.105-syzkaller #0 [ 272.437113][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 272.447651][ T27] Call Trace: [ 272.451022][ T27] [ 272.454322][ T27] dump_stack_lvl+0x1e3/0x2cb [ 272.459042][ T27] ? nf_tcp_handle_invalid+0x642/0x642 [ 272.464730][ T27] ? panic+0x764/0x764 [ 272.468821][ T27] ? vprintk_emit+0x622/0x740 [ 272.473596][ T27] ? printk_sprint+0x490/0x490 [ 272.479107][ T27] ? nmi_cpu_backtrace+0x252/0x560 [ 272.484318][ T27] nmi_cpu_backtrace+0x4e1/0x560 [ 272.489314][ T27] ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0 [ 272.495517][ T27] ? _printk+0xd1/0x111 [ 272.499703][ T27] ? panic+0x764/0x764 [ 272.503805][ T27] ? __wake_up_klogd+0xcc/0x100 [ 272.508873][ T27] ? panic+0x764/0x764 [ 272.512983][ T27] ? nmi_trigger_cpumask_backtrace+0xe2/0x3f0 [ 272.519119][ T27] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 272.525417][ T27] nmi_trigger_cpumask_backtrace+0x1b0/0x3f0 [ 272.531542][ T27] watchdog+0xf88/0xfd0 [ 272.535775][ T27] ? watchdog+0x1f8/0xfd0 [ 272.540158][ T27] kthread+0x28d/0x320 [ 272.544431][ T27] ? hungtask_pm_notify+0x50/0x50 [ 272.549488][ T27] ? kthread_blkcg+0xd0/0xd0 [ 272.554280][ T27] ret_from_fork+0x1f/0x30 [ 272.558924][ T27] [ 272.563079][ T27] Sending NMI from CPU 1 to CPUs 0: [ 272.568676][ C0] NMI backtrace for cpu 0 [ 272.568689][ C0] CPU: 0 PID: 6472 Comm: syz.4.827 Not tainted 6.1.105-syzkaller #0 [ 272.568708][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 272.568718][ C0] RIP: 0010:preempt_count_add+0x10b/0x180 [ 272.568746][ C0] Code: b6 04 38 84 c0 75 6f 83 3d 19 9c 3b 0d 00 75 81 48 c7 c7 e0 93 0b 8b 48 c7 c6 20 94 0b 8b e8 5c 2b f4 ff 0f 0b e9 67 ff ff ff <48> c7 c1 60 21 f3 91 80 e1 07 80 c1 03 38 c1 0f 8c 09 ff ff ff 48 [ 272.568767][ C0] RSP: 0018:ffffc90000007b20 EFLAGS: 00000002 [ 272.568784][ C0] RAX: 0000000000000004 RBX: 0000000000000001 RCX: ffff888024fe0000 [ 272.568796][ C0] RDX: 0000000000010000 RSI: 0000000000000001 RDI: 0000000000000001 [ 272.568807][ C0] RBP: ffffc90000007bc8 R08: ffffffff81564c50 R09: fffffbfff20e7445 [ 272.568820][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000046 [ 272.568837][ C0] R13: 1ffff92000000f68 R14: ffff8880548565c0 R15: dffffc0000000000 [ 272.568851][ C0] FS: 00007fe506e2f6c0(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 272.568867][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 272.568880][ C0] CR2: 000000110c40759c CR3: 000000007890e000 CR4: 00000000003506f0 [ 272.568895][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 272.568905][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 272.568916][ C0] Call Trace: [ 272.568922][ C0] [ 272.568928][ C0] ? nmi_cpu_backtrace+0x3de/0x560 [ 272.568954][ C0] ? read_lock_is_recursive+0x10/0x10 [ 272.568982][ C0] ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0 [ 272.569009][ C0] ? nmi_handle+0x25/0x440 [ 272.569108][ C0] ? nmi_cpu_backtrace_handler+0x8/0x10 [ 272.569135][ C0] ? nmi_handle+0x12e/0x440 [ 272.569162][ C0] ? nmi_handle+0x25/0x440 [ 272.569188][ C0] ? preempt_count_add+0x10b/0x180 [ 272.569208][ C0] ? default_do_nmi+0x62/0x150 [ 272.569235][ C0] ? exc_nmi+0xa8/0x100 [ 272.569261][ C0] ? end_repeat_nmi+0x16/0x31 [ 272.569288][ C0] ? __lock_task_sighand+0x120/0x2d0 [ 272.569314][ C0] ? preempt_count_add+0x10b/0x180 [ 272.569336][ C0] ? preempt_count_add+0x10b/0x180 [ 272.569358][ C0] ? preempt_count_add+0x10b/0x180 [ 272.569379][ C0] [ 272.569384][ C0] [ 272.569390][ C0] _raw_spin_lock_irqsave+0xb6/0x120 [ 272.569410][ C0] ? _raw_spin_lock+0x40/0x40 [ 272.569434][ C0] __lock_task_sighand+0x145/0x2d0 [ 272.569458][ C0] ? __lock_task_sighand+0x25/0x2d0 [ 272.569483][ C0] send_sigqueue+0x1de/0x720 [ 272.569508][ C0] ? send_sigqueue+0x107/0x720 [ 272.569535][ C0] ? sigqueue_free+0x1e0/0x1e0 [ 272.569561][ C0] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 272.569583][ C0] posix_timer_fn+0x186/0x390 [ 272.569637][ C0] ? common_timer_wait_running+0x10/0x10 [ 272.569658][ C0] __hrtimer_run_queues+0x5e5/0xe50 [ 272.569689][ C0] ? hrtimer_interrupt+0x980/0x980 [ 272.569710][ C0] ? ktime_get_update_offsets_now+0x407/0x420 [ 272.569739][ C0] hrtimer_interrupt+0x392/0x980 [ 272.569771][ C0] __sysvec_apic_timer_interrupt+0x156/0x580 [ 272.569797][ C0] sysvec_apic_timer_interrupt+0x8c/0xb0 [ 272.569815][ C0] [ 272.569819][ C0] [ 272.569831][ C0] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 272.569854][ C0] RIP: 0010:_raw_spin_unlock_irq+0x25/0x40 [ 272.569875][ C0] Code: d1 9d f5 ff 90 53 48 89 fb 48 83 c7 18 48 8b 74 24 08 e8 0e eb ba f6 48 89 df e8 76 28 bc f6 e8 41 b5 e1 f6 fb bf 01 00 00 00 f6 b8 ae f6 65 8b 05 97 c1 52 75 85 c0 74 02 5b c3 e8 44 e5 50 [ 272.569889][ C0] RSP: 0018:ffffc90004607b30 EFLAGS: 00000286 [ 272.569904][ C0] RAX: f8d744244d06f900 RBX: ffff8880548565c0 RCX: ffffffff91f32103 [ 272.569917][ C0] RDX: dffffc0000000000 RSI: ffffffff8b0c0260 RDI: 0000000000000001 [ 272.569930][ C0] RBP: ffffc90004607c70 R08: dffffc0000000000 R09: ffffed100a90acb9 [ 272.569943][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff1100a90ad4b [ 272.569955][ C0] R13: 000000001c000004 R14: 0000000000000021 R15: ffff888054856a58 [ 272.569976][ C0] get_signal+0x154b/0x17d0 [ 272.570009][ C0] ? ptrace_notify+0x370/0x370 [ 272.570039][ C0] arch_do_signal_or_restart+0xb0/0x1a10 [ 272.570060][ C0] ? __might_fault+0xa1/0x110 [ 272.570113][ C0] ? __lock_acquire+0x1f80/0x1f80 [ 272.570143][ C0] ? do_sigaltstack+0x3f3/0x610 [ 272.570164][ C0] ? get_sigframe_size+0x10/0x10 [ 272.570183][ C0] ? restore_altstack+0x107/0x150 [ 272.570202][ C0] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 272.570234][ C0] ? exit_to_user_mode_loop+0x39/0x100 [ 272.570253][ C0] exit_to_user_mode_loop+0x6a/0x100 [ 272.570270][ C0] exit_to_user_mode_prepare+0xb1/0x140 [ 272.570287][ C0] syscall_exit_to_user_mode+0x60/0x270 [ 272.570308][ C0] do_syscall_64+0x47/0xb0 [ 272.570332][ C0] ? clear_bhb_loop+0x45/0xa0 [ 272.570355][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 272.570378][ C0] RIP: 0033:0x7fe505f799b7 [ 272.570391][ C0] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 [ 272.570406][ C0] RSP: 002b:00007fe506e2f0e8 EFLAGS: 00000246 [ 272.570419][ C0] RAX: 00000000000000ca RBX: 00007fe506115f88 RCX: 00007fe505f799b9 [ 272.570431][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fe506115f88 [ 272.570442][ C0] RBP: 00007fe506115f80 R08: 0000000000000000 R09: 0000000000000000 [ 272.570454][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe506115f8c [ 272.570465][ C0] R13: 0000000000000000 R14: 00007ffd902c1df0 R15: 00007ffd902c1ed8 [ 272.570485][ C0] [ 273.271019][ T27] Kernel panic - not syncing: hung_task: blocked tasks [ 273.277994][ T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 6.1.105-syzkaller #0 [ 273.286166][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 273.298004][ T27] Call Trace: [ 273.302096][ T27] [ 273.305511][ T27] dump_stack_lvl+0x1e3/0x2cb [ 273.311016][ T27] ? nf_tcp_handle_invalid+0x642/0x642 [ 273.317484][ T27] ? panic+0x764/0x764 [ 273.321753][ T27] ? llist_add_batch+0x160/0x1d0 [ 273.327443][ T27] ? vscnprintf+0x59/0x80 [ 273.332776][ T27] panic+0x318/0x764 [ 273.337919][ T27] ? nmi_trigger_cpumask_backtrace+0x2c1/0x3f0 [ 273.344596][ T27] ? memcpy_page_flushcache+0xfc/0xfc [ 273.350555][ T27] ? nmi_trigger_cpumask_backtrace+0x2c1/0x3f0 [ 273.357325][ T27] ? nmi_trigger_cpumask_backtrace+0x33a/0x3f0 [ 273.365443][ T27] ? nmi_trigger_cpumask_backtrace+0x33f/0x3f0 [ 273.372538][ T27] watchdog+0xfc7/0xfd0 [ 273.380219][ T27] ? watchdog+0x1f8/0xfd0 [ 273.386353][ T27] kthread+0x28d/0x320 [ 273.392374][ T27] ? hungtask_pm_notify+0x50/0x50 [ 273.399539][ T27] ? kthread_blkcg+0xd0/0xd0 [ 273.404603][ T27] ret_from_fork+0x1f/0x30 [ 273.409868][ T27] [ 273.414137][ T27] Kernel Offset: disabled [ 273.420234][ T27] Rebooting in 86400 seconds..